projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
net: l3mdev: remove redundant calls
[linux-2.6-block.git] / net / ipv6 / ndisc.c
CommitLineData
1da177e4
LT		 1/*
2 * Neighbour Discovery for IPv6
1ab1457c 3 * Linux INET6 implementation
1da177e4
LT		 4 *
5 * Authors:
1ab1457c 6 * Pedro Roque <roque@di.fc.ul.pt>
1da177e4
LT		 7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15/*
16 * Changes:
17 *
e35f30c1 18 * Alexey I. Froloff : RFC6106 (DNSSL) support
31910575
PY		 19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
1da177e4
LT		 21 * Lars Fenneberg : fixed MTU setting on receipt
22 * of an RA.
1da177e4
LT		 23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
28 */
29
675418d5 30#define pr_fmt(fmt) "ICMPv6: " fmt
1da177e4
LT		 31
32#include <linux/module.h>
1da177e4
LT		 33#include <linux/errno.h>
34#include <linux/types.h>
35#include <linux/socket.h>
36#include <linux/sockios.h>
37#include <linux/sched.h>
38#include <linux/net.h>
39#include <linux/in6.h>
40#include <linux/route.h>
41#include <linux/init.h>
42#include <linux/rcupdate.h>
5a0e3ad6 43#include <linux/slab.h>
1da177e4
LT		 44#ifdef CONFIG_SYSCTL
45#include <linux/sysctl.h>
46#endif
47
1823730f 48#include <linux/if_addr.h>
1da177e4
LT		 49#include <linux/if_arp.h>
50#include <linux/ipv6.h>
51#include <linux/icmpv6.h>
52#include <linux/jhash.h>
53
54#include <net/sock.h>
55#include <net/snmp.h>
56
57#include <net/ipv6.h>
58#include <net/protocol.h>
59#include <net/ndisc.h>
60#include <net/ip6_route.h>
61#include <net/addrconf.h>
62#include <net/icmp.h>
63
31910575
PY		 64#include <net/netlink.h>
65#include <linux/rtnetlink.h>
66
1da177e4
LT		 67#include <net/flow.h>
68#include <net/ip6_checksum.h>
1ed8516f 69#include <net/inet_common.h>
1da177e4
LT		 70#include <linux/proc_fs.h>
71
72#include <linux/netfilter.h>
73#include <linux/netfilter_ipv6.h>
74
d6bf7817
ED		 75static u32 ndisc_hash(const void *pkey,
76 const struct net_device *dev,
2c2aba6c 77 __u32 *hash_rnd);
60395a20 78static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey);
1da177e4
LT		 79static int ndisc_constructor(struct neighbour *neigh);
80static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
81static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
82static int pndisc_constructor(struct pneigh_entry *n);
83static void pndisc_destructor(struct pneigh_entry *n);
84static void pndisc_redo(struct sk_buff *skb);
85
89d69d2b 86static const struct neigh_ops ndisc_generic_ops = {
1da177e4
LT		 87 .family = AF_INET6,
88 .solicit = ndisc_solicit,
89 .error_report = ndisc_error_report,
90 .output = neigh_resolve_output,
91 .connected_output = neigh_connected_output,
1da177e4
LT		 92};
93
89d69d2b 94static const struct neigh_ops ndisc_hh_ops = {
1da177e4
LT		 95 .family = AF_INET6,
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_resolve_output,
1da177e4
LT		 100};
101
102
89d69d2b 103static const struct neigh_ops ndisc_direct_ops = {
1da177e4 104 .family = AF_INET6,
8f40b161
DM		 105 .output = neigh_direct_output,
106 .connected_output = neigh_direct_output,
1da177e4
LT		 107};
108
109struct neigh_table nd_tbl = {
110 .family = AF_INET6,
1da177e4 111 .key_len = sizeof(struct in6_addr),
bdf53c58 112 .protocol = cpu_to_be16(ETH_P_IPV6),
1da177e4 113 .hash = ndisc_hash,
60395a20 114 .key_eq = ndisc_key_eq,
1da177e4
LT		 115 .constructor = ndisc_constructor,
116 .pconstructor = pndisc_constructor,
117 .pdestructor = pndisc_destructor,
118 .proxy_redo = pndisc_redo,
119 .id = "ndisc_cache",
120 .parms = {
b672083e 121 .tbl = &nd_tbl,
b672083e 122 .reachable_time = ND_REACHABLE_TIME,
1f9248e5
JP		 123 .data = {
124 [NEIGH_VAR_MCAST_PROBES] = 3,
125 [NEIGH_VAR_UCAST_PROBES] = 3,
126 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
127 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
128 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
129 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
130 [NEIGH_VAR_QUEUE_LEN_BYTES] = 64 * 1024,
131 [NEIGH_VAR_PROXY_QLEN] = 64,
132 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
133 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
134 },
1da177e4
LT		 135 },
136 .gc_interval = 30 * HZ,
137 .gc_thresh1 = 128,
138 .gc_thresh2 = 512,
139 .gc_thresh3 = 1024,
140};
c4850687 141EXPORT_SYMBOL_GPL(nd_tbl);
1da177e4 142
cc84b3c6
AA		 143void __ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data,
144 int data_len, int pad)
1da177e4 145{
8ec5da41 146 int space = __ndisc_opt_addr_space(data_len, pad);
5f5a0115 147 u8 *opt = skb_put(skb, space);
1da177e4
LT		 148
149 opt[0] = type;
150 opt[1] = space>>3;
151
152 memset(opt + 2, 0, pad);
153 opt += pad;
154 space -= pad;
155
156 memcpy(opt+2, data, data_len);
157 data_len += 2;
158 opt += data_len;
e5d08d71
IM		 159 space -= data_len;
160 if (space > 0)
1da177e4 161 memset(opt, 0, space);
1da177e4 162}
cc84b3c6 163EXPORT_SYMBOL_GPL(__ndisc_fill_addr_option);
1da177e4 164
8ec5da41 165static inline void ndisc_fill_addr_option(struct sk_buff *skb, int type,
f997c55c 166 void *data, u8 icmp6_type)
8ec5da41
AA		 167{
168 __ndisc_fill_addr_option(skb, type, data, skb->dev->addr_len,
169 ndisc_addr_option_pad(skb->dev->type));
f997c55c
AA		 170 ndisc_ops_fill_addr_option(skb->dev, skb, icmp6_type);
171}
172
173static inline void ndisc_fill_redirect_addr_option(struct sk_buff *skb,
174 void *ha,
175 const u8 *ops_data)
176{
177 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR, ha, NDISC_REDIRECT);
178 ndisc_ops_fill_redirect_addr_option(skb->dev, skb, ops_data);
8ec5da41
AA		 179}
180
1da177e4
LT		 181static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
182 struct nd_opt_hdr *end)
183{
184 int type;
185 if (!cur || !end || cur >= end)
186 return NULL;
187 type = cur->nd_opt_type;
188 do {
189 cur = ((void *)cur) + (cur->nd_opt_len << 3);
67ba4152 190 } while (cur < end && cur->nd_opt_type != type);
a02cec21 191 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
1da177e4
LT		 192}
193
f997c55c
AA		 194static inline int ndisc_is_useropt(const struct net_device *dev,
195 struct nd_opt_hdr *opt)
31910575 196{
e35f30c1 197 return opt->nd_opt_type == ND_OPT_RDNSS ||
f997c55c
AA		 198 opt->nd_opt_type == ND_OPT_DNSSL ||
199 ndisc_ops_is_useropt(dev, opt->nd_opt_type);
31910575
PY		 200}
201
f997c55c
AA		 202static struct nd_opt_hdr *ndisc_next_useropt(const struct net_device *dev,
203 struct nd_opt_hdr *cur,
31910575
PY		 204 struct nd_opt_hdr *end)
205{
206 if (!cur || !end || cur >= end)
207 return NULL;
208 do {
209 cur = ((void *)cur) + (cur->nd_opt_len << 3);
f997c55c
AA		 210 } while (cur < end && !ndisc_is_useropt(dev, cur));
211 return cur <= end && ndisc_is_useropt(dev, cur) ? cur : NULL;
31910575
PY		 212}
213
f997c55c
AA		 214struct ndisc_options *ndisc_parse_options(const struct net_device *dev,
215 u8 *opt, int opt_len,
30f2a5f3 216 struct ndisc_options *ndopts)
1da177e4
LT		 217{
218 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
219
220 if (!nd_opt || opt_len < 0 || !ndopts)
221 return NULL;
222 memset(ndopts, 0, sizeof(*ndopts));
223 while (opt_len) {
224 int l;
225 if (opt_len < sizeof(struct nd_opt_hdr))
226 return NULL;
227 l = nd_opt->nd_opt_len << 3;
228 if (opt_len < l || l == 0)
229 return NULL;
f997c55c
AA		 230 if (ndisc_ops_parse_options(dev, nd_opt, ndopts))
231 goto next_opt;
1da177e4
LT		 232 switch (nd_opt->nd_opt_type) {
233 case ND_OPT_SOURCE_LL_ADDR:
234 case ND_OPT_TARGET_LL_ADDR:
235 case ND_OPT_MTU:
236 case ND_OPT_REDIRECT_HDR:
237 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
675418d5
JP		 238 ND_PRINTK(2, warn,
239 "%s: duplicated ND6 option found: type=%d\n",
240 __func__, nd_opt->nd_opt_type);
1da177e4
LT		 241 } else {
242 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
243 }
244 break;
245 case ND_OPT_PREFIX_INFO:
246 ndopts->nd_opts_pi_end = nd_opt;
cfcabdcc 247 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
1da177e4
LT		 248 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
249 break;
70ceb4f5
YH		 250#ifdef CONFIG_IPV6_ROUTE_INFO
251 case ND_OPT_ROUTE_INFO:
252 ndopts->nd_opts_ri_end = nd_opt;
253 if (!ndopts->nd_opts_ri)
254 ndopts->nd_opts_ri = nd_opt;
255 break;
256#endif
1da177e4 257 default:
f997c55c 258 if (ndisc_is_useropt(dev, nd_opt)) {
31910575
PY		 259 ndopts->nd_useropts_end = nd_opt;
260 if (!ndopts->nd_useropts)
261 ndopts->nd_useropts = nd_opt;
262 } else {
263 /*
264 * Unknown options must be silently ignored,
265 * to accommodate future extension to the
266 * protocol.
267 */
675418d5
JP		 268 ND_PRINTK(2, notice,
269 "%s: ignored unsupported option; type=%d, len=%d\n",
270 __func__,
271 nd_opt->nd_opt_type,
272 nd_opt->nd_opt_len);
31910575 273 }
1da177e4 274 }
f997c55c 275next_opt:
1da177e4
LT		 276 opt_len -= l;
277 nd_opt = ((void *)nd_opt) + l;
278 }
279 return ndopts;
280}
281
b71d1d42 282int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
1da177e4
LT		 283{
284 switch (dev->type) {
285 case ARPHRD_ETHER:
286 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
287 case ARPHRD_FDDI:
288 ipv6_eth_mc_map(addr, buf);
289 return 0;
1da177e4
LT		 290 case ARPHRD_ARCNET:
291 ipv6_arcnet_mc_map(addr, buf);
292 return 0;
293 case ARPHRD_INFINIBAND:
a9e527e3 294 ipv6_ib_mc_map(addr, dev->broadcast, buf);
1da177e4 295 return 0;
93ca3bb5
TT		 296 case ARPHRD_IPGRE:
297 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
1da177e4
LT		 298 default:
299 if (dir) {
300 memcpy(buf, dev->broadcast, dev->addr_len);
301 return 0;
302 }
303 }
304 return -EINVAL;
305}
7159039a
YH		 306EXPORT_SYMBOL(ndisc_mc_map);
307
d6bf7817
ED		 308static u32 ndisc_hash(const void *pkey,
309 const struct net_device *dev,
2c2aba6c 310 __u32 *hash_rnd)
1da177e4 311{
2c2aba6c 312 return ndisc_hashfn(pkey, dev, hash_rnd);
1da177e4
LT		 313}
314
60395a20
EB		 315static bool ndisc_key_eq(const struct neighbour *n, const void *pkey)
316{
317 return neigh_key_eq128(n, pkey);
318}
319
1da177e4
LT		 320static int ndisc_constructor(struct neighbour *neigh)
321{
67ba4152 322 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
1da177e4
LT		 323 struct net_device *dev = neigh->dev;
324 struct inet6_dev *in6_dev;
325 struct neigh_parms *parms;
a50feda5 326 bool is_multicast = ipv6_addr_is_multicast(addr);
1da177e4 327
1da177e4 328 in6_dev = in6_dev_get(dev);
63159f29 329 if (!in6_dev) {
1da177e4
LT		 330 return -EINVAL;
331 }
332
333 parms = in6_dev->nd_parms;
334 __neigh_parms_put(neigh->parms);
335 neigh->parms = neigh_parms_clone(parms);
1da177e4
LT		 336
337 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
3b04ddde 338 if (!dev->header_ops) {
1da177e4
LT		 339 neigh->nud_state = NUD_NOARP;
340 neigh->ops = &ndisc_direct_ops;
8f40b161 341 neigh->output = neigh_direct_output;
1da177e4
LT		 342 } else {
343 if (is_multicast) {
344 neigh->nud_state = NUD_NOARP;
345 ndisc_mc_map(addr, neigh->ha, dev, 1);
346 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
347 neigh->nud_state = NUD_NOARP;
348 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
349 if (dev->flags&IFF_LOOPBACK)
350 neigh->type = RTN_LOCAL;
351 } else if (dev->flags&IFF_POINTOPOINT) {
352 neigh->nud_state = NUD_NOARP;
353 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
354 }
3b04ddde 355 if (dev->header_ops->cache)
1da177e4
LT		 356 neigh->ops = &ndisc_hh_ops;
357 else
358 neigh->ops = &ndisc_generic_ops;
359 if (neigh->nud_state&NUD_VALID)
360 neigh->output = neigh->ops->connected_output;
361 else
362 neigh->output = neigh->ops->output;
363 }
364 in6_dev_put(in6_dev);
365 return 0;
366}
367
368static int pndisc_constructor(struct pneigh_entry *n)
369{
67ba4152 370 struct in6_addr *addr = (struct in6_addr *)&n->key;
1da177e4
LT		 371 struct in6_addr maddr;
372 struct net_device *dev = n->dev;
373
63159f29 374 if (!dev || !__in6_dev_get(dev))
1da177e4
LT		 375 return -EINVAL;
376 addrconf_addr_solict_mult(addr, &maddr);
377 ipv6_dev_mc_inc(dev, &maddr);
378 return 0;
379}
380
381static void pndisc_destructor(struct pneigh_entry *n)
382{
67ba4152 383 struct in6_addr *addr = (struct in6_addr *)&n->key;
1da177e4
LT		 384 struct in6_addr maddr;
385 struct net_device *dev = n->dev;
386
63159f29 387 if (!dev || !__in6_dev_get(dev))
1da177e4
LT		 388 return;
389 addrconf_addr_solict_mult(addr, &maddr);
390 ipv6_dev_mc_dec(dev, &maddr);
391}
392
de09334b
YH		 393static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
394 int len)
395{
396 int hlen = LL_RESERVED_SPACE(dev);
397 int tlen = dev->needed_tailroom;
398 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
399 struct sk_buff *skb;
de09334b 400
25a6e6b8 401 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
de09334b 402 if (!skb) {
25a6e6b8
TG		 403 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
404 __func__);
de09334b
YH		 405 return NULL;
406 }
407
f382d03a
YH		 408 skb->protocol = htons(ETH_P_IPV6);
409 skb->dev = dev;
410
527a150f 411 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
5135e633 412 skb_reset_transport_header(skb);
de09334b 413
25a6e6b8
TG		 414 /* Manually assign socket ownership as we avoid calling
415 * sock_alloc_send_pskb() to bypass wmem buffer limits
416 */
417 skb_set_owner_w(skb, sk);
418
de09334b
YH		 419 return skb;
420}
421
f382d03a 422static void ip6_nd_hdr(struct sk_buff *skb,
2576f17d
YH		 423 const struct in6_addr *saddr,
424 const struct in6_addr *daddr,
c8d6c380 425 int hop_limit, int len)
2576f17d
YH		 426{
427 struct ipv6hdr *hdr;
428
527a150f 429 skb_push(skb, sizeof(*hdr));
2576f17d 430 skb_reset_network_header(skb);
2576f17d
YH		 431 hdr = ipv6_hdr(skb);
432
433 ip6_flow_hdr(hdr, 0, 0);
434
435 hdr->payload_len = htons(len);
c8d6c380
YH		 436 hdr->nexthdr = IPPROTO_ICMPV6;
437 hdr->hop_limit = hop_limit;
2576f17d
YH		 438
439 hdr->saddr = *saddr;
440 hdr->daddr = *daddr;
441}
442
af9a9976 443static void ndisc_send_skb(struct sk_buff *skb,
fd0ea7db 444 const struct in6_addr *daddr,
aa4bdd4b 445 const struct in6_addr *saddr)
305d552a 446{
f4de84c6 447 struct dst_entry *dst = skb_dst(skb);
af9a9976 448 struct net *net = dev_net(skb->dev);
7b3d9b06 449 struct sock *sk = net->ipv6.ndisc_sk;
305d552a
BH		 450 struct inet6_dev *idev;
451 int err;
aa4bdd4b 452 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
305d552a
BH		 453 u8 type;
454
455 type = icmp6h->icmp6_type;
456
f4de84c6 457 if (!dst) {
f4de84c6 458 struct flowi6 fl6;
e0d56fdd 459 int oif = skb->dev->ifindex;
305d552a 460
ca254490 461 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, oif);
f4de84c6
YH		 462 dst = icmp6_dst_alloc(skb->dev, &fl6);
463 if (IS_ERR(dst)) {
464 kfree_skb(skb);
465 return;
466 }
467
468 skb_dst_set(skb, dst);
469 }
e1ec7842 470
7b3d9b06
YH		 471 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
472 IPPROTO_ICMPV6,
473 csum_partial(icmp6h,
474 skb->len, 0));
475
476 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
477
cfdf7647
ED		 478 rcu_read_lock();
479 idev = __in6_dev_get(dst->dev);
edf391ff 480 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
e1ec7842 481
29a26a56
EB		 482 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
483 net, sk, skb, NULL, dst->dev,
13206b6b 484 dst_output);
1da177e4 485 if (!err) {
5c5d244b 486 ICMP6MSGOUT_INC_STATS(net, idev, type);
a862f6a6 487 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1da177e4
LT		 488 }
489
cfdf7647 490 rcu_read_unlock();
1ab1457c 491}
1da177e4 492
38cf595b 493void ndisc_send_na(struct net_device *dev, const struct in6_addr *daddr,
f564f45c
CW		 494 const struct in6_addr *solicited_addr,
495 bool router, bool solicited, bool override, bool inc_opt)
e1ec7842 496{
b44b5f4a 497 struct sk_buff *skb;
e1ec7842
YH		 498 struct in6_addr tmpaddr;
499 struct inet6_ifaddr *ifp;
9acd9f3a 500 const struct in6_addr *src_addr;
1cb3fe51
YH		 501 struct nd_msg *msg;
502 int optlen = 0;
e1ec7842
YH		 503
504 /* for anycast or proxy, solicited_addr != src_addr */
c346dca1 505 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
e1ec7842
YH		 506 if (ifp) {
507 src_addr = solicited_addr;
508 if (ifp->flags & IFA_F_OPTIMISTIC)
f2f79cca 509 override = false;
9f888160 510 inc_opt |= ifp->idev->cnf.force_tllao;
e1ec7842
YH		 511 in6_ifa_put(ifp);
512 } else {
191cd582 513 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
c346dca1 514 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
7cbca67c 515 &tmpaddr))
e1ec7842
YH		 516 return;
517 src_addr = &tmpaddr;
518 }
519
1cb3fe51
YH		 520 if (!dev->addr_len)
521 inc_opt = 0;
522 if (inc_opt)
f997c55c
AA		 523 optlen += ndisc_opt_addr_space(dev,
524 NDISC_NEIGHBOUR_ADVERTISEMENT);
e1ec7842 525
1cb3fe51 526 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
b44b5f4a
YH		 527 if (!skb)
528 return;
529
1cb3fe51
YH		 530 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
531 *msg = (struct nd_msg) {
532 .icmph = {
533 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
534 .icmp6_router = router,
535 .icmp6_solicited = solicited,
536 .icmp6_override = override,
537 },
538 .target = *solicited_addr,
539 };
540
541 if (inc_opt)
542 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
f997c55c
AA		 543 dev->dev_addr,
544 NDISC_NEIGHBOUR_ADVERTISEMENT);
1cb3fe51 545
b44b5f4a 546 ndisc_send_skb(skb, daddr, src_addr);
e1ec7842
YH		 547}
548
f47b9464
BH		 549static void ndisc_send_unsol_na(struct net_device *dev)
550{
551 struct inet6_dev *idev;
552 struct inet6_ifaddr *ifa;
f47b9464
BH		 553
554 idev = in6_dev_get(dev);
555 if (!idev)
556 return;
557
558 read_lock_bh(&idev->lock);
559 list_for_each_entry(ifa, &idev->addr_list, if_list) {
38cf595b 560 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &ifa->addr,
f47b9464
BH		 561 /*router=*/ !!idev->cnf.forwarding,
562 /*solicited=*/ false, /*override=*/ true,
563 /*inc_opt=*/ true);
564 }
565 read_unlock_bh(&idev->lock);
566
567 in6_dev_put(idev);
568}
569
38cf595b 570void ndisc_send_ns(struct net_device *dev, const struct in6_addr *solicit,
304d888b 571 const struct in6_addr *daddr, const struct in6_addr *saddr)
1da177e4 572{
b44b5f4a 573 struct sk_buff *skb;
1da177e4 574 struct in6_addr addr_buf;
1cb3fe51
YH		 575 int inc_opt = dev->addr_len;
576 int optlen = 0;
577 struct nd_msg *msg;
1da177e4 578
63159f29 579 if (!saddr) {
95c385b4
NH		 580 if (ipv6_get_lladdr(dev, &addr_buf,
581 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
1da177e4
LT		 582 return;
583 saddr = &addr_buf;
584 }
585
1cb3fe51 586 if (ipv6_addr_any(saddr))
f2f79cca 587 inc_opt = false;
1cb3fe51 588 if (inc_opt)
f997c55c
AA		 589 optlen += ndisc_opt_addr_space(dev,
590 NDISC_NEIGHBOUR_SOLICITATION);
1cb3fe51
YH		 591
592 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
b44b5f4a
YH		 593 if (!skb)
594 return;
595
1cb3fe51
YH		 596 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
597 *msg = (struct nd_msg) {
598 .icmph = {
599 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
600 },
601 .target = *solicit,
602 };
603
604 if (inc_opt)
605 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
f997c55c
AA		 606 dev->dev_addr,
607 NDISC_NEIGHBOUR_SOLICITATION);
1cb3fe51 608
b44b5f4a 609 ndisc_send_skb(skb, daddr, saddr);
1da177e4
LT		 610}
611
9acd9f3a
YH		 612void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
613 const struct in6_addr *daddr)
1da177e4 614{
b44b5f4a 615 struct sk_buff *skb;
1cb3fe51 616 struct rs_msg *msg;
95c385b4 617 int send_sllao = dev->addr_len;
1cb3fe51 618 int optlen = 0;
95c385b4
NH		 619
620#ifdef CONFIG_IPV6_OPTIMISTIC_DAD
621 /*
622 * According to section 2.2 of RFC 4429, we must not
623 * send router solicitations with a sllao from
624 * optimistic addresses, but we may send the solicitation
625 * if we don't include the sllao. So here we check
626 * if our address is optimistic, and if so, we
bea85195 627 * suppress the inclusion of the sllao.
95c385b4
NH		 628 */
629 if (send_sllao) {
c346dca1 630 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
1cab3da6 631 dev, 1);
95c385b4
NH		 632 if (ifp) {
633 if (ifp->flags & IFA_F_OPTIMISTIC) {
ca043569 634 send_sllao = 0;
95c385b4 635 }
ca043569 636 in6_ifa_put(ifp);
95c385b4
NH		 637 } else {
638 send_sllao = 0;
639 }
640 }
641#endif
1cb3fe51 642 if (send_sllao)
f997c55c 643 optlen += ndisc_opt_addr_space(dev, NDISC_ROUTER_SOLICITATION);
1cb3fe51
YH		 644
645 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
b44b5f4a
YH		 646 if (!skb)
647 return;
648
1cb3fe51
YH		 649 msg = (struct rs_msg *)skb_put(skb, sizeof(*msg));
650 *msg = (struct rs_msg) {
651 .icmph = {
652 .icmp6_type = NDISC_ROUTER_SOLICITATION,
653 },
654 };
655
656 if (send_sllao)
657 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
f997c55c
AA		 658 dev->dev_addr,
659 NDISC_ROUTER_SOLICITATION);
1cb3fe51 660
b44b5f4a 661 ndisc_send_skb(skb, daddr, saddr);
1da177e4 662}
1ab1457c 663
1da177e4
LT		 664
665static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
666{
667 /*
668 * "The sender MUST return an ICMP
669 * destination unreachable"
670 */
671 dst_link_failure(skb);
672 kfree_skb(skb);
673}
674
675/* Called with locked neigh: either read or both */
676
677static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
678{
679 struct in6_addr *saddr = NULL;
680 struct in6_addr mcaddr;
681 struct net_device *dev = neigh->dev;
682 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
683 int probes = atomic_read(&neigh->probes);
684
c58da4c6
EK		 685 if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
686 dev, 1,
687 IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
0660e03f 688 saddr = &ipv6_hdr(skb)->saddr;
e5d08d71
IM		 689 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
690 if (probes < 0) {
1da177e4 691 if (!(neigh->nud_state & NUD_VALID)) {
675418d5
JP		 692 ND_PRINTK(1, dbg,
693 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
694 __func__, target);
1da177e4 695 }
304d888b 696 ndisc_send_ns(dev, target, target, saddr);
1f9248e5 697 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
1da177e4 698 neigh_app_ns(neigh);
1da177e4
LT		 699 } else {
700 addrconf_addr_solict_mult(target, &mcaddr);
304d888b 701 ndisc_send_ns(dev, target, &mcaddr, saddr);
1da177e4
LT		 702 }
703}
704
0736ffc0
YH		 705static int pndisc_is_router(const void *pkey,
706 struct net_device *dev)
fa86d322
PE		 707{
708 struct pneigh_entry *n;
0736ffc0 709 int ret = -1;
fa86d322
PE		 710
711 read_lock_bh(&nd_tbl.lock);
0736ffc0
YH		 712 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
713 if (n)
714 ret = !!(n->flags & NTF_ROUTER);
fa86d322
PE		 715 read_unlock_bh(&nd_tbl.lock);
716
0736ffc0 717 return ret;
fa86d322
PE		 718}
719
f997c55c
AA		 720void ndisc_update(const struct net_device *dev, struct neighbour *neigh,
721 const u8 *lladdr, u8 new, u32 flags, u8 icmp6_type,
722 struct ndisc_options *ndopts)
723{
724 neigh_update(neigh, lladdr, new, flags);
725 /* report ndisc ops about neighbour update */
726 ndisc_ops_update(dev, neigh, flags, icmp6_type, ndopts);
727}
728
1da177e4
LT		 729static void ndisc_recv_ns(struct sk_buff *skb)
730{
9c70220b 731 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
b71d1d42
ED		 732 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
733 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
1da177e4 734 u8 *lladdr = NULL;
29a3cad5 735 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
27a884dc 736 offsetof(struct nd_msg, opt));
1da177e4
LT		 737 struct ndisc_options ndopts;
738 struct net_device *dev = skb->dev;
739 struct inet6_ifaddr *ifp;
740 struct inet6_dev *idev = NULL;
741 struct neighbour *neigh;
742 int dad = ipv6_addr_any(saddr);
a50feda5 743 bool inc;
0736ffc0 744 int is_router = -1;
1da177e4 745
115b0aa6
YH		 746 if (skb->len < sizeof(struct nd_msg)) {
747 ND_PRINTK(2, warn, "NS: packet too short\n");
748 return;
749 }
750
1da177e4 751 if (ipv6_addr_is_multicast(&msg->target)) {
675418d5 752 ND_PRINTK(2, warn, "NS: multicast target address\n");
1da177e4
LT		 753 return;
754 }
755
756 /*
757 * RFC2461 7.1.1:
758 * DAD has to be destined for solicited node multicast address.
759 */
ca97a644 760 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
675418d5 761 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
1da177e4
LT		 762 return;
763 }
764
f997c55c 765 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
675418d5 766 ND_PRINTK(2, warn, "NS: invalid ND options\n");
1da177e4
LT		 767 return;
768 }
769
770 if (ndopts.nd_opts_src_lladdr) {
771 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
772 if (!lladdr) {
675418d5
JP		 773 ND_PRINTK(2, warn,
774 "NS: invalid link-layer address length\n");
1da177e4
LT		 775 return;
776 }
777
778 /* RFC2461 7.1.1:
1ab1457c
YH		 779 * If the IP source address is the unspecified address,
780 * there MUST NOT be source link-layer address option
1da177e4
LT		 781 * in the message.
782 */
783 if (dad) {
675418d5
JP		 784 ND_PRINTK(2, warn,
785 "NS: bad DAD packet (link-layer address option)\n");
1da177e4
LT		 786 return;
787 }
788 }
789
790 inc = ipv6_addr_is_multicast(daddr);
791
c346dca1 792 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
a18bc695 793 if (ifp) {
ca254490 794have_ifp:
95c385b4
NH		 795 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
796 if (dad) {
95c385b4
NH		 797 /*
798 * We are colliding with another node
799 * who is doing DAD
800 * so fail our DAD process
801 */
802 addrconf_dad_failure(ifp);
9e3be4b3 803 return;
95c385b4
NH		 804 } else {
805 /*
806 * This is not a dad solicitation.
807 * If we are an optimistic node,
808 * we should respond.
809 * Otherwise, we should ignore it.
810 */
811 if (!(ifp->flags & IFA_F_OPTIMISTIC))
1da177e4 812 goto out;
1da177e4 813 }
1da177e4
LT		 814 }
815
816 idev = ifp->idev;
817 } else {
53b7997f
YH		 818 struct net *net = dev_net(dev);
819
ca254490
DA		 820 /* perhaps an address on the master device */
821 if (netif_is_l3_slave(dev)) {
822 struct net_device *mdev;
823
824 mdev = netdev_master_upper_dev_get_rcu(dev);
825 if (mdev) {
826 ifp = ipv6_get_ifaddr(net, &msg->target, mdev, 1);
827 if (ifp)
828 goto have_ifp;
829 }
830 }
831
1da177e4
LT		 832 idev = in6_dev_get(dev);
833 if (!idev) {
834 /* XXX: count this drop? */
835 return;
836 }
837
53b7997f 838 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
1ab1457c 839 (idev->cnf.forwarding &&
53b7997f 840 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
0736ffc0 841 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
a61bbcf2 842 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
1da177e4 843 skb->pkt_type != PACKET_HOST &&
f2f79cca 844 inc &&
1f9248e5 845 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
1da177e4
LT		 846 /*
847 * for anycast or proxy,
1ab1457c
YH		 848 * sender should delay its response
849 * by a random time between 0 and
1da177e4
LT		 850 * MAX_ANYCAST_DELAY_TIME seconds.
851 * (RFC2461) -- yoshfuji
852 */
853 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
854 if (n)
855 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
856 goto out;
857 }
858 } else
859 goto out;
860 }
861
0736ffc0 862 if (is_router < 0)
fb568637 863 is_router = idev->cnf.forwarding;
62dd9318 864
1da177e4 865 if (dad) {
38cf595b 866 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &msg->target,
fb568637 867 !!is_router, false, (ifp != NULL), true);
1da177e4
LT		 868 goto out;
869 }
870
871 if (inc)
872 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
873 else
874 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
875
1ab1457c 876 /*
1da177e4
LT		 877 * update / create cache entry
878 * for the source address
879 */
880 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
881 !inc || lladdr || !dev->addr_len);
882 if (neigh)
f997c55c 883 ndisc_update(dev, neigh, lladdr, NUD_STALE,
1da177e4 884 NEIGH_UPDATE_F_WEAK_OVERRIDE|
f997c55c
AA		 885 NEIGH_UPDATE_F_OVERRIDE,
886 NDISC_NEIGHBOUR_SOLICITATION, &ndopts);
3b04ddde 887 if (neigh || !dev->header_ops) {
38cf595b 888 ndisc_send_na(dev, saddr, &msg->target, !!is_router,
fb568637 889 true, (ifp != NULL && inc), inc);
1da177e4
LT		 890 if (neigh)
891 neigh_release(neigh);
892 }
893
894out:
895 if (ifp)
896 in6_ifa_put(ifp);
897 else
898 in6_dev_put(idev);
1da177e4
LT		 899}
900
901static void ndisc_recv_na(struct sk_buff *skb)
902{
9c70220b 903 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
be7a010d 904 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
b71d1d42 905 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
1da177e4 906 u8 *lladdr = NULL;
29a3cad5 907 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
27a884dc 908 offsetof(struct nd_msg, opt));
1da177e4
LT		 909 struct ndisc_options ndopts;
910 struct net_device *dev = skb->dev;
7a02bf89 911 struct inet6_dev *idev = __in6_dev_get(dev);
1da177e4
LT		 912 struct inet6_ifaddr *ifp;
913 struct neighbour *neigh;
914
915 if (skb->len < sizeof(struct nd_msg)) {
675418d5 916 ND_PRINTK(2, warn, "NA: packet too short\n");
1da177e4
LT		 917 return;
918 }
919
920 if (ipv6_addr_is_multicast(&msg->target)) {
675418d5 921 ND_PRINTK(2, warn, "NA: target address is multicast\n");
1da177e4
LT		 922 return;
923 }
924
925 if (ipv6_addr_is_multicast(daddr) &&
926 msg->icmph.icmp6_solicited) {
675418d5 927 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
1da177e4
LT		 928 return;
929 }
1ab1457c 930
7a02bf89
JB		 931 /* For some 802.11 wireless deployments (and possibly other networks),
932 * there will be a NA proxy and unsolicitd packets are attacks
933 * and thus should not be accepted.
934 */
935 if (!msg->icmph.icmp6_solicited && idev &&
936 idev->cnf.drop_unsolicited_na)
937 return;
938
f997c55c 939 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
675418d5 940 ND_PRINTK(2, warn, "NS: invalid ND option\n");
1da177e4
LT		 941 return;
942 }
943 if (ndopts.nd_opts_tgt_lladdr) {
944 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
945 if (!lladdr) {
675418d5
JP		 946 ND_PRINTK(2, warn,
947 "NA: invalid link-layer address length\n");
1da177e4
LT		 948 return;
949 }
950 }
c346dca1 951 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
a18bc695 952 if (ifp) {
bd015928
DW		 953 if (skb->pkt_type != PACKET_LOOPBACK
954 && (ifp->flags & IFA_F_TENTATIVE)) {
955 addrconf_dad_failure(ifp);
956 return;
1da177e4
LT		 957 }
958 /* What should we make now? The advertisement
959 is invalid, but ndisc specs say nothing
960 about it. It could be misconfiguration, or
961 an smart proxy agent tries to help us :-)
24fc7b86
JS		 962
963 We should not print the error if NA has been
964 received from loopback - it is just our own
965 unsolicited advertisement.
1da177e4 966 */
24fc7b86 967 if (skb->pkt_type != PACKET_LOOPBACK)
675418d5
JP		 968 ND_PRINTK(1, warn,
969 "NA: someone advertises our address %pI6 on %s!\n",
970 &ifp->addr, ifp->idev->dev->name);
1da177e4
LT		 971 in6_ifa_put(ifp);
972 return;
973 }
974 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
975
976 if (neigh) {
977 u8 old_flags = neigh->flags;
53b7997f 978 struct net *net = dev_net(dev);
1da177e4
LT		 979
980 if (neigh->nud_state & NUD_FAILED)
981 goto out;
982
5f3e6e9e
VN		 983 /*
984 * Don't update the neighbor cache entry on a proxy NA from
985 * ourselves because either the proxied node is off link or it
986 * has already sent a NA to us.
987 */
988 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
53b7997f
YH		 989 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
990 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
b20b6d97 991 /* XXX: idev->cnf.proxy_ndp */
5f3e6e9e 992 goto out;
fbea49e1 993 }
5f3e6e9e 994
f997c55c 995 ndisc_update(dev, neigh, lladdr,
1da177e4
LT		 996 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
997 NEIGH_UPDATE_F_WEAK_OVERRIDE|
998 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
999 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
f997c55c
AA		 1000 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0),
1001 NDISC_NEIGHBOUR_ADVERTISEMENT, &ndopts);
1da177e4
LT		 1002
1003 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
1004 /*
1005 * Change: router to host
1006 */
be7a010d 1007 rt6_clean_tohost(dev_net(dev), saddr);
1da177e4
LT		 1008 }
1009
1010out:
1011 neigh_release(neigh);
1012 }
1013}
1014
1015static void ndisc_recv_rs(struct sk_buff *skb)
1016{
9c70220b 1017 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1da177e4
LT		 1018 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1019 struct neighbour *neigh;
1020 struct inet6_dev *idev;
b71d1d42 1021 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1da177e4
LT		 1022 struct ndisc_options ndopts;
1023 u8 *lladdr = NULL;
1024
1025 if (skb->len < sizeof(*rs_msg))
1026 return;
1027
cfdf7647 1028 idev = __in6_dev_get(skb->dev);
1da177e4 1029 if (!idev) {
675418d5 1030 ND_PRINTK(1, err, "RS: can't find in6 device\n");
1da177e4
LT		 1031 return;
1032 }
1033
1034 /* Don't accept RS if we're not in router mode */
1035 if (!idev->cnf.forwarding)
1036 goto out;
1037
1038 /*
1039 * Don't update NCE if src = ::;
1040 * this implies that the source node has no ip address assigned yet.
1041 */
1042 if (ipv6_addr_any(saddr))
1043 goto out;
1044
1045 /* Parse ND options */
f997c55c 1046 if (!ndisc_parse_options(skb->dev, rs_msg->opt, ndoptlen, &ndopts)) {
675418d5 1047 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
1da177e4
LT		 1048 goto out;
1049 }
1050
1051 if (ndopts.nd_opts_src_lladdr) {
1052 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1053 skb->dev);
1054 if (!lladdr)
1055 goto out;
1056 }
1057
1058 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1059 if (neigh) {
f997c55c 1060 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1da177e4
LT		 1061 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1062 NEIGH_UPDATE_F_OVERRIDE|
f997c55c
AA		 1063 NEIGH_UPDATE_F_OVERRIDE_ISROUTER,
1064 NDISC_ROUTER_SOLICITATION, &ndopts);
1da177e4
LT		 1065 neigh_release(neigh);
1066 }
1067out:
cfdf7647 1068 return;
1da177e4
LT		 1069}
1070
31910575
PY		 1071static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1072{
1073 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1074 struct sk_buff *skb;
1075 struct nlmsghdr *nlh;
1076 struct nduseroptmsg *ndmsg;
c346dca1 1077 struct net *net = dev_net(ra->dev);
31910575
PY		 1078 int err;
1079 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1080 + (opt->nd_opt_len << 3));
1081 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1082
1083 skb = nlmsg_new(msg_size, GFP_ATOMIC);
63159f29 1084 if (!skb) {
31910575
PY		 1085 err = -ENOBUFS;
1086 goto errout;
1087 }
1088
1089 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
63159f29 1090 if (!nlh) {
31910575
PY		 1091 goto nla_put_failure;
1092 }
1093
1094 ndmsg = nlmsg_data(nlh);
1095 ndmsg->nduseropt_family = AF_INET6;
dbb2ed24 1096 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
31910575
PY		 1097 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1098 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1099 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1100
1101 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1102
930345ea 1103 if (nla_put_in6_addr(skb, NDUSEROPT_SRCADDR, &ipv6_hdr(ra)->saddr))
c78679e8 1104 goto nla_put_failure;
31910575
PY		 1105 nlmsg_end(skb, nlh);
1106
1ce85fe4 1107 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
31910575
PY		 1108 return;
1109
1110nla_put_failure:
1111 nlmsg_free(skb);
1112 err = -EMSGSIZE;
1113errout:
a18bc695 1114 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
31910575
PY		 1115}
1116
1da177e4
LT		 1117static void ndisc_router_discovery(struct sk_buff *skb)
1118{
9c70220b 1119 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1da177e4
LT		 1120 struct neighbour *neigh = NULL;
1121 struct inet6_dev *in6_dev;
65f5c7c1 1122 struct rt6_info *rt = NULL;
1da177e4
LT		 1123 int lifetime;
1124 struct ndisc_options ndopts;
1125 int optlen;
ebacaaa0 1126 unsigned int pref = 0;
a394eef5 1127 __u32 old_if_flags;
2053aeb6 1128 bool send_ifinfo_notify = false;
1da177e4 1129
67ba4152 1130 __u8 *opt = (__u8 *)(ra_msg + 1);
1da177e4 1131
29a3cad5
SH		 1132 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1133 sizeof(struct ra_msg);
1da177e4 1134
f2a762d8
BG		 1135 ND_PRINTK(2, info,
1136 "RA: %s, dev: %s\n",
1137 __func__, skb->dev->name);
0660e03f 1138 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
675418d5 1139 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1da177e4
LT		 1140 return;
1141 }
1142 if (optlen < 0) {
675418d5 1143 ND_PRINTK(2, warn, "RA: packet too short\n");
1da177e4
LT		 1144 return;
1145 }
1146
de357cc0 1147#ifdef CONFIG_IPV6_NDISC_NODETYPE
fadf6bf0 1148 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
675418d5 1149 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
fadf6bf0
TF		 1150 return;
1151 }
de357cc0 1152#endif
fadf6bf0 1153
1da177e4
LT		 1154 /*
1155 * set the RA_RECV flag in the interface
1156 */
1157
cfdf7647 1158 in6_dev = __in6_dev_get(skb->dev);
63159f29 1159 if (!in6_dev) {
675418d5
JP		 1160 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1161 skb->dev->name);
1da177e4
LT		 1162 return;
1163 }
1da177e4 1164
f997c55c 1165 if (!ndisc_parse_options(skb->dev, opt, optlen, &ndopts)) {
675418d5 1166 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1da177e4
LT		 1167 return;
1168 }
1169
f2a762d8
BG		 1170 if (!ipv6_accept_ra(in6_dev)) {
1171 ND_PRINTK(2, info,
1172 "RA: %s, did not accept ra for dev: %s\n",
1173 __func__, skb->dev->name);
31ce8c71 1174 goto skip_linkparms;
f2a762d8 1175 }
31ce8c71 1176
de357cc0 1177#ifdef CONFIG_IPV6_NDISC_NODETYPE
fadf6bf0 1178 /* skip link-specific parameters from interior routers */
f2a762d8
BG		 1179 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1180 ND_PRINTK(2, info,
1181 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1182 __func__, skb->dev->name);
fadf6bf0 1183 goto skip_linkparms;
f2a762d8 1184 }
de357cc0 1185#endif
fadf6bf0 1186
1da177e4
LT		 1187 if (in6_dev->if_flags & IF_RS_SENT) {
1188 /*
1189 * flag that an RA was received after an RS was sent
1190 * out on this interface.
1191 */
1192 in6_dev->if_flags |= IF_RA_RCVD;
1193 }
1194
1195 /*
1196 * Remember the managed/otherconf flags from most recently
1197 * received RA message (RFC 2462) -- yoshfuji
1198 */
a394eef5 1199 old_if_flags = in6_dev->if_flags;
1da177e4
LT		 1200 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1201 IF_RA_OTHERCONF)) |
1202 (ra_msg->icmph.icmp6_addrconf_managed ?
1203 IF_RA_MANAGED : 0) |
1204 (ra_msg->icmph.icmp6_addrconf_other ?
1205 IF_RA_OTHERCONF : 0);
1206
a394eef5 1207 if (old_if_flags != in6_dev->if_flags)
2053aeb6 1208 send_ifinfo_notify = true;
a394eef5 1209
f2a762d8
BG		 1210 if (!in6_dev->cnf.accept_ra_defrtr) {
1211 ND_PRINTK(2, info,
1212 "RA: %s, defrtr is false for dev: %s\n",
1213 __func__, skb->dev->name);
65f5c7c1 1214 goto skip_defrtr;
f2a762d8 1215 }
65f5c7c1 1216
d9333196
BG		 1217 /* Do not accept RA with source-addr found on local machine unless
1218 * accept_ra_from_local is set to true.
1219 */
b6428817
LR		 1220 if (!in6_dev->cnf.accept_ra_from_local &&
1221 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
c1a9a291 1222 in6_dev->dev, 0)) {
f2a762d8 1223 ND_PRINTK(2, info,
d9333196
BG		 1224 "RA from local address detected on dev: %s: default router ignored\n",
1225 skb->dev->name);
9f56220f 1226 goto skip_defrtr;
f2a762d8 1227 }
9f56220f 1228
1da177e4
LT		 1229 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1230
ebacaaa0
YH		 1231#ifdef CONFIG_IPV6_ROUTER_PREF
1232 pref = ra_msg->icmph.icmp6_router_pref;
1233 /* 10b is handled as if it were 00b (medium) */
930d6ff2 1234 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
6d5b78cd 1235 !in6_dev->cnf.accept_ra_rtr_pref)
ebacaaa0
YH		 1236 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1237#endif
1238
0660e03f 1239 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1da177e4 1240
eb857186
DM		 1241 if (rt) {
1242 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1243 if (!neigh) {
675418d5
JP		 1244 ND_PRINTK(0, err,
1245 "RA: %s got default router without neighbour\n",
1246 __func__);
94e187c0 1247 ip6_rt_put(rt);
eb857186
DM		 1248 return;
1249 }
1250 }
1da177e4 1251 if (rt && lifetime == 0) {
e0a1ad73 1252 ip6_del_rt(rt);
1da177e4
LT		 1253 rt = NULL;
1254 }
1255
f2a762d8
BG		 1256 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1257 rt, lifetime, skb->dev->name);
63159f29 1258 if (!rt && lifetime) {
f2a762d8 1259 ND_PRINTK(3, info, "RA: adding default router\n");
1da177e4 1260
0660e03f 1261 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
63159f29 1262 if (!rt) {
675418d5
JP		 1263 ND_PRINTK(0, err,
1264 "RA: %s failed to add default route\n",
1265 __func__);
1da177e4
LT		 1266 return;
1267 }
1268
eb857186 1269 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
63159f29 1270 if (!neigh) {
675418d5
JP		 1271 ND_PRINTK(0, err,
1272 "RA: %s got default router without neighbour\n",
1273 __func__);
94e187c0 1274 ip6_rt_put(rt);
1da177e4
LT		 1275 return;
1276 }
1277 neigh->flags |= NTF_ROUTER;
ebacaaa0 1278 } else if (rt) {
22441cfa 1279 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1da177e4
LT		 1280 }
1281
1282 if (rt)
1716a961 1283 rt6_set_expires(rt, jiffies + (HZ * lifetime));
8013d1d7
HL		 1284 if (in6_dev->cnf.accept_ra_min_hop_limit < 256 &&
1285 ra_msg->icmph.icmp6_hop_limit) {
1286 if (in6_dev->cnf.accept_ra_min_hop_limit <= ra_msg->icmph.icmp6_hop_limit) {
6fd99094 1287 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
8013d1d7
HL		 1288 if (rt)
1289 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1290 ra_msg->icmph.icmp6_hop_limit);
6fd99094 1291 } else {
8013d1d7 1292 ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than minimum\n");
6fd99094 1293 }
1da177e4
LT		 1294 }
1295
65f5c7c1
YH		 1296skip_defrtr:
1297
1da177e4
LT		 1298 /*
1299 * Update Reachable Time and Retrans Timer
1300 */
1301
1302 if (in6_dev->nd_parms) {
1303 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1304
1305 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1306 rtime = (rtime*HZ)/1000;
1307 if (rtime < HZ/10)
1308 rtime = HZ/10;
1f9248e5 1309 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1da177e4 1310 in6_dev->tstamp = jiffies;
2053aeb6 1311 send_ifinfo_notify = true;
1da177e4
LT		 1312 }
1313
1314 rtime = ntohl(ra_msg->reachable_time);
1315 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1316 rtime = (rtime*HZ)/1000;
1317
1318 if (rtime < HZ/10)
1319 rtime = HZ/10;
1320
1f9248e5
JP		 1321 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1322 NEIGH_VAR_SET(in6_dev->nd_parms,
1323 BASE_REACHABLE_TIME, rtime);
1324 NEIGH_VAR_SET(in6_dev->nd_parms,
1325 GC_STALETIME, 3 * rtime);
1da177e4
LT		 1326 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1327 in6_dev->tstamp = jiffies;
2053aeb6 1328 send_ifinfo_notify = true;
1da177e4
LT		 1329 }
1330 }
1331 }
1332
2053aeb6
MT		 1333 /*
1334 * Send a notify if RA changed managed/otherconf flags or timer settings
1335 */
1336 if (send_ifinfo_notify)
1337 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1338
fadf6bf0
TF		 1339skip_linkparms:
1340
1da177e4
LT		 1341 /*
1342 * Process options.
1343 */
1344
1345 if (!neigh)
0660e03f 1346 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1da177e4
LT		 1347 skb->dev, 1);
1348 if (neigh) {
1349 u8 *lladdr = NULL;
1350 if (ndopts.nd_opts_src_lladdr) {
1351 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1352 skb->dev);
1353 if (!lladdr) {
675418d5
JP		 1354 ND_PRINTK(2, warn,
1355 "RA: invalid link-layer address length\n");
1da177e4
LT		 1356 goto out;
1357 }
1358 }
f997c55c 1359 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1da177e4
LT		 1360 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1361 NEIGH_UPDATE_F_OVERRIDE|
1362 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
f997c55c
AA		 1363 NEIGH_UPDATE_F_ISROUTER,
1364 NDISC_ROUTER_ADVERTISEMENT, &ndopts);
1da177e4
LT		 1365 }
1366
f2a762d8
BG		 1367 if (!ipv6_accept_ra(in6_dev)) {
1368 ND_PRINTK(2, info,
1369 "RA: %s, accept_ra is false for dev: %s\n",
1370 __func__, skb->dev->name);
31ce8c71 1371 goto out;
f2a762d8 1372 }
31ce8c71 1373
70ceb4f5 1374#ifdef CONFIG_IPV6_ROUTE_INFO
b6428817
LR		 1375 if (!in6_dev->cnf.accept_ra_from_local &&
1376 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
c1a9a291 1377 in6_dev->dev, 0)) {
f2a762d8 1378 ND_PRINTK(2, info,
d9333196
BG		 1379 "RA from local address detected on dev: %s: router info ignored.\n",
1380 skb->dev->name);
9f56220f 1381 goto skip_routeinfo;
f2a762d8 1382 }
9f56220f 1383
09c884d4 1384 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
70ceb4f5
YH		 1385 struct nd_opt_hdr *p;
1386 for (p = ndopts.nd_opts_ri;
1387 p;
1388 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
6294e000
YH		 1389 struct route_info *ri = (struct route_info *)p;
1390#ifdef CONFIG_IPV6_NDISC_NODETYPE
1391 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1392 ri->prefix_len == 0)
1393 continue;
1394#endif
30e56918
DJ		 1395 if (ri->prefix_len == 0 &&
1396 !in6_dev->cnf.accept_ra_defrtr)
1397 continue;
6294e000 1398 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
09c884d4 1399 continue;
67ba4152 1400 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
0660e03f 1401 &ipv6_hdr(skb)->saddr);
70ceb4f5
YH		 1402 }
1403 }
9f56220f
AH		 1404
1405skip_routeinfo:
70ceb4f5
YH		 1406#endif
1407
de357cc0 1408#ifdef CONFIG_IPV6_NDISC_NODETYPE
fadf6bf0 1409 /* skip link-specific ndopts from interior routers */
f2a762d8
BG		 1410 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1411 ND_PRINTK(2, info,
1412 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1413 __func__, skb->dev->name);
fadf6bf0 1414 goto out;
f2a762d8 1415 }
de357cc0 1416#endif
fadf6bf0 1417
c4fd30eb 1418 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1da177e4
LT		 1419 struct nd_opt_hdr *p;
1420 for (p = ndopts.nd_opts_pi;
1421 p;
1422 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
e6bff995
NH		 1423 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1424 (p->nd_opt_len) << 3,
1425 ndopts.nd_opts_src_lladdr != NULL);
1da177e4
LT		 1426 }
1427 }
1428
c2943f14 1429 if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
e69a4adc 1430 __be32 n;
1da177e4
LT		 1431 u32 mtu;
1432
67ba4152 1433 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
e69a4adc 1434 mtu = ntohl(n);
1da177e4
LT		 1435
1436 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
675418d5 1437 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1da177e4
LT		 1438 } else if (in6_dev->cnf.mtu6 != mtu) {
1439 in6_dev->cnf.mtu6 = mtu;
1440
1441 if (rt)
defb3519 1442 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1da177e4
LT		 1443
1444 rt6_mtu_change(skb->dev, mtu);
1445 }
1446 }
1ab1457c 1447
31910575 1448 if (ndopts.nd_useropts) {
61cf46ad
YH		 1449 struct nd_opt_hdr *p;
1450 for (p = ndopts.nd_useropts;
1451 p;
f997c55c
AA		 1452 p = ndisc_next_useropt(skb->dev, p,
1453 ndopts.nd_useropts_end)) {
61cf46ad 1454 ndisc_ra_useropt(skb, p);
31910575
PY		 1455 }
1456 }
1457
1da177e4 1458 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
675418d5 1459 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1da177e4
LT		 1460 }
1461out:
94e187c0 1462 ip6_rt_put(rt);
eb857186 1463 if (neigh)
1da177e4 1464 neigh_release(neigh);
1da177e4
LT		 1465}
1466
1467static void ndisc_redirect_rcv(struct sk_buff *skb)
1468{
093d04d4
DJ		 1469 u8 *hdr;
1470 struct ndisc_options ndopts;
1471 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
29a3cad5 1472 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
093d04d4
DJ		 1473 offsetof(struct rd_msg, opt));
1474
de357cc0 1475#ifdef CONFIG_IPV6_NDISC_NODETYPE
fadf6bf0
TF		 1476 switch (skb->ndisc_nodetype) {
1477 case NDISC_NODETYPE_HOST:
1478 case NDISC_NODETYPE_NODEFAULT:
675418d5
JP		 1479 ND_PRINTK(2, warn,
1480 "Redirect: from host or unauthorized router\n");
fadf6bf0
TF		 1481 return;
1482 }
de357cc0 1483#endif
fadf6bf0 1484
0660e03f 1485 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
675418d5
JP		 1486 ND_PRINTK(2, warn,
1487 "Redirect: source address is not link-local\n");
1da177e4
LT		 1488 return;
1489 }
1490
f997c55c 1491 if (!ndisc_parse_options(skb->dev, msg->opt, ndoptlen, &ndopts))
093d04d4
DJ		 1492 return;
1493
c92a59ec 1494 if (!ndopts.nd_opts_rh) {
b55b76b2
DJ		 1495 ip6_redirect_no_header(skb, dev_net(skb->dev),
1496 skb->dev->ifindex, 0);
093d04d4 1497 return;
c92a59ec 1498 }
093d04d4
DJ		 1499
1500 hdr = (u8 *)ndopts.nd_opts_rh;
1501 hdr += 8;
1502 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1503 return;
1504
b94f1c09 1505 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1da177e4
LT		 1506}
1507
5f5a0115
YH		 1508static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1509 struct sk_buff *orig_skb,
1510 int rd_len)
9c86dafe 1511{
5f5a0115
YH		 1512 u8 *opt = skb_put(skb, rd_len);
1513
9c86dafe
YH		 1514 memset(opt, 0, 8);
1515 *(opt++) = ND_OPT_REDIRECT_HDR;
1516 *(opt++) = (rd_len >> 3);
1517 opt += 6;
1518
1519 memcpy(opt, ipv6_hdr(orig_skb), rd_len - 8);
9c86dafe
YH		 1520}
1521
4991969a 1522void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1da177e4 1523{
1762f7e8 1524 struct net_device *dev = skb->dev;
c346dca1 1525 struct net *net = dev_net(dev);
1762f7e8 1526 struct sock *sk = net->ipv6.ndisc_sk;
2ce13576 1527 int optlen = 0;
fbfe95a4 1528 struct inet_peer *peer;
1da177e4 1529 struct sk_buff *buff;
71bcdba0 1530 struct rd_msg *msg;
1da177e4 1531 struct in6_addr saddr_buf;
1da177e4
LT		 1532 struct rt6_info *rt;
1533 struct dst_entry *dst;
4c9483b2 1534 struct flowi6 fl6;
1da177e4 1535 int rd_len;
f997c55c
AA		 1536 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL,
1537 ops_data_buf[NDISC_OPS_REDIRECT_DATA_SPACE], *ops_data = NULL;
1d861aa4 1538 bool ret;
1da177e4 1539
95c385b4 1540 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
675418d5
JP		 1541 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1542 dev->name);
1ab1457c
YH		 1543 return;
1544 }
1da177e4 1545
0660e03f 1546 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
bf0b48df 1547 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
675418d5
JP		 1548 ND_PRINTK(2, warn,
1549 "Redirect: target address is not link-local unicast\n");
29556526
LY		 1550 return;
1551 }
1552
4c9483b2 1553 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
e0d56fdd 1554 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1da177e4 1555
4c9483b2 1556 dst = ip6_route_output(net, NULL, &fl6);
5095d64d
RL		 1557 if (dst->error) {
1558 dst_release(dst);
1da177e4 1559 return;
5095d64d 1560 }
4c9483b2 1561 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
452edd59 1562 if (IS_ERR(dst))
1da177e4 1563 return;
1da177e4
LT		 1564
1565 rt = (struct rt6_info *) dst;
1566
1567 if (rt->rt6i_flags & RTF_GATEWAY) {
675418d5
JP		 1568 ND_PRINTK(2, warn,
1569 "Redirect: destination is not a neighbour\n");
d73f0801 1570 goto release;
1da177e4 1571 }
fd0273d7 1572 peer = inet_getpeer_v6(net->ipv6.peers, &ipv6_hdr(skb)->saddr, 1);
1d861aa4
DM		 1573 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1574 if (peer)
1575 inet_putpeer(peer);
1576 if (!ret)
d73f0801 1577 goto release;
1da177e4
LT		 1578
1579 if (dev->addr_len) {
4991969a
DM		 1580 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1581 if (!neigh) {
675418d5
JP		 1582 ND_PRINTK(2, warn,
1583 "Redirect: no neigh for target address\n");
4991969a
DM		 1584 goto release;
1585 }
1586
1da177e4
LT		 1587 read_lock_bh(&neigh->lock);
1588 if (neigh->nud_state & NUD_VALID) {
1589 memcpy(ha_buf, neigh->ha, dev->addr_len);
1590 read_unlock_bh(&neigh->lock);
1591 ha = ha_buf;
f997c55c
AA		 1592 optlen += ndisc_redirect_opt_addr_space(dev, neigh,
1593 ops_data_buf,
1594 &ops_data);
1da177e4
LT		 1595 } else
1596 read_unlock_bh(&neigh->lock);
4991969a
DM		 1597
1598 neigh_release(neigh);
1da177e4
LT		 1599 }
1600
1601 rd_len = min_t(unsigned int,
2ce13576
YH		 1602 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1603 skb->len + 8);
1da177e4 1604 rd_len &= ~0x7;
2ce13576 1605 optlen += rd_len;
1da177e4 1606
2ce13576 1607 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
de09334b 1608 if (!buff)
d73f0801 1609 goto release;
1da177e4 1610
4d5c152e
YH		 1611 msg = (struct rd_msg *)skb_put(buff, sizeof(*msg));
1612 *msg = (struct rd_msg) {
1613 .icmph = {
1614 .icmp6_type = NDISC_REDIRECT,
1615 },
1616 .target = *target,
1617 .dest = ipv6_hdr(skb)->daddr,
1618 };
1da177e4 1619
1da177e4
LT		 1620 /*
1621 * include target_address option
1622 */
1623
1624 if (ha)
f997c55c 1625 ndisc_fill_redirect_addr_option(buff, ha, ops_data);
1da177e4
LT		 1626
1627 /*
1628 * build redirect option and copy skb over to the new packet.
1629 */
1630
9c86dafe 1631 if (rd_len)
5f5a0115 1632 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1da177e4 1633
adf30907 1634 skb_dst_set(buff, dst);
f4de84c6 1635 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
d73f0801
IJ		 1636 return;
1637
1638release:
1639 dst_release(dst);
1da177e4
LT		 1640}
1641
1642static void pndisc_redo(struct sk_buff *skb)
1643{
140e26fc 1644 ndisc_recv_ns(skb);
1da177e4
LT		 1645 kfree_skb(skb);
1646}
1647
b800c3b9
HFS		 1648static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1649{
1650 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1651
1652 if (!idev)
1653 return true;
1654 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1655 idev->cnf.suppress_frag_ndisc) {
1656 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1657 return true;
1658 }
1659 return false;
1660}
1661
1da177e4
LT		 1662int ndisc_rcv(struct sk_buff *skb)
1663{
1664 struct nd_msg *msg;
1665
b800c3b9
HFS		 1666 if (ndisc_suppress_frag_ndisc(skb))
1667 return 0;
1668
6bce6b4e 1669 if (skb_linearize(skb))
1da177e4
LT		 1670 return 0;
1671
9c70220b 1672 msg = (struct nd_msg *)skb_transport_header(skb);
1da177e4 1673
9c70220b 1674 __skb_push(skb, skb->data - skb_transport_header(skb));
1da177e4 1675
0660e03f 1676 if (ipv6_hdr(skb)->hop_limit != 255) {
675418d5
JP		 1677 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1678 ipv6_hdr(skb)->hop_limit);
1da177e4
LT		 1679 return 0;
1680 }
1681
1682 if (msg->icmph.icmp6_code != 0) {
675418d5
JP		 1683 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1684 msg->icmph.icmp6_code);
1da177e4
LT		 1685 return 0;
1686 }
1687
a61bbcf2
PM		 1688 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1689
1da177e4
LT		 1690 switch (msg->icmph.icmp6_type) {
1691 case NDISC_NEIGHBOUR_SOLICITATION:
1692 ndisc_recv_ns(skb);
1693 break;
1694
1695 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1696 ndisc_recv_na(skb);
1697 break;
1698
1699 case NDISC_ROUTER_SOLICITATION:
1700 ndisc_recv_rs(skb);
1701 break;
1702
1703 case NDISC_ROUTER_ADVERTISEMENT:
1704 ndisc_router_discovery(skb);
1705 break;
1706
1707 case NDISC_REDIRECT:
1708 ndisc_redirect_rcv(skb);
1709 break;
3ff50b79 1710 }
1da177e4
LT		 1711
1712 return 0;
1713}
1714
1715static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1716{
351638e7 1717 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
c8507fb2 1718 struct netdev_notifier_change_info *change_info;
c346dca1 1719 struct net *net = dev_net(dev);
5cb04436 1720 struct inet6_dev *idev;
1da177e4
LT		 1721
1722 switch (event) {
1723 case NETDEV_CHANGEADDR:
1724 neigh_changeaddr(&nd_tbl, dev);
2ac3ac8f 1725 fib6_run_gc(0, net, false);
5cb04436
HFS		 1726 idev = in6_dev_get(dev);
1727 if (!idev)
1728 break;
1729 if (idev->cnf.ndisc_notify)
1730 ndisc_send_unsol_na(dev);
1731 in6_dev_put(idev);
1da177e4 1732 break;
c8507fb2
ED		 1733 case NETDEV_CHANGE:
1734 change_info = ptr;
1735 if (change_info->flags_changed & IFF_NOARP)
1736 neigh_changeaddr(&nd_tbl, dev);
1737 break;
1da177e4
LT		 1738 case NETDEV_DOWN:
1739 neigh_ifdown(&nd_tbl, dev);
2ac3ac8f 1740 fib6_run_gc(0, net, false);
1da177e4 1741 break;
f47b9464
BH		 1742 case NETDEV_NOTIFY_PEERS:
1743 ndisc_send_unsol_na(dev);
1744 break;
1da177e4
LT		 1745 default:
1746 break;
1747 }
1748
1749 return NOTIFY_DONE;
1750}
1751
1752static struct notifier_block ndisc_netdev_notifier = {
1753 .notifier_call = ndisc_netdev_event,
1754};
1755
1756#ifdef CONFIG_SYSCTL
1757static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1758 const char *func, const char *dev_name)
1759{
1760 static char warncomm[TASK_COMM_LEN];
1761 static int warned;
1762 if (strcmp(warncomm, current->comm) && warned < 5) {
1763 strcpy(warncomm, current->comm);
f3213831 1764 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1da177e4
LT		 1765 warncomm, func,
1766 dev_name, ctl->procname,
1767 dev_name, ctl->procname);
1768 warned++;
1769 }
1770}
1771
8d65af78 1772int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1da177e4
LT		 1773{
1774 struct net_device *dev = ctl->extra1;
1775 struct inet6_dev *idev;
1776 int ret;
1777
d12af679
EB		 1778 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1779 (strcmp(ctl->procname, "base_reachable_time") == 0))
1da177e4
LT		 1780 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1781
d12af679 1782 if (strcmp(ctl->procname, "retrans_time") == 0)
cb5b09c1 1783 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
d12af679
EB		 1784
1785 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
cb5b09c1
JP		 1786 ret = neigh_proc_dointvec_jiffies(ctl, write,
1787 buffer, lenp, ppos);
d12af679
EB		 1788
1789 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
ad02ac14 1790 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
cb5b09c1
JP		 1791 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1792 buffer, lenp, ppos);
d12af679 1793 else
1da177e4 1794 ret = -1;
1da177e4
LT		 1795
1796 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1f9248e5
JP		 1797 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1798 idev->nd_parms->reachable_time =
1799 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1da177e4
LT		 1800 idev->tstamp = jiffies;
1801 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1802 in6_dev_put(idev);
1803 }
1804 return ret;
1805}
1806
1da177e4
LT		 1807
1808#endif
1809
2c8c1e72 1810static int __net_init ndisc_net_init(struct net *net)
1da177e4
LT		 1811{
1812 struct ipv6_pinfo *np;
1813 struct sock *sk;
1ab1457c 1814 int err;
1da177e4 1815
1ed8516f
DL		 1816 err = inet_ctl_sock_create(&sk, PF_INET6,
1817 SOCK_RAW, IPPROTO_ICMPV6, net);
1da177e4 1818 if (err < 0) {
675418d5
JP		 1819 ND_PRINTK(0, err,
1820 "NDISC: Failed to initialize the control socket (err %d)\n",
1821 err);
1da177e4
LT		 1822 return err;
1823 }
1824
1ed8516f 1825 net->ipv6.ndisc_sk = sk;
1762f7e8 1826
1da177e4 1827 np = inet6_sk(sk);
1da177e4
LT		 1828 np->hop_limit = 255;
1829 /* Do not loopback ndisc messages */
1830 np->mc_loop = 0;
1da177e4 1831
1762f7e8
DL		 1832 return 0;
1833}
1834
2c8c1e72 1835static void __net_exit ndisc_net_exit(struct net *net)
1762f7e8 1836{
1ed8516f 1837 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1762f7e8
DL		 1838}
1839
1840static struct pernet_operations ndisc_net_ops = {
1841 .init = ndisc_net_init,
1842 .exit = ndisc_net_exit,
1843};
1844
1845int __init ndisc_init(void)
1846{
1847 int err;
1848
1849 err = register_pernet_subsys(&ndisc_net_ops);
1850 if (err)
1851 return err;
1ab1457c
YH		 1852 /*
1853 * Initialize the neighbour table
1854 */
d7480fd3 1855 neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1da177e4
LT		 1856
1857#ifdef CONFIG_SYSCTL
73af614a 1858 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
56ec0fb1 1859 ndisc_ifinfo_sysctl_change);
1762f7e8
DL		 1860 if (err)
1861 goto out_unregister_pernet;
1762f7e8 1862out:
bcd081a3 1863#endif
1762f7e8 1864 return err;
1da177e4 1865
1762f7e8 1866#ifdef CONFIG_SYSCTL
1762f7e8 1867out_unregister_pernet:
1762f7e8
DL		 1868 unregister_pernet_subsys(&ndisc_net_ops);
1869 goto out;
2c861cc6 1870#endif
1da177e4
LT		 1871}
1872
2c861cc6
MK		 1873int __init ndisc_late_init(void)
1874{
1875 return register_netdevice_notifier(&ndisc_netdev_notifier);
1876}
1877
1878void ndisc_late_cleanup(void)
1da177e4 1879{
36f73d0c 1880 unregister_netdevice_notifier(&ndisc_netdev_notifier);
2c861cc6
MK		 1881}
1882
1883void ndisc_cleanup(void)
1884{
1da177e4
LT		 1885#ifdef CONFIG_SYSCTL
1886 neigh_sysctl_unregister(&nd_tbl.parms);
1887#endif
d7480fd3 1888 neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1762f7e8 1889 unregister_pernet_subsys(&ndisc_net_ops);
1da177e4 1890}
Linux 6.x block layer and io_uring tree(s)