2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
30 #define pr_fmt(fmt) "ICMPv6: " fmt
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
45 #include <linux/sysctl.h>
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
75 /* Set to 3 to get tracing... */
78 #define ND_PRINTK(val, level, fmt, ...) \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
84 static u32 ndisc_hash(const void *pkey,
85 const struct net_device *dev,
87 static int ndisc_constructor(struct neighbour *neigh);
88 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
89 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
90 static int pndisc_constructor(struct pneigh_entry *n);
91 static void pndisc_destructor(struct pneigh_entry *n);
92 static void pndisc_redo(struct sk_buff *skb);
94 static const struct neigh_ops ndisc_generic_ops = {
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_connected_output,
102 static const struct neigh_ops ndisc_hh_ops = {
104 .solicit = ndisc_solicit,
105 .error_report = ndisc_error_report,
106 .output = neigh_resolve_output,
107 .connected_output = neigh_resolve_output,
111 static const struct neigh_ops ndisc_direct_ops = {
113 .output = neigh_direct_output,
114 .connected_output = neigh_direct_output,
117 struct neigh_table nd_tbl = {
119 .key_len = sizeof(struct in6_addr),
120 .protocol = cpu_to_be16(ETH_P_IPV6),
122 .constructor = ndisc_constructor,
123 .pconstructor = pndisc_constructor,
124 .pdestructor = pndisc_destructor,
125 .proxy_redo = pndisc_redo,
129 .reachable_time = ND_REACHABLE_TIME,
131 [NEIGH_VAR_MCAST_PROBES] = 3,
132 [NEIGH_VAR_UCAST_PROBES] = 3,
133 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
134 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
135 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
136 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
137 [NEIGH_VAR_QUEUE_LEN_BYTES] = 64 * 1024,
138 [NEIGH_VAR_PROXY_QLEN] = 64,
139 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
140 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
143 .gc_interval = 30 * HZ,
149 static void ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data)
151 int pad = ndisc_addr_option_pad(skb->dev->type);
152 int data_len = skb->dev->addr_len;
153 int space = ndisc_opt_addr_space(skb->dev);
154 u8 *opt = skb_put(skb, space);
159 memset(opt + 2, 0, pad);
163 memcpy(opt+2, data, data_len);
168 memset(opt, 0, space);
171 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
172 struct nd_opt_hdr *end)
175 if (!cur || !end || cur >= end)
177 type = cur->nd_opt_type;
179 cur = ((void *)cur) + (cur->nd_opt_len << 3);
180 } while (cur < end && cur->nd_opt_type != type);
181 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
184 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
186 return opt->nd_opt_type == ND_OPT_RDNSS ||
187 opt->nd_opt_type == ND_OPT_DNSSL;
190 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
191 struct nd_opt_hdr *end)
193 if (!cur || !end || cur >= end)
196 cur = ((void *)cur) + (cur->nd_opt_len << 3);
197 } while (cur < end && !ndisc_is_useropt(cur));
198 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
201 struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
202 struct ndisc_options *ndopts)
204 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
206 if (!nd_opt || opt_len < 0 || !ndopts)
208 memset(ndopts, 0, sizeof(*ndopts));
211 if (opt_len < sizeof(struct nd_opt_hdr))
213 l = nd_opt->nd_opt_len << 3;
214 if (opt_len < l || l == 0)
216 switch (nd_opt->nd_opt_type) {
217 case ND_OPT_SOURCE_LL_ADDR:
218 case ND_OPT_TARGET_LL_ADDR:
220 case ND_OPT_REDIRECT_HDR:
221 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
223 "%s: duplicated ND6 option found: type=%d\n",
224 __func__, nd_opt->nd_opt_type);
226 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
229 case ND_OPT_PREFIX_INFO:
230 ndopts->nd_opts_pi_end = nd_opt;
231 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
232 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
234 #ifdef CONFIG_IPV6_ROUTE_INFO
235 case ND_OPT_ROUTE_INFO:
236 ndopts->nd_opts_ri_end = nd_opt;
237 if (!ndopts->nd_opts_ri)
238 ndopts->nd_opts_ri = nd_opt;
242 if (ndisc_is_useropt(nd_opt)) {
243 ndopts->nd_useropts_end = nd_opt;
244 if (!ndopts->nd_useropts)
245 ndopts->nd_useropts = nd_opt;
248 * Unknown options must be silently ignored,
249 * to accommodate future extension to the
253 "%s: ignored unsupported option; type=%d, len=%d\n",
260 nd_opt = ((void *)nd_opt) + l;
265 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
269 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
271 ipv6_eth_mc_map(addr, buf);
274 ipv6_arcnet_mc_map(addr, buf);
276 case ARPHRD_INFINIBAND:
277 ipv6_ib_mc_map(addr, dev->broadcast, buf);
280 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
283 memcpy(buf, dev->broadcast, dev->addr_len);
289 EXPORT_SYMBOL(ndisc_mc_map);
291 static u32 ndisc_hash(const void *pkey,
292 const struct net_device *dev,
295 return ndisc_hashfn(pkey, dev, hash_rnd);
298 static int ndisc_constructor(struct neighbour *neigh)
300 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
301 struct net_device *dev = neigh->dev;
302 struct inet6_dev *in6_dev;
303 struct neigh_parms *parms;
304 bool is_multicast = ipv6_addr_is_multicast(addr);
306 in6_dev = in6_dev_get(dev);
307 if (in6_dev == NULL) {
311 parms = in6_dev->nd_parms;
312 __neigh_parms_put(neigh->parms);
313 neigh->parms = neigh_parms_clone(parms);
315 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
316 if (!dev->header_ops) {
317 neigh->nud_state = NUD_NOARP;
318 neigh->ops = &ndisc_direct_ops;
319 neigh->output = neigh_direct_output;
322 neigh->nud_state = NUD_NOARP;
323 ndisc_mc_map(addr, neigh->ha, dev, 1);
324 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
325 neigh->nud_state = NUD_NOARP;
326 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
327 if (dev->flags&IFF_LOOPBACK)
328 neigh->type = RTN_LOCAL;
329 } else if (dev->flags&IFF_POINTOPOINT) {
330 neigh->nud_state = NUD_NOARP;
331 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
333 if (dev->header_ops->cache)
334 neigh->ops = &ndisc_hh_ops;
336 neigh->ops = &ndisc_generic_ops;
337 if (neigh->nud_state&NUD_VALID)
338 neigh->output = neigh->ops->connected_output;
340 neigh->output = neigh->ops->output;
342 in6_dev_put(in6_dev);
346 static int pndisc_constructor(struct pneigh_entry *n)
348 struct in6_addr *addr = (struct in6_addr *)&n->key;
349 struct in6_addr maddr;
350 struct net_device *dev = n->dev;
352 if (dev == NULL || __in6_dev_get(dev) == NULL)
354 addrconf_addr_solict_mult(addr, &maddr);
355 ipv6_dev_mc_inc(dev, &maddr);
359 static void pndisc_destructor(struct pneigh_entry *n)
361 struct in6_addr *addr = (struct in6_addr *)&n->key;
362 struct in6_addr maddr;
363 struct net_device *dev = n->dev;
365 if (dev == NULL || __in6_dev_get(dev) == NULL)
367 addrconf_addr_solict_mult(addr, &maddr);
368 ipv6_dev_mc_dec(dev, &maddr);
371 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
374 int hlen = LL_RESERVED_SPACE(dev);
375 int tlen = dev->needed_tailroom;
376 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
379 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
381 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
386 skb->protocol = htons(ETH_P_IPV6);
389 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
390 skb_reset_transport_header(skb);
392 /* Manually assign socket ownership as we avoid calling
393 * sock_alloc_send_pskb() to bypass wmem buffer limits
395 skb_set_owner_w(skb, sk);
400 static void ip6_nd_hdr(struct sk_buff *skb,
401 const struct in6_addr *saddr,
402 const struct in6_addr *daddr,
403 int hop_limit, int len)
407 skb_push(skb, sizeof(*hdr));
408 skb_reset_network_header(skb);
411 ip6_flow_hdr(hdr, 0, 0);
413 hdr->payload_len = htons(len);
414 hdr->nexthdr = IPPROTO_ICMPV6;
415 hdr->hop_limit = hop_limit;
421 static void ndisc_send_skb(struct sk_buff *skb,
422 const struct in6_addr *daddr,
423 const struct in6_addr *saddr)
425 struct dst_entry *dst = skb_dst(skb);
426 struct net *net = dev_net(skb->dev);
427 struct sock *sk = net->ipv6.ndisc_sk;
428 struct inet6_dev *idev;
430 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
433 type = icmp6h->icmp6_type;
438 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, skb->dev->ifindex);
439 dst = icmp6_dst_alloc(skb->dev, &fl6);
445 skb_dst_set(skb, dst);
448 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
453 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
456 idev = __in6_dev_get(dst->dev);
457 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
459 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
462 ICMP6MSGOUT_INC_STATS(net, idev, type);
463 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
469 void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
470 const struct in6_addr *daddr,
471 const struct in6_addr *solicited_addr,
472 bool router, bool solicited, bool override, bool inc_opt)
475 struct in6_addr tmpaddr;
476 struct inet6_ifaddr *ifp;
477 const struct in6_addr *src_addr;
481 /* for anycast or proxy, solicited_addr != src_addr */
482 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
484 src_addr = solicited_addr;
485 if (ifp->flags & IFA_F_OPTIMISTIC)
487 inc_opt |= ifp->idev->cnf.force_tllao;
490 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
491 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
500 optlen += ndisc_opt_addr_space(dev);
502 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
506 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
507 *msg = (struct nd_msg) {
509 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
510 .icmp6_router = router,
511 .icmp6_solicited = solicited,
512 .icmp6_override = override,
514 .target = *solicited_addr,
518 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
522 ndisc_send_skb(skb, daddr, src_addr);
525 static void ndisc_send_unsol_na(struct net_device *dev)
527 struct inet6_dev *idev;
528 struct inet6_ifaddr *ifa;
530 idev = in6_dev_get(dev);
534 read_lock_bh(&idev->lock);
535 list_for_each_entry(ifa, &idev->addr_list, if_list) {
536 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &ifa->addr,
537 /*router=*/ !!idev->cnf.forwarding,
538 /*solicited=*/ false, /*override=*/ true,
541 read_unlock_bh(&idev->lock);
546 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
547 const struct in6_addr *solicit,
548 const struct in6_addr *daddr, const struct in6_addr *saddr)
551 struct in6_addr addr_buf;
552 int inc_opt = dev->addr_len;
557 if (ipv6_get_lladdr(dev, &addr_buf,
558 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
563 if (ipv6_addr_any(saddr))
566 optlen += ndisc_opt_addr_space(dev);
568 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
572 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
573 *msg = (struct nd_msg) {
575 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
581 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
584 ndisc_send_skb(skb, daddr, saddr);
587 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
588 const struct in6_addr *daddr)
592 int send_sllao = dev->addr_len;
595 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
597 * According to section 2.2 of RFC 4429, we must not
598 * send router solicitations with a sllao from
599 * optimistic addresses, but we may send the solicitation
600 * if we don't include the sllao. So here we check
601 * if our address is optimistic, and if so, we
602 * suppress the inclusion of the sllao.
605 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
608 if (ifp->flags & IFA_F_OPTIMISTIC) {
618 optlen += ndisc_opt_addr_space(dev);
620 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
624 msg = (struct rs_msg *)skb_put(skb, sizeof(*msg));
625 *msg = (struct rs_msg) {
627 .icmp6_type = NDISC_ROUTER_SOLICITATION,
632 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
635 ndisc_send_skb(skb, daddr, saddr);
639 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
642 * "The sender MUST return an ICMP
643 * destination unreachable"
645 dst_link_failure(skb);
649 /* Called with locked neigh: either read or both */
651 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
653 struct in6_addr *saddr = NULL;
654 struct in6_addr mcaddr;
655 struct net_device *dev = neigh->dev;
656 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
657 int probes = atomic_read(&neigh->probes);
659 if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
661 IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
662 saddr = &ipv6_hdr(skb)->saddr;
663 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
665 if (!(neigh->nud_state & NUD_VALID)) {
667 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
670 ndisc_send_ns(dev, neigh, target, target, saddr);
671 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
674 addrconf_addr_solict_mult(target, &mcaddr);
675 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
679 static int pndisc_is_router(const void *pkey,
680 struct net_device *dev)
682 struct pneigh_entry *n;
685 read_lock_bh(&nd_tbl.lock);
686 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
688 ret = !!(n->flags & NTF_ROUTER);
689 read_unlock_bh(&nd_tbl.lock);
694 static void ndisc_recv_ns(struct sk_buff *skb)
696 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
697 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
698 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
700 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
701 offsetof(struct nd_msg, opt));
702 struct ndisc_options ndopts;
703 struct net_device *dev = skb->dev;
704 struct inet6_ifaddr *ifp;
705 struct inet6_dev *idev = NULL;
706 struct neighbour *neigh;
707 int dad = ipv6_addr_any(saddr);
711 if (skb->len < sizeof(struct nd_msg)) {
712 ND_PRINTK(2, warn, "NS: packet too short\n");
716 if (ipv6_addr_is_multicast(&msg->target)) {
717 ND_PRINTK(2, warn, "NS: multicast target address\n");
723 * DAD has to be destined for solicited node multicast address.
725 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
726 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
730 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
731 ND_PRINTK(2, warn, "NS: invalid ND options\n");
735 if (ndopts.nd_opts_src_lladdr) {
736 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
739 "NS: invalid link-layer address length\n");
744 * If the IP source address is the unspecified address,
745 * there MUST NOT be source link-layer address option
750 "NS: bad DAD packet (link-layer address option)\n");
755 inc = ipv6_addr_is_multicast(daddr);
757 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
760 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
763 * We are colliding with another node
765 * so fail our DAD process
767 addrconf_dad_failure(ifp);
771 * This is not a dad solicitation.
772 * If we are an optimistic node,
774 * Otherwise, we should ignore it.
776 if (!(ifp->flags & IFA_F_OPTIMISTIC))
783 struct net *net = dev_net(dev);
785 idev = in6_dev_get(dev);
787 /* XXX: count this drop? */
791 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
792 (idev->cnf.forwarding &&
793 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
794 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
795 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
796 skb->pkt_type != PACKET_HOST &&
798 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
800 * for anycast or proxy,
801 * sender should delay its response
802 * by a random time between 0 and
803 * MAX_ANYCAST_DELAY_TIME seconds.
804 * (RFC2461) -- yoshfuji
806 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
808 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
816 is_router = idev->cnf.forwarding;
819 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
820 !!is_router, false, (ifp != NULL), true);
825 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
827 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
830 * update / create cache entry
831 * for the source address
833 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
834 !inc || lladdr || !dev->addr_len);
836 neigh_update(neigh, lladdr, NUD_STALE,
837 NEIGH_UPDATE_F_WEAK_OVERRIDE|
838 NEIGH_UPDATE_F_OVERRIDE);
839 if (neigh || !dev->header_ops) {
840 ndisc_send_na(dev, neigh, saddr, &msg->target,
842 true, (ifp != NULL && inc), inc);
844 neigh_release(neigh);
854 static void ndisc_recv_na(struct sk_buff *skb)
856 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
857 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
858 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
860 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
861 offsetof(struct nd_msg, opt));
862 struct ndisc_options ndopts;
863 struct net_device *dev = skb->dev;
864 struct inet6_ifaddr *ifp;
865 struct neighbour *neigh;
867 if (skb->len < sizeof(struct nd_msg)) {
868 ND_PRINTK(2, warn, "NA: packet too short\n");
872 if (ipv6_addr_is_multicast(&msg->target)) {
873 ND_PRINTK(2, warn, "NA: target address is multicast\n");
877 if (ipv6_addr_is_multicast(daddr) &&
878 msg->icmph.icmp6_solicited) {
879 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
883 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
884 ND_PRINTK(2, warn, "NS: invalid ND option\n");
887 if (ndopts.nd_opts_tgt_lladdr) {
888 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
891 "NA: invalid link-layer address length\n");
895 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
897 if (skb->pkt_type != PACKET_LOOPBACK
898 && (ifp->flags & IFA_F_TENTATIVE)) {
899 addrconf_dad_failure(ifp);
902 /* What should we make now? The advertisement
903 is invalid, but ndisc specs say nothing
904 about it. It could be misconfiguration, or
905 an smart proxy agent tries to help us :-)
907 We should not print the error if NA has been
908 received from loopback - it is just our own
909 unsolicited advertisement.
911 if (skb->pkt_type != PACKET_LOOPBACK)
913 "NA: someone advertises our address %pI6 on %s!\n",
914 &ifp->addr, ifp->idev->dev->name);
918 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
921 u8 old_flags = neigh->flags;
922 struct net *net = dev_net(dev);
924 if (neigh->nud_state & NUD_FAILED)
928 * Don't update the neighbor cache entry on a proxy NA from
929 * ourselves because either the proxied node is off link or it
930 * has already sent a NA to us.
932 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
933 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
934 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
935 /* XXX: idev->cnf.proxy_ndp */
939 neigh_update(neigh, lladdr,
940 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
941 NEIGH_UPDATE_F_WEAK_OVERRIDE|
942 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
943 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
944 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
946 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
948 * Change: router to host
950 rt6_clean_tohost(dev_net(dev), saddr);
954 neigh_release(neigh);
958 static void ndisc_recv_rs(struct sk_buff *skb)
960 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
961 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
962 struct neighbour *neigh;
963 struct inet6_dev *idev;
964 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
965 struct ndisc_options ndopts;
968 if (skb->len < sizeof(*rs_msg))
971 idev = __in6_dev_get(skb->dev);
973 ND_PRINTK(1, err, "RS: can't find in6 device\n");
977 /* Don't accept RS if we're not in router mode */
978 if (!idev->cnf.forwarding)
982 * Don't update NCE if src = ::;
983 * this implies that the source node has no ip address assigned yet.
985 if (ipv6_addr_any(saddr))
988 /* Parse ND options */
989 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
990 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
994 if (ndopts.nd_opts_src_lladdr) {
995 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1001 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1003 neigh_update(neigh, lladdr, NUD_STALE,
1004 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1005 NEIGH_UPDATE_F_OVERRIDE|
1006 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1007 neigh_release(neigh);
1013 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1015 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1016 struct sk_buff *skb;
1017 struct nlmsghdr *nlh;
1018 struct nduseroptmsg *ndmsg;
1019 struct net *net = dev_net(ra->dev);
1021 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1022 + (opt->nd_opt_len << 3));
1023 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1025 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1031 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1033 goto nla_put_failure;
1036 ndmsg = nlmsg_data(nlh);
1037 ndmsg->nduseropt_family = AF_INET6;
1038 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1039 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1040 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1041 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1043 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1045 if (nla_put(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1046 &ipv6_hdr(ra)->saddr))
1047 goto nla_put_failure;
1048 nlmsg_end(skb, nlh);
1050 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1057 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1060 static void ndisc_router_discovery(struct sk_buff *skb)
1062 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1063 struct neighbour *neigh = NULL;
1064 struct inet6_dev *in6_dev;
1065 struct rt6_info *rt = NULL;
1067 struct ndisc_options ndopts;
1069 unsigned int pref = 0;
1071 __u8 *opt = (__u8 *)(ra_msg + 1);
1073 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1074 sizeof(struct ra_msg);
1077 "RA: %s, dev: %s\n",
1078 __func__, skb->dev->name);
1079 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1080 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1084 ND_PRINTK(2, warn, "RA: packet too short\n");
1088 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1089 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1090 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1096 * set the RA_RECV flag in the interface
1099 in6_dev = __in6_dev_get(skb->dev);
1100 if (in6_dev == NULL) {
1101 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1106 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1107 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1111 if (!ipv6_accept_ra(in6_dev)) {
1113 "RA: %s, did not accept ra for dev: %s\n",
1114 __func__, skb->dev->name);
1115 goto skip_linkparms;
1118 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1119 /* skip link-specific parameters from interior routers */
1120 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1122 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1123 __func__, skb->dev->name);
1124 goto skip_linkparms;
1128 if (in6_dev->if_flags & IF_RS_SENT) {
1130 * flag that an RA was received after an RS was sent
1131 * out on this interface.
1133 in6_dev->if_flags |= IF_RA_RCVD;
1137 * Remember the managed/otherconf flags from most recently
1138 * received RA message (RFC 2462) -- yoshfuji
1140 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1142 (ra_msg->icmph.icmp6_addrconf_managed ?
1143 IF_RA_MANAGED : 0) |
1144 (ra_msg->icmph.icmp6_addrconf_other ?
1145 IF_RA_OTHERCONF : 0);
1147 if (!in6_dev->cnf.accept_ra_defrtr) {
1149 "RA: %s, defrtr is false for dev: %s\n",
1150 __func__, skb->dev->name);
1154 /* Do not accept RA with source-addr found on local machine unless
1155 * accept_ra_from_local is set to true.
1157 if (!in6_dev->cnf.accept_ra_from_local &&
1158 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1161 "RA from local address detected on dev: %s: default router ignored\n",
1166 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1168 #ifdef CONFIG_IPV6_ROUTER_PREF
1169 pref = ra_msg->icmph.icmp6_router_pref;
1170 /* 10b is handled as if it were 00b (medium) */
1171 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1172 !in6_dev->cnf.accept_ra_rtr_pref)
1173 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1176 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1179 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1182 "RA: %s got default router without neighbour\n",
1188 if (rt && lifetime == 0) {
1193 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1194 rt, lifetime, skb->dev->name);
1195 if (rt == NULL && lifetime) {
1196 ND_PRINTK(3, info, "RA: adding default router\n");
1198 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1201 "RA: %s failed to add default route\n",
1206 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1207 if (neigh == NULL) {
1209 "RA: %s got default router without neighbour\n",
1214 neigh->flags |= NTF_ROUTER;
1216 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1220 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1221 if (ra_msg->icmph.icmp6_hop_limit) {
1222 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1224 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1225 ra_msg->icmph.icmp6_hop_limit);
1231 * Update Reachable Time and Retrans Timer
1234 if (in6_dev->nd_parms) {
1235 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1237 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1238 rtime = (rtime*HZ)/1000;
1241 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1242 in6_dev->tstamp = jiffies;
1243 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1246 rtime = ntohl(ra_msg->reachable_time);
1247 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1248 rtime = (rtime*HZ)/1000;
1253 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1254 NEIGH_VAR_SET(in6_dev->nd_parms,
1255 BASE_REACHABLE_TIME, rtime);
1256 NEIGH_VAR_SET(in6_dev->nd_parms,
1257 GC_STALETIME, 3 * rtime);
1258 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1259 in6_dev->tstamp = jiffies;
1260 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1272 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1276 if (ndopts.nd_opts_src_lladdr) {
1277 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1281 "RA: invalid link-layer address length\n");
1285 neigh_update(neigh, lladdr, NUD_STALE,
1286 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1287 NEIGH_UPDATE_F_OVERRIDE|
1288 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1289 NEIGH_UPDATE_F_ISROUTER);
1292 if (!ipv6_accept_ra(in6_dev)) {
1294 "RA: %s, accept_ra is false for dev: %s\n",
1295 __func__, skb->dev->name);
1299 #ifdef CONFIG_IPV6_ROUTE_INFO
1300 if (!in6_dev->cnf.accept_ra_from_local &&
1301 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1304 "RA from local address detected on dev: %s: router info ignored.\n",
1306 goto skip_routeinfo;
1309 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1310 struct nd_opt_hdr *p;
1311 for (p = ndopts.nd_opts_ri;
1313 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1314 struct route_info *ri = (struct route_info *)p;
1315 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1316 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1317 ri->prefix_len == 0)
1320 if (ri->prefix_len == 0 &&
1321 !in6_dev->cnf.accept_ra_defrtr)
1323 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1325 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1326 &ipv6_hdr(skb)->saddr);
1333 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1334 /* skip link-specific ndopts from interior routers */
1335 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1337 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1338 __func__, skb->dev->name);
1343 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1344 struct nd_opt_hdr *p;
1345 for (p = ndopts.nd_opts_pi;
1347 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1348 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1349 (p->nd_opt_len) << 3,
1350 ndopts.nd_opts_src_lladdr != NULL);
1354 if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1358 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1361 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1362 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1363 } else if (in6_dev->cnf.mtu6 != mtu) {
1364 in6_dev->cnf.mtu6 = mtu;
1367 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1369 rt6_mtu_change(skb->dev, mtu);
1373 if (ndopts.nd_useropts) {
1374 struct nd_opt_hdr *p;
1375 for (p = ndopts.nd_useropts;
1377 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1378 ndisc_ra_useropt(skb, p);
1382 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1383 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1388 neigh_release(neigh);
1391 static void ndisc_redirect_rcv(struct sk_buff *skb)
1394 struct ndisc_options ndopts;
1395 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1396 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1397 offsetof(struct rd_msg, opt));
1399 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1400 switch (skb->ndisc_nodetype) {
1401 case NDISC_NODETYPE_HOST:
1402 case NDISC_NODETYPE_NODEFAULT:
1404 "Redirect: from host or unauthorized router\n");
1409 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1411 "Redirect: source address is not link-local\n");
1415 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts))
1418 if (!ndopts.nd_opts_rh) {
1419 ip6_redirect_no_header(skb, dev_net(skb->dev),
1420 skb->dev->ifindex, 0);
1424 hdr = (u8 *)ndopts.nd_opts_rh;
1426 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1429 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1432 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1433 struct sk_buff *orig_skb,
1436 u8 *opt = skb_put(skb, rd_len);
1439 *(opt++) = ND_OPT_REDIRECT_HDR;
1440 *(opt++) = (rd_len >> 3);
1443 memcpy(opt, ipv6_hdr(orig_skb), rd_len - 8);
1446 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1448 struct net_device *dev = skb->dev;
1449 struct net *net = dev_net(dev);
1450 struct sock *sk = net->ipv6.ndisc_sk;
1452 struct inet_peer *peer;
1453 struct sk_buff *buff;
1455 struct in6_addr saddr_buf;
1456 struct rt6_info *rt;
1457 struct dst_entry *dst;
1460 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1463 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1464 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1469 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1470 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1472 "Redirect: target address is not link-local unicast\n");
1476 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1477 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1479 dst = ip6_route_output(net, NULL, &fl6);
1484 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1488 rt = (struct rt6_info *) dst;
1490 if (rt->rt6i_flags & RTF_GATEWAY) {
1492 "Redirect: destination is not a neighbour\n");
1495 peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
1496 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1502 if (dev->addr_len) {
1503 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1506 "Redirect: no neigh for target address\n");
1510 read_lock_bh(&neigh->lock);
1511 if (neigh->nud_state & NUD_VALID) {
1512 memcpy(ha_buf, neigh->ha, dev->addr_len);
1513 read_unlock_bh(&neigh->lock);
1515 optlen += ndisc_opt_addr_space(dev);
1517 read_unlock_bh(&neigh->lock);
1519 neigh_release(neigh);
1522 rd_len = min_t(unsigned int,
1523 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1528 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1532 msg = (struct rd_msg *)skb_put(buff, sizeof(*msg));
1533 *msg = (struct rd_msg) {
1535 .icmp6_type = NDISC_REDIRECT,
1538 .dest = ipv6_hdr(skb)->daddr,
1542 * include target_address option
1546 ndisc_fill_addr_option(buff, ND_OPT_TARGET_LL_ADDR, ha);
1549 * build redirect option and copy skb over to the new packet.
1553 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1555 skb_dst_set(buff, dst);
1556 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1563 static void pndisc_redo(struct sk_buff *skb)
1569 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1571 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1575 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1576 idev->cnf.suppress_frag_ndisc) {
1577 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1583 int ndisc_rcv(struct sk_buff *skb)
1587 if (ndisc_suppress_frag_ndisc(skb))
1590 if (skb_linearize(skb))
1593 msg = (struct nd_msg *)skb_transport_header(skb);
1595 __skb_push(skb, skb->data - skb_transport_header(skb));
1597 if (ipv6_hdr(skb)->hop_limit != 255) {
1598 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1599 ipv6_hdr(skb)->hop_limit);
1603 if (msg->icmph.icmp6_code != 0) {
1604 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1605 msg->icmph.icmp6_code);
1609 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1611 switch (msg->icmph.icmp6_type) {
1612 case NDISC_NEIGHBOUR_SOLICITATION:
1616 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1620 case NDISC_ROUTER_SOLICITATION:
1624 case NDISC_ROUTER_ADVERTISEMENT:
1625 ndisc_router_discovery(skb);
1628 case NDISC_REDIRECT:
1629 ndisc_redirect_rcv(skb);
1636 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1638 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1639 struct net *net = dev_net(dev);
1640 struct inet6_dev *idev;
1643 case NETDEV_CHANGEADDR:
1644 neigh_changeaddr(&nd_tbl, dev);
1645 fib6_run_gc(0, net, false);
1646 idev = in6_dev_get(dev);
1649 if (idev->cnf.ndisc_notify)
1650 ndisc_send_unsol_na(dev);
1654 neigh_ifdown(&nd_tbl, dev);
1655 fib6_run_gc(0, net, false);
1657 case NETDEV_NOTIFY_PEERS:
1658 ndisc_send_unsol_na(dev);
1667 static struct notifier_block ndisc_netdev_notifier = {
1668 .notifier_call = ndisc_netdev_event,
1671 #ifdef CONFIG_SYSCTL
1672 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1673 const char *func, const char *dev_name)
1675 static char warncomm[TASK_COMM_LEN];
1677 if (strcmp(warncomm, current->comm) && warned < 5) {
1678 strcpy(warncomm, current->comm);
1679 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1681 dev_name, ctl->procname,
1682 dev_name, ctl->procname);
1687 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1689 struct net_device *dev = ctl->extra1;
1690 struct inet6_dev *idev;
1693 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1694 (strcmp(ctl->procname, "base_reachable_time") == 0))
1695 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1697 if (strcmp(ctl->procname, "retrans_time") == 0)
1698 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1700 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1701 ret = neigh_proc_dointvec_jiffies(ctl, write,
1702 buffer, lenp, ppos);
1704 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1705 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1706 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1707 buffer, lenp, ppos);
1711 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1712 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1713 idev->nd_parms->reachable_time =
1714 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1715 idev->tstamp = jiffies;
1716 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1725 static int __net_init ndisc_net_init(struct net *net)
1727 struct ipv6_pinfo *np;
1731 err = inet_ctl_sock_create(&sk, PF_INET6,
1732 SOCK_RAW, IPPROTO_ICMPV6, net);
1735 "NDISC: Failed to initialize the control socket (err %d)\n",
1740 net->ipv6.ndisc_sk = sk;
1743 np->hop_limit = 255;
1744 /* Do not loopback ndisc messages */
1750 static void __net_exit ndisc_net_exit(struct net *net)
1752 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1755 static struct pernet_operations ndisc_net_ops = {
1756 .init = ndisc_net_init,
1757 .exit = ndisc_net_exit,
1760 int __init ndisc_init(void)
1764 err = register_pernet_subsys(&ndisc_net_ops);
1768 * Initialize the neighbour table
1770 neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1772 #ifdef CONFIG_SYSCTL
1773 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1774 ndisc_ifinfo_sysctl_change);
1776 goto out_unregister_pernet;
1781 #ifdef CONFIG_SYSCTL
1782 out_unregister_pernet:
1783 unregister_pernet_subsys(&ndisc_net_ops);
1788 int __init ndisc_late_init(void)
1790 return register_netdevice_notifier(&ndisc_netdev_notifier);
1793 void ndisc_late_cleanup(void)
1795 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1798 void ndisc_cleanup(void)
1800 #ifdef CONFIG_SYSCTL
1801 neigh_sysctl_unregister(&nd_tbl.parms);
1803 neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1804 unregister_pernet_subsys(&ndisc_net_ops);