2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
30 #define pr_fmt(fmt) "ICMPv6: " fmt
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
45 #include <linux/sysctl.h>
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
75 /* Set to 3 to get tracing... */
78 #define ND_PRINTK(val, level, fmt, ...) \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
84 static u32 ndisc_hash(const void *pkey,
85 const struct net_device *dev,
87 static int ndisc_constructor(struct neighbour *neigh);
88 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
89 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
90 static int pndisc_constructor(struct pneigh_entry *n);
91 static void pndisc_destructor(struct pneigh_entry *n);
92 static void pndisc_redo(struct sk_buff *skb);
94 static const struct neigh_ops ndisc_generic_ops = {
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_connected_output,
102 static const struct neigh_ops ndisc_hh_ops = {
104 .solicit = ndisc_solicit,
105 .error_report = ndisc_error_report,
106 .output = neigh_resolve_output,
107 .connected_output = neigh_resolve_output,
111 static const struct neigh_ops ndisc_direct_ops = {
113 .output = neigh_direct_output,
114 .connected_output = neigh_direct_output,
117 struct neigh_table nd_tbl = {
119 .key_len = sizeof(struct in6_addr),
121 .constructor = ndisc_constructor,
122 .pconstructor = pndisc_constructor,
123 .pdestructor = pndisc_destructor,
124 .proxy_redo = pndisc_redo,
128 .base_reachable_time = ND_REACHABLE_TIME,
129 .retrans_time = ND_RETRANS_TIMER,
130 .gc_staletime = 60 * HZ,
131 .reachable_time = ND_REACHABLE_TIME,
132 .delay_probe_time = 5 * HZ,
133 .queue_len_bytes = 64*1024,
136 .anycast_delay = 1 * HZ,
137 .proxy_delay = (8 * HZ) / 10,
140 .gc_interval = 30 * HZ,
147 struct ndisc_options {
148 struct nd_opt_hdr *nd_opt_array[__ND_OPT_ARRAY_MAX];
149 #ifdef CONFIG_IPV6_ROUTE_INFO
150 struct nd_opt_hdr *nd_opts_ri;
151 struct nd_opt_hdr *nd_opts_ri_end;
153 struct nd_opt_hdr *nd_useropts;
154 struct nd_opt_hdr *nd_useropts_end;
157 #define nd_opts_src_lladdr nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
158 #define nd_opts_tgt_lladdr nd_opt_array[ND_OPT_TARGET_LL_ADDR]
159 #define nd_opts_pi nd_opt_array[ND_OPT_PREFIX_INFO]
160 #define nd_opts_pi_end nd_opt_array[__ND_OPT_PREFIX_INFO_END]
161 #define nd_opts_rh nd_opt_array[ND_OPT_REDIRECT_HDR]
162 #define nd_opts_mtu nd_opt_array[ND_OPT_MTU]
164 #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
167 * Return the padding between the option length and the start of the
168 * link addr. Currently only IP-over-InfiniBand needs this, although
169 * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
170 * also need a pad of 2.
172 static int ndisc_addr_option_pad(unsigned short type)
175 case ARPHRD_INFINIBAND: return 2;
180 static inline int ndisc_opt_addr_space(struct net_device *dev)
182 return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
185 static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
186 unsigned short addr_type)
188 int space = NDISC_OPT_SPACE(data_len);
189 int pad = ndisc_addr_option_pad(addr_type);
194 memset(opt + 2, 0, pad);
198 memcpy(opt+2, data, data_len);
201 if ((space -= data_len) > 0)
202 memset(opt, 0, space);
206 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
207 struct nd_opt_hdr *end)
210 if (!cur || !end || cur >= end)
212 type = cur->nd_opt_type;
214 cur = ((void *)cur) + (cur->nd_opt_len << 3);
215 } while(cur < end && cur->nd_opt_type != type);
216 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
219 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
221 return opt->nd_opt_type == ND_OPT_RDNSS ||
222 opt->nd_opt_type == ND_OPT_DNSSL;
225 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
226 struct nd_opt_hdr *end)
228 if (!cur || !end || cur >= end)
231 cur = ((void *)cur) + (cur->nd_opt_len << 3);
232 } while(cur < end && !ndisc_is_useropt(cur));
233 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
236 static struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
237 struct ndisc_options *ndopts)
239 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
241 if (!nd_opt || opt_len < 0 || !ndopts)
243 memset(ndopts, 0, sizeof(*ndopts));
246 if (opt_len < sizeof(struct nd_opt_hdr))
248 l = nd_opt->nd_opt_len << 3;
249 if (opt_len < l || l == 0)
251 switch (nd_opt->nd_opt_type) {
252 case ND_OPT_SOURCE_LL_ADDR:
253 case ND_OPT_TARGET_LL_ADDR:
255 case ND_OPT_REDIRECT_HDR:
256 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
258 "%s: duplicated ND6 option found: type=%d\n",
259 __func__, nd_opt->nd_opt_type);
261 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
264 case ND_OPT_PREFIX_INFO:
265 ndopts->nd_opts_pi_end = nd_opt;
266 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
267 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
269 #ifdef CONFIG_IPV6_ROUTE_INFO
270 case ND_OPT_ROUTE_INFO:
271 ndopts->nd_opts_ri_end = nd_opt;
272 if (!ndopts->nd_opts_ri)
273 ndopts->nd_opts_ri = nd_opt;
277 if (ndisc_is_useropt(nd_opt)) {
278 ndopts->nd_useropts_end = nd_opt;
279 if (!ndopts->nd_useropts)
280 ndopts->nd_useropts = nd_opt;
283 * Unknown options must be silently ignored,
284 * to accommodate future extension to the
288 "%s: ignored unsupported option; type=%d, len=%d\n",
295 nd_opt = ((void *)nd_opt) + l;
300 static inline u8 *ndisc_opt_addr_data(struct nd_opt_hdr *p,
301 struct net_device *dev)
303 u8 *lladdr = (u8 *)(p + 1);
304 int lladdrlen = p->nd_opt_len << 3;
305 int prepad = ndisc_addr_option_pad(dev->type);
306 if (lladdrlen != NDISC_OPT_SPACE(dev->addr_len + prepad))
308 return lladdr + prepad;
311 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
315 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
317 ipv6_eth_mc_map(addr, buf);
320 ipv6_arcnet_mc_map(addr, buf);
322 case ARPHRD_INFINIBAND:
323 ipv6_ib_mc_map(addr, dev->broadcast, buf);
326 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
329 memcpy(buf, dev->broadcast, dev->addr_len);
336 EXPORT_SYMBOL(ndisc_mc_map);
338 static u32 ndisc_hash(const void *pkey,
339 const struct net_device *dev,
342 return ndisc_hashfn(pkey, dev, hash_rnd);
345 static int ndisc_constructor(struct neighbour *neigh)
347 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
348 struct net_device *dev = neigh->dev;
349 struct inet6_dev *in6_dev;
350 struct neigh_parms *parms;
351 bool is_multicast = ipv6_addr_is_multicast(addr);
353 in6_dev = in6_dev_get(dev);
354 if (in6_dev == NULL) {
358 parms = in6_dev->nd_parms;
359 __neigh_parms_put(neigh->parms);
360 neigh->parms = neigh_parms_clone(parms);
362 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
363 if (!dev->header_ops) {
364 neigh->nud_state = NUD_NOARP;
365 neigh->ops = &ndisc_direct_ops;
366 neigh->output = neigh_direct_output;
369 neigh->nud_state = NUD_NOARP;
370 ndisc_mc_map(addr, neigh->ha, dev, 1);
371 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
372 neigh->nud_state = NUD_NOARP;
373 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
374 if (dev->flags&IFF_LOOPBACK)
375 neigh->type = RTN_LOCAL;
376 } else if (dev->flags&IFF_POINTOPOINT) {
377 neigh->nud_state = NUD_NOARP;
378 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
380 if (dev->header_ops->cache)
381 neigh->ops = &ndisc_hh_ops;
383 neigh->ops = &ndisc_generic_ops;
384 if (neigh->nud_state&NUD_VALID)
385 neigh->output = neigh->ops->connected_output;
387 neigh->output = neigh->ops->output;
389 in6_dev_put(in6_dev);
393 static int pndisc_constructor(struct pneigh_entry *n)
395 struct in6_addr *addr = (struct in6_addr*)&n->key;
396 struct in6_addr maddr;
397 struct net_device *dev = n->dev;
399 if (dev == NULL || __in6_dev_get(dev) == NULL)
401 addrconf_addr_solict_mult(addr, &maddr);
402 ipv6_dev_mc_inc(dev, &maddr);
406 static void pndisc_destructor(struct pneigh_entry *n)
408 struct in6_addr *addr = (struct in6_addr*)&n->key;
409 struct in6_addr maddr;
410 struct net_device *dev = n->dev;
412 if (dev == NULL || __in6_dev_get(dev) == NULL)
414 addrconf_addr_solict_mult(addr, &maddr);
415 ipv6_dev_mc_dec(dev, &maddr);
418 struct sk_buff *ndisc_build_skb(struct net_device *dev,
419 const struct in6_addr *daddr,
420 const struct in6_addr *saddr,
421 struct icmp6hdr *icmp6h,
422 const struct in6_addr *target,
425 struct net *net = dev_net(dev);
426 struct sock *sk = net->ipv6.ndisc_sk;
428 struct icmp6hdr *hdr;
429 int hlen = LL_RESERVED_SPACE(dev);
430 int tlen = dev->needed_tailroom;
438 len = sizeof(struct icmp6hdr) + (target ? sizeof(*target) : 0);
440 len += ndisc_opt_addr_space(dev);
442 skb = sock_alloc_send_skb(sk,
443 (MAX_HEADER + sizeof(struct ipv6hdr) +
447 ND_PRINTK(0, err, "ND: %s failed to allocate an skb, err=%d\n",
452 skb_reserve(skb, hlen);
453 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
455 skb->transport_header = skb->tail;
458 hdr = (struct icmp6hdr *)skb_transport_header(skb);
459 memcpy(hdr, icmp6h, sizeof(*hdr));
461 opt = skb_transport_header(skb) + sizeof(struct icmp6hdr);
463 *(struct in6_addr *)opt = *target;
464 opt += sizeof(*target);
468 ndisc_fill_addr_option(opt, llinfo, dev->dev_addr,
469 dev->addr_len, dev->type);
471 hdr->icmp6_cksum = csum_ipv6_magic(saddr, daddr, len,
479 EXPORT_SYMBOL(ndisc_build_skb);
481 void ndisc_send_skb(struct sk_buff *skb,
482 struct net_device *dev,
483 struct neighbour *neigh,
484 const struct in6_addr *daddr,
485 const struct in6_addr *saddr,
486 struct icmp6hdr *icmp6h)
489 struct dst_entry *dst;
490 struct net *net = dev_net(dev);
491 struct sock *sk = net->ipv6.ndisc_sk;
492 struct inet6_dev *idev;
496 type = icmp6h->icmp6_type;
498 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, dev->ifindex);
499 dst = icmp6_dst_alloc(dev, neigh, &fl6);
505 skb_dst_set(skb, dst);
508 idev = __in6_dev_get(dst->dev);
509 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
511 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
514 ICMP6MSGOUT_INC_STATS(net, idev, type);
515 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
521 EXPORT_SYMBOL(ndisc_send_skb);
524 * Send a Neighbour Discover packet
526 static void __ndisc_send(struct net_device *dev,
527 struct neighbour *neigh,
528 const struct in6_addr *daddr,
529 const struct in6_addr *saddr,
530 struct icmp6hdr *icmp6h, const struct in6_addr *target,
535 skb = ndisc_build_skb(dev, daddr, saddr, icmp6h, target, llinfo);
539 ndisc_send_skb(skb, dev, neigh, daddr, saddr, icmp6h);
542 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
543 const struct in6_addr *daddr,
544 const struct in6_addr *solicited_addr,
545 int router, int solicited, int override, int inc_opt)
547 struct in6_addr tmpaddr;
548 struct inet6_ifaddr *ifp;
549 const struct in6_addr *src_addr;
550 struct icmp6hdr icmp6h = {
551 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
554 /* for anycast or proxy, solicited_addr != src_addr */
555 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
557 src_addr = solicited_addr;
558 if (ifp->flags & IFA_F_OPTIMISTIC)
560 inc_opt |= ifp->idev->cnf.force_tllao;
563 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
564 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
570 icmp6h.icmp6_router = router;
571 icmp6h.icmp6_solicited = solicited;
572 icmp6h.icmp6_override = override;
574 __ndisc_send(dev, neigh, daddr, src_addr,
575 &icmp6h, solicited_addr,
576 inc_opt ? ND_OPT_TARGET_LL_ADDR : 0);
579 static void ndisc_send_unsol_na(struct net_device *dev)
581 struct inet6_dev *idev;
582 struct inet6_ifaddr *ifa;
583 struct in6_addr mcaddr;
585 idev = in6_dev_get(dev);
589 read_lock_bh(&idev->lock);
590 list_for_each_entry(ifa, &idev->addr_list, if_list) {
591 addrconf_addr_solict_mult(&ifa->addr, &mcaddr);
592 ndisc_send_na(dev, NULL, &mcaddr, &ifa->addr,
593 /*router=*/ !!idev->cnf.forwarding,
594 /*solicited=*/ false, /*override=*/ true,
597 read_unlock_bh(&idev->lock);
602 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
603 const struct in6_addr *solicit,
604 const struct in6_addr *daddr, const struct in6_addr *saddr)
606 struct in6_addr addr_buf;
607 struct icmp6hdr icmp6h = {
608 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
612 if (ipv6_get_lladdr(dev, &addr_buf,
613 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
618 __ndisc_send(dev, neigh, daddr, saddr,
620 !ipv6_addr_any(saddr) ? ND_OPT_SOURCE_LL_ADDR : 0);
623 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
624 const struct in6_addr *daddr)
626 struct icmp6hdr icmp6h = {
627 .icmp6_type = NDISC_ROUTER_SOLICITATION,
629 int send_sllao = dev->addr_len;
631 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
633 * According to section 2.2 of RFC 4429, we must not
634 * send router solicitations with a sllao from
635 * optimistic addresses, but we may send the solicitation
636 * if we don't include the sllao. So here we check
637 * if our address is optimistic, and if so, we
638 * suppress the inclusion of the sllao.
641 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
644 if (ifp->flags & IFA_F_OPTIMISTIC) {
653 __ndisc_send(dev, NULL, daddr, saddr,
655 send_sllao ? ND_OPT_SOURCE_LL_ADDR : 0);
659 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
662 * "The sender MUST return an ICMP
663 * destination unreachable"
665 dst_link_failure(skb);
669 /* Called with locked neigh: either read or both */
671 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
673 struct in6_addr *saddr = NULL;
674 struct in6_addr mcaddr;
675 struct net_device *dev = neigh->dev;
676 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
677 int probes = atomic_read(&neigh->probes);
679 if (skb && ipv6_chk_addr(dev_net(dev), &ipv6_hdr(skb)->saddr, dev, 1))
680 saddr = &ipv6_hdr(skb)->saddr;
682 if ((probes -= neigh->parms->ucast_probes) < 0) {
683 if (!(neigh->nud_state & NUD_VALID)) {
685 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
688 ndisc_send_ns(dev, neigh, target, target, saddr);
689 } else if ((probes -= neigh->parms->app_probes) < 0) {
694 addrconf_addr_solict_mult(target, &mcaddr);
695 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
699 static int pndisc_is_router(const void *pkey,
700 struct net_device *dev)
702 struct pneigh_entry *n;
705 read_lock_bh(&nd_tbl.lock);
706 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
708 ret = !!(n->flags & NTF_ROUTER);
709 read_unlock_bh(&nd_tbl.lock);
714 static void ndisc_recv_ns(struct sk_buff *skb)
716 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
717 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
718 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
720 u32 ndoptlen = skb->tail - (skb->transport_header +
721 offsetof(struct nd_msg, opt));
722 struct ndisc_options ndopts;
723 struct net_device *dev = skb->dev;
724 struct inet6_ifaddr *ifp;
725 struct inet6_dev *idev = NULL;
726 struct neighbour *neigh;
727 int dad = ipv6_addr_any(saddr);
731 if (ipv6_addr_is_multicast(&msg->target)) {
732 ND_PRINTK(2, warn, "NS: multicast target address\n");
738 * DAD has to be destined for solicited node multicast address.
741 !(daddr->s6_addr32[0] == htonl(0xff020000) &&
742 daddr->s6_addr32[1] == htonl(0x00000000) &&
743 daddr->s6_addr32[2] == htonl(0x00000001) &&
744 daddr->s6_addr [12] == 0xff )) {
745 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
749 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
750 ND_PRINTK(2, warn, "NS: invalid ND options\n");
754 if (ndopts.nd_opts_src_lladdr) {
755 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
758 "NS: invalid link-layer address length\n");
763 * If the IP source address is the unspecified address,
764 * there MUST NOT be source link-layer address option
769 "NS: bad DAD packet (link-layer address option)\n");
774 inc = ipv6_addr_is_multicast(daddr);
776 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
779 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
782 * We are colliding with another node
784 * so fail our DAD process
786 addrconf_dad_failure(ifp);
790 * This is not a dad solicitation.
791 * If we are an optimistic node,
793 * Otherwise, we should ignore it.
795 if (!(ifp->flags & IFA_F_OPTIMISTIC))
802 struct net *net = dev_net(dev);
804 idev = in6_dev_get(dev);
806 /* XXX: count this drop? */
810 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
811 (idev->cnf.forwarding &&
812 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
813 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
814 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
815 skb->pkt_type != PACKET_HOST &&
817 idev->nd_parms->proxy_delay != 0) {
819 * for anycast or proxy,
820 * sender should delay its response
821 * by a random time between 0 and
822 * MAX_ANYCAST_DELAY_TIME seconds.
823 * (RFC2461) -- yoshfuji
825 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
827 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
835 is_router = !!idev->cnf.forwarding;
838 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
839 is_router, 0, (ifp != NULL), 1);
844 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
846 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
849 * update / create cache entry
850 * for the source address
852 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
853 !inc || lladdr || !dev->addr_len);
855 neigh_update(neigh, lladdr, NUD_STALE,
856 NEIGH_UPDATE_F_WEAK_OVERRIDE|
857 NEIGH_UPDATE_F_OVERRIDE);
858 if (neigh || !dev->header_ops) {
859 ndisc_send_na(dev, neigh, saddr, &msg->target,
861 1, (ifp != NULL && inc), inc);
863 neigh_release(neigh);
873 static void ndisc_recv_na(struct sk_buff *skb)
875 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
876 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
877 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
879 u32 ndoptlen = skb->tail - (skb->transport_header +
880 offsetof(struct nd_msg, opt));
881 struct ndisc_options ndopts;
882 struct net_device *dev = skb->dev;
883 struct inet6_ifaddr *ifp;
884 struct neighbour *neigh;
886 if (skb->len < sizeof(struct nd_msg)) {
887 ND_PRINTK(2, warn, "NA: packet too short\n");
891 if (ipv6_addr_is_multicast(&msg->target)) {
892 ND_PRINTK(2, warn, "NA: target address is multicast\n");
896 if (ipv6_addr_is_multicast(daddr) &&
897 msg->icmph.icmp6_solicited) {
898 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
902 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
903 ND_PRINTK(2, warn, "NS: invalid ND option\n");
906 if (ndopts.nd_opts_tgt_lladdr) {
907 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
910 "NA: invalid link-layer address length\n");
914 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
916 if (skb->pkt_type != PACKET_LOOPBACK
917 && (ifp->flags & IFA_F_TENTATIVE)) {
918 addrconf_dad_failure(ifp);
921 /* What should we make now? The advertisement
922 is invalid, but ndisc specs say nothing
923 about it. It could be misconfiguration, or
924 an smart proxy agent tries to help us :-)
926 We should not print the error if NA has been
927 received from loopback - it is just our own
928 unsolicited advertisement.
930 if (skb->pkt_type != PACKET_LOOPBACK)
932 "NA: someone advertises our address %pI6 on %s!\n",
933 &ifp->addr, ifp->idev->dev->name);
937 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
940 u8 old_flags = neigh->flags;
941 struct net *net = dev_net(dev);
943 if (neigh->nud_state & NUD_FAILED)
947 * Don't update the neighbor cache entry on a proxy NA from
948 * ourselves because either the proxied node is off link or it
949 * has already sent a NA to us.
951 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
952 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
953 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
954 /* XXX: idev->cnf.prixy_ndp */
958 neigh_update(neigh, lladdr,
959 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
960 NEIGH_UPDATE_F_WEAK_OVERRIDE|
961 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
962 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
963 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
965 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
967 * Change: router to host
970 rt = rt6_get_dflt_router(saddr, dev);
976 neigh_release(neigh);
980 static void ndisc_recv_rs(struct sk_buff *skb)
982 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
983 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
984 struct neighbour *neigh;
985 struct inet6_dev *idev;
986 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
987 struct ndisc_options ndopts;
990 if (skb->len < sizeof(*rs_msg))
993 idev = __in6_dev_get(skb->dev);
995 ND_PRINTK(1, err, "RS: can't find in6 device\n");
999 /* Don't accept RS if we're not in router mode */
1000 if (!idev->cnf.forwarding)
1004 * Don't update NCE if src = ::;
1005 * this implies that the source node has no ip address assigned yet.
1007 if (ipv6_addr_any(saddr))
1010 /* Parse ND options */
1011 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
1012 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
1016 if (ndopts.nd_opts_src_lladdr) {
1017 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1023 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1025 neigh_update(neigh, lladdr, NUD_STALE,
1026 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1027 NEIGH_UPDATE_F_OVERRIDE|
1028 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1029 neigh_release(neigh);
1035 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1037 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1038 struct sk_buff *skb;
1039 struct nlmsghdr *nlh;
1040 struct nduseroptmsg *ndmsg;
1041 struct net *net = dev_net(ra->dev);
1043 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1044 + (opt->nd_opt_len << 3));
1045 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1047 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1053 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1055 goto nla_put_failure;
1058 ndmsg = nlmsg_data(nlh);
1059 ndmsg->nduseropt_family = AF_INET6;
1060 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1061 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1062 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1063 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1065 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1067 if (nla_put(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1068 &ipv6_hdr(ra)->saddr))
1069 goto nla_put_failure;
1070 nlmsg_end(skb, nlh);
1072 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1079 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1082 static inline int accept_ra(struct inet6_dev *in6_dev)
1085 * If forwarding is enabled, RA are not accepted unless the special
1086 * hybrid mode (accept_ra=2) is enabled.
1088 if (in6_dev->cnf.forwarding && in6_dev->cnf.accept_ra < 2)
1091 return in6_dev->cnf.accept_ra;
1094 static void ndisc_router_discovery(struct sk_buff *skb)
1096 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1097 struct neighbour *neigh = NULL;
1098 struct inet6_dev *in6_dev;
1099 struct rt6_info *rt = NULL;
1101 struct ndisc_options ndopts;
1103 unsigned int pref = 0;
1105 __u8 * opt = (__u8 *)(ra_msg + 1);
1107 optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg);
1109 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1110 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1114 ND_PRINTK(2, warn, "RA: packet too short\n");
1118 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1119 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1120 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1126 * set the RA_RECV flag in the interface
1129 in6_dev = __in6_dev_get(skb->dev);
1130 if (in6_dev == NULL) {
1131 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1136 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1137 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1141 if (!accept_ra(in6_dev))
1142 goto skip_linkparms;
1144 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1145 /* skip link-specific parameters from interior routers */
1146 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1147 goto skip_linkparms;
1150 if (in6_dev->if_flags & IF_RS_SENT) {
1152 * flag that an RA was received after an RS was sent
1153 * out on this interface.
1155 in6_dev->if_flags |= IF_RA_RCVD;
1159 * Remember the managed/otherconf flags from most recently
1160 * received RA message (RFC 2462) -- yoshfuji
1162 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1164 (ra_msg->icmph.icmp6_addrconf_managed ?
1165 IF_RA_MANAGED : 0) |
1166 (ra_msg->icmph.icmp6_addrconf_other ?
1167 IF_RA_OTHERCONF : 0);
1169 if (!in6_dev->cnf.accept_ra_defrtr)
1172 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1175 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1177 #ifdef CONFIG_IPV6_ROUTER_PREF
1178 pref = ra_msg->icmph.icmp6_router_pref;
1179 /* 10b is handled as if it were 00b (medium) */
1180 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1181 !in6_dev->cnf.accept_ra_rtr_pref)
1182 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1185 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1188 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1191 "RA: %s got default router without neighbour\n",
1193 dst_release(&rt->dst);
1197 if (rt && lifetime == 0) {
1202 if (rt == NULL && lifetime) {
1203 ND_PRINTK(3, dbg, "RA: adding default router\n");
1205 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1208 "RA: %s failed to add default route\n",
1213 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1214 if (neigh == NULL) {
1216 "RA: %s got default router without neighbour\n",
1218 dst_release(&rt->dst);
1221 neigh->flags |= NTF_ROUTER;
1223 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1227 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1228 if (ra_msg->icmph.icmp6_hop_limit) {
1229 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1231 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1232 ra_msg->icmph.icmp6_hop_limit);
1238 * Update Reachable Time and Retrans Timer
1241 if (in6_dev->nd_parms) {
1242 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1244 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1245 rtime = (rtime*HZ)/1000;
1248 in6_dev->nd_parms->retrans_time = rtime;
1249 in6_dev->tstamp = jiffies;
1250 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1253 rtime = ntohl(ra_msg->reachable_time);
1254 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1255 rtime = (rtime*HZ)/1000;
1260 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1261 in6_dev->nd_parms->base_reachable_time = rtime;
1262 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1263 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1264 in6_dev->tstamp = jiffies;
1265 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1277 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1281 if (ndopts.nd_opts_src_lladdr) {
1282 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1286 "RA: invalid link-layer address length\n");
1290 neigh_update(neigh, lladdr, NUD_STALE,
1291 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1292 NEIGH_UPDATE_F_OVERRIDE|
1293 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1294 NEIGH_UPDATE_F_ISROUTER);
1297 if (!accept_ra(in6_dev))
1300 #ifdef CONFIG_IPV6_ROUTE_INFO
1301 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1302 goto skip_routeinfo;
1304 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1305 struct nd_opt_hdr *p;
1306 for (p = ndopts.nd_opts_ri;
1308 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1309 struct route_info *ri = (struct route_info *)p;
1310 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1311 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1312 ri->prefix_len == 0)
1315 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1317 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1318 &ipv6_hdr(skb)->saddr);
1325 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1326 /* skip link-specific ndopts from interior routers */
1327 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1331 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1332 struct nd_opt_hdr *p;
1333 for (p = ndopts.nd_opts_pi;
1335 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1336 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1337 (p->nd_opt_len) << 3,
1338 ndopts.nd_opts_src_lladdr != NULL);
1342 if (ndopts.nd_opts_mtu) {
1346 memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1349 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1350 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1351 } else if (in6_dev->cnf.mtu6 != mtu) {
1352 in6_dev->cnf.mtu6 = mtu;
1355 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1357 rt6_mtu_change(skb->dev, mtu);
1361 if (ndopts.nd_useropts) {
1362 struct nd_opt_hdr *p;
1363 for (p = ndopts.nd_useropts;
1365 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1366 ndisc_ra_useropt(skb, p);
1370 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1371 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1375 dst_release(&rt->dst);
1377 neigh_release(neigh);
1380 static void ndisc_redirect_rcv(struct sk_buff *skb)
1382 struct inet6_dev *in6_dev;
1383 struct icmp6hdr *icmph;
1384 const struct in6_addr *dest;
1385 const struct in6_addr *target; /* new first hop to destination */
1386 struct neighbour *neigh;
1388 struct ndisc_options ndopts;
1392 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1393 switch (skb->ndisc_nodetype) {
1394 case NDISC_NODETYPE_HOST:
1395 case NDISC_NODETYPE_NODEFAULT:
1397 "Redirect: from host or unauthorized router\n");
1402 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1404 "Redirect: source address is not link-local\n");
1408 optlen = skb->tail - skb->transport_header;
1409 optlen -= sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1412 ND_PRINTK(2, warn, "Redirect: packet too short\n");
1416 icmph = icmp6_hdr(skb);
1417 target = (const struct in6_addr *) (icmph + 1);
1420 if (ipv6_addr_is_multicast(dest)) {
1422 "Redirect: destination address is multicast\n");
1426 if (ipv6_addr_equal(dest, target)) {
1428 } else if (ipv6_addr_type(target) !=
1429 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1431 "Redirect: target address is not link-local unicast\n");
1435 in6_dev = __in6_dev_get(skb->dev);
1438 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects)
1442 * The IP source address of the Redirect MUST be the same as the current
1443 * first-hop router for the specified ICMP Destination Address.
1446 if (!ndisc_parse_options((u8*)(dest + 1), optlen, &ndopts)) {
1447 ND_PRINTK(2, warn, "Redirect: invalid ND options\n");
1450 if (ndopts.nd_opts_tgt_lladdr) {
1451 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
1455 "Redirect: invalid link-layer address length\n");
1460 neigh = __neigh_lookup(&nd_tbl, target, skb->dev, 1);
1462 rt6_redirect(dest, &ipv6_hdr(skb)->daddr,
1463 &ipv6_hdr(skb)->saddr, neigh, lladdr,
1465 neigh_release(neigh);
1469 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1471 struct net_device *dev = skb->dev;
1472 struct net *net = dev_net(dev);
1473 struct sock *sk = net->ipv6.ndisc_sk;
1474 int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1475 struct inet_peer *peer;
1476 struct sk_buff *buff;
1477 struct icmp6hdr *icmph;
1478 struct in6_addr saddr_buf;
1479 struct in6_addr *addrp;
1480 struct rt6_info *rt;
1481 struct dst_entry *dst;
1482 struct inet6_dev *idev;
1488 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1491 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1492 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1497 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1498 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1500 "Redirect: target address is not link-local unicast\n");
1504 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1505 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1507 dst = ip6_route_output(net, NULL, &fl6);
1512 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1516 rt = (struct rt6_info *) dst;
1518 if (rt->rt6i_flags & RTF_GATEWAY) {
1520 "Redirect: destination is not a neighbour\n");
1523 peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
1524 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1530 if (dev->addr_len) {
1531 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1534 "Redirect: no neigh for target address\n");
1538 read_lock_bh(&neigh->lock);
1539 if (neigh->nud_state & NUD_VALID) {
1540 memcpy(ha_buf, neigh->ha, dev->addr_len);
1541 read_unlock_bh(&neigh->lock);
1543 len += ndisc_opt_addr_space(dev);
1545 read_unlock_bh(&neigh->lock);
1547 neigh_release(neigh);
1550 rd_len = min_t(unsigned int,
1551 IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1555 hlen = LL_RESERVED_SPACE(dev);
1556 tlen = dev->needed_tailroom;
1557 buff = sock_alloc_send_skb(sk,
1558 (MAX_HEADER + sizeof(struct ipv6hdr) +
1563 "Redirect: %s failed to allocate an skb, err=%d\n",
1568 skb_reserve(buff, hlen);
1569 ip6_nd_hdr(sk, buff, dev, &saddr_buf, &ipv6_hdr(skb)->saddr,
1570 IPPROTO_ICMPV6, len);
1572 skb_set_transport_header(buff, skb_tail_pointer(buff) - buff->data);
1574 icmph = icmp6_hdr(buff);
1576 memset(icmph, 0, sizeof(struct icmp6hdr));
1577 icmph->icmp6_type = NDISC_REDIRECT;
1580 * copy target and destination addresses
1583 addrp = (struct in6_addr *)(icmph + 1);
1586 *addrp = ipv6_hdr(skb)->daddr;
1588 opt = (u8*) (addrp + 1);
1591 * include target_address option
1595 opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1596 dev->addr_len, dev->type);
1599 * build redirect option and copy skb over to the new packet.
1603 *(opt++) = ND_OPT_REDIRECT_HDR;
1604 *(opt++) = (rd_len >> 3);
1607 memcpy(opt, ipv6_hdr(skb), rd_len - 8);
1609 icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &ipv6_hdr(skb)->saddr,
1610 len, IPPROTO_ICMPV6,
1611 csum_partial(icmph, len, 0));
1613 skb_dst_set(buff, dst);
1615 idev = __in6_dev_get(dst->dev);
1616 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
1617 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, buff, NULL, dst->dev,
1620 ICMP6MSGOUT_INC_STATS(net, idev, NDISC_REDIRECT);
1621 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1631 static void pndisc_redo(struct sk_buff *skb)
1637 int ndisc_rcv(struct sk_buff *skb)
1641 if (!pskb_may_pull(skb, skb->len))
1644 msg = (struct nd_msg *)skb_transport_header(skb);
1646 __skb_push(skb, skb->data - skb_transport_header(skb));
1648 if (ipv6_hdr(skb)->hop_limit != 255) {
1649 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1650 ipv6_hdr(skb)->hop_limit);
1654 if (msg->icmph.icmp6_code != 0) {
1655 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1656 msg->icmph.icmp6_code);
1660 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1662 switch (msg->icmph.icmp6_type) {
1663 case NDISC_NEIGHBOUR_SOLICITATION:
1667 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1671 case NDISC_ROUTER_SOLICITATION:
1675 case NDISC_ROUTER_ADVERTISEMENT:
1676 ndisc_router_discovery(skb);
1679 case NDISC_REDIRECT:
1680 ndisc_redirect_rcv(skb);
1687 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1689 struct net_device *dev = ptr;
1690 struct net *net = dev_net(dev);
1693 case NETDEV_CHANGEADDR:
1694 neigh_changeaddr(&nd_tbl, dev);
1695 fib6_run_gc(~0UL, net);
1698 neigh_ifdown(&nd_tbl, dev);
1699 fib6_run_gc(~0UL, net);
1701 case NETDEV_NOTIFY_PEERS:
1702 ndisc_send_unsol_na(dev);
1711 static struct notifier_block ndisc_netdev_notifier = {
1712 .notifier_call = ndisc_netdev_event,
1715 #ifdef CONFIG_SYSCTL
1716 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1717 const char *func, const char *dev_name)
1719 static char warncomm[TASK_COMM_LEN];
1721 if (strcmp(warncomm, current->comm) && warned < 5) {
1722 strcpy(warncomm, current->comm);
1723 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1725 dev_name, ctl->procname,
1726 dev_name, ctl->procname);
1731 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1733 struct net_device *dev = ctl->extra1;
1734 struct inet6_dev *idev;
1737 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1738 (strcmp(ctl->procname, "base_reachable_time") == 0))
1739 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1741 if (strcmp(ctl->procname, "retrans_time") == 0)
1742 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1744 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1745 ret = proc_dointvec_jiffies(ctl, write,
1746 buffer, lenp, ppos);
1748 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1749 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1750 ret = proc_dointvec_ms_jiffies(ctl, write,
1751 buffer, lenp, ppos);
1755 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1756 if (ctl->data == &idev->nd_parms->base_reachable_time)
1757 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1758 idev->tstamp = jiffies;
1759 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1768 static int __net_init ndisc_net_init(struct net *net)
1770 struct ipv6_pinfo *np;
1774 err = inet_ctl_sock_create(&sk, PF_INET6,
1775 SOCK_RAW, IPPROTO_ICMPV6, net);
1778 "NDISC: Failed to initialize the control socket (err %d)\n",
1783 net->ipv6.ndisc_sk = sk;
1786 np->hop_limit = 255;
1787 /* Do not loopback ndisc messages */
1793 static void __net_exit ndisc_net_exit(struct net *net)
1795 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1798 static struct pernet_operations ndisc_net_ops = {
1799 .init = ndisc_net_init,
1800 .exit = ndisc_net_exit,
1803 int __init ndisc_init(void)
1807 err = register_pernet_subsys(&ndisc_net_ops);
1811 * Initialize the neighbour table
1813 neigh_table_init(&nd_tbl);
1815 #ifdef CONFIG_SYSCTL
1816 err = neigh_sysctl_register(NULL, &nd_tbl.parms, "ipv6",
1817 &ndisc_ifinfo_sysctl_change);
1819 goto out_unregister_pernet;
1821 err = register_netdevice_notifier(&ndisc_netdev_notifier);
1823 goto out_unregister_sysctl;
1827 out_unregister_sysctl:
1828 #ifdef CONFIG_SYSCTL
1829 neigh_sysctl_unregister(&nd_tbl.parms);
1830 out_unregister_pernet:
1832 unregister_pernet_subsys(&ndisc_net_ops);
1836 void ndisc_cleanup(void)
1838 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1839 #ifdef CONFIG_SYSCTL
1840 neigh_sysctl_unregister(&nd_tbl.parms);
1842 neigh_table_clear(&nd_tbl);
1843 unregister_pernet_subsys(&ndisc_net_ops);
projects / firefly-linux-kernel-4.4.55.git / blob