]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blame - net/ipv6/icmp.c
projects / mirror_ubuntu-bionic-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
cpufreq: CPPC: Don't set transition_latency
[mirror_ubuntu-bionic-kernel.git] / net / ipv6 / icmp.c
CommitLineData
1da177e4
LT		 1/*
2 * Internet Control Message Protocol (ICMPv6)
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
1da177e4
LT		 8 * Based on net/ipv4/icmp.c
9 *
10 * RFC 1885
11 *
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version
15 * 2 of the License, or (at your option) any later version.
16 */
17
18/*
19 * Changes:
20 *
21 * Andi Kleen : exception handling
22 * Andi Kleen add rate limits. never reply to a icmp.
23 * add more length checks and other fixes.
24 * yoshfuji : ensure to sent parameter problem for
25 * fragments.
26 * YOSHIFUJI Hideaki @USAGI: added sysctl for icmp rate limit.
27 * Randy Dunlap and
28 * YOSHIFUJI Hideaki @USAGI: Per-interface statistics support
29 * Kazunori MIYAZAWA @USAGI: change output process to use ip6_append_data
30 */
31
f3213831
JP		 32#define pr_fmt(fmt) "IPv6: " fmt
33
1da177e4
LT		 34#include <linux/module.h>
35#include <linux/errno.h>
36#include <linux/types.h>
37#include <linux/socket.h>
38#include <linux/in.h>
39#include <linux/kernel.h>
1da177e4
LT		 40#include <linux/sockios.h>
41#include <linux/net.h>
42#include <linux/skbuff.h>
43#include <linux/init.h>
763ecff1 44#include <linux/netfilter.h>
5a0e3ad6 45#include <linux/slab.h>
1da177e4
LT		 46
47#ifdef CONFIG_SYSCTL
48#include <linux/sysctl.h>
49#endif
50
51#include <linux/inet.h>
52#include <linux/netdevice.h>
53#include <linux/icmpv6.h>
54
55#include <net/ip.h>
56#include <net/sock.h>
57
58#include <net/ipv6.h>
59#include <net/ip6_checksum.h>
6d0bfe22 60#include <net/ping.h>
1da177e4
LT		 61#include <net/protocol.h>
62#include <net/raw.h>
63#include <net/rawv6.h>
64#include <net/transp_v6.h>
65#include <net/ip6_route.h>
66#include <net/addrconf.h>
67#include <net/icmp.h>
8b7817f3 68#include <net/xfrm.h>
1ed8516f 69#include <net/inet_common.h>
825edac4 70#include <net/dsfield.h>
ca254490 71#include <net/l3mdev.h>
1da177e4 72
7c0f6ba6 73#include <linux/uaccess.h>
1da177e4 74
1da177e4
LT		 75/*
76 * The ICMP socket(s). This is the most convenient way to flow control
77 * our ICMP output as well as maintain a clean interface throughout
78 * all layers. All Socketless IP sends will soon be gone.
79 *
80 * On SMP we have one ICMP socket per-cpu.
81 */
98c6d1b2
DL		 82static inline struct sock *icmpv6_sk(struct net *net)
83{
84 return net->ipv6.icmp_sk[smp_processor_id()];
85}
1da177e4 86
6f809da2
SK		 87static void icmpv6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
88 u8 type, u8 code, int offset, __be32 info)
89{
6d0bfe22
LC		 90 /* icmpv6_notify checks 8 bytes can be pulled, icmp6hdr is 8 bytes */
91 struct icmp6hdr *icmp6 = (struct icmp6hdr *) (skb->data + offset);
6f809da2
SK		 92 struct net *net = dev_net(skb->dev);
93
94 if (type == ICMPV6_PKT_TOOBIG)
e2d118a1 95 ip6_update_pmtu(skb, net, info, 0, 0, sock_net_uid(net, NULL));
6f809da2 96 else if (type == NDISC_REDIRECT)
e2d118a1
LC		 97 ip6_redirect(skb, net, skb->dev->ifindex, 0,
98 sock_net_uid(net, NULL));
6d0bfe22
LC		 99
100 if (!(type & ICMPV6_INFOMSG_MASK))
101 if (icmp6->icmp6_type == ICMPV6_ECHO_REQUEST)
dcb94b88 102 ping_err(skb, offset, ntohl(info));
6f809da2
SK		 103}
104
e5bbef20 105static int icmpv6_rcv(struct sk_buff *skb);
1da177e4 106
41135cc8 107static const struct inet6_protocol icmpv6_protocol = {
1da177e4 108 .handler = icmpv6_rcv,
6f809da2 109 .err_handler = icmpv6_err,
8b7817f3 110 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
1da177e4
LT		 111};
112
7ba91ecb 113/* Called with BH disabled */
fdc0bde9 114static __inline__ struct sock *icmpv6_xmit_lock(struct net *net)
1da177e4 115{
fdc0bde9
DL		 116 struct sock *sk;
117
fdc0bde9 118 sk = icmpv6_sk(net);
405666db 119 if (unlikely(!spin_trylock(&sk->sk_lock.slock))) {
1da177e4
LT		 120 /* This can happen if the output path (f.e. SIT or
121 * ip6ip6 tunnel) signals dst_link_failure() for an
122 * outgoing ICMP6 packet.
123 */
fdc0bde9 124 return NULL;
1da177e4 125 }
fdc0bde9 126 return sk;
1da177e4
LT		 127}
128
405666db 129static __inline__ void icmpv6_xmit_unlock(struct sock *sk)
1da177e4 130{
7ba91ecb 131 spin_unlock(&sk->sk_lock.slock);
1da177e4
LT		 132}
133
1da177e4
LT		 134/*
135 * Figure out, may we reply to this packet with icmp error.
136 *
137 * We do not reply, if:
138 * - it was icmp error message.
139 * - it is truncated, so that it is known, that protocol is ICMPV6
140 * (i.e. in the middle of some exthdr)
141 *
142 * --ANK (980726)
143 */
144
a50feda5 145static bool is_ineligible(const struct sk_buff *skb)
1da177e4 146{
0660e03f 147 int ptr = (u8 *)(ipv6_hdr(skb) + 1) - skb->data;
1da177e4 148 int len = skb->len - ptr;
0660e03f 149 __u8 nexthdr = ipv6_hdr(skb)->nexthdr;
75f2811c 150 __be16 frag_off;
1da177e4
LT		 151
152 if (len < 0)
a50feda5 153 return true;
1da177e4 154
75f2811c 155 ptr = ipv6_skip_exthdr(skb, ptr, &nexthdr, &frag_off);
1da177e4 156 if (ptr < 0)
a50feda5 157 return false;
1da177e4
LT		 158 if (nexthdr == IPPROTO_ICMPV6) {
159 u8 _type, *tp;
160 tp = skb_header_pointer(skb,
161 ptr+offsetof(struct icmp6hdr, icmp6_type),
162 sizeof(_type), &_type);
63159f29 163 if (!tp || !(*tp & ICMPV6_INFOMSG_MASK))
a50feda5 164 return true;
1da177e4 165 }
a50feda5 166 return false;
1da177e4
LT		 167}
168
c0303efe
JDB		 169static bool icmpv6_mask_allow(int type)
170{
171 /* Informational messages are not limited. */
172 if (type & ICMPV6_INFOMSG_MASK)
173 return true;
174
175 /* Do not limit pmtu discovery, it would break it. */
176 if (type == ICMPV6_PKT_TOOBIG)
177 return true;
178
179 return false;
180}
181
182static bool icmpv6_global_allow(int type)
183{
184 if (icmpv6_mask_allow(type))
185 return true;
186
187 if (icmp_global_allow())
188 return true;
189
190 return false;
191}
192
1ab1457c
YH		 193/*
194 * Check the ICMP output rate limit
1da177e4 195 */
4cdf507d
ED		 196static bool icmpv6_xrlim_allow(struct sock *sk, u8 type,
197 struct flowi6 *fl6)
1da177e4 198{
3b1e0a65 199 struct net *net = sock_net(sk);
4cdf507d 200 struct dst_entry *dst;
92d86829 201 bool res = false;
1da177e4 202
c0303efe 203 if (icmpv6_mask_allow(type))
92d86829 204 return true;
1da177e4 205
1ab1457c 206 /*
1da177e4
LT		 207 * Look up the output route.
208 * XXX: perhaps the expire for routing entries cloned by
209 * this lookup should be more aggressive (not longer than timeout).
210 */
4c9483b2 211 dst = ip6_route_output(net, sk, fl6);
1da177e4 212 if (dst->error) {
3bd653c8 213 IP6_INC_STATS(net, ip6_dst_idev(dst),
a11d206d 214 IPSTATS_MIB_OUTNOROUTES);
1da177e4 215 } else if (dst->dev && (dst->dev->flags&IFF_LOOPBACK)) {
92d86829 216 res = true;
1da177e4
LT		 217 } else {
218 struct rt6_info *rt = (struct rt6_info *)dst;
9a43b709 219 int tmo = net->ipv6.sysctl.icmpv6_time;
c0303efe 220 struct inet_peer *peer;
1da177e4
LT		 221
222 /* Give more bandwidth to wider prefixes. */
223 if (rt->rt6i_dst.plen < 128)
224 tmo >>= ((128 - rt->rt6i_dst.plen)>>5);
225
c0303efe
JDB		 226 peer = inet_getpeer_v6(net->ipv6.peers, &fl6->daddr, 1);
227 res = inet_peer_xrlim_allow(peer, tmo);
228 if (peer)
229 inet_putpeer(peer);
1da177e4
LT		 230 }
231 dst_release(dst);
232 return res;
233}
234
235/*
236 * an inline helper for the "simple" if statement below
237 * checks if parameter problem report is caused by an
1ab1457c 238 * unrecognized IPv6 option that has the Option Type
1da177e4
LT		 239 * highest-order two bits set to 10
240 */
241
a50feda5 242static bool opt_unrec(struct sk_buff *skb, __u32 offset)
1da177e4
LT		 243{
244 u8 _optval, *op;
245
bbe735e4 246 offset += skb_network_offset(skb);
1da177e4 247 op = skb_header_pointer(skb, offset, sizeof(_optval), &_optval);
63159f29 248 if (!op)
a50feda5 249 return true;
1da177e4
LT		 250 return (*op & 0xC0) == 0x80;
251}
252
4e64b1ed
JP		 253void icmpv6_push_pending_frames(struct sock *sk, struct flowi6 *fl6,
254 struct icmp6hdr *thdr, int len)
1da177e4
LT		 255{
256 struct sk_buff *skb;
257 struct icmp6hdr *icmp6h;
1da177e4 258
e5d08d71 259 skb = skb_peek(&sk->sk_write_queue);
63159f29 260 if (!skb)
4e64b1ed 261 return;
1da177e4 262
cc70ab26 263 icmp6h = icmp6_hdr(skb);
1da177e4
LT		 264 memcpy(icmp6h, thdr, sizeof(struct icmp6hdr));
265 icmp6h->icmp6_cksum = 0;
266
267 if (skb_queue_len(&sk->sk_write_queue) == 1) {
07f0757a 268 skb->csum = csum_partial(icmp6h,
1da177e4 269 sizeof(struct icmp6hdr), skb->csum);
4c9483b2
DM		 270 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl6->saddr,
271 &fl6->daddr,
272 len, fl6->flowi6_proto,
1da177e4
LT		 273 skb->csum);
274 } else {
868c86bc 275 __wsum tmp_csum = 0;
1da177e4
LT		 276
277 skb_queue_walk(&sk->sk_write_queue, skb) {
278 tmp_csum = csum_add(tmp_csum, skb->csum);
279 }
280
07f0757a 281 tmp_csum = csum_partial(icmp6h,
1da177e4 282 sizeof(struct icmp6hdr), tmp_csum);
4c9483b2
DM		 283 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl6->saddr,
284 &fl6->daddr,
285 len, fl6->flowi6_proto,
868c86bc 286 tmp_csum);
1da177e4 287 }
1da177e4 288 ip6_push_pending_frames(sk);
1da177e4
LT		 289}
290
291struct icmpv6_msg {
292 struct sk_buff *skb;
293 int offset;
763ecff1 294 uint8_t type;
1da177e4
LT		 295};
296
297static int icmpv6_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb)
298{
299 struct icmpv6_msg *msg = (struct icmpv6_msg *) from;
300 struct sk_buff *org_skb = msg->skb;
5f92a738 301 __wsum csum = 0;
1da177e4
LT		 302
303 csum = skb_copy_and_csum_bits(org_skb, msg->offset + offset,
304 to, len, csum);
305 skb->csum = csum_block_add(skb->csum, csum, odd);
763ecff1
YK		 306 if (!(msg->type & ICMPV6_INFOMSG_MASK))
307 nf_ct_attach(skb, org_skb);
1da177e4
LT		 308 return 0;
309}
310
07a93626 311#if IS_ENABLED(CONFIG_IPV6_MIP6)
79383236
MN		 312static void mip6_addr_swap(struct sk_buff *skb)
313{
0660e03f 314 struct ipv6hdr *iph = ipv6_hdr(skb);
79383236
MN		 315 struct inet6_skb_parm *opt = IP6CB(skb);
316 struct ipv6_destopt_hao *hao;
317 struct in6_addr tmp;
318 int off;
319
320 if (opt->dsthao) {
321 off = ipv6_find_tlv(skb, opt->dsthao, IPV6_TLV_HAO);
322 if (likely(off >= 0)) {
d56f90a7
ACM		 323 hao = (struct ipv6_destopt_hao *)
324 (skb_network_header(skb) + off);
4e3fd7a0
AD		 325 tmp = iph->saddr;
326 iph->saddr = hao->addr;
327 hao->addr = tmp;
79383236
MN		 328 }
329 }
330}
331#else
332static inline void mip6_addr_swap(struct sk_buff *skb) {}
333#endif
334
e8243534 335static struct dst_entry *icmpv6_route_lookup(struct net *net,
336 struct sk_buff *skb,
337 struct sock *sk,
338 struct flowi6 *fl6)
b42835db
DM		 339{
340 struct dst_entry *dst, *dst2;
4c9483b2 341 struct flowi6 fl2;
b42835db
DM		 342 int err;
343
343d60aa 344 err = ip6_dst_lookup(net, sk, &dst, fl6);
b42835db
DM		 345 if (err)
346 return ERR_PTR(err);
347
348 /*
349 * We won't send icmp if the destination is known
350 * anycast.
351 */
2647a9b0 352 if (ipv6_anycast_destination(dst, &fl6->daddr)) {
ba7a46f1 353 net_dbg_ratelimited("icmp6_send: acast source\n");
b42835db
DM		 354 dst_release(dst);
355 return ERR_PTR(-EINVAL);
356 }
357
358 /* No need to clone since we're just using its address. */
359 dst2 = dst;
360
4c9483b2 361 dst = xfrm_lookup(net, dst, flowi6_to_flowi(fl6), sk, 0);
452edd59 362 if (!IS_ERR(dst)) {
b42835db
DM		 363 if (dst != dst2)
364 return dst;
452edd59
DM		 365 } else {
366 if (PTR_ERR(dst) == -EPERM)
367 dst = NULL;
368 else
369 return dst;
b42835db
DM		 370 }
371
4c9483b2 372 err = xfrm_decode_session_reverse(skb, flowi6_to_flowi(&fl2), AF_INET6);
b42835db
DM		 373 if (err)
374 goto relookup_failed;
375
343d60aa 376 err = ip6_dst_lookup(net, sk, &dst2, &fl2);
b42835db
DM		 377 if (err)
378 goto relookup_failed;
379
4c9483b2 380 dst2 = xfrm_lookup(net, dst2, flowi6_to_flowi(&fl2), sk, XFRM_LOOKUP_ICMP);
452edd59 381 if (!IS_ERR(dst2)) {
b42835db
DM		 382 dst_release(dst);
383 dst = dst2;
452edd59
DM		 384 } else {
385 err = PTR_ERR(dst2);
386 if (err == -EPERM) {
387 dst_release(dst);
388 return dst2;
389 } else
390 goto relookup_failed;
b42835db
DM		 391 }
392
393relookup_failed:
394 if (dst)
395 return dst;
396 return ERR_PTR(err);
397}
398
1b70d792
DA		 399static int icmp6_iif(const struct sk_buff *skb)
400{
401 int iif = skb->dev->ifindex;
402
403 /* for local traffic to local address, skb dev is the loopback
404 * device. Check if there is a dst attached to the skb and if so
405 * get the real device index.
406 */
407 if (unlikely(iif == LOOPBACK_IFINDEX)) {
408 const struct rt6_info *rt6 = skb_rt6_info(skb);
409
410 if (rt6)
411 iif = rt6->rt6i_idev->dev->ifindex;
412 }
413
414 return iif;
415}
416
1da177e4
LT		 417/*
418 * Send an ICMP message in response to a packet in error
419 */
b1cadc1a
ED		 420static void icmp6_send(struct sk_buff *skb, u8 type, u8 code, __u32 info,
421 const struct in6_addr *force_saddr)
1da177e4 422{
c346dca1 423 struct net *net = dev_net(skb->dev);
1da177e4 424 struct inet6_dev *idev = NULL;
0660e03f 425 struct ipv6hdr *hdr = ipv6_hdr(skb);
84427d53
YH		 426 struct sock *sk;
427 struct ipv6_pinfo *np;
b71d1d42 428 const struct in6_addr *saddr = NULL;
1da177e4
LT		 429 struct dst_entry *dst;
430 struct icmp6hdr tmp_hdr;
4c9483b2 431 struct flowi6 fl6;
1da177e4 432 struct icmpv6_msg msg;
c14ac945 433 struct sockcm_cookie sockc_unused = {0};
26879da5 434 struct ipcm6_cookie ipc6;
1da177e4
LT		 435 int iif = 0;
436 int addr_type = 0;
437 int len;
e110861f 438 u32 mark = IP6_REPLY_MARK(net, skb->mark);
1da177e4 439
27a884dc 440 if ((u8 *)hdr < skb->head ||
29a3cad5 441 (skb_network_header(skb) + sizeof(*hdr)) > skb_tail_pointer(skb))
1da177e4
LT		 442 return;
443
444 /*
1ab1457c 445 * Make sure we respect the rules
1da177e4 446 * i.e. RFC 1885 2.4(e)
5f5624cf 447 * Rule (e.1) is enforced by not using icmp6_send
1da177e4
LT		 448 * in any code that processes icmp errors.
449 */
450 addr_type = ipv6_addr_type(&hdr->daddr);
451
446fab59 452 if (ipv6_chk_addr(net, &hdr->daddr, skb->dev, 0) ||
d94c1f92 453 ipv6_chk_acast_addr_src(net, skb->dev, &hdr->daddr))
1da177e4
LT		 454 saddr = &hdr->daddr;
455
456 /*
457 * Dest addr check
458 */
459
9a6b4b39 460 if (addr_type & IPV6_ADDR_MULTICAST || skb->pkt_type != PACKET_HOST) {
1da177e4 461 if (type != ICMPV6_PKT_TOOBIG &&
1ab1457c
YH		 462 !(type == ICMPV6_PARAMPROB &&
463 code == ICMPV6_UNK_OPTION &&
1da177e4
LT		 464 (opt_unrec(skb, info))))
465 return;
466
467 saddr = NULL;
468 }
469
470 addr_type = ipv6_addr_type(&hdr->saddr);
471
472 /*
473 * Source addr check
474 */
475
4832c30d 476 if (__ipv6_addr_needs_scope_id(addr_type)) {
1b70d792 477 iif = icmp6_iif(skb);
4832c30d 478 } else {
79dc7e3f
DA		 479 dst = skb_dst(skb);
480 iif = l3mdev_master_ifindex(dst ? dst->dev : skb->dev);
481 }
1da177e4
LT		 482
483 /*
8de3351e
YH		 484 * Must not send error if the source does not uniquely
485 * identify a single node (RFC2463 Section 2.4).
486 * We check unspecified / multicast addresses here,
487 * and anycast addresses will be checked later.
1da177e4
LT		 488 */
489 if ((addr_type == IPV6_ADDR_ANY) || (addr_type & IPV6_ADDR_MULTICAST)) {
4b3418fb
BM		 490 net_dbg_ratelimited("icmp6_send: addr_any/mcast source [%pI6c > %pI6c]\n",
491 &hdr->saddr, &hdr->daddr);
1da177e4
LT		 492 return;
493 }
494
1ab1457c 495 /*
1da177e4
LT		 496 * Never answer to a ICMP packet.
497 */
498 if (is_ineligible(skb)) {
4b3418fb
BM		 499 net_dbg_ratelimited("icmp6_send: no reply to icmp error [%pI6c > %pI6c]\n",
500 &hdr->saddr, &hdr->daddr);
1da177e4
LT		 501 return;
502 }
503
7ba91ecb
JDB		 504 /* Needed by both icmp_global_allow and icmpv6_xmit_lock */
505 local_bh_disable();
506
507 /* Check global sysctl_icmp_msgs_per_sec ratelimit */
849a44de 508 if (!(skb->dev->flags&IFF_LOOPBACK) && !icmpv6_global_allow(type))
7ba91ecb
JDB		 509 goto out_bh_enable;
510
79383236
MN		 511 mip6_addr_swap(skb);
512
4c9483b2
DM		 513 memset(&fl6, 0, sizeof(fl6));
514 fl6.flowi6_proto = IPPROTO_ICMPV6;
4e3fd7a0 515 fl6.daddr = hdr->saddr;
b1cadc1a
ED		 516 if (force_saddr)
517 saddr = force_saddr;
1da177e4 518 if (saddr)
4e3fd7a0 519 fl6.saddr = *saddr;
e110861f 520 fl6.flowi6_mark = mark;
4c9483b2 521 fl6.flowi6_oif = iif;
1958b856
DM		 522 fl6.fl6_icmp_type = type;
523 fl6.fl6_icmp_code = code;
e2d118a1 524 fl6.flowi6_uid = sock_net_uid(net, NULL);
23aebdac 525 fl6.mp_hash = rt6_multipath_hash(&fl6, skb);
4c9483b2 526 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
1da177e4 527
fdc0bde9 528 sk = icmpv6_xmit_lock(net);
63159f29 529 if (!sk)
7ba91ecb 530 goto out_bh_enable;
c0303efe 531
e110861f 532 sk->sk_mark = mark;
fdc0bde9 533 np = inet6_sk(sk);
405666db 534
4c9483b2 535 if (!icmpv6_xrlim_allow(sk, type, &fl6))
1da177e4
LT		 536 goto out;
537
538 tmp_hdr.icmp6_type = type;
539 tmp_hdr.icmp6_code = code;
540 tmp_hdr.icmp6_cksum = 0;
541 tmp_hdr.icmp6_pointer = htonl(info);
542
4c9483b2
DM		 543 if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr))
544 fl6.flowi6_oif = np->mcast_oif;
c4062dfc
EH		 545 else if (!fl6.flowi6_oif)
546 fl6.flowi6_oif = np->ucast_oif;
1da177e4 547
38b7097b
HFS		 548 ipc6.tclass = np->tclass;
549 fl6.flowlabel = ip6_make_flowinfo(ipc6.tclass, fl6.flowlabel);
550
4c9483b2 551 dst = icmpv6_route_lookup(net, skb, sk, &fl6);
b42835db 552 if (IS_ERR(dst))
1da177e4 553 goto out;
8de3351e 554
26879da5 555 ipc6.hlimit = ip6_sk_dst_hoplimit(np, &fl6, dst);
26879da5
WW		 556 ipc6.dontfrag = np->dontfrag;
557 ipc6.opt = NULL;
1da177e4
LT		 558
559 msg.skb = skb;
bbe735e4 560 msg.offset = skb_network_offset(skb);
763ecff1 561 msg.type = type;
1da177e4
LT		 562
563 len = skb->len - msg.offset;
67ba4152 564 len = min_t(unsigned int, len, IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(struct icmp6hdr));
1da177e4 565 if (len < 0) {
4b3418fb
BM		 566 net_dbg_ratelimited("icmp: len problem [%pI6c > %pI6c]\n",
567 &hdr->saddr, &hdr->daddr);
1da177e4
LT		 568 goto out_dst_release;
569 }
570
cfdf7647
ED		 571 rcu_read_lock();
572 idev = __in6_dev_get(skb->dev);
1da177e4 573
4e64b1ed
JP		 574 if (ip6_append_data(sk, icmpv6_getfrag, &msg,
575 len + sizeof(struct icmp6hdr),
576 sizeof(struct icmp6hdr),
577 &ipc6, &fl6, (struct rt6_info *)dst,
578 MSG_DONTWAIT, &sockc_unused)) {
43a43b60 579 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTERRORS);
1da177e4 580 ip6_flush_pending_frames(sk);
cfdf7647 581 } else {
4e64b1ed
JP		 582 icmpv6_push_pending_frames(sk, &fl6, &tmp_hdr,
583 len + sizeof(struct icmp6hdr));
1da177e4 584 }
cfdf7647 585 rcu_read_unlock();
1da177e4
LT		 586out_dst_release:
587 dst_release(dst);
588out:
405666db 589 icmpv6_xmit_unlock(sk);
7ba91ecb
JDB		 590out_bh_enable:
591 local_bh_enable();
1da177e4 592}
5f5624cf
PS		 593
594/* Slightly more convenient version of icmp6_send.
595 */
596void icmpv6_param_prob(struct sk_buff *skb, u8 code, int pos)
597{
b1cadc1a 598 icmp6_send(skb, ICMPV6_PARAMPROB, code, pos, NULL);
5f5624cf
PS		 599 kfree_skb(skb);
600}
7159039a 601
5fbba8ac
ED		 602/* Generate icmpv6 with type/code ICMPV6_DEST_UNREACH/ICMPV6_ADDR_UNREACH
603 * if sufficient data bytes are available
604 * @nhs is the size of the tunnel header(s) :
605 * Either an IPv4 header for SIT encap
606 * an IPv4 header + GRE header for GRE encap
607 */
20e1954f
ED		 608int ip6_err_gen_icmpv6_unreach(struct sk_buff *skb, int nhs, int type,
609 unsigned int data_len)
5fbba8ac 610{
2d7a3b27 611 struct in6_addr temp_saddr;
5fbba8ac
ED		 612 struct rt6_info *rt;
613 struct sk_buff *skb2;
20e1954f 614 u32 info = 0;
5fbba8ac
ED		 615
616 if (!pskb_may_pull(skb, nhs + sizeof(struct ipv6hdr) + 8))
617 return 1;
618
20e1954f
ED		 619 /* RFC 4884 (partial) support for ICMP extensions */
620 if (data_len < 128 || (data_len & 7) || skb->len < data_len)
621 data_len = 0;
622
623 skb2 = data_len ? skb_copy(skb, GFP_ATOMIC) : skb_clone(skb, GFP_ATOMIC);
5fbba8ac
ED		 624
625 if (!skb2)
626 return 1;
627
628 skb_dst_drop(skb2);
629 skb_pull(skb2, nhs);
630 skb_reset_network_header(skb2);
631
632 rt = rt6_lookup(dev_net(skb->dev), &ipv6_hdr(skb2)->saddr, NULL, 0, 0);
633
634 if (rt && rt->dst.dev)
635 skb2->dev = rt->dst.dev;
636
2d7a3b27 637 ipv6_addr_set_v4mapped(ip_hdr(skb)->saddr, &temp_saddr);
20e1954f
ED		 638
639 if (data_len) {
640 /* RFC 4884 (partial) support :
641 * insert 0 padding at the end, before the extensions
642 */
643 __skb_push(skb2, nhs);
644 skb_reset_network_header(skb2);
645 memmove(skb2->data, skb2->data + nhs, data_len - nhs);
646 memset(skb2->data + data_len - nhs, 0, nhs);
647 /* RFC 4884 4.5 : Length is measured in 64-bit words,
648 * and stored in reserved[0]
649 */
650 info = (data_len/8) << 24;
651 }
2d7a3b27
ED		 652 if (type == ICMP_TIME_EXCEEDED)
653 icmp6_send(skb2, ICMPV6_TIME_EXCEED, ICMPV6_EXC_HOPLIMIT,
20e1954f 654 info, &temp_saddr);
2d7a3b27
ED		 655 else
656 icmp6_send(skb2, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH,
20e1954f 657 info, &temp_saddr);
5fbba8ac
ED		 658 if (rt)
659 ip6_rt_put(rt);
660
661 kfree_skb(skb2);
662
663 return 0;
664}
665EXPORT_SYMBOL(ip6_err_gen_icmpv6_unreach);
666
1da177e4
LT		 667static void icmpv6_echo_reply(struct sk_buff *skb)
668{
c346dca1 669 struct net *net = dev_net(skb->dev);
84427d53 670 struct sock *sk;
1da177e4 671 struct inet6_dev *idev;
84427d53 672 struct ipv6_pinfo *np;
b71d1d42 673 const struct in6_addr *saddr = NULL;
cc70ab26 674 struct icmp6hdr *icmph = icmp6_hdr(skb);
1da177e4 675 struct icmp6hdr tmp_hdr;
4c9483b2 676 struct flowi6 fl6;
1da177e4
LT		 677 struct icmpv6_msg msg;
678 struct dst_entry *dst;
26879da5 679 struct ipcm6_cookie ipc6;
e110861f 680 u32 mark = IP6_REPLY_MARK(net, skb->mark);
c14ac945 681 struct sockcm_cookie sockc_unused = {0};
1da177e4 682
0660e03f 683 saddr = &ipv6_hdr(skb)->daddr;
1da177e4 684
509aba3b 685 if (!ipv6_unicast_destination(skb) &&
ec35b61e 686 !(net->ipv6.sysctl.anycast_src_echo_reply &&
2647a9b0 687 ipv6_anycast_destination(skb_dst(skb), saddr)))
1da177e4
LT		 688 saddr = NULL;
689
690 memcpy(&tmp_hdr, icmph, sizeof(tmp_hdr));
691 tmp_hdr.icmp6_type = ICMPV6_ECHO_REPLY;
692
4c9483b2
DM		 693 memset(&fl6, 0, sizeof(fl6));
694 fl6.flowi6_proto = IPPROTO_ICMPV6;
4e3fd7a0 695 fl6.daddr = ipv6_hdr(skb)->saddr;
1da177e4 696 if (saddr)
4e3fd7a0 697 fl6.saddr = *saddr;
1b70d792 698 fl6.flowi6_oif = icmp6_iif(skb);
1958b856 699 fl6.fl6_icmp_type = ICMPV6_ECHO_REPLY;
e110861f 700 fl6.flowi6_mark = mark;
e2d118a1 701 fl6.flowi6_uid = sock_net_uid(net, NULL);
4c9483b2 702 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
1da177e4 703
7ba91ecb 704 local_bh_disable();
fdc0bde9 705 sk = icmpv6_xmit_lock(net);
63159f29 706 if (!sk)
7ba91ecb 707 goto out_bh_enable;
e110861f 708 sk->sk_mark = mark;
fdc0bde9 709 np = inet6_sk(sk);
405666db 710
4c9483b2
DM		 711 if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr))
712 fl6.flowi6_oif = np->mcast_oif;
c4062dfc
EH		 713 else if (!fl6.flowi6_oif)
714 fl6.flowi6_oif = np->ucast_oif;
1da177e4 715
4e64b1ed 716 if (ip6_dst_lookup(net, sk, &dst, &fl6))
1da177e4 717 goto out;
4c9483b2 718 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), sk, 0);
452edd59 719 if (IS_ERR(dst))
e104411b 720 goto out;
1da177e4 721
cfdf7647 722 idev = __in6_dev_get(skb->dev);
1da177e4
LT		 723
724 msg.skb = skb;
725 msg.offset = 0;
763ecff1 726 msg.type = ICMPV6_ECHO_REPLY;
1da177e4 727
26879da5
WW		 728 ipc6.hlimit = ip6_sk_dst_hoplimit(np, &fl6, dst);
729 ipc6.tclass = ipv6_get_dsfield(ipv6_hdr(skb));
730 ipc6.dontfrag = np->dontfrag;
731 ipc6.opt = NULL;
732
4e64b1ed
JP		 733 if (ip6_append_data(sk, icmpv6_getfrag, &msg,
734 skb->len + sizeof(struct icmp6hdr),
735 sizeof(struct icmp6hdr), &ipc6, &fl6,
736 (struct rt6_info *)dst, MSG_DONTWAIT,
737 &sockc_unused)) {
a16292a0 738 __ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTERRORS);
1da177e4 739 ip6_flush_pending_frames(sk);
cfdf7647 740 } else {
4e64b1ed
JP		 741 icmpv6_push_pending_frames(sk, &fl6, &tmp_hdr,
742 skb->len + sizeof(struct icmp6hdr));
1da177e4 743 }
1da177e4 744 dst_release(dst);
1ab1457c 745out:
405666db 746 icmpv6_xmit_unlock(sk);
7ba91ecb
JDB		 747out_bh_enable:
748 local_bh_enable();
1da177e4
LT		 749}
750
b94f1c09 751void icmpv6_notify(struct sk_buff *skb, u8 type, u8 code, __be32 info)
1da177e4 752{
41135cc8 753 const struct inet6_protocol *ipprot;
1da177e4 754 int inner_offset;
75f2811c 755 __be16 frag_off;
f9242b6b 756 u8 nexthdr;
7304fe46 757 struct net *net = dev_net(skb->dev);
1da177e4
LT		 758
759 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
7304fe46 760 goto out;
1da177e4
LT		 761
762 nexthdr = ((struct ipv6hdr *)skb->data)->nexthdr;
763 if (ipv6_ext_hdr(nexthdr)) {
764 /* now skip over extension headers */
75f2811c
JG		 765 inner_offset = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr),
766 &nexthdr, &frag_off);
67ba4152 767 if (inner_offset < 0)
7304fe46 768 goto out;
1da177e4
LT		 769 } else {
770 inner_offset = sizeof(struct ipv6hdr);
771 }
772
773 /* Checkin header including 8 bytes of inner protocol header. */
774 if (!pskb_may_pull(skb, inner_offset+8))
7304fe46 775 goto out;
1da177e4 776
1da177e4
LT		 777 /* BUGGG_FUTURE: we should try to parse exthdrs in this packet.
778 Without this we will not able f.e. to make source routed
779 pmtu discovery.
780 Corresponding argument (opt) to notifiers is already added.
781 --ANK (980726)
782 */
783
f9242b6b 784 ipprot = rcu_dereference(inet6_protos[nexthdr]);
1da177e4
LT		 785 if (ipprot && ipprot->err_handler)
786 ipprot->err_handler(skb, NULL, type, code, inner_offset, info);
1da177e4 787
69d6da0b 788 raw6_icmp_error(skb, nexthdr, type, code, inner_offset, info);
7304fe46
DJ		 789 return;
790
791out:
a16292a0 792 __ICMP6_INC_STATS(net, __in6_dev_get(skb->dev), ICMP6_MIB_INERRORS);
1da177e4 793}
1ab1457c 794
1da177e4
LT		 795/*
796 * Handle icmp messages
797 */
798
e5bbef20 799static int icmpv6_rcv(struct sk_buff *skb)
1da177e4 800{
1da177e4
LT		 801 struct net_device *dev = skb->dev;
802 struct inet6_dev *idev = __in6_dev_get(dev);
b71d1d42 803 const struct in6_addr *saddr, *daddr;
1da177e4 804 struct icmp6hdr *hdr;
d5fdd6ba 805 u8 type;
e3e32170 806 bool success = false;
1da177e4 807
aebcf82c 808 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
def8b4fa 809 struct sec_path *sp = skb_sec_path(skb);
8b7817f3
HX		 810 int nh;
811
def8b4fa 812 if (!(sp && sp->xvec[sp->len - 1]->props.flags &
aebcf82c
HX		 813 XFRM_STATE_ICMP))
814 goto drop_no_count;
815
81aded24 816 if (!pskb_may_pull(skb, sizeof(*hdr) + sizeof(struct ipv6hdr)))
8b7817f3
HX		 817 goto drop_no_count;
818
819 nh = skb_network_offset(skb);
820 skb_set_network_header(skb, sizeof(*hdr));
821
822 if (!xfrm6_policy_check_reverse(NULL, XFRM_POLICY_IN, skb))
823 goto drop_no_count;
824
825 skb_set_network_header(skb, nh);
826 }
827
a16292a0 828 __ICMP6_INC_STATS(dev_net(dev), idev, ICMP6_MIB_INMSGS);
1da177e4 829
0660e03f
ACM		 830 saddr = &ipv6_hdr(skb)->saddr;
831 daddr = &ipv6_hdr(skb)->daddr;
1da177e4 832
39471ac8 833 if (skb_checksum_validate(skb, IPPROTO_ICMPV6, ip6_compute_pseudo)) {
ba7a46f1
JP		 834 net_dbg_ratelimited("ICMPv6 checksum failed [%pI6c > %pI6c]\n",
835 saddr, daddr);
39471ac8 836 goto csum_error;
1da177e4
LT		 837 }
838
8cf22943
HX		 839 if (!pskb_pull(skb, sizeof(*hdr)))
840 goto discard_it;
1da177e4 841
cc70ab26 842 hdr = icmp6_hdr(skb);
1da177e4
LT		 843
844 type = hdr->icmp6_type;
845
f3832ed2 846 ICMP6MSGIN_INC_STATS(dev_net(dev), idev, type);
1da177e4
LT		 847
848 switch (type) {
849 case ICMPV6_ECHO_REQUEST:
850 icmpv6_echo_reply(skb);
851 break;
852
853 case ICMPV6_ECHO_REPLY:
e3e32170 854 success = ping_rcv(skb);
1da177e4
LT		 855 break;
856
857 case ICMPV6_PKT_TOOBIG:
858 /* BUGGG_FUTURE: if packet contains rthdr, we cannot update
859 standard destination cache. Seems, only "advanced"
860 destination cache will allow to solve this problem
861 --ANK (980726)
862 */
863 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
864 goto discard_it;
cc70ab26 865 hdr = icmp6_hdr(skb);
1da177e4 866
275757e6
GS		 867 /* to notify */
868 /* fall through */
1da177e4
LT		 869 case ICMPV6_DEST_UNREACH:
870 case ICMPV6_TIME_EXCEED:
871 case ICMPV6_PARAMPROB:
872 icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu);
873 break;
874
875 case NDISC_ROUTER_SOLICITATION:
876 case NDISC_ROUTER_ADVERTISEMENT:
877 case NDISC_NEIGHBOUR_SOLICITATION:
878 case NDISC_NEIGHBOUR_ADVERTISEMENT:
879 case NDISC_REDIRECT:
880 ndisc_rcv(skb);
881 break;
882
883 case ICMPV6_MGM_QUERY:
884 igmp6_event_query(skb);
885 break;
886
887 case ICMPV6_MGM_REPORT:
888 igmp6_event_report(skb);
889 break;
890
891 case ICMPV6_MGM_REDUCTION:
892 case ICMPV6_NI_QUERY:
893 case ICMPV6_NI_REPLY:
894 case ICMPV6_MLD2_REPORT:
895 case ICMPV6_DHAAD_REQUEST:
896 case ICMPV6_DHAAD_REPLY:
897 case ICMPV6_MOBILE_PREFIX_SOL:
898 case ICMPV6_MOBILE_PREFIX_ADV:
899 break;
900
901 default:
1da177e4
LT		 902 /* informational */
903 if (type & ICMPV6_INFOMSG_MASK)
904 break;
905
4b3418fb
BM		 906 net_dbg_ratelimited("icmpv6: msg of unknown type [%pI6c > %pI6c]\n",
907 saddr, daddr);
ea85a0a2 908
1ab1457c
YH		 909 /*
910 * error of unknown type.
911 * must pass to upper level
1da177e4
LT		 912 */
913
914 icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu);
3ff50b79
SH		 915 }
916
e3e32170
RJ		 917 /* until the v6 path can be better sorted assume failure and
918 * preserve the status quo behaviour for the rest of the paths to here
919 */
920 if (success)
921 consume_skb(skb);
922 else
923 kfree_skb(skb);
924
1da177e4
LT		 925 return 0;
926
6a5dc9e5 927csum_error:
a16292a0 928 __ICMP6_INC_STATS(dev_net(dev), idev, ICMP6_MIB_CSUMERRORS);
1da177e4 929discard_it:
a16292a0 930 __ICMP6_INC_STATS(dev_net(dev), idev, ICMP6_MIB_INERRORS);
8b7817f3 931drop_no_count:
1da177e4
LT		 932 kfree_skb(skb);
933 return 0;
934}
935
4c9483b2 936void icmpv6_flow_init(struct sock *sk, struct flowi6 *fl6,
95e41e93
YH		 937 u8 type,
938 const struct in6_addr *saddr,
939 const struct in6_addr *daddr,
940 int oif)
941{
4c9483b2 942 memset(fl6, 0, sizeof(*fl6));
4e3fd7a0
AD		 943 fl6->saddr = *saddr;
944 fl6->daddr = *daddr;
67ba4152 945 fl6->flowi6_proto = IPPROTO_ICMPV6;
1958b856
DM		 946 fl6->fl6_icmp_type = type;
947 fl6->fl6_icmp_code = 0;
4c9483b2
DM		 948 fl6->flowi6_oif = oif;
949 security_sk_classify_flow(sk, flowi6_to_flowi(fl6));
95e41e93
YH		 950}
951
98c6d1b2 952static int __net_init icmpv6_sk_init(struct net *net)
1da177e4
LT		 953{
954 struct sock *sk;
955 int err, i, j;
956
98c6d1b2
DL		 957 net->ipv6.icmp_sk =
958 kzalloc(nr_cpu_ids * sizeof(struct sock *), GFP_KERNEL);
63159f29 959 if (!net->ipv6.icmp_sk)
79c91159
DL		 960 return -ENOMEM;
961
6f912042 962 for_each_possible_cpu(i) {
1ed8516f
DL		 963 err = inet_ctl_sock_create(&sk, PF_INET6,
964 SOCK_RAW, IPPROTO_ICMPV6, net);
1da177e4 965 if (err < 0) {
f3213831 966 pr_err("Failed to initialize the ICMP6 control socket (err %d)\n",
1da177e4
LT		 967 err);
968 goto fail;
969 }
970
1ed8516f 971 net->ipv6.icmp_sk[i] = sk;
5c8cafd6 972
1da177e4
LT		 973 /* Enough space for 2 64K ICMP packets, including
974 * sk_buff struct overhead.
975 */
87fb4b7b 976 sk->sk_sndbuf = 2 * SKB_TRUESIZE(64 * 1024);
1da177e4 977 }
1da177e4
LT		 978 return 0;
979
980 fail:
5c8cafd6 981 for (j = 0; j < i; j++)
1ed8516f 982 inet_ctl_sock_destroy(net->ipv6.icmp_sk[j]);
98c6d1b2 983 kfree(net->ipv6.icmp_sk);
1da177e4
LT		 984 return err;
985}
986
98c6d1b2 987static void __net_exit icmpv6_sk_exit(struct net *net)
1da177e4
LT		 988{
989 int i;
990
6f912042 991 for_each_possible_cpu(i) {
1ed8516f 992 inet_ctl_sock_destroy(net->ipv6.icmp_sk[i]);
1da177e4 993 }
98c6d1b2
DL		 994 kfree(net->ipv6.icmp_sk);
995}
996
8ed7edce 997static struct pernet_operations icmpv6_sk_ops = {
67ba4152
IM		 998 .init = icmpv6_sk_init,
999 .exit = icmpv6_sk_exit,
98c6d1b2
DL		 1000};
1001
1002int __init icmpv6_init(void)
1003{
1004 int err;
1005
1006 err = register_pernet_subsys(&icmpv6_sk_ops);
1007 if (err < 0)
1008 return err;
1009
1010 err = -EAGAIN;
1011 if (inet6_add_protocol(&icmpv6_protocol, IPPROTO_ICMPV6) < 0)
1012 goto fail;
5f5624cf
PS		 1013
1014 err = inet6_register_icmp_sender(icmp6_send);
1015 if (err)
1016 goto sender_reg_err;
98c6d1b2
DL		 1017 return 0;
1018
5f5624cf
PS		 1019sender_reg_err:
1020 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6);
98c6d1b2 1021fail:
f3213831 1022 pr_err("Failed to register ICMP6 protocol\n");
98c6d1b2
DL		 1023 unregister_pernet_subsys(&icmpv6_sk_ops);
1024 return err;
1025}
1026
8ed7edce 1027void icmpv6_cleanup(void)
98c6d1b2 1028{
5f5624cf 1029 inet6_unregister_icmp_sender(icmp6_send);
98c6d1b2 1030 unregister_pernet_subsys(&icmpv6_sk_ops);
1da177e4
LT		 1031 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6);
1032}
1033
98c6d1b2 1034
9b5b5cff 1035static const struct icmp6_err {
1da177e4
LT		 1036 int err;
1037 int fatal;
1038} tab_unreach[] = {
1039 { /* NOROUTE */
1040 .err = ENETUNREACH,
1041 .fatal = 0,
1042 },
1043 { /* ADM_PROHIBITED */
1044 .err = EACCES,
1045 .fatal = 1,
1046 },
1047 { /* Was NOT_NEIGHBOUR, now reserved */
1048 .err = EHOSTUNREACH,
1049 .fatal = 0,
1050 },
1051 { /* ADDR_UNREACH */
1052 .err = EHOSTUNREACH,
1053 .fatal = 0,
1054 },
1055 { /* PORT_UNREACH */
1056 .err = ECONNREFUSED,
1057 .fatal = 1,
1058 },
61e76b17
JB		 1059 { /* POLICY_FAIL */
1060 .err = EACCES,
1061 .fatal = 1,
1062 },
1063 { /* REJECT_ROUTE */
1064 .err = EACCES,
1065 .fatal = 1,
1066 },
1da177e4
LT		 1067};
1068
d5fdd6ba 1069int icmpv6_err_convert(u8 type, u8 code, int *err)
1da177e4
LT		 1070{
1071 int fatal = 0;
1072
1073 *err = EPROTO;
1074
1075 switch (type) {
1076 case ICMPV6_DEST_UNREACH:
1077 fatal = 1;
61e76b17 1078 if (code < ARRAY_SIZE(tab_unreach)) {
1da177e4
LT		 1079 *err = tab_unreach[code].err;
1080 fatal = tab_unreach[code].fatal;
1081 }
1082 break;
1083
1084 case ICMPV6_PKT_TOOBIG:
1085 *err = EMSGSIZE;
1086 break;
1ab1457c 1087
1da177e4
LT		 1088 case ICMPV6_PARAMPROB:
1089 *err = EPROTO;
1090 fatal = 1;
1091 break;
1092
1093 case ICMPV6_TIME_EXCEED:
1094 *err = EHOSTUNREACH;
1095 break;
3ff50b79 1096 }
1da177e4
LT		 1097
1098 return fatal;
1099}
7159039a
YH		 1100EXPORT_SYMBOL(icmpv6_err_convert);
1101
1da177e4 1102#ifdef CONFIG_SYSCTL
e8243534 1103static struct ctl_table ipv6_icmp_table_template[] = {
1da177e4 1104 {
1da177e4 1105 .procname = "ratelimit",
41a76906 1106 .data = &init_net.ipv6.sysctl.icmpv6_time,
1da177e4
LT		 1107 .maxlen = sizeof(int),
1108 .mode = 0644,
6d9f239a 1109 .proc_handler = proc_dointvec_ms_jiffies,
1da177e4 1110 },
f8572d8f 1111 { },
1da177e4 1112};
760f2d01 1113
2c8c1e72 1114struct ctl_table * __net_init ipv6_icmp_sysctl_init(struct net *net)
760f2d01
DL		 1115{
1116 struct ctl_table *table;
1117
1118 table = kmemdup(ipv6_icmp_table_template,
1119 sizeof(ipv6_icmp_table_template),
1120 GFP_KERNEL);
5ee09105 1121
c027aab4 1122 if (table)
5ee09105
YH		 1123 table[0].data = &net->ipv6.sysctl.icmpv6_time;
1124
760f2d01
DL		 1125 return table;
1126}
1da177e4 1127#endif
ubuntu-bionic-kernel mirror