]> git.proxmox.com Git - mirror_ubuntu-kernels.git/blob - net/ipv6/ndisc.c
projects / mirror_ubuntu-kernels.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152
[mirror_ubuntu-kernels.git] / net / ipv6 / ndisc.c
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Neighbour Discovery for IPv6
4 * Linux INET6 implementation
5 *
6 * Authors:
7 * Pedro Roque <roque@di.fc.ul.pt>
8 * Mike Shaver <shaver@ingenia.com>
9 */
10
11 /*
12 * Changes:
13 *
14 * Alexey I. Froloff : RFC6106 (DNSSL) support
15 * Pierre Ynard : export userland ND options
16 * through netlink (RDNSS support)
17 * Lars Fenneberg : fixed MTU setting on receipt
18 * of an RA.
19 * Janos Farkas : kmalloc failure checks
20 * Alexey Kuznetsov : state machine reworked
21 * and moved to net/core.
22 * Pekka Savola : RFC2461 validation
23 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
24 */
25
26 #define pr_fmt(fmt) "ICMPv6: " fmt
27
28 #include <linux/module.h>
29 #include <linux/errno.h>
30 #include <linux/types.h>
31 #include <linux/socket.h>
32 #include <linux/sockios.h>
33 #include <linux/sched.h>
34 #include <linux/net.h>
35 #include <linux/in6.h>
36 #include <linux/route.h>
37 #include <linux/init.h>
38 #include <linux/rcupdate.h>
39 #include <linux/slab.h>
40 #ifdef CONFIG_SYSCTL
41 #include <linux/sysctl.h>
42 #endif
43
44 #include <linux/if_addr.h>
45 #include <linux/if_ether.h>
46 #include <linux/if_arp.h>
47 #include <linux/ipv6.h>
48 #include <linux/icmpv6.h>
49 #include <linux/jhash.h>
50
51 #include <net/sock.h>
52 #include <net/snmp.h>
53
54 #include <net/ipv6.h>
55 #include <net/protocol.h>
56 #include <net/ndisc.h>
57 #include <net/ip6_route.h>
58 #include <net/addrconf.h>
59 #include <net/icmp.h>
60
61 #include <net/netlink.h>
62 #include <linux/rtnetlink.h>
63
64 #include <net/flow.h>
65 #include <net/ip6_checksum.h>
66 #include <net/inet_common.h>
67 #include <linux/proc_fs.h>
68
69 #include <linux/netfilter.h>
70 #include <linux/netfilter_ipv6.h>
71
72 static u32 ndisc_hash(const void *pkey,
73 const struct net_device *dev,
74 __u32 *hash_rnd);
75 static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey);
76 static bool ndisc_allow_add(const struct net_device *dev,
77 struct netlink_ext_ack *extack);
78 static int ndisc_constructor(struct neighbour *neigh);
79 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
80 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
81 static int pndisc_constructor(struct pneigh_entry *n);
82 static void pndisc_destructor(struct pneigh_entry *n);
83 static void pndisc_redo(struct sk_buff *skb);
84
85 static const struct neigh_ops ndisc_generic_ops = {
86 .family = AF_INET6,
87 .solicit = ndisc_solicit,
88 .error_report = ndisc_error_report,
89 .output = neigh_resolve_output,
90 .connected_output = neigh_connected_output,
91 };
92
93 static const struct neigh_ops ndisc_hh_ops = {
94 .family = AF_INET6,
95 .solicit = ndisc_solicit,
96 .error_report = ndisc_error_report,
97 .output = neigh_resolve_output,
98 .connected_output = neigh_resolve_output,
99 };
100
101
102 static const struct neigh_ops ndisc_direct_ops = {
103 .family = AF_INET6,
104 .output = neigh_direct_output,
105 .connected_output = neigh_direct_output,
106 };
107
108 struct neigh_table nd_tbl = {
109 .family = AF_INET6,
110 .key_len = sizeof(struct in6_addr),
111 .protocol = cpu_to_be16(ETH_P_IPV6),
112 .hash = ndisc_hash,
113 .key_eq = ndisc_key_eq,
114 .constructor = ndisc_constructor,
115 .pconstructor = pndisc_constructor,
116 .pdestructor = pndisc_destructor,
117 .proxy_redo = pndisc_redo,
118 .allow_add = ndisc_allow_add,
119 .id = "ndisc_cache",
120 .parms = {
121 .tbl = &nd_tbl,
122 .reachable_time = ND_REACHABLE_TIME,
123 .data = {
124 [NEIGH_VAR_MCAST_PROBES] = 3,
125 [NEIGH_VAR_UCAST_PROBES] = 3,
126 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
127 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
128 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
129 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
130 [NEIGH_VAR_QUEUE_LEN_BYTES] = SK_WMEM_MAX,
131 [NEIGH_VAR_PROXY_QLEN] = 64,
132 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
133 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
134 },
135 },
136 .gc_interval = 30 * HZ,
137 .gc_thresh1 = 128,
138 .gc_thresh2 = 512,
139 .gc_thresh3 = 1024,
140 };
141 EXPORT_SYMBOL_GPL(nd_tbl);
142
143 void __ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data,
144 int data_len, int pad)
145 {
146 int space = __ndisc_opt_addr_space(data_len, pad);
147 u8 *opt = skb_put(skb, space);
148
149 opt[0] = type;
150 opt[1] = space>>3;
151
152 memset(opt + 2, 0, pad);
153 opt += pad;
154 space -= pad;
155
156 memcpy(opt+2, data, data_len);
157 data_len += 2;
158 opt += data_len;
159 space -= data_len;
160 if (space > 0)
161 memset(opt, 0, space);
162 }
163 EXPORT_SYMBOL_GPL(__ndisc_fill_addr_option);
164
165 static inline void ndisc_fill_addr_option(struct sk_buff *skb, int type,
166 void *data, u8 icmp6_type)
167 {
168 __ndisc_fill_addr_option(skb, type, data, skb->dev->addr_len,
169 ndisc_addr_option_pad(skb->dev->type));
170 ndisc_ops_fill_addr_option(skb->dev, skb, icmp6_type);
171 }
172
173 static inline void ndisc_fill_redirect_addr_option(struct sk_buff *skb,
174 void *ha,
175 const u8 *ops_data)
176 {
177 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR, ha, NDISC_REDIRECT);
178 ndisc_ops_fill_redirect_addr_option(skb->dev, skb, ops_data);
179 }
180
181 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
182 struct nd_opt_hdr *end)
183 {
184 int type;
185 if (!cur || !end || cur >= end)
186 return NULL;
187 type = cur->nd_opt_type;
188 do {
189 cur = ((void *)cur) + (cur->nd_opt_len << 3);
190 } while (cur < end && cur->nd_opt_type != type);
191 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
192 }
193
194 static inline int ndisc_is_useropt(const struct net_device *dev,
195 struct nd_opt_hdr *opt)
196 {
197 return opt->nd_opt_type == ND_OPT_RDNSS ||
198 opt->nd_opt_type == ND_OPT_DNSSL ||
199 ndisc_ops_is_useropt(dev, opt->nd_opt_type);
200 }
201
202 static struct nd_opt_hdr *ndisc_next_useropt(const struct net_device *dev,
203 struct nd_opt_hdr *cur,
204 struct nd_opt_hdr *end)
205 {
206 if (!cur || !end || cur >= end)
207 return NULL;
208 do {
209 cur = ((void *)cur) + (cur->nd_opt_len << 3);
210 } while (cur < end && !ndisc_is_useropt(dev, cur));
211 return cur <= end && ndisc_is_useropt(dev, cur) ? cur : NULL;
212 }
213
214 struct ndisc_options *ndisc_parse_options(const struct net_device *dev,
215 u8 *opt, int opt_len,
216 struct ndisc_options *ndopts)
217 {
218 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
219
220 if (!nd_opt || opt_len < 0 || !ndopts)
221 return NULL;
222 memset(ndopts, 0, sizeof(*ndopts));
223 while (opt_len) {
224 int l;
225 if (opt_len < sizeof(struct nd_opt_hdr))
226 return NULL;
227 l = nd_opt->nd_opt_len << 3;
228 if (opt_len < l || l == 0)
229 return NULL;
230 if (ndisc_ops_parse_options(dev, nd_opt, ndopts))
231 goto next_opt;
232 switch (nd_opt->nd_opt_type) {
233 case ND_OPT_SOURCE_LL_ADDR:
234 case ND_OPT_TARGET_LL_ADDR:
235 case ND_OPT_MTU:
236 case ND_OPT_NONCE:
237 case ND_OPT_REDIRECT_HDR:
238 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
239 ND_PRINTK(2, warn,
240 "%s: duplicated ND6 option found: type=%d\n",
241 __func__, nd_opt->nd_opt_type);
242 } else {
243 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
244 }
245 break;
246 case ND_OPT_PREFIX_INFO:
247 ndopts->nd_opts_pi_end = nd_opt;
248 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
249 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
250 break;
251 #ifdef CONFIG_IPV6_ROUTE_INFO
252 case ND_OPT_ROUTE_INFO:
253 ndopts->nd_opts_ri_end = nd_opt;
254 if (!ndopts->nd_opts_ri)
255 ndopts->nd_opts_ri = nd_opt;
256 break;
257 #endif
258 default:
259 if (ndisc_is_useropt(dev, nd_opt)) {
260 ndopts->nd_useropts_end = nd_opt;
261 if (!ndopts->nd_useropts)
262 ndopts->nd_useropts = nd_opt;
263 } else {
264 /*
265 * Unknown options must be silently ignored,
266 * to accommodate future extension to the
267 * protocol.
268 */
269 ND_PRINTK(2, notice,
270 "%s: ignored unsupported option; type=%d, len=%d\n",
271 __func__,
272 nd_opt->nd_opt_type,
273 nd_opt->nd_opt_len);
274 }
275 }
276 next_opt:
277 opt_len -= l;
278 nd_opt = ((void *)nd_opt) + l;
279 }
280 return ndopts;
281 }
282
283 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
284 {
285 switch (dev->type) {
286 case ARPHRD_ETHER:
287 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
288 case ARPHRD_FDDI:
289 ipv6_eth_mc_map(addr, buf);
290 return 0;
291 case ARPHRD_ARCNET:
292 ipv6_arcnet_mc_map(addr, buf);
293 return 0;
294 case ARPHRD_INFINIBAND:
295 ipv6_ib_mc_map(addr, dev->broadcast, buf);
296 return 0;
297 case ARPHRD_IPGRE:
298 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
299 default:
300 if (dir) {
301 memcpy(buf, dev->broadcast, dev->addr_len);
302 return 0;
303 }
304 }
305 return -EINVAL;
306 }
307 EXPORT_SYMBOL(ndisc_mc_map);
308
309 static u32 ndisc_hash(const void *pkey,
310 const struct net_device *dev,
311 __u32 *hash_rnd)
312 {
313 return ndisc_hashfn(pkey, dev, hash_rnd);
314 }
315
316 static bool ndisc_key_eq(const struct neighbour *n, const void *pkey)
317 {
318 return neigh_key_eq128(n, pkey);
319 }
320
321 static int ndisc_constructor(struct neighbour *neigh)
322 {
323 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
324 struct net_device *dev = neigh->dev;
325 struct inet6_dev *in6_dev;
326 struct neigh_parms *parms;
327 bool is_multicast = ipv6_addr_is_multicast(addr);
328
329 in6_dev = in6_dev_get(dev);
330 if (!in6_dev) {
331 return -EINVAL;
332 }
333
334 parms = in6_dev->nd_parms;
335 __neigh_parms_put(neigh->parms);
336 neigh->parms = neigh_parms_clone(parms);
337
338 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
339 if (!dev->header_ops) {
340 neigh->nud_state = NUD_NOARP;
341 neigh->ops = &ndisc_direct_ops;
342 neigh->output = neigh_direct_output;
343 } else {
344 if (is_multicast) {
345 neigh->nud_state = NUD_NOARP;
346 ndisc_mc_map(addr, neigh->ha, dev, 1);
347 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
348 neigh->nud_state = NUD_NOARP;
349 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
350 if (dev->flags&IFF_LOOPBACK)
351 neigh->type = RTN_LOCAL;
352 } else if (dev->flags&IFF_POINTOPOINT) {
353 neigh->nud_state = NUD_NOARP;
354 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
355 }
356 if (dev->header_ops->cache)
357 neigh->ops = &ndisc_hh_ops;
358 else
359 neigh->ops = &ndisc_generic_ops;
360 if (neigh->nud_state&NUD_VALID)
361 neigh->output = neigh->ops->connected_output;
362 else
363 neigh->output = neigh->ops->output;
364 }
365 in6_dev_put(in6_dev);
366 return 0;
367 }
368
369 static int pndisc_constructor(struct pneigh_entry *n)
370 {
371 struct in6_addr *addr = (struct in6_addr *)&n->key;
372 struct in6_addr maddr;
373 struct net_device *dev = n->dev;
374
375 if (!dev || !__in6_dev_get(dev))
376 return -EINVAL;
377 addrconf_addr_solict_mult(addr, &maddr);
378 ipv6_dev_mc_inc(dev, &maddr);
379 return 0;
380 }
381
382 static void pndisc_destructor(struct pneigh_entry *n)
383 {
384 struct in6_addr *addr = (struct in6_addr *)&n->key;
385 struct in6_addr maddr;
386 struct net_device *dev = n->dev;
387
388 if (!dev || !__in6_dev_get(dev))
389 return;
390 addrconf_addr_solict_mult(addr, &maddr);
391 ipv6_dev_mc_dec(dev, &maddr);
392 }
393
394 /* called with rtnl held */
395 static bool ndisc_allow_add(const struct net_device *dev,
396 struct netlink_ext_ack *extack)
397 {
398 struct inet6_dev *idev = __in6_dev_get(dev);
399
400 if (!idev || idev->cnf.disable_ipv6) {
401 NL_SET_ERR_MSG(extack, "IPv6 is disabled on this device");
402 return false;
403 }
404
405 return true;
406 }
407
408 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
409 int len)
410 {
411 int hlen = LL_RESERVED_SPACE(dev);
412 int tlen = dev->needed_tailroom;
413 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
414 struct sk_buff *skb;
415
416 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
417 if (!skb) {
418 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
419 __func__);
420 return NULL;
421 }
422
423 skb->protocol = htons(ETH_P_IPV6);
424 skb->dev = dev;
425
426 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
427 skb_reset_transport_header(skb);
428
429 /* Manually assign socket ownership as we avoid calling
430 * sock_alloc_send_pskb() to bypass wmem buffer limits
431 */
432 skb_set_owner_w(skb, sk);
433
434 return skb;
435 }
436
437 static void ip6_nd_hdr(struct sk_buff *skb,
438 const struct in6_addr *saddr,
439 const struct in6_addr *daddr,
440 int hop_limit, int len)
441 {
442 struct ipv6hdr *hdr;
443 struct inet6_dev *idev;
444 unsigned tclass;
445
446 rcu_read_lock();
447 idev = __in6_dev_get(skb->dev);
448 tclass = idev ? idev->cnf.ndisc_tclass : 0;
449 rcu_read_unlock();
450
451 skb_push(skb, sizeof(*hdr));
452 skb_reset_network_header(skb);
453 hdr = ipv6_hdr(skb);
454
455 ip6_flow_hdr(hdr, tclass, 0);
456
457 hdr->payload_len = htons(len);
458 hdr->nexthdr = IPPROTO_ICMPV6;
459 hdr->hop_limit = hop_limit;
460
461 hdr->saddr = *saddr;
462 hdr->daddr = *daddr;
463 }
464
465 static void ndisc_send_skb(struct sk_buff *skb,
466 const struct in6_addr *daddr,
467 const struct in6_addr *saddr)
468 {
469 struct dst_entry *dst = skb_dst(skb);
470 struct net *net = dev_net(skb->dev);
471 struct sock *sk = net->ipv6.ndisc_sk;
472 struct inet6_dev *idev;
473 int err;
474 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
475 u8 type;
476
477 type = icmp6h->icmp6_type;
478
479 if (!dst) {
480 struct flowi6 fl6;
481 int oif = skb->dev->ifindex;
482
483 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, oif);
484 dst = icmp6_dst_alloc(skb->dev, &fl6);
485 if (IS_ERR(dst)) {
486 kfree_skb(skb);
487 return;
488 }
489
490 skb_dst_set(skb, dst);
491 }
492
493 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
494 IPPROTO_ICMPV6,
495 csum_partial(icmp6h,
496 skb->len, 0));
497
498 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
499
500 rcu_read_lock();
501 idev = __in6_dev_get(dst->dev);
502 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
503
504 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
505 net, sk, skb, NULL, dst->dev,
506 dst_output);
507 if (!err) {
508 ICMP6MSGOUT_INC_STATS(net, idev, type);
509 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
510 }
511
512 rcu_read_unlock();
513 }
514
515 void ndisc_send_na(struct net_device *dev, const struct in6_addr *daddr,
516 const struct in6_addr *solicited_addr,
517 bool router, bool solicited, bool override, bool inc_opt)
518 {
519 struct sk_buff *skb;
520 struct in6_addr tmpaddr;
521 struct inet6_ifaddr *ifp;
522 const struct in6_addr *src_addr;
523 struct nd_msg *msg;
524 int optlen = 0;
525
526 /* for anycast or proxy, solicited_addr != src_addr */
527 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
528 if (ifp) {
529 src_addr = solicited_addr;
530 if (ifp->flags & IFA_F_OPTIMISTIC)
531 override = false;
532 inc_opt |= ifp->idev->cnf.force_tllao;
533 in6_ifa_put(ifp);
534 } else {
535 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
536 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
537 &tmpaddr))
538 return;
539 src_addr = &tmpaddr;
540 }
541
542 if (!dev->addr_len)
543 inc_opt = false;
544 if (inc_opt)
545 optlen += ndisc_opt_addr_space(dev,
546 NDISC_NEIGHBOUR_ADVERTISEMENT);
547
548 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
549 if (!skb)
550 return;
551
552 msg = skb_put(skb, sizeof(*msg));
553 *msg = (struct nd_msg) {
554 .icmph = {
555 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
556 .icmp6_router = router,
557 .icmp6_solicited = solicited,
558 .icmp6_override = override,
559 },
560 .target = *solicited_addr,
561 };
562
563 if (inc_opt)
564 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
565 dev->dev_addr,
566 NDISC_NEIGHBOUR_ADVERTISEMENT);
567
568 ndisc_send_skb(skb, daddr, src_addr);
569 }
570
571 static void ndisc_send_unsol_na(struct net_device *dev)
572 {
573 struct inet6_dev *idev;
574 struct inet6_ifaddr *ifa;
575
576 idev = in6_dev_get(dev);
577 if (!idev)
578 return;
579
580 read_lock_bh(&idev->lock);
581 list_for_each_entry(ifa, &idev->addr_list, if_list) {
582 /* skip tentative addresses until dad completes */
583 if (ifa->flags & IFA_F_TENTATIVE &&
584 !(ifa->flags & IFA_F_OPTIMISTIC))
585 continue;
586
587 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &ifa->addr,
588 /*router=*/ !!idev->cnf.forwarding,
589 /*solicited=*/ false, /*override=*/ true,
590 /*inc_opt=*/ true);
591 }
592 read_unlock_bh(&idev->lock);
593
594 in6_dev_put(idev);
595 }
596
597 void ndisc_send_ns(struct net_device *dev, const struct in6_addr *solicit,
598 const struct in6_addr *daddr, const struct in6_addr *saddr,
599 u64 nonce)
600 {
601 struct sk_buff *skb;
602 struct in6_addr addr_buf;
603 int inc_opt = dev->addr_len;
604 int optlen = 0;
605 struct nd_msg *msg;
606
607 if (!saddr) {
608 if (ipv6_get_lladdr(dev, &addr_buf,
609 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
610 return;
611 saddr = &addr_buf;
612 }
613
614 if (ipv6_addr_any(saddr))
615 inc_opt = false;
616 if (inc_opt)
617 optlen += ndisc_opt_addr_space(dev,
618 NDISC_NEIGHBOUR_SOLICITATION);
619 if (nonce != 0)
620 optlen += 8;
621
622 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
623 if (!skb)
624 return;
625
626 msg = skb_put(skb, sizeof(*msg));
627 *msg = (struct nd_msg) {
628 .icmph = {
629 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
630 },
631 .target = *solicit,
632 };
633
634 if (inc_opt)
635 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
636 dev->dev_addr,
637 NDISC_NEIGHBOUR_SOLICITATION);
638 if (nonce != 0) {
639 u8 *opt = skb_put(skb, 8);
640
641 opt[0] = ND_OPT_NONCE;
642 opt[1] = 8 >> 3;
643 memcpy(opt + 2, &nonce, 6);
644 }
645
646 ndisc_send_skb(skb, daddr, saddr);
647 }
648
649 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
650 const struct in6_addr *daddr)
651 {
652 struct sk_buff *skb;
653 struct rs_msg *msg;
654 int send_sllao = dev->addr_len;
655 int optlen = 0;
656
657 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
658 /*
659 * According to section 2.2 of RFC 4429, we must not
660 * send router solicitations with a sllao from
661 * optimistic addresses, but we may send the solicitation
662 * if we don't include the sllao. So here we check
663 * if our address is optimistic, and if so, we
664 * suppress the inclusion of the sllao.
665 */
666 if (send_sllao) {
667 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
668 dev, 1);
669 if (ifp) {
670 if (ifp->flags & IFA_F_OPTIMISTIC) {
671 send_sllao = 0;
672 }
673 in6_ifa_put(ifp);
674 } else {
675 send_sllao = 0;
676 }
677 }
678 #endif
679 if (send_sllao)
680 optlen += ndisc_opt_addr_space(dev, NDISC_ROUTER_SOLICITATION);
681
682 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
683 if (!skb)
684 return;
685
686 msg = skb_put(skb, sizeof(*msg));
687 *msg = (struct rs_msg) {
688 .icmph = {
689 .icmp6_type = NDISC_ROUTER_SOLICITATION,
690 },
691 };
692
693 if (send_sllao)
694 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
695 dev->dev_addr,
696 NDISC_ROUTER_SOLICITATION);
697
698 ndisc_send_skb(skb, daddr, saddr);
699 }
700
701
702 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
703 {
704 /*
705 * "The sender MUST return an ICMP
706 * destination unreachable"
707 */
708 dst_link_failure(skb);
709 kfree_skb(skb);
710 }
711
712 /* Called with locked neigh: either read or both */
713
714 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
715 {
716 struct in6_addr *saddr = NULL;
717 struct in6_addr mcaddr;
718 struct net_device *dev = neigh->dev;
719 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
720 int probes = atomic_read(&neigh->probes);
721
722 if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
723 dev, false, 1,
724 IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
725 saddr = &ipv6_hdr(skb)->saddr;
726 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
727 if (probes < 0) {
728 if (!(neigh->nud_state & NUD_VALID)) {
729 ND_PRINTK(1, dbg,
730 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
731 __func__, target);
732 }
733 ndisc_send_ns(dev, target, target, saddr, 0);
734 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
735 neigh_app_ns(neigh);
736 } else {
737 addrconf_addr_solict_mult(target, &mcaddr);
738 ndisc_send_ns(dev, target, &mcaddr, saddr, 0);
739 }
740 }
741
742 static int pndisc_is_router(const void *pkey,
743 struct net_device *dev)
744 {
745 struct pneigh_entry *n;
746 int ret = -1;
747
748 read_lock_bh(&nd_tbl.lock);
749 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
750 if (n)
751 ret = !!(n->flags & NTF_ROUTER);
752 read_unlock_bh(&nd_tbl.lock);
753
754 return ret;
755 }
756
757 void ndisc_update(const struct net_device *dev, struct neighbour *neigh,
758 const u8 *lladdr, u8 new, u32 flags, u8 icmp6_type,
759 struct ndisc_options *ndopts)
760 {
761 neigh_update(neigh, lladdr, new, flags, 0);
762 /* report ndisc ops about neighbour update */
763 ndisc_ops_update(dev, neigh, flags, icmp6_type, ndopts);
764 }
765
766 static void ndisc_recv_ns(struct sk_buff *skb)
767 {
768 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
769 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
770 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
771 u8 *lladdr = NULL;
772 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
773 offsetof(struct nd_msg, opt));
774 struct ndisc_options ndopts;
775 struct net_device *dev = skb->dev;
776 struct inet6_ifaddr *ifp;
777 struct inet6_dev *idev = NULL;
778 struct neighbour *neigh;
779 int dad = ipv6_addr_any(saddr);
780 bool inc;
781 int is_router = -1;
782 u64 nonce = 0;
783
784 if (skb->len < sizeof(struct nd_msg)) {
785 ND_PRINTK(2, warn, "NS: packet too short\n");
786 return;
787 }
788
789 if (ipv6_addr_is_multicast(&msg->target)) {
790 ND_PRINTK(2, warn, "NS: multicast target address\n");
791 return;
792 }
793
794 /*
795 * RFC2461 7.1.1:
796 * DAD has to be destined for solicited node multicast address.
797 */
798 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
799 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
800 return;
801 }
802
803 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
804 ND_PRINTK(2, warn, "NS: invalid ND options\n");
805 return;
806 }
807
808 if (ndopts.nd_opts_src_lladdr) {
809 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
810 if (!lladdr) {
811 ND_PRINTK(2, warn,
812 "NS: invalid link-layer address length\n");
813 return;
814 }
815
816 /* RFC2461 7.1.1:
817 * If the IP source address is the unspecified address,
818 * there MUST NOT be source link-layer address option
819 * in the message.
820 */
821 if (dad) {
822 ND_PRINTK(2, warn,
823 "NS: bad DAD packet (link-layer address option)\n");
824 return;
825 }
826 }
827 if (ndopts.nd_opts_nonce && ndopts.nd_opts_nonce->nd_opt_len == 1)
828 memcpy(&nonce, (u8 *)(ndopts.nd_opts_nonce + 1), 6);
829
830 inc = ipv6_addr_is_multicast(daddr);
831
832 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
833 if (ifp) {
834 have_ifp:
835 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
836 if (dad) {
837 if (nonce != 0 && ifp->dad_nonce == nonce) {
838 u8 *np = (u8 *)&nonce;
839 /* Matching nonce if looped back */
840 ND_PRINTK(2, notice,
841 "%s: IPv6 DAD loopback for address %pI6c nonce %pM ignored\n",
842 ifp->idev->dev->name,
843 &ifp->addr, np);
844 goto out;
845 }
846 /*
847 * We are colliding with another node
848 * who is doing DAD
849 * so fail our DAD process
850 */
851 addrconf_dad_failure(skb, ifp);
852 return;
853 } else {
854 /*
855 * This is not a dad solicitation.
856 * If we are an optimistic node,
857 * we should respond.
858 * Otherwise, we should ignore it.
859 */
860 if (!(ifp->flags & IFA_F_OPTIMISTIC))
861 goto out;
862 }
863 }
864
865 idev = ifp->idev;
866 } else {
867 struct net *net = dev_net(dev);
868
869 /* perhaps an address on the master device */
870 if (netif_is_l3_slave(dev)) {
871 struct net_device *mdev;
872
873 mdev = netdev_master_upper_dev_get_rcu(dev);
874 if (mdev) {
875 ifp = ipv6_get_ifaddr(net, &msg->target, mdev, 1);
876 if (ifp)
877 goto have_ifp;
878 }
879 }
880
881 idev = in6_dev_get(dev);
882 if (!idev) {
883 /* XXX: count this drop? */
884 return;
885 }
886
887 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
888 (idev->cnf.forwarding &&
889 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
890 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
891 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
892 skb->pkt_type != PACKET_HOST &&
893 inc &&
894 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
895 /*
896 * for anycast or proxy,
897 * sender should delay its response
898 * by a random time between 0 and
899 * MAX_ANYCAST_DELAY_TIME seconds.
900 * (RFC2461) -- yoshfuji
901 */
902 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
903 if (n)
904 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
905 goto out;
906 }
907 } else
908 goto out;
909 }
910
911 if (is_router < 0)
912 is_router = idev->cnf.forwarding;
913
914 if (dad) {
915 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &msg->target,
916 !!is_router, false, (ifp != NULL), true);
917 goto out;
918 }
919
920 if (inc)
921 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
922 else
923 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
924
925 /*
926 * update / create cache entry
927 * for the source address
928 */
929 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
930 !inc || lladdr || !dev->addr_len);
931 if (neigh)
932 ndisc_update(dev, neigh, lladdr, NUD_STALE,
933 NEIGH_UPDATE_F_WEAK_OVERRIDE|
934 NEIGH_UPDATE_F_OVERRIDE,
935 NDISC_NEIGHBOUR_SOLICITATION, &ndopts);
936 if (neigh || !dev->header_ops) {
937 ndisc_send_na(dev, saddr, &msg->target, !!is_router,
938 true, (ifp != NULL && inc), inc);
939 if (neigh)
940 neigh_release(neigh);
941 }
942
943 out:
944 if (ifp)
945 in6_ifa_put(ifp);
946 else
947 in6_dev_put(idev);
948 }
949
950 static void ndisc_recv_na(struct sk_buff *skb)
951 {
952 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
953 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
954 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
955 u8 *lladdr = NULL;
956 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
957 offsetof(struct nd_msg, opt));
958 struct ndisc_options ndopts;
959 struct net_device *dev = skb->dev;
960 struct inet6_dev *idev = __in6_dev_get(dev);
961 struct inet6_ifaddr *ifp;
962 struct neighbour *neigh;
963
964 if (skb->len < sizeof(struct nd_msg)) {
965 ND_PRINTK(2, warn, "NA: packet too short\n");
966 return;
967 }
968
969 if (ipv6_addr_is_multicast(&msg->target)) {
970 ND_PRINTK(2, warn, "NA: target address is multicast\n");
971 return;
972 }
973
974 if (ipv6_addr_is_multicast(daddr) &&
975 msg->icmph.icmp6_solicited) {
976 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
977 return;
978 }
979
980 /* For some 802.11 wireless deployments (and possibly other networks),
981 * there will be a NA proxy and unsolicitd packets are attacks
982 * and thus should not be accepted.
983 */
984 if (!msg->icmph.icmp6_solicited && idev &&
985 idev->cnf.drop_unsolicited_na)
986 return;
987
988 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
989 ND_PRINTK(2, warn, "NS: invalid ND option\n");
990 return;
991 }
992 if (ndopts.nd_opts_tgt_lladdr) {
993 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
994 if (!lladdr) {
995 ND_PRINTK(2, warn,
996 "NA: invalid link-layer address length\n");
997 return;
998 }
999 }
1000 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
1001 if (ifp) {
1002 if (skb->pkt_type != PACKET_LOOPBACK
1003 && (ifp->flags & IFA_F_TENTATIVE)) {
1004 addrconf_dad_failure(skb, ifp);
1005 return;
1006 }
1007 /* What should we make now? The advertisement
1008 is invalid, but ndisc specs say nothing
1009 about it. It could be misconfiguration, or
1010 an smart proxy agent tries to help us :-)
1011
1012 We should not print the error if NA has been
1013 received from loopback - it is just our own
1014 unsolicited advertisement.
1015 */
1016 if (skb->pkt_type != PACKET_LOOPBACK)
1017 ND_PRINTK(1, warn,
1018 "NA: %pM advertised our address %pI6c on %s!\n",
1019 eth_hdr(skb)->h_source, &ifp->addr, ifp->idev->dev->name);
1020 in6_ifa_put(ifp);
1021 return;
1022 }
1023 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
1024
1025 if (neigh) {
1026 u8 old_flags = neigh->flags;
1027 struct net *net = dev_net(dev);
1028
1029 if (neigh->nud_state & NUD_FAILED)
1030 goto out;
1031
1032 /*
1033 * Don't update the neighbor cache entry on a proxy NA from
1034 * ourselves because either the proxied node is off link or it
1035 * has already sent a NA to us.
1036 */
1037 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
1038 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
1039 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
1040 /* XXX: idev->cnf.proxy_ndp */
1041 goto out;
1042 }
1043
1044 ndisc_update(dev, neigh, lladdr,
1045 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
1046 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1047 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
1048 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1049 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0),
1050 NDISC_NEIGHBOUR_ADVERTISEMENT, &ndopts);
1051
1052 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
1053 /*
1054 * Change: router to host
1055 */
1056 rt6_clean_tohost(dev_net(dev), saddr);
1057 }
1058
1059 out:
1060 neigh_release(neigh);
1061 }
1062 }
1063
1064 static void ndisc_recv_rs(struct sk_buff *skb)
1065 {
1066 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1067 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1068 struct neighbour *neigh;
1069 struct inet6_dev *idev;
1070 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1071 struct ndisc_options ndopts;
1072 u8 *lladdr = NULL;
1073
1074 if (skb->len < sizeof(*rs_msg))
1075 return;
1076
1077 idev = __in6_dev_get(skb->dev);
1078 if (!idev) {
1079 ND_PRINTK(1, err, "RS: can't find in6 device\n");
1080 return;
1081 }
1082
1083 /* Don't accept RS if we're not in router mode */
1084 if (!idev->cnf.forwarding)
1085 goto out;
1086
1087 /*
1088 * Don't update NCE if src = ::;
1089 * this implies that the source node has no ip address assigned yet.
1090 */
1091 if (ipv6_addr_any(saddr))
1092 goto out;
1093
1094 /* Parse ND options */
1095 if (!ndisc_parse_options(skb->dev, rs_msg->opt, ndoptlen, &ndopts)) {
1096 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
1097 goto out;
1098 }
1099
1100 if (ndopts.nd_opts_src_lladdr) {
1101 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1102 skb->dev);
1103 if (!lladdr)
1104 goto out;
1105 }
1106
1107 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1108 if (neigh) {
1109 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1110 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1111 NEIGH_UPDATE_F_OVERRIDE|
1112 NEIGH_UPDATE_F_OVERRIDE_ISROUTER,
1113 NDISC_ROUTER_SOLICITATION, &ndopts);
1114 neigh_release(neigh);
1115 }
1116 out:
1117 return;
1118 }
1119
1120 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1121 {
1122 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1123 struct sk_buff *skb;
1124 struct nlmsghdr *nlh;
1125 struct nduseroptmsg *ndmsg;
1126 struct net *net = dev_net(ra->dev);
1127 int err;
1128 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1129 + (opt->nd_opt_len << 3));
1130 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1131
1132 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1133 if (!skb) {
1134 err = -ENOBUFS;
1135 goto errout;
1136 }
1137
1138 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1139 if (!nlh) {
1140 goto nla_put_failure;
1141 }
1142
1143 ndmsg = nlmsg_data(nlh);
1144 ndmsg->nduseropt_family = AF_INET6;
1145 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1146 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1147 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1148 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1149
1150 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1151
1152 if (nla_put_in6_addr(skb, NDUSEROPT_SRCADDR, &ipv6_hdr(ra)->saddr))
1153 goto nla_put_failure;
1154 nlmsg_end(skb, nlh);
1155
1156 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1157 return;
1158
1159 nla_put_failure:
1160 nlmsg_free(skb);
1161 err = -EMSGSIZE;
1162 errout:
1163 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1164 }
1165
1166 static void ndisc_router_discovery(struct sk_buff *skb)
1167 {
1168 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1169 struct neighbour *neigh = NULL;
1170 struct inet6_dev *in6_dev;
1171 struct fib6_info *rt = NULL;
1172 struct net *net;
1173 int lifetime;
1174 struct ndisc_options ndopts;
1175 int optlen;
1176 unsigned int pref = 0;
1177 __u32 old_if_flags;
1178 bool send_ifinfo_notify = false;
1179
1180 __u8 *opt = (__u8 *)(ra_msg + 1);
1181
1182 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1183 sizeof(struct ra_msg);
1184
1185 ND_PRINTK(2, info,
1186 "RA: %s, dev: %s\n",
1187 __func__, skb->dev->name);
1188 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1189 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1190 return;
1191 }
1192 if (optlen < 0) {
1193 ND_PRINTK(2, warn, "RA: packet too short\n");
1194 return;
1195 }
1196
1197 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1198 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1199 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1200 return;
1201 }
1202 #endif
1203
1204 /*
1205 * set the RA_RECV flag in the interface
1206 */
1207
1208 in6_dev = __in6_dev_get(skb->dev);
1209 if (!in6_dev) {
1210 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1211 skb->dev->name);
1212 return;
1213 }
1214
1215 if (!ndisc_parse_options(skb->dev, opt, optlen, &ndopts)) {
1216 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1217 return;
1218 }
1219
1220 if (!ipv6_accept_ra(in6_dev)) {
1221 ND_PRINTK(2, info,
1222 "RA: %s, did not accept ra for dev: %s\n",
1223 __func__, skb->dev->name);
1224 goto skip_linkparms;
1225 }
1226
1227 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1228 /* skip link-specific parameters from interior routers */
1229 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1230 ND_PRINTK(2, info,
1231 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1232 __func__, skb->dev->name);
1233 goto skip_linkparms;
1234 }
1235 #endif
1236
1237 if (in6_dev->if_flags & IF_RS_SENT) {
1238 /*
1239 * flag that an RA was received after an RS was sent
1240 * out on this interface.
1241 */
1242 in6_dev->if_flags |= IF_RA_RCVD;
1243 }
1244
1245 /*
1246 * Remember the managed/otherconf flags from most recently
1247 * received RA message (RFC 2462) -- yoshfuji
1248 */
1249 old_if_flags = in6_dev->if_flags;
1250 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1251 IF_RA_OTHERCONF)) |
1252 (ra_msg->icmph.icmp6_addrconf_managed ?
1253 IF_RA_MANAGED : 0) |
1254 (ra_msg->icmph.icmp6_addrconf_other ?
1255 IF_RA_OTHERCONF : 0);
1256
1257 if (old_if_flags != in6_dev->if_flags)
1258 send_ifinfo_notify = true;
1259
1260 if (!in6_dev->cnf.accept_ra_defrtr) {
1261 ND_PRINTK(2, info,
1262 "RA: %s, defrtr is false for dev: %s\n",
1263 __func__, skb->dev->name);
1264 goto skip_defrtr;
1265 }
1266
1267 /* Do not accept RA with source-addr found on local machine unless
1268 * accept_ra_from_local is set to true.
1269 */
1270 net = dev_net(in6_dev->dev);
1271 if (!in6_dev->cnf.accept_ra_from_local &&
1272 ipv6_chk_addr(net, &ipv6_hdr(skb)->saddr, in6_dev->dev, 0)) {
1273 ND_PRINTK(2, info,
1274 "RA from local address detected on dev: %s: default router ignored\n",
1275 skb->dev->name);
1276 goto skip_defrtr;
1277 }
1278
1279 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1280
1281 #ifdef CONFIG_IPV6_ROUTER_PREF
1282 pref = ra_msg->icmph.icmp6_router_pref;
1283 /* 10b is handled as if it were 00b (medium) */
1284 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1285 !in6_dev->cnf.accept_ra_rtr_pref)
1286 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1287 #endif
1288
1289 rt = rt6_get_dflt_router(net, &ipv6_hdr(skb)->saddr, skb->dev);
1290
1291 if (rt) {
1292 neigh = ip6_neigh_lookup(&rt->fib6_nh.fib_nh_gw6,
1293 rt->fib6_nh.fib_nh_dev, NULL,
1294 &ipv6_hdr(skb)->saddr);
1295 if (!neigh) {
1296 ND_PRINTK(0, err,
1297 "RA: %s got default router without neighbour\n",
1298 __func__);
1299 fib6_info_release(rt);
1300 return;
1301 }
1302 }
1303 if (rt && lifetime == 0) {
1304 ip6_del_rt(net, rt);
1305 rt = NULL;
1306 }
1307
1308 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1309 rt, lifetime, skb->dev->name);
1310 if (!rt && lifetime) {
1311 ND_PRINTK(3, info, "RA: adding default router\n");
1312
1313 rt = rt6_add_dflt_router(net, &ipv6_hdr(skb)->saddr,
1314 skb->dev, pref);
1315 if (!rt) {
1316 ND_PRINTK(0, err,
1317 "RA: %s failed to add default route\n",
1318 __func__);
1319 return;
1320 }
1321
1322 neigh = ip6_neigh_lookup(&rt->fib6_nh.fib_nh_gw6,
1323 rt->fib6_nh.fib_nh_dev, NULL,
1324 &ipv6_hdr(skb)->saddr);
1325 if (!neigh) {
1326 ND_PRINTK(0, err,
1327 "RA: %s got default router without neighbour\n",
1328 __func__);
1329 fib6_info_release(rt);
1330 return;
1331 }
1332 neigh->flags |= NTF_ROUTER;
1333 } else if (rt) {
1334 rt->fib6_flags = (rt->fib6_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1335 }
1336
1337 if (rt)
1338 fib6_set_expires(rt, jiffies + (HZ * lifetime));
1339 if (in6_dev->cnf.accept_ra_min_hop_limit < 256 &&
1340 ra_msg->icmph.icmp6_hop_limit) {
1341 if (in6_dev->cnf.accept_ra_min_hop_limit <= ra_msg->icmph.icmp6_hop_limit) {
1342 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1343 fib6_metric_set(rt, RTAX_HOPLIMIT,
1344 ra_msg->icmph.icmp6_hop_limit);
1345 } else {
1346 ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than minimum\n");
1347 }
1348 }
1349
1350 skip_defrtr:
1351
1352 /*
1353 * Update Reachable Time and Retrans Timer
1354 */
1355
1356 if (in6_dev->nd_parms) {
1357 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1358
1359 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1360 rtime = (rtime*HZ)/1000;
1361 if (rtime < HZ/10)
1362 rtime = HZ/10;
1363 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1364 in6_dev->tstamp = jiffies;
1365 send_ifinfo_notify = true;
1366 }
1367
1368 rtime = ntohl(ra_msg->reachable_time);
1369 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1370 rtime = (rtime*HZ)/1000;
1371
1372 if (rtime < HZ/10)
1373 rtime = HZ/10;
1374
1375 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1376 NEIGH_VAR_SET(in6_dev->nd_parms,
1377 BASE_REACHABLE_TIME, rtime);
1378 NEIGH_VAR_SET(in6_dev->nd_parms,
1379 GC_STALETIME, 3 * rtime);
1380 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1381 in6_dev->tstamp = jiffies;
1382 send_ifinfo_notify = true;
1383 }
1384 }
1385 }
1386
1387 /*
1388 * Send a notify if RA changed managed/otherconf flags or timer settings
1389 */
1390 if (send_ifinfo_notify)
1391 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1392
1393 skip_linkparms:
1394
1395 /*
1396 * Process options.
1397 */
1398
1399 if (!neigh)
1400 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1401 skb->dev, 1);
1402 if (neigh) {
1403 u8 *lladdr = NULL;
1404 if (ndopts.nd_opts_src_lladdr) {
1405 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1406 skb->dev);
1407 if (!lladdr) {
1408 ND_PRINTK(2, warn,
1409 "RA: invalid link-layer address length\n");
1410 goto out;
1411 }
1412 }
1413 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1414 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1415 NEIGH_UPDATE_F_OVERRIDE|
1416 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1417 NEIGH_UPDATE_F_ISROUTER,
1418 NDISC_ROUTER_ADVERTISEMENT, &ndopts);
1419 }
1420
1421 if (!ipv6_accept_ra(in6_dev)) {
1422 ND_PRINTK(2, info,
1423 "RA: %s, accept_ra is false for dev: %s\n",
1424 __func__, skb->dev->name);
1425 goto out;
1426 }
1427
1428 #ifdef CONFIG_IPV6_ROUTE_INFO
1429 if (!in6_dev->cnf.accept_ra_from_local &&
1430 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1431 in6_dev->dev, 0)) {
1432 ND_PRINTK(2, info,
1433 "RA from local address detected on dev: %s: router info ignored.\n",
1434 skb->dev->name);
1435 goto skip_routeinfo;
1436 }
1437
1438 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1439 struct nd_opt_hdr *p;
1440 for (p = ndopts.nd_opts_ri;
1441 p;
1442 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1443 struct route_info *ri = (struct route_info *)p;
1444 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1445 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1446 ri->prefix_len == 0)
1447 continue;
1448 #endif
1449 if (ri->prefix_len == 0 &&
1450 !in6_dev->cnf.accept_ra_defrtr)
1451 continue;
1452 if (ri->prefix_len < in6_dev->cnf.accept_ra_rt_info_min_plen)
1453 continue;
1454 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1455 continue;
1456 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1457 &ipv6_hdr(skb)->saddr);
1458 }
1459 }
1460
1461 skip_routeinfo:
1462 #endif
1463
1464 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1465 /* skip link-specific ndopts from interior routers */
1466 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1467 ND_PRINTK(2, info,
1468 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1469 __func__, skb->dev->name);
1470 goto out;
1471 }
1472 #endif
1473
1474 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1475 struct nd_opt_hdr *p;
1476 for (p = ndopts.nd_opts_pi;
1477 p;
1478 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1479 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1480 (p->nd_opt_len) << 3,
1481 ndopts.nd_opts_src_lladdr != NULL);
1482 }
1483 }
1484
1485 if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1486 __be32 n;
1487 u32 mtu;
1488
1489 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1490 mtu = ntohl(n);
1491
1492 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1493 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1494 } else if (in6_dev->cnf.mtu6 != mtu) {
1495 in6_dev->cnf.mtu6 = mtu;
1496 fib6_metric_set(rt, RTAX_MTU, mtu);
1497 rt6_mtu_change(skb->dev, mtu);
1498 }
1499 }
1500
1501 if (ndopts.nd_useropts) {
1502 struct nd_opt_hdr *p;
1503 for (p = ndopts.nd_useropts;
1504 p;
1505 p = ndisc_next_useropt(skb->dev, p,
1506 ndopts.nd_useropts_end)) {
1507 ndisc_ra_useropt(skb, p);
1508 }
1509 }
1510
1511 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1512 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1513 }
1514 out:
1515 fib6_info_release(rt);
1516 if (neigh)
1517 neigh_release(neigh);
1518 }
1519
1520 static void ndisc_redirect_rcv(struct sk_buff *skb)
1521 {
1522 u8 *hdr;
1523 struct ndisc_options ndopts;
1524 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1525 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1526 offsetof(struct rd_msg, opt));
1527
1528 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1529 switch (skb->ndisc_nodetype) {
1530 case NDISC_NODETYPE_HOST:
1531 case NDISC_NODETYPE_NODEFAULT:
1532 ND_PRINTK(2, warn,
1533 "Redirect: from host or unauthorized router\n");
1534 return;
1535 }
1536 #endif
1537
1538 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1539 ND_PRINTK(2, warn,
1540 "Redirect: source address is not link-local\n");
1541 return;
1542 }
1543
1544 if (!ndisc_parse_options(skb->dev, msg->opt, ndoptlen, &ndopts))
1545 return;
1546
1547 if (!ndopts.nd_opts_rh) {
1548 ip6_redirect_no_header(skb, dev_net(skb->dev),
1549 skb->dev->ifindex);
1550 return;
1551 }
1552
1553 hdr = (u8 *)ndopts.nd_opts_rh;
1554 hdr += 8;
1555 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1556 return;
1557
1558 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1559 }
1560
1561 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1562 struct sk_buff *orig_skb,
1563 int rd_len)
1564 {
1565 u8 *opt = skb_put(skb, rd_len);
1566
1567 memset(opt, 0, 8);
1568 *(opt++) = ND_OPT_REDIRECT_HDR;
1569 *(opt++) = (rd_len >> 3);
1570 opt += 6;
1571
1572 skb_copy_bits(orig_skb, skb_network_offset(orig_skb), opt,
1573 rd_len - 8);
1574 }
1575
1576 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1577 {
1578 struct net_device *dev = skb->dev;
1579 struct net *net = dev_net(dev);
1580 struct sock *sk = net->ipv6.ndisc_sk;
1581 int optlen = 0;
1582 struct inet_peer *peer;
1583 struct sk_buff *buff;
1584 struct rd_msg *msg;
1585 struct in6_addr saddr_buf;
1586 struct rt6_info *rt;
1587 struct dst_entry *dst;
1588 struct flowi6 fl6;
1589 int rd_len;
1590 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL,
1591 ops_data_buf[NDISC_OPS_REDIRECT_DATA_SPACE], *ops_data = NULL;
1592 bool ret;
1593
1594 if (netif_is_l3_master(skb->dev)) {
1595 dev = __dev_get_by_index(dev_net(skb->dev), IPCB(skb)->iif);
1596 if (!dev)
1597 return;
1598 }
1599
1600 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1601 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1602 dev->name);
1603 return;
1604 }
1605
1606 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1607 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1608 ND_PRINTK(2, warn,
1609 "Redirect: target address is not link-local unicast\n");
1610 return;
1611 }
1612
1613 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1614 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1615
1616 dst = ip6_route_output(net, NULL, &fl6);
1617 if (dst->error) {
1618 dst_release(dst);
1619 return;
1620 }
1621 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1622 if (IS_ERR(dst))
1623 return;
1624
1625 rt = (struct rt6_info *) dst;
1626
1627 if (rt->rt6i_flags & RTF_GATEWAY) {
1628 ND_PRINTK(2, warn,
1629 "Redirect: destination is not a neighbour\n");
1630 goto release;
1631 }
1632 peer = inet_getpeer_v6(net->ipv6.peers, &ipv6_hdr(skb)->saddr, 1);
1633 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1634 if (peer)
1635 inet_putpeer(peer);
1636 if (!ret)
1637 goto release;
1638
1639 if (dev->addr_len) {
1640 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1641 if (!neigh) {
1642 ND_PRINTK(2, warn,
1643 "Redirect: no neigh for target address\n");
1644 goto release;
1645 }
1646
1647 read_lock_bh(&neigh->lock);
1648 if (neigh->nud_state & NUD_VALID) {
1649 memcpy(ha_buf, neigh->ha, dev->addr_len);
1650 read_unlock_bh(&neigh->lock);
1651 ha = ha_buf;
1652 optlen += ndisc_redirect_opt_addr_space(dev, neigh,
1653 ops_data_buf,
1654 &ops_data);
1655 } else
1656 read_unlock_bh(&neigh->lock);
1657
1658 neigh_release(neigh);
1659 }
1660
1661 rd_len = min_t(unsigned int,
1662 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1663 skb->len + 8);
1664 rd_len &= ~0x7;
1665 optlen += rd_len;
1666
1667 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1668 if (!buff)
1669 goto release;
1670
1671 msg = skb_put(buff, sizeof(*msg));
1672 *msg = (struct rd_msg) {
1673 .icmph = {
1674 .icmp6_type = NDISC_REDIRECT,
1675 },
1676 .target = *target,
1677 .dest = ipv6_hdr(skb)->daddr,
1678 };
1679
1680 /*
1681 * include target_address option
1682 */
1683
1684 if (ha)
1685 ndisc_fill_redirect_addr_option(buff, ha, ops_data);
1686
1687 /*
1688 * build redirect option and copy skb over to the new packet.
1689 */
1690
1691 if (rd_len)
1692 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1693
1694 skb_dst_set(buff, dst);
1695 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1696 return;
1697
1698 release:
1699 dst_release(dst);
1700 }
1701
1702 static void pndisc_redo(struct sk_buff *skb)
1703 {
1704 ndisc_recv_ns(skb);
1705 kfree_skb(skb);
1706 }
1707
1708 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1709 {
1710 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1711
1712 if (!idev)
1713 return true;
1714 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1715 idev->cnf.suppress_frag_ndisc) {
1716 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1717 return true;
1718 }
1719 return false;
1720 }
1721
1722 int ndisc_rcv(struct sk_buff *skb)
1723 {
1724 struct nd_msg *msg;
1725
1726 if (ndisc_suppress_frag_ndisc(skb))
1727 return 0;
1728
1729 if (skb_linearize(skb))
1730 return 0;
1731
1732 msg = (struct nd_msg *)skb_transport_header(skb);
1733
1734 __skb_push(skb, skb->data - skb_transport_header(skb));
1735
1736 if (ipv6_hdr(skb)->hop_limit != 255) {
1737 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1738 ipv6_hdr(skb)->hop_limit);
1739 return 0;
1740 }
1741
1742 if (msg->icmph.icmp6_code != 0) {
1743 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1744 msg->icmph.icmp6_code);
1745 return 0;
1746 }
1747
1748 switch (msg->icmph.icmp6_type) {
1749 case NDISC_NEIGHBOUR_SOLICITATION:
1750 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1751 ndisc_recv_ns(skb);
1752 break;
1753
1754 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1755 ndisc_recv_na(skb);
1756 break;
1757
1758 case NDISC_ROUTER_SOLICITATION:
1759 ndisc_recv_rs(skb);
1760 break;
1761
1762 case NDISC_ROUTER_ADVERTISEMENT:
1763 ndisc_router_discovery(skb);
1764 break;
1765
1766 case NDISC_REDIRECT:
1767 ndisc_redirect_rcv(skb);
1768 break;
1769 }
1770
1771 return 0;
1772 }
1773
1774 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1775 {
1776 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1777 struct netdev_notifier_change_info *change_info;
1778 struct net *net = dev_net(dev);
1779 struct inet6_dev *idev;
1780
1781 switch (event) {
1782 case NETDEV_CHANGEADDR:
1783 neigh_changeaddr(&nd_tbl, dev);
1784 fib6_run_gc(0, net, false);
1785 /* fallthrough */
1786 case NETDEV_UP:
1787 idev = in6_dev_get(dev);
1788 if (!idev)
1789 break;
1790 if (idev->cnf.ndisc_notify ||
1791 net->ipv6.devconf_all->ndisc_notify)
1792 ndisc_send_unsol_na(dev);
1793 in6_dev_put(idev);
1794 break;
1795 case NETDEV_CHANGE:
1796 change_info = ptr;
1797 if (change_info->flags_changed & IFF_NOARP)
1798 neigh_changeaddr(&nd_tbl, dev);
1799 if (!netif_carrier_ok(dev))
1800 neigh_carrier_down(&nd_tbl, dev);
1801 break;
1802 case NETDEV_DOWN:
1803 neigh_ifdown(&nd_tbl, dev);
1804 fib6_run_gc(0, net, false);
1805 break;
1806 case NETDEV_NOTIFY_PEERS:
1807 ndisc_send_unsol_na(dev);
1808 break;
1809 default:
1810 break;
1811 }
1812
1813 return NOTIFY_DONE;
1814 }
1815
1816 static struct notifier_block ndisc_netdev_notifier = {
1817 .notifier_call = ndisc_netdev_event,
1818 .priority = ADDRCONF_NOTIFY_PRIORITY - 5,
1819 };
1820
1821 #ifdef CONFIG_SYSCTL
1822 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1823 const char *func, const char *dev_name)
1824 {
1825 static char warncomm[TASK_COMM_LEN];
1826 static int warned;
1827 if (strcmp(warncomm, current->comm) && warned < 5) {
1828 strcpy(warncomm, current->comm);
1829 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1830 warncomm, func,
1831 dev_name, ctl->procname,
1832 dev_name, ctl->procname);
1833 warned++;
1834 }
1835 }
1836
1837 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1838 {
1839 struct net_device *dev = ctl->extra1;
1840 struct inet6_dev *idev;
1841 int ret;
1842
1843 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1844 (strcmp(ctl->procname, "base_reachable_time") == 0))
1845 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1846
1847 if (strcmp(ctl->procname, "retrans_time") == 0)
1848 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1849
1850 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1851 ret = neigh_proc_dointvec_jiffies(ctl, write,
1852 buffer, lenp, ppos);
1853
1854 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1855 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1856 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1857 buffer, lenp, ppos);
1858 else
1859 ret = -1;
1860
1861 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1862 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1863 idev->nd_parms->reachable_time =
1864 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1865 idev->tstamp = jiffies;
1866 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1867 in6_dev_put(idev);
1868 }
1869 return ret;
1870 }
1871
1872
1873 #endif
1874
1875 static int __net_init ndisc_net_init(struct net *net)
1876 {
1877 struct ipv6_pinfo *np;
1878 struct sock *sk;
1879 int err;
1880
1881 err = inet_ctl_sock_create(&sk, PF_INET6,
1882 SOCK_RAW, IPPROTO_ICMPV6, net);
1883 if (err < 0) {
1884 ND_PRINTK(0, err,
1885 "NDISC: Failed to initialize the control socket (err %d)\n",
1886 err);
1887 return err;
1888 }
1889
1890 net->ipv6.ndisc_sk = sk;
1891
1892 np = inet6_sk(sk);
1893 np->hop_limit = 255;
1894 /* Do not loopback ndisc messages */
1895 np->mc_loop = 0;
1896
1897 return 0;
1898 }
1899
1900 static void __net_exit ndisc_net_exit(struct net *net)
1901 {
1902 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1903 }
1904
1905 static struct pernet_operations ndisc_net_ops = {
1906 .init = ndisc_net_init,
1907 .exit = ndisc_net_exit,
1908 };
1909
1910 int __init ndisc_init(void)
1911 {
1912 int err;
1913
1914 err = register_pernet_subsys(&ndisc_net_ops);
1915 if (err)
1916 return err;
1917 /*
1918 * Initialize the neighbour table
1919 */
1920 neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1921
1922 #ifdef CONFIG_SYSCTL
1923 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1924 ndisc_ifinfo_sysctl_change);
1925 if (err)
1926 goto out_unregister_pernet;
1927 out:
1928 #endif
1929 return err;
1930
1931 #ifdef CONFIG_SYSCTL
1932 out_unregister_pernet:
1933 unregister_pernet_subsys(&ndisc_net_ops);
1934 goto out;
1935 #endif
1936 }
1937
1938 int __init ndisc_late_init(void)
1939 {
1940 return register_netdevice_notifier(&ndisc_netdev_notifier);
1941 }
1942
1943 void ndisc_late_cleanup(void)
1944 {
1945 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1946 }
1947
1948 void ndisc_cleanup(void)
1949 {
1950 #ifdef CONFIG_SYSCTL
1951 neigh_sysctl_unregister(&nd_tbl.parms);
1952 #endif
1953 neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1954 unregister_pernet_subsys(&ndisc_net_ops);
1955 }
Ubuntu combined Linux kernel mirror