]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blob - net/ipv6/ndisc.c
projects / mirror_ubuntu-artful-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
net: ipv6: Standardize prefixes for message logging
[mirror_ubuntu-artful-kernel.git] / net / ipv6 / ndisc.c
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
22 * of an RA.
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
28 */
29
30 /* Set to 3 to get tracing... */
31 #define ND_DEBUG 1
32
33 #define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
34 #define ND_NOPRINTK(x...) do { ; } while(0)
35 #define ND_PRINTK0 ND_PRINTK
36 #define ND_PRINTK1 ND_NOPRINTK
37 #define ND_PRINTK2 ND_NOPRINTK
38 #define ND_PRINTK3 ND_NOPRINTK
39 #if ND_DEBUG >= 1
40 #undef ND_PRINTK1
41 #define ND_PRINTK1 ND_PRINTK
42 #endif
43 #if ND_DEBUG >= 2
44 #undef ND_PRINTK2
45 #define ND_PRINTK2 ND_PRINTK
46 #endif
47 #if ND_DEBUG >= 3
48 #undef ND_PRINTK3
49 #define ND_PRINTK3 ND_PRINTK
50 #endif
51
52 #include <linux/module.h>
53 #include <linux/errno.h>
54 #include <linux/types.h>
55 #include <linux/socket.h>
56 #include <linux/sockios.h>
57 #include <linux/sched.h>
58 #include <linux/net.h>
59 #include <linux/in6.h>
60 #include <linux/route.h>
61 #include <linux/init.h>
62 #include <linux/rcupdate.h>
63 #include <linux/slab.h>
64 #ifdef CONFIG_SYSCTL
65 #include <linux/sysctl.h>
66 #endif
67
68 #include <linux/if_addr.h>
69 #include <linux/if_arp.h>
70 #include <linux/ipv6.h>
71 #include <linux/icmpv6.h>
72 #include <linux/jhash.h>
73
74 #include <net/sock.h>
75 #include <net/snmp.h>
76
77 #include <net/ipv6.h>
78 #include <net/protocol.h>
79 #include <net/ndisc.h>
80 #include <net/ip6_route.h>
81 #include <net/addrconf.h>
82 #include <net/icmp.h>
83
84 #include <net/netlink.h>
85 #include <linux/rtnetlink.h>
86
87 #include <net/flow.h>
88 #include <net/ip6_checksum.h>
89 #include <net/inet_common.h>
90 #include <linux/proc_fs.h>
91
92 #include <linux/netfilter.h>
93 #include <linux/netfilter_ipv6.h>
94
95 static u32 ndisc_hash(const void *pkey,
96 const struct net_device *dev,
97 __u32 *hash_rnd);
98 static int ndisc_constructor(struct neighbour *neigh);
99 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
100 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
101 static int pndisc_constructor(struct pneigh_entry *n);
102 static void pndisc_destructor(struct pneigh_entry *n);
103 static void pndisc_redo(struct sk_buff *skb);
104
105 static const struct neigh_ops ndisc_generic_ops = {
106 .family = AF_INET6,
107 .solicit = ndisc_solicit,
108 .error_report = ndisc_error_report,
109 .output = neigh_resolve_output,
110 .connected_output = neigh_connected_output,
111 };
112
113 static const struct neigh_ops ndisc_hh_ops = {
114 .family = AF_INET6,
115 .solicit = ndisc_solicit,
116 .error_report = ndisc_error_report,
117 .output = neigh_resolve_output,
118 .connected_output = neigh_resolve_output,
119 };
120
121
122 static const struct neigh_ops ndisc_direct_ops = {
123 .family = AF_INET6,
124 .output = neigh_direct_output,
125 .connected_output = neigh_direct_output,
126 };
127
128 struct neigh_table nd_tbl = {
129 .family = AF_INET6,
130 .key_len = sizeof(struct in6_addr),
131 .hash = ndisc_hash,
132 .constructor = ndisc_constructor,
133 .pconstructor = pndisc_constructor,
134 .pdestructor = pndisc_destructor,
135 .proxy_redo = pndisc_redo,
136 .id = "ndisc_cache",
137 .parms = {
138 .tbl = &nd_tbl,
139 .base_reachable_time = ND_REACHABLE_TIME,
140 .retrans_time = ND_RETRANS_TIMER,
141 .gc_staletime = 60 * HZ,
142 .reachable_time = ND_REACHABLE_TIME,
143 .delay_probe_time = 5 * HZ,
144 .queue_len_bytes = 64*1024,
145 .ucast_probes = 3,
146 .mcast_probes = 3,
147 .anycast_delay = 1 * HZ,
148 .proxy_delay = (8 * HZ) / 10,
149 .proxy_qlen = 64,
150 },
151 .gc_interval = 30 * HZ,
152 .gc_thresh1 = 128,
153 .gc_thresh2 = 512,
154 .gc_thresh3 = 1024,
155 };
156
157 /* ND options */
158 struct ndisc_options {
159 struct nd_opt_hdr *nd_opt_array[__ND_OPT_ARRAY_MAX];
160 #ifdef CONFIG_IPV6_ROUTE_INFO
161 struct nd_opt_hdr *nd_opts_ri;
162 struct nd_opt_hdr *nd_opts_ri_end;
163 #endif
164 struct nd_opt_hdr *nd_useropts;
165 struct nd_opt_hdr *nd_useropts_end;
166 };
167
168 #define nd_opts_src_lladdr nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
169 #define nd_opts_tgt_lladdr nd_opt_array[ND_OPT_TARGET_LL_ADDR]
170 #define nd_opts_pi nd_opt_array[ND_OPT_PREFIX_INFO]
171 #define nd_opts_pi_end nd_opt_array[__ND_OPT_PREFIX_INFO_END]
172 #define nd_opts_rh nd_opt_array[ND_OPT_REDIRECT_HDR]
173 #define nd_opts_mtu nd_opt_array[ND_OPT_MTU]
174
175 #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
176
177 /*
178 * Return the padding between the option length and the start of the
179 * link addr. Currently only IP-over-InfiniBand needs this, although
180 * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
181 * also need a pad of 2.
182 */
183 static int ndisc_addr_option_pad(unsigned short type)
184 {
185 switch (type) {
186 case ARPHRD_INFINIBAND: return 2;
187 default: return 0;
188 }
189 }
190
191 static inline int ndisc_opt_addr_space(struct net_device *dev)
192 {
193 return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
194 }
195
196 static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
197 unsigned short addr_type)
198 {
199 int space = NDISC_OPT_SPACE(data_len);
200 int pad = ndisc_addr_option_pad(addr_type);
201
202 opt[0] = type;
203 opt[1] = space>>3;
204
205 memset(opt + 2, 0, pad);
206 opt += pad;
207 space -= pad;
208
209 memcpy(opt+2, data, data_len);
210 data_len += 2;
211 opt += data_len;
212 if ((space -= data_len) > 0)
213 memset(opt, 0, space);
214 return opt + space;
215 }
216
217 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
218 struct nd_opt_hdr *end)
219 {
220 int type;
221 if (!cur || !end || cur >= end)
222 return NULL;
223 type = cur->nd_opt_type;
224 do {
225 cur = ((void *)cur) + (cur->nd_opt_len << 3);
226 } while(cur < end && cur->nd_opt_type != type);
227 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
228 }
229
230 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
231 {
232 return opt->nd_opt_type == ND_OPT_RDNSS ||
233 opt->nd_opt_type == ND_OPT_DNSSL;
234 }
235
236 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
237 struct nd_opt_hdr *end)
238 {
239 if (!cur || !end || cur >= end)
240 return NULL;
241 do {
242 cur = ((void *)cur) + (cur->nd_opt_len << 3);
243 } while(cur < end && !ndisc_is_useropt(cur));
244 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
245 }
246
247 static struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
248 struct ndisc_options *ndopts)
249 {
250 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
251
252 if (!nd_opt || opt_len < 0 || !ndopts)
253 return NULL;
254 memset(ndopts, 0, sizeof(*ndopts));
255 while (opt_len) {
256 int l;
257 if (opt_len < sizeof(struct nd_opt_hdr))
258 return NULL;
259 l = nd_opt->nd_opt_len << 3;
260 if (opt_len < l || l == 0)
261 return NULL;
262 switch (nd_opt->nd_opt_type) {
263 case ND_OPT_SOURCE_LL_ADDR:
264 case ND_OPT_TARGET_LL_ADDR:
265 case ND_OPT_MTU:
266 case ND_OPT_REDIRECT_HDR:
267 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
268 ND_PRINTK2(KERN_WARNING
269 "%s: duplicated ND6 option found: type=%d\n",
270 __func__,
271 nd_opt->nd_opt_type);
272 } else {
273 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
274 }
275 break;
276 case ND_OPT_PREFIX_INFO:
277 ndopts->nd_opts_pi_end = nd_opt;
278 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
279 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
280 break;
281 #ifdef CONFIG_IPV6_ROUTE_INFO
282 case ND_OPT_ROUTE_INFO:
283 ndopts->nd_opts_ri_end = nd_opt;
284 if (!ndopts->nd_opts_ri)
285 ndopts->nd_opts_ri = nd_opt;
286 break;
287 #endif
288 default:
289 if (ndisc_is_useropt(nd_opt)) {
290 ndopts->nd_useropts_end = nd_opt;
291 if (!ndopts->nd_useropts)
292 ndopts->nd_useropts = nd_opt;
293 } else {
294 /*
295 * Unknown options must be silently ignored,
296 * to accommodate future extension to the
297 * protocol.
298 */
299 ND_PRINTK2(KERN_NOTICE
300 "%s: ignored unsupported option; type=%d, len=%d\n",
301 __func__,
302 nd_opt->nd_opt_type, nd_opt->nd_opt_len);
303 }
304 }
305 opt_len -= l;
306 nd_opt = ((void *)nd_opt) + l;
307 }
308 return ndopts;
309 }
310
311 static inline u8 *ndisc_opt_addr_data(struct nd_opt_hdr *p,
312 struct net_device *dev)
313 {
314 u8 *lladdr = (u8 *)(p + 1);
315 int lladdrlen = p->nd_opt_len << 3;
316 int prepad = ndisc_addr_option_pad(dev->type);
317 if (lladdrlen != NDISC_OPT_SPACE(dev->addr_len + prepad))
318 return NULL;
319 return lladdr + prepad;
320 }
321
322 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
323 {
324 switch (dev->type) {
325 case ARPHRD_ETHER:
326 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
327 case ARPHRD_FDDI:
328 ipv6_eth_mc_map(addr, buf);
329 return 0;
330 case ARPHRD_IEEE802_TR:
331 ipv6_tr_mc_map(addr,buf);
332 return 0;
333 case ARPHRD_ARCNET:
334 ipv6_arcnet_mc_map(addr, buf);
335 return 0;
336 case ARPHRD_INFINIBAND:
337 ipv6_ib_mc_map(addr, dev->broadcast, buf);
338 return 0;
339 case ARPHRD_IPGRE:
340 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
341 default:
342 if (dir) {
343 memcpy(buf, dev->broadcast, dev->addr_len);
344 return 0;
345 }
346 }
347 return -EINVAL;
348 }
349
350 EXPORT_SYMBOL(ndisc_mc_map);
351
352 static u32 ndisc_hash(const void *pkey,
353 const struct net_device *dev,
354 __u32 *hash_rnd)
355 {
356 return ndisc_hashfn(pkey, dev, hash_rnd);
357 }
358
359 static int ndisc_constructor(struct neighbour *neigh)
360 {
361 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
362 struct net_device *dev = neigh->dev;
363 struct inet6_dev *in6_dev;
364 struct neigh_parms *parms;
365 int is_multicast = ipv6_addr_is_multicast(addr);
366
367 in6_dev = in6_dev_get(dev);
368 if (in6_dev == NULL) {
369 return -EINVAL;
370 }
371
372 parms = in6_dev->nd_parms;
373 __neigh_parms_put(neigh->parms);
374 neigh->parms = neigh_parms_clone(parms);
375
376 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
377 if (!dev->header_ops) {
378 neigh->nud_state = NUD_NOARP;
379 neigh->ops = &ndisc_direct_ops;
380 neigh->output = neigh_direct_output;
381 } else {
382 if (is_multicast) {
383 neigh->nud_state = NUD_NOARP;
384 ndisc_mc_map(addr, neigh->ha, dev, 1);
385 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
386 neigh->nud_state = NUD_NOARP;
387 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
388 if (dev->flags&IFF_LOOPBACK)
389 neigh->type = RTN_LOCAL;
390 } else if (dev->flags&IFF_POINTOPOINT) {
391 neigh->nud_state = NUD_NOARP;
392 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
393 }
394 if (dev->header_ops->cache)
395 neigh->ops = &ndisc_hh_ops;
396 else
397 neigh->ops = &ndisc_generic_ops;
398 if (neigh->nud_state&NUD_VALID)
399 neigh->output = neigh->ops->connected_output;
400 else
401 neigh->output = neigh->ops->output;
402 }
403 in6_dev_put(in6_dev);
404 return 0;
405 }
406
407 static int pndisc_constructor(struct pneigh_entry *n)
408 {
409 struct in6_addr *addr = (struct in6_addr*)&n->key;
410 struct in6_addr maddr;
411 struct net_device *dev = n->dev;
412
413 if (dev == NULL || __in6_dev_get(dev) == NULL)
414 return -EINVAL;
415 addrconf_addr_solict_mult(addr, &maddr);
416 ipv6_dev_mc_inc(dev, &maddr);
417 return 0;
418 }
419
420 static void pndisc_destructor(struct pneigh_entry *n)
421 {
422 struct in6_addr *addr = (struct in6_addr*)&n->key;
423 struct in6_addr maddr;
424 struct net_device *dev = n->dev;
425
426 if (dev == NULL || __in6_dev_get(dev) == NULL)
427 return;
428 addrconf_addr_solict_mult(addr, &maddr);
429 ipv6_dev_mc_dec(dev, &maddr);
430 }
431
432 struct sk_buff *ndisc_build_skb(struct net_device *dev,
433 const struct in6_addr *daddr,
434 const struct in6_addr *saddr,
435 struct icmp6hdr *icmp6h,
436 const struct in6_addr *target,
437 int llinfo)
438 {
439 struct net *net = dev_net(dev);
440 struct sock *sk = net->ipv6.ndisc_sk;
441 struct sk_buff *skb;
442 struct icmp6hdr *hdr;
443 int hlen = LL_RESERVED_SPACE(dev);
444 int tlen = dev->needed_tailroom;
445 int len;
446 int err;
447 u8 *opt;
448
449 if (!dev->addr_len)
450 llinfo = 0;
451
452 len = sizeof(struct icmp6hdr) + (target ? sizeof(*target) : 0);
453 if (llinfo)
454 len += ndisc_opt_addr_space(dev);
455
456 skb = sock_alloc_send_skb(sk,
457 (MAX_HEADER + sizeof(struct ipv6hdr) +
458 len + hlen + tlen),
459 1, &err);
460 if (!skb) {
461 ND_PRINTK0(KERN_ERR
462 "ICMPv6 ND: %s failed to allocate an skb, err=%d.\n",
463 __func__, err);
464 return NULL;
465 }
466
467 skb_reserve(skb, hlen);
468 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
469
470 skb->transport_header = skb->tail;
471 skb_put(skb, len);
472
473 hdr = (struct icmp6hdr *)skb_transport_header(skb);
474 memcpy(hdr, icmp6h, sizeof(*hdr));
475
476 opt = skb_transport_header(skb) + sizeof(struct icmp6hdr);
477 if (target) {
478 *(struct in6_addr *)opt = *target;
479 opt += sizeof(*target);
480 }
481
482 if (llinfo)
483 ndisc_fill_addr_option(opt, llinfo, dev->dev_addr,
484 dev->addr_len, dev->type);
485
486 hdr->icmp6_cksum = csum_ipv6_magic(saddr, daddr, len,
487 IPPROTO_ICMPV6,
488 csum_partial(hdr,
489 len, 0));
490
491 return skb;
492 }
493
494 EXPORT_SYMBOL(ndisc_build_skb);
495
496 void ndisc_send_skb(struct sk_buff *skb,
497 struct net_device *dev,
498 struct neighbour *neigh,
499 const struct in6_addr *daddr,
500 const struct in6_addr *saddr,
501 struct icmp6hdr *icmp6h)
502 {
503 struct flowi6 fl6;
504 struct dst_entry *dst;
505 struct net *net = dev_net(dev);
506 struct sock *sk = net->ipv6.ndisc_sk;
507 struct inet6_dev *idev;
508 int err;
509 u8 type;
510
511 type = icmp6h->icmp6_type;
512
513 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, dev->ifindex);
514 dst = icmp6_dst_alloc(dev, neigh, &fl6);
515 if (IS_ERR(dst)) {
516 kfree_skb(skb);
517 return;
518 }
519
520 skb_dst_set(skb, dst);
521
522 rcu_read_lock();
523 idev = __in6_dev_get(dst->dev);
524 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
525
526 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
527 dst_output);
528 if (!err) {
529 ICMP6MSGOUT_INC_STATS(net, idev, type);
530 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
531 }
532
533 rcu_read_unlock();
534 }
535
536 EXPORT_SYMBOL(ndisc_send_skb);
537
538 /*
539 * Send a Neighbour Discover packet
540 */
541 static void __ndisc_send(struct net_device *dev,
542 struct neighbour *neigh,
543 const struct in6_addr *daddr,
544 const struct in6_addr *saddr,
545 struct icmp6hdr *icmp6h, const struct in6_addr *target,
546 int llinfo)
547 {
548 struct sk_buff *skb;
549
550 skb = ndisc_build_skb(dev, daddr, saddr, icmp6h, target, llinfo);
551 if (!skb)
552 return;
553
554 ndisc_send_skb(skb, dev, neigh, daddr, saddr, icmp6h);
555 }
556
557 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
558 const struct in6_addr *daddr,
559 const struct in6_addr *solicited_addr,
560 int router, int solicited, int override, int inc_opt)
561 {
562 struct in6_addr tmpaddr;
563 struct inet6_ifaddr *ifp;
564 const struct in6_addr *src_addr;
565 struct icmp6hdr icmp6h = {
566 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
567 };
568
569 /* for anycast or proxy, solicited_addr != src_addr */
570 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
571 if (ifp) {
572 src_addr = solicited_addr;
573 if (ifp->flags & IFA_F_OPTIMISTIC)
574 override = 0;
575 inc_opt |= ifp->idev->cnf.force_tllao;
576 in6_ifa_put(ifp);
577 } else {
578 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
579 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
580 &tmpaddr))
581 return;
582 src_addr = &tmpaddr;
583 }
584
585 icmp6h.icmp6_router = router;
586 icmp6h.icmp6_solicited = solicited;
587 icmp6h.icmp6_override = override;
588
589 __ndisc_send(dev, neigh, daddr, src_addr,
590 &icmp6h, solicited_addr,
591 inc_opt ? ND_OPT_TARGET_LL_ADDR : 0);
592 }
593
594 static void ndisc_send_unsol_na(struct net_device *dev)
595 {
596 struct inet6_dev *idev;
597 struct inet6_ifaddr *ifa;
598 struct in6_addr mcaddr;
599
600 idev = in6_dev_get(dev);
601 if (!idev)
602 return;
603
604 read_lock_bh(&idev->lock);
605 list_for_each_entry(ifa, &idev->addr_list, if_list) {
606 addrconf_addr_solict_mult(&ifa->addr, &mcaddr);
607 ndisc_send_na(dev, NULL, &mcaddr, &ifa->addr,
608 /*router=*/ !!idev->cnf.forwarding,
609 /*solicited=*/ false, /*override=*/ true,
610 /*inc_opt=*/ true);
611 }
612 read_unlock_bh(&idev->lock);
613
614 in6_dev_put(idev);
615 }
616
617 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
618 const struct in6_addr *solicit,
619 const struct in6_addr *daddr, const struct in6_addr *saddr)
620 {
621 struct in6_addr addr_buf;
622 struct icmp6hdr icmp6h = {
623 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
624 };
625
626 if (saddr == NULL) {
627 if (ipv6_get_lladdr(dev, &addr_buf,
628 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
629 return;
630 saddr = &addr_buf;
631 }
632
633 __ndisc_send(dev, neigh, daddr, saddr,
634 &icmp6h, solicit,
635 !ipv6_addr_any(saddr) ? ND_OPT_SOURCE_LL_ADDR : 0);
636 }
637
638 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
639 const struct in6_addr *daddr)
640 {
641 struct icmp6hdr icmp6h = {
642 .icmp6_type = NDISC_ROUTER_SOLICITATION,
643 };
644 int send_sllao = dev->addr_len;
645
646 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
647 /*
648 * According to section 2.2 of RFC 4429, we must not
649 * send router solicitations with a sllao from
650 * optimistic addresses, but we may send the solicitation
651 * if we don't include the sllao. So here we check
652 * if our address is optimistic, and if so, we
653 * suppress the inclusion of the sllao.
654 */
655 if (send_sllao) {
656 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
657 dev, 1);
658 if (ifp) {
659 if (ifp->flags & IFA_F_OPTIMISTIC) {
660 send_sllao = 0;
661 }
662 in6_ifa_put(ifp);
663 } else {
664 send_sllao = 0;
665 }
666 }
667 #endif
668 __ndisc_send(dev, NULL, daddr, saddr,
669 &icmp6h, NULL,
670 send_sllao ? ND_OPT_SOURCE_LL_ADDR : 0);
671 }
672
673
674 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
675 {
676 /*
677 * "The sender MUST return an ICMP
678 * destination unreachable"
679 */
680 dst_link_failure(skb);
681 kfree_skb(skb);
682 }
683
684 /* Called with locked neigh: either read or both */
685
686 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
687 {
688 struct in6_addr *saddr = NULL;
689 struct in6_addr mcaddr;
690 struct net_device *dev = neigh->dev;
691 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
692 int probes = atomic_read(&neigh->probes);
693
694 if (skb && ipv6_chk_addr(dev_net(dev), &ipv6_hdr(skb)->saddr, dev, 1))
695 saddr = &ipv6_hdr(skb)->saddr;
696
697 if ((probes -= neigh->parms->ucast_probes) < 0) {
698 if (!(neigh->nud_state & NUD_VALID)) {
699 ND_PRINTK1(KERN_DEBUG "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
700 __func__, target);
701 }
702 ndisc_send_ns(dev, neigh, target, target, saddr);
703 } else if ((probes -= neigh->parms->app_probes) < 0) {
704 #ifdef CONFIG_ARPD
705 neigh_app_ns(neigh);
706 #endif
707 } else {
708 addrconf_addr_solict_mult(target, &mcaddr);
709 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
710 }
711 }
712
713 static int pndisc_is_router(const void *pkey,
714 struct net_device *dev)
715 {
716 struct pneigh_entry *n;
717 int ret = -1;
718
719 read_lock_bh(&nd_tbl.lock);
720 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
721 if (n)
722 ret = !!(n->flags & NTF_ROUTER);
723 read_unlock_bh(&nd_tbl.lock);
724
725 return ret;
726 }
727
728 static void ndisc_recv_ns(struct sk_buff *skb)
729 {
730 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
731 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
732 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
733 u8 *lladdr = NULL;
734 u32 ndoptlen = skb->tail - (skb->transport_header +
735 offsetof(struct nd_msg, opt));
736 struct ndisc_options ndopts;
737 struct net_device *dev = skb->dev;
738 struct inet6_ifaddr *ifp;
739 struct inet6_dev *idev = NULL;
740 struct neighbour *neigh;
741 int dad = ipv6_addr_any(saddr);
742 int inc;
743 int is_router = -1;
744
745 if (ipv6_addr_is_multicast(&msg->target)) {
746 ND_PRINTK2(KERN_WARNING
747 "ICMPv6 NS: multicast target address");
748 return;
749 }
750
751 /*
752 * RFC2461 7.1.1:
753 * DAD has to be destined for solicited node multicast address.
754 */
755 if (dad &&
756 !(daddr->s6_addr32[0] == htonl(0xff020000) &&
757 daddr->s6_addr32[1] == htonl(0x00000000) &&
758 daddr->s6_addr32[2] == htonl(0x00000001) &&
759 daddr->s6_addr [12] == 0xff )) {
760 ND_PRINTK2(KERN_WARNING
761 "ICMPv6 NS: bad DAD packet (wrong destination)\n");
762 return;
763 }
764
765 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
766 ND_PRINTK2(KERN_WARNING
767 "ICMPv6 NS: invalid ND options\n");
768 return;
769 }
770
771 if (ndopts.nd_opts_src_lladdr) {
772 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
773 if (!lladdr) {
774 ND_PRINTK2(KERN_WARNING
775 "ICMPv6 NS: invalid link-layer address length\n");
776 return;
777 }
778
779 /* RFC2461 7.1.1:
780 * If the IP source address is the unspecified address,
781 * there MUST NOT be source link-layer address option
782 * in the message.
783 */
784 if (dad) {
785 ND_PRINTK2(KERN_WARNING
786 "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
787 return;
788 }
789 }
790
791 inc = ipv6_addr_is_multicast(daddr);
792
793 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
794 if (ifp) {
795
796 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
797 if (dad) {
798 if (dev->type == ARPHRD_IEEE802_TR) {
799 const unsigned char *sadr;
800 sadr = skb_mac_header(skb);
801 if (((sadr[8] ^ dev->dev_addr[0]) & 0x7f) == 0 &&
802 sadr[9] == dev->dev_addr[1] &&
803 sadr[10] == dev->dev_addr[2] &&
804 sadr[11] == dev->dev_addr[3] &&
805 sadr[12] == dev->dev_addr[4] &&
806 sadr[13] == dev->dev_addr[5]) {
807 /* looped-back to us */
808 goto out;
809 }
810 }
811
812 /*
813 * We are colliding with another node
814 * who is doing DAD
815 * so fail our DAD process
816 */
817 addrconf_dad_failure(ifp);
818 return;
819 } else {
820 /*
821 * This is not a dad solicitation.
822 * If we are an optimistic node,
823 * we should respond.
824 * Otherwise, we should ignore it.
825 */
826 if (!(ifp->flags & IFA_F_OPTIMISTIC))
827 goto out;
828 }
829 }
830
831 idev = ifp->idev;
832 } else {
833 struct net *net = dev_net(dev);
834
835 idev = in6_dev_get(dev);
836 if (!idev) {
837 /* XXX: count this drop? */
838 return;
839 }
840
841 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
842 (idev->cnf.forwarding &&
843 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
844 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
845 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
846 skb->pkt_type != PACKET_HOST &&
847 inc != 0 &&
848 idev->nd_parms->proxy_delay != 0) {
849 /*
850 * for anycast or proxy,
851 * sender should delay its response
852 * by a random time between 0 and
853 * MAX_ANYCAST_DELAY_TIME seconds.
854 * (RFC2461) -- yoshfuji
855 */
856 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
857 if (n)
858 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
859 goto out;
860 }
861 } else
862 goto out;
863 }
864
865 if (is_router < 0)
866 is_router = !!idev->cnf.forwarding;
867
868 if (dad) {
869 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
870 is_router, 0, (ifp != NULL), 1);
871 goto out;
872 }
873
874 if (inc)
875 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
876 else
877 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
878
879 /*
880 * update / create cache entry
881 * for the source address
882 */
883 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
884 !inc || lladdr || !dev->addr_len);
885 if (neigh)
886 neigh_update(neigh, lladdr, NUD_STALE,
887 NEIGH_UPDATE_F_WEAK_OVERRIDE|
888 NEIGH_UPDATE_F_OVERRIDE);
889 if (neigh || !dev->header_ops) {
890 ndisc_send_na(dev, neigh, saddr, &msg->target,
891 is_router,
892 1, (ifp != NULL && inc), inc);
893 if (neigh)
894 neigh_release(neigh);
895 }
896
897 out:
898 if (ifp)
899 in6_ifa_put(ifp);
900 else
901 in6_dev_put(idev);
902 }
903
904 static void ndisc_recv_na(struct sk_buff *skb)
905 {
906 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
907 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
908 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
909 u8 *lladdr = NULL;
910 u32 ndoptlen = skb->tail - (skb->transport_header +
911 offsetof(struct nd_msg, opt));
912 struct ndisc_options ndopts;
913 struct net_device *dev = skb->dev;
914 struct inet6_ifaddr *ifp;
915 struct neighbour *neigh;
916
917 if (skb->len < sizeof(struct nd_msg)) {
918 ND_PRINTK2(KERN_WARNING
919 "ICMPv6 NA: packet too short\n");
920 return;
921 }
922
923 if (ipv6_addr_is_multicast(&msg->target)) {
924 ND_PRINTK2(KERN_WARNING
925 "ICMPv6 NA: target address is multicast.\n");
926 return;
927 }
928
929 if (ipv6_addr_is_multicast(daddr) &&
930 msg->icmph.icmp6_solicited) {
931 ND_PRINTK2(KERN_WARNING
932 "ICMPv6 NA: solicited NA is multicasted.\n");
933 return;
934 }
935
936 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
937 ND_PRINTK2(KERN_WARNING
938 "ICMPv6 NS: invalid ND option\n");
939 return;
940 }
941 if (ndopts.nd_opts_tgt_lladdr) {
942 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
943 if (!lladdr) {
944 ND_PRINTK2(KERN_WARNING
945 "ICMPv6 NA: invalid link-layer address length\n");
946 return;
947 }
948 }
949 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
950 if (ifp) {
951 if (skb->pkt_type != PACKET_LOOPBACK
952 && (ifp->flags & IFA_F_TENTATIVE)) {
953 addrconf_dad_failure(ifp);
954 return;
955 }
956 /* What should we make now? The advertisement
957 is invalid, but ndisc specs say nothing
958 about it. It could be misconfiguration, or
959 an smart proxy agent tries to help us :-)
960
961 We should not print the error if NA has been
962 received from loopback - it is just our own
963 unsolicited advertisement.
964 */
965 if (skb->pkt_type != PACKET_LOOPBACK)
966 ND_PRINTK1(KERN_WARNING
967 "ICMPv6 NA: someone advertises our address %pI6 on %s!\n",
968 &ifp->addr, ifp->idev->dev->name);
969 in6_ifa_put(ifp);
970 return;
971 }
972 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
973
974 if (neigh) {
975 u8 old_flags = neigh->flags;
976 struct net *net = dev_net(dev);
977
978 if (neigh->nud_state & NUD_FAILED)
979 goto out;
980
981 /*
982 * Don't update the neighbor cache entry on a proxy NA from
983 * ourselves because either the proxied node is off link or it
984 * has already sent a NA to us.
985 */
986 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
987 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
988 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
989 /* XXX: idev->cnf.prixy_ndp */
990 goto out;
991 }
992
993 neigh_update(neigh, lladdr,
994 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
995 NEIGH_UPDATE_F_WEAK_OVERRIDE|
996 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
997 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
998 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
999
1000 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
1001 /*
1002 * Change: router to host
1003 */
1004 struct rt6_info *rt;
1005 rt = rt6_get_dflt_router(saddr, dev);
1006 if (rt)
1007 ip6_del_rt(rt);
1008 }
1009
1010 out:
1011 neigh_release(neigh);
1012 }
1013 }
1014
1015 static void ndisc_recv_rs(struct sk_buff *skb)
1016 {
1017 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1018 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1019 struct neighbour *neigh;
1020 struct inet6_dev *idev;
1021 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1022 struct ndisc_options ndopts;
1023 u8 *lladdr = NULL;
1024
1025 if (skb->len < sizeof(*rs_msg))
1026 return;
1027
1028 idev = __in6_dev_get(skb->dev);
1029 if (!idev) {
1030 if (net_ratelimit())
1031 ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
1032 return;
1033 }
1034
1035 /* Don't accept RS if we're not in router mode */
1036 if (!idev->cnf.forwarding)
1037 goto out;
1038
1039 /*
1040 * Don't update NCE if src = ::;
1041 * this implies that the source node has no ip address assigned yet.
1042 */
1043 if (ipv6_addr_any(saddr))
1044 goto out;
1045
1046 /* Parse ND options */
1047 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
1048 if (net_ratelimit())
1049 ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
1050 goto out;
1051 }
1052
1053 if (ndopts.nd_opts_src_lladdr) {
1054 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1055 skb->dev);
1056 if (!lladdr)
1057 goto out;
1058 }
1059
1060 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1061 if (neigh) {
1062 neigh_update(neigh, lladdr, NUD_STALE,
1063 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1064 NEIGH_UPDATE_F_OVERRIDE|
1065 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1066 neigh_release(neigh);
1067 }
1068 out:
1069 return;
1070 }
1071
1072 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1073 {
1074 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1075 struct sk_buff *skb;
1076 struct nlmsghdr *nlh;
1077 struct nduseroptmsg *ndmsg;
1078 struct net *net = dev_net(ra->dev);
1079 int err;
1080 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1081 + (opt->nd_opt_len << 3));
1082 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1083
1084 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1085 if (skb == NULL) {
1086 err = -ENOBUFS;
1087 goto errout;
1088 }
1089
1090 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1091 if (nlh == NULL) {
1092 goto nla_put_failure;
1093 }
1094
1095 ndmsg = nlmsg_data(nlh);
1096 ndmsg->nduseropt_family = AF_INET6;
1097 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1098 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1099 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1100 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1101
1102 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1103
1104 if (nla_put(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1105 &ipv6_hdr(ra)->saddr))
1106 goto nla_put_failure;
1107 nlmsg_end(skb, nlh);
1108
1109 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1110 return;
1111
1112 nla_put_failure:
1113 nlmsg_free(skb);
1114 err = -EMSGSIZE;
1115 errout:
1116 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1117 }
1118
1119 static inline int accept_ra(struct inet6_dev *in6_dev)
1120 {
1121 /*
1122 * If forwarding is enabled, RA are not accepted unless the special
1123 * hybrid mode (accept_ra=2) is enabled.
1124 */
1125 if (in6_dev->cnf.forwarding && in6_dev->cnf.accept_ra < 2)
1126 return 0;
1127
1128 return in6_dev->cnf.accept_ra;
1129 }
1130
1131 static void ndisc_router_discovery(struct sk_buff *skb)
1132 {
1133 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1134 struct neighbour *neigh = NULL;
1135 struct inet6_dev *in6_dev;
1136 struct rt6_info *rt = NULL;
1137 int lifetime;
1138 struct ndisc_options ndopts;
1139 int optlen;
1140 unsigned int pref = 0;
1141
1142 __u8 * opt = (__u8 *)(ra_msg + 1);
1143
1144 optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg);
1145
1146 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1147 ND_PRINTK2(KERN_WARNING
1148 "ICMPv6 RA: source address is not link-local.\n");
1149 return;
1150 }
1151 if (optlen < 0) {
1152 ND_PRINTK2(KERN_WARNING
1153 "ICMPv6 RA: packet too short\n");
1154 return;
1155 }
1156
1157 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1158 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1159 ND_PRINTK2(KERN_WARNING
1160 "ICMPv6 RA: from host or unauthorized router\n");
1161 return;
1162 }
1163 #endif
1164
1165 /*
1166 * set the RA_RECV flag in the interface
1167 */
1168
1169 in6_dev = __in6_dev_get(skb->dev);
1170 if (in6_dev == NULL) {
1171 ND_PRINTK0(KERN_ERR
1172 "ICMPv6 RA: can't find inet6 device for %s.\n",
1173 skb->dev->name);
1174 return;
1175 }
1176
1177 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1178 ND_PRINTK2(KERN_WARNING
1179 "ICMP6 RA: invalid ND options\n");
1180 return;
1181 }
1182
1183 if (!accept_ra(in6_dev))
1184 goto skip_linkparms;
1185
1186 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1187 /* skip link-specific parameters from interior routers */
1188 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1189 goto skip_linkparms;
1190 #endif
1191
1192 if (in6_dev->if_flags & IF_RS_SENT) {
1193 /*
1194 * flag that an RA was received after an RS was sent
1195 * out on this interface.
1196 */
1197 in6_dev->if_flags |= IF_RA_RCVD;
1198 }
1199
1200 /*
1201 * Remember the managed/otherconf flags from most recently
1202 * received RA message (RFC 2462) -- yoshfuji
1203 */
1204 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1205 IF_RA_OTHERCONF)) |
1206 (ra_msg->icmph.icmp6_addrconf_managed ?
1207 IF_RA_MANAGED : 0) |
1208 (ra_msg->icmph.icmp6_addrconf_other ?
1209 IF_RA_OTHERCONF : 0);
1210
1211 if (!in6_dev->cnf.accept_ra_defrtr)
1212 goto skip_defrtr;
1213
1214 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1215 goto skip_defrtr;
1216
1217 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1218
1219 #ifdef CONFIG_IPV6_ROUTER_PREF
1220 pref = ra_msg->icmph.icmp6_router_pref;
1221 /* 10b is handled as if it were 00b (medium) */
1222 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1223 !in6_dev->cnf.accept_ra_rtr_pref)
1224 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1225 #endif
1226
1227 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1228
1229 if (rt) {
1230 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1231 if (!neigh) {
1232 ND_PRINTK0(KERN_ERR
1233 "ICMPv6 RA: %s got default router without neighbour.\n",
1234 __func__);
1235 dst_release(&rt->dst);
1236 return;
1237 }
1238 }
1239 if (rt && lifetime == 0) {
1240 ip6_del_rt(rt);
1241 rt = NULL;
1242 }
1243
1244 if (rt == NULL && lifetime) {
1245 ND_PRINTK3(KERN_DEBUG
1246 "ICMPv6 RA: adding default router.\n");
1247
1248 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1249 if (rt == NULL) {
1250 ND_PRINTK0(KERN_ERR
1251 "ICMPv6 RA: %s failed to add default route.\n",
1252 __func__);
1253 return;
1254 }
1255
1256 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1257 if (neigh == NULL) {
1258 ND_PRINTK0(KERN_ERR
1259 "ICMPv6 RA: %s got default router without neighbour.\n",
1260 __func__);
1261 dst_release(&rt->dst);
1262 return;
1263 }
1264 neigh->flags |= NTF_ROUTER;
1265 } else if (rt) {
1266 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1267 }
1268
1269 if (rt)
1270 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1271 if (ra_msg->icmph.icmp6_hop_limit) {
1272 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1273 if (rt)
1274 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1275 ra_msg->icmph.icmp6_hop_limit);
1276 }
1277
1278 skip_defrtr:
1279
1280 /*
1281 * Update Reachable Time and Retrans Timer
1282 */
1283
1284 if (in6_dev->nd_parms) {
1285 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1286
1287 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1288 rtime = (rtime*HZ)/1000;
1289 if (rtime < HZ/10)
1290 rtime = HZ/10;
1291 in6_dev->nd_parms->retrans_time = rtime;
1292 in6_dev->tstamp = jiffies;
1293 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1294 }
1295
1296 rtime = ntohl(ra_msg->reachable_time);
1297 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1298 rtime = (rtime*HZ)/1000;
1299
1300 if (rtime < HZ/10)
1301 rtime = HZ/10;
1302
1303 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1304 in6_dev->nd_parms->base_reachable_time = rtime;
1305 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1306 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1307 in6_dev->tstamp = jiffies;
1308 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1309 }
1310 }
1311 }
1312
1313 skip_linkparms:
1314
1315 /*
1316 * Process options.
1317 */
1318
1319 if (!neigh)
1320 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1321 skb->dev, 1);
1322 if (neigh) {
1323 u8 *lladdr = NULL;
1324 if (ndopts.nd_opts_src_lladdr) {
1325 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1326 skb->dev);
1327 if (!lladdr) {
1328 ND_PRINTK2(KERN_WARNING
1329 "ICMPv6 RA: invalid link-layer address length\n");
1330 goto out;
1331 }
1332 }
1333 neigh_update(neigh, lladdr, NUD_STALE,
1334 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1335 NEIGH_UPDATE_F_OVERRIDE|
1336 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1337 NEIGH_UPDATE_F_ISROUTER);
1338 }
1339
1340 if (!accept_ra(in6_dev))
1341 goto out;
1342
1343 #ifdef CONFIG_IPV6_ROUTE_INFO
1344 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1345 goto skip_routeinfo;
1346
1347 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1348 struct nd_opt_hdr *p;
1349 for (p = ndopts.nd_opts_ri;
1350 p;
1351 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1352 struct route_info *ri = (struct route_info *)p;
1353 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1354 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1355 ri->prefix_len == 0)
1356 continue;
1357 #endif
1358 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1359 continue;
1360 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1361 &ipv6_hdr(skb)->saddr);
1362 }
1363 }
1364
1365 skip_routeinfo:
1366 #endif
1367
1368 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1369 /* skip link-specific ndopts from interior routers */
1370 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1371 goto out;
1372 #endif
1373
1374 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1375 struct nd_opt_hdr *p;
1376 for (p = ndopts.nd_opts_pi;
1377 p;
1378 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1379 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1380 (p->nd_opt_len) << 3,
1381 ndopts.nd_opts_src_lladdr != NULL);
1382 }
1383 }
1384
1385 if (ndopts.nd_opts_mtu) {
1386 __be32 n;
1387 u32 mtu;
1388
1389 memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1390 mtu = ntohl(n);
1391
1392 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1393 ND_PRINTK2(KERN_WARNING
1394 "ICMPv6 RA: invalid mtu: %d\n",
1395 mtu);
1396 } else if (in6_dev->cnf.mtu6 != mtu) {
1397 in6_dev->cnf.mtu6 = mtu;
1398
1399 if (rt)
1400 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1401
1402 rt6_mtu_change(skb->dev, mtu);
1403 }
1404 }
1405
1406 if (ndopts.nd_useropts) {
1407 struct nd_opt_hdr *p;
1408 for (p = ndopts.nd_useropts;
1409 p;
1410 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1411 ndisc_ra_useropt(skb, p);
1412 }
1413 }
1414
1415 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1416 ND_PRINTK2(KERN_WARNING
1417 "ICMPv6 RA: invalid RA options");
1418 }
1419 out:
1420 if (rt)
1421 dst_release(&rt->dst);
1422 if (neigh)
1423 neigh_release(neigh);
1424 }
1425
1426 static void ndisc_redirect_rcv(struct sk_buff *skb)
1427 {
1428 struct inet6_dev *in6_dev;
1429 struct icmp6hdr *icmph;
1430 const struct in6_addr *dest;
1431 const struct in6_addr *target; /* new first hop to destination */
1432 struct neighbour *neigh;
1433 int on_link = 0;
1434 struct ndisc_options ndopts;
1435 int optlen;
1436 u8 *lladdr = NULL;
1437
1438 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1439 switch (skb->ndisc_nodetype) {
1440 case NDISC_NODETYPE_HOST:
1441 case NDISC_NODETYPE_NODEFAULT:
1442 ND_PRINTK2(KERN_WARNING
1443 "ICMPv6 Redirect: from host or unauthorized router\n");
1444 return;
1445 }
1446 #endif
1447
1448 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1449 ND_PRINTK2(KERN_WARNING
1450 "ICMPv6 Redirect: source address is not link-local.\n");
1451 return;
1452 }
1453
1454 optlen = skb->tail - skb->transport_header;
1455 optlen -= sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1456
1457 if (optlen < 0) {
1458 ND_PRINTK2(KERN_WARNING
1459 "ICMPv6 Redirect: packet too short\n");
1460 return;
1461 }
1462
1463 icmph = icmp6_hdr(skb);
1464 target = (const struct in6_addr *) (icmph + 1);
1465 dest = target + 1;
1466
1467 if (ipv6_addr_is_multicast(dest)) {
1468 ND_PRINTK2(KERN_WARNING
1469 "ICMPv6 Redirect: destination address is multicast.\n");
1470 return;
1471 }
1472
1473 if (ipv6_addr_equal(dest, target)) {
1474 on_link = 1;
1475 } else if (ipv6_addr_type(target) !=
1476 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1477 ND_PRINTK2(KERN_WARNING
1478 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1479 return;
1480 }
1481
1482 in6_dev = __in6_dev_get(skb->dev);
1483 if (!in6_dev)
1484 return;
1485 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects)
1486 return;
1487
1488 /* RFC2461 8.1:
1489 * The IP source address of the Redirect MUST be the same as the current
1490 * first-hop router for the specified ICMP Destination Address.
1491 */
1492
1493 if (!ndisc_parse_options((u8*)(dest + 1), optlen, &ndopts)) {
1494 ND_PRINTK2(KERN_WARNING
1495 "ICMPv6 Redirect: invalid ND options\n");
1496 return;
1497 }
1498 if (ndopts.nd_opts_tgt_lladdr) {
1499 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
1500 skb->dev);
1501 if (!lladdr) {
1502 ND_PRINTK2(KERN_WARNING
1503 "ICMPv6 Redirect: invalid link-layer address length\n");
1504 return;
1505 }
1506 }
1507
1508 neigh = __neigh_lookup(&nd_tbl, target, skb->dev, 1);
1509 if (neigh) {
1510 rt6_redirect(dest, &ipv6_hdr(skb)->daddr,
1511 &ipv6_hdr(skb)->saddr, neigh, lladdr,
1512 on_link);
1513 neigh_release(neigh);
1514 }
1515 }
1516
1517 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1518 {
1519 struct net_device *dev = skb->dev;
1520 struct net *net = dev_net(dev);
1521 struct sock *sk = net->ipv6.ndisc_sk;
1522 int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1523 struct sk_buff *buff;
1524 struct icmp6hdr *icmph;
1525 struct in6_addr saddr_buf;
1526 struct in6_addr *addrp;
1527 struct rt6_info *rt;
1528 struct dst_entry *dst;
1529 struct inet6_dev *idev;
1530 struct flowi6 fl6;
1531 u8 *opt;
1532 int hlen, tlen;
1533 int rd_len;
1534 int err;
1535 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1536
1537 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1538 ND_PRINTK2(KERN_WARNING
1539 "ICMPv6 Redirect: no link-local address on %s\n",
1540 dev->name);
1541 return;
1542 }
1543
1544 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1545 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1546 ND_PRINTK2(KERN_WARNING
1547 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1548 return;
1549 }
1550
1551 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1552 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1553
1554 dst = ip6_route_output(net, NULL, &fl6);
1555 if (dst->error) {
1556 dst_release(dst);
1557 return;
1558 }
1559 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1560 if (IS_ERR(dst))
1561 return;
1562
1563 rt = (struct rt6_info *) dst;
1564
1565 if (rt->rt6i_flags & RTF_GATEWAY) {
1566 ND_PRINTK2(KERN_WARNING
1567 "ICMPv6 Redirect: destination is not a neighbour.\n");
1568 goto release;
1569 }
1570 if (!rt->rt6i_peer)
1571 rt6_bind_peer(rt, 1);
1572 if (!inet_peer_xrlim_allow(rt->rt6i_peer, 1*HZ))
1573 goto release;
1574
1575 if (dev->addr_len) {
1576 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1577 if (!neigh) {
1578 ND_PRINTK2(KERN_WARNING
1579 "ICMPv6 Redirect: no neigh for target address\n");
1580 goto release;
1581 }
1582
1583 read_lock_bh(&neigh->lock);
1584 if (neigh->nud_state & NUD_VALID) {
1585 memcpy(ha_buf, neigh->ha, dev->addr_len);
1586 read_unlock_bh(&neigh->lock);
1587 ha = ha_buf;
1588 len += ndisc_opt_addr_space(dev);
1589 } else
1590 read_unlock_bh(&neigh->lock);
1591
1592 neigh_release(neigh);
1593 }
1594
1595 rd_len = min_t(unsigned int,
1596 IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1597 rd_len &= ~0x7;
1598 len += rd_len;
1599
1600 hlen = LL_RESERVED_SPACE(dev);
1601 tlen = dev->needed_tailroom;
1602 buff = sock_alloc_send_skb(sk,
1603 (MAX_HEADER + sizeof(struct ipv6hdr) +
1604 len + hlen + tlen),
1605 1, &err);
1606 if (buff == NULL) {
1607 ND_PRINTK0(KERN_ERR
1608 "ICMPv6 Redirect: %s failed to allocate an skb, err=%d.\n",
1609 __func__, err);
1610 goto release;
1611 }
1612
1613 skb_reserve(buff, hlen);
1614 ip6_nd_hdr(sk, buff, dev, &saddr_buf, &ipv6_hdr(skb)->saddr,
1615 IPPROTO_ICMPV6, len);
1616
1617 skb_set_transport_header(buff, skb_tail_pointer(buff) - buff->data);
1618 skb_put(buff, len);
1619 icmph = icmp6_hdr(buff);
1620
1621 memset(icmph, 0, sizeof(struct icmp6hdr));
1622 icmph->icmp6_type = NDISC_REDIRECT;
1623
1624 /*
1625 * copy target and destination addresses
1626 */
1627
1628 addrp = (struct in6_addr *)(icmph + 1);
1629 *addrp = *target;
1630 addrp++;
1631 *addrp = ipv6_hdr(skb)->daddr;
1632
1633 opt = (u8*) (addrp + 1);
1634
1635 /*
1636 * include target_address option
1637 */
1638
1639 if (ha)
1640 opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1641 dev->addr_len, dev->type);
1642
1643 /*
1644 * build redirect option and copy skb over to the new packet.
1645 */
1646
1647 memset(opt, 0, 8);
1648 *(opt++) = ND_OPT_REDIRECT_HDR;
1649 *(opt++) = (rd_len >> 3);
1650 opt += 6;
1651
1652 memcpy(opt, ipv6_hdr(skb), rd_len - 8);
1653
1654 icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &ipv6_hdr(skb)->saddr,
1655 len, IPPROTO_ICMPV6,
1656 csum_partial(icmph, len, 0));
1657
1658 skb_dst_set(buff, dst);
1659 rcu_read_lock();
1660 idev = __in6_dev_get(dst->dev);
1661 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
1662 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, buff, NULL, dst->dev,
1663 dst_output);
1664 if (!err) {
1665 ICMP6MSGOUT_INC_STATS(net, idev, NDISC_REDIRECT);
1666 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1667 }
1668
1669 rcu_read_unlock();
1670 return;
1671
1672 release:
1673 dst_release(dst);
1674 }
1675
1676 static void pndisc_redo(struct sk_buff *skb)
1677 {
1678 ndisc_recv_ns(skb);
1679 kfree_skb(skb);
1680 }
1681
1682 int ndisc_rcv(struct sk_buff *skb)
1683 {
1684 struct nd_msg *msg;
1685
1686 if (!pskb_may_pull(skb, skb->len))
1687 return 0;
1688
1689 msg = (struct nd_msg *)skb_transport_header(skb);
1690
1691 __skb_push(skb, skb->data - skb_transport_header(skb));
1692
1693 if (ipv6_hdr(skb)->hop_limit != 255) {
1694 ND_PRINTK2(KERN_WARNING
1695 "ICMPv6 NDISC: invalid hop-limit: %d\n",
1696 ipv6_hdr(skb)->hop_limit);
1697 return 0;
1698 }
1699
1700 if (msg->icmph.icmp6_code != 0) {
1701 ND_PRINTK2(KERN_WARNING
1702 "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1703 msg->icmph.icmp6_code);
1704 return 0;
1705 }
1706
1707 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1708
1709 switch (msg->icmph.icmp6_type) {
1710 case NDISC_NEIGHBOUR_SOLICITATION:
1711 ndisc_recv_ns(skb);
1712 break;
1713
1714 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1715 ndisc_recv_na(skb);
1716 break;
1717
1718 case NDISC_ROUTER_SOLICITATION:
1719 ndisc_recv_rs(skb);
1720 break;
1721
1722 case NDISC_ROUTER_ADVERTISEMENT:
1723 ndisc_router_discovery(skb);
1724 break;
1725
1726 case NDISC_REDIRECT:
1727 ndisc_redirect_rcv(skb);
1728 break;
1729 }
1730
1731 return 0;
1732 }
1733
1734 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1735 {
1736 struct net_device *dev = ptr;
1737 struct net *net = dev_net(dev);
1738
1739 switch (event) {
1740 case NETDEV_CHANGEADDR:
1741 neigh_changeaddr(&nd_tbl, dev);
1742 fib6_run_gc(~0UL, net);
1743 break;
1744 case NETDEV_DOWN:
1745 neigh_ifdown(&nd_tbl, dev);
1746 fib6_run_gc(~0UL, net);
1747 break;
1748 case NETDEV_NOTIFY_PEERS:
1749 ndisc_send_unsol_na(dev);
1750 break;
1751 default:
1752 break;
1753 }
1754
1755 return NOTIFY_DONE;
1756 }
1757
1758 static struct notifier_block ndisc_netdev_notifier = {
1759 .notifier_call = ndisc_netdev_event,
1760 };
1761
1762 #ifdef CONFIG_SYSCTL
1763 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1764 const char *func, const char *dev_name)
1765 {
1766 static char warncomm[TASK_COMM_LEN];
1767 static int warned;
1768 if (strcmp(warncomm, current->comm) && warned < 5) {
1769 strcpy(warncomm, current->comm);
1770 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1771 warncomm, func,
1772 dev_name, ctl->procname,
1773 dev_name, ctl->procname);
1774 warned++;
1775 }
1776 }
1777
1778 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1779 {
1780 struct net_device *dev = ctl->extra1;
1781 struct inet6_dev *idev;
1782 int ret;
1783
1784 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1785 (strcmp(ctl->procname, "base_reachable_time") == 0))
1786 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1787
1788 if (strcmp(ctl->procname, "retrans_time") == 0)
1789 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1790
1791 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1792 ret = proc_dointvec_jiffies(ctl, write,
1793 buffer, lenp, ppos);
1794
1795 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1796 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1797 ret = proc_dointvec_ms_jiffies(ctl, write,
1798 buffer, lenp, ppos);
1799 else
1800 ret = -1;
1801
1802 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1803 if (ctl->data == &idev->nd_parms->base_reachable_time)
1804 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1805 idev->tstamp = jiffies;
1806 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1807 in6_dev_put(idev);
1808 }
1809 return ret;
1810 }
1811
1812
1813 #endif
1814
1815 static int __net_init ndisc_net_init(struct net *net)
1816 {
1817 struct ipv6_pinfo *np;
1818 struct sock *sk;
1819 int err;
1820
1821 err = inet_ctl_sock_create(&sk, PF_INET6,
1822 SOCK_RAW, IPPROTO_ICMPV6, net);
1823 if (err < 0) {
1824 ND_PRINTK0(KERN_ERR
1825 "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1826 err);
1827 return err;
1828 }
1829
1830 net->ipv6.ndisc_sk = sk;
1831
1832 np = inet6_sk(sk);
1833 np->hop_limit = 255;
1834 /* Do not loopback ndisc messages */
1835 np->mc_loop = 0;
1836
1837 return 0;
1838 }
1839
1840 static void __net_exit ndisc_net_exit(struct net *net)
1841 {
1842 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1843 }
1844
1845 static struct pernet_operations ndisc_net_ops = {
1846 .init = ndisc_net_init,
1847 .exit = ndisc_net_exit,
1848 };
1849
1850 int __init ndisc_init(void)
1851 {
1852 int err;
1853
1854 err = register_pernet_subsys(&ndisc_net_ops);
1855 if (err)
1856 return err;
1857 /*
1858 * Initialize the neighbour table
1859 */
1860 neigh_table_init(&nd_tbl);
1861
1862 #ifdef CONFIG_SYSCTL
1863 err = neigh_sysctl_register(NULL, &nd_tbl.parms, "ipv6",
1864 &ndisc_ifinfo_sysctl_change);
1865 if (err)
1866 goto out_unregister_pernet;
1867 #endif
1868 err = register_netdevice_notifier(&ndisc_netdev_notifier);
1869 if (err)
1870 goto out_unregister_sysctl;
1871 out:
1872 return err;
1873
1874 out_unregister_sysctl:
1875 #ifdef CONFIG_SYSCTL
1876 neigh_sysctl_unregister(&nd_tbl.parms);
1877 out_unregister_pernet:
1878 #endif
1879 unregister_pernet_subsys(&ndisc_net_ops);
1880 goto out;
1881 }
1882
1883 void ndisc_cleanup(void)
1884 {
1885 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1886 #ifdef CONFIG_SYSCTL
1887 neigh_sysctl_unregister(&nd_tbl.parms);
1888 #endif
1889 neigh_table_clear(&nd_tbl);
1890 unregister_pernet_subsys(&ndisc_net_ops);
1891 }
Ubuntu Artful kernel mirror