]> git.proxmox.com Git - mirror_ubuntu-eoan-kernel.git/blob - net/ipv6/ndisc.c
projects / mirror_ubuntu-eoan-kernel.git / blob
? search:


c2b16ffeb1a8ac56f96352de55e41aee442b405d
[mirror_ubuntu-eoan-kernel.git] / net / ipv6 / ndisc.c
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
22 * of an RA.
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
28 */
29
30 #define pr_fmt(fmt) "ICMPv6: " fmt
31
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
44 #ifdef CONFIG_SYSCTL
45 #include <linux/sysctl.h>
46 #endif
47
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
53
54 #include <net/sock.h>
55 #include <net/snmp.h>
56
57 #include <net/ipv6.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
62 #include <net/icmp.h>
63
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
66
67 #include <net/flow.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
71
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
74
75 /* Set to 3 to get tracing... */
76 #define ND_DEBUG 1
77
78 #define ND_PRINTK(val, level, fmt, ...) \
79 do { \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
82 } while (0)
83
84 static u32 ndisc_hash(const void *pkey,
85 const struct net_device *dev,
86 __u32 *hash_rnd);
87 static int ndisc_constructor(struct neighbour *neigh);
88 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
89 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
90 static int pndisc_constructor(struct pneigh_entry *n);
91 static void pndisc_destructor(struct pneigh_entry *n);
92 static void pndisc_redo(struct sk_buff *skb);
93
94 static const struct neigh_ops ndisc_generic_ops = {
95 .family = AF_INET6,
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_connected_output,
100 };
101
102 static const struct neigh_ops ndisc_hh_ops = {
103 .family = AF_INET6,
104 .solicit = ndisc_solicit,
105 .error_report = ndisc_error_report,
106 .output = neigh_resolve_output,
107 .connected_output = neigh_resolve_output,
108 };
109
110
111 static const struct neigh_ops ndisc_direct_ops = {
112 .family = AF_INET6,
113 .output = neigh_direct_output,
114 .connected_output = neigh_direct_output,
115 };
116
117 struct neigh_table nd_tbl = {
118 .family = AF_INET6,
119 .key_len = sizeof(struct in6_addr),
120 .hash = ndisc_hash,
121 .constructor = ndisc_constructor,
122 .pconstructor = pndisc_constructor,
123 .pdestructor = pndisc_destructor,
124 .proxy_redo = pndisc_redo,
125 .id = "ndisc_cache",
126 .parms = {
127 .tbl = &nd_tbl,
128 .base_reachable_time = ND_REACHABLE_TIME,
129 .retrans_time = ND_RETRANS_TIMER,
130 .gc_staletime = 60 * HZ,
131 .reachable_time = ND_REACHABLE_TIME,
132 .delay_probe_time = 5 * HZ,
133 .queue_len_bytes = 64*1024,
134 .ucast_probes = 3,
135 .mcast_probes = 3,
136 .anycast_delay = 1 * HZ,
137 .proxy_delay = (8 * HZ) / 10,
138 .proxy_qlen = 64,
139 },
140 .gc_interval = 30 * HZ,
141 .gc_thresh1 = 128,
142 .gc_thresh2 = 512,
143 .gc_thresh3 = 1024,
144 };
145
146 static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data,
147 struct net_device *dev)
148 {
149 int pad = ndisc_addr_option_pad(dev->type);
150 int data_len = dev->addr_len;
151 int space = ndisc_opt_addr_space(dev);
152
153 opt[0] = type;
154 opt[1] = space>>3;
155
156 memset(opt + 2, 0, pad);
157 opt += pad;
158 space -= pad;
159
160 memcpy(opt+2, data, data_len);
161 data_len += 2;
162 opt += data_len;
163 if ((space -= data_len) > 0)
164 memset(opt, 0, space);
165 return opt + space;
166 }
167
168 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
169 struct nd_opt_hdr *end)
170 {
171 int type;
172 if (!cur || !end || cur >= end)
173 return NULL;
174 type = cur->nd_opt_type;
175 do {
176 cur = ((void *)cur) + (cur->nd_opt_len << 3);
177 } while(cur < end && cur->nd_opt_type != type);
178 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
179 }
180
181 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
182 {
183 return opt->nd_opt_type == ND_OPT_RDNSS ||
184 opt->nd_opt_type == ND_OPT_DNSSL;
185 }
186
187 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
188 struct nd_opt_hdr *end)
189 {
190 if (!cur || !end || cur >= end)
191 return NULL;
192 do {
193 cur = ((void *)cur) + (cur->nd_opt_len << 3);
194 } while(cur < end && !ndisc_is_useropt(cur));
195 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
196 }
197
198 struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
199 struct ndisc_options *ndopts)
200 {
201 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
202
203 if (!nd_opt || opt_len < 0 || !ndopts)
204 return NULL;
205 memset(ndopts, 0, sizeof(*ndopts));
206 while (opt_len) {
207 int l;
208 if (opt_len < sizeof(struct nd_opt_hdr))
209 return NULL;
210 l = nd_opt->nd_opt_len << 3;
211 if (opt_len < l || l == 0)
212 return NULL;
213 switch (nd_opt->nd_opt_type) {
214 case ND_OPT_SOURCE_LL_ADDR:
215 case ND_OPT_TARGET_LL_ADDR:
216 case ND_OPT_MTU:
217 case ND_OPT_REDIRECT_HDR:
218 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
219 ND_PRINTK(2, warn,
220 "%s: duplicated ND6 option found: type=%d\n",
221 __func__, nd_opt->nd_opt_type);
222 } else {
223 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
224 }
225 break;
226 case ND_OPT_PREFIX_INFO:
227 ndopts->nd_opts_pi_end = nd_opt;
228 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
229 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
230 break;
231 #ifdef CONFIG_IPV6_ROUTE_INFO
232 case ND_OPT_ROUTE_INFO:
233 ndopts->nd_opts_ri_end = nd_opt;
234 if (!ndopts->nd_opts_ri)
235 ndopts->nd_opts_ri = nd_opt;
236 break;
237 #endif
238 default:
239 if (ndisc_is_useropt(nd_opt)) {
240 ndopts->nd_useropts_end = nd_opt;
241 if (!ndopts->nd_useropts)
242 ndopts->nd_useropts = nd_opt;
243 } else {
244 /*
245 * Unknown options must be silently ignored,
246 * to accommodate future extension to the
247 * protocol.
248 */
249 ND_PRINTK(2, notice,
250 "%s: ignored unsupported option; type=%d, len=%d\n",
251 __func__,
252 nd_opt->nd_opt_type,
253 nd_opt->nd_opt_len);
254 }
255 }
256 opt_len -= l;
257 nd_opt = ((void *)nd_opt) + l;
258 }
259 return ndopts;
260 }
261
262 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
263 {
264 switch (dev->type) {
265 case ARPHRD_ETHER:
266 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
267 case ARPHRD_FDDI:
268 ipv6_eth_mc_map(addr, buf);
269 return 0;
270 case ARPHRD_ARCNET:
271 ipv6_arcnet_mc_map(addr, buf);
272 return 0;
273 case ARPHRD_INFINIBAND:
274 ipv6_ib_mc_map(addr, dev->broadcast, buf);
275 return 0;
276 case ARPHRD_IPGRE:
277 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
278 default:
279 if (dir) {
280 memcpy(buf, dev->broadcast, dev->addr_len);
281 return 0;
282 }
283 }
284 return -EINVAL;
285 }
286
287 EXPORT_SYMBOL(ndisc_mc_map);
288
289 static u32 ndisc_hash(const void *pkey,
290 const struct net_device *dev,
291 __u32 *hash_rnd)
292 {
293 return ndisc_hashfn(pkey, dev, hash_rnd);
294 }
295
296 static int ndisc_constructor(struct neighbour *neigh)
297 {
298 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
299 struct net_device *dev = neigh->dev;
300 struct inet6_dev *in6_dev;
301 struct neigh_parms *parms;
302 bool is_multicast = ipv6_addr_is_multicast(addr);
303
304 in6_dev = in6_dev_get(dev);
305 if (in6_dev == NULL) {
306 return -EINVAL;
307 }
308
309 parms = in6_dev->nd_parms;
310 __neigh_parms_put(neigh->parms);
311 neigh->parms = neigh_parms_clone(parms);
312
313 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
314 if (!dev->header_ops) {
315 neigh->nud_state = NUD_NOARP;
316 neigh->ops = &ndisc_direct_ops;
317 neigh->output = neigh_direct_output;
318 } else {
319 if (is_multicast) {
320 neigh->nud_state = NUD_NOARP;
321 ndisc_mc_map(addr, neigh->ha, dev, 1);
322 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
323 neigh->nud_state = NUD_NOARP;
324 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
325 if (dev->flags&IFF_LOOPBACK)
326 neigh->type = RTN_LOCAL;
327 } else if (dev->flags&IFF_POINTOPOINT) {
328 neigh->nud_state = NUD_NOARP;
329 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
330 }
331 if (dev->header_ops->cache)
332 neigh->ops = &ndisc_hh_ops;
333 else
334 neigh->ops = &ndisc_generic_ops;
335 if (neigh->nud_state&NUD_VALID)
336 neigh->output = neigh->ops->connected_output;
337 else
338 neigh->output = neigh->ops->output;
339 }
340 in6_dev_put(in6_dev);
341 return 0;
342 }
343
344 static int pndisc_constructor(struct pneigh_entry *n)
345 {
346 struct in6_addr *addr = (struct in6_addr*)&n->key;
347 struct in6_addr maddr;
348 struct net_device *dev = n->dev;
349
350 if (dev == NULL || __in6_dev_get(dev) == NULL)
351 return -EINVAL;
352 addrconf_addr_solict_mult(addr, &maddr);
353 ipv6_dev_mc_inc(dev, &maddr);
354 return 0;
355 }
356
357 static void pndisc_destructor(struct pneigh_entry *n)
358 {
359 struct in6_addr *addr = (struct in6_addr*)&n->key;
360 struct in6_addr maddr;
361 struct net_device *dev = n->dev;
362
363 if (dev == NULL || __in6_dev_get(dev) == NULL)
364 return;
365 addrconf_addr_solict_mult(addr, &maddr);
366 ipv6_dev_mc_dec(dev, &maddr);
367 }
368
369 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
370 int len)
371 {
372 int hlen = LL_RESERVED_SPACE(dev);
373 int tlen = dev->needed_tailroom;
374 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
375 struct sk_buff *skb;
376 int err;
377
378 skb = sock_alloc_send_skb(sk,
379 hlen + sizeof(struct ipv6hdr) + len + tlen,
380 1, &err);
381 if (!skb) {
382 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb, err=%d\n",
383 __func__, err);
384 return NULL;
385 }
386
387 skb->protocol = htons(ETH_P_IPV6);
388 skb->dev = dev;
389
390 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
391 skb_reset_transport_header(skb);
392
393 return skb;
394 }
395
396 static void ip6_nd_hdr(struct sk_buff *skb,
397 const struct in6_addr *saddr,
398 const struct in6_addr *daddr,
399 int hop_limit, int len)
400 {
401 struct ipv6hdr *hdr;
402
403 skb_push(skb, sizeof(*hdr));
404 skb_reset_network_header(skb);
405 hdr = ipv6_hdr(skb);
406
407 ip6_flow_hdr(hdr, 0, 0);
408
409 hdr->payload_len = htons(len);
410 hdr->nexthdr = IPPROTO_ICMPV6;
411 hdr->hop_limit = hop_limit;
412
413 hdr->saddr = *saddr;
414 hdr->daddr = *daddr;
415 }
416
417 static struct sk_buff *ndisc_build_skb(struct net_device *dev,
418 const struct in6_addr *daddr,
419 const struct in6_addr *saddr,
420 struct icmp6hdr *icmp6h,
421 const struct in6_addr *target,
422 int llinfo)
423 {
424 struct net *net = dev_net(dev);
425 struct sock *sk = net->ipv6.ndisc_sk;
426 struct sk_buff *skb;
427 struct icmp6hdr *hdr;
428 int len;
429 int optlen = 0;
430 u8 *opt;
431
432 if (!dev->addr_len)
433 llinfo = 0;
434
435 len = sizeof(struct icmp6hdr) + (target ? sizeof(*target) : 0);
436 if (llinfo)
437 optlen += ndisc_opt_addr_space(dev);
438
439 skb = ndisc_alloc_skb(dev, len + optlen);
440 if (!skb)
441 return NULL;
442
443 skb_put(skb, len + optlen);
444
445 hdr = (struct icmp6hdr *)skb_transport_header(skb);
446 memcpy(hdr, icmp6h, sizeof(*hdr));
447
448 opt = skb_transport_header(skb) + sizeof(struct icmp6hdr);
449 if (target) {
450 *(struct in6_addr *)opt = *target;
451 opt += sizeof(*target);
452 }
453
454 if (llinfo)
455 ndisc_fill_addr_option(opt, llinfo, dev->dev_addr, dev);
456
457 hdr->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
458 IPPROTO_ICMPV6,
459 csum_partial(hdr,
460 skb->len, 0));
461
462 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
463
464 return skb;
465 }
466
467 static void ndisc_send_skb(struct sk_buff *skb,
468 const struct in6_addr *daddr,
469 const struct in6_addr *saddr,
470 struct icmp6hdr *icmp6h)
471 {
472 struct flowi6 fl6;
473 struct dst_entry *dst;
474 struct net *net = dev_net(skb->dev);
475 struct sock *sk = net->ipv6.ndisc_sk;
476 struct inet6_dev *idev;
477 int err;
478 u8 type;
479
480 type = icmp6h->icmp6_type;
481
482 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, skb->dev->ifindex);
483 dst = icmp6_dst_alloc(skb->dev, &fl6);
484 if (IS_ERR(dst)) {
485 kfree_skb(skb);
486 return;
487 }
488
489 skb_dst_set(skb, dst);
490
491 rcu_read_lock();
492 idev = __in6_dev_get(dst->dev);
493 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
494
495 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
496 dst_output);
497 if (!err) {
498 ICMP6MSGOUT_INC_STATS(net, idev, type);
499 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
500 }
501
502 rcu_read_unlock();
503 }
504
505 /*
506 * Send a Neighbour Discover packet
507 */
508 static void __ndisc_send(struct net_device *dev,
509 const struct in6_addr *daddr,
510 const struct in6_addr *saddr,
511 struct icmp6hdr *icmp6h, const struct in6_addr *target,
512 int llinfo)
513 {
514 struct sk_buff *skb;
515
516 skb = ndisc_build_skb(dev, daddr, saddr, icmp6h, target, llinfo);
517 if (!skb)
518 return;
519
520 ndisc_send_skb(skb, daddr, saddr, icmp6h);
521 }
522
523 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
524 const struct in6_addr *daddr,
525 const struct in6_addr *solicited_addr,
526 bool router, bool solicited, bool override, bool inc_opt)
527 {
528 struct in6_addr tmpaddr;
529 struct inet6_ifaddr *ifp;
530 const struct in6_addr *src_addr;
531 struct icmp6hdr icmp6h = {
532 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
533 };
534
535 /* for anycast or proxy, solicited_addr != src_addr */
536 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
537 if (ifp) {
538 src_addr = solicited_addr;
539 if (ifp->flags & IFA_F_OPTIMISTIC)
540 override = 0;
541 inc_opt |= ifp->idev->cnf.force_tllao;
542 in6_ifa_put(ifp);
543 } else {
544 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
545 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
546 &tmpaddr))
547 return;
548 src_addr = &tmpaddr;
549 }
550
551 icmp6h.icmp6_router = router;
552 icmp6h.icmp6_solicited = solicited;
553 icmp6h.icmp6_override = override;
554
555 __ndisc_send(dev, daddr, src_addr, &icmp6h, solicited_addr,
556 inc_opt ? ND_OPT_TARGET_LL_ADDR : 0);
557 }
558
559 static void ndisc_send_unsol_na(struct net_device *dev)
560 {
561 struct inet6_dev *idev;
562 struct inet6_ifaddr *ifa;
563
564 idev = in6_dev_get(dev);
565 if (!idev)
566 return;
567
568 read_lock_bh(&idev->lock);
569 list_for_each_entry(ifa, &idev->addr_list, if_list) {
570 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &ifa->addr,
571 /*router=*/ !!idev->cnf.forwarding,
572 /*solicited=*/ false, /*override=*/ true,
573 /*inc_opt=*/ true);
574 }
575 read_unlock_bh(&idev->lock);
576
577 in6_dev_put(idev);
578 }
579
580 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
581 const struct in6_addr *solicit,
582 const struct in6_addr *daddr, const struct in6_addr *saddr)
583 {
584 struct in6_addr addr_buf;
585 struct icmp6hdr icmp6h = {
586 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
587 };
588
589 if (saddr == NULL) {
590 if (ipv6_get_lladdr(dev, &addr_buf,
591 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
592 return;
593 saddr = &addr_buf;
594 }
595
596 __ndisc_send(dev, daddr, saddr, &icmp6h, solicit,
597 !ipv6_addr_any(saddr) ? ND_OPT_SOURCE_LL_ADDR : 0);
598 }
599
600 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
601 const struct in6_addr *daddr)
602 {
603 struct icmp6hdr icmp6h = {
604 .icmp6_type = NDISC_ROUTER_SOLICITATION,
605 };
606 int send_sllao = dev->addr_len;
607
608 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
609 /*
610 * According to section 2.2 of RFC 4429, we must not
611 * send router solicitations with a sllao from
612 * optimistic addresses, but we may send the solicitation
613 * if we don't include the sllao. So here we check
614 * if our address is optimistic, and if so, we
615 * suppress the inclusion of the sllao.
616 */
617 if (send_sllao) {
618 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
619 dev, 1);
620 if (ifp) {
621 if (ifp->flags & IFA_F_OPTIMISTIC) {
622 send_sllao = 0;
623 }
624 in6_ifa_put(ifp);
625 } else {
626 send_sllao = 0;
627 }
628 }
629 #endif
630 __ndisc_send(dev, daddr, saddr, &icmp6h, NULL,
631 send_sllao ? ND_OPT_SOURCE_LL_ADDR : 0);
632 }
633
634
635 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
636 {
637 /*
638 * "The sender MUST return an ICMP
639 * destination unreachable"
640 */
641 dst_link_failure(skb);
642 kfree_skb(skb);
643 }
644
645 /* Called with locked neigh: either read or both */
646
647 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
648 {
649 struct in6_addr *saddr = NULL;
650 struct in6_addr mcaddr;
651 struct net_device *dev = neigh->dev;
652 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
653 int probes = atomic_read(&neigh->probes);
654
655 if (skb && ipv6_chk_addr(dev_net(dev), &ipv6_hdr(skb)->saddr, dev, 1))
656 saddr = &ipv6_hdr(skb)->saddr;
657
658 if ((probes -= neigh->parms->ucast_probes) < 0) {
659 if (!(neigh->nud_state & NUD_VALID)) {
660 ND_PRINTK(1, dbg,
661 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
662 __func__, target);
663 }
664 ndisc_send_ns(dev, neigh, target, target, saddr);
665 } else if ((probes -= neigh->parms->app_probes) < 0) {
666 #ifdef CONFIG_ARPD
667 neigh_app_ns(neigh);
668 #endif
669 } else {
670 addrconf_addr_solict_mult(target, &mcaddr);
671 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
672 }
673 }
674
675 static int pndisc_is_router(const void *pkey,
676 struct net_device *dev)
677 {
678 struct pneigh_entry *n;
679 int ret = -1;
680
681 read_lock_bh(&nd_tbl.lock);
682 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
683 if (n)
684 ret = !!(n->flags & NTF_ROUTER);
685 read_unlock_bh(&nd_tbl.lock);
686
687 return ret;
688 }
689
690 static void ndisc_recv_ns(struct sk_buff *skb)
691 {
692 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
693 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
694 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
695 u8 *lladdr = NULL;
696 u32 ndoptlen = skb->tail - (skb->transport_header +
697 offsetof(struct nd_msg, opt));
698 struct ndisc_options ndopts;
699 struct net_device *dev = skb->dev;
700 struct inet6_ifaddr *ifp;
701 struct inet6_dev *idev = NULL;
702 struct neighbour *neigh;
703 int dad = ipv6_addr_any(saddr);
704 bool inc;
705 int is_router = -1;
706
707 if (skb->len < sizeof(struct nd_msg)) {
708 ND_PRINTK(2, warn, "NS: packet too short\n");
709 return;
710 }
711
712 if (ipv6_addr_is_multicast(&msg->target)) {
713 ND_PRINTK(2, warn, "NS: multicast target address\n");
714 return;
715 }
716
717 /*
718 * RFC2461 7.1.1:
719 * DAD has to be destined for solicited node multicast address.
720 */
721 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
722 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
723 return;
724 }
725
726 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
727 ND_PRINTK(2, warn, "NS: invalid ND options\n");
728 return;
729 }
730
731 if (ndopts.nd_opts_src_lladdr) {
732 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
733 if (!lladdr) {
734 ND_PRINTK(2, warn,
735 "NS: invalid link-layer address length\n");
736 return;
737 }
738
739 /* RFC2461 7.1.1:
740 * If the IP source address is the unspecified address,
741 * there MUST NOT be source link-layer address option
742 * in the message.
743 */
744 if (dad) {
745 ND_PRINTK(2, warn,
746 "NS: bad DAD packet (link-layer address option)\n");
747 return;
748 }
749 }
750
751 inc = ipv6_addr_is_multicast(daddr);
752
753 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
754 if (ifp) {
755
756 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
757 if (dad) {
758 /*
759 * We are colliding with another node
760 * who is doing DAD
761 * so fail our DAD process
762 */
763 addrconf_dad_failure(ifp);
764 return;
765 } else {
766 /*
767 * This is not a dad solicitation.
768 * If we are an optimistic node,
769 * we should respond.
770 * Otherwise, we should ignore it.
771 */
772 if (!(ifp->flags & IFA_F_OPTIMISTIC))
773 goto out;
774 }
775 }
776
777 idev = ifp->idev;
778 } else {
779 struct net *net = dev_net(dev);
780
781 idev = in6_dev_get(dev);
782 if (!idev) {
783 /* XXX: count this drop? */
784 return;
785 }
786
787 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
788 (idev->cnf.forwarding &&
789 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
790 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
791 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
792 skb->pkt_type != PACKET_HOST &&
793 inc != 0 &&
794 idev->nd_parms->proxy_delay != 0) {
795 /*
796 * for anycast or proxy,
797 * sender should delay its response
798 * by a random time between 0 and
799 * MAX_ANYCAST_DELAY_TIME seconds.
800 * (RFC2461) -- yoshfuji
801 */
802 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
803 if (n)
804 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
805 goto out;
806 }
807 } else
808 goto out;
809 }
810
811 if (is_router < 0)
812 is_router = idev->cnf.forwarding;
813
814 if (dad) {
815 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
816 !!is_router, false, (ifp != NULL), true);
817 goto out;
818 }
819
820 if (inc)
821 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
822 else
823 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
824
825 /*
826 * update / create cache entry
827 * for the source address
828 */
829 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
830 !inc || lladdr || !dev->addr_len);
831 if (neigh)
832 neigh_update(neigh, lladdr, NUD_STALE,
833 NEIGH_UPDATE_F_WEAK_OVERRIDE|
834 NEIGH_UPDATE_F_OVERRIDE);
835 if (neigh || !dev->header_ops) {
836 ndisc_send_na(dev, neigh, saddr, &msg->target,
837 !!is_router,
838 true, (ifp != NULL && inc), inc);
839 if (neigh)
840 neigh_release(neigh);
841 }
842
843 out:
844 if (ifp)
845 in6_ifa_put(ifp);
846 else
847 in6_dev_put(idev);
848 }
849
850 static void ndisc_recv_na(struct sk_buff *skb)
851 {
852 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
853 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
854 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
855 u8 *lladdr = NULL;
856 u32 ndoptlen = skb->tail - (skb->transport_header +
857 offsetof(struct nd_msg, opt));
858 struct ndisc_options ndopts;
859 struct net_device *dev = skb->dev;
860 struct inet6_ifaddr *ifp;
861 struct neighbour *neigh;
862
863 if (skb->len < sizeof(struct nd_msg)) {
864 ND_PRINTK(2, warn, "NA: packet too short\n");
865 return;
866 }
867
868 if (ipv6_addr_is_multicast(&msg->target)) {
869 ND_PRINTK(2, warn, "NA: target address is multicast\n");
870 return;
871 }
872
873 if (ipv6_addr_is_multicast(daddr) &&
874 msg->icmph.icmp6_solicited) {
875 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
876 return;
877 }
878
879 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
880 ND_PRINTK(2, warn, "NS: invalid ND option\n");
881 return;
882 }
883 if (ndopts.nd_opts_tgt_lladdr) {
884 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
885 if (!lladdr) {
886 ND_PRINTK(2, warn,
887 "NA: invalid link-layer address length\n");
888 return;
889 }
890 }
891 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
892 if (ifp) {
893 if (skb->pkt_type != PACKET_LOOPBACK
894 && (ifp->flags & IFA_F_TENTATIVE)) {
895 addrconf_dad_failure(ifp);
896 return;
897 }
898 /* What should we make now? The advertisement
899 is invalid, but ndisc specs say nothing
900 about it. It could be misconfiguration, or
901 an smart proxy agent tries to help us :-)
902
903 We should not print the error if NA has been
904 received from loopback - it is just our own
905 unsolicited advertisement.
906 */
907 if (skb->pkt_type != PACKET_LOOPBACK)
908 ND_PRINTK(1, warn,
909 "NA: someone advertises our address %pI6 on %s!\n",
910 &ifp->addr, ifp->idev->dev->name);
911 in6_ifa_put(ifp);
912 return;
913 }
914 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
915
916 if (neigh) {
917 u8 old_flags = neigh->flags;
918 struct net *net = dev_net(dev);
919
920 if (neigh->nud_state & NUD_FAILED)
921 goto out;
922
923 /*
924 * Don't update the neighbor cache entry on a proxy NA from
925 * ourselves because either the proxied node is off link or it
926 * has already sent a NA to us.
927 */
928 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
929 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
930 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
931 /* XXX: idev->cnf.proxy_ndp */
932 goto out;
933 }
934
935 neigh_update(neigh, lladdr,
936 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
937 NEIGH_UPDATE_F_WEAK_OVERRIDE|
938 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
939 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
940 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
941
942 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
943 /*
944 * Change: router to host
945 */
946 struct rt6_info *rt;
947 rt = rt6_get_dflt_router(saddr, dev);
948 if (rt)
949 ip6_del_rt(rt);
950 }
951
952 out:
953 neigh_release(neigh);
954 }
955 }
956
957 static void ndisc_recv_rs(struct sk_buff *skb)
958 {
959 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
960 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
961 struct neighbour *neigh;
962 struct inet6_dev *idev;
963 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
964 struct ndisc_options ndopts;
965 u8 *lladdr = NULL;
966
967 if (skb->len < sizeof(*rs_msg))
968 return;
969
970 idev = __in6_dev_get(skb->dev);
971 if (!idev) {
972 ND_PRINTK(1, err, "RS: can't find in6 device\n");
973 return;
974 }
975
976 /* Don't accept RS if we're not in router mode */
977 if (!idev->cnf.forwarding)
978 goto out;
979
980 /*
981 * Don't update NCE if src = ::;
982 * this implies that the source node has no ip address assigned yet.
983 */
984 if (ipv6_addr_any(saddr))
985 goto out;
986
987 /* Parse ND options */
988 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
989 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
990 goto out;
991 }
992
993 if (ndopts.nd_opts_src_lladdr) {
994 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
995 skb->dev);
996 if (!lladdr)
997 goto out;
998 }
999
1000 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1001 if (neigh) {
1002 neigh_update(neigh, lladdr, NUD_STALE,
1003 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1004 NEIGH_UPDATE_F_OVERRIDE|
1005 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1006 neigh_release(neigh);
1007 }
1008 out:
1009 return;
1010 }
1011
1012 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1013 {
1014 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1015 struct sk_buff *skb;
1016 struct nlmsghdr *nlh;
1017 struct nduseroptmsg *ndmsg;
1018 struct net *net = dev_net(ra->dev);
1019 int err;
1020 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1021 + (opt->nd_opt_len << 3));
1022 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1023
1024 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1025 if (skb == NULL) {
1026 err = -ENOBUFS;
1027 goto errout;
1028 }
1029
1030 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1031 if (nlh == NULL) {
1032 goto nla_put_failure;
1033 }
1034
1035 ndmsg = nlmsg_data(nlh);
1036 ndmsg->nduseropt_family = AF_INET6;
1037 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1038 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1039 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1040 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1041
1042 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1043
1044 if (nla_put(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1045 &ipv6_hdr(ra)->saddr))
1046 goto nla_put_failure;
1047 nlmsg_end(skb, nlh);
1048
1049 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1050 return;
1051
1052 nla_put_failure:
1053 nlmsg_free(skb);
1054 err = -EMSGSIZE;
1055 errout:
1056 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1057 }
1058
1059 static void ndisc_router_discovery(struct sk_buff *skb)
1060 {
1061 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1062 struct neighbour *neigh = NULL;
1063 struct inet6_dev *in6_dev;
1064 struct rt6_info *rt = NULL;
1065 int lifetime;
1066 struct ndisc_options ndopts;
1067 int optlen;
1068 unsigned int pref = 0;
1069
1070 __u8 * opt = (__u8 *)(ra_msg + 1);
1071
1072 optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg);
1073
1074 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1075 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1076 return;
1077 }
1078 if (optlen < 0) {
1079 ND_PRINTK(2, warn, "RA: packet too short\n");
1080 return;
1081 }
1082
1083 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1084 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1085 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1086 return;
1087 }
1088 #endif
1089
1090 /*
1091 * set the RA_RECV flag in the interface
1092 */
1093
1094 in6_dev = __in6_dev_get(skb->dev);
1095 if (in6_dev == NULL) {
1096 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1097 skb->dev->name);
1098 return;
1099 }
1100
1101 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1102 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1103 return;
1104 }
1105
1106 if (!ipv6_accept_ra(in6_dev))
1107 goto skip_linkparms;
1108
1109 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1110 /* skip link-specific parameters from interior routers */
1111 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1112 goto skip_linkparms;
1113 #endif
1114
1115 if (in6_dev->if_flags & IF_RS_SENT) {
1116 /*
1117 * flag that an RA was received after an RS was sent
1118 * out on this interface.
1119 */
1120 in6_dev->if_flags |= IF_RA_RCVD;
1121 }
1122
1123 /*
1124 * Remember the managed/otherconf flags from most recently
1125 * received RA message (RFC 2462) -- yoshfuji
1126 */
1127 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1128 IF_RA_OTHERCONF)) |
1129 (ra_msg->icmph.icmp6_addrconf_managed ?
1130 IF_RA_MANAGED : 0) |
1131 (ra_msg->icmph.icmp6_addrconf_other ?
1132 IF_RA_OTHERCONF : 0);
1133
1134 if (!in6_dev->cnf.accept_ra_defrtr)
1135 goto skip_defrtr;
1136
1137 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1138 goto skip_defrtr;
1139
1140 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1141
1142 #ifdef CONFIG_IPV6_ROUTER_PREF
1143 pref = ra_msg->icmph.icmp6_router_pref;
1144 /* 10b is handled as if it were 00b (medium) */
1145 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1146 !in6_dev->cnf.accept_ra_rtr_pref)
1147 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1148 #endif
1149
1150 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1151
1152 if (rt) {
1153 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1154 if (!neigh) {
1155 ND_PRINTK(0, err,
1156 "RA: %s got default router without neighbour\n",
1157 __func__);
1158 ip6_rt_put(rt);
1159 return;
1160 }
1161 }
1162 if (rt && lifetime == 0) {
1163 ip6_del_rt(rt);
1164 rt = NULL;
1165 }
1166
1167 if (rt == NULL && lifetime) {
1168 ND_PRINTK(3, dbg, "RA: adding default router\n");
1169
1170 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1171 if (rt == NULL) {
1172 ND_PRINTK(0, err,
1173 "RA: %s failed to add default route\n",
1174 __func__);
1175 return;
1176 }
1177
1178 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1179 if (neigh == NULL) {
1180 ND_PRINTK(0, err,
1181 "RA: %s got default router without neighbour\n",
1182 __func__);
1183 ip6_rt_put(rt);
1184 return;
1185 }
1186 neigh->flags |= NTF_ROUTER;
1187 } else if (rt) {
1188 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1189 }
1190
1191 if (rt)
1192 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1193 if (ra_msg->icmph.icmp6_hop_limit) {
1194 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1195 if (rt)
1196 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1197 ra_msg->icmph.icmp6_hop_limit);
1198 }
1199
1200 skip_defrtr:
1201
1202 /*
1203 * Update Reachable Time and Retrans Timer
1204 */
1205
1206 if (in6_dev->nd_parms) {
1207 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1208
1209 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1210 rtime = (rtime*HZ)/1000;
1211 if (rtime < HZ/10)
1212 rtime = HZ/10;
1213 in6_dev->nd_parms->retrans_time = rtime;
1214 in6_dev->tstamp = jiffies;
1215 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1216 }
1217
1218 rtime = ntohl(ra_msg->reachable_time);
1219 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1220 rtime = (rtime*HZ)/1000;
1221
1222 if (rtime < HZ/10)
1223 rtime = HZ/10;
1224
1225 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1226 in6_dev->nd_parms->base_reachable_time = rtime;
1227 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1228 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1229 in6_dev->tstamp = jiffies;
1230 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1231 }
1232 }
1233 }
1234
1235 skip_linkparms:
1236
1237 /*
1238 * Process options.
1239 */
1240
1241 if (!neigh)
1242 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1243 skb->dev, 1);
1244 if (neigh) {
1245 u8 *lladdr = NULL;
1246 if (ndopts.nd_opts_src_lladdr) {
1247 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1248 skb->dev);
1249 if (!lladdr) {
1250 ND_PRINTK(2, warn,
1251 "RA: invalid link-layer address length\n");
1252 goto out;
1253 }
1254 }
1255 neigh_update(neigh, lladdr, NUD_STALE,
1256 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1257 NEIGH_UPDATE_F_OVERRIDE|
1258 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1259 NEIGH_UPDATE_F_ISROUTER);
1260 }
1261
1262 if (!ipv6_accept_ra(in6_dev))
1263 goto out;
1264
1265 #ifdef CONFIG_IPV6_ROUTE_INFO
1266 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1267 goto skip_routeinfo;
1268
1269 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1270 struct nd_opt_hdr *p;
1271 for (p = ndopts.nd_opts_ri;
1272 p;
1273 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1274 struct route_info *ri = (struct route_info *)p;
1275 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1276 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1277 ri->prefix_len == 0)
1278 continue;
1279 #endif
1280 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1281 continue;
1282 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1283 &ipv6_hdr(skb)->saddr);
1284 }
1285 }
1286
1287 skip_routeinfo:
1288 #endif
1289
1290 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1291 /* skip link-specific ndopts from interior routers */
1292 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1293 goto out;
1294 #endif
1295
1296 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1297 struct nd_opt_hdr *p;
1298 for (p = ndopts.nd_opts_pi;
1299 p;
1300 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1301 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1302 (p->nd_opt_len) << 3,
1303 ndopts.nd_opts_src_lladdr != NULL);
1304 }
1305 }
1306
1307 if (ndopts.nd_opts_mtu) {
1308 __be32 n;
1309 u32 mtu;
1310
1311 memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1312 mtu = ntohl(n);
1313
1314 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1315 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1316 } else if (in6_dev->cnf.mtu6 != mtu) {
1317 in6_dev->cnf.mtu6 = mtu;
1318
1319 if (rt)
1320 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1321
1322 rt6_mtu_change(skb->dev, mtu);
1323 }
1324 }
1325
1326 if (ndopts.nd_useropts) {
1327 struct nd_opt_hdr *p;
1328 for (p = ndopts.nd_useropts;
1329 p;
1330 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1331 ndisc_ra_useropt(skb, p);
1332 }
1333 }
1334
1335 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1336 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1337 }
1338 out:
1339 ip6_rt_put(rt);
1340 if (neigh)
1341 neigh_release(neigh);
1342 }
1343
1344 static void ndisc_redirect_rcv(struct sk_buff *skb)
1345 {
1346 u8 *hdr;
1347 struct ndisc_options ndopts;
1348 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1349 u32 ndoptlen = skb->tail - (skb->transport_header +
1350 offsetof(struct rd_msg, opt));
1351
1352 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1353 switch (skb->ndisc_nodetype) {
1354 case NDISC_NODETYPE_HOST:
1355 case NDISC_NODETYPE_NODEFAULT:
1356 ND_PRINTK(2, warn,
1357 "Redirect: from host or unauthorized router\n");
1358 return;
1359 }
1360 #endif
1361
1362 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1363 ND_PRINTK(2, warn,
1364 "Redirect: source address is not link-local\n");
1365 return;
1366 }
1367
1368 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts))
1369 return;
1370
1371 if (!ndopts.nd_opts_rh)
1372 return;
1373
1374 hdr = (u8 *)ndopts.nd_opts_rh;
1375 hdr += 8;
1376 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1377 return;
1378
1379 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1380 }
1381
1382 static u8 *ndisc_fill_redirect_hdr_option(u8 *opt, struct sk_buff *orig_skb,
1383 int rd_len)
1384 {
1385 memset(opt, 0, 8);
1386 *(opt++) = ND_OPT_REDIRECT_HDR;
1387 *(opt++) = (rd_len >> 3);
1388 opt += 6;
1389
1390 memcpy(opt, ipv6_hdr(orig_skb), rd_len - 8);
1391
1392 return opt + rd_len - 8;
1393 }
1394
1395 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1396 {
1397 struct net_device *dev = skb->dev;
1398 struct net *net = dev_net(dev);
1399 struct sock *sk = net->ipv6.ndisc_sk;
1400 int optlen = 0;
1401 struct inet_peer *peer;
1402 struct sk_buff *buff;
1403 struct rd_msg *msg;
1404 struct in6_addr saddr_buf;
1405 struct rt6_info *rt;
1406 struct dst_entry *dst;
1407 struct inet6_dev *idev;
1408 struct flowi6 fl6;
1409 u8 *opt;
1410 int rd_len;
1411 int err;
1412 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1413 bool ret;
1414
1415 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1416 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1417 dev->name);
1418 return;
1419 }
1420
1421 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1422 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1423 ND_PRINTK(2, warn,
1424 "Redirect: target address is not link-local unicast\n");
1425 return;
1426 }
1427
1428 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1429 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1430
1431 dst = ip6_route_output(net, NULL, &fl6);
1432 if (dst->error) {
1433 dst_release(dst);
1434 return;
1435 }
1436 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1437 if (IS_ERR(dst))
1438 return;
1439
1440 rt = (struct rt6_info *) dst;
1441
1442 if (rt->rt6i_flags & RTF_GATEWAY) {
1443 ND_PRINTK(2, warn,
1444 "Redirect: destination is not a neighbour\n");
1445 goto release;
1446 }
1447 peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
1448 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1449 if (peer)
1450 inet_putpeer(peer);
1451 if (!ret)
1452 goto release;
1453
1454 if (dev->addr_len) {
1455 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1456 if (!neigh) {
1457 ND_PRINTK(2, warn,
1458 "Redirect: no neigh for target address\n");
1459 goto release;
1460 }
1461
1462 read_lock_bh(&neigh->lock);
1463 if (neigh->nud_state & NUD_VALID) {
1464 memcpy(ha_buf, neigh->ha, dev->addr_len);
1465 read_unlock_bh(&neigh->lock);
1466 ha = ha_buf;
1467 optlen += ndisc_opt_addr_space(dev);
1468 } else
1469 read_unlock_bh(&neigh->lock);
1470
1471 neigh_release(neigh);
1472 }
1473
1474 rd_len = min_t(unsigned int,
1475 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1476 skb->len + 8);
1477 rd_len &= ~0x7;
1478 optlen += rd_len;
1479
1480 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1481 if (!buff)
1482 goto release;
1483
1484 skb_put(buff, sizeof(*msg) + optlen);
1485 msg = (struct rd_msg *)icmp6_hdr(buff);
1486
1487 memset(&msg->icmph, 0, sizeof(struct icmp6hdr));
1488 msg->icmph.icmp6_type = NDISC_REDIRECT;
1489
1490 /*
1491 * copy target and destination addresses
1492 */
1493
1494 msg->target = *target;
1495 msg->dest = ipv6_hdr(skb)->daddr;
1496
1497 opt = msg->opt;
1498
1499 /*
1500 * include target_address option
1501 */
1502
1503 if (ha)
1504 opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha, dev);
1505
1506 /*
1507 * build redirect option and copy skb over to the new packet.
1508 */
1509
1510 if (rd_len)
1511 opt = ndisc_fill_redirect_hdr_option(opt, skb, rd_len);
1512
1513 msg->icmph.icmp6_cksum = csum_ipv6_magic(&saddr_buf, &ipv6_hdr(skb)->saddr,
1514 buff->len, IPPROTO_ICMPV6,
1515 csum_partial(msg, buff->len, 0));
1516
1517 ip6_nd_hdr(buff, &saddr_buf, &ipv6_hdr(skb)->saddr,
1518 inet6_sk(sk)->hop_limit, buff->len);
1519
1520 skb_dst_set(buff, dst);
1521 rcu_read_lock();
1522 idev = __in6_dev_get(dst->dev);
1523 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
1524 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, buff, NULL, dst->dev,
1525 dst_output);
1526 if (!err) {
1527 ICMP6MSGOUT_INC_STATS(net, idev, NDISC_REDIRECT);
1528 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1529 }
1530
1531 rcu_read_unlock();
1532 return;
1533
1534 release:
1535 dst_release(dst);
1536 }
1537
1538 static void pndisc_redo(struct sk_buff *skb)
1539 {
1540 ndisc_recv_ns(skb);
1541 kfree_skb(skb);
1542 }
1543
1544 int ndisc_rcv(struct sk_buff *skb)
1545 {
1546 struct nd_msg *msg;
1547
1548 if (skb_linearize(skb))
1549 return 0;
1550
1551 msg = (struct nd_msg *)skb_transport_header(skb);
1552
1553 __skb_push(skb, skb->data - skb_transport_header(skb));
1554
1555 if (ipv6_hdr(skb)->hop_limit != 255) {
1556 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1557 ipv6_hdr(skb)->hop_limit);
1558 return 0;
1559 }
1560
1561 if (msg->icmph.icmp6_code != 0) {
1562 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1563 msg->icmph.icmp6_code);
1564 return 0;
1565 }
1566
1567 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1568
1569 switch (msg->icmph.icmp6_type) {
1570 case NDISC_NEIGHBOUR_SOLICITATION:
1571 ndisc_recv_ns(skb);
1572 break;
1573
1574 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1575 ndisc_recv_na(skb);
1576 break;
1577
1578 case NDISC_ROUTER_SOLICITATION:
1579 ndisc_recv_rs(skb);
1580 break;
1581
1582 case NDISC_ROUTER_ADVERTISEMENT:
1583 ndisc_router_discovery(skb);
1584 break;
1585
1586 case NDISC_REDIRECT:
1587 ndisc_redirect_rcv(skb);
1588 break;
1589 }
1590
1591 return 0;
1592 }
1593
1594 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1595 {
1596 struct net_device *dev = ptr;
1597 struct net *net = dev_net(dev);
1598 struct inet6_dev *idev;
1599
1600 switch (event) {
1601 case NETDEV_CHANGEADDR:
1602 neigh_changeaddr(&nd_tbl, dev);
1603 fib6_run_gc(~0UL, net);
1604 idev = in6_dev_get(dev);
1605 if (!idev)
1606 break;
1607 if (idev->cnf.ndisc_notify)
1608 ndisc_send_unsol_na(dev);
1609 in6_dev_put(idev);
1610 break;
1611 case NETDEV_DOWN:
1612 neigh_ifdown(&nd_tbl, dev);
1613 fib6_run_gc(~0UL, net);
1614 break;
1615 case NETDEV_NOTIFY_PEERS:
1616 ndisc_send_unsol_na(dev);
1617 break;
1618 default:
1619 break;
1620 }
1621
1622 return NOTIFY_DONE;
1623 }
1624
1625 static struct notifier_block ndisc_netdev_notifier = {
1626 .notifier_call = ndisc_netdev_event,
1627 };
1628
1629 #ifdef CONFIG_SYSCTL
1630 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1631 const char *func, const char *dev_name)
1632 {
1633 static char warncomm[TASK_COMM_LEN];
1634 static int warned;
1635 if (strcmp(warncomm, current->comm) && warned < 5) {
1636 strcpy(warncomm, current->comm);
1637 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1638 warncomm, func,
1639 dev_name, ctl->procname,
1640 dev_name, ctl->procname);
1641 warned++;
1642 }
1643 }
1644
1645 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1646 {
1647 struct net_device *dev = ctl->extra1;
1648 struct inet6_dev *idev;
1649 int ret;
1650
1651 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1652 (strcmp(ctl->procname, "base_reachable_time") == 0))
1653 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1654
1655 if (strcmp(ctl->procname, "retrans_time") == 0)
1656 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1657
1658 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1659 ret = proc_dointvec_jiffies(ctl, write,
1660 buffer, lenp, ppos);
1661
1662 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1663 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1664 ret = proc_dointvec_ms_jiffies(ctl, write,
1665 buffer, lenp, ppos);
1666 else
1667 ret = -1;
1668
1669 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1670 if (ctl->data == &idev->nd_parms->base_reachable_time)
1671 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1672 idev->tstamp = jiffies;
1673 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1674 in6_dev_put(idev);
1675 }
1676 return ret;
1677 }
1678
1679
1680 #endif
1681
1682 static int __net_init ndisc_net_init(struct net *net)
1683 {
1684 struct ipv6_pinfo *np;
1685 struct sock *sk;
1686 int err;
1687
1688 err = inet_ctl_sock_create(&sk, PF_INET6,
1689 SOCK_RAW, IPPROTO_ICMPV6, net);
1690 if (err < 0) {
1691 ND_PRINTK(0, err,
1692 "NDISC: Failed to initialize the control socket (err %d)\n",
1693 err);
1694 return err;
1695 }
1696
1697 net->ipv6.ndisc_sk = sk;
1698
1699 np = inet6_sk(sk);
1700 np->hop_limit = 255;
1701 /* Do not loopback ndisc messages */
1702 np->mc_loop = 0;
1703
1704 return 0;
1705 }
1706
1707 static void __net_exit ndisc_net_exit(struct net *net)
1708 {
1709 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1710 }
1711
1712 static struct pernet_operations ndisc_net_ops = {
1713 .init = ndisc_net_init,
1714 .exit = ndisc_net_exit,
1715 };
1716
1717 int __init ndisc_init(void)
1718 {
1719 int err;
1720
1721 err = register_pernet_subsys(&ndisc_net_ops);
1722 if (err)
1723 return err;
1724 /*
1725 * Initialize the neighbour table
1726 */
1727 neigh_table_init(&nd_tbl);
1728
1729 #ifdef CONFIG_SYSCTL
1730 err = neigh_sysctl_register(NULL, &nd_tbl.parms, "ipv6",
1731 &ndisc_ifinfo_sysctl_change);
1732 if (err)
1733 goto out_unregister_pernet;
1734 #endif
1735 err = register_netdevice_notifier(&ndisc_netdev_notifier);
1736 if (err)
1737 goto out_unregister_sysctl;
1738 out:
1739 return err;
1740
1741 out_unregister_sysctl:
1742 #ifdef CONFIG_SYSCTL
1743 neigh_sysctl_unregister(&nd_tbl.parms);
1744 out_unregister_pernet:
1745 #endif
1746 unregister_pernet_subsys(&ndisc_net_ops);
1747 goto out;
1748 }
1749
1750 void ndisc_cleanup(void)
1751 {
1752 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1753 #ifdef CONFIG_SYSCTL
1754 neigh_sysctl_unregister(&nd_tbl.parms);
1755 #endif
1756 neigh_table_clear(&nd_tbl);
1757 unregister_pernet_subsys(&ndisc_net_ops);
1758 }
Ubuntu Eoan Linux kernel mirror