2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
30 #define pr_fmt(fmt) "ICMPv6: " fmt
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
45 #include <linux/sysctl.h>
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
75 /* Set to 3 to get tracing... */
78 #define ND_PRINTK(val, level, fmt, ...) \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
84 static u32
ndisc_hash(const void *pkey
,
85 const struct net_device
*dev
,
87 static int ndisc_constructor(struct neighbour
*neigh
);
88 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
);
89 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
);
90 static int pndisc_constructor(struct pneigh_entry
*n
);
91 static void pndisc_destructor(struct pneigh_entry
*n
);
92 static void pndisc_redo(struct sk_buff
*skb
);
94 static const struct neigh_ops ndisc_generic_ops
= {
96 .solicit
= ndisc_solicit
,
97 .error_report
= ndisc_error_report
,
98 .output
= neigh_resolve_output
,
99 .connected_output
= neigh_connected_output
,
102 static const struct neigh_ops ndisc_hh_ops
= {
104 .solicit
= ndisc_solicit
,
105 .error_report
= ndisc_error_report
,
106 .output
= neigh_resolve_output
,
107 .connected_output
= neigh_resolve_output
,
111 static const struct neigh_ops ndisc_direct_ops
= {
113 .output
= neigh_direct_output
,
114 .connected_output
= neigh_direct_output
,
117 struct neigh_table nd_tbl
= {
119 .key_len
= sizeof(struct in6_addr
),
121 .constructor
= ndisc_constructor
,
122 .pconstructor
= pndisc_constructor
,
123 .pdestructor
= pndisc_destructor
,
124 .proxy_redo
= pndisc_redo
,
128 .base_reachable_time
= ND_REACHABLE_TIME
,
129 .retrans_time
= ND_RETRANS_TIMER
,
130 .gc_staletime
= 60 * HZ
,
131 .reachable_time
= ND_REACHABLE_TIME
,
132 .delay_probe_time
= 5 * HZ
,
133 .queue_len_bytes
= 64*1024,
136 .anycast_delay
= 1 * HZ
,
137 .proxy_delay
= (8 * HZ
) / 10,
140 .gc_interval
= 30 * HZ
,
146 static void ndisc_fill_addr_option(struct sk_buff
*skb
, int type
, void *data
)
148 int pad
= ndisc_addr_option_pad(skb
->dev
->type
);
149 int data_len
= skb
->dev
->addr_len
;
150 int space
= ndisc_opt_addr_space(skb
->dev
);
151 u8
*opt
= skb_put(skb
, space
);
156 memset(opt
+ 2, 0, pad
);
160 memcpy(opt
+2, data
, data_len
);
163 if ((space
-= data_len
) > 0)
164 memset(opt
, 0, space
);
167 static struct nd_opt_hdr
*ndisc_next_option(struct nd_opt_hdr
*cur
,
168 struct nd_opt_hdr
*end
)
171 if (!cur
|| !end
|| cur
>= end
)
173 type
= cur
->nd_opt_type
;
175 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
176 } while(cur
< end
&& cur
->nd_opt_type
!= type
);
177 return cur
<= end
&& cur
->nd_opt_type
== type
? cur
: NULL
;
180 static inline int ndisc_is_useropt(struct nd_opt_hdr
*opt
)
182 return opt
->nd_opt_type
== ND_OPT_RDNSS
||
183 opt
->nd_opt_type
== ND_OPT_DNSSL
;
186 static struct nd_opt_hdr
*ndisc_next_useropt(struct nd_opt_hdr
*cur
,
187 struct nd_opt_hdr
*end
)
189 if (!cur
|| !end
|| cur
>= end
)
192 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
193 } while(cur
< end
&& !ndisc_is_useropt(cur
));
194 return cur
<= end
&& ndisc_is_useropt(cur
) ? cur
: NULL
;
197 struct ndisc_options
*ndisc_parse_options(u8
*opt
, int opt_len
,
198 struct ndisc_options
*ndopts
)
200 struct nd_opt_hdr
*nd_opt
= (struct nd_opt_hdr
*)opt
;
202 if (!nd_opt
|| opt_len
< 0 || !ndopts
)
204 memset(ndopts
, 0, sizeof(*ndopts
));
207 if (opt_len
< sizeof(struct nd_opt_hdr
))
209 l
= nd_opt
->nd_opt_len
<< 3;
210 if (opt_len
< l
|| l
== 0)
212 switch (nd_opt
->nd_opt_type
) {
213 case ND_OPT_SOURCE_LL_ADDR
:
214 case ND_OPT_TARGET_LL_ADDR
:
216 case ND_OPT_REDIRECT_HDR
:
217 if (ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
]) {
219 "%s: duplicated ND6 option found: type=%d\n",
220 __func__
, nd_opt
->nd_opt_type
);
222 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
225 case ND_OPT_PREFIX_INFO
:
226 ndopts
->nd_opts_pi_end
= nd_opt
;
227 if (!ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
])
228 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
230 #ifdef CONFIG_IPV6_ROUTE_INFO
231 case ND_OPT_ROUTE_INFO
:
232 ndopts
->nd_opts_ri_end
= nd_opt
;
233 if (!ndopts
->nd_opts_ri
)
234 ndopts
->nd_opts_ri
= nd_opt
;
238 if (ndisc_is_useropt(nd_opt
)) {
239 ndopts
->nd_useropts_end
= nd_opt
;
240 if (!ndopts
->nd_useropts
)
241 ndopts
->nd_useropts
= nd_opt
;
244 * Unknown options must be silently ignored,
245 * to accommodate future extension to the
249 "%s: ignored unsupported option; type=%d, len=%d\n",
256 nd_opt
= ((void *)nd_opt
) + l
;
261 int ndisc_mc_map(const struct in6_addr
*addr
, char *buf
, struct net_device
*dev
, int dir
)
265 case ARPHRD_IEEE802
: /* Not sure. Check it later. --ANK */
267 ipv6_eth_mc_map(addr
, buf
);
270 ipv6_arcnet_mc_map(addr
, buf
);
272 case ARPHRD_INFINIBAND
:
273 ipv6_ib_mc_map(addr
, dev
->broadcast
, buf
);
276 return ipv6_ipgre_mc_map(addr
, dev
->broadcast
, buf
);
279 memcpy(buf
, dev
->broadcast
, dev
->addr_len
);
286 EXPORT_SYMBOL(ndisc_mc_map
);
288 static u32
ndisc_hash(const void *pkey
,
289 const struct net_device
*dev
,
292 return ndisc_hashfn(pkey
, dev
, hash_rnd
);
295 static int ndisc_constructor(struct neighbour
*neigh
)
297 struct in6_addr
*addr
= (struct in6_addr
*)&neigh
->primary_key
;
298 struct net_device
*dev
= neigh
->dev
;
299 struct inet6_dev
*in6_dev
;
300 struct neigh_parms
*parms
;
301 bool is_multicast
= ipv6_addr_is_multicast(addr
);
303 in6_dev
= in6_dev_get(dev
);
304 if (in6_dev
== NULL
) {
308 parms
= in6_dev
->nd_parms
;
309 __neigh_parms_put(neigh
->parms
);
310 neigh
->parms
= neigh_parms_clone(parms
);
312 neigh
->type
= is_multicast
? RTN_MULTICAST
: RTN_UNICAST
;
313 if (!dev
->header_ops
) {
314 neigh
->nud_state
= NUD_NOARP
;
315 neigh
->ops
= &ndisc_direct_ops
;
316 neigh
->output
= neigh_direct_output
;
319 neigh
->nud_state
= NUD_NOARP
;
320 ndisc_mc_map(addr
, neigh
->ha
, dev
, 1);
321 } else if (dev
->flags
&(IFF_NOARP
|IFF_LOOPBACK
)) {
322 neigh
->nud_state
= NUD_NOARP
;
323 memcpy(neigh
->ha
, dev
->dev_addr
, dev
->addr_len
);
324 if (dev
->flags
&IFF_LOOPBACK
)
325 neigh
->type
= RTN_LOCAL
;
326 } else if (dev
->flags
&IFF_POINTOPOINT
) {
327 neigh
->nud_state
= NUD_NOARP
;
328 memcpy(neigh
->ha
, dev
->broadcast
, dev
->addr_len
);
330 if (dev
->header_ops
->cache
)
331 neigh
->ops
= &ndisc_hh_ops
;
333 neigh
->ops
= &ndisc_generic_ops
;
334 if (neigh
->nud_state
&NUD_VALID
)
335 neigh
->output
= neigh
->ops
->connected_output
;
337 neigh
->output
= neigh
->ops
->output
;
339 in6_dev_put(in6_dev
);
343 static int pndisc_constructor(struct pneigh_entry
*n
)
345 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
346 struct in6_addr maddr
;
347 struct net_device
*dev
= n
->dev
;
349 if (dev
== NULL
|| __in6_dev_get(dev
) == NULL
)
351 addrconf_addr_solict_mult(addr
, &maddr
);
352 ipv6_dev_mc_inc(dev
, &maddr
);
356 static void pndisc_destructor(struct pneigh_entry
*n
)
358 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
359 struct in6_addr maddr
;
360 struct net_device
*dev
= n
->dev
;
362 if (dev
== NULL
|| __in6_dev_get(dev
) == NULL
)
364 addrconf_addr_solict_mult(addr
, &maddr
);
365 ipv6_dev_mc_dec(dev
, &maddr
);
368 static struct sk_buff
*ndisc_alloc_skb(struct net_device
*dev
,
371 int hlen
= LL_RESERVED_SPACE(dev
);
372 int tlen
= dev
->needed_tailroom
;
373 struct sock
*sk
= dev_net(dev
)->ipv6
.ndisc_sk
;
377 skb
= sock_alloc_send_skb(sk
,
378 hlen
+ sizeof(struct ipv6hdr
) + len
+ tlen
,
381 ND_PRINTK(0, err
, "ndisc: %s failed to allocate an skb, err=%d\n",
386 skb
->protocol
= htons(ETH_P_IPV6
);
389 skb_reserve(skb
, hlen
+ sizeof(struct ipv6hdr
));
390 skb_reset_transport_header(skb
);
395 static void ip6_nd_hdr(struct sk_buff
*skb
,
396 const struct in6_addr
*saddr
,
397 const struct in6_addr
*daddr
,
398 int hop_limit
, int len
)
402 skb_push(skb
, sizeof(*hdr
));
403 skb_reset_network_header(skb
);
406 ip6_flow_hdr(hdr
, 0, 0);
408 hdr
->payload_len
= htons(len
);
409 hdr
->nexthdr
= IPPROTO_ICMPV6
;
410 hdr
->hop_limit
= hop_limit
;
416 static struct sk_buff
*ndisc_build_skb(struct net_device
*dev
,
417 const struct in6_addr
*daddr
,
418 const struct in6_addr
*saddr
,
419 struct icmp6hdr
*icmp6h
,
420 const struct in6_addr
*target
,
423 struct net
*net
= dev_net(dev
);
424 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
426 struct icmp6hdr
*hdr
;
434 len
= sizeof(struct icmp6hdr
) + (target
? sizeof(*target
) : 0);
436 optlen
+= ndisc_opt_addr_space(dev
);
438 skb
= ndisc_alloc_skb(dev
, len
+ optlen
);
444 hdr
= (struct icmp6hdr
*)skb_transport_header(skb
);
445 memcpy(hdr
, icmp6h
, sizeof(*hdr
));
447 opt
= skb_transport_header(skb
) + sizeof(struct icmp6hdr
);
449 *(struct in6_addr
*)opt
= *target
;
450 opt
+= sizeof(*target
);
454 ndisc_fill_addr_option(skb
, llinfo
, dev
->dev_addr
);
456 hdr
->icmp6_cksum
= csum_ipv6_magic(saddr
, daddr
, skb
->len
,
461 ip6_nd_hdr(skb
, saddr
, daddr
, inet6_sk(sk
)->hop_limit
, skb
->len
);
466 static void ndisc_send_skb(struct sk_buff
*skb
,
467 const struct in6_addr
*daddr
,
468 const struct in6_addr
*saddr
,
469 struct icmp6hdr
*icmp6h
)
472 struct dst_entry
*dst
;
473 struct net
*net
= dev_net(skb
->dev
);
474 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
475 struct inet6_dev
*idev
;
479 type
= icmp6h
->icmp6_type
;
481 icmpv6_flow_init(sk
, &fl6
, type
, saddr
, daddr
, skb
->dev
->ifindex
);
482 dst
= icmp6_dst_alloc(skb
->dev
, &fl6
);
488 skb_dst_set(skb
, dst
);
491 idev
= __in6_dev_get(dst
->dev
);
492 IP6_UPD_PO_STATS(net
, idev
, IPSTATS_MIB_OUT
, skb
->len
);
494 err
= NF_HOOK(NFPROTO_IPV6
, NF_INET_LOCAL_OUT
, skb
, NULL
, dst
->dev
,
497 ICMP6MSGOUT_INC_STATS(net
, idev
, type
);
498 ICMP6_INC_STATS(net
, idev
, ICMP6_MIB_OUTMSGS
);
505 * Send a Neighbour Discover packet
507 static void __ndisc_send(struct net_device
*dev
,
508 const struct in6_addr
*daddr
,
509 const struct in6_addr
*saddr
,
510 struct icmp6hdr
*icmp6h
, const struct in6_addr
*target
,
515 skb
= ndisc_build_skb(dev
, daddr
, saddr
, icmp6h
, target
, llinfo
);
519 ndisc_send_skb(skb
, daddr
, saddr
, icmp6h
);
522 static void ndisc_send_na(struct net_device
*dev
, struct neighbour
*neigh
,
523 const struct in6_addr
*daddr
,
524 const struct in6_addr
*solicited_addr
,
525 bool router
, bool solicited
, bool override
, bool inc_opt
)
527 struct in6_addr tmpaddr
;
528 struct inet6_ifaddr
*ifp
;
529 const struct in6_addr
*src_addr
;
530 struct icmp6hdr icmp6h
= {
531 .icmp6_type
= NDISC_NEIGHBOUR_ADVERTISEMENT
,
534 /* for anycast or proxy, solicited_addr != src_addr */
535 ifp
= ipv6_get_ifaddr(dev_net(dev
), solicited_addr
, dev
, 1);
537 src_addr
= solicited_addr
;
538 if (ifp
->flags
& IFA_F_OPTIMISTIC
)
540 inc_opt
|= ifp
->idev
->cnf
.force_tllao
;
543 if (ipv6_dev_get_saddr(dev_net(dev
), dev
, daddr
,
544 inet6_sk(dev_net(dev
)->ipv6
.ndisc_sk
)->srcprefs
,
550 icmp6h
.icmp6_router
= router
;
551 icmp6h
.icmp6_solicited
= solicited
;
552 icmp6h
.icmp6_override
= override
;
554 __ndisc_send(dev
, daddr
, src_addr
, &icmp6h
, solicited_addr
,
555 inc_opt
? ND_OPT_TARGET_LL_ADDR
: 0);
558 static void ndisc_send_unsol_na(struct net_device
*dev
)
560 struct inet6_dev
*idev
;
561 struct inet6_ifaddr
*ifa
;
563 idev
= in6_dev_get(dev
);
567 read_lock_bh(&idev
->lock
);
568 list_for_each_entry(ifa
, &idev
->addr_list
, if_list
) {
569 ndisc_send_na(dev
, NULL
, &in6addr_linklocal_allnodes
, &ifa
->addr
,
570 /*router=*/ !!idev
->cnf
.forwarding
,
571 /*solicited=*/ false, /*override=*/ true,
574 read_unlock_bh(&idev
->lock
);
579 void ndisc_send_ns(struct net_device
*dev
, struct neighbour
*neigh
,
580 const struct in6_addr
*solicit
,
581 const struct in6_addr
*daddr
, const struct in6_addr
*saddr
)
583 struct in6_addr addr_buf
;
584 struct icmp6hdr icmp6h
= {
585 .icmp6_type
= NDISC_NEIGHBOUR_SOLICITATION
,
589 if (ipv6_get_lladdr(dev
, &addr_buf
,
590 (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)))
595 __ndisc_send(dev
, daddr
, saddr
, &icmp6h
, solicit
,
596 !ipv6_addr_any(saddr
) ? ND_OPT_SOURCE_LL_ADDR
: 0);
599 void ndisc_send_rs(struct net_device
*dev
, const struct in6_addr
*saddr
,
600 const struct in6_addr
*daddr
)
602 struct icmp6hdr icmp6h
= {
603 .icmp6_type
= NDISC_ROUTER_SOLICITATION
,
605 int send_sllao
= dev
->addr_len
;
607 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
609 * According to section 2.2 of RFC 4429, we must not
610 * send router solicitations with a sllao from
611 * optimistic addresses, but we may send the solicitation
612 * if we don't include the sllao. So here we check
613 * if our address is optimistic, and if so, we
614 * suppress the inclusion of the sllao.
617 struct inet6_ifaddr
*ifp
= ipv6_get_ifaddr(dev_net(dev
), saddr
,
620 if (ifp
->flags
& IFA_F_OPTIMISTIC
) {
629 __ndisc_send(dev
, daddr
, saddr
, &icmp6h
, NULL
,
630 send_sllao
? ND_OPT_SOURCE_LL_ADDR
: 0);
634 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
)
637 * "The sender MUST return an ICMP
638 * destination unreachable"
640 dst_link_failure(skb
);
644 /* Called with locked neigh: either read or both */
646 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
)
648 struct in6_addr
*saddr
= NULL
;
649 struct in6_addr mcaddr
;
650 struct net_device
*dev
= neigh
->dev
;
651 struct in6_addr
*target
= (struct in6_addr
*)&neigh
->primary_key
;
652 int probes
= atomic_read(&neigh
->probes
);
654 if (skb
&& ipv6_chk_addr(dev_net(dev
), &ipv6_hdr(skb
)->saddr
, dev
, 1))
655 saddr
= &ipv6_hdr(skb
)->saddr
;
657 if ((probes
-= neigh
->parms
->ucast_probes
) < 0) {
658 if (!(neigh
->nud_state
& NUD_VALID
)) {
660 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
663 ndisc_send_ns(dev
, neigh
, target
, target
, saddr
);
664 } else if ((probes
-= neigh
->parms
->app_probes
) < 0) {
669 addrconf_addr_solict_mult(target
, &mcaddr
);
670 ndisc_send_ns(dev
, NULL
, target
, &mcaddr
, saddr
);
674 static int pndisc_is_router(const void *pkey
,
675 struct net_device
*dev
)
677 struct pneigh_entry
*n
;
680 read_lock_bh(&nd_tbl
.lock
);
681 n
= __pneigh_lookup(&nd_tbl
, dev_net(dev
), pkey
, dev
);
683 ret
= !!(n
->flags
& NTF_ROUTER
);
684 read_unlock_bh(&nd_tbl
.lock
);
689 static void ndisc_recv_ns(struct sk_buff
*skb
)
691 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
692 const struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
693 const struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
695 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
696 offsetof(struct nd_msg
, opt
));
697 struct ndisc_options ndopts
;
698 struct net_device
*dev
= skb
->dev
;
699 struct inet6_ifaddr
*ifp
;
700 struct inet6_dev
*idev
= NULL
;
701 struct neighbour
*neigh
;
702 int dad
= ipv6_addr_any(saddr
);
706 if (skb
->len
< sizeof(struct nd_msg
)) {
707 ND_PRINTK(2, warn
, "NS: packet too short\n");
711 if (ipv6_addr_is_multicast(&msg
->target
)) {
712 ND_PRINTK(2, warn
, "NS: multicast target address\n");
718 * DAD has to be destined for solicited node multicast address.
720 if (dad
&& !ipv6_addr_is_solict_mult(daddr
)) {
721 ND_PRINTK(2, warn
, "NS: bad DAD packet (wrong destination)\n");
725 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
)) {
726 ND_PRINTK(2, warn
, "NS: invalid ND options\n");
730 if (ndopts
.nd_opts_src_lladdr
) {
731 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
, dev
);
734 "NS: invalid link-layer address length\n");
739 * If the IP source address is the unspecified address,
740 * there MUST NOT be source link-layer address option
745 "NS: bad DAD packet (link-layer address option)\n");
750 inc
= ipv6_addr_is_multicast(daddr
);
752 ifp
= ipv6_get_ifaddr(dev_net(dev
), &msg
->target
, dev
, 1);
755 if (ifp
->flags
& (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)) {
758 * We are colliding with another node
760 * so fail our DAD process
762 addrconf_dad_failure(ifp
);
766 * This is not a dad solicitation.
767 * If we are an optimistic node,
769 * Otherwise, we should ignore it.
771 if (!(ifp
->flags
& IFA_F_OPTIMISTIC
))
778 struct net
*net
= dev_net(dev
);
780 idev
= in6_dev_get(dev
);
782 /* XXX: count this drop? */
786 if (ipv6_chk_acast_addr(net
, dev
, &msg
->target
) ||
787 (idev
->cnf
.forwarding
&&
788 (net
->ipv6
.devconf_all
->proxy_ndp
|| idev
->cnf
.proxy_ndp
) &&
789 (is_router
= pndisc_is_router(&msg
->target
, dev
)) >= 0)) {
790 if (!(NEIGH_CB(skb
)->flags
& LOCALLY_ENQUEUED
) &&
791 skb
->pkt_type
!= PACKET_HOST
&&
793 idev
->nd_parms
->proxy_delay
!= 0) {
795 * for anycast or proxy,
796 * sender should delay its response
797 * by a random time between 0 and
798 * MAX_ANYCAST_DELAY_TIME seconds.
799 * (RFC2461) -- yoshfuji
801 struct sk_buff
*n
= skb_clone(skb
, GFP_ATOMIC
);
803 pneigh_enqueue(&nd_tbl
, idev
->nd_parms
, n
);
811 is_router
= idev
->cnf
.forwarding
;
814 ndisc_send_na(dev
, NULL
, &in6addr_linklocal_allnodes
, &msg
->target
,
815 !!is_router
, false, (ifp
!= NULL
), true);
820 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_mcast
);
822 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_ucast
);
825 * update / create cache entry
826 * for the source address
828 neigh
= __neigh_lookup(&nd_tbl
, saddr
, dev
,
829 !inc
|| lladdr
|| !dev
->addr_len
);
831 neigh_update(neigh
, lladdr
, NUD_STALE
,
832 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
833 NEIGH_UPDATE_F_OVERRIDE
);
834 if (neigh
|| !dev
->header_ops
) {
835 ndisc_send_na(dev
, neigh
, saddr
, &msg
->target
,
837 true, (ifp
!= NULL
&& inc
), inc
);
839 neigh_release(neigh
);
849 static void ndisc_recv_na(struct sk_buff
*skb
)
851 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
852 const struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
853 const struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
855 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
856 offsetof(struct nd_msg
, opt
));
857 struct ndisc_options ndopts
;
858 struct net_device
*dev
= skb
->dev
;
859 struct inet6_ifaddr
*ifp
;
860 struct neighbour
*neigh
;
862 if (skb
->len
< sizeof(struct nd_msg
)) {
863 ND_PRINTK(2, warn
, "NA: packet too short\n");
867 if (ipv6_addr_is_multicast(&msg
->target
)) {
868 ND_PRINTK(2, warn
, "NA: target address is multicast\n");
872 if (ipv6_addr_is_multicast(daddr
) &&
873 msg
->icmph
.icmp6_solicited
) {
874 ND_PRINTK(2, warn
, "NA: solicited NA is multicasted\n");
878 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
)) {
879 ND_PRINTK(2, warn
, "NS: invalid ND option\n");
882 if (ndopts
.nd_opts_tgt_lladdr
) {
883 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_tgt_lladdr
, dev
);
886 "NA: invalid link-layer address length\n");
890 ifp
= ipv6_get_ifaddr(dev_net(dev
), &msg
->target
, dev
, 1);
892 if (skb
->pkt_type
!= PACKET_LOOPBACK
893 && (ifp
->flags
& IFA_F_TENTATIVE
)) {
894 addrconf_dad_failure(ifp
);
897 /* What should we make now? The advertisement
898 is invalid, but ndisc specs say nothing
899 about it. It could be misconfiguration, or
900 an smart proxy agent tries to help us :-)
902 We should not print the error if NA has been
903 received from loopback - it is just our own
904 unsolicited advertisement.
906 if (skb
->pkt_type
!= PACKET_LOOPBACK
)
908 "NA: someone advertises our address %pI6 on %s!\n",
909 &ifp
->addr
, ifp
->idev
->dev
->name
);
913 neigh
= neigh_lookup(&nd_tbl
, &msg
->target
, dev
);
916 u8 old_flags
= neigh
->flags
;
917 struct net
*net
= dev_net(dev
);
919 if (neigh
->nud_state
& NUD_FAILED
)
923 * Don't update the neighbor cache entry on a proxy NA from
924 * ourselves because either the proxied node is off link or it
925 * has already sent a NA to us.
927 if (lladdr
&& !memcmp(lladdr
, dev
->dev_addr
, dev
->addr_len
) &&
928 net
->ipv6
.devconf_all
->forwarding
&& net
->ipv6
.devconf_all
->proxy_ndp
&&
929 pneigh_lookup(&nd_tbl
, net
, &msg
->target
, dev
, 0)) {
930 /* XXX: idev->cnf.proxy_ndp */
934 neigh_update(neigh
, lladdr
,
935 msg
->icmph
.icmp6_solicited
? NUD_REACHABLE
: NUD_STALE
,
936 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
937 (msg
->icmph
.icmp6_override
? NEIGH_UPDATE_F_OVERRIDE
: 0)|
938 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
939 (msg
->icmph
.icmp6_router
? NEIGH_UPDATE_F_ISROUTER
: 0));
941 if ((old_flags
& ~neigh
->flags
) & NTF_ROUTER
) {
943 * Change: router to host
946 rt
= rt6_get_dflt_router(saddr
, dev
);
952 neigh_release(neigh
);
956 static void ndisc_recv_rs(struct sk_buff
*skb
)
958 struct rs_msg
*rs_msg
= (struct rs_msg
*)skb_transport_header(skb
);
959 unsigned long ndoptlen
= skb
->len
- sizeof(*rs_msg
);
960 struct neighbour
*neigh
;
961 struct inet6_dev
*idev
;
962 const struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
963 struct ndisc_options ndopts
;
966 if (skb
->len
< sizeof(*rs_msg
))
969 idev
= __in6_dev_get(skb
->dev
);
971 ND_PRINTK(1, err
, "RS: can't find in6 device\n");
975 /* Don't accept RS if we're not in router mode */
976 if (!idev
->cnf
.forwarding
)
980 * Don't update NCE if src = ::;
981 * this implies that the source node has no ip address assigned yet.
983 if (ipv6_addr_any(saddr
))
986 /* Parse ND options */
987 if (!ndisc_parse_options(rs_msg
->opt
, ndoptlen
, &ndopts
)) {
988 ND_PRINTK(2, notice
, "NS: invalid ND option, ignored\n");
992 if (ndopts
.nd_opts_src_lladdr
) {
993 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
999 neigh
= __neigh_lookup(&nd_tbl
, saddr
, skb
->dev
, 1);
1001 neigh_update(neigh
, lladdr
, NUD_STALE
,
1002 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1003 NEIGH_UPDATE_F_OVERRIDE
|
1004 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
);
1005 neigh_release(neigh
);
1011 static void ndisc_ra_useropt(struct sk_buff
*ra
, struct nd_opt_hdr
*opt
)
1013 struct icmp6hdr
*icmp6h
= (struct icmp6hdr
*)skb_transport_header(ra
);
1014 struct sk_buff
*skb
;
1015 struct nlmsghdr
*nlh
;
1016 struct nduseroptmsg
*ndmsg
;
1017 struct net
*net
= dev_net(ra
->dev
);
1019 int base_size
= NLMSG_ALIGN(sizeof(struct nduseroptmsg
)
1020 + (opt
->nd_opt_len
<< 3));
1021 size_t msg_size
= base_size
+ nla_total_size(sizeof(struct in6_addr
));
1023 skb
= nlmsg_new(msg_size
, GFP_ATOMIC
);
1029 nlh
= nlmsg_put(skb
, 0, 0, RTM_NEWNDUSEROPT
, base_size
, 0);
1031 goto nla_put_failure
;
1034 ndmsg
= nlmsg_data(nlh
);
1035 ndmsg
->nduseropt_family
= AF_INET6
;
1036 ndmsg
->nduseropt_ifindex
= ra
->dev
->ifindex
;
1037 ndmsg
->nduseropt_icmp_type
= icmp6h
->icmp6_type
;
1038 ndmsg
->nduseropt_icmp_code
= icmp6h
->icmp6_code
;
1039 ndmsg
->nduseropt_opts_len
= opt
->nd_opt_len
<< 3;
1041 memcpy(ndmsg
+ 1, opt
, opt
->nd_opt_len
<< 3);
1043 if (nla_put(skb
, NDUSEROPT_SRCADDR
, sizeof(struct in6_addr
),
1044 &ipv6_hdr(ra
)->saddr
))
1045 goto nla_put_failure
;
1046 nlmsg_end(skb
, nlh
);
1048 rtnl_notify(skb
, net
, 0, RTNLGRP_ND_USEROPT
, NULL
, GFP_ATOMIC
);
1055 rtnl_set_sk_err(net
, RTNLGRP_ND_USEROPT
, err
);
1058 static void ndisc_router_discovery(struct sk_buff
*skb
)
1060 struct ra_msg
*ra_msg
= (struct ra_msg
*)skb_transport_header(skb
);
1061 struct neighbour
*neigh
= NULL
;
1062 struct inet6_dev
*in6_dev
;
1063 struct rt6_info
*rt
= NULL
;
1065 struct ndisc_options ndopts
;
1067 unsigned int pref
= 0;
1069 __u8
* opt
= (__u8
*)(ra_msg
+ 1);
1071 optlen
= (skb
->tail
- skb
->transport_header
) - sizeof(struct ra_msg
);
1073 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1074 ND_PRINTK(2, warn
, "RA: source address is not link-local\n");
1078 ND_PRINTK(2, warn
, "RA: packet too short\n");
1082 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1083 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_HOST
) {
1084 ND_PRINTK(2, warn
, "RA: from host or unauthorized router\n");
1090 * set the RA_RECV flag in the interface
1093 in6_dev
= __in6_dev_get(skb
->dev
);
1094 if (in6_dev
== NULL
) {
1095 ND_PRINTK(0, err
, "RA: can't find inet6 device for %s\n",
1100 if (!ndisc_parse_options(opt
, optlen
, &ndopts
)) {
1101 ND_PRINTK(2, warn
, "RA: invalid ND options\n");
1105 if (!ipv6_accept_ra(in6_dev
))
1106 goto skip_linkparms
;
1108 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1109 /* skip link-specific parameters from interior routers */
1110 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
)
1111 goto skip_linkparms
;
1114 if (in6_dev
->if_flags
& IF_RS_SENT
) {
1116 * flag that an RA was received after an RS was sent
1117 * out on this interface.
1119 in6_dev
->if_flags
|= IF_RA_RCVD
;
1123 * Remember the managed/otherconf flags from most recently
1124 * received RA message (RFC 2462) -- yoshfuji
1126 in6_dev
->if_flags
= (in6_dev
->if_flags
& ~(IF_RA_MANAGED
|
1128 (ra_msg
->icmph
.icmp6_addrconf_managed
?
1129 IF_RA_MANAGED
: 0) |
1130 (ra_msg
->icmph
.icmp6_addrconf_other
?
1131 IF_RA_OTHERCONF
: 0);
1133 if (!in6_dev
->cnf
.accept_ra_defrtr
)
1136 if (ipv6_chk_addr(dev_net(in6_dev
->dev
), &ipv6_hdr(skb
)->saddr
, NULL
, 0))
1139 lifetime
= ntohs(ra_msg
->icmph
.icmp6_rt_lifetime
);
1141 #ifdef CONFIG_IPV6_ROUTER_PREF
1142 pref
= ra_msg
->icmph
.icmp6_router_pref
;
1143 /* 10b is handled as if it were 00b (medium) */
1144 if (pref
== ICMPV6_ROUTER_PREF_INVALID
||
1145 !in6_dev
->cnf
.accept_ra_rtr_pref
)
1146 pref
= ICMPV6_ROUTER_PREF_MEDIUM
;
1149 rt
= rt6_get_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
);
1152 neigh
= dst_neigh_lookup(&rt
->dst
, &ipv6_hdr(skb
)->saddr
);
1155 "RA: %s got default router without neighbour\n",
1161 if (rt
&& lifetime
== 0) {
1166 if (rt
== NULL
&& lifetime
) {
1167 ND_PRINTK(3, dbg
, "RA: adding default router\n");
1169 rt
= rt6_add_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
, pref
);
1172 "RA: %s failed to add default route\n",
1177 neigh
= dst_neigh_lookup(&rt
->dst
, &ipv6_hdr(skb
)->saddr
);
1178 if (neigh
== NULL
) {
1180 "RA: %s got default router without neighbour\n",
1185 neigh
->flags
|= NTF_ROUTER
;
1187 rt
->rt6i_flags
= (rt
->rt6i_flags
& ~RTF_PREF_MASK
) | RTF_PREF(pref
);
1191 rt6_set_expires(rt
, jiffies
+ (HZ
* lifetime
));
1192 if (ra_msg
->icmph
.icmp6_hop_limit
) {
1193 in6_dev
->cnf
.hop_limit
= ra_msg
->icmph
.icmp6_hop_limit
;
1195 dst_metric_set(&rt
->dst
, RTAX_HOPLIMIT
,
1196 ra_msg
->icmph
.icmp6_hop_limit
);
1202 * Update Reachable Time and Retrans Timer
1205 if (in6_dev
->nd_parms
) {
1206 unsigned long rtime
= ntohl(ra_msg
->retrans_timer
);
1208 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/HZ
) {
1209 rtime
= (rtime
*HZ
)/1000;
1212 in6_dev
->nd_parms
->retrans_time
= rtime
;
1213 in6_dev
->tstamp
= jiffies
;
1214 inet6_ifinfo_notify(RTM_NEWLINK
, in6_dev
);
1217 rtime
= ntohl(ra_msg
->reachable_time
);
1218 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/(3*HZ
)) {
1219 rtime
= (rtime
*HZ
)/1000;
1224 if (rtime
!= in6_dev
->nd_parms
->base_reachable_time
) {
1225 in6_dev
->nd_parms
->base_reachable_time
= rtime
;
1226 in6_dev
->nd_parms
->gc_staletime
= 3 * rtime
;
1227 in6_dev
->nd_parms
->reachable_time
= neigh_rand_reach_time(rtime
);
1228 in6_dev
->tstamp
= jiffies
;
1229 inet6_ifinfo_notify(RTM_NEWLINK
, in6_dev
);
1241 neigh
= __neigh_lookup(&nd_tbl
, &ipv6_hdr(skb
)->saddr
,
1245 if (ndopts
.nd_opts_src_lladdr
) {
1246 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
1250 "RA: invalid link-layer address length\n");
1254 neigh_update(neigh
, lladdr
, NUD_STALE
,
1255 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1256 NEIGH_UPDATE_F_OVERRIDE
|
1257 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
1258 NEIGH_UPDATE_F_ISROUTER
);
1261 if (!ipv6_accept_ra(in6_dev
))
1264 #ifdef CONFIG_IPV6_ROUTE_INFO
1265 if (ipv6_chk_addr(dev_net(in6_dev
->dev
), &ipv6_hdr(skb
)->saddr
, NULL
, 0))
1266 goto skip_routeinfo
;
1268 if (in6_dev
->cnf
.accept_ra_rtr_pref
&& ndopts
.nd_opts_ri
) {
1269 struct nd_opt_hdr
*p
;
1270 for (p
= ndopts
.nd_opts_ri
;
1272 p
= ndisc_next_option(p
, ndopts
.nd_opts_ri_end
)) {
1273 struct route_info
*ri
= (struct route_info
*)p
;
1274 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1275 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
&&
1276 ri
->prefix_len
== 0)
1279 if (ri
->prefix_len
> in6_dev
->cnf
.accept_ra_rt_info_max_plen
)
1281 rt6_route_rcv(skb
->dev
, (u8
*)p
, (p
->nd_opt_len
) << 3,
1282 &ipv6_hdr(skb
)->saddr
);
1289 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1290 /* skip link-specific ndopts from interior routers */
1291 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
)
1295 if (in6_dev
->cnf
.accept_ra_pinfo
&& ndopts
.nd_opts_pi
) {
1296 struct nd_opt_hdr
*p
;
1297 for (p
= ndopts
.nd_opts_pi
;
1299 p
= ndisc_next_option(p
, ndopts
.nd_opts_pi_end
)) {
1300 addrconf_prefix_rcv(skb
->dev
, (u8
*)p
,
1301 (p
->nd_opt_len
) << 3,
1302 ndopts
.nd_opts_src_lladdr
!= NULL
);
1306 if (ndopts
.nd_opts_mtu
) {
1310 memcpy(&n
, ((u8
*)(ndopts
.nd_opts_mtu
+1))+2, sizeof(mtu
));
1313 if (mtu
< IPV6_MIN_MTU
|| mtu
> skb
->dev
->mtu
) {
1314 ND_PRINTK(2, warn
, "RA: invalid mtu: %d\n", mtu
);
1315 } else if (in6_dev
->cnf
.mtu6
!= mtu
) {
1316 in6_dev
->cnf
.mtu6
= mtu
;
1319 dst_metric_set(&rt
->dst
, RTAX_MTU
, mtu
);
1321 rt6_mtu_change(skb
->dev
, mtu
);
1325 if (ndopts
.nd_useropts
) {
1326 struct nd_opt_hdr
*p
;
1327 for (p
= ndopts
.nd_useropts
;
1329 p
= ndisc_next_useropt(p
, ndopts
.nd_useropts_end
)) {
1330 ndisc_ra_useropt(skb
, p
);
1334 if (ndopts
.nd_opts_tgt_lladdr
|| ndopts
.nd_opts_rh
) {
1335 ND_PRINTK(2, warn
, "RA: invalid RA options\n");
1340 neigh_release(neigh
);
1343 static void ndisc_redirect_rcv(struct sk_buff
*skb
)
1346 struct ndisc_options ndopts
;
1347 struct rd_msg
*msg
= (struct rd_msg
*)skb_transport_header(skb
);
1348 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
1349 offsetof(struct rd_msg
, opt
));
1351 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1352 switch (skb
->ndisc_nodetype
) {
1353 case NDISC_NODETYPE_HOST
:
1354 case NDISC_NODETYPE_NODEFAULT
:
1356 "Redirect: from host or unauthorized router\n");
1361 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1363 "Redirect: source address is not link-local\n");
1367 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
))
1370 if (!ndopts
.nd_opts_rh
)
1373 hdr
= (u8
*)ndopts
.nd_opts_rh
;
1375 if (!pskb_pull(skb
, hdr
- skb_transport_header(skb
)))
1378 icmpv6_notify(skb
, NDISC_REDIRECT
, 0, 0);
1381 static void ndisc_fill_redirect_hdr_option(struct sk_buff
*skb
,
1382 struct sk_buff
*orig_skb
,
1385 u8
*opt
= skb_put(skb
, rd_len
);
1388 *(opt
++) = ND_OPT_REDIRECT_HDR
;
1389 *(opt
++) = (rd_len
>> 3);
1392 memcpy(opt
, ipv6_hdr(orig_skb
), rd_len
- 8);
1395 void ndisc_send_redirect(struct sk_buff
*skb
, const struct in6_addr
*target
)
1397 struct net_device
*dev
= skb
->dev
;
1398 struct net
*net
= dev_net(dev
);
1399 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
1401 struct inet_peer
*peer
;
1402 struct sk_buff
*buff
;
1404 struct in6_addr saddr_buf
;
1405 struct rt6_info
*rt
;
1406 struct dst_entry
*dst
;
1407 struct inet6_dev
*idev
;
1411 u8 ha_buf
[MAX_ADDR_LEN
], *ha
= NULL
;
1414 if (ipv6_get_lladdr(dev
, &saddr_buf
, IFA_F_TENTATIVE
)) {
1415 ND_PRINTK(2, warn
, "Redirect: no link-local address on %s\n",
1420 if (!ipv6_addr_equal(&ipv6_hdr(skb
)->daddr
, target
) &&
1421 ipv6_addr_type(target
) != (IPV6_ADDR_UNICAST
|IPV6_ADDR_LINKLOCAL
)) {
1423 "Redirect: target address is not link-local unicast\n");
1427 icmpv6_flow_init(sk
, &fl6
, NDISC_REDIRECT
,
1428 &saddr_buf
, &ipv6_hdr(skb
)->saddr
, dev
->ifindex
);
1430 dst
= ip6_route_output(net
, NULL
, &fl6
);
1435 dst
= xfrm_lookup(net
, dst
, flowi6_to_flowi(&fl6
), NULL
, 0);
1439 rt
= (struct rt6_info
*) dst
;
1441 if (rt
->rt6i_flags
& RTF_GATEWAY
) {
1443 "Redirect: destination is not a neighbour\n");
1446 peer
= inet_getpeer_v6(net
->ipv6
.peers
, &rt
->rt6i_dst
.addr
, 1);
1447 ret
= inet_peer_xrlim_allow(peer
, 1*HZ
);
1453 if (dev
->addr_len
) {
1454 struct neighbour
*neigh
= dst_neigh_lookup(skb_dst(skb
), target
);
1457 "Redirect: no neigh for target address\n");
1461 read_lock_bh(&neigh
->lock
);
1462 if (neigh
->nud_state
& NUD_VALID
) {
1463 memcpy(ha_buf
, neigh
->ha
, dev
->addr_len
);
1464 read_unlock_bh(&neigh
->lock
);
1466 optlen
+= ndisc_opt_addr_space(dev
);
1468 read_unlock_bh(&neigh
->lock
);
1470 neigh_release(neigh
);
1473 rd_len
= min_t(unsigned int,
1474 IPV6_MIN_MTU
- sizeof(struct ipv6hdr
) - sizeof(*msg
) - optlen
,
1479 buff
= ndisc_alloc_skb(dev
, sizeof(*msg
) + optlen
);
1483 skb_put(buff
, sizeof(*msg
));
1484 msg
= (struct rd_msg
*)icmp6_hdr(buff
);
1486 memset(&msg
->icmph
, 0, sizeof(struct icmp6hdr
));
1487 msg
->icmph
.icmp6_type
= NDISC_REDIRECT
;
1490 * copy target and destination addresses
1493 msg
->target
= *target
;
1494 msg
->dest
= ipv6_hdr(skb
)->daddr
;
1497 * include target_address option
1501 ndisc_fill_addr_option(skb
, ND_OPT_TARGET_LL_ADDR
, ha
);
1504 * build redirect option and copy skb over to the new packet.
1508 ndisc_fill_redirect_hdr_option(buff
, skb
, rd_len
);
1510 msg
->icmph
.icmp6_cksum
= csum_ipv6_magic(&saddr_buf
, &ipv6_hdr(skb
)->saddr
,
1511 buff
->len
, IPPROTO_ICMPV6
,
1512 csum_partial(msg
, buff
->len
, 0));
1514 ip6_nd_hdr(buff
, &saddr_buf
, &ipv6_hdr(skb
)->saddr
,
1515 inet6_sk(sk
)->hop_limit
, buff
->len
);
1517 skb_dst_set(buff
, dst
);
1519 idev
= __in6_dev_get(dst
->dev
);
1520 IP6_UPD_PO_STATS(net
, idev
, IPSTATS_MIB_OUT
, skb
->len
);
1521 err
= NF_HOOK(NFPROTO_IPV6
, NF_INET_LOCAL_OUT
, buff
, NULL
, dst
->dev
,
1524 ICMP6MSGOUT_INC_STATS(net
, idev
, NDISC_REDIRECT
);
1525 ICMP6_INC_STATS(net
, idev
, ICMP6_MIB_OUTMSGS
);
1535 static void pndisc_redo(struct sk_buff
*skb
)
1541 int ndisc_rcv(struct sk_buff
*skb
)
1545 if (skb_linearize(skb
))
1548 msg
= (struct nd_msg
*)skb_transport_header(skb
);
1550 __skb_push(skb
, skb
->data
- skb_transport_header(skb
));
1552 if (ipv6_hdr(skb
)->hop_limit
!= 255) {
1553 ND_PRINTK(2, warn
, "NDISC: invalid hop-limit: %d\n",
1554 ipv6_hdr(skb
)->hop_limit
);
1558 if (msg
->icmph
.icmp6_code
!= 0) {
1559 ND_PRINTK(2, warn
, "NDISC: invalid ICMPv6 code: %d\n",
1560 msg
->icmph
.icmp6_code
);
1564 memset(NEIGH_CB(skb
), 0, sizeof(struct neighbour_cb
));
1566 switch (msg
->icmph
.icmp6_type
) {
1567 case NDISC_NEIGHBOUR_SOLICITATION
:
1571 case NDISC_NEIGHBOUR_ADVERTISEMENT
:
1575 case NDISC_ROUTER_SOLICITATION
:
1579 case NDISC_ROUTER_ADVERTISEMENT
:
1580 ndisc_router_discovery(skb
);
1583 case NDISC_REDIRECT
:
1584 ndisc_redirect_rcv(skb
);
1591 static int ndisc_netdev_event(struct notifier_block
*this, unsigned long event
, void *ptr
)
1593 struct net_device
*dev
= ptr
;
1594 struct net
*net
= dev_net(dev
);
1595 struct inet6_dev
*idev
;
1598 case NETDEV_CHANGEADDR
:
1599 neigh_changeaddr(&nd_tbl
, dev
);
1600 fib6_run_gc(~0UL, net
);
1601 idev
= in6_dev_get(dev
);
1604 if (idev
->cnf
.ndisc_notify
)
1605 ndisc_send_unsol_na(dev
);
1609 neigh_ifdown(&nd_tbl
, dev
);
1610 fib6_run_gc(~0UL, net
);
1612 case NETDEV_NOTIFY_PEERS
:
1613 ndisc_send_unsol_na(dev
);
1622 static struct notifier_block ndisc_netdev_notifier
= {
1623 .notifier_call
= ndisc_netdev_event
,
1626 #ifdef CONFIG_SYSCTL
1627 static void ndisc_warn_deprecated_sysctl(struct ctl_table
*ctl
,
1628 const char *func
, const char *dev_name
)
1630 static char warncomm
[TASK_COMM_LEN
];
1632 if (strcmp(warncomm
, current
->comm
) && warned
< 5) {
1633 strcpy(warncomm
, current
->comm
);
1634 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1636 dev_name
, ctl
->procname
,
1637 dev_name
, ctl
->procname
);
1642 int ndisc_ifinfo_sysctl_change(struct ctl_table
*ctl
, int write
, void __user
*buffer
, size_t *lenp
, loff_t
*ppos
)
1644 struct net_device
*dev
= ctl
->extra1
;
1645 struct inet6_dev
*idev
;
1648 if ((strcmp(ctl
->procname
, "retrans_time") == 0) ||
1649 (strcmp(ctl
->procname
, "base_reachable_time") == 0))
1650 ndisc_warn_deprecated_sysctl(ctl
, "syscall", dev
? dev
->name
: "default");
1652 if (strcmp(ctl
->procname
, "retrans_time") == 0)
1653 ret
= proc_dointvec(ctl
, write
, buffer
, lenp
, ppos
);
1655 else if (strcmp(ctl
->procname
, "base_reachable_time") == 0)
1656 ret
= proc_dointvec_jiffies(ctl
, write
,
1657 buffer
, lenp
, ppos
);
1659 else if ((strcmp(ctl
->procname
, "retrans_time_ms") == 0) ||
1660 (strcmp(ctl
->procname
, "base_reachable_time_ms") == 0))
1661 ret
= proc_dointvec_ms_jiffies(ctl
, write
,
1662 buffer
, lenp
, ppos
);
1666 if (write
&& ret
== 0 && dev
&& (idev
= in6_dev_get(dev
)) != NULL
) {
1667 if (ctl
->data
== &idev
->nd_parms
->base_reachable_time
)
1668 idev
->nd_parms
->reachable_time
= neigh_rand_reach_time(idev
->nd_parms
->base_reachable_time
);
1669 idev
->tstamp
= jiffies
;
1670 inet6_ifinfo_notify(RTM_NEWLINK
, idev
);
1679 static int __net_init
ndisc_net_init(struct net
*net
)
1681 struct ipv6_pinfo
*np
;
1685 err
= inet_ctl_sock_create(&sk
, PF_INET6
,
1686 SOCK_RAW
, IPPROTO_ICMPV6
, net
);
1689 "NDISC: Failed to initialize the control socket (err %d)\n",
1694 net
->ipv6
.ndisc_sk
= sk
;
1697 np
->hop_limit
= 255;
1698 /* Do not loopback ndisc messages */
1704 static void __net_exit
ndisc_net_exit(struct net
*net
)
1706 inet_ctl_sock_destroy(net
->ipv6
.ndisc_sk
);
1709 static struct pernet_operations ndisc_net_ops
= {
1710 .init
= ndisc_net_init
,
1711 .exit
= ndisc_net_exit
,
1714 int __init
ndisc_init(void)
1718 err
= register_pernet_subsys(&ndisc_net_ops
);
1722 * Initialize the neighbour table
1724 neigh_table_init(&nd_tbl
);
1726 #ifdef CONFIG_SYSCTL
1727 err
= neigh_sysctl_register(NULL
, &nd_tbl
.parms
, "ipv6",
1728 &ndisc_ifinfo_sysctl_change
);
1730 goto out_unregister_pernet
;
1732 err
= register_netdevice_notifier(&ndisc_netdev_notifier
);
1734 goto out_unregister_sysctl
;
1738 out_unregister_sysctl
:
1739 #ifdef CONFIG_SYSCTL
1740 neigh_sysctl_unregister(&nd_tbl
.parms
);
1741 out_unregister_pernet
:
1743 unregister_pernet_subsys(&ndisc_net_ops
);
1747 void ndisc_cleanup(void)
1749 unregister_netdevice_notifier(&ndisc_netdev_notifier
);
1750 #ifdef CONFIG_SYSCTL
1751 neigh_sysctl_unregister(&nd_tbl
.parms
);
1753 neigh_table_clear(&nd_tbl
);
1754 unregister_pernet_subsys(&ndisc_net_ops
);