]> git.proxmox.com Git - mirror_ubuntu-eoan-kernel.git/blob - net/ipv6/ndisc.c
projects / mirror_ubuntu-eoan-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
ndisc: Make ndisc_fill_xxx_option() for sk_buff.
[mirror_ubuntu-eoan-kernel.git] / net / ipv6 / ndisc.c
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
22 * of an RA.
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
28 */
29
30 #define pr_fmt(fmt) "ICMPv6: " fmt
31
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
44 #ifdef CONFIG_SYSCTL
45 #include <linux/sysctl.h>
46 #endif
47
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
53
54 #include <net/sock.h>
55 #include <net/snmp.h>
56
57 #include <net/ipv6.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
62 #include <net/icmp.h>
63
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
66
67 #include <net/flow.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
71
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
74
75 /* Set to 3 to get tracing... */
76 #define ND_DEBUG 1
77
78 #define ND_PRINTK(val, level, fmt, ...) \
79 do { \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
82 } while (0)
83
84 static u32 ndisc_hash(const void *pkey,
85 const struct net_device *dev,
86 __u32 *hash_rnd);
87 static int ndisc_constructor(struct neighbour *neigh);
88 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
89 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
90 static int pndisc_constructor(struct pneigh_entry *n);
91 static void pndisc_destructor(struct pneigh_entry *n);
92 static void pndisc_redo(struct sk_buff *skb);
93
94 static const struct neigh_ops ndisc_generic_ops = {
95 .family = AF_INET6,
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_connected_output,
100 };
101
102 static const struct neigh_ops ndisc_hh_ops = {
103 .family = AF_INET6,
104 .solicit = ndisc_solicit,
105 .error_report = ndisc_error_report,
106 .output = neigh_resolve_output,
107 .connected_output = neigh_resolve_output,
108 };
109
110
111 static const struct neigh_ops ndisc_direct_ops = {
112 .family = AF_INET6,
113 .output = neigh_direct_output,
114 .connected_output = neigh_direct_output,
115 };
116
117 struct neigh_table nd_tbl = {
118 .family = AF_INET6,
119 .key_len = sizeof(struct in6_addr),
120 .hash = ndisc_hash,
121 .constructor = ndisc_constructor,
122 .pconstructor = pndisc_constructor,
123 .pdestructor = pndisc_destructor,
124 .proxy_redo = pndisc_redo,
125 .id = "ndisc_cache",
126 .parms = {
127 .tbl = &nd_tbl,
128 .base_reachable_time = ND_REACHABLE_TIME,
129 .retrans_time = ND_RETRANS_TIMER,
130 .gc_staletime = 60 * HZ,
131 .reachable_time = ND_REACHABLE_TIME,
132 .delay_probe_time = 5 * HZ,
133 .queue_len_bytes = 64*1024,
134 .ucast_probes = 3,
135 .mcast_probes = 3,
136 .anycast_delay = 1 * HZ,
137 .proxy_delay = (8 * HZ) / 10,
138 .proxy_qlen = 64,
139 },
140 .gc_interval = 30 * HZ,
141 .gc_thresh1 = 128,
142 .gc_thresh2 = 512,
143 .gc_thresh3 = 1024,
144 };
145
146 static void ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data)
147 {
148 int pad = ndisc_addr_option_pad(skb->dev->type);
149 int data_len = skb->dev->addr_len;
150 int space = ndisc_opt_addr_space(skb->dev);
151 u8 *opt = skb_put(skb, space);
152
153 opt[0] = type;
154 opt[1] = space>>3;
155
156 memset(opt + 2, 0, pad);
157 opt += pad;
158 space -= pad;
159
160 memcpy(opt+2, data, data_len);
161 data_len += 2;
162 opt += data_len;
163 if ((space -= data_len) > 0)
164 memset(opt, 0, space);
165 }
166
167 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
168 struct nd_opt_hdr *end)
169 {
170 int type;
171 if (!cur || !end || cur >= end)
172 return NULL;
173 type = cur->nd_opt_type;
174 do {
175 cur = ((void *)cur) + (cur->nd_opt_len << 3);
176 } while(cur < end && cur->nd_opt_type != type);
177 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
178 }
179
180 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
181 {
182 return opt->nd_opt_type == ND_OPT_RDNSS ||
183 opt->nd_opt_type == ND_OPT_DNSSL;
184 }
185
186 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
187 struct nd_opt_hdr *end)
188 {
189 if (!cur || !end || cur >= end)
190 return NULL;
191 do {
192 cur = ((void *)cur) + (cur->nd_opt_len << 3);
193 } while(cur < end && !ndisc_is_useropt(cur));
194 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
195 }
196
197 struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
198 struct ndisc_options *ndopts)
199 {
200 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
201
202 if (!nd_opt || opt_len < 0 || !ndopts)
203 return NULL;
204 memset(ndopts, 0, sizeof(*ndopts));
205 while (opt_len) {
206 int l;
207 if (opt_len < sizeof(struct nd_opt_hdr))
208 return NULL;
209 l = nd_opt->nd_opt_len << 3;
210 if (opt_len < l || l == 0)
211 return NULL;
212 switch (nd_opt->nd_opt_type) {
213 case ND_OPT_SOURCE_LL_ADDR:
214 case ND_OPT_TARGET_LL_ADDR:
215 case ND_OPT_MTU:
216 case ND_OPT_REDIRECT_HDR:
217 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
218 ND_PRINTK(2, warn,
219 "%s: duplicated ND6 option found: type=%d\n",
220 __func__, nd_opt->nd_opt_type);
221 } else {
222 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
223 }
224 break;
225 case ND_OPT_PREFIX_INFO:
226 ndopts->nd_opts_pi_end = nd_opt;
227 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
228 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
229 break;
230 #ifdef CONFIG_IPV6_ROUTE_INFO
231 case ND_OPT_ROUTE_INFO:
232 ndopts->nd_opts_ri_end = nd_opt;
233 if (!ndopts->nd_opts_ri)
234 ndopts->nd_opts_ri = nd_opt;
235 break;
236 #endif
237 default:
238 if (ndisc_is_useropt(nd_opt)) {
239 ndopts->nd_useropts_end = nd_opt;
240 if (!ndopts->nd_useropts)
241 ndopts->nd_useropts = nd_opt;
242 } else {
243 /*
244 * Unknown options must be silently ignored,
245 * to accommodate future extension to the
246 * protocol.
247 */
248 ND_PRINTK(2, notice,
249 "%s: ignored unsupported option; type=%d, len=%d\n",
250 __func__,
251 nd_opt->nd_opt_type,
252 nd_opt->nd_opt_len);
253 }
254 }
255 opt_len -= l;
256 nd_opt = ((void *)nd_opt) + l;
257 }
258 return ndopts;
259 }
260
261 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
262 {
263 switch (dev->type) {
264 case ARPHRD_ETHER:
265 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
266 case ARPHRD_FDDI:
267 ipv6_eth_mc_map(addr, buf);
268 return 0;
269 case ARPHRD_ARCNET:
270 ipv6_arcnet_mc_map(addr, buf);
271 return 0;
272 case ARPHRD_INFINIBAND:
273 ipv6_ib_mc_map(addr, dev->broadcast, buf);
274 return 0;
275 case ARPHRD_IPGRE:
276 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
277 default:
278 if (dir) {
279 memcpy(buf, dev->broadcast, dev->addr_len);
280 return 0;
281 }
282 }
283 return -EINVAL;
284 }
285
286 EXPORT_SYMBOL(ndisc_mc_map);
287
288 static u32 ndisc_hash(const void *pkey,
289 const struct net_device *dev,
290 __u32 *hash_rnd)
291 {
292 return ndisc_hashfn(pkey, dev, hash_rnd);
293 }
294
295 static int ndisc_constructor(struct neighbour *neigh)
296 {
297 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
298 struct net_device *dev = neigh->dev;
299 struct inet6_dev *in6_dev;
300 struct neigh_parms *parms;
301 bool is_multicast = ipv6_addr_is_multicast(addr);
302
303 in6_dev = in6_dev_get(dev);
304 if (in6_dev == NULL) {
305 return -EINVAL;
306 }
307
308 parms = in6_dev->nd_parms;
309 __neigh_parms_put(neigh->parms);
310 neigh->parms = neigh_parms_clone(parms);
311
312 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
313 if (!dev->header_ops) {
314 neigh->nud_state = NUD_NOARP;
315 neigh->ops = &ndisc_direct_ops;
316 neigh->output = neigh_direct_output;
317 } else {
318 if (is_multicast) {
319 neigh->nud_state = NUD_NOARP;
320 ndisc_mc_map(addr, neigh->ha, dev, 1);
321 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
322 neigh->nud_state = NUD_NOARP;
323 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
324 if (dev->flags&IFF_LOOPBACK)
325 neigh->type = RTN_LOCAL;
326 } else if (dev->flags&IFF_POINTOPOINT) {
327 neigh->nud_state = NUD_NOARP;
328 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
329 }
330 if (dev->header_ops->cache)
331 neigh->ops = &ndisc_hh_ops;
332 else
333 neigh->ops = &ndisc_generic_ops;
334 if (neigh->nud_state&NUD_VALID)
335 neigh->output = neigh->ops->connected_output;
336 else
337 neigh->output = neigh->ops->output;
338 }
339 in6_dev_put(in6_dev);
340 return 0;
341 }
342
343 static int pndisc_constructor(struct pneigh_entry *n)
344 {
345 struct in6_addr *addr = (struct in6_addr*)&n->key;
346 struct in6_addr maddr;
347 struct net_device *dev = n->dev;
348
349 if (dev == NULL || __in6_dev_get(dev) == NULL)
350 return -EINVAL;
351 addrconf_addr_solict_mult(addr, &maddr);
352 ipv6_dev_mc_inc(dev, &maddr);
353 return 0;
354 }
355
356 static void pndisc_destructor(struct pneigh_entry *n)
357 {
358 struct in6_addr *addr = (struct in6_addr*)&n->key;
359 struct in6_addr maddr;
360 struct net_device *dev = n->dev;
361
362 if (dev == NULL || __in6_dev_get(dev) == NULL)
363 return;
364 addrconf_addr_solict_mult(addr, &maddr);
365 ipv6_dev_mc_dec(dev, &maddr);
366 }
367
368 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
369 int len)
370 {
371 int hlen = LL_RESERVED_SPACE(dev);
372 int tlen = dev->needed_tailroom;
373 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
374 struct sk_buff *skb;
375 int err;
376
377 skb = sock_alloc_send_skb(sk,
378 hlen + sizeof(struct ipv6hdr) + len + tlen,
379 1, &err);
380 if (!skb) {
381 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb, err=%d\n",
382 __func__, err);
383 return NULL;
384 }
385
386 skb->protocol = htons(ETH_P_IPV6);
387 skb->dev = dev;
388
389 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
390 skb_reset_transport_header(skb);
391
392 return skb;
393 }
394
395 static void ip6_nd_hdr(struct sk_buff *skb,
396 const struct in6_addr *saddr,
397 const struct in6_addr *daddr,
398 int hop_limit, int len)
399 {
400 struct ipv6hdr *hdr;
401
402 skb_push(skb, sizeof(*hdr));
403 skb_reset_network_header(skb);
404 hdr = ipv6_hdr(skb);
405
406 ip6_flow_hdr(hdr, 0, 0);
407
408 hdr->payload_len = htons(len);
409 hdr->nexthdr = IPPROTO_ICMPV6;
410 hdr->hop_limit = hop_limit;
411
412 hdr->saddr = *saddr;
413 hdr->daddr = *daddr;
414 }
415
416 static struct sk_buff *ndisc_build_skb(struct net_device *dev,
417 const struct in6_addr *daddr,
418 const struct in6_addr *saddr,
419 struct icmp6hdr *icmp6h,
420 const struct in6_addr *target,
421 int llinfo)
422 {
423 struct net *net = dev_net(dev);
424 struct sock *sk = net->ipv6.ndisc_sk;
425 struct sk_buff *skb;
426 struct icmp6hdr *hdr;
427 int len;
428 int optlen = 0;
429 u8 *opt;
430
431 if (!dev->addr_len)
432 llinfo = 0;
433
434 len = sizeof(struct icmp6hdr) + (target ? sizeof(*target) : 0);
435 if (llinfo)
436 optlen += ndisc_opt_addr_space(dev);
437
438 skb = ndisc_alloc_skb(dev, len + optlen);
439 if (!skb)
440 return NULL;
441
442 skb_put(skb, len);
443
444 hdr = (struct icmp6hdr *)skb_transport_header(skb);
445 memcpy(hdr, icmp6h, sizeof(*hdr));
446
447 opt = skb_transport_header(skb) + sizeof(struct icmp6hdr);
448 if (target) {
449 *(struct in6_addr *)opt = *target;
450 opt += sizeof(*target);
451 }
452
453 if (llinfo)
454 ndisc_fill_addr_option(skb, llinfo, dev->dev_addr);
455
456 hdr->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
457 IPPROTO_ICMPV6,
458 csum_partial(hdr,
459 skb->len, 0));
460
461 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
462
463 return skb;
464 }
465
466 static void ndisc_send_skb(struct sk_buff *skb,
467 const struct in6_addr *daddr,
468 const struct in6_addr *saddr,
469 struct icmp6hdr *icmp6h)
470 {
471 struct flowi6 fl6;
472 struct dst_entry *dst;
473 struct net *net = dev_net(skb->dev);
474 struct sock *sk = net->ipv6.ndisc_sk;
475 struct inet6_dev *idev;
476 int err;
477 u8 type;
478
479 type = icmp6h->icmp6_type;
480
481 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, skb->dev->ifindex);
482 dst = icmp6_dst_alloc(skb->dev, &fl6);
483 if (IS_ERR(dst)) {
484 kfree_skb(skb);
485 return;
486 }
487
488 skb_dst_set(skb, dst);
489
490 rcu_read_lock();
491 idev = __in6_dev_get(dst->dev);
492 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
493
494 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
495 dst_output);
496 if (!err) {
497 ICMP6MSGOUT_INC_STATS(net, idev, type);
498 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
499 }
500
501 rcu_read_unlock();
502 }
503
504 /*
505 * Send a Neighbour Discover packet
506 */
507 static void __ndisc_send(struct net_device *dev,
508 const struct in6_addr *daddr,
509 const struct in6_addr *saddr,
510 struct icmp6hdr *icmp6h, const struct in6_addr *target,
511 int llinfo)
512 {
513 struct sk_buff *skb;
514
515 skb = ndisc_build_skb(dev, daddr, saddr, icmp6h, target, llinfo);
516 if (!skb)
517 return;
518
519 ndisc_send_skb(skb, daddr, saddr, icmp6h);
520 }
521
522 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
523 const struct in6_addr *daddr,
524 const struct in6_addr *solicited_addr,
525 bool router, bool solicited, bool override, bool inc_opt)
526 {
527 struct in6_addr tmpaddr;
528 struct inet6_ifaddr *ifp;
529 const struct in6_addr *src_addr;
530 struct icmp6hdr icmp6h = {
531 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
532 };
533
534 /* for anycast or proxy, solicited_addr != src_addr */
535 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
536 if (ifp) {
537 src_addr = solicited_addr;
538 if (ifp->flags & IFA_F_OPTIMISTIC)
539 override = 0;
540 inc_opt |= ifp->idev->cnf.force_tllao;
541 in6_ifa_put(ifp);
542 } else {
543 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
544 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
545 &tmpaddr))
546 return;
547 src_addr = &tmpaddr;
548 }
549
550 icmp6h.icmp6_router = router;
551 icmp6h.icmp6_solicited = solicited;
552 icmp6h.icmp6_override = override;
553
554 __ndisc_send(dev, daddr, src_addr, &icmp6h, solicited_addr,
555 inc_opt ? ND_OPT_TARGET_LL_ADDR : 0);
556 }
557
558 static void ndisc_send_unsol_na(struct net_device *dev)
559 {
560 struct inet6_dev *idev;
561 struct inet6_ifaddr *ifa;
562
563 idev = in6_dev_get(dev);
564 if (!idev)
565 return;
566
567 read_lock_bh(&idev->lock);
568 list_for_each_entry(ifa, &idev->addr_list, if_list) {
569 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &ifa->addr,
570 /*router=*/ !!idev->cnf.forwarding,
571 /*solicited=*/ false, /*override=*/ true,
572 /*inc_opt=*/ true);
573 }
574 read_unlock_bh(&idev->lock);
575
576 in6_dev_put(idev);
577 }
578
579 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
580 const struct in6_addr *solicit,
581 const struct in6_addr *daddr, const struct in6_addr *saddr)
582 {
583 struct in6_addr addr_buf;
584 struct icmp6hdr icmp6h = {
585 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
586 };
587
588 if (saddr == NULL) {
589 if (ipv6_get_lladdr(dev, &addr_buf,
590 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
591 return;
592 saddr = &addr_buf;
593 }
594
595 __ndisc_send(dev, daddr, saddr, &icmp6h, solicit,
596 !ipv6_addr_any(saddr) ? ND_OPT_SOURCE_LL_ADDR : 0);
597 }
598
599 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
600 const struct in6_addr *daddr)
601 {
602 struct icmp6hdr icmp6h = {
603 .icmp6_type = NDISC_ROUTER_SOLICITATION,
604 };
605 int send_sllao = dev->addr_len;
606
607 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
608 /*
609 * According to section 2.2 of RFC 4429, we must not
610 * send router solicitations with a sllao from
611 * optimistic addresses, but we may send the solicitation
612 * if we don't include the sllao. So here we check
613 * if our address is optimistic, and if so, we
614 * suppress the inclusion of the sllao.
615 */
616 if (send_sllao) {
617 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
618 dev, 1);
619 if (ifp) {
620 if (ifp->flags & IFA_F_OPTIMISTIC) {
621 send_sllao = 0;
622 }
623 in6_ifa_put(ifp);
624 } else {
625 send_sllao = 0;
626 }
627 }
628 #endif
629 __ndisc_send(dev, daddr, saddr, &icmp6h, NULL,
630 send_sllao ? ND_OPT_SOURCE_LL_ADDR : 0);
631 }
632
633
634 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
635 {
636 /*
637 * "The sender MUST return an ICMP
638 * destination unreachable"
639 */
640 dst_link_failure(skb);
641 kfree_skb(skb);
642 }
643
644 /* Called with locked neigh: either read or both */
645
646 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
647 {
648 struct in6_addr *saddr = NULL;
649 struct in6_addr mcaddr;
650 struct net_device *dev = neigh->dev;
651 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
652 int probes = atomic_read(&neigh->probes);
653
654 if (skb && ipv6_chk_addr(dev_net(dev), &ipv6_hdr(skb)->saddr, dev, 1))
655 saddr = &ipv6_hdr(skb)->saddr;
656
657 if ((probes -= neigh->parms->ucast_probes) < 0) {
658 if (!(neigh->nud_state & NUD_VALID)) {
659 ND_PRINTK(1, dbg,
660 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
661 __func__, target);
662 }
663 ndisc_send_ns(dev, neigh, target, target, saddr);
664 } else if ((probes -= neigh->parms->app_probes) < 0) {
665 #ifdef CONFIG_ARPD
666 neigh_app_ns(neigh);
667 #endif
668 } else {
669 addrconf_addr_solict_mult(target, &mcaddr);
670 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
671 }
672 }
673
674 static int pndisc_is_router(const void *pkey,
675 struct net_device *dev)
676 {
677 struct pneigh_entry *n;
678 int ret = -1;
679
680 read_lock_bh(&nd_tbl.lock);
681 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
682 if (n)
683 ret = !!(n->flags & NTF_ROUTER);
684 read_unlock_bh(&nd_tbl.lock);
685
686 return ret;
687 }
688
689 static void ndisc_recv_ns(struct sk_buff *skb)
690 {
691 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
692 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
693 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
694 u8 *lladdr = NULL;
695 u32 ndoptlen = skb->tail - (skb->transport_header +
696 offsetof(struct nd_msg, opt));
697 struct ndisc_options ndopts;
698 struct net_device *dev = skb->dev;
699 struct inet6_ifaddr *ifp;
700 struct inet6_dev *idev = NULL;
701 struct neighbour *neigh;
702 int dad = ipv6_addr_any(saddr);
703 bool inc;
704 int is_router = -1;
705
706 if (skb->len < sizeof(struct nd_msg)) {
707 ND_PRINTK(2, warn, "NS: packet too short\n");
708 return;
709 }
710
711 if (ipv6_addr_is_multicast(&msg->target)) {
712 ND_PRINTK(2, warn, "NS: multicast target address\n");
713 return;
714 }
715
716 /*
717 * RFC2461 7.1.1:
718 * DAD has to be destined for solicited node multicast address.
719 */
720 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
721 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
722 return;
723 }
724
725 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
726 ND_PRINTK(2, warn, "NS: invalid ND options\n");
727 return;
728 }
729
730 if (ndopts.nd_opts_src_lladdr) {
731 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
732 if (!lladdr) {
733 ND_PRINTK(2, warn,
734 "NS: invalid link-layer address length\n");
735 return;
736 }
737
738 /* RFC2461 7.1.1:
739 * If the IP source address is the unspecified address,
740 * there MUST NOT be source link-layer address option
741 * in the message.
742 */
743 if (dad) {
744 ND_PRINTK(2, warn,
745 "NS: bad DAD packet (link-layer address option)\n");
746 return;
747 }
748 }
749
750 inc = ipv6_addr_is_multicast(daddr);
751
752 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
753 if (ifp) {
754
755 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
756 if (dad) {
757 /*
758 * We are colliding with another node
759 * who is doing DAD
760 * so fail our DAD process
761 */
762 addrconf_dad_failure(ifp);
763 return;
764 } else {
765 /*
766 * This is not a dad solicitation.
767 * If we are an optimistic node,
768 * we should respond.
769 * Otherwise, we should ignore it.
770 */
771 if (!(ifp->flags & IFA_F_OPTIMISTIC))
772 goto out;
773 }
774 }
775
776 idev = ifp->idev;
777 } else {
778 struct net *net = dev_net(dev);
779
780 idev = in6_dev_get(dev);
781 if (!idev) {
782 /* XXX: count this drop? */
783 return;
784 }
785
786 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
787 (idev->cnf.forwarding &&
788 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
789 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
790 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
791 skb->pkt_type != PACKET_HOST &&
792 inc != 0 &&
793 idev->nd_parms->proxy_delay != 0) {
794 /*
795 * for anycast or proxy,
796 * sender should delay its response
797 * by a random time between 0 and
798 * MAX_ANYCAST_DELAY_TIME seconds.
799 * (RFC2461) -- yoshfuji
800 */
801 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
802 if (n)
803 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
804 goto out;
805 }
806 } else
807 goto out;
808 }
809
810 if (is_router < 0)
811 is_router = idev->cnf.forwarding;
812
813 if (dad) {
814 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
815 !!is_router, false, (ifp != NULL), true);
816 goto out;
817 }
818
819 if (inc)
820 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
821 else
822 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
823
824 /*
825 * update / create cache entry
826 * for the source address
827 */
828 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
829 !inc || lladdr || !dev->addr_len);
830 if (neigh)
831 neigh_update(neigh, lladdr, NUD_STALE,
832 NEIGH_UPDATE_F_WEAK_OVERRIDE|
833 NEIGH_UPDATE_F_OVERRIDE);
834 if (neigh || !dev->header_ops) {
835 ndisc_send_na(dev, neigh, saddr, &msg->target,
836 !!is_router,
837 true, (ifp != NULL && inc), inc);
838 if (neigh)
839 neigh_release(neigh);
840 }
841
842 out:
843 if (ifp)
844 in6_ifa_put(ifp);
845 else
846 in6_dev_put(idev);
847 }
848
849 static void ndisc_recv_na(struct sk_buff *skb)
850 {
851 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
852 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
853 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
854 u8 *lladdr = NULL;
855 u32 ndoptlen = skb->tail - (skb->transport_header +
856 offsetof(struct nd_msg, opt));
857 struct ndisc_options ndopts;
858 struct net_device *dev = skb->dev;
859 struct inet6_ifaddr *ifp;
860 struct neighbour *neigh;
861
862 if (skb->len < sizeof(struct nd_msg)) {
863 ND_PRINTK(2, warn, "NA: packet too short\n");
864 return;
865 }
866
867 if (ipv6_addr_is_multicast(&msg->target)) {
868 ND_PRINTK(2, warn, "NA: target address is multicast\n");
869 return;
870 }
871
872 if (ipv6_addr_is_multicast(daddr) &&
873 msg->icmph.icmp6_solicited) {
874 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
875 return;
876 }
877
878 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
879 ND_PRINTK(2, warn, "NS: invalid ND option\n");
880 return;
881 }
882 if (ndopts.nd_opts_tgt_lladdr) {
883 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
884 if (!lladdr) {
885 ND_PRINTK(2, warn,
886 "NA: invalid link-layer address length\n");
887 return;
888 }
889 }
890 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
891 if (ifp) {
892 if (skb->pkt_type != PACKET_LOOPBACK
893 && (ifp->flags & IFA_F_TENTATIVE)) {
894 addrconf_dad_failure(ifp);
895 return;
896 }
897 /* What should we make now? The advertisement
898 is invalid, but ndisc specs say nothing
899 about it. It could be misconfiguration, or
900 an smart proxy agent tries to help us :-)
901
902 We should not print the error if NA has been
903 received from loopback - it is just our own
904 unsolicited advertisement.
905 */
906 if (skb->pkt_type != PACKET_LOOPBACK)
907 ND_PRINTK(1, warn,
908 "NA: someone advertises our address %pI6 on %s!\n",
909 &ifp->addr, ifp->idev->dev->name);
910 in6_ifa_put(ifp);
911 return;
912 }
913 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
914
915 if (neigh) {
916 u8 old_flags = neigh->flags;
917 struct net *net = dev_net(dev);
918
919 if (neigh->nud_state & NUD_FAILED)
920 goto out;
921
922 /*
923 * Don't update the neighbor cache entry on a proxy NA from
924 * ourselves because either the proxied node is off link or it
925 * has already sent a NA to us.
926 */
927 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
928 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
929 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
930 /* XXX: idev->cnf.proxy_ndp */
931 goto out;
932 }
933
934 neigh_update(neigh, lladdr,
935 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
936 NEIGH_UPDATE_F_WEAK_OVERRIDE|
937 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
938 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
939 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
940
941 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
942 /*
943 * Change: router to host
944 */
945 struct rt6_info *rt;
946 rt = rt6_get_dflt_router(saddr, dev);
947 if (rt)
948 ip6_del_rt(rt);
949 }
950
951 out:
952 neigh_release(neigh);
953 }
954 }
955
956 static void ndisc_recv_rs(struct sk_buff *skb)
957 {
958 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
959 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
960 struct neighbour *neigh;
961 struct inet6_dev *idev;
962 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
963 struct ndisc_options ndopts;
964 u8 *lladdr = NULL;
965
966 if (skb->len < sizeof(*rs_msg))
967 return;
968
969 idev = __in6_dev_get(skb->dev);
970 if (!idev) {
971 ND_PRINTK(1, err, "RS: can't find in6 device\n");
972 return;
973 }
974
975 /* Don't accept RS if we're not in router mode */
976 if (!idev->cnf.forwarding)
977 goto out;
978
979 /*
980 * Don't update NCE if src = ::;
981 * this implies that the source node has no ip address assigned yet.
982 */
983 if (ipv6_addr_any(saddr))
984 goto out;
985
986 /* Parse ND options */
987 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
988 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
989 goto out;
990 }
991
992 if (ndopts.nd_opts_src_lladdr) {
993 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
994 skb->dev);
995 if (!lladdr)
996 goto out;
997 }
998
999 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1000 if (neigh) {
1001 neigh_update(neigh, lladdr, NUD_STALE,
1002 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1003 NEIGH_UPDATE_F_OVERRIDE|
1004 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1005 neigh_release(neigh);
1006 }
1007 out:
1008 return;
1009 }
1010
1011 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1012 {
1013 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1014 struct sk_buff *skb;
1015 struct nlmsghdr *nlh;
1016 struct nduseroptmsg *ndmsg;
1017 struct net *net = dev_net(ra->dev);
1018 int err;
1019 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1020 + (opt->nd_opt_len << 3));
1021 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1022
1023 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1024 if (skb == NULL) {
1025 err = -ENOBUFS;
1026 goto errout;
1027 }
1028
1029 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1030 if (nlh == NULL) {
1031 goto nla_put_failure;
1032 }
1033
1034 ndmsg = nlmsg_data(nlh);
1035 ndmsg->nduseropt_family = AF_INET6;
1036 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1037 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1038 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1039 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1040
1041 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1042
1043 if (nla_put(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1044 &ipv6_hdr(ra)->saddr))
1045 goto nla_put_failure;
1046 nlmsg_end(skb, nlh);
1047
1048 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1049 return;
1050
1051 nla_put_failure:
1052 nlmsg_free(skb);
1053 err = -EMSGSIZE;
1054 errout:
1055 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1056 }
1057
1058 static void ndisc_router_discovery(struct sk_buff *skb)
1059 {
1060 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1061 struct neighbour *neigh = NULL;
1062 struct inet6_dev *in6_dev;
1063 struct rt6_info *rt = NULL;
1064 int lifetime;
1065 struct ndisc_options ndopts;
1066 int optlen;
1067 unsigned int pref = 0;
1068
1069 __u8 * opt = (__u8 *)(ra_msg + 1);
1070
1071 optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg);
1072
1073 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1074 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1075 return;
1076 }
1077 if (optlen < 0) {
1078 ND_PRINTK(2, warn, "RA: packet too short\n");
1079 return;
1080 }
1081
1082 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1083 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1084 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1085 return;
1086 }
1087 #endif
1088
1089 /*
1090 * set the RA_RECV flag in the interface
1091 */
1092
1093 in6_dev = __in6_dev_get(skb->dev);
1094 if (in6_dev == NULL) {
1095 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1096 skb->dev->name);
1097 return;
1098 }
1099
1100 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1101 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1102 return;
1103 }
1104
1105 if (!ipv6_accept_ra(in6_dev))
1106 goto skip_linkparms;
1107
1108 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1109 /* skip link-specific parameters from interior routers */
1110 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1111 goto skip_linkparms;
1112 #endif
1113
1114 if (in6_dev->if_flags & IF_RS_SENT) {
1115 /*
1116 * flag that an RA was received after an RS was sent
1117 * out on this interface.
1118 */
1119 in6_dev->if_flags |= IF_RA_RCVD;
1120 }
1121
1122 /*
1123 * Remember the managed/otherconf flags from most recently
1124 * received RA message (RFC 2462) -- yoshfuji
1125 */
1126 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1127 IF_RA_OTHERCONF)) |
1128 (ra_msg->icmph.icmp6_addrconf_managed ?
1129 IF_RA_MANAGED : 0) |
1130 (ra_msg->icmph.icmp6_addrconf_other ?
1131 IF_RA_OTHERCONF : 0);
1132
1133 if (!in6_dev->cnf.accept_ra_defrtr)
1134 goto skip_defrtr;
1135
1136 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1137 goto skip_defrtr;
1138
1139 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1140
1141 #ifdef CONFIG_IPV6_ROUTER_PREF
1142 pref = ra_msg->icmph.icmp6_router_pref;
1143 /* 10b is handled as if it were 00b (medium) */
1144 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1145 !in6_dev->cnf.accept_ra_rtr_pref)
1146 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1147 #endif
1148
1149 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1150
1151 if (rt) {
1152 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1153 if (!neigh) {
1154 ND_PRINTK(0, err,
1155 "RA: %s got default router without neighbour\n",
1156 __func__);
1157 ip6_rt_put(rt);
1158 return;
1159 }
1160 }
1161 if (rt && lifetime == 0) {
1162 ip6_del_rt(rt);
1163 rt = NULL;
1164 }
1165
1166 if (rt == NULL && lifetime) {
1167 ND_PRINTK(3, dbg, "RA: adding default router\n");
1168
1169 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1170 if (rt == NULL) {
1171 ND_PRINTK(0, err,
1172 "RA: %s failed to add default route\n",
1173 __func__);
1174 return;
1175 }
1176
1177 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1178 if (neigh == NULL) {
1179 ND_PRINTK(0, err,
1180 "RA: %s got default router without neighbour\n",
1181 __func__);
1182 ip6_rt_put(rt);
1183 return;
1184 }
1185 neigh->flags |= NTF_ROUTER;
1186 } else if (rt) {
1187 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1188 }
1189
1190 if (rt)
1191 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1192 if (ra_msg->icmph.icmp6_hop_limit) {
1193 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1194 if (rt)
1195 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1196 ra_msg->icmph.icmp6_hop_limit);
1197 }
1198
1199 skip_defrtr:
1200
1201 /*
1202 * Update Reachable Time and Retrans Timer
1203 */
1204
1205 if (in6_dev->nd_parms) {
1206 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1207
1208 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1209 rtime = (rtime*HZ)/1000;
1210 if (rtime < HZ/10)
1211 rtime = HZ/10;
1212 in6_dev->nd_parms->retrans_time = rtime;
1213 in6_dev->tstamp = jiffies;
1214 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1215 }
1216
1217 rtime = ntohl(ra_msg->reachable_time);
1218 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1219 rtime = (rtime*HZ)/1000;
1220
1221 if (rtime < HZ/10)
1222 rtime = HZ/10;
1223
1224 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1225 in6_dev->nd_parms->base_reachable_time = rtime;
1226 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1227 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1228 in6_dev->tstamp = jiffies;
1229 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1230 }
1231 }
1232 }
1233
1234 skip_linkparms:
1235
1236 /*
1237 * Process options.
1238 */
1239
1240 if (!neigh)
1241 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1242 skb->dev, 1);
1243 if (neigh) {
1244 u8 *lladdr = NULL;
1245 if (ndopts.nd_opts_src_lladdr) {
1246 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1247 skb->dev);
1248 if (!lladdr) {
1249 ND_PRINTK(2, warn,
1250 "RA: invalid link-layer address length\n");
1251 goto out;
1252 }
1253 }
1254 neigh_update(neigh, lladdr, NUD_STALE,
1255 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1256 NEIGH_UPDATE_F_OVERRIDE|
1257 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1258 NEIGH_UPDATE_F_ISROUTER);
1259 }
1260
1261 if (!ipv6_accept_ra(in6_dev))
1262 goto out;
1263
1264 #ifdef CONFIG_IPV6_ROUTE_INFO
1265 if (ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr, NULL, 0))
1266 goto skip_routeinfo;
1267
1268 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1269 struct nd_opt_hdr *p;
1270 for (p = ndopts.nd_opts_ri;
1271 p;
1272 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1273 struct route_info *ri = (struct route_info *)p;
1274 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1275 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1276 ri->prefix_len == 0)
1277 continue;
1278 #endif
1279 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1280 continue;
1281 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1282 &ipv6_hdr(skb)->saddr);
1283 }
1284 }
1285
1286 skip_routeinfo:
1287 #endif
1288
1289 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1290 /* skip link-specific ndopts from interior routers */
1291 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1292 goto out;
1293 #endif
1294
1295 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1296 struct nd_opt_hdr *p;
1297 for (p = ndopts.nd_opts_pi;
1298 p;
1299 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1300 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1301 (p->nd_opt_len) << 3,
1302 ndopts.nd_opts_src_lladdr != NULL);
1303 }
1304 }
1305
1306 if (ndopts.nd_opts_mtu) {
1307 __be32 n;
1308 u32 mtu;
1309
1310 memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1311 mtu = ntohl(n);
1312
1313 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1314 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1315 } else if (in6_dev->cnf.mtu6 != mtu) {
1316 in6_dev->cnf.mtu6 = mtu;
1317
1318 if (rt)
1319 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1320
1321 rt6_mtu_change(skb->dev, mtu);
1322 }
1323 }
1324
1325 if (ndopts.nd_useropts) {
1326 struct nd_opt_hdr *p;
1327 for (p = ndopts.nd_useropts;
1328 p;
1329 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1330 ndisc_ra_useropt(skb, p);
1331 }
1332 }
1333
1334 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1335 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1336 }
1337 out:
1338 ip6_rt_put(rt);
1339 if (neigh)
1340 neigh_release(neigh);
1341 }
1342
1343 static void ndisc_redirect_rcv(struct sk_buff *skb)
1344 {
1345 u8 *hdr;
1346 struct ndisc_options ndopts;
1347 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1348 u32 ndoptlen = skb->tail - (skb->transport_header +
1349 offsetof(struct rd_msg, opt));
1350
1351 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1352 switch (skb->ndisc_nodetype) {
1353 case NDISC_NODETYPE_HOST:
1354 case NDISC_NODETYPE_NODEFAULT:
1355 ND_PRINTK(2, warn,
1356 "Redirect: from host or unauthorized router\n");
1357 return;
1358 }
1359 #endif
1360
1361 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1362 ND_PRINTK(2, warn,
1363 "Redirect: source address is not link-local\n");
1364 return;
1365 }
1366
1367 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts))
1368 return;
1369
1370 if (!ndopts.nd_opts_rh)
1371 return;
1372
1373 hdr = (u8 *)ndopts.nd_opts_rh;
1374 hdr += 8;
1375 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1376 return;
1377
1378 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1379 }
1380
1381 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1382 struct sk_buff *orig_skb,
1383 int rd_len)
1384 {
1385 u8 *opt = skb_put(skb, rd_len);
1386
1387 memset(opt, 0, 8);
1388 *(opt++) = ND_OPT_REDIRECT_HDR;
1389 *(opt++) = (rd_len >> 3);
1390 opt += 6;
1391
1392 memcpy(opt, ipv6_hdr(orig_skb), rd_len - 8);
1393 }
1394
1395 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1396 {
1397 struct net_device *dev = skb->dev;
1398 struct net *net = dev_net(dev);
1399 struct sock *sk = net->ipv6.ndisc_sk;
1400 int optlen = 0;
1401 struct inet_peer *peer;
1402 struct sk_buff *buff;
1403 struct rd_msg *msg;
1404 struct in6_addr saddr_buf;
1405 struct rt6_info *rt;
1406 struct dst_entry *dst;
1407 struct inet6_dev *idev;
1408 struct flowi6 fl6;
1409 int rd_len;
1410 int err;
1411 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1412 bool ret;
1413
1414 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1415 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1416 dev->name);
1417 return;
1418 }
1419
1420 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1421 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1422 ND_PRINTK(2, warn,
1423 "Redirect: target address is not link-local unicast\n");
1424 return;
1425 }
1426
1427 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1428 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1429
1430 dst = ip6_route_output(net, NULL, &fl6);
1431 if (dst->error) {
1432 dst_release(dst);
1433 return;
1434 }
1435 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1436 if (IS_ERR(dst))
1437 return;
1438
1439 rt = (struct rt6_info *) dst;
1440
1441 if (rt->rt6i_flags & RTF_GATEWAY) {
1442 ND_PRINTK(2, warn,
1443 "Redirect: destination is not a neighbour\n");
1444 goto release;
1445 }
1446 peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
1447 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1448 if (peer)
1449 inet_putpeer(peer);
1450 if (!ret)
1451 goto release;
1452
1453 if (dev->addr_len) {
1454 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1455 if (!neigh) {
1456 ND_PRINTK(2, warn,
1457 "Redirect: no neigh for target address\n");
1458 goto release;
1459 }
1460
1461 read_lock_bh(&neigh->lock);
1462 if (neigh->nud_state & NUD_VALID) {
1463 memcpy(ha_buf, neigh->ha, dev->addr_len);
1464 read_unlock_bh(&neigh->lock);
1465 ha = ha_buf;
1466 optlen += ndisc_opt_addr_space(dev);
1467 } else
1468 read_unlock_bh(&neigh->lock);
1469
1470 neigh_release(neigh);
1471 }
1472
1473 rd_len = min_t(unsigned int,
1474 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1475 skb->len + 8);
1476 rd_len &= ~0x7;
1477 optlen += rd_len;
1478
1479 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1480 if (!buff)
1481 goto release;
1482
1483 skb_put(buff, sizeof(*msg));
1484 msg = (struct rd_msg *)icmp6_hdr(buff);
1485
1486 memset(&msg->icmph, 0, sizeof(struct icmp6hdr));
1487 msg->icmph.icmp6_type = NDISC_REDIRECT;
1488
1489 /*
1490 * copy target and destination addresses
1491 */
1492
1493 msg->target = *target;
1494 msg->dest = ipv6_hdr(skb)->daddr;
1495
1496 /*
1497 * include target_address option
1498 */
1499
1500 if (ha)
1501 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR, ha);
1502
1503 /*
1504 * build redirect option and copy skb over to the new packet.
1505 */
1506
1507 if (rd_len)
1508 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1509
1510 msg->icmph.icmp6_cksum = csum_ipv6_magic(&saddr_buf, &ipv6_hdr(skb)->saddr,
1511 buff->len, IPPROTO_ICMPV6,
1512 csum_partial(msg, buff->len, 0));
1513
1514 ip6_nd_hdr(buff, &saddr_buf, &ipv6_hdr(skb)->saddr,
1515 inet6_sk(sk)->hop_limit, buff->len);
1516
1517 skb_dst_set(buff, dst);
1518 rcu_read_lock();
1519 idev = __in6_dev_get(dst->dev);
1520 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
1521 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, buff, NULL, dst->dev,
1522 dst_output);
1523 if (!err) {
1524 ICMP6MSGOUT_INC_STATS(net, idev, NDISC_REDIRECT);
1525 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1526 }
1527
1528 rcu_read_unlock();
1529 return;
1530
1531 release:
1532 dst_release(dst);
1533 }
1534
1535 static void pndisc_redo(struct sk_buff *skb)
1536 {
1537 ndisc_recv_ns(skb);
1538 kfree_skb(skb);
1539 }
1540
1541 int ndisc_rcv(struct sk_buff *skb)
1542 {
1543 struct nd_msg *msg;
1544
1545 if (skb_linearize(skb))
1546 return 0;
1547
1548 msg = (struct nd_msg *)skb_transport_header(skb);
1549
1550 __skb_push(skb, skb->data - skb_transport_header(skb));
1551
1552 if (ipv6_hdr(skb)->hop_limit != 255) {
1553 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1554 ipv6_hdr(skb)->hop_limit);
1555 return 0;
1556 }
1557
1558 if (msg->icmph.icmp6_code != 0) {
1559 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1560 msg->icmph.icmp6_code);
1561 return 0;
1562 }
1563
1564 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1565
1566 switch (msg->icmph.icmp6_type) {
1567 case NDISC_NEIGHBOUR_SOLICITATION:
1568 ndisc_recv_ns(skb);
1569 break;
1570
1571 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1572 ndisc_recv_na(skb);
1573 break;
1574
1575 case NDISC_ROUTER_SOLICITATION:
1576 ndisc_recv_rs(skb);
1577 break;
1578
1579 case NDISC_ROUTER_ADVERTISEMENT:
1580 ndisc_router_discovery(skb);
1581 break;
1582
1583 case NDISC_REDIRECT:
1584 ndisc_redirect_rcv(skb);
1585 break;
1586 }
1587
1588 return 0;
1589 }
1590
1591 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1592 {
1593 struct net_device *dev = ptr;
1594 struct net *net = dev_net(dev);
1595 struct inet6_dev *idev;
1596
1597 switch (event) {
1598 case NETDEV_CHANGEADDR:
1599 neigh_changeaddr(&nd_tbl, dev);
1600 fib6_run_gc(~0UL, net);
1601 idev = in6_dev_get(dev);
1602 if (!idev)
1603 break;
1604 if (idev->cnf.ndisc_notify)
1605 ndisc_send_unsol_na(dev);
1606 in6_dev_put(idev);
1607 break;
1608 case NETDEV_DOWN:
1609 neigh_ifdown(&nd_tbl, dev);
1610 fib6_run_gc(~0UL, net);
1611 break;
1612 case NETDEV_NOTIFY_PEERS:
1613 ndisc_send_unsol_na(dev);
1614 break;
1615 default:
1616 break;
1617 }
1618
1619 return NOTIFY_DONE;
1620 }
1621
1622 static struct notifier_block ndisc_netdev_notifier = {
1623 .notifier_call = ndisc_netdev_event,
1624 };
1625
1626 #ifdef CONFIG_SYSCTL
1627 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1628 const char *func, const char *dev_name)
1629 {
1630 static char warncomm[TASK_COMM_LEN];
1631 static int warned;
1632 if (strcmp(warncomm, current->comm) && warned < 5) {
1633 strcpy(warncomm, current->comm);
1634 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1635 warncomm, func,
1636 dev_name, ctl->procname,
1637 dev_name, ctl->procname);
1638 warned++;
1639 }
1640 }
1641
1642 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1643 {
1644 struct net_device *dev = ctl->extra1;
1645 struct inet6_dev *idev;
1646 int ret;
1647
1648 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1649 (strcmp(ctl->procname, "base_reachable_time") == 0))
1650 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1651
1652 if (strcmp(ctl->procname, "retrans_time") == 0)
1653 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1654
1655 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1656 ret = proc_dointvec_jiffies(ctl, write,
1657 buffer, lenp, ppos);
1658
1659 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1660 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1661 ret = proc_dointvec_ms_jiffies(ctl, write,
1662 buffer, lenp, ppos);
1663 else
1664 ret = -1;
1665
1666 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1667 if (ctl->data == &idev->nd_parms->base_reachable_time)
1668 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1669 idev->tstamp = jiffies;
1670 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1671 in6_dev_put(idev);
1672 }
1673 return ret;
1674 }
1675
1676
1677 #endif
1678
1679 static int __net_init ndisc_net_init(struct net *net)
1680 {
1681 struct ipv6_pinfo *np;
1682 struct sock *sk;
1683 int err;
1684
1685 err = inet_ctl_sock_create(&sk, PF_INET6,
1686 SOCK_RAW, IPPROTO_ICMPV6, net);
1687 if (err < 0) {
1688 ND_PRINTK(0, err,
1689 "NDISC: Failed to initialize the control socket (err %d)\n",
1690 err);
1691 return err;
1692 }
1693
1694 net->ipv6.ndisc_sk = sk;
1695
1696 np = inet6_sk(sk);
1697 np->hop_limit = 255;
1698 /* Do not loopback ndisc messages */
1699 np->mc_loop = 0;
1700
1701 return 0;
1702 }
1703
1704 static void __net_exit ndisc_net_exit(struct net *net)
1705 {
1706 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1707 }
1708
1709 static struct pernet_operations ndisc_net_ops = {
1710 .init = ndisc_net_init,
1711 .exit = ndisc_net_exit,
1712 };
1713
1714 int __init ndisc_init(void)
1715 {
1716 int err;
1717
1718 err = register_pernet_subsys(&ndisc_net_ops);
1719 if (err)
1720 return err;
1721 /*
1722 * Initialize the neighbour table
1723 */
1724 neigh_table_init(&nd_tbl);
1725
1726 #ifdef CONFIG_SYSCTL
1727 err = neigh_sysctl_register(NULL, &nd_tbl.parms, "ipv6",
1728 &ndisc_ifinfo_sysctl_change);
1729 if (err)
1730 goto out_unregister_pernet;
1731 #endif
1732 err = register_netdevice_notifier(&ndisc_netdev_notifier);
1733 if (err)
1734 goto out_unregister_sysctl;
1735 out:
1736 return err;
1737
1738 out_unregister_sysctl:
1739 #ifdef CONFIG_SYSCTL
1740 neigh_sysctl_unregister(&nd_tbl.parms);
1741 out_unregister_pernet:
1742 #endif
1743 unregister_pernet_subsys(&ndisc_net_ops);
1744 goto out;
1745 }
1746
1747 void ndisc_cleanup(void)
1748 {
1749 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1750 #ifdef CONFIG_SYSCTL
1751 neigh_sysctl_unregister(&nd_tbl.parms);
1752 #endif
1753 neigh_table_clear(&nd_tbl);
1754 unregister_pernet_subsys(&ndisc_net_ops);
1755 }
Ubuntu Eoan Linux kernel mirror