net/ipv6/ndisc.c

   1 /*
   2  *      Neighbour Discovery for IPv6
   3  *      Linux INET6 implementation
   4  *
   5  *      Authors:
   6  *      Pedro Roque             <roque@di.fc.ul.pt>
   7  *      Mike Shaver             <shaver@ingenia.com>
   8  *
   9  *      This program is free software; you can redistribute it and/or
  10  *      modify it under the terms of the GNU General Public License
  11  *      as published by the Free Software Foundation; either version
  12  *      2 of the License, or (at your option) any later version.
  13  */
  14
  15 /*
  16  *      Changes:
  17  *
  18  *      Pierre Ynard                    :       export userland ND options
  19  *                                              through netlink (RDNSS support)
  20  *      Lars Fenneberg                  :       fixed MTU setting on receipt
  21  *                                              of an RA.
  22  *      Janos Farkas                    :       kmalloc failure checks
  23  *      Alexey Kuznetsov                :       state machine reworked
  24  *                                              and moved to net/core.
  25  *      Pekka Savola                    :       RFC2461 validation
  26  *      YOSHIFUJI Hideaki @USAGI        :       Verify ND options properly
  27  */
  28
  29 /* Set to 3 to get tracing... */
  30 #define ND_DEBUG 1
  31
  32 #define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
  33 #define ND_NOPRINTK(x...) do { ; } while(0)
  34 #define ND_PRINTK0 ND_PRINTK
  35 #define ND_PRINTK1 ND_NOPRINTK
  36 #define ND_PRINTK2 ND_NOPRINTK
  37 #define ND_PRINTK3 ND_NOPRINTK
  38 #if ND_DEBUG >= 1
  39 #undef ND_PRINTK1
  40 #define ND_PRINTK1 ND_PRINTK
  41 #endif
  42 #if ND_DEBUG >= 2
  43 #undef ND_PRINTK2
  44 #define ND_PRINTK2 ND_PRINTK
  45 #endif
  46 #if ND_DEBUG >= 3
  47 #undef ND_PRINTK3
  48 #define ND_PRINTK3 ND_PRINTK
  49 #endif
  50
  51 #include <linux/module.h>
  52 #include <linux/errno.h>
  53 #include <linux/types.h>
  54 #include <linux/socket.h>
  55 #include <linux/sockios.h>
  56 #include <linux/sched.h>
  57 #include <linux/net.h>
  58 #include <linux/in6.h>
  59 #include <linux/route.h>
  60 #include <linux/init.h>
  61 #include <linux/rcupdate.h>
  62 #ifdef CONFIG_SYSCTL
  63 #include <linux/sysctl.h>
  64 #endif
  65
  66 #include <linux/if_addr.h>
  67 #include <linux/if_arp.h>
  68 #include <linux/ipv6.h>
  69 #include <linux/icmpv6.h>
  70 #include <linux/jhash.h>
  71
  72 #include <net/sock.h>
  73 #include <net/snmp.h>
  74
  75 #include <net/ipv6.h>
  76 #include <net/protocol.h>
  77 #include <net/ndisc.h>
  78 #include <net/ip6_route.h>
  79 #include <net/addrconf.h>
  80 #include <net/icmp.h>
  81
  82 #include <net/netlink.h>
  83 #include <linux/rtnetlink.h>
  84
  85 #include <net/flow.h>
  86 #include <net/ip6_checksum.h>
  87 #include <linux/proc_fs.h>
  88
  89 #include <linux/netfilter.h>
  90 #include <linux/netfilter_ipv6.h>
  91
  92 static u32 ndisc_hash(const void *pkey, const struct net_device *dev);
  93 static int ndisc_constructor(struct neighbour *neigh);
  94 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
  95 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
  96 static int pndisc_constructor(struct pneigh_entry *n);
  97 static void pndisc_destructor(struct pneigh_entry *n);
  98 static void pndisc_redo(struct sk_buff *skb);
  99
 100 static struct neigh_ops ndisc_generic_ops = {
 101         .family =               AF_INET6,
 102         .solicit =              ndisc_solicit,
 103         .error_report =         ndisc_error_report,
 104         .output =               neigh_resolve_output,
 105         .connected_output =     neigh_connected_output,
 106         .hh_output =            dev_queue_xmit,
 107         .queue_xmit =           dev_queue_xmit,
 108 };
 109
 110 static struct neigh_ops ndisc_hh_ops = {
 111         .family =               AF_INET6,
 112         .solicit =              ndisc_solicit,
 113         .error_report =         ndisc_error_report,
 114         .output =               neigh_resolve_output,
 115         .connected_output =     neigh_resolve_output,
 116         .hh_output =            dev_queue_xmit,
 117         .queue_xmit =           dev_queue_xmit,
 118 };
 119
 120
 121 static struct neigh_ops ndisc_direct_ops = {
 122         .family =               AF_INET6,
 123         .output =               dev_queue_xmit,
 124         .connected_output =     dev_queue_xmit,
 125         .hh_output =            dev_queue_xmit,
 126         .queue_xmit =           dev_queue_xmit,
 127 };
 128
 129 struct neigh_table nd_tbl = {
 130         .family =       AF_INET6,
 131         .entry_size =   sizeof(struct neighbour) + sizeof(struct in6_addr),
 132         .key_len =      sizeof(struct in6_addr),
 133         .hash =         ndisc_hash,
 134         .constructor =  ndisc_constructor,
 135         .pconstructor = pndisc_constructor,
 136         .pdestructor =  pndisc_destructor,
 137         .proxy_redo =   pndisc_redo,
 138         .id =           "ndisc_cache",
 139         .parms = {
 140                 .tbl =                  &nd_tbl,
 141                 .base_reachable_time =  30 * HZ,
 142                 .retrans_time =  1 * HZ,
 143                 .gc_staletime = 60 * HZ,
 144                 .reachable_time =               30 * HZ,
 145                 .delay_probe_time =      5 * HZ,
 146                 .queue_len =             3,
 147                 .ucast_probes =  3,
 148                 .mcast_probes =  3,
 149                 .anycast_delay =         1 * HZ,
 150                 .proxy_delay =          (8 * HZ) / 10,
 151                 .proxy_qlen =           64,
 152         },
 153         .gc_interval =    30 * HZ,
 154         .gc_thresh1 =    128,
 155         .gc_thresh2 =    512,
 156         .gc_thresh3 =   1024,
 157 };
 158
 159 /* ND options */
 160 struct ndisc_options {
 161         struct nd_opt_hdr *nd_opt_array[__ND_OPT_ARRAY_MAX];
 162 #ifdef CONFIG_IPV6_ROUTE_INFO
 163         struct nd_opt_hdr *nd_opts_ri;
 164         struct nd_opt_hdr *nd_opts_ri_end;
 165 #endif
 166         struct nd_opt_hdr *nd_useropts;
 167         struct nd_opt_hdr *nd_useropts_end;
 168 };
 169
 170 #define nd_opts_src_lladdr      nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
 171 #define nd_opts_tgt_lladdr      nd_opt_array[ND_OPT_TARGET_LL_ADDR]
 172 #define nd_opts_pi              nd_opt_array[ND_OPT_PREFIX_INFO]
 173 #define nd_opts_pi_end          nd_opt_array[__ND_OPT_PREFIX_INFO_END]
 174 #define nd_opts_rh              nd_opt_array[ND_OPT_REDIRECT_HDR]
 175 #define nd_opts_mtu             nd_opt_array[ND_OPT_MTU]
 176
 177 #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
 178
 179 /*
 180  * Return the padding between the option length and the start of the
 181  * link addr.  Currently only IP-over-InfiniBand needs this, although
 182  * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
 183  * also need a pad of 2.
 184  */
 185 static int ndisc_addr_option_pad(unsigned short type)
 186 {
 187         switch (type) {
 188         case ARPHRD_INFINIBAND: return 2;
 189         default:                return 0;
 190         }
 191 }
 192
 193 static inline int ndisc_opt_addr_space(struct net_device *dev)
 194 {
 195         return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
 196 }
 197
 198 static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
 199                                   unsigned short addr_type)
 200 {
 201         int space = NDISC_OPT_SPACE(data_len);
 202         int pad   = ndisc_addr_option_pad(addr_type);
 203
 204         opt[0] = type;
 205         opt[1] = space>>3;
 206
 207         memset(opt + 2, 0, pad);
 208         opt   += pad;
 209         space -= pad;
 210
 211         memcpy(opt+2, data, data_len);
 212         data_len += 2;
 213         opt += data_len;
 214         if ((space -= data_len) > 0)
 215                 memset(opt, 0, space);
 216         return opt + space;
 217 }
 218
 219 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
 220                                             struct nd_opt_hdr *end)
 221 {
 222         int type;
 223         if (!cur || !end || cur >= end)
 224                 return NULL;
 225         type = cur->nd_opt_type;
 226         do {
 227                 cur = ((void *)cur) + (cur->nd_opt_len << 3);
 228         } while(cur < end && cur->nd_opt_type != type);
 229         return (cur <= end && cur->nd_opt_type == type ? cur : NULL);
 230 }
 231
 232 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
 233 {
 234         return (opt->nd_opt_type == ND_OPT_RDNSS);
 235 }
 236
 237 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
 238                                              struct nd_opt_hdr *end)
 239 {
 240         if (!cur || !end || cur >= end)
 241                 return NULL;
 242         do {
 243                 cur = ((void *)cur) + (cur->nd_opt_len << 3);
 244         } while(cur < end && !ndisc_is_useropt(cur));
 245         return (cur <= end && ndisc_is_useropt(cur) ? cur : NULL);
 246 }
 247
 248 static struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
 249                                                  struct ndisc_options *ndopts)
 250 {
 251         struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
 252
 253         if (!nd_opt || opt_len < 0 || !ndopts)
 254                 return NULL;
 255         memset(ndopts, 0, sizeof(*ndopts));
 256         while (opt_len) {
 257                 int l;
 258                 if (opt_len < sizeof(struct nd_opt_hdr))
 259                         return NULL;
 260                 l = nd_opt->nd_opt_len << 3;
 261                 if (opt_len < l || l == 0)
 262                         return NULL;
 263                 switch (nd_opt->nd_opt_type) {
 264                 case ND_OPT_SOURCE_LL_ADDR:
 265                 case ND_OPT_TARGET_LL_ADDR:
 266                 case ND_OPT_MTU:
 267                 case ND_OPT_REDIRECT_HDR:
 268                         if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
 269                                 ND_PRINTK2(KERN_WARNING
 270                                            "%s(): duplicated ND6 option found: type=%d\n",
 271                                            __func__,
 272                                            nd_opt->nd_opt_type);
 273                         } else {
 274                                 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
 275                         }
 276                         break;
 277                 case ND_OPT_PREFIX_INFO:
 278                         ndopts->nd_opts_pi_end = nd_opt;
 279                         if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
 280                                 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
 281                         break;
 282 #ifdef CONFIG_IPV6_ROUTE_INFO
 283                 case ND_OPT_ROUTE_INFO:
 284                         ndopts->nd_opts_ri_end = nd_opt;
 285                         if (!ndopts->nd_opts_ri)
 286                                 ndopts->nd_opts_ri = nd_opt;
 287                         break;
 288 #endif
 289                 default:
 290                         if (ndisc_is_useropt(nd_opt)) {
 291                                 ndopts->nd_useropts_end = nd_opt;
 292                                 if (!ndopts->nd_useropts)
 293                                         ndopts->nd_useropts = nd_opt;
 294                         } else {
 295                                 /*
 296                                  * Unknown options must be silently ignored,
 297                                  * to accommodate future extension to the
 298                                  * protocol.
 299                                  */
 300                                 ND_PRINTK2(KERN_NOTICE
 301                                            "%s(): ignored unsupported option; type=%d, len=%d\n",
 302                                            __func__,
 303                                            nd_opt->nd_opt_type, nd_opt->nd_opt_len);
 304                         }
 305                 }
 306                 opt_len -= l;
 307                 nd_opt = ((void *)nd_opt) + l;
 308         }
 309         return ndopts;
 310 }
 311
 312 static inline u8 *ndisc_opt_addr_data(struct nd_opt_hdr *p,
 313                                       struct net_device *dev)
 314 {
 315         u8 *lladdr = (u8 *)(p + 1);
 316         int lladdrlen = p->nd_opt_len << 3;
 317         int prepad = ndisc_addr_option_pad(dev->type);
 318         if (lladdrlen != NDISC_OPT_SPACE(dev->addr_len + prepad))
 319                 return NULL;
 320         return (lladdr + prepad);
 321 }
 322
 323 int ndisc_mc_map(struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
 324 {
 325         switch (dev->type) {
 326         case ARPHRD_ETHER:
 327         case ARPHRD_IEEE802:    /* Not sure. Check it later. --ANK */
 328         case ARPHRD_FDDI:
 329                 ipv6_eth_mc_map(addr, buf);
 330                 return 0;
 331         case ARPHRD_IEEE802_TR:
 332                 ipv6_tr_mc_map(addr,buf);
 333                 return 0;
 334         case ARPHRD_ARCNET:
 335                 ipv6_arcnet_mc_map(addr, buf);
 336                 return 0;
 337         case ARPHRD_INFINIBAND:
 338                 ipv6_ib_mc_map(addr, dev->broadcast, buf);
 339                 return 0;
 340         default:
 341                 if (dir) {
 342                         memcpy(buf, dev->broadcast, dev->addr_len);
 343                         return 0;
 344                 }
 345         }
 346         return -EINVAL;
 347 }
 348
 349 EXPORT_SYMBOL(ndisc_mc_map);
 350
 351 static u32 ndisc_hash(const void *pkey, const struct net_device *dev)
 352 {
 353         const u32 *p32 = pkey;
 354         u32 addr_hash, i;
 355
 356         addr_hash = 0;
 357         for (i = 0; i < (sizeof(struct in6_addr) / sizeof(u32)); i++)
 358                 addr_hash ^= *p32++;
 359
 360         return jhash_2words(addr_hash, dev->ifindex, nd_tbl.hash_rnd);
 361 }
 362
 363 static int ndisc_constructor(struct neighbour *neigh)
 364 {
 365         struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
 366         struct net_device *dev = neigh->dev;
 367         struct inet6_dev *in6_dev;
 368         struct neigh_parms *parms;
 369         int is_multicast = ipv6_addr_is_multicast(addr);
 370
 371         rcu_read_lock();
 372         in6_dev = in6_dev_get(dev);
 373         if (in6_dev == NULL) {
 374                 rcu_read_unlock();
 375                 return -EINVAL;
 376         }
 377
 378         parms = in6_dev->nd_parms;
 379         __neigh_parms_put(neigh->parms);
 380         neigh->parms = neigh_parms_clone(parms);
 381         rcu_read_unlock();
 382
 383         neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
 384         if (!dev->header_ops) {
 385                 neigh->nud_state = NUD_NOARP;
 386                 neigh->ops = &ndisc_direct_ops;
 387                 neigh->output = neigh->ops->queue_xmit;
 388         } else {
 389                 if (is_multicast) {
 390                         neigh->nud_state = NUD_NOARP;
 391                         ndisc_mc_map(addr, neigh->ha, dev, 1);
 392                 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
 393                         neigh->nud_state = NUD_NOARP;
 394                         memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
 395                         if (dev->flags&IFF_LOOPBACK)
 396                                 neigh->type = RTN_LOCAL;
 397                 } else if (dev->flags&IFF_POINTOPOINT) {
 398                         neigh->nud_state = NUD_NOARP;
 399                         memcpy(neigh->ha, dev->broadcast, dev->addr_len);
 400                 }
 401                 if (dev->header_ops->cache)
 402                         neigh->ops = &ndisc_hh_ops;
 403                 else
 404                         neigh->ops = &ndisc_generic_ops;
 405                 if (neigh->nud_state&NUD_VALID)
 406                         neigh->output = neigh->ops->connected_output;
 407                 else
 408                         neigh->output = neigh->ops->output;
 409         }
 410         in6_dev_put(in6_dev);
 411         return 0;
 412 }
 413
 414 static int pndisc_constructor(struct pneigh_entry *n)
 415 {
 416         struct in6_addr *addr = (struct in6_addr*)&n->key;
 417         struct in6_addr maddr;
 418         struct net_device *dev = n->dev;
 419
 420         if (dev == NULL || __in6_dev_get(dev) == NULL)
 421                 return -EINVAL;
 422         addrconf_addr_solict_mult(addr, &maddr);
 423         ipv6_dev_mc_inc(dev, &maddr);
 424         return 0;
 425 }
 426
 427 static void pndisc_destructor(struct pneigh_entry *n)
 428 {
 429         struct in6_addr *addr = (struct in6_addr*)&n->key;
 430         struct in6_addr maddr;
 431         struct net_device *dev = n->dev;
 432
 433         if (dev == NULL || __in6_dev_get(dev) == NULL)
 434                 return;
 435         addrconf_addr_solict_mult(addr, &maddr);
 436         ipv6_dev_mc_dec(dev, &maddr);
 437 }
 438
 439 /*
 440  *      Send a Neighbour Advertisement
 441  */
 442 static void __ndisc_send(struct net_device *dev,
 443                          struct neighbour *neigh,
 444                          struct in6_addr *daddr, struct in6_addr *saddr,
 445                          struct icmp6hdr *icmp6h, struct in6_addr *target,
 446                          int llinfo)
 447 {
 448         struct flowi fl;
 449         struct dst_entry *dst;
 450         struct net *net = dev_net(dev);
 451         struct sock *sk = net->ipv6.ndisc_sk;
 452         struct sk_buff *skb;
 453         struct icmp6hdr *hdr;
 454         struct inet6_dev *idev;
 455         int len;
 456         int err;
 457         u8 *opt, type;
 458
 459         type = icmp6h->icmp6_type;
 460
 461         icmpv6_flow_init(sk, &fl, type, saddr, daddr, dev->ifindex);
 462
 463         dst = icmp6_dst_alloc(dev, neigh, daddr);
 464         if (!dst)
 465                 return;
 466
 467         err = xfrm_lookup(&dst, &fl, NULL, 0);
 468         if (err < 0)
 469                 return;
 470
 471         if (!dev->addr_len)
 472                 llinfo = 0;
 473
 474         len = sizeof(struct icmp6hdr) + (target ? sizeof(*target) : 0);
 475         if (llinfo)
 476                 len += ndisc_opt_addr_space(dev);
 477
 478         skb = sock_alloc_send_skb(sk,
 479                                   (MAX_HEADER + sizeof(struct ipv6hdr) +
 480                                    len + LL_RESERVED_SPACE(dev)),
 481                                   1, &err);
 482         if (!skb) {
 483                 ND_PRINTK0(KERN_ERR
 484                            "ICMPv6 ND: %s() failed to allocate an skb.\n",
 485                            __func__);
 486                 dst_release(dst);
 487                 return;
 488         }
 489
 490         skb_reserve(skb, LL_RESERVED_SPACE(dev));
 491         ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
 492
 493         skb->transport_header = skb->tail;
 494         skb_put(skb, len);
 495
 496         hdr = (struct icmp6hdr *)skb_transport_header(skb);
 497         memcpy(hdr, icmp6h, sizeof(*hdr));
 498
 499         opt = skb_transport_header(skb) + sizeof(struct icmp6hdr);
 500         if (target) {
 501                 ipv6_addr_copy((struct in6_addr *)opt, target);
 502                 opt += sizeof(*target);
 503         }
 504
 505         if (llinfo)
 506                 ndisc_fill_addr_option(opt, llinfo, dev->dev_addr,
 507                                        dev->addr_len, dev->type);
 508
 509         hdr->icmp6_cksum = csum_ipv6_magic(saddr, daddr, len,
 510                                            IPPROTO_ICMPV6,
 511                                            csum_partial((__u8 *) hdr,
 512                                                         len, 0));
 513
 514         skb->dst = dst;
 515
 516         idev = in6_dev_get(dst->dev);
 517         IP6_INC_STATS(idev, IPSTATS_MIB_OUTREQUESTS);
 518
 519         err = NF_HOOK(PF_INET6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
 520                       dst_output);
 521         if (!err) {
 522                 ICMP6MSGOUT_INC_STATS(idev, type);
 523                 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
 524         }
 525
 526         if (likely(idev != NULL))
 527                 in6_dev_put(idev);
 528 }
 529
 530 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
 531                    struct in6_addr *daddr, struct in6_addr *solicited_addr,
 532                    int router, int solicited, int override, int inc_opt)
 533 {
 534         struct in6_addr tmpaddr;
 535         struct inet6_ifaddr *ifp;
 536         struct in6_addr *src_addr;
 537         struct icmp6hdr icmp6h = {
 538                 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
 539         };
 540
 541         /* for anycast or proxy, solicited_addr != src_addr */
 542         ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
 543         if (ifp) {
 544                 src_addr = solicited_addr;
 545                 if (ifp->flags & IFA_F_OPTIMISTIC)
 546                         override = 0;
 547                 in6_ifa_put(ifp);
 548         } else {
 549                 if (ipv6_dev_get_saddr(dev, daddr,
 550                                        inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
 551                                        &tmpaddr))
 552                         return;
 553                 src_addr = &tmpaddr;
 554         }
 555
 556         icmp6h.icmp6_router = router;
 557         icmp6h.icmp6_solicited = solicited;
 558         icmp6h.icmp6_override = override;
 559
 560         __ndisc_send(dev, neigh, daddr, src_addr,
 561                      &icmp6h, solicited_addr,
 562                      inc_opt ? ND_OPT_TARGET_LL_ADDR : 0);
 563 }
 564
 565 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
 566                    struct in6_addr *solicit,
 567                    struct in6_addr *daddr, struct in6_addr *saddr)
 568 {
 569         struct in6_addr addr_buf;
 570         struct icmp6hdr icmp6h = {
 571                 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
 572         };
 573
 574         if (saddr == NULL) {
 575                 if (ipv6_get_lladdr(dev, &addr_buf,
 576                                    (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
 577                         return;
 578                 saddr = &addr_buf;
 579         }
 580
 581         __ndisc_send(dev, neigh, daddr, saddr,
 582                      &icmp6h, solicit,
 583                      !ipv6_addr_any(saddr) ? ND_OPT_SOURCE_LL_ADDR : 0);
 584 }
 585
 586 void ndisc_send_rs(struct net_device *dev, struct in6_addr *saddr,
 587                    struct in6_addr *daddr)
 588 {
 589         struct icmp6hdr icmp6h = {
 590                 .icmp6_type = NDISC_ROUTER_SOLICITATION,
 591         };
 592         int send_sllao = dev->addr_len;
 593
 594 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
 595         /*
 596          * According to section 2.2 of RFC 4429, we must not
 597          * send router solicitations with a sllao from
 598          * optimistic addresses, but we may send the solicitation
 599          * if we don't include the sllao.  So here we check
 600          * if our address is optimistic, and if so, we
 601          * suppress the inclusion of the sllao.
 602          */
 603         if (send_sllao) {
 604                 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
 605                                                            dev, 1);
 606                 if (ifp) {
 607                         if (ifp->flags & IFA_F_OPTIMISTIC)  {
 608                                 send_sllao = 0;
 609                         }
 610                         in6_ifa_put(ifp);
 611                 } else {
 612                         send_sllao = 0;
 613                 }
 614         }
 615 #endif
 616         __ndisc_send(dev, NULL, daddr, saddr,
 617                      &icmp6h, NULL,
 618                      send_sllao ? ND_OPT_SOURCE_LL_ADDR : 0);
 619 }
 620
 621
 622 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
 623 {
 624         /*
 625          *      "The sender MUST return an ICMP
 626          *       destination unreachable"
 627          */
 628         dst_link_failure(skb);
 629         kfree_skb(skb);
 630 }
 631
 632 /* Called with locked neigh: either read or both */
 633
 634 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
 635 {
 636         struct in6_addr *saddr = NULL;
 637         struct in6_addr mcaddr;
 638         struct net_device *dev = neigh->dev;
 639         struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
 640         int probes = atomic_read(&neigh->probes);
 641
 642         if (skb && ipv6_chk_addr(dev_net(dev), &ipv6_hdr(skb)->saddr, dev, 1))
 643                 saddr = &ipv6_hdr(skb)->saddr;
 644
 645         if ((probes -= neigh->parms->ucast_probes) < 0) {
 646                 if (!(neigh->nud_state & NUD_VALID)) {
 647                         ND_PRINTK1(KERN_DEBUG
 648                                    "%s(): trying to ucast probe in NUD_INVALID: "
 649                                    NIP6_FMT "\n",
 650                                    __func__,
 651                                    NIP6(*target));
 652                 }
 653                 ndisc_send_ns(dev, neigh, target, target, saddr);
 654         } else if ((probes -= neigh->parms->app_probes) < 0) {
 655 #ifdef CONFIG_ARPD
 656                 neigh_app_ns(neigh);
 657 #endif
 658         } else {
 659                 addrconf_addr_solict_mult(target, &mcaddr);
 660                 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
 661         }
 662 }
 663
 664 static int pndisc_is_router(const void *pkey,
 665                             struct net_device *dev)
 666 {
 667         struct pneigh_entry *n;
 668         int ret = -1;
 669
 670         read_lock_bh(&nd_tbl.lock);
 671         n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
 672         if (n)
 673                 ret = !!(n->flags & NTF_ROUTER);
 674         read_unlock_bh(&nd_tbl.lock);
 675
 676         return ret;
 677 }
 678
 679 static void ndisc_recv_ns(struct sk_buff *skb)
 680 {
 681         struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
 682         struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
 683         struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
 684         u8 *lladdr = NULL;
 685         u32 ndoptlen = skb->tail - (skb->transport_header +
 686                                     offsetof(struct nd_msg, opt));
 687         struct ndisc_options ndopts;
 688         struct net_device *dev = skb->dev;
 689         struct inet6_ifaddr *ifp;
 690         struct inet6_dev *idev = NULL;
 691         struct neighbour *neigh;
 692         int dad = ipv6_addr_any(saddr);
 693         int inc;
 694         int is_router = -1;
 695
 696         if (ipv6_addr_is_multicast(&msg->target)) {
 697                 ND_PRINTK2(KERN_WARNING
 698                            "ICMPv6 NS: multicast target address");
 699                 return;
 700         }
 701
 702         /*
 703          * RFC2461 7.1.1:
 704          * DAD has to be destined for solicited node multicast address.
 705          */
 706         if (dad &&
 707             !(daddr->s6_addr32[0] == htonl(0xff020000) &&
 708               daddr->s6_addr32[1] == htonl(0x00000000) &&
 709               daddr->s6_addr32[2] == htonl(0x00000001) &&
 710               daddr->s6_addr [12] == 0xff )) {
 711                 ND_PRINTK2(KERN_WARNING
 712                            "ICMPv6 NS: bad DAD packet (wrong destination)\n");
 713                 return;
 714         }
 715
 716         if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
 717                 ND_PRINTK2(KERN_WARNING
 718                            "ICMPv6 NS: invalid ND options\n");
 719                 return;
 720         }
 721
 722         if (ndopts.nd_opts_src_lladdr) {
 723                 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
 724                 if (!lladdr) {
 725                         ND_PRINTK2(KERN_WARNING
 726                                    "ICMPv6 NS: invalid link-layer address length\n");
 727                         return;
 728                 }
 729
 730                 /* RFC2461 7.1.1:
 731                  *      If the IP source address is the unspecified address,
 732                  *      there MUST NOT be source link-layer address option
 733                  *      in the message.
 734                  */
 735                 if (dad) {
 736                         ND_PRINTK2(KERN_WARNING
 737                                    "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
 738                         return;
 739                 }
 740         }
 741
 742         inc = ipv6_addr_is_multicast(daddr);
 743
 744         ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
 745         if (ifp) {
 746
 747                 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
 748                         if (dad) {
 749                                 if (dev->type == ARPHRD_IEEE802_TR) {
 750                                         const unsigned char *sadr;
 751                                         sadr = skb_mac_header(skb);
 752                                         if (((sadr[8] ^ dev->dev_addr[0]) & 0x7f) == 0 &&
 753                                             sadr[9] == dev->dev_addr[1] &&
 754                                             sadr[10] == dev->dev_addr[2] &&
 755                                             sadr[11] == dev->dev_addr[3] &&
 756                                             sadr[12] == dev->dev_addr[4] &&
 757                                             sadr[13] == dev->dev_addr[5]) {
 758                                                 /* looped-back to us */
 759                                                 goto out;
 760                                         }
 761                                 }
 762
 763                                 /*
 764                                  * We are colliding with another node
 765                                  * who is doing DAD
 766                                  * so fail our DAD process
 767                                  */
 768                                 addrconf_dad_failure(ifp);
 769                                 return;
 770                         } else {
 771                                 /*
 772                                  * This is not a dad solicitation.
 773                                  * If we are an optimistic node,
 774                                  * we should respond.
 775                                  * Otherwise, we should ignore it.
 776                                  */
 777                                 if (!(ifp->flags & IFA_F_OPTIMISTIC))
 778                                         goto out;
 779                         }
 780                 }
 781
 782                 idev = ifp->idev;
 783         } else {
 784                 idev = in6_dev_get(dev);
 785                 if (!idev) {
 786                         /* XXX: count this drop? */
 787                         return;
 788                 }
 789
 790                 if (ipv6_chk_acast_addr(dev_net(dev), dev, &msg->target) ||
 791                     (idev->cnf.forwarding &&
 792                      (ipv6_devconf.proxy_ndp || idev->cnf.proxy_ndp) &&
 793                      (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
 794                         if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
 795                             skb->pkt_type != PACKET_HOST &&
 796                             inc != 0 &&
 797                             idev->nd_parms->proxy_delay != 0) {
 798                                 /*
 799                                  * for anycast or proxy,
 800                                  * sender should delay its response
 801                                  * by a random time between 0 and
 802                                  * MAX_ANYCAST_DELAY_TIME seconds.
 803                                  * (RFC2461) -- yoshfuji
 804                                  */
 805                                 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
 806                                 if (n)
 807                                         pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
 808                                 goto out;
 809                         }
 810                 } else
 811                         goto out;
 812         }
 813
 814         if (is_router < 0)
 815                 is_router = !!idev->cnf.forwarding;
 816
 817         if (dad) {
 818                 struct in6_addr maddr;
 819
 820                 ipv6_addr_all_nodes(&maddr);
 821                 ndisc_send_na(dev, NULL, &maddr, &msg->target,
 822                               is_router, 0, (ifp != NULL), 1);
 823                 goto out;
 824         }
 825
 826         if (inc)
 827                 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
 828         else
 829                 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
 830
 831         /*
 832          *      update / create cache entry
 833          *      for the source address
 834          */
 835         neigh = __neigh_lookup(&nd_tbl, saddr, dev,
 836                                !inc || lladdr || !dev->addr_len);
 837         if (neigh)
 838                 neigh_update(neigh, lladdr, NUD_STALE,
 839                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
 840                              NEIGH_UPDATE_F_OVERRIDE);
 841         if (neigh || !dev->header_ops) {
 842                 ndisc_send_na(dev, neigh, saddr, &msg->target,
 843                               is_router,
 844                               1, (ifp != NULL && inc), inc);
 845                 if (neigh)
 846                         neigh_release(neigh);
 847         }
 848
 849 out:
 850         if (ifp)
 851                 in6_ifa_put(ifp);
 852         else
 853                 in6_dev_put(idev);
 854
 855         return;
 856 }
 857
 858 static void ndisc_recv_na(struct sk_buff *skb)
 859 {
 860         struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
 861         struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
 862         struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
 863         u8 *lladdr = NULL;
 864         u32 ndoptlen = skb->tail - (skb->transport_header +
 865                                     offsetof(struct nd_msg, opt));
 866         struct ndisc_options ndopts;
 867         struct net_device *dev = skb->dev;
 868         struct inet6_ifaddr *ifp;
 869         struct neighbour *neigh;
 870
 871         if (skb->len < sizeof(struct nd_msg)) {
 872                 ND_PRINTK2(KERN_WARNING
 873                            "ICMPv6 NA: packet too short\n");
 874                 return;
 875         }
 876
 877         if (ipv6_addr_is_multicast(&msg->target)) {
 878                 ND_PRINTK2(KERN_WARNING
 879                            "ICMPv6 NA: target address is multicast.\n");
 880                 return;
 881         }
 882
 883         if (ipv6_addr_is_multicast(daddr) &&
 884             msg->icmph.icmp6_solicited) {
 885                 ND_PRINTK2(KERN_WARNING
 886                            "ICMPv6 NA: solicited NA is multicasted.\n");
 887                 return;
 888         }
 889
 890         if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
 891                 ND_PRINTK2(KERN_WARNING
 892                            "ICMPv6 NS: invalid ND option\n");
 893                 return;
 894         }
 895         if (ndopts.nd_opts_tgt_lladdr) {
 896                 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
 897                 if (!lladdr) {
 898                         ND_PRINTK2(KERN_WARNING
 899                                    "ICMPv6 NA: invalid link-layer address length\n");
 900                         return;
 901                 }
 902         }
 903         ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
 904         if (ifp) {
 905                 if (ifp->flags & IFA_F_TENTATIVE) {
 906                         addrconf_dad_failure(ifp);
 907                         return;
 908                 }
 909                 /* What should we make now? The advertisement
 910                    is invalid, but ndisc specs say nothing
 911                    about it. It could be misconfiguration, or
 912                    an smart proxy agent tries to help us :-)
 913                  */
 914                 ND_PRINTK1(KERN_WARNING
 915                            "ICMPv6 NA: someone advertises our address on %s!\n",
 916                            ifp->idev->dev->name);
 917                 in6_ifa_put(ifp);
 918                 return;
 919         }
 920         neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
 921
 922         if (neigh) {
 923                 u8 old_flags = neigh->flags;
 924
 925                 if (neigh->nud_state & NUD_FAILED)
 926                         goto out;
 927
 928                 /*
 929                  * Don't update the neighbor cache entry on a proxy NA from
 930                  * ourselves because either the proxied node is off link or it
 931                  * has already sent a NA to us.
 932                  */
 933                 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
 934                     ipv6_devconf.forwarding && ipv6_devconf.proxy_ndp &&
 935                     pneigh_lookup(&nd_tbl, dev_net(dev), &msg->target, dev, 0)) {
 936                         /* XXX: idev->cnf.prixy_ndp */
 937                         goto out;
 938                 }
 939
 940                 neigh_update(neigh, lladdr,
 941                              msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
 942                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
 943                              (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
 944                              NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
 945                              (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
 946
 947                 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
 948                         /*
 949                          * Change: router to host
 950                          */
 951                         struct rt6_info *rt;
 952                         rt = rt6_get_dflt_router(saddr, dev);
 953                         if (rt)
 954                                 ip6_del_rt(rt);
 955                 }
 956
 957 out:
 958                 neigh_release(neigh);
 959         }
 960 }
 961
 962 static void ndisc_recv_rs(struct sk_buff *skb)
 963 {
 964         struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
 965         unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
 966         struct neighbour *neigh;
 967         struct inet6_dev *idev;
 968         struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
 969         struct ndisc_options ndopts;
 970         u8 *lladdr = NULL;
 971
 972         if (skb->len < sizeof(*rs_msg))
 973                 return;
 974
 975         idev = in6_dev_get(skb->dev);
 976         if (!idev) {
 977                 if (net_ratelimit())
 978                         ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
 979                 return;
 980         }
 981
 982         /* Don't accept RS if we're not in router mode */
 983         if (!idev->cnf.forwarding)
 984                 goto out;
 985
 986         /*
 987          * Don't update NCE if src = ::;
 988          * this implies that the source node has no ip address assigned yet.
 989          */
 990         if (ipv6_addr_any(saddr))
 991                 goto out;
 992
 993         /* Parse ND options */
 994         if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
 995                 if (net_ratelimit())
 996                         ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
 997                 goto out;
 998         }
 999
1000         if (ndopts.nd_opts_src_lladdr) {
1001                 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1002                                              skb->dev);
1003                 if (!lladdr)
1004                         goto out;
1005         }
1006
1007         neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1008         if (neigh) {
1009                 neigh_update(neigh, lladdr, NUD_STALE,
1010                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
1011                              NEIGH_UPDATE_F_OVERRIDE|
1012                              NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1013                 neigh_release(neigh);
1014         }
1015 out:
1016         in6_dev_put(idev);
1017 }
1018
1019 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1020 {
1021         struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1022         struct sk_buff *skb;
1023         struct nlmsghdr *nlh;
1024         struct nduseroptmsg *ndmsg;
1025         struct net *net = dev_net(ra->dev);
1026         int err;
1027         int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1028                                     + (opt->nd_opt_len << 3));
1029         size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1030
1031         skb = nlmsg_new(msg_size, GFP_ATOMIC);
1032         if (skb == NULL) {
1033                 err = -ENOBUFS;
1034                 goto errout;
1035         }
1036
1037         nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1038         if (nlh == NULL) {
1039                 goto nla_put_failure;
1040         }
1041
1042         ndmsg = nlmsg_data(nlh);
1043         ndmsg->nduseropt_family = AF_INET6;
1044         ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1045         ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1046         ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1047         ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1048
1049         memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1050
1051         NLA_PUT(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1052                 &ipv6_hdr(ra)->saddr);
1053         nlmsg_end(skb, nlh);
1054
1055         err = rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL,
1056                           GFP_ATOMIC);
1057         if (err < 0)
1058                 goto errout;
1059
1060         return;
1061
1062 nla_put_failure:
1063         nlmsg_free(skb);
1064         err = -EMSGSIZE;
1065 errout:
1066         rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1067 }
1068
1069 static void ndisc_router_discovery(struct sk_buff *skb)
1070 {
1071         struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1072         struct neighbour *neigh = NULL;
1073         struct inet6_dev *in6_dev;
1074         struct rt6_info *rt = NULL;
1075         int lifetime;
1076         struct ndisc_options ndopts;
1077         int optlen;
1078         unsigned int pref = 0;
1079
1080         __u8 * opt = (__u8 *)(ra_msg + 1);
1081
1082         optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg);
1083
1084         if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1085                 ND_PRINTK2(KERN_WARNING
1086                            "ICMPv6 RA: source address is not link-local.\n");
1087                 return;
1088         }
1089         if (optlen < 0) {
1090                 ND_PRINTK2(KERN_WARNING
1091                            "ICMPv6 RA: packet too short\n");
1092                 return;
1093         }
1094
1095         if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1096                 ND_PRINTK2(KERN_WARNING
1097                            "ICMPv6 RA: from host or unauthorized router\n");
1098                 return;
1099         }
1100
1101         /*
1102          *      set the RA_RECV flag in the interface
1103          */
1104
1105         in6_dev = in6_dev_get(skb->dev);
1106         if (in6_dev == NULL) {
1107                 ND_PRINTK0(KERN_ERR
1108                            "ICMPv6 RA: can't find inet6 device for %s.\n",
1109                            skb->dev->name);
1110                 return;
1111         }
1112         if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_ra) {
1113                 in6_dev_put(in6_dev);
1114                 return;
1115         }
1116
1117         if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1118                 in6_dev_put(in6_dev);
1119                 ND_PRINTK2(KERN_WARNING
1120                            "ICMP6 RA: invalid ND options\n");
1121                 return;
1122         }
1123
1124         /* skip link-specific parameters from interior routers */
1125         if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1126                 goto skip_linkparms;
1127
1128         if (in6_dev->if_flags & IF_RS_SENT) {
1129                 /*
1130                  *      flag that an RA was received after an RS was sent
1131                  *      out on this interface.
1132                  */
1133                 in6_dev->if_flags |= IF_RA_RCVD;
1134         }
1135
1136         /*
1137          * Remember the managed/otherconf flags from most recently
1138          * received RA message (RFC 2462) -- yoshfuji
1139          */
1140         in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1141                                 IF_RA_OTHERCONF)) |
1142                                 (ra_msg->icmph.icmp6_addrconf_managed ?
1143                                         IF_RA_MANAGED : 0) |
1144                                 (ra_msg->icmph.icmp6_addrconf_other ?
1145                                         IF_RA_OTHERCONF : 0);
1146
1147         if (!in6_dev->cnf.accept_ra_defrtr)
1148                 goto skip_defrtr;
1149
1150         lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1151
1152 #ifdef CONFIG_IPV6_ROUTER_PREF
1153         pref = ra_msg->icmph.icmp6_router_pref;
1154         /* 10b is handled as if it were 00b (medium) */
1155         if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1156             !in6_dev->cnf.accept_ra_rtr_pref)
1157                 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1158 #endif
1159
1160         rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1161
1162         if (rt)
1163                 neigh = rt->rt6i_nexthop;
1164
1165         if (rt && lifetime == 0) {
1166                 neigh_clone(neigh);
1167                 ip6_del_rt(rt);
1168                 rt = NULL;
1169         }
1170
1171         if (rt == NULL && lifetime) {
1172                 ND_PRINTK3(KERN_DEBUG
1173                            "ICMPv6 RA: adding default router.\n");
1174
1175                 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1176                 if (rt == NULL) {
1177                         ND_PRINTK0(KERN_ERR
1178                                    "ICMPv6 RA: %s() failed to add default route.\n",
1179                                    __func__);
1180                         in6_dev_put(in6_dev);
1181                         return;
1182                 }
1183
1184                 neigh = rt->rt6i_nexthop;
1185                 if (neigh == NULL) {
1186                         ND_PRINTK0(KERN_ERR
1187                                    "ICMPv6 RA: %s() got default router without neighbour.\n",
1188                                    __func__);
1189                         dst_release(&rt->u.dst);
1190                         in6_dev_put(in6_dev);
1191                         return;
1192                 }
1193                 neigh->flags |= NTF_ROUTER;
1194         } else if (rt) {
1195                 rt->rt6i_flags |= (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1196         }
1197
1198         if (rt)
1199                 rt->rt6i_expires = jiffies + (HZ * lifetime);
1200
1201         if (ra_msg->icmph.icmp6_hop_limit) {
1202                 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1203                 if (rt)
1204                         rt->u.dst.metrics[RTAX_HOPLIMIT-1] = ra_msg->icmph.icmp6_hop_limit;
1205         }
1206
1207 skip_defrtr:
1208
1209         /*
1210          *      Update Reachable Time and Retrans Timer
1211          */
1212
1213         if (in6_dev->nd_parms) {
1214                 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1215
1216                 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1217                         rtime = (rtime*HZ)/1000;
1218                         if (rtime < HZ/10)
1219                                 rtime = HZ/10;
1220                         in6_dev->nd_parms->retrans_time = rtime;
1221                         in6_dev->tstamp = jiffies;
1222                         inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1223                 }
1224
1225                 rtime = ntohl(ra_msg->reachable_time);
1226                 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1227                         rtime = (rtime*HZ)/1000;
1228
1229                         if (rtime < HZ/10)
1230                                 rtime = HZ/10;
1231
1232                         if (rtime != in6_dev->nd_parms->base_reachable_time) {
1233                                 in6_dev->nd_parms->base_reachable_time = rtime;
1234                                 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1235                                 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1236                                 in6_dev->tstamp = jiffies;
1237                                 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1238                         }
1239                 }
1240         }
1241
1242 skip_linkparms:
1243
1244         /*
1245          *      Process options.
1246          */
1247
1248         if (!neigh)
1249                 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1250                                        skb->dev, 1);
1251         if (neigh) {
1252                 u8 *lladdr = NULL;
1253                 if (ndopts.nd_opts_src_lladdr) {
1254                         lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1255                                                      skb->dev);
1256                         if (!lladdr) {
1257                                 ND_PRINTK2(KERN_WARNING
1258                                            "ICMPv6 RA: invalid link-layer address length\n");
1259                                 goto out;
1260                         }
1261                 }
1262                 neigh_update(neigh, lladdr, NUD_STALE,
1263                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
1264                              NEIGH_UPDATE_F_OVERRIDE|
1265                              NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1266                              NEIGH_UPDATE_F_ISROUTER);
1267         }
1268
1269 #ifdef CONFIG_IPV6_ROUTE_INFO
1270         if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1271                 struct nd_opt_hdr *p;
1272                 for (p = ndopts.nd_opts_ri;
1273                      p;
1274                      p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1275                         struct route_info *ri = (struct route_info *)p;
1276 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1277                         if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1278                             ri->prefix_len == 0)
1279                                 continue;
1280 #endif
1281                         if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1282                                 continue;
1283                         rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1284                                       &ipv6_hdr(skb)->saddr);
1285                 }
1286         }
1287 #endif
1288
1289         /* skip link-specific ndopts from interior routers */
1290         if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1291                 goto out;
1292
1293         if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1294                 struct nd_opt_hdr *p;
1295                 for (p = ndopts.nd_opts_pi;
1296                      p;
1297                      p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1298                         addrconf_prefix_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3);
1299                 }
1300         }
1301
1302         if (ndopts.nd_opts_mtu) {
1303                 __be32 n;
1304                 u32 mtu;
1305
1306                 memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1307                 mtu = ntohl(n);
1308
1309                 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1310                         ND_PRINTK2(KERN_WARNING
1311                                    "ICMPv6 RA: invalid mtu: %d\n",
1312                                    mtu);
1313                 } else if (in6_dev->cnf.mtu6 != mtu) {
1314                         in6_dev->cnf.mtu6 = mtu;
1315
1316                         if (rt)
1317                                 rt->u.dst.metrics[RTAX_MTU-1] = mtu;
1318
1319                         rt6_mtu_change(skb->dev, mtu);
1320                 }
1321         }
1322
1323         if (ndopts.nd_useropts) {
1324                 struct nd_opt_hdr *p;
1325                 for (p = ndopts.nd_useropts;
1326                      p;
1327                      p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1328                         ndisc_ra_useropt(skb, p);
1329                 }
1330         }
1331
1332         if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1333                 ND_PRINTK2(KERN_WARNING
1334                            "ICMPv6 RA: invalid RA options");
1335         }
1336 out:
1337         if (rt)
1338                 dst_release(&rt->u.dst);
1339         else if (neigh)
1340                 neigh_release(neigh);
1341         in6_dev_put(in6_dev);
1342 }
1343
1344 static void ndisc_redirect_rcv(struct sk_buff *skb)
1345 {
1346         struct inet6_dev *in6_dev;
1347         struct icmp6hdr *icmph;
1348         struct in6_addr *dest;
1349         struct in6_addr *target;        /* new first hop to destination */
1350         struct neighbour *neigh;
1351         int on_link = 0;
1352         struct ndisc_options ndopts;
1353         int optlen;
1354         u8 *lladdr = NULL;
1355
1356         switch (skb->ndisc_nodetype) {
1357         case NDISC_NODETYPE_HOST:
1358         case NDISC_NODETYPE_NODEFAULT:
1359                 ND_PRINTK2(KERN_WARNING
1360                            "ICMPv6 Redirect: from host or unauthorized router\n");
1361                 return;
1362         }
1363
1364         if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1365                 ND_PRINTK2(KERN_WARNING
1366                            "ICMPv6 Redirect: source address is not link-local.\n");
1367                 return;
1368         }
1369
1370         optlen = skb->tail - skb->transport_header;
1371         optlen -= sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1372
1373         if (optlen < 0) {
1374                 ND_PRINTK2(KERN_WARNING
1375                            "ICMPv6 Redirect: packet too short\n");
1376                 return;
1377         }
1378
1379         icmph = icmp6_hdr(skb);
1380         target = (struct in6_addr *) (icmph + 1);
1381         dest = target + 1;
1382
1383         if (ipv6_addr_is_multicast(dest)) {
1384                 ND_PRINTK2(KERN_WARNING
1385                            "ICMPv6 Redirect: destination address is multicast.\n");
1386                 return;
1387         }
1388
1389         if (ipv6_addr_equal(dest, target)) {
1390                 on_link = 1;
1391         } else if (ipv6_addr_type(target) !=
1392                    (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1393                 ND_PRINTK2(KERN_WARNING
1394                            "ICMPv6 Redirect: target address is not link-local unicast.\n");
1395                 return;
1396         }
1397
1398         in6_dev = in6_dev_get(skb->dev);
1399         if (!in6_dev)
1400                 return;
1401         if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) {
1402                 in6_dev_put(in6_dev);
1403                 return;
1404         }
1405
1406         /* RFC2461 8.1:
1407          *      The IP source address of the Redirect MUST be the same as the current
1408          *      first-hop router for the specified ICMP Destination Address.
1409          */
1410
1411         if (!ndisc_parse_options((u8*)(dest + 1), optlen, &ndopts)) {
1412                 ND_PRINTK2(KERN_WARNING
1413                            "ICMPv6 Redirect: invalid ND options\n");
1414                 in6_dev_put(in6_dev);
1415                 return;
1416         }
1417         if (ndopts.nd_opts_tgt_lladdr) {
1418                 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
1419                                              skb->dev);
1420                 if (!lladdr) {
1421                         ND_PRINTK2(KERN_WARNING
1422                                    "ICMPv6 Redirect: invalid link-layer address length\n");
1423                         in6_dev_put(in6_dev);
1424                         return;
1425                 }
1426         }
1427
1428         neigh = __neigh_lookup(&nd_tbl, target, skb->dev, 1);
1429         if (neigh) {
1430                 rt6_redirect(dest, &ipv6_hdr(skb)->daddr,
1431                              &ipv6_hdr(skb)->saddr, neigh, lladdr,
1432                              on_link);
1433                 neigh_release(neigh);
1434         }
1435         in6_dev_put(in6_dev);
1436 }
1437
1438 void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh,
1439                          struct in6_addr *target)
1440 {
1441         struct net_device *dev = skb->dev;
1442         struct net *net = dev_net(dev);
1443         struct sock *sk = net->ipv6.ndisc_sk;
1444         int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1445         struct sk_buff *buff;
1446         struct icmp6hdr *icmph;
1447         struct in6_addr saddr_buf;
1448         struct in6_addr *addrp;
1449         struct rt6_info *rt;
1450         struct dst_entry *dst;
1451         struct inet6_dev *idev;
1452         struct flowi fl;
1453         u8 *opt;
1454         int rd_len;
1455         int err;
1456         u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1457
1458         if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1459                 ND_PRINTK2(KERN_WARNING
1460                            "ICMPv6 Redirect: no link-local address on %s\n",
1461                            dev->name);
1462                 return;
1463         }
1464
1465         if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1466             ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1467                 ND_PRINTK2(KERN_WARNING
1468                         "ICMPv6 Redirect: target address is not link-local unicast.\n");
1469                 return;
1470         }
1471
1472         icmpv6_flow_init(sk, &fl, NDISC_REDIRECT,
1473                          &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1474
1475         dst = ip6_route_output(net, NULL, &fl);
1476         if (dst == NULL)
1477                 return;
1478
1479         err = xfrm_lookup(&dst, &fl, NULL, 0);
1480         if (err)
1481                 return;
1482
1483         rt = (struct rt6_info *) dst;
1484
1485         if (rt->rt6i_flags & RTF_GATEWAY) {
1486                 ND_PRINTK2(KERN_WARNING
1487                            "ICMPv6 Redirect: destination is not a neighbour.\n");
1488                 dst_release(dst);
1489                 return;
1490         }
1491         if (!xrlim_allow(dst, 1*HZ)) {
1492                 dst_release(dst);
1493                 return;
1494         }
1495
1496         if (dev->addr_len) {
1497                 read_lock_bh(&neigh->lock);
1498                 if (neigh->nud_state & NUD_VALID) {
1499                         memcpy(ha_buf, neigh->ha, dev->addr_len);
1500                         read_unlock_bh(&neigh->lock);
1501                         ha = ha_buf;
1502                         len += ndisc_opt_addr_space(dev);
1503                 } else
1504                         read_unlock_bh(&neigh->lock);
1505         }
1506
1507         rd_len = min_t(unsigned int,
1508                      IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1509         rd_len &= ~0x7;
1510         len += rd_len;
1511
1512         buff = sock_alloc_send_skb(sk,
1513                                    (MAX_HEADER + sizeof(struct ipv6hdr) +
1514                                     len + LL_RESERVED_SPACE(dev)),
1515                                    1, &err);
1516         if (buff == NULL) {
1517                 ND_PRINTK0(KERN_ERR
1518                            "ICMPv6 Redirect: %s() failed to allocate an skb.\n",
1519                            __func__);
1520                 dst_release(dst);
1521                 return;
1522         }
1523
1524         skb_reserve(buff, LL_RESERVED_SPACE(dev));
1525         ip6_nd_hdr(sk, buff, dev, &saddr_buf, &ipv6_hdr(skb)->saddr,
1526                    IPPROTO_ICMPV6, len);
1527
1528         skb_set_transport_header(buff, skb_tail_pointer(buff) - buff->data);
1529         skb_put(buff, len);
1530         icmph = icmp6_hdr(buff);
1531
1532         memset(icmph, 0, sizeof(struct icmp6hdr));
1533         icmph->icmp6_type = NDISC_REDIRECT;
1534
1535         /*
1536          *      copy target and destination addresses
1537          */
1538
1539         addrp = (struct in6_addr *)(icmph + 1);
1540         ipv6_addr_copy(addrp, target);
1541         addrp++;
1542         ipv6_addr_copy(addrp, &ipv6_hdr(skb)->daddr);
1543
1544         opt = (u8*) (addrp + 1);
1545
1546         /*
1547          *      include target_address option
1548          */
1549
1550         if (ha)
1551                 opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1552                                              dev->addr_len, dev->type);
1553
1554         /*
1555          *      build redirect option and copy skb over to the new packet.
1556          */
1557
1558         memset(opt, 0, 8);
1559         *(opt++) = ND_OPT_REDIRECT_HDR;
1560         *(opt++) = (rd_len >> 3);
1561         opt += 6;
1562
1563         memcpy(opt, ipv6_hdr(skb), rd_len - 8);
1564
1565         icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &ipv6_hdr(skb)->saddr,
1566                                              len, IPPROTO_ICMPV6,
1567                                              csum_partial((u8 *) icmph, len, 0));
1568
1569         buff->dst = dst;
1570         idev = in6_dev_get(dst->dev);
1571         IP6_INC_STATS(idev, IPSTATS_MIB_OUTREQUESTS);
1572         err = NF_HOOK(PF_INET6, NF_INET_LOCAL_OUT, buff, NULL, dst->dev,
1573                       dst_output);
1574         if (!err) {
1575                 ICMP6MSGOUT_INC_STATS(idev, NDISC_REDIRECT);
1576                 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
1577         }
1578
1579         if (likely(idev != NULL))
1580                 in6_dev_put(idev);
1581 }
1582
1583 static void pndisc_redo(struct sk_buff *skb)
1584 {
1585         ndisc_recv_ns(skb);
1586         kfree_skb(skb);
1587 }
1588
1589 int ndisc_rcv(struct sk_buff *skb)
1590 {
1591         struct nd_msg *msg;
1592
1593         if (!pskb_may_pull(skb, skb->len))
1594                 return 0;
1595
1596         msg = (struct nd_msg *)skb_transport_header(skb);
1597
1598         __skb_push(skb, skb->data - skb_transport_header(skb));
1599
1600         if (ipv6_hdr(skb)->hop_limit != 255) {
1601                 ND_PRINTK2(KERN_WARNING
1602                            "ICMPv6 NDISC: invalid hop-limit: %d\n",
1603                            ipv6_hdr(skb)->hop_limit);
1604                 return 0;
1605         }
1606
1607         if (msg->icmph.icmp6_code != 0) {
1608                 ND_PRINTK2(KERN_WARNING
1609                            "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1610                            msg->icmph.icmp6_code);
1611                 return 0;
1612         }
1613
1614         memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1615
1616         switch (msg->icmph.icmp6_type) {
1617         case NDISC_NEIGHBOUR_SOLICITATION:
1618                 ndisc_recv_ns(skb);
1619                 break;
1620
1621         case NDISC_NEIGHBOUR_ADVERTISEMENT:
1622                 ndisc_recv_na(skb);
1623                 break;
1624
1625         case NDISC_ROUTER_SOLICITATION:
1626                 ndisc_recv_rs(skb);
1627                 break;
1628
1629         case NDISC_ROUTER_ADVERTISEMENT:
1630                 ndisc_router_discovery(skb);
1631                 break;
1632
1633         case NDISC_REDIRECT:
1634                 ndisc_redirect_rcv(skb);
1635                 break;
1636         }
1637
1638         return 0;
1639 }
1640
1641 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1642 {
1643         struct net_device *dev = ptr;
1644         struct net *net = dev_net(dev);
1645
1646         switch (event) {
1647         case NETDEV_CHANGEADDR:
1648                 neigh_changeaddr(&nd_tbl, dev);
1649                 fib6_run_gc(~0UL, net);
1650                 break;
1651         case NETDEV_DOWN:
1652                 neigh_ifdown(&nd_tbl, dev);
1653                 fib6_run_gc(~0UL, net);
1654                 break;
1655         default:
1656                 break;
1657         }
1658
1659         return NOTIFY_DONE;
1660 }
1661
1662 static struct notifier_block ndisc_netdev_notifier = {
1663         .notifier_call = ndisc_netdev_event,
1664 };
1665
1666 #ifdef CONFIG_SYSCTL
1667 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1668                                          const char *func, const char *dev_name)
1669 {
1670         static char warncomm[TASK_COMM_LEN];
1671         static int warned;
1672         if (strcmp(warncomm, current->comm) && warned < 5) {
1673                 strcpy(warncomm, current->comm);
1674                 printk(KERN_WARNING
1675                         "process `%s' is using deprecated sysctl (%s) "
1676                         "net.ipv6.neigh.%s.%s; "
1677                         "Use net.ipv6.neigh.%s.%s_ms "
1678                         "instead.\n",
1679                         warncomm, func,
1680                         dev_name, ctl->procname,
1681                         dev_name, ctl->procname);
1682                 warned++;
1683         }
1684 }
1685
1686 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, struct file * filp, void __user *buffer, size_t *lenp, loff_t *ppos)
1687 {
1688         struct net_device *dev = ctl->extra1;
1689         struct inet6_dev *idev;
1690         int ret;
1691
1692         if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1693             (strcmp(ctl->procname, "base_reachable_time") == 0))
1694                 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1695
1696         if (strcmp(ctl->procname, "retrans_time") == 0)
1697                 ret = proc_dointvec(ctl, write, filp, buffer, lenp, ppos);
1698
1699         else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1700                 ret = proc_dointvec_jiffies(ctl, write,
1701                                             filp, buffer, lenp, ppos);
1702
1703         else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1704                  (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1705                 ret = proc_dointvec_ms_jiffies(ctl, write,
1706                                                filp, buffer, lenp, ppos);
1707         else
1708                 ret = -1;
1709
1710         if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1711                 if (ctl->data == &idev->nd_parms->base_reachable_time)
1712                         idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1713                 idev->tstamp = jiffies;
1714                 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1715                 in6_dev_put(idev);
1716         }
1717         return ret;
1718 }
1719
1720 static int ndisc_ifinfo_sysctl_strategy(ctl_table *ctl, int __user *name,
1721                                         int nlen, void __user *oldval,
1722                                         size_t __user *oldlenp,
1723                                         void __user *newval, size_t newlen)
1724 {
1725         struct net_device *dev = ctl->extra1;
1726         struct inet6_dev *idev;
1727         int ret;
1728
1729         if (ctl->ctl_name == NET_NEIGH_RETRANS_TIME ||
1730             ctl->ctl_name == NET_NEIGH_REACHABLE_TIME)
1731                 ndisc_warn_deprecated_sysctl(ctl, "procfs", dev ? dev->name : "default");
1732
1733         switch (ctl->ctl_name) {
1734         case NET_NEIGH_REACHABLE_TIME:
1735                 ret = sysctl_jiffies(ctl, name, nlen,
1736                                      oldval, oldlenp, newval, newlen);
1737                 break;
1738         case NET_NEIGH_RETRANS_TIME_MS:
1739         case NET_NEIGH_REACHABLE_TIME_MS:
1740                  ret = sysctl_ms_jiffies(ctl, name, nlen,
1741                                          oldval, oldlenp, newval, newlen);
1742                  break;
1743         default:
1744                 ret = 0;
1745         }
1746
1747         if (newval && newlen && ret > 0 &&
1748             dev && (idev = in6_dev_get(dev)) != NULL) {
1749                 if (ctl->ctl_name == NET_NEIGH_REACHABLE_TIME ||
1750                     ctl->ctl_name == NET_NEIGH_REACHABLE_TIME_MS)
1751                         idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1752                 idev->tstamp = jiffies;
1753                 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1754                 in6_dev_put(idev);
1755         }
1756
1757         return ret;
1758 }
1759
1760 #endif
1761
1762 static int ndisc_net_init(struct net *net)
1763 {
1764         struct socket *sock;
1765         struct ipv6_pinfo *np;
1766         struct sock *sk;
1767         int err;
1768
1769         err = sock_create_kern(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6, &sock);
1770         if (err < 0) {
1771                 ND_PRINTK0(KERN_ERR
1772                            "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1773                            err);
1774                 return err;
1775         }
1776
1777         net->ipv6.ndisc_sk = sk = sock->sk;
1778         sk_change_net(sk, net);
1779
1780         np = inet6_sk(sk);
1781         sk->sk_allocation = GFP_ATOMIC;
1782         np->hop_limit = 255;
1783         /* Do not loopback ndisc messages */
1784         np->mc_loop = 0;
1785         sk->sk_prot->unhash(sk);
1786
1787         return 0;
1788 }
1789
1790 static void ndisc_net_exit(struct net *net)
1791 {
1792         sk_release_kernel(net->ipv6.ndisc_sk);
1793 }
1794
1795 static struct pernet_operations ndisc_net_ops = {
1796         .init = ndisc_net_init,
1797         .exit = ndisc_net_exit,
1798 };
1799
1800 int __init ndisc_init(void)
1801 {
1802         int err;
1803
1804         err = register_pernet_subsys(&ndisc_net_ops);
1805         if (err)
1806                 return err;
1807         /*
1808          * Initialize the neighbour table
1809          */
1810         neigh_table_init(&nd_tbl);
1811
1812 #ifdef CONFIG_SYSCTL
1813         err = neigh_sysctl_register(NULL, &nd_tbl.parms, NET_IPV6,
1814                                     NET_IPV6_NEIGH, "ipv6",
1815                                     &ndisc_ifinfo_sysctl_change,
1816                                     &ndisc_ifinfo_sysctl_strategy);
1817         if (err)
1818                 goto out_unregister_pernet;
1819 #endif
1820         err = register_netdevice_notifier(&ndisc_netdev_notifier);
1821         if (err)
1822                 goto out_unregister_sysctl;
1823 out:
1824         return err;
1825
1826 out_unregister_sysctl:
1827 #ifdef CONFIG_SYSCTL
1828         neigh_sysctl_unregister(&nd_tbl.parms);
1829 out_unregister_pernet:
1830 #endif
1831         unregister_pernet_subsys(&ndisc_net_ops);
1832         goto out;
1833 }
1834
1835 void ndisc_cleanup(void)
1836 {
1837         unregister_netdevice_notifier(&ndisc_netdev_notifier);
1838 #ifdef CONFIG_SYSCTL
1839         neigh_sysctl_unregister(&nd_tbl.parms);
1840 #endif
1841         neigh_table_clear(&nd_tbl);
1842         unregister_pernet_subsys(&ndisc_net_ops);
1843 }