2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Pierre Ynard : export userland ND options
19 * through netlink (RDNSS support)
20 * Lars Fenneberg : fixed MTU setting on receipt
22 * Janos Farkas : kmalloc failure checks
23 * Alexey Kuznetsov : state machine reworked
24 * and moved to net/core.
25 * Pekka Savola : RFC2461 validation
26 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
29 /* Set to 3 to get tracing... */
32 #define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
33 #define ND_NOPRINTK(x...) do { ; } while(0)
34 #define ND_PRINTK0 ND_PRINTK
35 #define ND_PRINTK1 ND_NOPRINTK
36 #define ND_PRINTK2 ND_NOPRINTK
37 #define ND_PRINTK3 ND_NOPRINTK
40 #define ND_PRINTK1 ND_PRINTK
44 #define ND_PRINTK2 ND_PRINTK
48 #define ND_PRINTK3 ND_PRINTK
51 #include <linux/module.h>
52 #include <linux/errno.h>
53 #include <linux/types.h>
54 #include <linux/socket.h>
55 #include <linux/sockios.h>
56 #include <linux/sched.h>
57 #include <linux/net.h>
58 #include <linux/in6.h>
59 #include <linux/route.h>
60 #include <linux/init.h>
61 #include <linux/rcupdate.h>
63 #include <linux/sysctl.h>
66 #include <linux/if_addr.h>
67 #include <linux/if_arp.h>
68 #include <linux/ipv6.h>
69 #include <linux/icmpv6.h>
70 #include <linux/jhash.h>
76 #include <net/protocol.h>
77 #include <net/ndisc.h>
78 #include <net/ip6_route.h>
79 #include <net/addrconf.h>
82 #include <net/netlink.h>
83 #include <linux/rtnetlink.h>
86 #include <net/ip6_checksum.h>
87 #include <linux/proc_fs.h>
89 #include <linux/netfilter.h>
90 #include <linux/netfilter_ipv6.h>
92 static u32
ndisc_hash(const void *pkey
, const struct net_device
*dev
);
93 static int ndisc_constructor(struct neighbour
*neigh
);
94 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
);
95 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
);
96 static int pndisc_constructor(struct pneigh_entry
*n
);
97 static void pndisc_destructor(struct pneigh_entry
*n
);
98 static void pndisc_redo(struct sk_buff
*skb
);
100 static struct neigh_ops ndisc_generic_ops
= {
102 .solicit
= ndisc_solicit
,
103 .error_report
= ndisc_error_report
,
104 .output
= neigh_resolve_output
,
105 .connected_output
= neigh_connected_output
,
106 .hh_output
= dev_queue_xmit
,
107 .queue_xmit
= dev_queue_xmit
,
110 static struct neigh_ops ndisc_hh_ops
= {
112 .solicit
= ndisc_solicit
,
113 .error_report
= ndisc_error_report
,
114 .output
= neigh_resolve_output
,
115 .connected_output
= neigh_resolve_output
,
116 .hh_output
= dev_queue_xmit
,
117 .queue_xmit
= dev_queue_xmit
,
121 static struct neigh_ops ndisc_direct_ops
= {
123 .output
= dev_queue_xmit
,
124 .connected_output
= dev_queue_xmit
,
125 .hh_output
= dev_queue_xmit
,
126 .queue_xmit
= dev_queue_xmit
,
129 struct neigh_table nd_tbl
= {
131 .entry_size
= sizeof(struct neighbour
) + sizeof(struct in6_addr
),
132 .key_len
= sizeof(struct in6_addr
),
134 .constructor
= ndisc_constructor
,
135 .pconstructor
= pndisc_constructor
,
136 .pdestructor
= pndisc_destructor
,
137 .proxy_redo
= pndisc_redo
,
141 .base_reachable_time
= 30 * HZ
,
142 .retrans_time
= 1 * HZ
,
143 .gc_staletime
= 60 * HZ
,
144 .reachable_time
= 30 * HZ
,
145 .delay_probe_time
= 5 * HZ
,
149 .anycast_delay
= 1 * HZ
,
150 .proxy_delay
= (8 * HZ
) / 10,
153 .gc_interval
= 30 * HZ
,
160 struct ndisc_options
{
161 struct nd_opt_hdr
*nd_opt_array
[__ND_OPT_ARRAY_MAX
];
162 #ifdef CONFIG_IPV6_ROUTE_INFO
163 struct nd_opt_hdr
*nd_opts_ri
;
164 struct nd_opt_hdr
*nd_opts_ri_end
;
166 struct nd_opt_hdr
*nd_useropts
;
167 struct nd_opt_hdr
*nd_useropts_end
;
170 #define nd_opts_src_lladdr nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
171 #define nd_opts_tgt_lladdr nd_opt_array[ND_OPT_TARGET_LL_ADDR]
172 #define nd_opts_pi nd_opt_array[ND_OPT_PREFIX_INFO]
173 #define nd_opts_pi_end nd_opt_array[__ND_OPT_PREFIX_INFO_END]
174 #define nd_opts_rh nd_opt_array[ND_OPT_REDIRECT_HDR]
175 #define nd_opts_mtu nd_opt_array[ND_OPT_MTU]
177 #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
180 * Return the padding between the option length and the start of the
181 * link addr. Currently only IP-over-InfiniBand needs this, although
182 * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
183 * also need a pad of 2.
185 static int ndisc_addr_option_pad(unsigned short type
)
188 case ARPHRD_INFINIBAND
: return 2;
193 static inline int ndisc_opt_addr_space(struct net_device
*dev
)
195 return NDISC_OPT_SPACE(dev
->addr_len
+ ndisc_addr_option_pad(dev
->type
));
198 static u8
*ndisc_fill_addr_option(u8
*opt
, int type
, void *data
, int data_len
,
199 unsigned short addr_type
)
201 int space
= NDISC_OPT_SPACE(data_len
);
202 int pad
= ndisc_addr_option_pad(addr_type
);
207 memset(opt
+ 2, 0, pad
);
211 memcpy(opt
+2, data
, data_len
);
214 if ((space
-= data_len
) > 0)
215 memset(opt
, 0, space
);
219 static struct nd_opt_hdr
*ndisc_next_option(struct nd_opt_hdr
*cur
,
220 struct nd_opt_hdr
*end
)
223 if (!cur
|| !end
|| cur
>= end
)
225 type
= cur
->nd_opt_type
;
227 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
228 } while(cur
< end
&& cur
->nd_opt_type
!= type
);
229 return (cur
<= end
&& cur
->nd_opt_type
== type
? cur
: NULL
);
232 static inline int ndisc_is_useropt(struct nd_opt_hdr
*opt
)
234 return (opt
->nd_opt_type
== ND_OPT_RDNSS
);
237 static struct nd_opt_hdr
*ndisc_next_useropt(struct nd_opt_hdr
*cur
,
238 struct nd_opt_hdr
*end
)
240 if (!cur
|| !end
|| cur
>= end
)
243 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
244 } while(cur
< end
&& !ndisc_is_useropt(cur
));
245 return (cur
<= end
&& ndisc_is_useropt(cur
) ? cur
: NULL
);
248 static struct ndisc_options
*ndisc_parse_options(u8
*opt
, int opt_len
,
249 struct ndisc_options
*ndopts
)
251 struct nd_opt_hdr
*nd_opt
= (struct nd_opt_hdr
*)opt
;
253 if (!nd_opt
|| opt_len
< 0 || !ndopts
)
255 memset(ndopts
, 0, sizeof(*ndopts
));
258 if (opt_len
< sizeof(struct nd_opt_hdr
))
260 l
= nd_opt
->nd_opt_len
<< 3;
261 if (opt_len
< l
|| l
== 0)
263 switch (nd_opt
->nd_opt_type
) {
264 case ND_OPT_SOURCE_LL_ADDR
:
265 case ND_OPT_TARGET_LL_ADDR
:
267 case ND_OPT_REDIRECT_HDR
:
268 if (ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
]) {
269 ND_PRINTK2(KERN_WARNING
270 "%s(): duplicated ND6 option found: type=%d\n",
272 nd_opt
->nd_opt_type
);
274 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
277 case ND_OPT_PREFIX_INFO
:
278 ndopts
->nd_opts_pi_end
= nd_opt
;
279 if (!ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
])
280 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
282 #ifdef CONFIG_IPV6_ROUTE_INFO
283 case ND_OPT_ROUTE_INFO
:
284 ndopts
->nd_opts_ri_end
= nd_opt
;
285 if (!ndopts
->nd_opts_ri
)
286 ndopts
->nd_opts_ri
= nd_opt
;
290 if (ndisc_is_useropt(nd_opt
)) {
291 ndopts
->nd_useropts_end
= nd_opt
;
292 if (!ndopts
->nd_useropts
)
293 ndopts
->nd_useropts
= nd_opt
;
296 * Unknown options must be silently ignored,
297 * to accommodate future extension to the
300 ND_PRINTK2(KERN_NOTICE
301 "%s(): ignored unsupported option; type=%d, len=%d\n",
303 nd_opt
->nd_opt_type
, nd_opt
->nd_opt_len
);
307 nd_opt
= ((void *)nd_opt
) + l
;
312 static inline u8
*ndisc_opt_addr_data(struct nd_opt_hdr
*p
,
313 struct net_device
*dev
)
315 u8
*lladdr
= (u8
*)(p
+ 1);
316 int lladdrlen
= p
->nd_opt_len
<< 3;
317 int prepad
= ndisc_addr_option_pad(dev
->type
);
318 if (lladdrlen
!= NDISC_OPT_SPACE(dev
->addr_len
+ prepad
))
320 return (lladdr
+ prepad
);
323 int ndisc_mc_map(struct in6_addr
*addr
, char *buf
, struct net_device
*dev
, int dir
)
327 case ARPHRD_IEEE802
: /* Not sure. Check it later. --ANK */
329 ipv6_eth_mc_map(addr
, buf
);
331 case ARPHRD_IEEE802_TR
:
332 ipv6_tr_mc_map(addr
,buf
);
335 ipv6_arcnet_mc_map(addr
, buf
);
337 case ARPHRD_INFINIBAND
:
338 ipv6_ib_mc_map(addr
, dev
->broadcast
, buf
);
342 memcpy(buf
, dev
->broadcast
, dev
->addr_len
);
349 EXPORT_SYMBOL(ndisc_mc_map
);
351 static u32
ndisc_hash(const void *pkey
, const struct net_device
*dev
)
353 const u32
*p32
= pkey
;
357 for (i
= 0; i
< (sizeof(struct in6_addr
) / sizeof(u32
)); i
++)
360 return jhash_2words(addr_hash
, dev
->ifindex
, nd_tbl
.hash_rnd
);
363 static int ndisc_constructor(struct neighbour
*neigh
)
365 struct in6_addr
*addr
= (struct in6_addr
*)&neigh
->primary_key
;
366 struct net_device
*dev
= neigh
->dev
;
367 struct inet6_dev
*in6_dev
;
368 struct neigh_parms
*parms
;
369 int is_multicast
= ipv6_addr_is_multicast(addr
);
372 in6_dev
= in6_dev_get(dev
);
373 if (in6_dev
== NULL
) {
378 parms
= in6_dev
->nd_parms
;
379 __neigh_parms_put(neigh
->parms
);
380 neigh
->parms
= neigh_parms_clone(parms
);
383 neigh
->type
= is_multicast
? RTN_MULTICAST
: RTN_UNICAST
;
384 if (!dev
->header_ops
) {
385 neigh
->nud_state
= NUD_NOARP
;
386 neigh
->ops
= &ndisc_direct_ops
;
387 neigh
->output
= neigh
->ops
->queue_xmit
;
390 neigh
->nud_state
= NUD_NOARP
;
391 ndisc_mc_map(addr
, neigh
->ha
, dev
, 1);
392 } else if (dev
->flags
&(IFF_NOARP
|IFF_LOOPBACK
)) {
393 neigh
->nud_state
= NUD_NOARP
;
394 memcpy(neigh
->ha
, dev
->dev_addr
, dev
->addr_len
);
395 if (dev
->flags
&IFF_LOOPBACK
)
396 neigh
->type
= RTN_LOCAL
;
397 } else if (dev
->flags
&IFF_POINTOPOINT
) {
398 neigh
->nud_state
= NUD_NOARP
;
399 memcpy(neigh
->ha
, dev
->broadcast
, dev
->addr_len
);
401 if (dev
->header_ops
->cache
)
402 neigh
->ops
= &ndisc_hh_ops
;
404 neigh
->ops
= &ndisc_generic_ops
;
405 if (neigh
->nud_state
&NUD_VALID
)
406 neigh
->output
= neigh
->ops
->connected_output
;
408 neigh
->output
= neigh
->ops
->output
;
410 in6_dev_put(in6_dev
);
414 static int pndisc_constructor(struct pneigh_entry
*n
)
416 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
417 struct in6_addr maddr
;
418 struct net_device
*dev
= n
->dev
;
420 if (dev
== NULL
|| __in6_dev_get(dev
) == NULL
)
422 addrconf_addr_solict_mult(addr
, &maddr
);
423 ipv6_dev_mc_inc(dev
, &maddr
);
427 static void pndisc_destructor(struct pneigh_entry
*n
)
429 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
430 struct in6_addr maddr
;
431 struct net_device
*dev
= n
->dev
;
433 if (dev
== NULL
|| __in6_dev_get(dev
) == NULL
)
435 addrconf_addr_solict_mult(addr
, &maddr
);
436 ipv6_dev_mc_dec(dev
, &maddr
);
440 * Send a Neighbour Advertisement
442 static void __ndisc_send(struct net_device
*dev
,
443 struct neighbour
*neigh
,
444 struct in6_addr
*daddr
, struct in6_addr
*saddr
,
445 struct icmp6hdr
*icmp6h
, struct in6_addr
*target
,
449 struct dst_entry
*dst
;
450 struct net
*net
= dev_net(dev
);
451 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
453 struct icmp6hdr
*hdr
;
454 struct inet6_dev
*idev
;
459 type
= icmp6h
->icmp6_type
;
461 icmpv6_flow_init(sk
, &fl
, type
, saddr
, daddr
, dev
->ifindex
);
463 dst
= icmp6_dst_alloc(dev
, neigh
, daddr
);
467 err
= xfrm_lookup(&dst
, &fl
, NULL
, 0);
474 len
= sizeof(struct icmp6hdr
) + (target
? sizeof(*target
) : 0);
476 len
+= ndisc_opt_addr_space(dev
);
478 skb
= sock_alloc_send_skb(sk
,
479 (MAX_HEADER
+ sizeof(struct ipv6hdr
) +
480 len
+ LL_RESERVED_SPACE(dev
)),
484 "ICMPv6 ND: %s() failed to allocate an skb.\n",
490 skb_reserve(skb
, LL_RESERVED_SPACE(dev
));
491 ip6_nd_hdr(sk
, skb
, dev
, saddr
, daddr
, IPPROTO_ICMPV6
, len
);
493 skb
->transport_header
= skb
->tail
;
496 hdr
= (struct icmp6hdr
*)skb_transport_header(skb
);
497 memcpy(hdr
, icmp6h
, sizeof(*hdr
));
499 opt
= skb_transport_header(skb
) + sizeof(struct icmp6hdr
);
501 ipv6_addr_copy((struct in6_addr
*)opt
, target
);
502 opt
+= sizeof(*target
);
506 ndisc_fill_addr_option(opt
, llinfo
, dev
->dev_addr
,
507 dev
->addr_len
, dev
->type
);
509 hdr
->icmp6_cksum
= csum_ipv6_magic(saddr
, daddr
, len
,
511 csum_partial((__u8
*) hdr
,
516 idev
= in6_dev_get(dst
->dev
);
517 IP6_INC_STATS(idev
, IPSTATS_MIB_OUTREQUESTS
);
519 err
= NF_HOOK(PF_INET6
, NF_INET_LOCAL_OUT
, skb
, NULL
, dst
->dev
,
522 ICMP6MSGOUT_INC_STATS(idev
, type
);
523 ICMP6_INC_STATS(idev
, ICMP6_MIB_OUTMSGS
);
526 if (likely(idev
!= NULL
))
530 static void ndisc_send_na(struct net_device
*dev
, struct neighbour
*neigh
,
531 struct in6_addr
*daddr
, struct in6_addr
*solicited_addr
,
532 int router
, int solicited
, int override
, int inc_opt
)
534 struct in6_addr tmpaddr
;
535 struct inet6_ifaddr
*ifp
;
536 struct in6_addr
*src_addr
;
537 struct icmp6hdr icmp6h
= {
538 .icmp6_type
= NDISC_NEIGHBOUR_ADVERTISEMENT
,
541 /* for anycast or proxy, solicited_addr != src_addr */
542 ifp
= ipv6_get_ifaddr(dev_net(dev
), solicited_addr
, dev
, 1);
544 src_addr
= solicited_addr
;
545 if (ifp
->flags
& IFA_F_OPTIMISTIC
)
549 if (ipv6_dev_get_saddr(dev
, daddr
,
550 inet6_sk(dev_net(dev
)->ipv6
.ndisc_sk
)->srcprefs
,
556 icmp6h
.icmp6_router
= router
;
557 icmp6h
.icmp6_solicited
= solicited
;
558 icmp6h
.icmp6_override
= override
;
560 __ndisc_send(dev
, neigh
, daddr
, src_addr
,
561 &icmp6h
, solicited_addr
,
562 inc_opt
? ND_OPT_TARGET_LL_ADDR
: 0);
565 void ndisc_send_ns(struct net_device
*dev
, struct neighbour
*neigh
,
566 struct in6_addr
*solicit
,
567 struct in6_addr
*daddr
, struct in6_addr
*saddr
)
569 struct in6_addr addr_buf
;
570 struct icmp6hdr icmp6h
= {
571 .icmp6_type
= NDISC_NEIGHBOUR_SOLICITATION
,
575 if (ipv6_get_lladdr(dev
, &addr_buf
,
576 (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)))
581 __ndisc_send(dev
, neigh
, daddr
, saddr
,
583 !ipv6_addr_any(saddr
) ? ND_OPT_SOURCE_LL_ADDR
: 0);
586 void ndisc_send_rs(struct net_device
*dev
, struct in6_addr
*saddr
,
587 struct in6_addr
*daddr
)
589 struct icmp6hdr icmp6h
= {
590 .icmp6_type
= NDISC_ROUTER_SOLICITATION
,
592 int send_sllao
= dev
->addr_len
;
594 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
596 * According to section 2.2 of RFC 4429, we must not
597 * send router solicitations with a sllao from
598 * optimistic addresses, but we may send the solicitation
599 * if we don't include the sllao. So here we check
600 * if our address is optimistic, and if so, we
601 * suppress the inclusion of the sllao.
604 struct inet6_ifaddr
*ifp
= ipv6_get_ifaddr(dev_net(dev
), saddr
,
607 if (ifp
->flags
& IFA_F_OPTIMISTIC
) {
616 __ndisc_send(dev
, NULL
, daddr
, saddr
,
618 send_sllao
? ND_OPT_SOURCE_LL_ADDR
: 0);
622 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
)
625 * "The sender MUST return an ICMP
626 * destination unreachable"
628 dst_link_failure(skb
);
632 /* Called with locked neigh: either read or both */
634 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
)
636 struct in6_addr
*saddr
= NULL
;
637 struct in6_addr mcaddr
;
638 struct net_device
*dev
= neigh
->dev
;
639 struct in6_addr
*target
= (struct in6_addr
*)&neigh
->primary_key
;
640 int probes
= atomic_read(&neigh
->probes
);
642 if (skb
&& ipv6_chk_addr(dev_net(dev
), &ipv6_hdr(skb
)->saddr
, dev
, 1))
643 saddr
= &ipv6_hdr(skb
)->saddr
;
645 if ((probes
-= neigh
->parms
->ucast_probes
) < 0) {
646 if (!(neigh
->nud_state
& NUD_VALID
)) {
647 ND_PRINTK1(KERN_DEBUG
648 "%s(): trying to ucast probe in NUD_INVALID: "
653 ndisc_send_ns(dev
, neigh
, target
, target
, saddr
);
654 } else if ((probes
-= neigh
->parms
->app_probes
) < 0) {
659 addrconf_addr_solict_mult(target
, &mcaddr
);
660 ndisc_send_ns(dev
, NULL
, target
, &mcaddr
, saddr
);
664 static int pndisc_is_router(const void *pkey
,
665 struct net_device
*dev
)
667 struct pneigh_entry
*n
;
670 read_lock_bh(&nd_tbl
.lock
);
671 n
= __pneigh_lookup(&nd_tbl
, dev_net(dev
), pkey
, dev
);
673 ret
= !!(n
->flags
& NTF_ROUTER
);
674 read_unlock_bh(&nd_tbl
.lock
);
679 static void ndisc_recv_ns(struct sk_buff
*skb
)
681 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
682 struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
683 struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
685 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
686 offsetof(struct nd_msg
, opt
));
687 struct ndisc_options ndopts
;
688 struct net_device
*dev
= skb
->dev
;
689 struct inet6_ifaddr
*ifp
;
690 struct inet6_dev
*idev
= NULL
;
691 struct neighbour
*neigh
;
692 int dad
= ipv6_addr_any(saddr
);
696 if (ipv6_addr_is_multicast(&msg
->target
)) {
697 ND_PRINTK2(KERN_WARNING
698 "ICMPv6 NS: multicast target address");
704 * DAD has to be destined for solicited node multicast address.
707 !(daddr
->s6_addr32
[0] == htonl(0xff020000) &&
708 daddr
->s6_addr32
[1] == htonl(0x00000000) &&
709 daddr
->s6_addr32
[2] == htonl(0x00000001) &&
710 daddr
->s6_addr
[12] == 0xff )) {
711 ND_PRINTK2(KERN_WARNING
712 "ICMPv6 NS: bad DAD packet (wrong destination)\n");
716 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
)) {
717 ND_PRINTK2(KERN_WARNING
718 "ICMPv6 NS: invalid ND options\n");
722 if (ndopts
.nd_opts_src_lladdr
) {
723 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
, dev
);
725 ND_PRINTK2(KERN_WARNING
726 "ICMPv6 NS: invalid link-layer address length\n");
731 * If the IP source address is the unspecified address,
732 * there MUST NOT be source link-layer address option
736 ND_PRINTK2(KERN_WARNING
737 "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
742 inc
= ipv6_addr_is_multicast(daddr
);
744 ifp
= ipv6_get_ifaddr(dev_net(dev
), &msg
->target
, dev
, 1);
747 if (ifp
->flags
& (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)) {
749 if (dev
->type
== ARPHRD_IEEE802_TR
) {
750 const unsigned char *sadr
;
751 sadr
= skb_mac_header(skb
);
752 if (((sadr
[8] ^ dev
->dev_addr
[0]) & 0x7f) == 0 &&
753 sadr
[9] == dev
->dev_addr
[1] &&
754 sadr
[10] == dev
->dev_addr
[2] &&
755 sadr
[11] == dev
->dev_addr
[3] &&
756 sadr
[12] == dev
->dev_addr
[4] &&
757 sadr
[13] == dev
->dev_addr
[5]) {
758 /* looped-back to us */
764 * We are colliding with another node
766 * so fail our DAD process
768 addrconf_dad_failure(ifp
);
772 * This is not a dad solicitation.
773 * If we are an optimistic node,
775 * Otherwise, we should ignore it.
777 if (!(ifp
->flags
& IFA_F_OPTIMISTIC
))
784 idev
= in6_dev_get(dev
);
786 /* XXX: count this drop? */
790 if (ipv6_chk_acast_addr(dev_net(dev
), dev
, &msg
->target
) ||
791 (idev
->cnf
.forwarding
&&
792 (ipv6_devconf
.proxy_ndp
|| idev
->cnf
.proxy_ndp
) &&
793 (is_router
= pndisc_is_router(&msg
->target
, dev
)) >= 0)) {
794 if (!(NEIGH_CB(skb
)->flags
& LOCALLY_ENQUEUED
) &&
795 skb
->pkt_type
!= PACKET_HOST
&&
797 idev
->nd_parms
->proxy_delay
!= 0) {
799 * for anycast or proxy,
800 * sender should delay its response
801 * by a random time between 0 and
802 * MAX_ANYCAST_DELAY_TIME seconds.
803 * (RFC2461) -- yoshfuji
805 struct sk_buff
*n
= skb_clone(skb
, GFP_ATOMIC
);
807 pneigh_enqueue(&nd_tbl
, idev
->nd_parms
, n
);
815 is_router
= !!idev
->cnf
.forwarding
;
818 struct in6_addr maddr
;
820 ipv6_addr_all_nodes(&maddr
);
821 ndisc_send_na(dev
, NULL
, &maddr
, &msg
->target
,
822 is_router
, 0, (ifp
!= NULL
), 1);
827 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_mcast
);
829 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_ucast
);
832 * update / create cache entry
833 * for the source address
835 neigh
= __neigh_lookup(&nd_tbl
, saddr
, dev
,
836 !inc
|| lladdr
|| !dev
->addr_len
);
838 neigh_update(neigh
, lladdr
, NUD_STALE
,
839 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
840 NEIGH_UPDATE_F_OVERRIDE
);
841 if (neigh
|| !dev
->header_ops
) {
842 ndisc_send_na(dev
, neigh
, saddr
, &msg
->target
,
844 1, (ifp
!= NULL
&& inc
), inc
);
846 neigh_release(neigh
);
858 static void ndisc_recv_na(struct sk_buff
*skb
)
860 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
861 struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
862 struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
864 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
865 offsetof(struct nd_msg
, opt
));
866 struct ndisc_options ndopts
;
867 struct net_device
*dev
= skb
->dev
;
868 struct inet6_ifaddr
*ifp
;
869 struct neighbour
*neigh
;
871 if (skb
->len
< sizeof(struct nd_msg
)) {
872 ND_PRINTK2(KERN_WARNING
873 "ICMPv6 NA: packet too short\n");
877 if (ipv6_addr_is_multicast(&msg
->target
)) {
878 ND_PRINTK2(KERN_WARNING
879 "ICMPv6 NA: target address is multicast.\n");
883 if (ipv6_addr_is_multicast(daddr
) &&
884 msg
->icmph
.icmp6_solicited
) {
885 ND_PRINTK2(KERN_WARNING
886 "ICMPv6 NA: solicited NA is multicasted.\n");
890 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
)) {
891 ND_PRINTK2(KERN_WARNING
892 "ICMPv6 NS: invalid ND option\n");
895 if (ndopts
.nd_opts_tgt_lladdr
) {
896 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_tgt_lladdr
, dev
);
898 ND_PRINTK2(KERN_WARNING
899 "ICMPv6 NA: invalid link-layer address length\n");
903 ifp
= ipv6_get_ifaddr(dev_net(dev
), &msg
->target
, dev
, 1);
905 if (ifp
->flags
& IFA_F_TENTATIVE
) {
906 addrconf_dad_failure(ifp
);
909 /* What should we make now? The advertisement
910 is invalid, but ndisc specs say nothing
911 about it. It could be misconfiguration, or
912 an smart proxy agent tries to help us :-)
914 ND_PRINTK1(KERN_WARNING
915 "ICMPv6 NA: someone advertises our address on %s!\n",
916 ifp
->idev
->dev
->name
);
920 neigh
= neigh_lookup(&nd_tbl
, &msg
->target
, dev
);
923 u8 old_flags
= neigh
->flags
;
925 if (neigh
->nud_state
& NUD_FAILED
)
929 * Don't update the neighbor cache entry on a proxy NA from
930 * ourselves because either the proxied node is off link or it
931 * has already sent a NA to us.
933 if (lladdr
&& !memcmp(lladdr
, dev
->dev_addr
, dev
->addr_len
) &&
934 ipv6_devconf
.forwarding
&& ipv6_devconf
.proxy_ndp
&&
935 pneigh_lookup(&nd_tbl
, dev_net(dev
), &msg
->target
, dev
, 0)) {
936 /* XXX: idev->cnf.prixy_ndp */
940 neigh_update(neigh
, lladdr
,
941 msg
->icmph
.icmp6_solicited
? NUD_REACHABLE
: NUD_STALE
,
942 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
943 (msg
->icmph
.icmp6_override
? NEIGH_UPDATE_F_OVERRIDE
: 0)|
944 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
945 (msg
->icmph
.icmp6_router
? NEIGH_UPDATE_F_ISROUTER
: 0));
947 if ((old_flags
& ~neigh
->flags
) & NTF_ROUTER
) {
949 * Change: router to host
952 rt
= rt6_get_dflt_router(saddr
, dev
);
958 neigh_release(neigh
);
962 static void ndisc_recv_rs(struct sk_buff
*skb
)
964 struct rs_msg
*rs_msg
= (struct rs_msg
*)skb_transport_header(skb
);
965 unsigned long ndoptlen
= skb
->len
- sizeof(*rs_msg
);
966 struct neighbour
*neigh
;
967 struct inet6_dev
*idev
;
968 struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
969 struct ndisc_options ndopts
;
972 if (skb
->len
< sizeof(*rs_msg
))
975 idev
= in6_dev_get(skb
->dev
);
978 ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
982 /* Don't accept RS if we're not in router mode */
983 if (!idev
->cnf
.forwarding
)
987 * Don't update NCE if src = ::;
988 * this implies that the source node has no ip address assigned yet.
990 if (ipv6_addr_any(saddr
))
993 /* Parse ND options */
994 if (!ndisc_parse_options(rs_msg
->opt
, ndoptlen
, &ndopts
)) {
996 ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
1000 if (ndopts
.nd_opts_src_lladdr
) {
1001 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
1007 neigh
= __neigh_lookup(&nd_tbl
, saddr
, skb
->dev
, 1);
1009 neigh_update(neigh
, lladdr
, NUD_STALE
,
1010 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1011 NEIGH_UPDATE_F_OVERRIDE
|
1012 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
);
1013 neigh_release(neigh
);
1019 static void ndisc_ra_useropt(struct sk_buff
*ra
, struct nd_opt_hdr
*opt
)
1021 struct icmp6hdr
*icmp6h
= (struct icmp6hdr
*)skb_transport_header(ra
);
1022 struct sk_buff
*skb
;
1023 struct nlmsghdr
*nlh
;
1024 struct nduseroptmsg
*ndmsg
;
1025 struct net
*net
= dev_net(ra
->dev
);
1027 int base_size
= NLMSG_ALIGN(sizeof(struct nduseroptmsg
)
1028 + (opt
->nd_opt_len
<< 3));
1029 size_t msg_size
= base_size
+ nla_total_size(sizeof(struct in6_addr
));
1031 skb
= nlmsg_new(msg_size
, GFP_ATOMIC
);
1037 nlh
= nlmsg_put(skb
, 0, 0, RTM_NEWNDUSEROPT
, base_size
, 0);
1039 goto nla_put_failure
;
1042 ndmsg
= nlmsg_data(nlh
);
1043 ndmsg
->nduseropt_family
= AF_INET6
;
1044 ndmsg
->nduseropt_ifindex
= ra
->dev
->ifindex
;
1045 ndmsg
->nduseropt_icmp_type
= icmp6h
->icmp6_type
;
1046 ndmsg
->nduseropt_icmp_code
= icmp6h
->icmp6_code
;
1047 ndmsg
->nduseropt_opts_len
= opt
->nd_opt_len
<< 3;
1049 memcpy(ndmsg
+ 1, opt
, opt
->nd_opt_len
<< 3);
1051 NLA_PUT(skb
, NDUSEROPT_SRCADDR
, sizeof(struct in6_addr
),
1052 &ipv6_hdr(ra
)->saddr
);
1053 nlmsg_end(skb
, nlh
);
1055 err
= rtnl_notify(skb
, net
, 0, RTNLGRP_ND_USEROPT
, NULL
,
1066 rtnl_set_sk_err(net
, RTNLGRP_ND_USEROPT
, err
);
1069 static void ndisc_router_discovery(struct sk_buff
*skb
)
1071 struct ra_msg
*ra_msg
= (struct ra_msg
*)skb_transport_header(skb
);
1072 struct neighbour
*neigh
= NULL
;
1073 struct inet6_dev
*in6_dev
;
1074 struct rt6_info
*rt
= NULL
;
1076 struct ndisc_options ndopts
;
1078 unsigned int pref
= 0;
1080 __u8
* opt
= (__u8
*)(ra_msg
+ 1);
1082 optlen
= (skb
->tail
- skb
->transport_header
) - sizeof(struct ra_msg
);
1084 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1085 ND_PRINTK2(KERN_WARNING
1086 "ICMPv6 RA: source address is not link-local.\n");
1090 ND_PRINTK2(KERN_WARNING
1091 "ICMPv6 RA: packet too short\n");
1095 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_HOST
) {
1096 ND_PRINTK2(KERN_WARNING
1097 "ICMPv6 RA: from host or unauthorized router\n");
1102 * set the RA_RECV flag in the interface
1105 in6_dev
= in6_dev_get(skb
->dev
);
1106 if (in6_dev
== NULL
) {
1108 "ICMPv6 RA: can't find inet6 device for %s.\n",
1112 if (in6_dev
->cnf
.forwarding
|| !in6_dev
->cnf
.accept_ra
) {
1113 in6_dev_put(in6_dev
);
1117 if (!ndisc_parse_options(opt
, optlen
, &ndopts
)) {
1118 in6_dev_put(in6_dev
);
1119 ND_PRINTK2(KERN_WARNING
1120 "ICMP6 RA: invalid ND options\n");
1124 /* skip link-specific parameters from interior routers */
1125 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
)
1126 goto skip_linkparms
;
1128 if (in6_dev
->if_flags
& IF_RS_SENT
) {
1130 * flag that an RA was received after an RS was sent
1131 * out on this interface.
1133 in6_dev
->if_flags
|= IF_RA_RCVD
;
1137 * Remember the managed/otherconf flags from most recently
1138 * received RA message (RFC 2462) -- yoshfuji
1140 in6_dev
->if_flags
= (in6_dev
->if_flags
& ~(IF_RA_MANAGED
|
1142 (ra_msg
->icmph
.icmp6_addrconf_managed
?
1143 IF_RA_MANAGED
: 0) |
1144 (ra_msg
->icmph
.icmp6_addrconf_other
?
1145 IF_RA_OTHERCONF
: 0);
1147 if (!in6_dev
->cnf
.accept_ra_defrtr
)
1150 lifetime
= ntohs(ra_msg
->icmph
.icmp6_rt_lifetime
);
1152 #ifdef CONFIG_IPV6_ROUTER_PREF
1153 pref
= ra_msg
->icmph
.icmp6_router_pref
;
1154 /* 10b is handled as if it were 00b (medium) */
1155 if (pref
== ICMPV6_ROUTER_PREF_INVALID
||
1156 !in6_dev
->cnf
.accept_ra_rtr_pref
)
1157 pref
= ICMPV6_ROUTER_PREF_MEDIUM
;
1160 rt
= rt6_get_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
);
1163 neigh
= rt
->rt6i_nexthop
;
1165 if (rt
&& lifetime
== 0) {
1171 if (rt
== NULL
&& lifetime
) {
1172 ND_PRINTK3(KERN_DEBUG
1173 "ICMPv6 RA: adding default router.\n");
1175 rt
= rt6_add_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
, pref
);
1178 "ICMPv6 RA: %s() failed to add default route.\n",
1180 in6_dev_put(in6_dev
);
1184 neigh
= rt
->rt6i_nexthop
;
1185 if (neigh
== NULL
) {
1187 "ICMPv6 RA: %s() got default router without neighbour.\n",
1189 dst_release(&rt
->u
.dst
);
1190 in6_dev_put(in6_dev
);
1193 neigh
->flags
|= NTF_ROUTER
;
1195 rt
->rt6i_flags
|= (rt
->rt6i_flags
& ~RTF_PREF_MASK
) | RTF_PREF(pref
);
1199 rt
->rt6i_expires
= jiffies
+ (HZ
* lifetime
);
1201 if (ra_msg
->icmph
.icmp6_hop_limit
) {
1202 in6_dev
->cnf
.hop_limit
= ra_msg
->icmph
.icmp6_hop_limit
;
1204 rt
->u
.dst
.metrics
[RTAX_HOPLIMIT
-1] = ra_msg
->icmph
.icmp6_hop_limit
;
1210 * Update Reachable Time and Retrans Timer
1213 if (in6_dev
->nd_parms
) {
1214 unsigned long rtime
= ntohl(ra_msg
->retrans_timer
);
1216 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/HZ
) {
1217 rtime
= (rtime
*HZ
)/1000;
1220 in6_dev
->nd_parms
->retrans_time
= rtime
;
1221 in6_dev
->tstamp
= jiffies
;
1222 inet6_ifinfo_notify(RTM_NEWLINK
, in6_dev
);
1225 rtime
= ntohl(ra_msg
->reachable_time
);
1226 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/(3*HZ
)) {
1227 rtime
= (rtime
*HZ
)/1000;
1232 if (rtime
!= in6_dev
->nd_parms
->base_reachable_time
) {
1233 in6_dev
->nd_parms
->base_reachable_time
= rtime
;
1234 in6_dev
->nd_parms
->gc_staletime
= 3 * rtime
;
1235 in6_dev
->nd_parms
->reachable_time
= neigh_rand_reach_time(rtime
);
1236 in6_dev
->tstamp
= jiffies
;
1237 inet6_ifinfo_notify(RTM_NEWLINK
, in6_dev
);
1249 neigh
= __neigh_lookup(&nd_tbl
, &ipv6_hdr(skb
)->saddr
,
1253 if (ndopts
.nd_opts_src_lladdr
) {
1254 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
1257 ND_PRINTK2(KERN_WARNING
1258 "ICMPv6 RA: invalid link-layer address length\n");
1262 neigh_update(neigh
, lladdr
, NUD_STALE
,
1263 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1264 NEIGH_UPDATE_F_OVERRIDE
|
1265 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
1266 NEIGH_UPDATE_F_ISROUTER
);
1269 #ifdef CONFIG_IPV6_ROUTE_INFO
1270 if (in6_dev
->cnf
.accept_ra_rtr_pref
&& ndopts
.nd_opts_ri
) {
1271 struct nd_opt_hdr
*p
;
1272 for (p
= ndopts
.nd_opts_ri
;
1274 p
= ndisc_next_option(p
, ndopts
.nd_opts_ri_end
)) {
1275 struct route_info
*ri
= (struct route_info
*)p
;
1276 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1277 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
&&
1278 ri
->prefix_len
== 0)
1281 if (ri
->prefix_len
> in6_dev
->cnf
.accept_ra_rt_info_max_plen
)
1283 rt6_route_rcv(skb
->dev
, (u8
*)p
, (p
->nd_opt_len
) << 3,
1284 &ipv6_hdr(skb
)->saddr
);
1289 /* skip link-specific ndopts from interior routers */
1290 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
)
1293 if (in6_dev
->cnf
.accept_ra_pinfo
&& ndopts
.nd_opts_pi
) {
1294 struct nd_opt_hdr
*p
;
1295 for (p
= ndopts
.nd_opts_pi
;
1297 p
= ndisc_next_option(p
, ndopts
.nd_opts_pi_end
)) {
1298 addrconf_prefix_rcv(skb
->dev
, (u8
*)p
, (p
->nd_opt_len
) << 3);
1302 if (ndopts
.nd_opts_mtu
) {
1306 memcpy(&n
, ((u8
*)(ndopts
.nd_opts_mtu
+1))+2, sizeof(mtu
));
1309 if (mtu
< IPV6_MIN_MTU
|| mtu
> skb
->dev
->mtu
) {
1310 ND_PRINTK2(KERN_WARNING
1311 "ICMPv6 RA: invalid mtu: %d\n",
1313 } else if (in6_dev
->cnf
.mtu6
!= mtu
) {
1314 in6_dev
->cnf
.mtu6
= mtu
;
1317 rt
->u
.dst
.metrics
[RTAX_MTU
-1] = mtu
;
1319 rt6_mtu_change(skb
->dev
, mtu
);
1323 if (ndopts
.nd_useropts
) {
1324 struct nd_opt_hdr
*p
;
1325 for (p
= ndopts
.nd_useropts
;
1327 p
= ndisc_next_useropt(p
, ndopts
.nd_useropts_end
)) {
1328 ndisc_ra_useropt(skb
, p
);
1332 if (ndopts
.nd_opts_tgt_lladdr
|| ndopts
.nd_opts_rh
) {
1333 ND_PRINTK2(KERN_WARNING
1334 "ICMPv6 RA: invalid RA options");
1338 dst_release(&rt
->u
.dst
);
1340 neigh_release(neigh
);
1341 in6_dev_put(in6_dev
);
1344 static void ndisc_redirect_rcv(struct sk_buff
*skb
)
1346 struct inet6_dev
*in6_dev
;
1347 struct icmp6hdr
*icmph
;
1348 struct in6_addr
*dest
;
1349 struct in6_addr
*target
; /* new first hop to destination */
1350 struct neighbour
*neigh
;
1352 struct ndisc_options ndopts
;
1356 switch (skb
->ndisc_nodetype
) {
1357 case NDISC_NODETYPE_HOST
:
1358 case NDISC_NODETYPE_NODEFAULT
:
1359 ND_PRINTK2(KERN_WARNING
1360 "ICMPv6 Redirect: from host or unauthorized router\n");
1364 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1365 ND_PRINTK2(KERN_WARNING
1366 "ICMPv6 Redirect: source address is not link-local.\n");
1370 optlen
= skb
->tail
- skb
->transport_header
;
1371 optlen
-= sizeof(struct icmp6hdr
) + 2 * sizeof(struct in6_addr
);
1374 ND_PRINTK2(KERN_WARNING
1375 "ICMPv6 Redirect: packet too short\n");
1379 icmph
= icmp6_hdr(skb
);
1380 target
= (struct in6_addr
*) (icmph
+ 1);
1383 if (ipv6_addr_is_multicast(dest
)) {
1384 ND_PRINTK2(KERN_WARNING
1385 "ICMPv6 Redirect: destination address is multicast.\n");
1389 if (ipv6_addr_equal(dest
, target
)) {
1391 } else if (ipv6_addr_type(target
) !=
1392 (IPV6_ADDR_UNICAST
|IPV6_ADDR_LINKLOCAL
)) {
1393 ND_PRINTK2(KERN_WARNING
1394 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1398 in6_dev
= in6_dev_get(skb
->dev
);
1401 if (in6_dev
->cnf
.forwarding
|| !in6_dev
->cnf
.accept_redirects
) {
1402 in6_dev_put(in6_dev
);
1407 * The IP source address of the Redirect MUST be the same as the current
1408 * first-hop router for the specified ICMP Destination Address.
1411 if (!ndisc_parse_options((u8
*)(dest
+ 1), optlen
, &ndopts
)) {
1412 ND_PRINTK2(KERN_WARNING
1413 "ICMPv6 Redirect: invalid ND options\n");
1414 in6_dev_put(in6_dev
);
1417 if (ndopts
.nd_opts_tgt_lladdr
) {
1418 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_tgt_lladdr
,
1421 ND_PRINTK2(KERN_WARNING
1422 "ICMPv6 Redirect: invalid link-layer address length\n");
1423 in6_dev_put(in6_dev
);
1428 neigh
= __neigh_lookup(&nd_tbl
, target
, skb
->dev
, 1);
1430 rt6_redirect(dest
, &ipv6_hdr(skb
)->daddr
,
1431 &ipv6_hdr(skb
)->saddr
, neigh
, lladdr
,
1433 neigh_release(neigh
);
1435 in6_dev_put(in6_dev
);
1438 void ndisc_send_redirect(struct sk_buff
*skb
, struct neighbour
*neigh
,
1439 struct in6_addr
*target
)
1441 struct net_device
*dev
= skb
->dev
;
1442 struct net
*net
= dev_net(dev
);
1443 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
1444 int len
= sizeof(struct icmp6hdr
) + 2 * sizeof(struct in6_addr
);
1445 struct sk_buff
*buff
;
1446 struct icmp6hdr
*icmph
;
1447 struct in6_addr saddr_buf
;
1448 struct in6_addr
*addrp
;
1449 struct rt6_info
*rt
;
1450 struct dst_entry
*dst
;
1451 struct inet6_dev
*idev
;
1456 u8 ha_buf
[MAX_ADDR_LEN
], *ha
= NULL
;
1458 if (ipv6_get_lladdr(dev
, &saddr_buf
, IFA_F_TENTATIVE
)) {
1459 ND_PRINTK2(KERN_WARNING
1460 "ICMPv6 Redirect: no link-local address on %s\n",
1465 if (!ipv6_addr_equal(&ipv6_hdr(skb
)->daddr
, target
) &&
1466 ipv6_addr_type(target
) != (IPV6_ADDR_UNICAST
|IPV6_ADDR_LINKLOCAL
)) {
1467 ND_PRINTK2(KERN_WARNING
1468 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1472 icmpv6_flow_init(sk
, &fl
, NDISC_REDIRECT
,
1473 &saddr_buf
, &ipv6_hdr(skb
)->saddr
, dev
->ifindex
);
1475 dst
= ip6_route_output(net
, NULL
, &fl
);
1479 err
= xfrm_lookup(&dst
, &fl
, NULL
, 0);
1483 rt
= (struct rt6_info
*) dst
;
1485 if (rt
->rt6i_flags
& RTF_GATEWAY
) {
1486 ND_PRINTK2(KERN_WARNING
1487 "ICMPv6 Redirect: destination is not a neighbour.\n");
1491 if (!xrlim_allow(dst
, 1*HZ
)) {
1496 if (dev
->addr_len
) {
1497 read_lock_bh(&neigh
->lock
);
1498 if (neigh
->nud_state
& NUD_VALID
) {
1499 memcpy(ha_buf
, neigh
->ha
, dev
->addr_len
);
1500 read_unlock_bh(&neigh
->lock
);
1502 len
+= ndisc_opt_addr_space(dev
);
1504 read_unlock_bh(&neigh
->lock
);
1507 rd_len
= min_t(unsigned int,
1508 IPV6_MIN_MTU
-sizeof(struct ipv6hdr
)-len
, skb
->len
+ 8);
1512 buff
= sock_alloc_send_skb(sk
,
1513 (MAX_HEADER
+ sizeof(struct ipv6hdr
) +
1514 len
+ LL_RESERVED_SPACE(dev
)),
1518 "ICMPv6 Redirect: %s() failed to allocate an skb.\n",
1524 skb_reserve(buff
, LL_RESERVED_SPACE(dev
));
1525 ip6_nd_hdr(sk
, buff
, dev
, &saddr_buf
, &ipv6_hdr(skb
)->saddr
,
1526 IPPROTO_ICMPV6
, len
);
1528 skb_set_transport_header(buff
, skb_tail_pointer(buff
) - buff
->data
);
1530 icmph
= icmp6_hdr(buff
);
1532 memset(icmph
, 0, sizeof(struct icmp6hdr
));
1533 icmph
->icmp6_type
= NDISC_REDIRECT
;
1536 * copy target and destination addresses
1539 addrp
= (struct in6_addr
*)(icmph
+ 1);
1540 ipv6_addr_copy(addrp
, target
);
1542 ipv6_addr_copy(addrp
, &ipv6_hdr(skb
)->daddr
);
1544 opt
= (u8
*) (addrp
+ 1);
1547 * include target_address option
1551 opt
= ndisc_fill_addr_option(opt
, ND_OPT_TARGET_LL_ADDR
, ha
,
1552 dev
->addr_len
, dev
->type
);
1555 * build redirect option and copy skb over to the new packet.
1559 *(opt
++) = ND_OPT_REDIRECT_HDR
;
1560 *(opt
++) = (rd_len
>> 3);
1563 memcpy(opt
, ipv6_hdr(skb
), rd_len
- 8);
1565 icmph
->icmp6_cksum
= csum_ipv6_magic(&saddr_buf
, &ipv6_hdr(skb
)->saddr
,
1566 len
, IPPROTO_ICMPV6
,
1567 csum_partial((u8
*) icmph
, len
, 0));
1570 idev
= in6_dev_get(dst
->dev
);
1571 IP6_INC_STATS(idev
, IPSTATS_MIB_OUTREQUESTS
);
1572 err
= NF_HOOK(PF_INET6
, NF_INET_LOCAL_OUT
, buff
, NULL
, dst
->dev
,
1575 ICMP6MSGOUT_INC_STATS(idev
, NDISC_REDIRECT
);
1576 ICMP6_INC_STATS(idev
, ICMP6_MIB_OUTMSGS
);
1579 if (likely(idev
!= NULL
))
1583 static void pndisc_redo(struct sk_buff
*skb
)
1589 int ndisc_rcv(struct sk_buff
*skb
)
1593 if (!pskb_may_pull(skb
, skb
->len
))
1596 msg
= (struct nd_msg
*)skb_transport_header(skb
);
1598 __skb_push(skb
, skb
->data
- skb_transport_header(skb
));
1600 if (ipv6_hdr(skb
)->hop_limit
!= 255) {
1601 ND_PRINTK2(KERN_WARNING
1602 "ICMPv6 NDISC: invalid hop-limit: %d\n",
1603 ipv6_hdr(skb
)->hop_limit
);
1607 if (msg
->icmph
.icmp6_code
!= 0) {
1608 ND_PRINTK2(KERN_WARNING
1609 "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1610 msg
->icmph
.icmp6_code
);
1614 memset(NEIGH_CB(skb
), 0, sizeof(struct neighbour_cb
));
1616 switch (msg
->icmph
.icmp6_type
) {
1617 case NDISC_NEIGHBOUR_SOLICITATION
:
1621 case NDISC_NEIGHBOUR_ADVERTISEMENT
:
1625 case NDISC_ROUTER_SOLICITATION
:
1629 case NDISC_ROUTER_ADVERTISEMENT
:
1630 ndisc_router_discovery(skb
);
1633 case NDISC_REDIRECT
:
1634 ndisc_redirect_rcv(skb
);
1641 static int ndisc_netdev_event(struct notifier_block
*this, unsigned long event
, void *ptr
)
1643 struct net_device
*dev
= ptr
;
1644 struct net
*net
= dev_net(dev
);
1647 case NETDEV_CHANGEADDR
:
1648 neigh_changeaddr(&nd_tbl
, dev
);
1649 fib6_run_gc(~0UL, net
);
1652 neigh_ifdown(&nd_tbl
, dev
);
1653 fib6_run_gc(~0UL, net
);
1662 static struct notifier_block ndisc_netdev_notifier
= {
1663 .notifier_call
= ndisc_netdev_event
,
1666 #ifdef CONFIG_SYSCTL
1667 static void ndisc_warn_deprecated_sysctl(struct ctl_table
*ctl
,
1668 const char *func
, const char *dev_name
)
1670 static char warncomm
[TASK_COMM_LEN
];
1672 if (strcmp(warncomm
, current
->comm
) && warned
< 5) {
1673 strcpy(warncomm
, current
->comm
);
1675 "process `%s' is using deprecated sysctl (%s) "
1676 "net.ipv6.neigh.%s.%s; "
1677 "Use net.ipv6.neigh.%s.%s_ms "
1680 dev_name
, ctl
->procname
,
1681 dev_name
, ctl
->procname
);
1686 int ndisc_ifinfo_sysctl_change(struct ctl_table
*ctl
, int write
, struct file
* filp
, void __user
*buffer
, size_t *lenp
, loff_t
*ppos
)
1688 struct net_device
*dev
= ctl
->extra1
;
1689 struct inet6_dev
*idev
;
1692 if ((strcmp(ctl
->procname
, "retrans_time") == 0) ||
1693 (strcmp(ctl
->procname
, "base_reachable_time") == 0))
1694 ndisc_warn_deprecated_sysctl(ctl
, "syscall", dev
? dev
->name
: "default");
1696 if (strcmp(ctl
->procname
, "retrans_time") == 0)
1697 ret
= proc_dointvec(ctl
, write
, filp
, buffer
, lenp
, ppos
);
1699 else if (strcmp(ctl
->procname
, "base_reachable_time") == 0)
1700 ret
= proc_dointvec_jiffies(ctl
, write
,
1701 filp
, buffer
, lenp
, ppos
);
1703 else if ((strcmp(ctl
->procname
, "retrans_time_ms") == 0) ||
1704 (strcmp(ctl
->procname
, "base_reachable_time_ms") == 0))
1705 ret
= proc_dointvec_ms_jiffies(ctl
, write
,
1706 filp
, buffer
, lenp
, ppos
);
1710 if (write
&& ret
== 0 && dev
&& (idev
= in6_dev_get(dev
)) != NULL
) {
1711 if (ctl
->data
== &idev
->nd_parms
->base_reachable_time
)
1712 idev
->nd_parms
->reachable_time
= neigh_rand_reach_time(idev
->nd_parms
->base_reachable_time
);
1713 idev
->tstamp
= jiffies
;
1714 inet6_ifinfo_notify(RTM_NEWLINK
, idev
);
1720 static int ndisc_ifinfo_sysctl_strategy(ctl_table
*ctl
, int __user
*name
,
1721 int nlen
, void __user
*oldval
,
1722 size_t __user
*oldlenp
,
1723 void __user
*newval
, size_t newlen
)
1725 struct net_device
*dev
= ctl
->extra1
;
1726 struct inet6_dev
*idev
;
1729 if (ctl
->ctl_name
== NET_NEIGH_RETRANS_TIME
||
1730 ctl
->ctl_name
== NET_NEIGH_REACHABLE_TIME
)
1731 ndisc_warn_deprecated_sysctl(ctl
, "procfs", dev
? dev
->name
: "default");
1733 switch (ctl
->ctl_name
) {
1734 case NET_NEIGH_REACHABLE_TIME
:
1735 ret
= sysctl_jiffies(ctl
, name
, nlen
,
1736 oldval
, oldlenp
, newval
, newlen
);
1738 case NET_NEIGH_RETRANS_TIME_MS
:
1739 case NET_NEIGH_REACHABLE_TIME_MS
:
1740 ret
= sysctl_ms_jiffies(ctl
, name
, nlen
,
1741 oldval
, oldlenp
, newval
, newlen
);
1747 if (newval
&& newlen
&& ret
> 0 &&
1748 dev
&& (idev
= in6_dev_get(dev
)) != NULL
) {
1749 if (ctl
->ctl_name
== NET_NEIGH_REACHABLE_TIME
||
1750 ctl
->ctl_name
== NET_NEIGH_REACHABLE_TIME_MS
)
1751 idev
->nd_parms
->reachable_time
= neigh_rand_reach_time(idev
->nd_parms
->base_reachable_time
);
1752 idev
->tstamp
= jiffies
;
1753 inet6_ifinfo_notify(RTM_NEWLINK
, idev
);
1762 static int ndisc_net_init(struct net
*net
)
1764 struct socket
*sock
;
1765 struct ipv6_pinfo
*np
;
1769 err
= sock_create_kern(PF_INET6
, SOCK_RAW
, IPPROTO_ICMPV6
, &sock
);
1772 "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1777 net
->ipv6
.ndisc_sk
= sk
= sock
->sk
;
1778 sk_change_net(sk
, net
);
1781 sk
->sk_allocation
= GFP_ATOMIC
;
1782 np
->hop_limit
= 255;
1783 /* Do not loopback ndisc messages */
1785 sk
->sk_prot
->unhash(sk
);
1790 static void ndisc_net_exit(struct net
*net
)
1792 sk_release_kernel(net
->ipv6
.ndisc_sk
);
1795 static struct pernet_operations ndisc_net_ops
= {
1796 .init
= ndisc_net_init
,
1797 .exit
= ndisc_net_exit
,
1800 int __init
ndisc_init(void)
1804 err
= register_pernet_subsys(&ndisc_net_ops
);
1808 * Initialize the neighbour table
1810 neigh_table_init(&nd_tbl
);
1812 #ifdef CONFIG_SYSCTL
1813 err
= neigh_sysctl_register(NULL
, &nd_tbl
.parms
, NET_IPV6
,
1814 NET_IPV6_NEIGH
, "ipv6",
1815 &ndisc_ifinfo_sysctl_change
,
1816 &ndisc_ifinfo_sysctl_strategy
);
1818 goto out_unregister_pernet
;
1820 err
= register_netdevice_notifier(&ndisc_netdev_notifier
);
1822 goto out_unregister_sysctl
;
1826 out_unregister_sysctl
:
1827 #ifdef CONFIG_SYSCTL
1828 neigh_sysctl_unregister(&nd_tbl
.parms
);
1829 out_unregister_pernet
:
1831 unregister_pernet_subsys(&ndisc_net_ops
);
1835 void ndisc_cleanup(void)
1837 unregister_netdevice_notifier(&ndisc_netdev_notifier
);
1838 #ifdef CONFIG_SYSCTL
1839 neigh_sysctl_unregister(&nd_tbl
.parms
);
1841 neigh_table_clear(&nd_tbl
);
1842 unregister_pernet_subsys(&ndisc_net_ops
);