]> git.proxmox.com Git - mirror_ubuntu-eoan-kernel.git/blob - net/ipv6/ndisc.c
projects / mirror_ubuntu-eoan-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
UBUNTU: Ubuntu-5.3.0-29.31
[mirror_ubuntu-eoan-kernel.git] / net / ipv6 / ndisc.c
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Neighbour Discovery for IPv6
4 * Linux INET6 implementation
5 *
6 * Authors:
7 * Pedro Roque <roque@di.fc.ul.pt>
8 * Mike Shaver <shaver@ingenia.com>
9 */
10
11 /*
12 * Changes:
13 *
14 * Alexey I. Froloff : RFC6106 (DNSSL) support
15 * Pierre Ynard : export userland ND options
16 * through netlink (RDNSS support)
17 * Lars Fenneberg : fixed MTU setting on receipt
18 * of an RA.
19 * Janos Farkas : kmalloc failure checks
20 * Alexey Kuznetsov : state machine reworked
21 * and moved to net/core.
22 * Pekka Savola : RFC2461 validation
23 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
24 */
25
26 #define pr_fmt(fmt) "ICMPv6: " fmt
27
28 #include <linux/module.h>
29 #include <linux/errno.h>
30 #include <linux/types.h>
31 #include <linux/socket.h>
32 #include <linux/sockios.h>
33 #include <linux/sched.h>
34 #include <linux/net.h>
35 #include <linux/in6.h>
36 #include <linux/route.h>
37 #include <linux/init.h>
38 #include <linux/rcupdate.h>
39 #include <linux/slab.h>
40 #ifdef CONFIG_SYSCTL
41 #include <linux/sysctl.h>
42 #endif
43
44 #include <linux/if_addr.h>
45 #include <linux/if_ether.h>
46 #include <linux/if_arp.h>
47 #include <linux/ipv6.h>
48 #include <linux/icmpv6.h>
49 #include <linux/jhash.h>
50
51 #include <net/sock.h>
52 #include <net/snmp.h>
53
54 #include <net/ipv6.h>
55 #include <net/protocol.h>
56 #include <net/ndisc.h>
57 #include <net/ip6_route.h>
58 #include <net/addrconf.h>
59 #include <net/icmp.h>
60
61 #include <net/netlink.h>
62 #include <linux/rtnetlink.h>
63
64 #include <net/flow.h>
65 #include <net/ip6_checksum.h>
66 #include <net/inet_common.h>
67 #include <linux/proc_fs.h>
68
69 #include <linux/netfilter.h>
70 #include <linux/netfilter_ipv6.h>
71
72 static u32 ndisc_hash(const void *pkey,
73 const struct net_device *dev,
74 __u32 *hash_rnd);
75 static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey);
76 static bool ndisc_allow_add(const struct net_device *dev,
77 struct netlink_ext_ack *extack);
78 static int ndisc_constructor(struct neighbour *neigh);
79 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
80 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
81 static int pndisc_constructor(struct pneigh_entry *n);
82 static void pndisc_destructor(struct pneigh_entry *n);
83 static void pndisc_redo(struct sk_buff *skb);
84
85 static const struct neigh_ops ndisc_generic_ops = {
86 .family = AF_INET6,
87 .solicit = ndisc_solicit,
88 .error_report = ndisc_error_report,
89 .output = neigh_resolve_output,
90 .connected_output = neigh_connected_output,
91 };
92
93 static const struct neigh_ops ndisc_hh_ops = {
94 .family = AF_INET6,
95 .solicit = ndisc_solicit,
96 .error_report = ndisc_error_report,
97 .output = neigh_resolve_output,
98 .connected_output = neigh_resolve_output,
99 };
100
101
102 static const struct neigh_ops ndisc_direct_ops = {
103 .family = AF_INET6,
104 .output = neigh_direct_output,
105 .connected_output = neigh_direct_output,
106 };
107
108 struct neigh_table nd_tbl = {
109 .family = AF_INET6,
110 .key_len = sizeof(struct in6_addr),
111 .protocol = cpu_to_be16(ETH_P_IPV6),
112 .hash = ndisc_hash,
113 .key_eq = ndisc_key_eq,
114 .constructor = ndisc_constructor,
115 .pconstructor = pndisc_constructor,
116 .pdestructor = pndisc_destructor,
117 .proxy_redo = pndisc_redo,
118 .allow_add = ndisc_allow_add,
119 .id = "ndisc_cache",
120 .parms = {
121 .tbl = &nd_tbl,
122 .reachable_time = ND_REACHABLE_TIME,
123 .data = {
124 [NEIGH_VAR_MCAST_PROBES] = 3,
125 [NEIGH_VAR_UCAST_PROBES] = 3,
126 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
127 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
128 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
129 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
130 [NEIGH_VAR_QUEUE_LEN_BYTES] = SK_WMEM_MAX,
131 [NEIGH_VAR_PROXY_QLEN] = 64,
132 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
133 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
134 },
135 },
136 .gc_interval = 30 * HZ,
137 .gc_thresh1 = 128,
138 .gc_thresh2 = 512,
139 .gc_thresh3 = 1024,
140 };
141 EXPORT_SYMBOL_GPL(nd_tbl);
142
143 void __ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data,
144 int data_len, int pad)
145 {
146 int space = __ndisc_opt_addr_space(data_len, pad);
147 u8 *opt = skb_put(skb, space);
148
149 opt[0] = type;
150 opt[1] = space>>3;
151
152 memset(opt + 2, 0, pad);
153 opt += pad;
154 space -= pad;
155
156 memcpy(opt+2, data, data_len);
157 data_len += 2;
158 opt += data_len;
159 space -= data_len;
160 if (space > 0)
161 memset(opt, 0, space);
162 }
163 EXPORT_SYMBOL_GPL(__ndisc_fill_addr_option);
164
165 static inline void ndisc_fill_addr_option(struct sk_buff *skb, int type,
166 void *data, u8 icmp6_type)
167 {
168 __ndisc_fill_addr_option(skb, type, data, skb->dev->addr_len,
169 ndisc_addr_option_pad(skb->dev->type));
170 ndisc_ops_fill_addr_option(skb->dev, skb, icmp6_type);
171 }
172
173 static inline void ndisc_fill_redirect_addr_option(struct sk_buff *skb,
174 void *ha,
175 const u8 *ops_data)
176 {
177 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR, ha, NDISC_REDIRECT);
178 ndisc_ops_fill_redirect_addr_option(skb->dev, skb, ops_data);
179 }
180
181 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
182 struct nd_opt_hdr *end)
183 {
184 int type;
185 if (!cur || !end || cur >= end)
186 return NULL;
187 type = cur->nd_opt_type;
188 do {
189 cur = ((void *)cur) + (cur->nd_opt_len << 3);
190 } while (cur < end && cur->nd_opt_type != type);
191 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
192 }
193
194 static inline int ndisc_is_useropt(const struct net_device *dev,
195 struct nd_opt_hdr *opt)
196 {
197 return opt->nd_opt_type == ND_OPT_RDNSS ||
198 opt->nd_opt_type == ND_OPT_DNSSL ||
199 ndisc_ops_is_useropt(dev, opt->nd_opt_type);
200 }
201
202 static struct nd_opt_hdr *ndisc_next_useropt(const struct net_device *dev,
203 struct nd_opt_hdr *cur,
204 struct nd_opt_hdr *end)
205 {
206 if (!cur || !end || cur >= end)
207 return NULL;
208 do {
209 cur = ((void *)cur) + (cur->nd_opt_len << 3);
210 } while (cur < end && !ndisc_is_useropt(dev, cur));
211 return cur <= end && ndisc_is_useropt(dev, cur) ? cur : NULL;
212 }
213
214 struct ndisc_options *ndisc_parse_options(const struct net_device *dev,
215 u8 *opt, int opt_len,
216 struct ndisc_options *ndopts)
217 {
218 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
219
220 if (!nd_opt || opt_len < 0 || !ndopts)
221 return NULL;
222 memset(ndopts, 0, sizeof(*ndopts));
223 while (opt_len) {
224 int l;
225 if (opt_len < sizeof(struct nd_opt_hdr))
226 return NULL;
227 l = nd_opt->nd_opt_len << 3;
228 if (opt_len < l || l == 0)
229 return NULL;
230 if (ndisc_ops_parse_options(dev, nd_opt, ndopts))
231 goto next_opt;
232 switch (nd_opt->nd_opt_type) {
233 case ND_OPT_SOURCE_LL_ADDR:
234 case ND_OPT_TARGET_LL_ADDR:
235 case ND_OPT_MTU:
236 case ND_OPT_NONCE:
237 case ND_OPT_REDIRECT_HDR:
238 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
239 ND_PRINTK(2, warn,
240 "%s: duplicated ND6 option found: type=%d\n",
241 __func__, nd_opt->nd_opt_type);
242 } else {
243 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
244 }
245 break;
246 case ND_OPT_PREFIX_INFO:
247 ndopts->nd_opts_pi_end = nd_opt;
248 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
249 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
250 break;
251 #ifdef CONFIG_IPV6_ROUTE_INFO
252 case ND_OPT_ROUTE_INFO:
253 ndopts->nd_opts_ri_end = nd_opt;
254 if (!ndopts->nd_opts_ri)
255 ndopts->nd_opts_ri = nd_opt;
256 break;
257 #endif
258 default:
259 if (ndisc_is_useropt(dev, nd_opt)) {
260 ndopts->nd_useropts_end = nd_opt;
261 if (!ndopts->nd_useropts)
262 ndopts->nd_useropts = nd_opt;
263 } else {
264 /*
265 * Unknown options must be silently ignored,
266 * to accommodate future extension to the
267 * protocol.
268 */
269 ND_PRINTK(2, notice,
270 "%s: ignored unsupported option; type=%d, len=%d\n",
271 __func__,
272 nd_opt->nd_opt_type,
273 nd_opt->nd_opt_len);
274 }
275 }
276 next_opt:
277 opt_len -= l;
278 nd_opt = ((void *)nd_opt) + l;
279 }
280 return ndopts;
281 }
282
283 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
284 {
285 switch (dev->type) {
286 case ARPHRD_ETHER:
287 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
288 case ARPHRD_FDDI:
289 ipv6_eth_mc_map(addr, buf);
290 return 0;
291 case ARPHRD_ARCNET:
292 ipv6_arcnet_mc_map(addr, buf);
293 return 0;
294 case ARPHRD_INFINIBAND:
295 ipv6_ib_mc_map(addr, dev->broadcast, buf);
296 return 0;
297 case ARPHRD_IPGRE:
298 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
299 default:
300 if (dir) {
301 memcpy(buf, dev->broadcast, dev->addr_len);
302 return 0;
303 }
304 }
305 return -EINVAL;
306 }
307 EXPORT_SYMBOL(ndisc_mc_map);
308
309 static u32 ndisc_hash(const void *pkey,
310 const struct net_device *dev,
311 __u32 *hash_rnd)
312 {
313 return ndisc_hashfn(pkey, dev, hash_rnd);
314 }
315
316 static bool ndisc_key_eq(const struct neighbour *n, const void *pkey)
317 {
318 return neigh_key_eq128(n, pkey);
319 }
320
321 static int ndisc_constructor(struct neighbour *neigh)
322 {
323 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
324 struct net_device *dev = neigh->dev;
325 struct inet6_dev *in6_dev;
326 struct neigh_parms *parms;
327 bool is_multicast = ipv6_addr_is_multicast(addr);
328
329 in6_dev = in6_dev_get(dev);
330 if (!in6_dev) {
331 return -EINVAL;
332 }
333
334 parms = in6_dev->nd_parms;
335 __neigh_parms_put(neigh->parms);
336 neigh->parms = neigh_parms_clone(parms);
337
338 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
339 if (!dev->header_ops) {
340 neigh->nud_state = NUD_NOARP;
341 neigh->ops = &ndisc_direct_ops;
342 neigh->output = neigh_direct_output;
343 } else {
344 if (is_multicast) {
345 neigh->nud_state = NUD_NOARP;
346 ndisc_mc_map(addr, neigh->ha, dev, 1);
347 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
348 neigh->nud_state = NUD_NOARP;
349 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
350 if (dev->flags&IFF_LOOPBACK)
351 neigh->type = RTN_LOCAL;
352 } else if (dev->flags&IFF_POINTOPOINT) {
353 neigh->nud_state = NUD_NOARP;
354 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
355 }
356 if (dev->header_ops->cache)
357 neigh->ops = &ndisc_hh_ops;
358 else
359 neigh->ops = &ndisc_generic_ops;
360 if (neigh->nud_state&NUD_VALID)
361 neigh->output = neigh->ops->connected_output;
362 else
363 neigh->output = neigh->ops->output;
364 }
365 in6_dev_put(in6_dev);
366 return 0;
367 }
368
369 static int pndisc_constructor(struct pneigh_entry *n)
370 {
371 struct in6_addr *addr = (struct in6_addr *)&n->key;
372 struct in6_addr maddr;
373 struct net_device *dev = n->dev;
374
375 if (!dev || !__in6_dev_get(dev))
376 return -EINVAL;
377 addrconf_addr_solict_mult(addr, &maddr);
378 ipv6_dev_mc_inc(dev, &maddr);
379 return 0;
380 }
381
382 static void pndisc_destructor(struct pneigh_entry *n)
383 {
384 struct in6_addr *addr = (struct in6_addr *)&n->key;
385 struct in6_addr maddr;
386 struct net_device *dev = n->dev;
387
388 if (!dev || !__in6_dev_get(dev))
389 return;
390 addrconf_addr_solict_mult(addr, &maddr);
391 ipv6_dev_mc_dec(dev, &maddr);
392 }
393
394 /* called with rtnl held */
395 static bool ndisc_allow_add(const struct net_device *dev,
396 struct netlink_ext_ack *extack)
397 {
398 struct inet6_dev *idev = __in6_dev_get(dev);
399
400 if (!idev || idev->cnf.disable_ipv6) {
401 NL_SET_ERR_MSG(extack, "IPv6 is disabled on this device");
402 return false;
403 }
404
405 return true;
406 }
407
408 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
409 int len)
410 {
411 int hlen = LL_RESERVED_SPACE(dev);
412 int tlen = dev->needed_tailroom;
413 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
414 struct sk_buff *skb;
415
416 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
417 if (!skb) {
418 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
419 __func__);
420 return NULL;
421 }
422
423 skb->protocol = htons(ETH_P_IPV6);
424 skb->dev = dev;
425
426 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
427 skb_reset_transport_header(skb);
428
429 /* Manually assign socket ownership as we avoid calling
430 * sock_alloc_send_pskb() to bypass wmem buffer limits
431 */
432 skb_set_owner_w(skb, sk);
433
434 return skb;
435 }
436
437 static void ip6_nd_hdr(struct sk_buff *skb,
438 const struct in6_addr *saddr,
439 const struct in6_addr *daddr,
440 int hop_limit, int len)
441 {
442 struct ipv6hdr *hdr;
443 struct inet6_dev *idev;
444 unsigned tclass;
445
446 rcu_read_lock();
447 idev = __in6_dev_get(skb->dev);
448 tclass = idev ? idev->cnf.ndisc_tclass : 0;
449 rcu_read_unlock();
450
451 skb_push(skb, sizeof(*hdr));
452 skb_reset_network_header(skb);
453 hdr = ipv6_hdr(skb);
454
455 ip6_flow_hdr(hdr, tclass, 0);
456
457 hdr->payload_len = htons(len);
458 hdr->nexthdr = IPPROTO_ICMPV6;
459 hdr->hop_limit = hop_limit;
460
461 hdr->saddr = *saddr;
462 hdr->daddr = *daddr;
463 }
464
465 static void ndisc_send_skb(struct sk_buff *skb,
466 const struct in6_addr *daddr,
467 const struct in6_addr *saddr)
468 {
469 struct dst_entry *dst = skb_dst(skb);
470 struct net *net = dev_net(skb->dev);
471 struct sock *sk = net->ipv6.ndisc_sk;
472 struct inet6_dev *idev;
473 int err;
474 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
475 u8 type;
476
477 type = icmp6h->icmp6_type;
478
479 if (!dst) {
480 struct flowi6 fl6;
481 int oif = skb->dev->ifindex;
482
483 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, oif);
484 dst = icmp6_dst_alloc(skb->dev, &fl6);
485 if (IS_ERR(dst)) {
486 kfree_skb(skb);
487 return;
488 }
489
490 skb_dst_set(skb, dst);
491 }
492
493 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
494 IPPROTO_ICMPV6,
495 csum_partial(icmp6h,
496 skb->len, 0));
497
498 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
499
500 rcu_read_lock();
501 idev = __in6_dev_get(dst->dev);
502 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
503
504 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
505 net, sk, skb, NULL, dst->dev,
506 dst_output);
507 if (!err) {
508 ICMP6MSGOUT_INC_STATS(net, idev, type);
509 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
510 }
511
512 rcu_read_unlock();
513 }
514
515 void ndisc_send_na(struct net_device *dev, const struct in6_addr *daddr,
516 const struct in6_addr *solicited_addr,
517 bool router, bool solicited, bool override, bool inc_opt)
518 {
519 struct sk_buff *skb;
520 struct in6_addr tmpaddr;
521 struct inet6_ifaddr *ifp;
522 const struct in6_addr *src_addr;
523 struct nd_msg *msg;
524 int optlen = 0;
525
526 /* for anycast or proxy, solicited_addr != src_addr */
527 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
528 if (ifp) {
529 src_addr = solicited_addr;
530 if (ifp->flags & IFA_F_OPTIMISTIC)
531 override = false;
532 inc_opt |= ifp->idev->cnf.force_tllao;
533 in6_ifa_put(ifp);
534 } else {
535 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
536 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
537 &tmpaddr))
538 return;
539 src_addr = &tmpaddr;
540 }
541
542 if (!dev->addr_len)
543 inc_opt = false;
544 if (inc_opt)
545 optlen += ndisc_opt_addr_space(dev,
546 NDISC_NEIGHBOUR_ADVERTISEMENT);
547
548 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
549 if (!skb)
550 return;
551
552 msg = skb_put(skb, sizeof(*msg));
553 *msg = (struct nd_msg) {
554 .icmph = {
555 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
556 .icmp6_router = router,
557 .icmp6_solicited = solicited,
558 .icmp6_override = override,
559 },
560 .target = *solicited_addr,
561 };
562
563 if (inc_opt)
564 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
565 dev->dev_addr,
566 NDISC_NEIGHBOUR_ADVERTISEMENT);
567
568 ndisc_send_skb(skb, daddr, src_addr);
569 }
570
571 static void ndisc_send_unsol_na(struct net_device *dev)
572 {
573 struct inet6_dev *idev;
574 struct inet6_ifaddr *ifa;
575
576 idev = in6_dev_get(dev);
577 if (!idev)
578 return;
579
580 read_lock_bh(&idev->lock);
581 list_for_each_entry(ifa, &idev->addr_list, if_list) {
582 /* skip tentative addresses until dad completes */
583 if (ifa->flags & IFA_F_TENTATIVE &&
584 !(ifa->flags & IFA_F_OPTIMISTIC))
585 continue;
586
587 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &ifa->addr,
588 /*router=*/ !!idev->cnf.forwarding,
589 /*solicited=*/ false, /*override=*/ true,
590 /*inc_opt=*/ true);
591 }
592 read_unlock_bh(&idev->lock);
593
594 in6_dev_put(idev);
595 }
596
597 void ndisc_send_ns(struct net_device *dev, const struct in6_addr *solicit,
598 const struct in6_addr *daddr, const struct in6_addr *saddr,
599 u64 nonce)
600 {
601 struct sk_buff *skb;
602 struct in6_addr addr_buf;
603 int inc_opt = dev->addr_len;
604 int optlen = 0;
605 struct nd_msg *msg;
606
607 if (!saddr) {
608 if (ipv6_get_lladdr(dev, &addr_buf,
609 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
610 return;
611 saddr = &addr_buf;
612 }
613
614 if (ipv6_addr_any(saddr))
615 inc_opt = false;
616 if (inc_opt)
617 optlen += ndisc_opt_addr_space(dev,
618 NDISC_NEIGHBOUR_SOLICITATION);
619 if (nonce != 0)
620 optlen += 8;
621
622 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
623 if (!skb)
624 return;
625
626 msg = skb_put(skb, sizeof(*msg));
627 *msg = (struct nd_msg) {
628 .icmph = {
629 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
630 },
631 .target = *solicit,
632 };
633
634 if (inc_opt)
635 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
636 dev->dev_addr,
637 NDISC_NEIGHBOUR_SOLICITATION);
638 if (nonce != 0) {
639 u8 *opt = skb_put(skb, 8);
640
641 opt[0] = ND_OPT_NONCE;
642 opt[1] = 8 >> 3;
643 memcpy(opt + 2, &nonce, 6);
644 }
645
646 ndisc_send_skb(skb, daddr, saddr);
647 }
648
649 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
650 const struct in6_addr *daddr)
651 {
652 struct sk_buff *skb;
653 struct rs_msg *msg;
654 int send_sllao = dev->addr_len;
655 int optlen = 0;
656
657 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
658 /*
659 * According to section 2.2 of RFC 4429, we must not
660 * send router solicitations with a sllao from
661 * optimistic addresses, but we may send the solicitation
662 * if we don't include the sllao. So here we check
663 * if our address is optimistic, and if so, we
664 * suppress the inclusion of the sllao.
665 */
666 if (send_sllao) {
667 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
668 dev, 1);
669 if (ifp) {
670 if (ifp->flags & IFA_F_OPTIMISTIC) {
671 send_sllao = 0;
672 }
673 in6_ifa_put(ifp);
674 } else {
675 send_sllao = 0;
676 }
677 }
678 #endif
679 if (send_sllao)
680 optlen += ndisc_opt_addr_space(dev, NDISC_ROUTER_SOLICITATION);
681
682 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
683 if (!skb)
684 return;
685
686 msg = skb_put(skb, sizeof(*msg));
687 *msg = (struct rs_msg) {
688 .icmph = {
689 .icmp6_type = NDISC_ROUTER_SOLICITATION,
690 },
691 };
692
693 if (send_sllao)
694 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
695 dev->dev_addr,
696 NDISC_ROUTER_SOLICITATION);
697
698 ndisc_send_skb(skb, daddr, saddr);
699 }
700
701
702 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
703 {
704 /*
705 * "The sender MUST return an ICMP
706 * destination unreachable"
707 */
708 dst_link_failure(skb);
709 kfree_skb(skb);
710 }
711
712 /* Called with locked neigh: either read or both */
713
714 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
715 {
716 struct in6_addr *saddr = NULL;
717 struct in6_addr mcaddr;
718 struct net_device *dev = neigh->dev;
719 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
720 int probes = atomic_read(&neigh->probes);
721
722 if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
723 dev, false, 1,
724 IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
725 saddr = &ipv6_hdr(skb)->saddr;
726 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
727 if (probes < 0) {
728 if (!(neigh->nud_state & NUD_VALID)) {
729 ND_PRINTK(1, dbg,
730 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
731 __func__, target);
732 }
733 ndisc_send_ns(dev, target, target, saddr, 0);
734 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
735 neigh_app_ns(neigh);
736 } else {
737 addrconf_addr_solict_mult(target, &mcaddr);
738 ndisc_send_ns(dev, target, &mcaddr, saddr, 0);
739 }
740 }
741
742 static int pndisc_is_router(const void *pkey,
743 struct net_device *dev)
744 {
745 struct pneigh_entry *n;
746 int ret = -1;
747
748 read_lock_bh(&nd_tbl.lock);
749 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
750 if (n)
751 ret = !!(n->flags & NTF_ROUTER);
752 read_unlock_bh(&nd_tbl.lock);
753
754 return ret;
755 }
756
757 void ndisc_update(const struct net_device *dev, struct neighbour *neigh,
758 const u8 *lladdr, u8 new, u32 flags, u8 icmp6_type,
759 struct ndisc_options *ndopts)
760 {
761 neigh_update(neigh, lladdr, new, flags, 0);
762 /* report ndisc ops about neighbour update */
763 ndisc_ops_update(dev, neigh, flags, icmp6_type, ndopts);
764 }
765
766 static void ndisc_recv_ns(struct sk_buff *skb)
767 {
768 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
769 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
770 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
771 u8 *lladdr = NULL;
772 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
773 offsetof(struct nd_msg, opt));
774 struct ndisc_options ndopts;
775 struct net_device *dev = skb->dev;
776 struct inet6_ifaddr *ifp;
777 struct inet6_dev *idev = NULL;
778 struct neighbour *neigh;
779 int dad = ipv6_addr_any(saddr);
780 bool inc;
781 int is_router = -1;
782 u64 nonce = 0;
783
784 if (skb->len < sizeof(struct nd_msg)) {
785 ND_PRINTK(2, warn, "NS: packet too short\n");
786 return;
787 }
788
789 if (ipv6_addr_is_multicast(&msg->target)) {
790 ND_PRINTK(2, warn, "NS: multicast target address\n");
791 return;
792 }
793
794 /*
795 * RFC2461 7.1.1:
796 * DAD has to be destined for solicited node multicast address.
797 */
798 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
799 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
800 return;
801 }
802
803 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
804 ND_PRINTK(2, warn, "NS: invalid ND options\n");
805 return;
806 }
807
808 if (ndopts.nd_opts_src_lladdr) {
809 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
810 if (!lladdr) {
811 ND_PRINTK(2, warn,
812 "NS: invalid link-layer address length\n");
813 return;
814 }
815
816 /* RFC2461 7.1.1:
817 * If the IP source address is the unspecified address,
818 * there MUST NOT be source link-layer address option
819 * in the message.
820 */
821 if (dad) {
822 ND_PRINTK(2, warn,
823 "NS: bad DAD packet (link-layer address option)\n");
824 return;
825 }
826 }
827 if (ndopts.nd_opts_nonce && ndopts.nd_opts_nonce->nd_opt_len == 1)
828 memcpy(&nonce, (u8 *)(ndopts.nd_opts_nonce + 1), 6);
829
830 inc = ipv6_addr_is_multicast(daddr);
831
832 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
833 if (ifp) {
834 have_ifp:
835 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
836 if (dad) {
837 if (nonce != 0 && ifp->dad_nonce == nonce) {
838 u8 *np = (u8 *)&nonce;
839 /* Matching nonce if looped back */
840 ND_PRINTK(2, notice,
841 "%s: IPv6 DAD loopback for address %pI6c nonce %pM ignored\n",
842 ifp->idev->dev->name,
843 &ifp->addr, np);
844 goto out;
845 }
846 /*
847 * We are colliding with another node
848 * who is doing DAD
849 * so fail our DAD process
850 */
851 addrconf_dad_failure(skb, ifp);
852 return;
853 } else {
854 /*
855 * This is not a dad solicitation.
856 * If we are an optimistic node,
857 * we should respond.
858 * Otherwise, we should ignore it.
859 */
860 if (!(ifp->flags & IFA_F_OPTIMISTIC))
861 goto out;
862 }
863 }
864
865 idev = ifp->idev;
866 } else {
867 struct net *net = dev_net(dev);
868
869 /* perhaps an address on the master device */
870 if (netif_is_l3_slave(dev)) {
871 struct net_device *mdev;
872
873 mdev = netdev_master_upper_dev_get_rcu(dev);
874 if (mdev) {
875 ifp = ipv6_get_ifaddr(net, &msg->target, mdev, 1);
876 if (ifp)
877 goto have_ifp;
878 }
879 }
880
881 idev = in6_dev_get(dev);
882 if (!idev) {
883 /* XXX: count this drop? */
884 return;
885 }
886
887 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
888 (idev->cnf.forwarding &&
889 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
890 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
891 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
892 skb->pkt_type != PACKET_HOST &&
893 inc &&
894 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
895 /*
896 * for anycast or proxy,
897 * sender should delay its response
898 * by a random time between 0 and
899 * MAX_ANYCAST_DELAY_TIME seconds.
900 * (RFC2461) -- yoshfuji
901 */
902 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
903 if (n)
904 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
905 goto out;
906 }
907 } else
908 goto out;
909 }
910
911 if (is_router < 0)
912 is_router = idev->cnf.forwarding;
913
914 if (dad) {
915 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &msg->target,
916 !!is_router, false, (ifp != NULL), true);
917 goto out;
918 }
919
920 if (inc)
921 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
922 else
923 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
924
925 /*
926 * update / create cache entry
927 * for the source address
928 */
929 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
930 !inc || lladdr || !dev->addr_len);
931 if (neigh)
932 ndisc_update(dev, neigh, lladdr, NUD_STALE,
933 NEIGH_UPDATE_F_WEAK_OVERRIDE|
934 NEIGH_UPDATE_F_OVERRIDE,
935 NDISC_NEIGHBOUR_SOLICITATION, &ndopts);
936 if (neigh || !dev->header_ops) {
937 ndisc_send_na(dev, saddr, &msg->target, !!is_router,
938 true, (ifp != NULL && inc), inc);
939 if (neigh)
940 neigh_release(neigh);
941 }
942
943 out:
944 if (ifp)
945 in6_ifa_put(ifp);
946 else
947 in6_dev_put(idev);
948 }
949
950 static void ndisc_recv_na(struct sk_buff *skb)
951 {
952 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
953 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
954 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
955 u8 *lladdr = NULL;
956 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
957 offsetof(struct nd_msg, opt));
958 struct ndisc_options ndopts;
959 struct net_device *dev = skb->dev;
960 struct inet6_dev *idev = __in6_dev_get(dev);
961 struct inet6_ifaddr *ifp;
962 struct neighbour *neigh;
963
964 if (skb->len < sizeof(struct nd_msg)) {
965 ND_PRINTK(2, warn, "NA: packet too short\n");
966 return;
967 }
968
969 if (ipv6_addr_is_multicast(&msg->target)) {
970 ND_PRINTK(2, warn, "NA: target address is multicast\n");
971 return;
972 }
973
974 if (ipv6_addr_is_multicast(daddr) &&
975 msg->icmph.icmp6_solicited) {
976 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
977 return;
978 }
979
980 /* For some 802.11 wireless deployments (and possibly other networks),
981 * there will be a NA proxy and unsolicitd packets are attacks
982 * and thus should not be accepted.
983 */
984 if (!msg->icmph.icmp6_solicited && idev &&
985 idev->cnf.drop_unsolicited_na)
986 return;
987
988 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
989 ND_PRINTK(2, warn, "NS: invalid ND option\n");
990 return;
991 }
992 if (ndopts.nd_opts_tgt_lladdr) {
993 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
994 if (!lladdr) {
995 ND_PRINTK(2, warn,
996 "NA: invalid link-layer address length\n");
997 return;
998 }
999 }
1000 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
1001 if (ifp) {
1002 if (skb->pkt_type != PACKET_LOOPBACK
1003 && (ifp->flags & IFA_F_TENTATIVE)) {
1004 addrconf_dad_failure(skb, ifp);
1005 return;
1006 }
1007 /* What should we make now? The advertisement
1008 is invalid, but ndisc specs say nothing
1009 about it. It could be misconfiguration, or
1010 an smart proxy agent tries to help us :-)
1011
1012 We should not print the error if NA has been
1013 received from loopback - it is just our own
1014 unsolicited advertisement.
1015 */
1016 if (skb->pkt_type != PACKET_LOOPBACK)
1017 ND_PRINTK(1, warn,
1018 "NA: %pM advertised our address %pI6c on %s!\n",
1019 eth_hdr(skb)->h_source, &ifp->addr, ifp->idev->dev->name);
1020 in6_ifa_put(ifp);
1021 return;
1022 }
1023 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
1024
1025 if (neigh) {
1026 u8 old_flags = neigh->flags;
1027 struct net *net = dev_net(dev);
1028
1029 if (neigh->nud_state & NUD_FAILED)
1030 goto out;
1031
1032 /*
1033 * Don't update the neighbor cache entry on a proxy NA from
1034 * ourselves because either the proxied node is off link or it
1035 * has already sent a NA to us.
1036 */
1037 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
1038 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
1039 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
1040 /* XXX: idev->cnf.proxy_ndp */
1041 goto out;
1042 }
1043
1044 ndisc_update(dev, neigh, lladdr,
1045 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
1046 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1047 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
1048 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1049 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0),
1050 NDISC_NEIGHBOUR_ADVERTISEMENT, &ndopts);
1051
1052 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
1053 /*
1054 * Change: router to host
1055 */
1056 rt6_clean_tohost(dev_net(dev), saddr);
1057 }
1058
1059 out:
1060 neigh_release(neigh);
1061 }
1062 }
1063
1064 static void ndisc_recv_rs(struct sk_buff *skb)
1065 {
1066 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1067 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1068 struct neighbour *neigh;
1069 struct inet6_dev *idev;
1070 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1071 struct ndisc_options ndopts;
1072 u8 *lladdr = NULL;
1073
1074 if (skb->len < sizeof(*rs_msg))
1075 return;
1076
1077 idev = __in6_dev_get(skb->dev);
1078 if (!idev) {
1079 ND_PRINTK(1, err, "RS: can't find in6 device\n");
1080 return;
1081 }
1082
1083 /* Don't accept RS if we're not in router mode */
1084 if (!idev->cnf.forwarding)
1085 goto out;
1086
1087 /*
1088 * Don't update NCE if src = ::;
1089 * this implies that the source node has no ip address assigned yet.
1090 */
1091 if (ipv6_addr_any(saddr))
1092 goto out;
1093
1094 /* Parse ND options */
1095 if (!ndisc_parse_options(skb->dev, rs_msg->opt, ndoptlen, &ndopts)) {
1096 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
1097 goto out;
1098 }
1099
1100 if (ndopts.nd_opts_src_lladdr) {
1101 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1102 skb->dev);
1103 if (!lladdr)
1104 goto out;
1105 }
1106
1107 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1108 if (neigh) {
1109 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1110 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1111 NEIGH_UPDATE_F_OVERRIDE|
1112 NEIGH_UPDATE_F_OVERRIDE_ISROUTER,
1113 NDISC_ROUTER_SOLICITATION, &ndopts);
1114 neigh_release(neigh);
1115 }
1116 out:
1117 return;
1118 }
1119
1120 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1121 {
1122 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1123 struct sk_buff *skb;
1124 struct nlmsghdr *nlh;
1125 struct nduseroptmsg *ndmsg;
1126 struct net *net = dev_net(ra->dev);
1127 int err;
1128 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1129 + (opt->nd_opt_len << 3));
1130 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1131
1132 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1133 if (!skb) {
1134 err = -ENOBUFS;
1135 goto errout;
1136 }
1137
1138 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1139 if (!nlh) {
1140 goto nla_put_failure;
1141 }
1142
1143 ndmsg = nlmsg_data(nlh);
1144 ndmsg->nduseropt_family = AF_INET6;
1145 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1146 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1147 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1148 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1149
1150 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1151
1152 if (nla_put_in6_addr(skb, NDUSEROPT_SRCADDR, &ipv6_hdr(ra)->saddr))
1153 goto nla_put_failure;
1154 nlmsg_end(skb, nlh);
1155
1156 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1157 return;
1158
1159 nla_put_failure:
1160 nlmsg_free(skb);
1161 err = -EMSGSIZE;
1162 errout:
1163 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1164 }
1165
1166 static void ndisc_router_discovery(struct sk_buff *skb)
1167 {
1168 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1169 struct neighbour *neigh = NULL;
1170 struct inet6_dev *in6_dev;
1171 struct fib6_info *rt = NULL;
1172 struct net *net;
1173 int lifetime;
1174 struct ndisc_options ndopts;
1175 int optlen;
1176 unsigned int pref = 0;
1177 __u32 old_if_flags;
1178 bool send_ifinfo_notify = false;
1179
1180 __u8 *opt = (__u8 *)(ra_msg + 1);
1181
1182 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1183 sizeof(struct ra_msg);
1184
1185 ND_PRINTK(2, info,
1186 "RA: %s, dev: %s\n",
1187 __func__, skb->dev->name);
1188 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1189 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1190 return;
1191 }
1192 if (optlen < 0) {
1193 ND_PRINTK(2, warn, "RA: packet too short\n");
1194 return;
1195 }
1196
1197 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1198 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1199 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1200 return;
1201 }
1202 #endif
1203
1204 /*
1205 * set the RA_RECV flag in the interface
1206 */
1207
1208 in6_dev = __in6_dev_get(skb->dev);
1209 if (!in6_dev) {
1210 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1211 skb->dev->name);
1212 return;
1213 }
1214
1215 if (!ndisc_parse_options(skb->dev, opt, optlen, &ndopts)) {
1216 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1217 return;
1218 }
1219
1220 if (!ipv6_accept_ra(in6_dev)) {
1221 ND_PRINTK(2, info,
1222 "RA: %s, did not accept ra for dev: %s\n",
1223 __func__, skb->dev->name);
1224 goto skip_linkparms;
1225 }
1226
1227 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1228 /* skip link-specific parameters from interior routers */
1229 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1230 ND_PRINTK(2, info,
1231 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1232 __func__, skb->dev->name);
1233 goto skip_linkparms;
1234 }
1235 #endif
1236
1237 if (in6_dev->if_flags & IF_RS_SENT) {
1238 /*
1239 * flag that an RA was received after an RS was sent
1240 * out on this interface.
1241 */
1242 in6_dev->if_flags |= IF_RA_RCVD;
1243 }
1244
1245 /*
1246 * Remember the managed/otherconf flags from most recently
1247 * received RA message (RFC 2462) -- yoshfuji
1248 */
1249 old_if_flags = in6_dev->if_flags;
1250 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1251 IF_RA_OTHERCONF)) |
1252 (ra_msg->icmph.icmp6_addrconf_managed ?
1253 IF_RA_MANAGED : 0) |
1254 (ra_msg->icmph.icmp6_addrconf_other ?
1255 IF_RA_OTHERCONF : 0);
1256
1257 if (old_if_flags != in6_dev->if_flags)
1258 send_ifinfo_notify = true;
1259
1260 if (!in6_dev->cnf.accept_ra_defrtr) {
1261 ND_PRINTK(2, info,
1262 "RA: %s, defrtr is false for dev: %s\n",
1263 __func__, skb->dev->name);
1264 goto skip_defrtr;
1265 }
1266
1267 /* Do not accept RA with source-addr found on local machine unless
1268 * accept_ra_from_local is set to true.
1269 */
1270 net = dev_net(in6_dev->dev);
1271 if (!in6_dev->cnf.accept_ra_from_local &&
1272 ipv6_chk_addr(net, &ipv6_hdr(skb)->saddr, in6_dev->dev, 0)) {
1273 ND_PRINTK(2, info,
1274 "RA from local address detected on dev: %s: default router ignored\n",
1275 skb->dev->name);
1276 goto skip_defrtr;
1277 }
1278
1279 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1280
1281 #ifdef CONFIG_IPV6_ROUTER_PREF
1282 pref = ra_msg->icmph.icmp6_router_pref;
1283 /* 10b is handled as if it were 00b (medium) */
1284 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1285 !in6_dev->cnf.accept_ra_rtr_pref)
1286 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1287 #endif
1288 /* routes added from RAs do not use nexthop objects */
1289 rt = rt6_get_dflt_router(net, &ipv6_hdr(skb)->saddr, skb->dev);
1290 if (rt) {
1291 neigh = ip6_neigh_lookup(&rt->fib6_nh->fib_nh_gw6,
1292 rt->fib6_nh->fib_nh_dev, NULL,
1293 &ipv6_hdr(skb)->saddr);
1294 if (!neigh) {
1295 ND_PRINTK(0, err,
1296 "RA: %s got default router without neighbour\n",
1297 __func__);
1298 fib6_info_release(rt);
1299 return;
1300 }
1301 }
1302 if (rt && lifetime == 0) {
1303 ip6_del_rt(net, rt);
1304 rt = NULL;
1305 }
1306
1307 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1308 rt, lifetime, skb->dev->name);
1309 if (!rt && lifetime) {
1310 ND_PRINTK(3, info, "RA: adding default router\n");
1311
1312 rt = rt6_add_dflt_router(net, &ipv6_hdr(skb)->saddr,
1313 skb->dev, pref);
1314 if (!rt) {
1315 ND_PRINTK(0, err,
1316 "RA: %s failed to add default route\n",
1317 __func__);
1318 return;
1319 }
1320
1321 neigh = ip6_neigh_lookup(&rt->fib6_nh->fib_nh_gw6,
1322 rt->fib6_nh->fib_nh_dev, NULL,
1323 &ipv6_hdr(skb)->saddr);
1324 if (!neigh) {
1325 ND_PRINTK(0, err,
1326 "RA: %s got default router without neighbour\n",
1327 __func__);
1328 fib6_info_release(rt);
1329 return;
1330 }
1331 neigh->flags |= NTF_ROUTER;
1332 } else if (rt) {
1333 rt->fib6_flags = (rt->fib6_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1334 }
1335
1336 if (rt)
1337 fib6_set_expires(rt, jiffies + (HZ * lifetime));
1338 if (in6_dev->cnf.accept_ra_min_hop_limit < 256 &&
1339 ra_msg->icmph.icmp6_hop_limit) {
1340 if (in6_dev->cnf.accept_ra_min_hop_limit <= ra_msg->icmph.icmp6_hop_limit) {
1341 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1342 fib6_metric_set(rt, RTAX_HOPLIMIT,
1343 ra_msg->icmph.icmp6_hop_limit);
1344 } else {
1345 ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than minimum\n");
1346 }
1347 }
1348
1349 skip_defrtr:
1350
1351 /*
1352 * Update Reachable Time and Retrans Timer
1353 */
1354
1355 if (in6_dev->nd_parms) {
1356 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1357
1358 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1359 rtime = (rtime*HZ)/1000;
1360 if (rtime < HZ/10)
1361 rtime = HZ/10;
1362 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1363 in6_dev->tstamp = jiffies;
1364 send_ifinfo_notify = true;
1365 }
1366
1367 rtime = ntohl(ra_msg->reachable_time);
1368 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1369 rtime = (rtime*HZ)/1000;
1370
1371 if (rtime < HZ/10)
1372 rtime = HZ/10;
1373
1374 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1375 NEIGH_VAR_SET(in6_dev->nd_parms,
1376 BASE_REACHABLE_TIME, rtime);
1377 NEIGH_VAR_SET(in6_dev->nd_parms,
1378 GC_STALETIME, 3 * rtime);
1379 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1380 in6_dev->tstamp = jiffies;
1381 send_ifinfo_notify = true;
1382 }
1383 }
1384 }
1385
1386 /*
1387 * Send a notify if RA changed managed/otherconf flags or timer settings
1388 */
1389 if (send_ifinfo_notify)
1390 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1391
1392 skip_linkparms:
1393
1394 /*
1395 * Process options.
1396 */
1397
1398 if (!neigh)
1399 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1400 skb->dev, 1);
1401 if (neigh) {
1402 u8 *lladdr = NULL;
1403 if (ndopts.nd_opts_src_lladdr) {
1404 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1405 skb->dev);
1406 if (!lladdr) {
1407 ND_PRINTK(2, warn,
1408 "RA: invalid link-layer address length\n");
1409 goto out;
1410 }
1411 }
1412 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1413 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1414 NEIGH_UPDATE_F_OVERRIDE|
1415 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1416 NEIGH_UPDATE_F_ISROUTER,
1417 NDISC_ROUTER_ADVERTISEMENT, &ndopts);
1418 }
1419
1420 if (!ipv6_accept_ra(in6_dev)) {
1421 ND_PRINTK(2, info,
1422 "RA: %s, accept_ra is false for dev: %s\n",
1423 __func__, skb->dev->name);
1424 goto out;
1425 }
1426
1427 #ifdef CONFIG_IPV6_ROUTE_INFO
1428 if (!in6_dev->cnf.accept_ra_from_local &&
1429 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1430 in6_dev->dev, 0)) {
1431 ND_PRINTK(2, info,
1432 "RA from local address detected on dev: %s: router info ignored.\n",
1433 skb->dev->name);
1434 goto skip_routeinfo;
1435 }
1436
1437 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1438 struct nd_opt_hdr *p;
1439 for (p = ndopts.nd_opts_ri;
1440 p;
1441 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1442 struct route_info *ri = (struct route_info *)p;
1443 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1444 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1445 ri->prefix_len == 0)
1446 continue;
1447 #endif
1448 if (ri->prefix_len == 0 &&
1449 !in6_dev->cnf.accept_ra_defrtr)
1450 continue;
1451 if (ri->prefix_len < in6_dev->cnf.accept_ra_rt_info_min_plen)
1452 continue;
1453 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1454 continue;
1455 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1456 &ipv6_hdr(skb)->saddr);
1457 }
1458 }
1459
1460 skip_routeinfo:
1461 #endif
1462
1463 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1464 /* skip link-specific ndopts from interior routers */
1465 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1466 ND_PRINTK(2, info,
1467 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1468 __func__, skb->dev->name);
1469 goto out;
1470 }
1471 #endif
1472
1473 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1474 struct nd_opt_hdr *p;
1475 for (p = ndopts.nd_opts_pi;
1476 p;
1477 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1478 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1479 (p->nd_opt_len) << 3,
1480 ndopts.nd_opts_src_lladdr != NULL);
1481 }
1482 }
1483
1484 if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1485 __be32 n;
1486 u32 mtu;
1487
1488 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1489 mtu = ntohl(n);
1490
1491 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1492 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1493 } else if (in6_dev->cnf.mtu6 != mtu) {
1494 in6_dev->cnf.mtu6 = mtu;
1495 fib6_metric_set(rt, RTAX_MTU, mtu);
1496 rt6_mtu_change(skb->dev, mtu);
1497 }
1498 }
1499
1500 if (ndopts.nd_useropts) {
1501 struct nd_opt_hdr *p;
1502 for (p = ndopts.nd_useropts;
1503 p;
1504 p = ndisc_next_useropt(skb->dev, p,
1505 ndopts.nd_useropts_end)) {
1506 ndisc_ra_useropt(skb, p);
1507 }
1508 }
1509
1510 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1511 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1512 }
1513 out:
1514 fib6_info_release(rt);
1515 if (neigh)
1516 neigh_release(neigh);
1517 }
1518
1519 static void ndisc_redirect_rcv(struct sk_buff *skb)
1520 {
1521 u8 *hdr;
1522 struct ndisc_options ndopts;
1523 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1524 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1525 offsetof(struct rd_msg, opt));
1526
1527 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1528 switch (skb->ndisc_nodetype) {
1529 case NDISC_NODETYPE_HOST:
1530 case NDISC_NODETYPE_NODEFAULT:
1531 ND_PRINTK(2, warn,
1532 "Redirect: from host or unauthorized router\n");
1533 return;
1534 }
1535 #endif
1536
1537 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1538 ND_PRINTK(2, warn,
1539 "Redirect: source address is not link-local\n");
1540 return;
1541 }
1542
1543 if (!ndisc_parse_options(skb->dev, msg->opt, ndoptlen, &ndopts))
1544 return;
1545
1546 if (!ndopts.nd_opts_rh) {
1547 ip6_redirect_no_header(skb, dev_net(skb->dev),
1548 skb->dev->ifindex);
1549 return;
1550 }
1551
1552 hdr = (u8 *)ndopts.nd_opts_rh;
1553 hdr += 8;
1554 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1555 return;
1556
1557 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1558 }
1559
1560 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1561 struct sk_buff *orig_skb,
1562 int rd_len)
1563 {
1564 u8 *opt = skb_put(skb, rd_len);
1565
1566 memset(opt, 0, 8);
1567 *(opt++) = ND_OPT_REDIRECT_HDR;
1568 *(opt++) = (rd_len >> 3);
1569 opt += 6;
1570
1571 skb_copy_bits(orig_skb, skb_network_offset(orig_skb), opt,
1572 rd_len - 8);
1573 }
1574
1575 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1576 {
1577 struct net_device *dev = skb->dev;
1578 struct net *net = dev_net(dev);
1579 struct sock *sk = net->ipv6.ndisc_sk;
1580 int optlen = 0;
1581 struct inet_peer *peer;
1582 struct sk_buff *buff;
1583 struct rd_msg *msg;
1584 struct in6_addr saddr_buf;
1585 struct rt6_info *rt;
1586 struct dst_entry *dst;
1587 struct flowi6 fl6;
1588 int rd_len;
1589 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL,
1590 ops_data_buf[NDISC_OPS_REDIRECT_DATA_SPACE], *ops_data = NULL;
1591 bool ret;
1592
1593 if (netif_is_l3_master(skb->dev)) {
1594 dev = __dev_get_by_index(dev_net(skb->dev), IPCB(skb)->iif);
1595 if (!dev)
1596 return;
1597 }
1598
1599 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1600 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1601 dev->name);
1602 return;
1603 }
1604
1605 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1606 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1607 ND_PRINTK(2, warn,
1608 "Redirect: target address is not link-local unicast\n");
1609 return;
1610 }
1611
1612 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1613 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1614
1615 dst = ip6_route_output(net, NULL, &fl6);
1616 if (dst->error) {
1617 dst_release(dst);
1618 return;
1619 }
1620 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1621 if (IS_ERR(dst))
1622 return;
1623
1624 rt = (struct rt6_info *) dst;
1625
1626 if (rt->rt6i_flags & RTF_GATEWAY) {
1627 ND_PRINTK(2, warn,
1628 "Redirect: destination is not a neighbour\n");
1629 goto release;
1630 }
1631 peer = inet_getpeer_v6(net->ipv6.peers, &ipv6_hdr(skb)->saddr, 1);
1632 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1633 if (peer)
1634 inet_putpeer(peer);
1635 if (!ret)
1636 goto release;
1637
1638 if (dev->addr_len) {
1639 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1640 if (!neigh) {
1641 ND_PRINTK(2, warn,
1642 "Redirect: no neigh for target address\n");
1643 goto release;
1644 }
1645
1646 read_lock_bh(&neigh->lock);
1647 if (neigh->nud_state & NUD_VALID) {
1648 memcpy(ha_buf, neigh->ha, dev->addr_len);
1649 read_unlock_bh(&neigh->lock);
1650 ha = ha_buf;
1651 optlen += ndisc_redirect_opt_addr_space(dev, neigh,
1652 ops_data_buf,
1653 &ops_data);
1654 } else
1655 read_unlock_bh(&neigh->lock);
1656
1657 neigh_release(neigh);
1658 }
1659
1660 rd_len = min_t(unsigned int,
1661 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1662 skb->len + 8);
1663 rd_len &= ~0x7;
1664 optlen += rd_len;
1665
1666 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1667 if (!buff)
1668 goto release;
1669
1670 msg = skb_put(buff, sizeof(*msg));
1671 *msg = (struct rd_msg) {
1672 .icmph = {
1673 .icmp6_type = NDISC_REDIRECT,
1674 },
1675 .target = *target,
1676 .dest = ipv6_hdr(skb)->daddr,
1677 };
1678
1679 /*
1680 * include target_address option
1681 */
1682
1683 if (ha)
1684 ndisc_fill_redirect_addr_option(buff, ha, ops_data);
1685
1686 /*
1687 * build redirect option and copy skb over to the new packet.
1688 */
1689
1690 if (rd_len)
1691 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1692
1693 skb_dst_set(buff, dst);
1694 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1695 return;
1696
1697 release:
1698 dst_release(dst);
1699 }
1700
1701 static void pndisc_redo(struct sk_buff *skb)
1702 {
1703 ndisc_recv_ns(skb);
1704 kfree_skb(skb);
1705 }
1706
1707 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1708 {
1709 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1710
1711 if (!idev)
1712 return true;
1713 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1714 idev->cnf.suppress_frag_ndisc) {
1715 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1716 return true;
1717 }
1718 return false;
1719 }
1720
1721 int ndisc_rcv(struct sk_buff *skb)
1722 {
1723 struct nd_msg *msg;
1724
1725 if (ndisc_suppress_frag_ndisc(skb))
1726 return 0;
1727
1728 if (skb_linearize(skb))
1729 return 0;
1730
1731 msg = (struct nd_msg *)skb_transport_header(skb);
1732
1733 __skb_push(skb, skb->data - skb_transport_header(skb));
1734
1735 if (ipv6_hdr(skb)->hop_limit != 255) {
1736 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1737 ipv6_hdr(skb)->hop_limit);
1738 return 0;
1739 }
1740
1741 if (msg->icmph.icmp6_code != 0) {
1742 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1743 msg->icmph.icmp6_code);
1744 return 0;
1745 }
1746
1747 switch (msg->icmph.icmp6_type) {
1748 case NDISC_NEIGHBOUR_SOLICITATION:
1749 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1750 ndisc_recv_ns(skb);
1751 break;
1752
1753 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1754 ndisc_recv_na(skb);
1755 break;
1756
1757 case NDISC_ROUTER_SOLICITATION:
1758 ndisc_recv_rs(skb);
1759 break;
1760
1761 case NDISC_ROUTER_ADVERTISEMENT:
1762 ndisc_router_discovery(skb);
1763 break;
1764
1765 case NDISC_REDIRECT:
1766 ndisc_redirect_rcv(skb);
1767 break;
1768 }
1769
1770 return 0;
1771 }
1772
1773 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1774 {
1775 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1776 struct netdev_notifier_change_info *change_info;
1777 struct net *net = dev_net(dev);
1778 struct inet6_dev *idev;
1779
1780 switch (event) {
1781 case NETDEV_CHANGEADDR:
1782 neigh_changeaddr(&nd_tbl, dev);
1783 fib6_run_gc(0, net, false);
1784 /* fallthrough */
1785 case NETDEV_UP:
1786 idev = in6_dev_get(dev);
1787 if (!idev)
1788 break;
1789 if (idev->cnf.ndisc_notify ||
1790 net->ipv6.devconf_all->ndisc_notify)
1791 ndisc_send_unsol_na(dev);
1792 in6_dev_put(idev);
1793 break;
1794 case NETDEV_CHANGE:
1795 change_info = ptr;
1796 if (change_info->flags_changed & IFF_NOARP)
1797 neigh_changeaddr(&nd_tbl, dev);
1798 if (!netif_carrier_ok(dev))
1799 neigh_carrier_down(&nd_tbl, dev);
1800 break;
1801 case NETDEV_DOWN:
1802 neigh_ifdown(&nd_tbl, dev);
1803 fib6_run_gc(0, net, false);
1804 break;
1805 case NETDEV_NOTIFY_PEERS:
1806 ndisc_send_unsol_na(dev);
1807 break;
1808 default:
1809 break;
1810 }
1811
1812 return NOTIFY_DONE;
1813 }
1814
1815 static struct notifier_block ndisc_netdev_notifier = {
1816 .notifier_call = ndisc_netdev_event,
1817 .priority = ADDRCONF_NOTIFY_PRIORITY - 5,
1818 };
1819
1820 #ifdef CONFIG_SYSCTL
1821 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1822 const char *func, const char *dev_name)
1823 {
1824 static char warncomm[TASK_COMM_LEN];
1825 static int warned;
1826 if (strcmp(warncomm, current->comm) && warned < 5) {
1827 strcpy(warncomm, current->comm);
1828 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1829 warncomm, func,
1830 dev_name, ctl->procname,
1831 dev_name, ctl->procname);
1832 warned++;
1833 }
1834 }
1835
1836 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1837 {
1838 struct net_device *dev = ctl->extra1;
1839 struct inet6_dev *idev;
1840 int ret;
1841
1842 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1843 (strcmp(ctl->procname, "base_reachable_time") == 0))
1844 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1845
1846 if (strcmp(ctl->procname, "retrans_time") == 0)
1847 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1848
1849 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1850 ret = neigh_proc_dointvec_jiffies(ctl, write,
1851 buffer, lenp, ppos);
1852
1853 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1854 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1855 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1856 buffer, lenp, ppos);
1857 else
1858 ret = -1;
1859
1860 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1861 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1862 idev->nd_parms->reachable_time =
1863 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1864 idev->tstamp = jiffies;
1865 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1866 in6_dev_put(idev);
1867 }
1868 return ret;
1869 }
1870
1871
1872 #endif
1873
1874 static int __net_init ndisc_net_init(struct net *net)
1875 {
1876 struct ipv6_pinfo *np;
1877 struct sock *sk;
1878 int err;
1879
1880 err = inet_ctl_sock_create(&sk, PF_INET6,
1881 SOCK_RAW, IPPROTO_ICMPV6, net);
1882 if (err < 0) {
1883 ND_PRINTK(0, err,
1884 "NDISC: Failed to initialize the control socket (err %d)\n",
1885 err);
1886 return err;
1887 }
1888
1889 net->ipv6.ndisc_sk = sk;
1890
1891 np = inet6_sk(sk);
1892 np->hop_limit = 255;
1893 /* Do not loopback ndisc messages */
1894 np->mc_loop = 0;
1895
1896 return 0;
1897 }
1898
1899 static void __net_exit ndisc_net_exit(struct net *net)
1900 {
1901 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1902 }
1903
1904 static struct pernet_operations ndisc_net_ops = {
1905 .init = ndisc_net_init,
1906 .exit = ndisc_net_exit,
1907 };
1908
1909 int __init ndisc_init(void)
1910 {
1911 int err;
1912
1913 err = register_pernet_subsys(&ndisc_net_ops);
1914 if (err)
1915 return err;
1916 /*
1917 * Initialize the neighbour table
1918 */
1919 neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1920
1921 #ifdef CONFIG_SYSCTL
1922 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1923 ndisc_ifinfo_sysctl_change);
1924 if (err)
1925 goto out_unregister_pernet;
1926 out:
1927 #endif
1928 return err;
1929
1930 #ifdef CONFIG_SYSCTL
1931 out_unregister_pernet:
1932 unregister_pernet_subsys(&ndisc_net_ops);
1933 goto out;
1934 #endif
1935 }
1936
1937 int __init ndisc_late_init(void)
1938 {
1939 return register_netdevice_notifier(&ndisc_netdev_notifier);
1940 }
1941
1942 void ndisc_late_cleanup(void)
1943 {
1944 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1945 }
1946
1947 void ndisc_cleanup(void)
1948 {
1949 #ifdef CONFIG_SYSCTL
1950 neigh_sysctl_unregister(&nd_tbl.parms);
1951 #endif
1952 neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1953 unregister_pernet_subsys(&ndisc_net_ops);
1954 }
Ubuntu Eoan Linux kernel mirror