]> Git Repo - linux.git/blame - net/ipv6/ndisc.c
projects / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge tag 'for-linus-20180803' of git://git.kernel.dk/linux-block
[linux.git] / net / ipv6 / ndisc.c
CommitLineData
1da177e4
LT		 1/*
2 * Neighbour Discovery for IPv6
1ab1457c 3 * Linux INET6 implementation
1da177e4
LT		 4 *
5 * Authors:
1ab1457c 6 * Pedro Roque <[email protected]>
1da177e4
LT		 7 * Mike Shaver <[email protected]>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15/*
16 * Changes:
17 *
e35f30c1 18 * Alexey I. Froloff : RFC6106 (DNSSL) support
31910575
PY		 19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
1da177e4
LT		 21 * Lars Fenneberg : fixed MTU setting on receipt
22 * of an RA.
1da177e4
LT		 23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
28 */
29
675418d5 30#define pr_fmt(fmt) "ICMPv6: " fmt
1da177e4
LT		 31
32#include <linux/module.h>
1da177e4
LT		 33#include <linux/errno.h>
34#include <linux/types.h>
35#include <linux/socket.h>
36#include <linux/sockios.h>
37#include <linux/sched.h>
38#include <linux/net.h>
39#include <linux/in6.h>
40#include <linux/route.h>
41#include <linux/init.h>
42#include <linux/rcupdate.h>
5a0e3ad6 43#include <linux/slab.h>
1da177e4
LT		 44#ifdef CONFIG_SYSCTL
45#include <linux/sysctl.h>
46#endif
47
1823730f 48#include <linux/if_addr.h>
da13c59b 49#include <linux/if_ether.h>
1da177e4
LT		 50#include <linux/if_arp.h>
51#include <linux/ipv6.h>
52#include <linux/icmpv6.h>
53#include <linux/jhash.h>
54
55#include <net/sock.h>
56#include <net/snmp.h>
57
58#include <net/ipv6.h>
59#include <net/protocol.h>
60#include <net/ndisc.h>
61#include <net/ip6_route.h>
62#include <net/addrconf.h>
63#include <net/icmp.h>
64
31910575
PY		 65#include <net/netlink.h>
66#include <linux/rtnetlink.h>
67
1da177e4
LT		 68#include <net/flow.h>
69#include <net/ip6_checksum.h>
1ed8516f 70#include <net/inet_common.h>
1da177e4
LT		 71#include <linux/proc_fs.h>
72
73#include <linux/netfilter.h>
74#include <linux/netfilter_ipv6.h>
75
d6bf7817
ED		 76static u32 ndisc_hash(const void *pkey,
77 const struct net_device *dev,
2c2aba6c 78 __u32 *hash_rnd);
60395a20 79static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey);
1da177e4
LT		 80static int ndisc_constructor(struct neighbour *neigh);
81static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
82static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
83static int pndisc_constructor(struct pneigh_entry *n);
84static void pndisc_destructor(struct pneigh_entry *n);
85static void pndisc_redo(struct sk_buff *skb);
86
89d69d2b 87static const struct neigh_ops ndisc_generic_ops = {
1da177e4
LT		 88 .family = AF_INET6,
89 .solicit = ndisc_solicit,
90 .error_report = ndisc_error_report,
91 .output = neigh_resolve_output,
92 .connected_output = neigh_connected_output,
1da177e4
LT		 93};
94
89d69d2b 95static const struct neigh_ops ndisc_hh_ops = {
1da177e4
LT		 96 .family = AF_INET6,
97 .solicit = ndisc_solicit,
98 .error_report = ndisc_error_report,
99 .output = neigh_resolve_output,
100 .connected_output = neigh_resolve_output,
1da177e4
LT		 101};
102
103
89d69d2b 104static const struct neigh_ops ndisc_direct_ops = {
1da177e4 105 .family = AF_INET6,
8f40b161
DM		 106 .output = neigh_direct_output,
107 .connected_output = neigh_direct_output,
1da177e4
LT		 108};
109
110struct neigh_table nd_tbl = {
111 .family = AF_INET6,
1da177e4 112 .key_len = sizeof(struct in6_addr),
bdf53c58 113 .protocol = cpu_to_be16(ETH_P_IPV6),
1da177e4 114 .hash = ndisc_hash,
60395a20 115 .key_eq = ndisc_key_eq,
1da177e4
LT		 116 .constructor = ndisc_constructor,
117 .pconstructor = pndisc_constructor,
118 .pdestructor = pndisc_destructor,
119 .proxy_redo = pndisc_redo,
120 .id = "ndisc_cache",
121 .parms = {
b672083e 122 .tbl = &nd_tbl,
b672083e 123 .reachable_time = ND_REACHABLE_TIME,
1f9248e5
JP		 124 .data = {
125 [NEIGH_VAR_MCAST_PROBES] = 3,
126 [NEIGH_VAR_UCAST_PROBES] = 3,
127 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
128 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
129 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
130 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
eaa72dc4 131 [NEIGH_VAR_QUEUE_LEN_BYTES] = SK_WMEM_MAX,
1f9248e5
JP		 132 [NEIGH_VAR_PROXY_QLEN] = 64,
133 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
134 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
135 },
1da177e4
LT		 136 },
137 .gc_interval = 30 * HZ,
138 .gc_thresh1 = 128,
139 .gc_thresh2 = 512,
140 .gc_thresh3 = 1024,
141};
c4850687 142EXPORT_SYMBOL_GPL(nd_tbl);
1da177e4 143
cc84b3c6
AA		 144void __ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data,
145 int data_len, int pad)
1da177e4 146{
8ec5da41 147 int space = __ndisc_opt_addr_space(data_len, pad);
5f5a0115 148 u8 *opt = skb_put(skb, space);
1da177e4
LT		 149
150 opt[0] = type;
151 opt[1] = space>>3;
152
153 memset(opt + 2, 0, pad);
154 opt += pad;
155 space -= pad;
156
157 memcpy(opt+2, data, data_len);
158 data_len += 2;
159 opt += data_len;
e5d08d71
IM		 160 space -= data_len;
161 if (space > 0)
1da177e4 162 memset(opt, 0, space);
1da177e4 163}
cc84b3c6 164EXPORT_SYMBOL_GPL(__ndisc_fill_addr_option);
1da177e4 165
8ec5da41 166static inline void ndisc_fill_addr_option(struct sk_buff *skb, int type,
f997c55c 167 void *data, u8 icmp6_type)
8ec5da41
AA		 168{
169 __ndisc_fill_addr_option(skb, type, data, skb->dev->addr_len,
170 ndisc_addr_option_pad(skb->dev->type));
f997c55c
AA		 171 ndisc_ops_fill_addr_option(skb->dev, skb, icmp6_type);
172}
173
174static inline void ndisc_fill_redirect_addr_option(struct sk_buff *skb,
175 void *ha,
176 const u8 *ops_data)
177{
178 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR, ha, NDISC_REDIRECT);
179 ndisc_ops_fill_redirect_addr_option(skb->dev, skb, ops_data);
8ec5da41
AA		 180}
181
1da177e4
LT		 182static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
183 struct nd_opt_hdr *end)
184{
185 int type;
186 if (!cur || !end || cur >= end)
187 return NULL;
188 type = cur->nd_opt_type;
189 do {
190 cur = ((void *)cur) + (cur->nd_opt_len << 3);
67ba4152 191 } while (cur < end && cur->nd_opt_type != type);
a02cec21 192 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
1da177e4
LT		 193}
194
f997c55c
AA		 195static inline int ndisc_is_useropt(const struct net_device *dev,
196 struct nd_opt_hdr *opt)
31910575 197{
e35f30c1 198 return opt->nd_opt_type == ND_OPT_RDNSS ||
f997c55c
AA		 199 opt->nd_opt_type == ND_OPT_DNSSL ||
200 ndisc_ops_is_useropt(dev, opt->nd_opt_type);
31910575
PY		 201}
202
f997c55c
AA		 203static struct nd_opt_hdr *ndisc_next_useropt(const struct net_device *dev,
204 struct nd_opt_hdr *cur,
31910575
PY		 205 struct nd_opt_hdr *end)
206{
207 if (!cur || !end || cur >= end)
208 return NULL;
209 do {
210 cur = ((void *)cur) + (cur->nd_opt_len << 3);
f997c55c
AA		 211 } while (cur < end && !ndisc_is_useropt(dev, cur));
212 return cur <= end && ndisc_is_useropt(dev, cur) ? cur : NULL;
31910575
PY		 213}
214
f997c55c
AA		 215struct ndisc_options *ndisc_parse_options(const struct net_device *dev,
216 u8 *opt, int opt_len,
30f2a5f3 217 struct ndisc_options *ndopts)
1da177e4
LT		 218{
219 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
220
221 if (!nd_opt || opt_len < 0 || !ndopts)
222 return NULL;
223 memset(ndopts, 0, sizeof(*ndopts));
224 while (opt_len) {
225 int l;
226 if (opt_len < sizeof(struct nd_opt_hdr))
227 return NULL;
228 l = nd_opt->nd_opt_len << 3;
229 if (opt_len < l || l == 0)
230 return NULL;
f997c55c
AA		 231 if (ndisc_ops_parse_options(dev, nd_opt, ndopts))
232 goto next_opt;
1da177e4
LT		 233 switch (nd_opt->nd_opt_type) {
234 case ND_OPT_SOURCE_LL_ADDR:
235 case ND_OPT_TARGET_LL_ADDR:
236 case ND_OPT_MTU:
adc176c5 237 case ND_OPT_NONCE:
1da177e4
LT		 238 case ND_OPT_REDIRECT_HDR:
239 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
675418d5
JP		 240 ND_PRINTK(2, warn,
241 "%s: duplicated ND6 option found: type=%d\n",
242 __func__, nd_opt->nd_opt_type);
1da177e4
LT		 243 } else {
244 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
245 }
246 break;
247 case ND_OPT_PREFIX_INFO:
248 ndopts->nd_opts_pi_end = nd_opt;
cfcabdcc 249 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
1da177e4
LT		 250 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
251 break;
70ceb4f5
YH		 252#ifdef CONFIG_IPV6_ROUTE_INFO
253 case ND_OPT_ROUTE_INFO:
254 ndopts->nd_opts_ri_end = nd_opt;
255 if (!ndopts->nd_opts_ri)
256 ndopts->nd_opts_ri = nd_opt;
257 break;
258#endif
1da177e4 259 default:
f997c55c 260 if (ndisc_is_useropt(dev, nd_opt)) {
31910575
PY		 261 ndopts->nd_useropts_end = nd_opt;
262 if (!ndopts->nd_useropts)
263 ndopts->nd_useropts = nd_opt;
264 } else {
265 /*
266 * Unknown options must be silently ignored,
267 * to accommodate future extension to the
268 * protocol.
269 */
675418d5
JP		 270 ND_PRINTK(2, notice,
271 "%s: ignored unsupported option; type=%d, len=%d\n",
272 __func__,
273 nd_opt->nd_opt_type,
274 nd_opt->nd_opt_len);
31910575 275 }
1da177e4 276 }
f997c55c 277next_opt:
1da177e4
LT		 278 opt_len -= l;
279 nd_opt = ((void *)nd_opt) + l;
280 }
281 return ndopts;
282}
283
b71d1d42 284int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
1da177e4
LT		 285{
286 switch (dev->type) {
287 case ARPHRD_ETHER:
288 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
289 case ARPHRD_FDDI:
290 ipv6_eth_mc_map(addr, buf);
291 return 0;
1da177e4
LT		 292 case ARPHRD_ARCNET:
293 ipv6_arcnet_mc_map(addr, buf);
294 return 0;
295 case ARPHRD_INFINIBAND:
a9e527e3 296 ipv6_ib_mc_map(addr, dev->broadcast, buf);
1da177e4 297 return 0;
93ca3bb5
TT		 298 case ARPHRD_IPGRE:
299 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
1da177e4
LT		 300 default:
301 if (dir) {
302 memcpy(buf, dev->broadcast, dev->addr_len);
303 return 0;
304 }
305 }
306 return -EINVAL;
307}
7159039a
YH		 308EXPORT_SYMBOL(ndisc_mc_map);
309
d6bf7817
ED		 310static u32 ndisc_hash(const void *pkey,
311 const struct net_device *dev,
2c2aba6c 312 __u32 *hash_rnd)
1da177e4 313{
2c2aba6c 314 return ndisc_hashfn(pkey, dev, hash_rnd);
1da177e4
LT		 315}
316
60395a20
EB		 317static bool ndisc_key_eq(const struct neighbour *n, const void *pkey)
318{
319 return neigh_key_eq128(n, pkey);
320}
321
1da177e4
LT		 322static int ndisc_constructor(struct neighbour *neigh)
323{
67ba4152 324 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
1da177e4
LT		 325 struct net_device *dev = neigh->dev;
326 struct inet6_dev *in6_dev;
327 struct neigh_parms *parms;
a50feda5 328 bool is_multicast = ipv6_addr_is_multicast(addr);
1da177e4 329
1da177e4 330 in6_dev = in6_dev_get(dev);
63159f29 331 if (!in6_dev) {
1da177e4
LT		 332 return -EINVAL;
333 }
334
335 parms = in6_dev->nd_parms;
336 __neigh_parms_put(neigh->parms);
337 neigh->parms = neigh_parms_clone(parms);
1da177e4
LT		 338
339 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
3b04ddde 340 if (!dev->header_ops) {
1da177e4
LT		 341 neigh->nud_state = NUD_NOARP;
342 neigh->ops = &ndisc_direct_ops;
8f40b161 343 neigh->output = neigh_direct_output;
1da177e4
LT		 344 } else {
345 if (is_multicast) {
346 neigh->nud_state = NUD_NOARP;
347 ndisc_mc_map(addr, neigh->ha, dev, 1);
348 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
349 neigh->nud_state = NUD_NOARP;
350 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
351 if (dev->flags&IFF_LOOPBACK)
352 neigh->type = RTN_LOCAL;
353 } else if (dev->flags&IFF_POINTOPOINT) {
354 neigh->nud_state = NUD_NOARP;
355 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
356 }
3b04ddde 357 if (dev->header_ops->cache)
1da177e4
LT		 358 neigh->ops = &ndisc_hh_ops;
359 else
360 neigh->ops = &ndisc_generic_ops;
361 if (neigh->nud_state&NUD_VALID)
362 neigh->output = neigh->ops->connected_output;
363 else
364 neigh->output = neigh->ops->output;
365 }
366 in6_dev_put(in6_dev);
367 return 0;
368}
369
370static int pndisc_constructor(struct pneigh_entry *n)
371{
67ba4152 372 struct in6_addr *addr = (struct in6_addr *)&n->key;
1da177e4
LT		 373 struct in6_addr maddr;
374 struct net_device *dev = n->dev;
375
63159f29 376 if (!dev || !__in6_dev_get(dev))
1da177e4
LT		 377 return -EINVAL;
378 addrconf_addr_solict_mult(addr, &maddr);
379 ipv6_dev_mc_inc(dev, &maddr);
380 return 0;
381}
382
383static void pndisc_destructor(struct pneigh_entry *n)
384{
67ba4152 385 struct in6_addr *addr = (struct in6_addr *)&n->key;
1da177e4
LT		 386 struct in6_addr maddr;
387 struct net_device *dev = n->dev;
388
63159f29 389 if (!dev || !__in6_dev_get(dev))
1da177e4
LT		 390 return;
391 addrconf_addr_solict_mult(addr, &maddr);
392 ipv6_dev_mc_dec(dev, &maddr);
393}
394
de09334b
YH		 395static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
396 int len)
397{
398 int hlen = LL_RESERVED_SPACE(dev);
399 int tlen = dev->needed_tailroom;
400 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
401 struct sk_buff *skb;
de09334b 402
25a6e6b8 403 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
de09334b 404 if (!skb) {
25a6e6b8
TG		 405 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
406 __func__);
de09334b
YH		 407 return NULL;
408 }
409
f382d03a
YH		 410 skb->protocol = htons(ETH_P_IPV6);
411 skb->dev = dev;
412
527a150f 413 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
5135e633 414 skb_reset_transport_header(skb);
de09334b 415
25a6e6b8
TG		 416 /* Manually assign socket ownership as we avoid calling
417 * sock_alloc_send_pskb() to bypass wmem buffer limits
418 */
419 skb_set_owner_w(skb, sk);
420
de09334b
YH		 421 return skb;
422}
423
f382d03a 424static void ip6_nd_hdr(struct sk_buff *skb,
2576f17d
YH		 425 const struct in6_addr *saddr,
426 const struct in6_addr *daddr,
c8d6c380 427 int hop_limit, int len)
2576f17d
YH		 428{
429 struct ipv6hdr *hdr;
2210d6b2
 430 struct inet6_dev *idev;
431 unsigned tclass;
432
433 rcu_read_lock();
434 idev = __in6_dev_get(skb->dev);
435 tclass = idev ? idev->cnf.ndisc_tclass : 0;
436 rcu_read_unlock();
2576f17d 437
527a150f 438 skb_push(skb, sizeof(*hdr));
2576f17d 439 skb_reset_network_header(skb);
2576f17d
YH		 440 hdr = ipv6_hdr(skb);
441
2210d6b2 442 ip6_flow_hdr(hdr, tclass, 0);
2576f17d
YH		 443
444 hdr->payload_len = htons(len);
c8d6c380
YH		 445 hdr->nexthdr = IPPROTO_ICMPV6;
446 hdr->hop_limit = hop_limit;
2576f17d
YH		 447
448 hdr->saddr = *saddr;
449 hdr->daddr = *daddr;
450}
451
af9a9976 452static void ndisc_send_skb(struct sk_buff *skb,
fd0ea7db 453 const struct in6_addr *daddr,
aa4bdd4b 454 const struct in6_addr *saddr)
305d552a 455{
f4de84c6 456 struct dst_entry *dst = skb_dst(skb);
af9a9976 457 struct net *net = dev_net(skb->dev);
7b3d9b06 458 struct sock *sk = net->ipv6.ndisc_sk;
305d552a
BH		 459 struct inet6_dev *idev;
460 int err;
aa4bdd4b 461 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
305d552a
BH		 462 u8 type;
463
464 type = icmp6h->icmp6_type;
465
f4de84c6 466 if (!dst) {
f4de84c6 467 struct flowi6 fl6;
e0d56fdd 468 int oif = skb->dev->ifindex;
305d552a 469
ca254490 470 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, oif);
f4de84c6
YH		 471 dst = icmp6_dst_alloc(skb->dev, &fl6);
472 if (IS_ERR(dst)) {
473 kfree_skb(skb);
474 return;
475 }
476
477 skb_dst_set(skb, dst);
478 }
e1ec7842 479
7b3d9b06
YH		 480 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
481 IPPROTO_ICMPV6,
482 csum_partial(icmp6h,
483 skb->len, 0));
484
485 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
486
cfdf7647
ED		 487 rcu_read_lock();
488 idev = __in6_dev_get(dst->dev);
edf391ff 489 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
e1ec7842 490
29a26a56
EB		 491 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
492 net, sk, skb, NULL, dst->dev,
13206b6b 493 dst_output);
1da177e4 494 if (!err) {
5c5d244b 495 ICMP6MSGOUT_INC_STATS(net, idev, type);
a862f6a6 496 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1da177e4
LT		 497 }
498
cfdf7647 499 rcu_read_unlock();
1ab1457c 500}
1da177e4 501
38cf595b 502void ndisc_send_na(struct net_device *dev, const struct in6_addr *daddr,
f564f45c
CW		 503 const struct in6_addr *solicited_addr,
504 bool router, bool solicited, bool override, bool inc_opt)
e1ec7842 505{
b44b5f4a 506 struct sk_buff *skb;
e1ec7842
YH		 507 struct in6_addr tmpaddr;
508 struct inet6_ifaddr *ifp;
9acd9f3a 509 const struct in6_addr *src_addr;
1cb3fe51
YH		 510 struct nd_msg *msg;
511 int optlen = 0;
e1ec7842
YH		 512
513 /* for anycast or proxy, solicited_addr != src_addr */
c346dca1 514 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
e1ec7842
YH		 515 if (ifp) {
516 src_addr = solicited_addr;
517 if (ifp->flags & IFA_F_OPTIMISTIC)
f2f79cca 518 override = false;
9f888160 519 inc_opt |= ifp->idev->cnf.force_tllao;
e1ec7842
YH		 520 in6_ifa_put(ifp);
521 } else {
191cd582 522 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
c346dca1 523 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
7cbca67c 524 &tmpaddr))
e1ec7842
YH		 525 return;
526 src_addr = &tmpaddr;
527 }
528
1cb3fe51 529 if (!dev->addr_len)
9a21ac94 530 inc_opt = false;
1cb3fe51 531 if (inc_opt)
f997c55c
AA		 532 optlen += ndisc_opt_addr_space(dev,
533 NDISC_NEIGHBOUR_ADVERTISEMENT);
e1ec7842 534
1cb3fe51 535 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
b44b5f4a
YH		 536 if (!skb)
537 return;
538
4df864c1 539 msg = skb_put(skb, sizeof(*msg));
1cb3fe51
YH		 540 *msg = (struct nd_msg) {
541 .icmph = {
542 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
543 .icmp6_router = router,
544 .icmp6_solicited = solicited,
545 .icmp6_override = override,
546 },
547 .target = *solicited_addr,
548 };
549
550 if (inc_opt)
551 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
f997c55c
AA		 552 dev->dev_addr,
553 NDISC_NEIGHBOUR_ADVERTISEMENT);
1cb3fe51 554
b44b5f4a 555 ndisc_send_skb(skb, daddr, src_addr);
e1ec7842
YH		 556}
557
f47b9464
BH		 558static void ndisc_send_unsol_na(struct net_device *dev)
559{
560 struct inet6_dev *idev;
561 struct inet6_ifaddr *ifa;
f47b9464
BH		 562
563 idev = in6_dev_get(dev);
564 if (!idev)
565 return;
566
567 read_lock_bh(&idev->lock);
568 list_for_each_entry(ifa, &idev->addr_list, if_list) {
c76fe2d9
DA		 569 /* skip tentative addresses until dad completes */
570 if (ifa->flags & IFA_F_TENTATIVE &&
571 !(ifa->flags & IFA_F_OPTIMISTIC))
572 continue;
573
38cf595b 574 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &ifa->addr,
f47b9464
BH		 575 /*router=*/ !!idev->cnf.forwarding,
576 /*solicited=*/ false, /*override=*/ true,
577 /*inc_opt=*/ true);
578 }
579 read_unlock_bh(&idev->lock);
580
581 in6_dev_put(idev);
582}
583
38cf595b 584void ndisc_send_ns(struct net_device *dev, const struct in6_addr *solicit,
adc176c5
EN		 585 const struct in6_addr *daddr, const struct in6_addr *saddr,
586 u64 nonce)
1da177e4 587{
b44b5f4a 588 struct sk_buff *skb;
1da177e4 589 struct in6_addr addr_buf;
1cb3fe51
YH		 590 int inc_opt = dev->addr_len;
591 int optlen = 0;
592 struct nd_msg *msg;
1da177e4 593
63159f29 594 if (!saddr) {
95c385b4
NH		 595 if (ipv6_get_lladdr(dev, &addr_buf,
596 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
1da177e4
LT		 597 return;
598 saddr = &addr_buf;
599 }
600
1cb3fe51 601 if (ipv6_addr_any(saddr))
f2f79cca 602 inc_opt = false;
1cb3fe51 603 if (inc_opt)
f997c55c
AA		 604 optlen += ndisc_opt_addr_space(dev,
605 NDISC_NEIGHBOUR_SOLICITATION);
adc176c5
EN		 606 if (nonce != 0)
607 optlen += 8;
1cb3fe51
YH		 608
609 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
b44b5f4a
YH		 610 if (!skb)
611 return;
612
4df864c1 613 msg = skb_put(skb, sizeof(*msg));
1cb3fe51
YH		 614 *msg = (struct nd_msg) {
615 .icmph = {
616 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
617 },
618 .target = *solicit,
619 };
620
621 if (inc_opt)
622 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
f997c55c
AA		 623 dev->dev_addr,
624 NDISC_NEIGHBOUR_SOLICITATION);
adc176c5
EN		 625 if (nonce != 0) {
626 u8 *opt = skb_put(skb, 8);
627
628 opt[0] = ND_OPT_NONCE;
629 opt[1] = 8 >> 3;
630 memcpy(opt + 2, &nonce, 6);
631 }
1cb3fe51 632
b44b5f4a 633 ndisc_send_skb(skb, daddr, saddr);
1da177e4
LT		 634}
635
9acd9f3a
YH		 636void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
637 const struct in6_addr *daddr)
1da177e4 638{
b44b5f4a 639 struct sk_buff *skb;
1cb3fe51 640 struct rs_msg *msg;
95c385b4 641 int send_sllao = dev->addr_len;
1cb3fe51 642 int optlen = 0;
95c385b4
NH		 643
644#ifdef CONFIG_IPV6_OPTIMISTIC_DAD
645 /*
646 * According to section 2.2 of RFC 4429, we must not
647 * send router solicitations with a sllao from
648 * optimistic addresses, but we may send the solicitation
649 * if we don't include the sllao. So here we check
650 * if our address is optimistic, and if so, we
bea85195 651 * suppress the inclusion of the sllao.
95c385b4
NH		 652 */
653 if (send_sllao) {
c346dca1 654 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
1cab3da6 655 dev, 1);
95c385b4
NH		 656 if (ifp) {
657 if (ifp->flags & IFA_F_OPTIMISTIC) {
ca043569 658 send_sllao = 0;
95c385b4 659 }
ca043569 660 in6_ifa_put(ifp);
95c385b4
NH		 661 } else {
662 send_sllao = 0;
663 }
664 }
665#endif
1cb3fe51 666 if (send_sllao)
f997c55c 667 optlen += ndisc_opt_addr_space(dev, NDISC_ROUTER_SOLICITATION);
1cb3fe51
YH		 668
669 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
b44b5f4a
YH		 670 if (!skb)
671 return;
672
4df864c1 673 msg = skb_put(skb, sizeof(*msg));
1cb3fe51
YH		 674 *msg = (struct rs_msg) {
675 .icmph = {
676 .icmp6_type = NDISC_ROUTER_SOLICITATION,
677 },
678 };
679
680 if (send_sllao)
681 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
f997c55c
AA		 682 dev->dev_addr,
683 NDISC_ROUTER_SOLICITATION);
1cb3fe51 684
b44b5f4a 685 ndisc_send_skb(skb, daddr, saddr);
1da177e4 686}
1ab1457c 687
1da177e4
LT		 688
689static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
690{
691 /*
692 * "The sender MUST return an ICMP
693 * destination unreachable"
694 */
695 dst_link_failure(skb);
696 kfree_skb(skb);
697}
698
699/* Called with locked neigh: either read or both */
700
701static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
702{
703 struct in6_addr *saddr = NULL;
704 struct in6_addr mcaddr;
705 struct net_device *dev = neigh->dev;
706 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
707 int probes = atomic_read(&neigh->probes);
708
c58da4c6 709 if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
232378e8 710 dev, false, 1,
c58da4c6 711 IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
0660e03f 712 saddr = &ipv6_hdr(skb)->saddr;
e5d08d71
IM		 713 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
714 if (probes < 0) {
1da177e4 715 if (!(neigh->nud_state & NUD_VALID)) {
675418d5
JP		 716 ND_PRINTK(1, dbg,
717 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
718 __func__, target);
1da177e4 719 }
adc176c5 720 ndisc_send_ns(dev, target, target, saddr, 0);
1f9248e5 721 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
1da177e4 722 neigh_app_ns(neigh);
1da177e4
LT		 723 } else {
724 addrconf_addr_solict_mult(target, &mcaddr);
adc176c5 725 ndisc_send_ns(dev, target, &mcaddr, saddr, 0);
1da177e4
LT		 726 }
727}
728
0736ffc0
YH		 729static int pndisc_is_router(const void *pkey,
730 struct net_device *dev)
fa86d322
PE		 731{
732 struct pneigh_entry *n;
0736ffc0 733 int ret = -1;
fa86d322
PE		 734
735 read_lock_bh(&nd_tbl.lock);
0736ffc0
YH		 736 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
737 if (n)
738 ret = !!(n->flags & NTF_ROUTER);
fa86d322
PE		 739 read_unlock_bh(&nd_tbl.lock);
740
0736ffc0 741 return ret;
fa86d322
PE		 742}
743
f997c55c
AA		 744void ndisc_update(const struct net_device *dev, struct neighbour *neigh,
745 const u8 *lladdr, u8 new, u32 flags, u8 icmp6_type,
746 struct ndisc_options *ndopts)
747{
7b8f7a40 748 neigh_update(neigh, lladdr, new, flags, 0);
f997c55c
AA		 749 /* report ndisc ops about neighbour update */
750 ndisc_ops_update(dev, neigh, flags, icmp6_type, ndopts);
751}
752
1da177e4
LT		 753static void ndisc_recv_ns(struct sk_buff *skb)
754{
9c70220b 755 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
b71d1d42
ED		 756 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
757 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
1da177e4 758 u8 *lladdr = NULL;
29a3cad5 759 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
27a884dc 760 offsetof(struct nd_msg, opt));
1da177e4
LT		 761 struct ndisc_options ndopts;
762 struct net_device *dev = skb->dev;
763 struct inet6_ifaddr *ifp;
764 struct inet6_dev *idev = NULL;
765 struct neighbour *neigh;
766 int dad = ipv6_addr_any(saddr);
a50feda5 767 bool inc;
0736ffc0 768 int is_router = -1;
adc176c5 769 u64 nonce = 0;
1da177e4 770
115b0aa6
YH		 771 if (skb->len < sizeof(struct nd_msg)) {
772 ND_PRINTK(2, warn, "NS: packet too short\n");
773 return;
774 }
775
1da177e4 776 if (ipv6_addr_is_multicast(&msg->target)) {
675418d5 777 ND_PRINTK(2, warn, "NS: multicast target address\n");
1da177e4
LT		 778 return;
779 }
780
781 /*
782 * RFC2461 7.1.1:
783 * DAD has to be destined for solicited node multicast address.
784 */
ca97a644 785 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
675418d5 786 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
1da177e4
LT		 787 return;
788 }
789
f997c55c 790 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
675418d5 791 ND_PRINTK(2, warn, "NS: invalid ND options\n");
1da177e4
LT		 792 return;
793 }
794
795 if (ndopts.nd_opts_src_lladdr) {
796 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
797 if (!lladdr) {
675418d5
JP		 798 ND_PRINTK(2, warn,
799 "NS: invalid link-layer address length\n");
1da177e4
LT		 800 return;
801 }
802
803 /* RFC2461 7.1.1:
1ab1457c
YH		 804 * If the IP source address is the unspecified address,
805 * there MUST NOT be source link-layer address option
1da177e4
LT		 806 * in the message.
807 */
808 if (dad) {
675418d5
JP		 809 ND_PRINTK(2, warn,
810 "NS: bad DAD packet (link-layer address option)\n");
1da177e4
LT		 811 return;
812 }
813 }
e6651599 814 if (ndopts.nd_opts_nonce && ndopts.nd_opts_nonce->nd_opt_len == 1)
adc176c5 815 memcpy(&nonce, (u8 *)(ndopts.nd_opts_nonce + 1), 6);
1da177e4
LT		 816
817 inc = ipv6_addr_is_multicast(daddr);
818
c346dca1 819 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
a18bc695 820 if (ifp) {
ca254490 821have_ifp:
95c385b4
NH		 822 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
823 if (dad) {
adc176c5
EN		 824 if (nonce != 0 && ifp->dad_nonce == nonce) {
825 u8 *np = (u8 *)&nonce;
826 /* Matching nonce if looped back */
827 ND_PRINTK(2, notice,
828 "%s: IPv6 DAD loopback for address %pI6c nonce %pM ignored\n",
829 ifp->idev->dev->name,
830 &ifp->addr, np);
831 goto out;
832 }
95c385b4
NH		 833 /*
834 * We are colliding with another node
835 * who is doing DAD
836 * so fail our DAD process
837 */
da13c59b 838 addrconf_dad_failure(skb, ifp);
9e3be4b3 839 return;
95c385b4
NH		 840 } else {
841 /*
842 * This is not a dad solicitation.
843 * If we are an optimistic node,
844 * we should respond.
845 * Otherwise, we should ignore it.
846 */
847 if (!(ifp->flags & IFA_F_OPTIMISTIC))
1da177e4 848 goto out;
1da177e4 849 }
1da177e4
LT		 850 }
851
852 idev = ifp->idev;
853 } else {
53b7997f
YH		 854 struct net *net = dev_net(dev);
855
ca254490
DA		 856 /* perhaps an address on the master device */
857 if (netif_is_l3_slave(dev)) {
858 struct net_device *mdev;
859
860 mdev = netdev_master_upper_dev_get_rcu(dev);
861 if (mdev) {
862 ifp = ipv6_get_ifaddr(net, &msg->target, mdev, 1);
863 if (ifp)
864 goto have_ifp;
865 }
866 }
867
1da177e4
LT		 868 idev = in6_dev_get(dev);
869 if (!idev) {
870 /* XXX: count this drop? */
871 return;
872 }
873
53b7997f 874 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
1ab1457c 875 (idev->cnf.forwarding &&
53b7997f 876 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
0736ffc0 877 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
a61bbcf2 878 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
1da177e4 879 skb->pkt_type != PACKET_HOST &&
f2f79cca 880 inc &&
1f9248e5 881 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
1da177e4
LT		 882 /*
883 * for anycast or proxy,
1ab1457c
YH		 884 * sender should delay its response
885 * by a random time between 0 and
1da177e4
LT		 886 * MAX_ANYCAST_DELAY_TIME seconds.
887 * (RFC2461) -- yoshfuji
888 */
889 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
890 if (n)
891 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
892 goto out;
893 }
894 } else
895 goto out;
896 }
897
0736ffc0 898 if (is_router < 0)
fb568637 899 is_router = idev->cnf.forwarding;
62dd9318 900
1da177e4 901 if (dad) {
38cf595b 902 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &msg->target,
fb568637 903 !!is_router, false, (ifp != NULL), true);
1da177e4
LT		 904 goto out;
905 }
906
907 if (inc)
908 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
909 else
910 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
911
1ab1457c 912 /*
1da177e4
LT		 913 * update / create cache entry
914 * for the source address
915 */
916 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
917 !inc || lladdr || !dev->addr_len);
918 if (neigh)
f997c55c 919 ndisc_update(dev, neigh, lladdr, NUD_STALE,
1da177e4 920 NEIGH_UPDATE_F_WEAK_OVERRIDE|
f997c55c
AA		 921 NEIGH_UPDATE_F_OVERRIDE,
922 NDISC_NEIGHBOUR_SOLICITATION, &ndopts);
3b04ddde 923 if (neigh || !dev->header_ops) {
38cf595b 924 ndisc_send_na(dev, saddr, &msg->target, !!is_router,
fb568637 925 true, (ifp != NULL && inc), inc);
1da177e4
LT		 926 if (neigh)
927 neigh_release(neigh);
928 }
929
930out:
931 if (ifp)
932 in6_ifa_put(ifp);
933 else
934 in6_dev_put(idev);
1da177e4
LT		 935}
936
937static void ndisc_recv_na(struct sk_buff *skb)
938{
9c70220b 939 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
be7a010d 940 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
b71d1d42 941 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
1da177e4 942 u8 *lladdr = NULL;
29a3cad5 943 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
27a884dc 944 offsetof(struct nd_msg, opt));
1da177e4
LT		 945 struct ndisc_options ndopts;
946 struct net_device *dev = skb->dev;
7a02bf89 947 struct inet6_dev *idev = __in6_dev_get(dev);
1da177e4
LT		 948 struct inet6_ifaddr *ifp;
949 struct neighbour *neigh;
950
951 if (skb->len < sizeof(struct nd_msg)) {
675418d5 952 ND_PRINTK(2, warn, "NA: packet too short\n");
1da177e4
LT		 953 return;
954 }
955
956 if (ipv6_addr_is_multicast(&msg->target)) {
675418d5 957 ND_PRINTK(2, warn, "NA: target address is multicast\n");
1da177e4
LT		 958 return;
959 }
960
961 if (ipv6_addr_is_multicast(daddr) &&
962 msg->icmph.icmp6_solicited) {
675418d5 963 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
1da177e4
LT		 964 return;
965 }
1ab1457c 966
7a02bf89
JB		 967 /* For some 802.11 wireless deployments (and possibly other networks),
968 * there will be a NA proxy and unsolicitd packets are attacks
969 * and thus should not be accepted.
970 */
971 if (!msg->icmph.icmp6_solicited && idev &&
972 idev->cnf.drop_unsolicited_na)
973 return;
974
f997c55c 975 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
675418d5 976 ND_PRINTK(2, warn, "NS: invalid ND option\n");
1da177e4
LT		 977 return;
978 }
979 if (ndopts.nd_opts_tgt_lladdr) {
980 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
981 if (!lladdr) {
675418d5
JP		 982 ND_PRINTK(2, warn,
983 "NA: invalid link-layer address length\n");
1da177e4
LT		 984 return;
985 }
986 }
c346dca1 987 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
a18bc695 988 if (ifp) {
bd015928
DW		 989 if (skb->pkt_type != PACKET_LOOPBACK
990 && (ifp->flags & IFA_F_TENTATIVE)) {
da13c59b 991 addrconf_dad_failure(skb, ifp);
bd015928 992 return;
1da177e4
LT		 993 }
994 /* What should we make now? The advertisement
995 is invalid, but ndisc specs say nothing
996 about it. It could be misconfiguration, or
997 an smart proxy agent tries to help us :-)
24fc7b86
JS		 998
999 We should not print the error if NA has been
1000 received from loopback - it is just our own
1001 unsolicited advertisement.
1da177e4 1002 */
24fc7b86 1003 if (skb->pkt_type != PACKET_LOOPBACK)
675418d5 1004 ND_PRINTK(1, warn,
da13c59b
VP		 1005 "NA: %pM advertised our address %pI6c on %s!\n",
1006 eth_hdr(skb)->h_source, &ifp->addr, ifp->idev->dev->name);
1da177e4
LT		 1007 in6_ifa_put(ifp);
1008 return;
1009 }
1010 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
1011
1012 if (neigh) {
1013 u8 old_flags = neigh->flags;
53b7997f 1014 struct net *net = dev_net(dev);
1da177e4
LT		 1015
1016 if (neigh->nud_state & NUD_FAILED)
1017 goto out;
1018
5f3e6e9e
VN		 1019 /*
1020 * Don't update the neighbor cache entry on a proxy NA from
1021 * ourselves because either the proxied node is off link or it
1022 * has already sent a NA to us.
1023 */
1024 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
53b7997f
YH		 1025 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
1026 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
b20b6d97 1027 /* XXX: idev->cnf.proxy_ndp */
5f3e6e9e 1028 goto out;
fbea49e1 1029 }
5f3e6e9e 1030
f997c55c 1031 ndisc_update(dev, neigh, lladdr,
1da177e4
LT		 1032 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
1033 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1034 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
1035 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
f997c55c
AA		 1036 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0),
1037 NDISC_NEIGHBOUR_ADVERTISEMENT, &ndopts);
1da177e4
LT		 1038
1039 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
1040 /*
1041 * Change: router to host
1042 */
be7a010d 1043 rt6_clean_tohost(dev_net(dev), saddr);
1da177e4
LT		 1044 }
1045
1046out:
1047 neigh_release(neigh);
1048 }
1049}
1050
1051static void ndisc_recv_rs(struct sk_buff *skb)
1052{
9c70220b 1053 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1da177e4
LT		 1054 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1055 struct neighbour *neigh;
1056 struct inet6_dev *idev;
b71d1d42 1057 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1da177e4
LT		 1058 struct ndisc_options ndopts;
1059 u8 *lladdr = NULL;
1060
1061 if (skb->len < sizeof(*rs_msg))
1062 return;
1063
cfdf7647 1064 idev = __in6_dev_get(skb->dev);
1da177e4 1065 if (!idev) {
675418d5 1066 ND_PRINTK(1, err, "RS: can't find in6 device\n");
1da177e4
LT		 1067 return;
1068 }
1069
1070 /* Don't accept RS if we're not in router mode */
1071 if (!idev->cnf.forwarding)
1072 goto out;
1073
1074 /*
1075 * Don't update NCE if src = ::;
1076 * this implies that the source node has no ip address assigned yet.
1077 */
1078 if (ipv6_addr_any(saddr))
1079 goto out;
1080
1081 /* Parse ND options */
f997c55c 1082 if (!ndisc_parse_options(skb->dev, rs_msg->opt, ndoptlen, &ndopts)) {
675418d5 1083 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
1da177e4
LT		 1084 goto out;
1085 }
1086
1087 if (ndopts.nd_opts_src_lladdr) {
1088 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1089 skb->dev);
1090 if (!lladdr)
1091 goto out;
1092 }
1093
1094 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1095 if (neigh) {
f997c55c 1096 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1da177e4
LT		 1097 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1098 NEIGH_UPDATE_F_OVERRIDE|
f997c55c
AA		 1099 NEIGH_UPDATE_F_OVERRIDE_ISROUTER,
1100 NDISC_ROUTER_SOLICITATION, &ndopts);
1da177e4
LT		 1101 neigh_release(neigh);
1102 }
1103out:
cfdf7647 1104 return;
1da177e4
LT		 1105}
1106
31910575
PY		 1107static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1108{
1109 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1110 struct sk_buff *skb;
1111 struct nlmsghdr *nlh;
1112 struct nduseroptmsg *ndmsg;
c346dca1 1113 struct net *net = dev_net(ra->dev);
31910575
PY		 1114 int err;
1115 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1116 + (opt->nd_opt_len << 3));
1117 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1118
1119 skb = nlmsg_new(msg_size, GFP_ATOMIC);
63159f29 1120 if (!skb) {
31910575
PY		 1121 err = -ENOBUFS;
1122 goto errout;
1123 }
1124
1125 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
63159f29 1126 if (!nlh) {
31910575
PY		 1127 goto nla_put_failure;
1128 }
1129
1130 ndmsg = nlmsg_data(nlh);
1131 ndmsg->nduseropt_family = AF_INET6;
dbb2ed24 1132 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
31910575
PY		 1133 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1134 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1135 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1136
1137 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1138
930345ea 1139 if (nla_put_in6_addr(skb, NDUSEROPT_SRCADDR, &ipv6_hdr(ra)->saddr))
c78679e8 1140 goto nla_put_failure;
31910575
PY		 1141 nlmsg_end(skb, nlh);
1142
1ce85fe4 1143 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
31910575
PY		 1144 return;
1145
1146nla_put_failure:
1147 nlmsg_free(skb);
1148 err = -EMSGSIZE;
1149errout:
a18bc695 1150 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
31910575
PY		 1151}
1152
1da177e4
LT		 1153static void ndisc_router_discovery(struct sk_buff *skb)
1154{
9c70220b 1155 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1da177e4
LT		 1156 struct neighbour *neigh = NULL;
1157 struct inet6_dev *in6_dev;
8d1c802b 1158 struct fib6_info *rt = NULL;
afb1d4b5 1159 struct net *net;
1da177e4
LT		 1160 int lifetime;
1161 struct ndisc_options ndopts;
1162 int optlen;
ebacaaa0 1163 unsigned int pref = 0;
a394eef5 1164 __u32 old_if_flags;
2053aeb6 1165 bool send_ifinfo_notify = false;
1da177e4 1166
67ba4152 1167 __u8 *opt = (__u8 *)(ra_msg + 1);
1da177e4 1168
29a3cad5
SH		 1169 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1170 sizeof(struct ra_msg);
1da177e4 1171
f2a762d8
BG		 1172 ND_PRINTK(2, info,
1173 "RA: %s, dev: %s\n",
1174 __func__, skb->dev->name);
0660e03f 1175 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
675418d5 1176 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1da177e4
LT		 1177 return;
1178 }
1179 if (optlen < 0) {
675418d5 1180 ND_PRINTK(2, warn, "RA: packet too short\n");
1da177e4
LT		 1181 return;
1182 }
1183
de357cc0 1184#ifdef CONFIG_IPV6_NDISC_NODETYPE
fadf6bf0 1185 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
675418d5 1186 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
fadf6bf0
TF		 1187 return;
1188 }
de357cc0 1189#endif
fadf6bf0 1190
1da177e4
LT		 1191 /*
1192 * set the RA_RECV flag in the interface
1193 */
1194
cfdf7647 1195 in6_dev = __in6_dev_get(skb->dev);
63159f29 1196 if (!in6_dev) {
675418d5
JP		 1197 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1198 skb->dev->name);
1da177e4
LT		 1199 return;
1200 }
1da177e4 1201
f997c55c 1202 if (!ndisc_parse_options(skb->dev, opt, optlen, &ndopts)) {
675418d5 1203 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1da177e4
LT		 1204 return;
1205 }
1206
f2a762d8
BG		 1207 if (!ipv6_accept_ra(in6_dev)) {
1208 ND_PRINTK(2, info,
1209 "RA: %s, did not accept ra for dev: %s\n",
1210 __func__, skb->dev->name);
31ce8c71 1211 goto skip_linkparms;
f2a762d8 1212 }
31ce8c71 1213
de357cc0 1214#ifdef CONFIG_IPV6_NDISC_NODETYPE
fadf6bf0 1215 /* skip link-specific parameters from interior routers */
f2a762d8
BG		 1216 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1217 ND_PRINTK(2, info,
1218 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1219 __func__, skb->dev->name);
fadf6bf0 1220 goto skip_linkparms;
f2a762d8 1221 }
de357cc0 1222#endif
fadf6bf0 1223
1da177e4
LT		 1224 if (in6_dev->if_flags & IF_RS_SENT) {
1225 /*
1226 * flag that an RA was received after an RS was sent
1227 * out on this interface.
1228 */
1229 in6_dev->if_flags |= IF_RA_RCVD;
1230 }
1231
1232 /*
1233 * Remember the managed/otherconf flags from most recently
1234 * received RA message (RFC 2462) -- yoshfuji
1235 */
a394eef5 1236 old_if_flags = in6_dev->if_flags;
1da177e4
LT		 1237 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1238 IF_RA_OTHERCONF)) |
1239 (ra_msg->icmph.icmp6_addrconf_managed ?
1240 IF_RA_MANAGED : 0) |
1241 (ra_msg->icmph.icmp6_addrconf_other ?
1242 IF_RA_OTHERCONF : 0);
1243
a394eef5 1244 if (old_if_flags != in6_dev->if_flags)
2053aeb6 1245 send_ifinfo_notify = true;
a394eef5 1246
f2a762d8
BG		 1247 if (!in6_dev->cnf.accept_ra_defrtr) {
1248 ND_PRINTK(2, info,
1249 "RA: %s, defrtr is false for dev: %s\n",
1250 __func__, skb->dev->name);
65f5c7c1 1251 goto skip_defrtr;
f2a762d8 1252 }
65f5c7c1 1253
d9333196
BG		 1254 /* Do not accept RA with source-addr found on local machine unless
1255 * accept_ra_from_local is set to true.
1256 */
afb1d4b5 1257 net = dev_net(in6_dev->dev);
b6428817 1258 if (!in6_dev->cnf.accept_ra_from_local &&
afb1d4b5 1259 ipv6_chk_addr(net, &ipv6_hdr(skb)->saddr, in6_dev->dev, 0)) {
f2a762d8 1260 ND_PRINTK(2, info,
d9333196
BG		 1261 "RA from local address detected on dev: %s: default router ignored\n",
1262 skb->dev->name);
9f56220f 1263 goto skip_defrtr;
f2a762d8 1264 }
9f56220f 1265
1da177e4
LT		 1266 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1267
ebacaaa0
YH		 1268#ifdef CONFIG_IPV6_ROUTER_PREF
1269 pref = ra_msg->icmph.icmp6_router_pref;
1270 /* 10b is handled as if it were 00b (medium) */
930d6ff2 1271 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
6d5b78cd 1272 !in6_dev->cnf.accept_ra_rtr_pref)
ebacaaa0
YH		 1273 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1274#endif
1275
afb1d4b5 1276 rt = rt6_get_dflt_router(net, &ipv6_hdr(skb)->saddr, skb->dev);
1da177e4 1277
eb857186 1278 if (rt) {
f8a1b43b
DA		 1279 neigh = ip6_neigh_lookup(&rt->fib6_nh.nh_gw,
1280 rt->fib6_nh.nh_dev, NULL,
1281 &ipv6_hdr(skb)->saddr);
eb857186 1282 if (!neigh) {
675418d5
JP		 1283 ND_PRINTK(0, err,
1284 "RA: %s got default router without neighbour\n",
1285 __func__);
93531c67 1286 fib6_info_release(rt);
eb857186
DM		 1287 return;
1288 }
1289 }
1da177e4 1290 if (rt && lifetime == 0) {
afb1d4b5 1291 ip6_del_rt(net, rt);
1da177e4
LT		 1292 rt = NULL;
1293 }
1294
f2a762d8
BG		 1295 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1296 rt, lifetime, skb->dev->name);
63159f29 1297 if (!rt && lifetime) {
f2a762d8 1298 ND_PRINTK(3, info, "RA: adding default router\n");
1da177e4 1299
afb1d4b5
DA		 1300 rt = rt6_add_dflt_router(net, &ipv6_hdr(skb)->saddr,
1301 skb->dev, pref);
63159f29 1302 if (!rt) {
675418d5
JP		 1303 ND_PRINTK(0, err,
1304 "RA: %s failed to add default route\n",
1305 __func__);
1da177e4
LT		 1306 return;
1307 }
1308
f8a1b43b
DA		 1309 neigh = ip6_neigh_lookup(&rt->fib6_nh.nh_gw,
1310 rt->fib6_nh.nh_dev, NULL,
1311 &ipv6_hdr(skb)->saddr);
63159f29 1312 if (!neigh) {
675418d5
JP		 1313 ND_PRINTK(0, err,
1314 "RA: %s got default router without neighbour\n",
1315 __func__);
93531c67 1316 fib6_info_release(rt);
1da177e4
LT		 1317 return;
1318 }
1319 neigh->flags |= NTF_ROUTER;
ebacaaa0 1320 } else if (rt) {
93c2fb25 1321 rt->fib6_flags = (rt->fib6_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1da177e4
LT		 1322 }
1323
1324 if (rt)
14895687 1325 fib6_set_expires(rt, jiffies + (HZ * lifetime));
8013d1d7
HL		 1326 if (in6_dev->cnf.accept_ra_min_hop_limit < 256 &&
1327 ra_msg->icmph.icmp6_hop_limit) {
1328 if (in6_dev->cnf.accept_ra_min_hop_limit <= ra_msg->icmph.icmp6_hop_limit) {
6fd99094 1329 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
d4ead6b3
DA		 1330 fib6_metric_set(rt, RTAX_HOPLIMIT,
1331 ra_msg->icmph.icmp6_hop_limit);
6fd99094 1332 } else {
8013d1d7 1333 ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than minimum\n");
6fd99094 1334 }
1da177e4
LT		 1335 }
1336
65f5c7c1
YH		 1337skip_defrtr:
1338
1da177e4
LT		 1339 /*
1340 * Update Reachable Time and Retrans Timer
1341 */
1342
1343 if (in6_dev->nd_parms) {
1344 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1345
1346 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1347 rtime = (rtime*HZ)/1000;
1348 if (rtime < HZ/10)
1349 rtime = HZ/10;
1f9248e5 1350 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1da177e4 1351 in6_dev->tstamp = jiffies;
2053aeb6 1352 send_ifinfo_notify = true;
1da177e4
LT		 1353 }
1354
1355 rtime = ntohl(ra_msg->reachable_time);
1356 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1357 rtime = (rtime*HZ)/1000;
1358
1359 if (rtime < HZ/10)
1360 rtime = HZ/10;
1361
1f9248e5
JP		 1362 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1363 NEIGH_VAR_SET(in6_dev->nd_parms,
1364 BASE_REACHABLE_TIME, rtime);
1365 NEIGH_VAR_SET(in6_dev->nd_parms,
1366 GC_STALETIME, 3 * rtime);
1da177e4
LT		 1367 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1368 in6_dev->tstamp = jiffies;
2053aeb6 1369 send_ifinfo_notify = true;
1da177e4
LT		 1370 }
1371 }
1372 }
1373
2053aeb6
MT		 1374 /*
1375 * Send a notify if RA changed managed/otherconf flags or timer settings
1376 */
1377 if (send_ifinfo_notify)
1378 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1379
fadf6bf0
TF		 1380skip_linkparms:
1381
1da177e4
LT		 1382 /*
1383 * Process options.
1384 */
1385
1386 if (!neigh)
0660e03f 1387 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1da177e4
LT		 1388 skb->dev, 1);
1389 if (neigh) {
1390 u8 *lladdr = NULL;
1391 if (ndopts.nd_opts_src_lladdr) {
1392 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1393 skb->dev);
1394 if (!lladdr) {
675418d5
JP		 1395 ND_PRINTK(2, warn,
1396 "RA: invalid link-layer address length\n");
1da177e4
LT		 1397 goto out;
1398 }
1399 }
f997c55c 1400 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1da177e4
LT		 1401 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1402 NEIGH_UPDATE_F_OVERRIDE|
1403 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
f997c55c
AA		 1404 NEIGH_UPDATE_F_ISROUTER,
1405 NDISC_ROUTER_ADVERTISEMENT, &ndopts);
1da177e4
LT		 1406 }
1407
f2a762d8
BG		 1408 if (!ipv6_accept_ra(in6_dev)) {
1409 ND_PRINTK(2, info,
1410 "RA: %s, accept_ra is false for dev: %s\n",
1411 __func__, skb->dev->name);
31ce8c71 1412 goto out;
f2a762d8 1413 }
31ce8c71 1414
70ceb4f5 1415#ifdef CONFIG_IPV6_ROUTE_INFO
b6428817
LR		 1416 if (!in6_dev->cnf.accept_ra_from_local &&
1417 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
c1a9a291 1418 in6_dev->dev, 0)) {
f2a762d8 1419 ND_PRINTK(2, info,
d9333196
BG		 1420 "RA from local address detected on dev: %s: router info ignored.\n",
1421 skb->dev->name);
9f56220f 1422 goto skip_routeinfo;
f2a762d8 1423 }
9f56220f 1424
09c884d4 1425 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
70ceb4f5
YH		 1426 struct nd_opt_hdr *p;
1427 for (p = ndopts.nd_opts_ri;
1428 p;
1429 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
6294e000
YH		 1430 struct route_info *ri = (struct route_info *)p;
1431#ifdef CONFIG_IPV6_NDISC_NODETYPE
1432 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1433 ri->prefix_len == 0)
1434 continue;
1435#endif
30e56918
DJ		 1436 if (ri->prefix_len == 0 &&
1437 !in6_dev->cnf.accept_ra_defrtr)
1438 continue;
bbea124b
JS		 1439 if (ri->prefix_len < in6_dev->cnf.accept_ra_rt_info_min_plen)
1440 continue;
6294e000 1441 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
09c884d4 1442 continue;
67ba4152 1443 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
0660e03f 1444 &ipv6_hdr(skb)->saddr);
70ceb4f5
YH		 1445 }
1446 }
9f56220f
AH		 1447
1448skip_routeinfo:
70ceb4f5
YH		 1449#endif
1450
de357cc0 1451#ifdef CONFIG_IPV6_NDISC_NODETYPE
fadf6bf0 1452 /* skip link-specific ndopts from interior routers */
f2a762d8
BG		 1453 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1454 ND_PRINTK(2, info,
1455 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1456 __func__, skb->dev->name);
fadf6bf0 1457 goto out;
f2a762d8 1458 }
de357cc0 1459#endif
fadf6bf0 1460
c4fd30eb 1461 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1da177e4
LT		 1462 struct nd_opt_hdr *p;
1463 for (p = ndopts.nd_opts_pi;
1464 p;
1465 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
e6bff995
NH		 1466 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1467 (p->nd_opt_len) << 3,
1468 ndopts.nd_opts_src_lladdr != NULL);
1da177e4
LT		 1469 }
1470 }
1471
c2943f14 1472 if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
e69a4adc 1473 __be32 n;
1da177e4
LT		 1474 u32 mtu;
1475
67ba4152 1476 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
e69a4adc 1477 mtu = ntohl(n);
1da177e4
LT		 1478
1479 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
675418d5 1480 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1da177e4
LT		 1481 } else if (in6_dev->cnf.mtu6 != mtu) {
1482 in6_dev->cnf.mtu6 = mtu;
d4ead6b3 1483 fib6_metric_set(rt, RTAX_MTU, mtu);
1da177e4
LT		 1484 rt6_mtu_change(skb->dev, mtu);
1485 }
1486 }
1ab1457c 1487
31910575 1488 if (ndopts.nd_useropts) {
61cf46ad
YH		 1489 struct nd_opt_hdr *p;
1490 for (p = ndopts.nd_useropts;
1491 p;
f997c55c
AA		 1492 p = ndisc_next_useropt(skb->dev, p,
1493 ndopts.nd_useropts_end)) {
61cf46ad 1494 ndisc_ra_useropt(skb, p);
31910575
PY		 1495 }
1496 }
1497
1da177e4 1498 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
675418d5 1499 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1da177e4
LT		 1500 }
1501out:
93531c67 1502 fib6_info_release(rt);
eb857186 1503 if (neigh)
1da177e4 1504 neigh_release(neigh);
1da177e4
LT		 1505}
1506
1507static void ndisc_redirect_rcv(struct sk_buff *skb)
1508{
093d04d4
DJ		 1509 u8 *hdr;
1510 struct ndisc_options ndopts;
1511 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
29a3cad5 1512 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
093d04d4
DJ		 1513 offsetof(struct rd_msg, opt));
1514
de357cc0 1515#ifdef CONFIG_IPV6_NDISC_NODETYPE
fadf6bf0
TF		 1516 switch (skb->ndisc_nodetype) {
1517 case NDISC_NODETYPE_HOST:
1518 case NDISC_NODETYPE_NODEFAULT:
675418d5
JP		 1519 ND_PRINTK(2, warn,
1520 "Redirect: from host or unauthorized router\n");
fadf6bf0
TF		 1521 return;
1522 }
de357cc0 1523#endif
fadf6bf0 1524
0660e03f 1525 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
675418d5
JP		 1526 ND_PRINTK(2, warn,
1527 "Redirect: source address is not link-local\n");
1da177e4
LT		 1528 return;
1529 }
1530
f997c55c 1531 if (!ndisc_parse_options(skb->dev, msg->opt, ndoptlen, &ndopts))
093d04d4
DJ		 1532 return;
1533
c92a59ec 1534 if (!ndopts.nd_opts_rh) {
b55b76b2
DJ		 1535 ip6_redirect_no_header(skb, dev_net(skb->dev),
1536 skb->dev->ifindex, 0);
093d04d4 1537 return;
c92a59ec 1538 }
093d04d4
DJ		 1539
1540 hdr = (u8 *)ndopts.nd_opts_rh;
1541 hdr += 8;
1542 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1543 return;
1544
b94f1c09 1545 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1da177e4
LT		 1546}
1547
5f5a0115
YH		 1548static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1549 struct sk_buff *orig_skb,
1550 int rd_len)
9c86dafe 1551{
5f5a0115
YH		 1552 u8 *opt = skb_put(skb, rd_len);
1553
9c86dafe
YH		 1554 memset(opt, 0, 8);
1555 *(opt++) = ND_OPT_REDIRECT_HDR;
1556 *(opt++) = (rd_len >> 3);
1557 opt += 6;
1558
9f62c15f
LB		 1559 skb_copy_bits(orig_skb, skb_network_offset(orig_skb), opt,
1560 rd_len - 8);
9c86dafe
YH		 1561}
1562
4991969a 1563void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1da177e4 1564{
1762f7e8 1565 struct net_device *dev = skb->dev;
c346dca1 1566 struct net *net = dev_net(dev);
1762f7e8 1567 struct sock *sk = net->ipv6.ndisc_sk;
2ce13576 1568 int optlen = 0;
fbfe95a4 1569 struct inet_peer *peer;
1da177e4 1570 struct sk_buff *buff;
71bcdba0 1571 struct rd_msg *msg;
1da177e4 1572 struct in6_addr saddr_buf;
1da177e4
LT		 1573 struct rt6_info *rt;
1574 struct dst_entry *dst;
4c9483b2 1575 struct flowi6 fl6;
1da177e4 1576 int rd_len;
f997c55c
AA		 1577 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL,
1578 ops_data_buf[NDISC_OPS_REDIRECT_DATA_SPACE], *ops_data = NULL;
1d861aa4 1579 bool ret;
1da177e4 1580
2f17becf
SS		 1581 if (netif_is_l3_master(skb->dev)) {
1582 dev = __dev_get_by_index(dev_net(skb->dev), IPCB(skb)->iif);
1583 if (!dev)
1584 return;
1585 }
1586
95c385b4 1587 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
675418d5
JP		 1588 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1589 dev->name);
1ab1457c
YH		 1590 return;
1591 }
1da177e4 1592
0660e03f 1593 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
bf0b48df 1594 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
675418d5
JP		 1595 ND_PRINTK(2, warn,
1596 "Redirect: target address is not link-local unicast\n");
29556526
LY		 1597 return;
1598 }
1599
4c9483b2 1600 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
e0d56fdd 1601 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1da177e4 1602
4c9483b2 1603 dst = ip6_route_output(net, NULL, &fl6);
5095d64d
RL		 1604 if (dst->error) {
1605 dst_release(dst);
1da177e4 1606 return;
5095d64d 1607 }
4c9483b2 1608 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
452edd59 1609 if (IS_ERR(dst))
1da177e4 1610 return;
1da177e4
LT		 1611
1612 rt = (struct rt6_info *) dst;
1613
1614 if (rt->rt6i_flags & RTF_GATEWAY) {
675418d5
JP		 1615 ND_PRINTK(2, warn,
1616 "Redirect: destination is not a neighbour\n");
d73f0801 1617 goto release;
1da177e4 1618 }
fd0273d7 1619 peer = inet_getpeer_v6(net->ipv6.peers, &ipv6_hdr(skb)->saddr, 1);
1d861aa4
DM		 1620 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1621 if (peer)
1622 inet_putpeer(peer);
1623 if (!ret)
d73f0801 1624 goto release;
1da177e4
LT		 1625
1626 if (dev->addr_len) {
4991969a
DM		 1627 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1628 if (!neigh) {
675418d5
JP		 1629 ND_PRINTK(2, warn,
1630 "Redirect: no neigh for target address\n");
4991969a
DM		 1631 goto release;
1632 }
1633
1da177e4
LT		 1634 read_lock_bh(&neigh->lock);
1635 if (neigh->nud_state & NUD_VALID) {
1636 memcpy(ha_buf, neigh->ha, dev->addr_len);
1637 read_unlock_bh(&neigh->lock);
1638 ha = ha_buf;
f997c55c
AA		 1639 optlen += ndisc_redirect_opt_addr_space(dev, neigh,
1640 ops_data_buf,
1641 &ops_data);
1da177e4
LT		 1642 } else
1643 read_unlock_bh(&neigh->lock);
4991969a
DM		 1644
1645 neigh_release(neigh);
1da177e4
LT		 1646 }
1647
1648 rd_len = min_t(unsigned int,
2ce13576
YH		 1649 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1650 skb->len + 8);
1da177e4 1651 rd_len &= ~0x7;
2ce13576 1652 optlen += rd_len;
1da177e4 1653
2ce13576 1654 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
de09334b 1655 if (!buff)
d73f0801 1656 goto release;
1da177e4 1657
4df864c1 1658 msg = skb_put(buff, sizeof(*msg));
4d5c152e
YH		 1659 *msg = (struct rd_msg) {
1660 .icmph = {
1661 .icmp6_type = NDISC_REDIRECT,
1662 },
1663 .target = *target,
1664 .dest = ipv6_hdr(skb)->daddr,
1665 };
1da177e4 1666
1da177e4
LT		 1667 /*
1668 * include target_address option
1669 */
1670
1671 if (ha)
f997c55c 1672 ndisc_fill_redirect_addr_option(buff, ha, ops_data);
1da177e4
LT		 1673
1674 /*
1675 * build redirect option and copy skb over to the new packet.
1676 */
1677
9c86dafe 1678 if (rd_len)
5f5a0115 1679 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1da177e4 1680
adf30907 1681 skb_dst_set(buff, dst);
f4de84c6 1682 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
d73f0801
IJ		 1683 return;
1684
1685release:
1686 dst_release(dst);
1da177e4
LT		 1687}
1688
1689static void pndisc_redo(struct sk_buff *skb)
1690{
140e26fc 1691 ndisc_recv_ns(skb);
1da177e4
LT		 1692 kfree_skb(skb);
1693}
1694
b800c3b9
HFS		 1695static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1696{
1697 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1698
1699 if (!idev)
1700 return true;
1701 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1702 idev->cnf.suppress_frag_ndisc) {
1703 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1704 return true;
1705 }
1706 return false;
1707}
1708
1da177e4
LT		 1709int ndisc_rcv(struct sk_buff *skb)
1710{
1711 struct nd_msg *msg;
1712
b800c3b9
HFS		 1713 if (ndisc_suppress_frag_ndisc(skb))
1714 return 0;
1715
6bce6b4e 1716 if (skb_linearize(skb))
1da177e4
LT		 1717 return 0;
1718
9c70220b 1719 msg = (struct nd_msg *)skb_transport_header(skb);
1da177e4 1720
9c70220b 1721 __skb_push(skb, skb->data - skb_transport_header(skb));
1da177e4 1722
0660e03f 1723 if (ipv6_hdr(skb)->hop_limit != 255) {
675418d5
JP		 1724 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1725 ipv6_hdr(skb)->hop_limit);
1da177e4
LT		 1726 return 0;
1727 }
1728
1729 if (msg->icmph.icmp6_code != 0) {
675418d5
JP		 1730 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1731 msg->icmph.icmp6_code);
1da177e4
LT		 1732 return 0;
1733 }
1734
a61bbcf2
PM		 1735 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1736
1da177e4
LT		 1737 switch (msg->icmph.icmp6_type) {
1738 case NDISC_NEIGHBOUR_SOLICITATION:
1739 ndisc_recv_ns(skb);
1740 break;
1741
1742 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1743 ndisc_recv_na(skb);
1744 break;
1745
1746 case NDISC_ROUTER_SOLICITATION:
1747 ndisc_recv_rs(skb);
1748 break;
1749
1750 case NDISC_ROUTER_ADVERTISEMENT:
1751 ndisc_router_discovery(skb);
1752 break;
1753
1754 case NDISC_REDIRECT:
1755 ndisc_redirect_rcv(skb);
1756 break;
3ff50b79 1757 }
1da177e4
LT		 1758
1759 return 0;
1760}
1761
1762static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1763{
351638e7 1764 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
c8507fb2 1765 struct netdev_notifier_change_info *change_info;
c346dca1 1766 struct net *net = dev_net(dev);
5cb04436 1767 struct inet6_dev *idev;
1da177e4
LT		 1768
1769 switch (event) {
1770 case NETDEV_CHANGEADDR:
1771 neigh_changeaddr(&nd_tbl, dev);
2ac3ac8f 1772 fib6_run_gc(0, net, false);
4a6e3c5d
DA		 1773 /* fallthrough */
1774 case NETDEV_UP:
5cb04436
HFS		 1775 idev = in6_dev_get(dev);
1776 if (!idev)
1777 break;
fc1f8f4f
DA		 1778 if (idev->cnf.ndisc_notify ||
1779 net->ipv6.devconf_all->ndisc_notify)
5cb04436
HFS		 1780 ndisc_send_unsol_na(dev);
1781 in6_dev_put(idev);
1da177e4 1782 break;
c8507fb2
ED		 1783 case NETDEV_CHANGE:
1784 change_info = ptr;
1785 if (change_info->flags_changed & IFF_NOARP)
1786 neigh_changeaddr(&nd_tbl, dev);
1787 break;
1da177e4
LT		 1788 case NETDEV_DOWN:
1789 neigh_ifdown(&nd_tbl, dev);
2ac3ac8f 1790 fib6_run_gc(0, net, false);
1da177e4 1791 break;
f47b9464
BH		 1792 case NETDEV_NOTIFY_PEERS:
1793 ndisc_send_unsol_na(dev);
1794 break;
1da177e4
LT		 1795 default:
1796 break;
1797 }
1798
1799 return NOTIFY_DONE;
1800}
1801
1802static struct notifier_block ndisc_netdev_notifier = {
1803 .notifier_call = ndisc_netdev_event,
6eb79393 1804 .priority = ADDRCONF_NOTIFY_PRIORITY - 5,
1da177e4
LT		 1805};
1806
1807#ifdef CONFIG_SYSCTL
1808static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1809 const char *func, const char *dev_name)
1810{
1811 static char warncomm[TASK_COMM_LEN];
1812 static int warned;
1813 if (strcmp(warncomm, current->comm) && warned < 5) {
1814 strcpy(warncomm, current->comm);
f3213831 1815 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1da177e4
LT		 1816 warncomm, func,
1817 dev_name, ctl->procname,
1818 dev_name, ctl->procname);
1819 warned++;
1820 }
1821}
1822
8d65af78 1823int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1da177e4
LT		 1824{
1825 struct net_device *dev = ctl->extra1;
1826 struct inet6_dev *idev;
1827 int ret;
1828
d12af679
EB		 1829 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1830 (strcmp(ctl->procname, "base_reachable_time") == 0))
1da177e4
LT		 1831 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1832
d12af679 1833 if (strcmp(ctl->procname, "retrans_time") == 0)
cb5b09c1 1834 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
d12af679
EB		 1835
1836 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
cb5b09c1
JP		 1837 ret = neigh_proc_dointvec_jiffies(ctl, write,
1838 buffer, lenp, ppos);
d12af679
EB		 1839
1840 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
ad02ac14 1841 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
cb5b09c1
JP		 1842 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1843 buffer, lenp, ppos);
d12af679 1844 else
1da177e4 1845 ret = -1;
1da177e4
LT		 1846
1847 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1f9248e5
JP		 1848 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1849 idev->nd_parms->reachable_time =
1850 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1da177e4
LT		 1851 idev->tstamp = jiffies;
1852 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1853 in6_dev_put(idev);
1854 }
1855 return ret;
1856}
1857
1da177e4
LT		 1858
1859#endif
1860
2c8c1e72 1861static int __net_init ndisc_net_init(struct net *net)
1da177e4
LT		 1862{
1863 struct ipv6_pinfo *np;
1864 struct sock *sk;
1ab1457c 1865 int err;
1da177e4 1866
1ed8516f
DL		 1867 err = inet_ctl_sock_create(&sk, PF_INET6,
1868 SOCK_RAW, IPPROTO_ICMPV6, net);
1da177e4 1869 if (err < 0) {
675418d5
JP		 1870 ND_PRINTK(0, err,
1871 "NDISC: Failed to initialize the control socket (err %d)\n",
1872 err);
1da177e4
LT		 1873 return err;
1874 }
1875
1ed8516f 1876 net->ipv6.ndisc_sk = sk;
1762f7e8 1877
1da177e4 1878 np = inet6_sk(sk);
1da177e4
LT		 1879 np->hop_limit = 255;
1880 /* Do not loopback ndisc messages */
1881 np->mc_loop = 0;
1da177e4 1882
1762f7e8
DL		 1883 return 0;
1884}
1885
2c8c1e72 1886static void __net_exit ndisc_net_exit(struct net *net)
1762f7e8 1887{
1ed8516f 1888 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1762f7e8
DL		 1889}
1890
1891static struct pernet_operations ndisc_net_ops = {
1892 .init = ndisc_net_init,
1893 .exit = ndisc_net_exit,
1894};
1895
1896int __init ndisc_init(void)
1897{
1898 int err;
1899
1900 err = register_pernet_subsys(&ndisc_net_ops);
1901 if (err)
1902 return err;
1ab1457c
YH		 1903 /*
1904 * Initialize the neighbour table
1905 */
d7480fd3 1906 neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1da177e4
LT		 1907
1908#ifdef CONFIG_SYSCTL
73af614a 1909 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
56ec0fb1 1910 ndisc_ifinfo_sysctl_change);
1762f7e8
DL		 1911 if (err)
1912 goto out_unregister_pernet;
1762f7e8 1913out:
bcd081a3 1914#endif
1762f7e8 1915 return err;
1da177e4 1916
1762f7e8 1917#ifdef CONFIG_SYSCTL
1762f7e8 1918out_unregister_pernet:
1762f7e8
DL		 1919 unregister_pernet_subsys(&ndisc_net_ops);
1920 goto out;
2c861cc6 1921#endif
1da177e4
LT		 1922}
1923
2c861cc6
MK		 1924int __init ndisc_late_init(void)
1925{
1926 return register_netdevice_notifier(&ndisc_netdev_notifier);
1927}
1928
1929void ndisc_late_cleanup(void)
1da177e4 1930{
36f73d0c 1931 unregister_netdevice_notifier(&ndisc_netdev_notifier);
2c861cc6
MK		 1932}
1933
1934void ndisc_cleanup(void)
1935{
1da177e4
LT		 1936#ifdef CONFIG_SYSCTL
1937 neigh_sysctl_unregister(&nd_tbl.parms);
1938#endif
d7480fd3 1939 neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1762f7e8 1940 unregister_pernet_subsys(&ndisc_net_ops);
1da177e4 1941}
Empty description
This page took 1.559679 seconds and 4 git commands to generate.