1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * Internet Control Message Protocol (ICMPv6)
4 * Linux INET6 implementation
9 * Based on net/ipv4/icmp.c
17 * Andi Kleen : exception handling
18 * Andi Kleen add rate limits. never reply to a icmp.
19 * add more length checks and other fixes.
20 * yoshfuji : ensure to sent parameter problem for
22 * YOSHIFUJI Hideaki @USAGI: added sysctl for icmp rate limit.
24 * YOSHIFUJI Hideaki @USAGI: Per-interface statistics support
25 * Kazunori MIYAZAWA @USAGI: change output process to use ip6_append_data
28 #define pr_fmt(fmt) "IPv6: " fmt
30 #include <linux/module.h>
31 #include <linux/errno.h>
32 #include <linux/types.h>
33 #include <linux/socket.h>
35 #include <linux/kernel.h>
36 #include <linux/sockios.h>
37 #include <linux/net.h>
38 #include <linux/skbuff.h>
39 #include <linux/init.h>
40 #include <linux/netfilter.h>
41 #include <linux/slab.h>
44 #include <linux/sysctl.h>
47 #include <linux/inet.h>
48 #include <linux/netdevice.h>
49 #include <linux/icmpv6.h>
55 #include <net/ip6_checksum.h>
57 #include <net/protocol.h>
59 #include <net/rawv6.h>
61 #include <net/transp_v6.h>
62 #include <net/ip6_route.h>
63 #include <net/addrconf.h>
66 #include <net/inet_common.h>
67 #include <net/dsfield.h>
68 #include <net/l3mdev.h>
70 #include <linux/uaccess.h>
72 static DEFINE_PER_CPU(struct sock *, ipv6_icmp_sk);
74 static int icmpv6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
75 u8 type, u8 code, int offset, __be32 info)
77 /* icmpv6_notify checks 8 bytes can be pulled, icmp6hdr is 8 bytes */
78 struct icmp6hdr *icmp6 = (struct icmp6hdr *) (skb->data + offset);
79 struct net *net = dev_net(skb->dev);
81 if (type == ICMPV6_PKT_TOOBIG)
82 ip6_update_pmtu(skb, net, info, skb->dev->ifindex, 0, sock_net_uid(net, NULL));
83 else if (type == NDISC_REDIRECT)
84 ip6_redirect(skb, net, skb->dev->ifindex, 0,
85 sock_net_uid(net, NULL));
87 if (!(type & ICMPV6_INFOMSG_MASK))
88 if (icmp6->icmp6_type == ICMPV6_ECHO_REQUEST)
89 ping_err(skb, offset, ntohl(info));
94 static int icmpv6_rcv(struct sk_buff *skb);
96 static const struct inet6_protocol icmpv6_protocol = {
97 .handler = icmpv6_rcv,
98 .err_handler = icmpv6_err,
99 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
102 /* Called with BH disabled */
103 static struct sock *icmpv6_xmit_lock(struct net *net)
107 sk = this_cpu_read(ipv6_icmp_sk);
108 if (unlikely(!spin_trylock(&sk->sk_lock.slock))) {
109 /* This can happen if the output path (f.e. SIT or
110 * ip6ip6 tunnel) signals dst_link_failure() for an
111 * outgoing ICMP6 packet.
115 sock_net_set(sk, net);
119 static void icmpv6_xmit_unlock(struct sock *sk)
121 sock_net_set(sk, &init_net);
122 spin_unlock(&sk->sk_lock.slock);
126 * Figure out, may we reply to this packet with icmp error.
128 * We do not reply, if:
129 * - it was icmp error message.
130 * - it is truncated, so that it is known, that protocol is ICMPV6
131 * (i.e. in the middle of some exthdr)
136 static bool is_ineligible(const struct sk_buff *skb)
138 int ptr = (u8 *)(ipv6_hdr(skb) + 1) - skb->data;
139 int len = skb->len - ptr;
140 __u8 nexthdr = ipv6_hdr(skb)->nexthdr;
146 ptr = ipv6_skip_exthdr(skb, ptr, &nexthdr, &frag_off);
149 if (nexthdr == IPPROTO_ICMPV6) {
151 tp = skb_header_pointer(skb,
152 ptr+offsetof(struct icmp6hdr, icmp6_type),
153 sizeof(_type), &_type);
155 /* Based on RFC 8200, Section 4.5 Fragment Header, return
156 * false if this is a fragment packet with no icmp header info.
158 if (!tp && frag_off != 0)
160 else if (!tp || !(*tp & ICMPV6_INFOMSG_MASK))
166 static bool icmpv6_mask_allow(struct net *net, int type)
168 if (type > ICMPV6_MSG_MAX)
171 /* Limit if icmp type is set in ratemask. */
172 if (!test_bit(type, net->ipv6.sysctl.icmpv6_ratemask))
178 static bool icmpv6_global_allow(struct net *net, int type)
180 if (icmpv6_mask_allow(net, type))
183 if (icmp_global_allow())
190 * Check the ICMP output rate limit
192 static bool icmpv6_xrlim_allow(struct sock *sk, u8 type,
195 struct net *net = sock_net(sk);
196 struct dst_entry *dst;
199 if (icmpv6_mask_allow(net, type))
203 * Look up the output route.
204 * XXX: perhaps the expire for routing entries cloned by
205 * this lookup should be more aggressive (not longer than timeout).
207 dst = ip6_route_output(net, sk, fl6);
209 IP6_INC_STATS(net, ip6_dst_idev(dst),
210 IPSTATS_MIB_OUTNOROUTES);
211 } else if (dst->dev && (dst->dev->flags&IFF_LOOPBACK)) {
214 struct rt6_info *rt = (struct rt6_info *)dst;
215 int tmo = net->ipv6.sysctl.icmpv6_time;
216 struct inet_peer *peer;
218 /* Give more bandwidth to wider prefixes. */
219 if (rt->rt6i_dst.plen < 128)
220 tmo >>= ((128 - rt->rt6i_dst.plen)>>5);
222 peer = inet_getpeer_v6(net->ipv6.peers, &fl6->daddr, 1);
223 res = inet_peer_xrlim_allow(peer, tmo);
231 static bool icmpv6_rt_has_prefsrc(struct sock *sk, u8 type,
234 struct net *net = sock_net(sk);
235 struct dst_entry *dst;
238 dst = ip6_route_output(net, sk, fl6);
240 struct rt6_info *rt = (struct rt6_info *)dst;
241 struct in6_addr prefsrc;
243 rt6_get_prefsrc(rt, &prefsrc);
244 res = !ipv6_addr_any(&prefsrc);
251 * an inline helper for the "simple" if statement below
252 * checks if parameter problem report is caused by an
253 * unrecognized IPv6 option that has the Option Type
254 * highest-order two bits set to 10
257 static bool opt_unrec(struct sk_buff *skb, __u32 offset)
261 offset += skb_network_offset(skb);
262 op = skb_header_pointer(skb, offset, sizeof(_optval), &_optval);
265 return (*op & 0xC0) == 0x80;
268 void icmpv6_push_pending_frames(struct sock *sk, struct flowi6 *fl6,
269 struct icmp6hdr *thdr, int len)
272 struct icmp6hdr *icmp6h;
274 skb = skb_peek(&sk->sk_write_queue);
278 icmp6h = icmp6_hdr(skb);
279 memcpy(icmp6h, thdr, sizeof(struct icmp6hdr));
280 icmp6h->icmp6_cksum = 0;
282 if (skb_queue_len(&sk->sk_write_queue) == 1) {
283 skb->csum = csum_partial(icmp6h,
284 sizeof(struct icmp6hdr), skb->csum);
285 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl6->saddr,
287 len, fl6->flowi6_proto,
292 skb_queue_walk(&sk->sk_write_queue, skb) {
293 tmp_csum = csum_add(tmp_csum, skb->csum);
296 tmp_csum = csum_partial(icmp6h,
297 sizeof(struct icmp6hdr), tmp_csum);
298 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl6->saddr,
300 len, fl6->flowi6_proto,
303 ip6_push_pending_frames(sk);
312 static int icmpv6_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb)
314 struct icmpv6_msg *msg = (struct icmpv6_msg *) from;
315 struct sk_buff *org_skb = msg->skb;
318 csum = skb_copy_and_csum_bits(org_skb, msg->offset + offset,
320 skb->csum = csum_block_add(skb->csum, csum, odd);
321 if (!(msg->type & ICMPV6_INFOMSG_MASK))
322 nf_ct_attach(skb, org_skb);
326 #if IS_ENABLED(CONFIG_IPV6_MIP6)
327 static void mip6_addr_swap(struct sk_buff *skb, const struct inet6_skb_parm *opt)
329 struct ipv6hdr *iph = ipv6_hdr(skb);
330 struct ipv6_destopt_hao *hao;
335 off = ipv6_find_tlv(skb, opt->dsthao, IPV6_TLV_HAO);
336 if (likely(off >= 0)) {
337 hao = (struct ipv6_destopt_hao *)
338 (skb_network_header(skb) + off);
340 iph->saddr = hao->addr;
346 static inline void mip6_addr_swap(struct sk_buff *skb, const struct inet6_skb_parm *opt) {}
349 static struct dst_entry *icmpv6_route_lookup(struct net *net,
354 struct dst_entry *dst, *dst2;
358 err = ip6_dst_lookup(net, sk, &dst, fl6);
363 * We won't send icmp if the destination is known
366 if (ipv6_anycast_destination(dst, &fl6->daddr)) {
367 net_dbg_ratelimited("icmp6_send: acast source\n");
369 return ERR_PTR(-EINVAL);
372 /* No need to clone since we're just using its address. */
375 dst = xfrm_lookup(net, dst, flowi6_to_flowi(fl6), sk, 0);
380 if (PTR_ERR(dst) == -EPERM)
386 err = xfrm_decode_session_reverse(skb, flowi6_to_flowi(&fl2), AF_INET6);
388 goto relookup_failed;
390 err = ip6_dst_lookup(net, sk, &dst2, &fl2);
392 goto relookup_failed;
394 dst2 = xfrm_lookup(net, dst2, flowi6_to_flowi(&fl2), sk, XFRM_LOOKUP_ICMP);
404 goto relookup_failed;
413 static struct net_device *icmp6_dev(const struct sk_buff *skb)
415 struct net_device *dev = skb->dev;
417 /* for local traffic to local address, skb dev is the loopback
418 * device. Check if there is a dst attached to the skb and if so
419 * get the real device index. Same is needed for replies to a link
420 * local address on a device enslaved to an L3 master device
422 if (unlikely(dev->ifindex == LOOPBACK_IFINDEX || netif_is_l3_master(skb->dev))) {
423 const struct rt6_info *rt6 = skb_rt6_info(skb);
426 dev = rt6->rt6i_idev->dev;
432 static int icmp6_iif(const struct sk_buff *skb)
434 return icmp6_dev(skb)->ifindex;
438 * Send an ICMP message in response to a packet in error
440 void icmp6_send(struct sk_buff *skb, u8 type, u8 code, __u32 info,
441 const struct in6_addr *force_saddr,
442 const struct inet6_skb_parm *parm)
444 struct inet6_dev *idev = NULL;
445 struct ipv6hdr *hdr = ipv6_hdr(skb);
448 struct ipv6_pinfo *np;
449 const struct in6_addr *saddr = NULL;
450 struct dst_entry *dst;
451 struct icmp6hdr tmp_hdr;
453 struct icmpv6_msg msg;
454 struct ipcm6_cookie ipc6;
460 if ((u8 *)hdr < skb->head ||
461 (skb_network_header(skb) + sizeof(*hdr)) > skb_tail_pointer(skb))
466 net = dev_net(skb->dev);
467 mark = IP6_REPLY_MARK(net, skb->mark);
469 * Make sure we respect the rules
470 * i.e. RFC 1885 2.4(e)
471 * Rule (e.1) is enforced by not using icmp6_send
472 * in any code that processes icmp errors.
474 addr_type = ipv6_addr_type(&hdr->daddr);
476 if (ipv6_chk_addr(net, &hdr->daddr, skb->dev, 0) ||
477 ipv6_chk_acast_addr_src(net, skb->dev, &hdr->daddr))
484 if (addr_type & IPV6_ADDR_MULTICAST || skb->pkt_type != PACKET_HOST) {
485 if (type != ICMPV6_PKT_TOOBIG &&
486 !(type == ICMPV6_PARAMPROB &&
487 code == ICMPV6_UNK_OPTION &&
488 (opt_unrec(skb, info))))
494 addr_type = ipv6_addr_type(&hdr->saddr);
500 if (__ipv6_addr_needs_scope_id(addr_type)) {
501 iif = icmp6_iif(skb);
504 * The source device is used for looking up which routing table
505 * to use for sending an ICMP error.
507 iif = l3mdev_master_ifindex(skb->dev);
511 * Must not send error if the source does not uniquely
512 * identify a single node (RFC2463 Section 2.4).
513 * We check unspecified / multicast addresses here,
514 * and anycast addresses will be checked later.
516 if ((addr_type == IPV6_ADDR_ANY) || (addr_type & IPV6_ADDR_MULTICAST)) {
517 net_dbg_ratelimited("icmp6_send: addr_any/mcast source [%pI6c > %pI6c]\n",
518 &hdr->saddr, &hdr->daddr);
523 * Never answer to a ICMP packet.
525 if (is_ineligible(skb)) {
526 net_dbg_ratelimited("icmp6_send: no reply to icmp error [%pI6c > %pI6c]\n",
527 &hdr->saddr, &hdr->daddr);
531 /* Needed by both icmp_global_allow and icmpv6_xmit_lock */
534 /* Check global sysctl_icmp_msgs_per_sec ratelimit */
535 if (!(skb->dev->flags & IFF_LOOPBACK) && !icmpv6_global_allow(net, type))
538 mip6_addr_swap(skb, parm);
540 sk = icmpv6_xmit_lock(net);
544 memset(&fl6, 0, sizeof(fl6));
545 fl6.flowi6_proto = IPPROTO_ICMPV6;
546 fl6.daddr = hdr->saddr;
551 } else if (!icmpv6_rt_has_prefsrc(sk, type, &fl6)) {
552 /* select a more meaningful saddr from input if */
553 struct net_device *in_netdev;
555 in_netdev = dev_get_by_index(net, parm->iif);
557 ipv6_dev_get_saddr(net, in_netdev, &fl6.daddr,
558 inet6_sk(sk)->srcprefs,
563 fl6.flowi6_mark = mark;
564 fl6.flowi6_oif = iif;
565 fl6.fl6_icmp_type = type;
566 fl6.fl6_icmp_code = code;
567 fl6.flowi6_uid = sock_net_uid(net, NULL);
568 fl6.mp_hash = rt6_multipath_hash(net, &fl6, skb, NULL);
569 security_skb_classify_flow(skb, flowi6_to_flowi_common(&fl6));
573 if (!icmpv6_xrlim_allow(sk, type, &fl6))
576 tmp_hdr.icmp6_type = type;
577 tmp_hdr.icmp6_code = code;
578 tmp_hdr.icmp6_cksum = 0;
579 tmp_hdr.icmp6_pointer = htonl(info);
581 if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr))
582 fl6.flowi6_oif = np->mcast_oif;
583 else if (!fl6.flowi6_oif)
584 fl6.flowi6_oif = np->ucast_oif;
586 ipcm6_init_sk(&ipc6, np);
587 ipc6.sockc.mark = mark;
588 fl6.flowlabel = ip6_make_flowinfo(ipc6.tclass, fl6.flowlabel);
590 dst = icmpv6_route_lookup(net, skb, sk, &fl6);
594 ipc6.hlimit = ip6_sk_dst_hoplimit(np, &fl6, dst);
597 msg.offset = skb_network_offset(skb);
600 len = skb->len - msg.offset;
601 len = min_t(unsigned int, len, IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(struct icmp6hdr));
603 net_dbg_ratelimited("icmp: len problem [%pI6c > %pI6c]\n",
604 &hdr->saddr, &hdr->daddr);
605 goto out_dst_release;
609 idev = __in6_dev_get(skb->dev);
611 if (ip6_append_data(sk, icmpv6_getfrag, &msg,
612 len + sizeof(struct icmp6hdr),
613 sizeof(struct icmp6hdr),
614 &ipc6, &fl6, (struct rt6_info *)dst,
616 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTERRORS);
617 ip6_flush_pending_frames(sk);
619 icmpv6_push_pending_frames(sk, &fl6, &tmp_hdr,
620 len + sizeof(struct icmp6hdr));
626 icmpv6_xmit_unlock(sk);
630 EXPORT_SYMBOL(icmp6_send);
632 /* Slightly more convenient version of icmp6_send.
634 void icmpv6_param_prob(struct sk_buff *skb, u8 code, int pos)
636 icmp6_send(skb, ICMPV6_PARAMPROB, code, pos, NULL, IP6CB(skb));
640 /* Generate icmpv6 with type/code ICMPV6_DEST_UNREACH/ICMPV6_ADDR_UNREACH
641 * if sufficient data bytes are available
642 * @nhs is the size of the tunnel header(s) :
643 * Either an IPv4 header for SIT encap
644 * an IPv4 header + GRE header for GRE encap
646 int ip6_err_gen_icmpv6_unreach(struct sk_buff *skb, int nhs, int type,
647 unsigned int data_len)
649 struct in6_addr temp_saddr;
651 struct sk_buff *skb2;
654 if (!pskb_may_pull(skb, nhs + sizeof(struct ipv6hdr) + 8))
657 /* RFC 4884 (partial) support for ICMP extensions */
658 if (data_len < 128 || (data_len & 7) || skb->len < data_len)
661 skb2 = data_len ? skb_copy(skb, GFP_ATOMIC) : skb_clone(skb, GFP_ATOMIC);
668 skb_reset_network_header(skb2);
670 rt = rt6_lookup(dev_net(skb->dev), &ipv6_hdr(skb2)->saddr, NULL, 0,
673 if (rt && rt->dst.dev)
674 skb2->dev = rt->dst.dev;
676 ipv6_addr_set_v4mapped(ip_hdr(skb)->saddr, &temp_saddr);
679 /* RFC 4884 (partial) support :
680 * insert 0 padding at the end, before the extensions
682 __skb_push(skb2, nhs);
683 skb_reset_network_header(skb2);
684 memmove(skb2->data, skb2->data + nhs, data_len - nhs);
685 memset(skb2->data + data_len - nhs, 0, nhs);
686 /* RFC 4884 4.5 : Length is measured in 64-bit words,
687 * and stored in reserved[0]
689 info = (data_len/8) << 24;
691 if (type == ICMP_TIME_EXCEEDED)
692 icmp6_send(skb2, ICMPV6_TIME_EXCEED, ICMPV6_EXC_HOPLIMIT,
693 info, &temp_saddr, IP6CB(skb2));
695 icmp6_send(skb2, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH,
696 info, &temp_saddr, IP6CB(skb2));
704 EXPORT_SYMBOL(ip6_err_gen_icmpv6_unreach);
706 static void icmpv6_echo_reply(struct sk_buff *skb)
708 struct net *net = dev_net(skb->dev);
710 struct inet6_dev *idev;
711 struct ipv6_pinfo *np;
712 const struct in6_addr *saddr = NULL;
713 struct icmp6hdr *icmph = icmp6_hdr(skb);
714 struct icmp6hdr tmp_hdr;
716 struct icmpv6_msg msg;
717 struct dst_entry *dst;
718 struct ipcm6_cookie ipc6;
719 u32 mark = IP6_REPLY_MARK(net, skb->mark);
723 if (ipv6_addr_is_multicast(&ipv6_hdr(skb)->daddr) &&
724 net->ipv6.sysctl.icmpv6_echo_ignore_multicast)
727 saddr = &ipv6_hdr(skb)->daddr;
729 acast = ipv6_anycast_destination(skb_dst(skb), saddr);
730 if (acast && net->ipv6.sysctl.icmpv6_echo_ignore_anycast)
733 if (!ipv6_unicast_destination(skb) &&
734 !(net->ipv6.sysctl.anycast_src_echo_reply && acast))
737 if (icmph->icmp6_type == ICMPV6_EXT_ECHO_REQUEST)
738 type = ICMPV6_EXT_ECHO_REPLY;
740 type = ICMPV6_ECHO_REPLY;
742 memcpy(&tmp_hdr, icmph, sizeof(tmp_hdr));
743 tmp_hdr.icmp6_type = type;
745 memset(&fl6, 0, sizeof(fl6));
746 if (net->ipv6.sysctl.flowlabel_reflect & FLOWLABEL_REFLECT_ICMPV6_ECHO_REPLIES)
747 fl6.flowlabel = ip6_flowlabel(ipv6_hdr(skb));
749 fl6.flowi6_proto = IPPROTO_ICMPV6;
750 fl6.daddr = ipv6_hdr(skb)->saddr;
753 fl6.flowi6_oif = icmp6_iif(skb);
754 fl6.fl6_icmp_type = type;
755 fl6.flowi6_mark = mark;
756 fl6.flowi6_uid = sock_net_uid(net, NULL);
757 security_skb_classify_flow(skb, flowi6_to_flowi_common(&fl6));
760 sk = icmpv6_xmit_lock(net);
765 if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr))
766 fl6.flowi6_oif = np->mcast_oif;
767 else if (!fl6.flowi6_oif)
768 fl6.flowi6_oif = np->ucast_oif;
770 if (ip6_dst_lookup(net, sk, &dst, &fl6))
772 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), sk, 0);
776 /* Check the ratelimit */
777 if ((!(skb->dev->flags & IFF_LOOPBACK) && !icmpv6_global_allow(net, ICMPV6_ECHO_REPLY)) ||
778 !icmpv6_xrlim_allow(sk, ICMPV6_ECHO_REPLY, &fl6))
779 goto out_dst_release;
781 idev = __in6_dev_get(skb->dev);
787 ipcm6_init_sk(&ipc6, np);
788 ipc6.hlimit = ip6_sk_dst_hoplimit(np, &fl6, dst);
789 ipc6.tclass = ipv6_get_dsfield(ipv6_hdr(skb));
790 ipc6.sockc.mark = mark;
792 if (icmph->icmp6_type == ICMPV6_EXT_ECHO_REQUEST)
793 if (!icmp_build_probe(skb, (struct icmphdr *)&tmp_hdr))
794 goto out_dst_release;
796 if (ip6_append_data(sk, icmpv6_getfrag, &msg,
797 skb->len + sizeof(struct icmp6hdr),
798 sizeof(struct icmp6hdr), &ipc6, &fl6,
799 (struct rt6_info *)dst, MSG_DONTWAIT)) {
800 __ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTERRORS);
801 ip6_flush_pending_frames(sk);
803 icmpv6_push_pending_frames(sk, &fl6, &tmp_hdr,
804 skb->len + sizeof(struct icmp6hdr));
809 icmpv6_xmit_unlock(sk);
814 void icmpv6_notify(struct sk_buff *skb, u8 type, u8 code, __be32 info)
816 struct inet6_skb_parm *opt = IP6CB(skb);
817 const struct inet6_protocol *ipprot;
821 struct net *net = dev_net(skb->dev);
823 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
826 seg6_icmp_srh(skb, opt);
828 nexthdr = ((struct ipv6hdr *)skb->data)->nexthdr;
829 if (ipv6_ext_hdr(nexthdr)) {
830 /* now skip over extension headers */
831 inner_offset = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr),
832 &nexthdr, &frag_off);
833 if (inner_offset < 0)
836 inner_offset = sizeof(struct ipv6hdr);
839 /* Checkin header including 8 bytes of inner protocol header. */
840 if (!pskb_may_pull(skb, inner_offset+8))
843 /* BUGGG_FUTURE: we should try to parse exthdrs in this packet.
844 Without this we will not able f.e. to make source routed
846 Corresponding argument (opt) to notifiers is already added.
850 ipprot = rcu_dereference(inet6_protos[nexthdr]);
851 if (ipprot && ipprot->err_handler)
852 ipprot->err_handler(skb, opt, type, code, inner_offset, info);
854 raw6_icmp_error(skb, nexthdr, type, code, inner_offset, info);
858 __ICMP6_INC_STATS(net, __in6_dev_get(skb->dev), ICMP6_MIB_INERRORS);
862 * Handle icmp messages
865 static int icmpv6_rcv(struct sk_buff *skb)
867 struct net *net = dev_net(skb->dev);
868 struct net_device *dev = icmp6_dev(skb);
869 struct inet6_dev *idev = __in6_dev_get(dev);
870 const struct in6_addr *saddr, *daddr;
871 struct icmp6hdr *hdr;
873 bool success = false;
875 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
876 struct sec_path *sp = skb_sec_path(skb);
879 if (!(sp && sp->xvec[sp->len - 1]->props.flags &
883 if (!pskb_may_pull(skb, sizeof(*hdr) + sizeof(struct ipv6hdr)))
886 nh = skb_network_offset(skb);
887 skb_set_network_header(skb, sizeof(*hdr));
889 if (!xfrm6_policy_check_reverse(NULL, XFRM_POLICY_IN, skb))
892 skb_set_network_header(skb, nh);
895 __ICMP6_INC_STATS(dev_net(dev), idev, ICMP6_MIB_INMSGS);
897 saddr = &ipv6_hdr(skb)->saddr;
898 daddr = &ipv6_hdr(skb)->daddr;
900 if (skb_checksum_validate(skb, IPPROTO_ICMPV6, ip6_compute_pseudo)) {
901 net_dbg_ratelimited("ICMPv6 checksum failed [%pI6c > %pI6c]\n",
906 if (!pskb_pull(skb, sizeof(*hdr)))
909 hdr = icmp6_hdr(skb);
911 type = hdr->icmp6_type;
913 ICMP6MSGIN_INC_STATS(dev_net(dev), idev, type);
916 case ICMPV6_ECHO_REQUEST:
917 if (!net->ipv6.sysctl.icmpv6_echo_ignore_all)
918 icmpv6_echo_reply(skb);
920 case ICMPV6_EXT_ECHO_REQUEST:
921 if (!net->ipv6.sysctl.icmpv6_echo_ignore_all &&
922 net->ipv4.sysctl_icmp_echo_enable_probe)
923 icmpv6_echo_reply(skb);
926 case ICMPV6_ECHO_REPLY:
927 success = ping_rcv(skb);
930 case ICMPV6_EXT_ECHO_REPLY:
931 success = ping_rcv(skb);
934 case ICMPV6_PKT_TOOBIG:
935 /* BUGGG_FUTURE: if packet contains rthdr, we cannot update
936 standard destination cache. Seems, only "advanced"
937 destination cache will allow to solve this problem
940 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
942 hdr = icmp6_hdr(skb);
946 case ICMPV6_DEST_UNREACH:
947 case ICMPV6_TIME_EXCEED:
948 case ICMPV6_PARAMPROB:
949 icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu);
952 case NDISC_ROUTER_SOLICITATION:
953 case NDISC_ROUTER_ADVERTISEMENT:
954 case NDISC_NEIGHBOUR_SOLICITATION:
955 case NDISC_NEIGHBOUR_ADVERTISEMENT:
960 case ICMPV6_MGM_QUERY:
961 igmp6_event_query(skb);
964 case ICMPV6_MGM_REPORT:
965 igmp6_event_report(skb);
968 case ICMPV6_MGM_REDUCTION:
969 case ICMPV6_NI_QUERY:
970 case ICMPV6_NI_REPLY:
971 case ICMPV6_MLD2_REPORT:
972 case ICMPV6_DHAAD_REQUEST:
973 case ICMPV6_DHAAD_REPLY:
974 case ICMPV6_MOBILE_PREFIX_SOL:
975 case ICMPV6_MOBILE_PREFIX_ADV:
980 if (type & ICMPV6_INFOMSG_MASK)
983 net_dbg_ratelimited("icmpv6: msg of unknown type [%pI6c > %pI6c]\n",
987 * error of unknown type.
988 * must pass to upper level
991 icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu);
994 /* until the v6 path can be better sorted assume failure and
995 * preserve the status quo behaviour for the rest of the paths to here
1005 __ICMP6_INC_STATS(dev_net(dev), idev, ICMP6_MIB_CSUMERRORS);
1007 __ICMP6_INC_STATS(dev_net(dev), idev, ICMP6_MIB_INERRORS);
1013 void icmpv6_flow_init(struct sock *sk, struct flowi6 *fl6,
1015 const struct in6_addr *saddr,
1016 const struct in6_addr *daddr,
1019 memset(fl6, 0, sizeof(*fl6));
1020 fl6->saddr = *saddr;
1021 fl6->daddr = *daddr;
1022 fl6->flowi6_proto = IPPROTO_ICMPV6;
1023 fl6->fl6_icmp_type = type;
1024 fl6->fl6_icmp_code = 0;
1025 fl6->flowi6_oif = oif;
1026 security_sk_classify_flow(sk, flowi6_to_flowi_common(fl6));
1029 int __init icmpv6_init(void)
1034 for_each_possible_cpu(i) {
1035 err = inet_ctl_sock_create(&sk, PF_INET6,
1036 SOCK_RAW, IPPROTO_ICMPV6, &init_net);
1038 pr_err("Failed to initialize the ICMP6 control socket (err %d)\n",
1043 per_cpu(ipv6_icmp_sk, i) = sk;
1045 /* Enough space for 2 64K ICMP packets, including
1046 * sk_buff struct overhead.
1048 sk->sk_sndbuf = 2 * SKB_TRUESIZE(64 * 1024);
1052 if (inet6_add_protocol(&icmpv6_protocol, IPPROTO_ICMPV6) < 0)
1055 err = inet6_register_icmp_sender(icmp6_send);
1057 goto sender_reg_err;
1061 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6);
1063 pr_err("Failed to register ICMP6 protocol\n");
1067 void icmpv6_cleanup(void)
1069 inet6_unregister_icmp_sender(icmp6_send);
1070 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6);
1074 static const struct icmp6_err {
1082 { /* ADM_PROHIBITED */
1086 { /* Was NOT_NEIGHBOUR, now reserved */
1087 .err = EHOSTUNREACH,
1090 { /* ADDR_UNREACH */
1091 .err = EHOSTUNREACH,
1094 { /* PORT_UNREACH */
1095 .err = ECONNREFUSED,
1102 { /* REJECT_ROUTE */
1108 int icmpv6_err_convert(u8 type, u8 code, int *err)
1115 case ICMPV6_DEST_UNREACH:
1117 if (code < ARRAY_SIZE(tab_unreach)) {
1118 *err = tab_unreach[code].err;
1119 fatal = tab_unreach[code].fatal;
1123 case ICMPV6_PKT_TOOBIG:
1127 case ICMPV6_PARAMPROB:
1132 case ICMPV6_TIME_EXCEED:
1133 *err = EHOSTUNREACH;
1139 EXPORT_SYMBOL(icmpv6_err_convert);
1141 #ifdef CONFIG_SYSCTL
1142 static struct ctl_table ipv6_icmp_table_template[] = {
1144 .procname = "ratelimit",
1145 .data = &init_net.ipv6.sysctl.icmpv6_time,
1146 .maxlen = sizeof(int),
1148 .proc_handler = proc_dointvec_ms_jiffies,
1151 .procname = "echo_ignore_all",
1152 .data = &init_net.ipv6.sysctl.icmpv6_echo_ignore_all,
1153 .maxlen = sizeof(u8),
1155 .proc_handler = proc_dou8vec_minmax,
1158 .procname = "echo_ignore_multicast",
1159 .data = &init_net.ipv6.sysctl.icmpv6_echo_ignore_multicast,
1160 .maxlen = sizeof(u8),
1162 .proc_handler = proc_dou8vec_minmax,
1165 .procname = "echo_ignore_anycast",
1166 .data = &init_net.ipv6.sysctl.icmpv6_echo_ignore_anycast,
1167 .maxlen = sizeof(u8),
1169 .proc_handler = proc_dou8vec_minmax,
1172 .procname = "ratemask",
1173 .data = &init_net.ipv6.sysctl.icmpv6_ratemask_ptr,
1174 .maxlen = ICMPV6_MSG_MAX + 1,
1176 .proc_handler = proc_do_large_bitmap,
1181 struct ctl_table * __net_init ipv6_icmp_sysctl_init(struct net *net)
1183 struct ctl_table *table;
1185 table = kmemdup(ipv6_icmp_table_template,
1186 sizeof(ipv6_icmp_table_template),
1190 table[0].data = &net->ipv6.sysctl.icmpv6_time;
1191 table[1].data = &net->ipv6.sysctl.icmpv6_echo_ignore_all;
1192 table[2].data = &net->ipv6.sysctl.icmpv6_echo_ignore_multicast;
1193 table[3].data = &net->ipv6.sysctl.icmpv6_echo_ignore_anycast;
1194 table[4].data = &net->ipv6.sysctl.icmpv6_ratemask_ptr;
projects / linux.git / blob