2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
30 #define pr_fmt(fmt) "ICMPv6: " fmt
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
45 #include <linux/sysctl.h>
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
75 /* Set to 3 to get tracing... */
78 #define ND_PRINTK(val, level, fmt, ...) \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
84 static u32 ndisc_hash(const void *pkey,
85 const struct net_device *dev,
87 static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey);
88 static int ndisc_constructor(struct neighbour *neigh);
89 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
90 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
91 static int pndisc_constructor(struct pneigh_entry *n);
92 static void pndisc_destructor(struct pneigh_entry *n);
93 static void pndisc_redo(struct sk_buff *skb);
95 static const struct neigh_ops ndisc_generic_ops = {
97 .solicit = ndisc_solicit,
98 .error_report = ndisc_error_report,
99 .output = neigh_resolve_output,
100 .connected_output = neigh_connected_output,
103 static const struct neigh_ops ndisc_hh_ops = {
105 .solicit = ndisc_solicit,
106 .error_report = ndisc_error_report,
107 .output = neigh_resolve_output,
108 .connected_output = neigh_resolve_output,
112 static const struct neigh_ops ndisc_direct_ops = {
114 .output = neigh_direct_output,
115 .connected_output = neigh_direct_output,
118 struct neigh_table nd_tbl = {
120 .key_len = sizeof(struct in6_addr),
121 .protocol = cpu_to_be16(ETH_P_IPV6),
123 .key_eq = ndisc_key_eq,
124 .constructor = ndisc_constructor,
125 .pconstructor = pndisc_constructor,
126 .pdestructor = pndisc_destructor,
127 .proxy_redo = pndisc_redo,
131 .reachable_time = ND_REACHABLE_TIME,
133 [NEIGH_VAR_MCAST_PROBES] = 3,
134 [NEIGH_VAR_UCAST_PROBES] = 3,
135 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
136 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
137 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
138 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
139 [NEIGH_VAR_QUEUE_LEN_BYTES] = 64 * 1024,
140 [NEIGH_VAR_PROXY_QLEN] = 64,
141 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
142 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
145 .gc_interval = 30 * HZ,
151 static void ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data)
153 int pad = ndisc_addr_option_pad(skb->dev->type);
154 int data_len = skb->dev->addr_len;
155 int space = ndisc_opt_addr_space(skb->dev);
156 u8 *opt = skb_put(skb, space);
161 memset(opt + 2, 0, pad);
165 memcpy(opt+2, data, data_len);
170 memset(opt, 0, space);
173 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
174 struct nd_opt_hdr *end)
177 if (!cur || !end || cur >= end)
179 type = cur->nd_opt_type;
181 cur = ((void *)cur) + (cur->nd_opt_len << 3);
182 } while (cur < end && cur->nd_opt_type != type);
183 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
186 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
188 return opt->nd_opt_type == ND_OPT_RDNSS ||
189 opt->nd_opt_type == ND_OPT_DNSSL;
192 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
193 struct nd_opt_hdr *end)
195 if (!cur || !end || cur >= end)
198 cur = ((void *)cur) + (cur->nd_opt_len << 3);
199 } while (cur < end && !ndisc_is_useropt(cur));
200 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
203 struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
204 struct ndisc_options *ndopts)
206 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
208 if (!nd_opt || opt_len < 0 || !ndopts)
210 memset(ndopts, 0, sizeof(*ndopts));
213 if (opt_len < sizeof(struct nd_opt_hdr))
215 l = nd_opt->nd_opt_len << 3;
216 if (opt_len < l || l == 0)
218 switch (nd_opt->nd_opt_type) {
219 case ND_OPT_SOURCE_LL_ADDR:
220 case ND_OPT_TARGET_LL_ADDR:
222 case ND_OPT_REDIRECT_HDR:
223 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
225 "%s: duplicated ND6 option found: type=%d\n",
226 __func__, nd_opt->nd_opt_type);
228 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
231 case ND_OPT_PREFIX_INFO:
232 ndopts->nd_opts_pi_end = nd_opt;
233 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
234 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
236 #ifdef CONFIG_IPV6_ROUTE_INFO
237 case ND_OPT_ROUTE_INFO:
238 ndopts->nd_opts_ri_end = nd_opt;
239 if (!ndopts->nd_opts_ri)
240 ndopts->nd_opts_ri = nd_opt;
244 if (ndisc_is_useropt(nd_opt)) {
245 ndopts->nd_useropts_end = nd_opt;
246 if (!ndopts->nd_useropts)
247 ndopts->nd_useropts = nd_opt;
250 * Unknown options must be silently ignored,
251 * to accommodate future extension to the
255 "%s: ignored unsupported option; type=%d, len=%d\n",
262 nd_opt = ((void *)nd_opt) + l;
267 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
271 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
273 ipv6_eth_mc_map(addr, buf);
276 ipv6_arcnet_mc_map(addr, buf);
278 case ARPHRD_INFINIBAND:
279 ipv6_ib_mc_map(addr, dev->broadcast, buf);
282 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
285 memcpy(buf, dev->broadcast, dev->addr_len);
291 EXPORT_SYMBOL(ndisc_mc_map);
293 static u32 ndisc_hash(const void *pkey,
294 const struct net_device *dev,
297 return ndisc_hashfn(pkey, dev, hash_rnd);
300 static bool ndisc_key_eq(const struct neighbour *n, const void *pkey)
302 return neigh_key_eq128(n, pkey);
305 static int ndisc_constructor(struct neighbour *neigh)
307 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
308 struct net_device *dev = neigh->dev;
309 struct inet6_dev *in6_dev;
310 struct neigh_parms *parms;
311 bool is_multicast = ipv6_addr_is_multicast(addr);
313 in6_dev = in6_dev_get(dev);
318 parms = in6_dev->nd_parms;
319 __neigh_parms_put(neigh->parms);
320 neigh->parms = neigh_parms_clone(parms);
322 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
323 if (!dev->header_ops) {
324 neigh->nud_state = NUD_NOARP;
325 neigh->ops = &ndisc_direct_ops;
326 neigh->output = neigh_direct_output;
329 neigh->nud_state = NUD_NOARP;
330 ndisc_mc_map(addr, neigh->ha, dev, 1);
331 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
332 neigh->nud_state = NUD_NOARP;
333 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
334 if (dev->flags&IFF_LOOPBACK)
335 neigh->type = RTN_LOCAL;
336 } else if (dev->flags&IFF_POINTOPOINT) {
337 neigh->nud_state = NUD_NOARP;
338 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
340 if (dev->header_ops->cache)
341 neigh->ops = &ndisc_hh_ops;
343 neigh->ops = &ndisc_generic_ops;
344 if (neigh->nud_state&NUD_VALID)
345 neigh->output = neigh->ops->connected_output;
347 neigh->output = neigh->ops->output;
349 in6_dev_put(in6_dev);
353 static int pndisc_constructor(struct pneigh_entry *n)
355 struct in6_addr *addr = (struct in6_addr *)&n->key;
356 struct in6_addr maddr;
357 struct net_device *dev = n->dev;
359 if (!dev || !__in6_dev_get(dev))
361 addrconf_addr_solict_mult(addr, &maddr);
362 ipv6_dev_mc_inc(dev, &maddr);
366 static void pndisc_destructor(struct pneigh_entry *n)
368 struct in6_addr *addr = (struct in6_addr *)&n->key;
369 struct in6_addr maddr;
370 struct net_device *dev = n->dev;
372 if (!dev || !__in6_dev_get(dev))
374 addrconf_addr_solict_mult(addr, &maddr);
375 ipv6_dev_mc_dec(dev, &maddr);
378 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
381 int hlen = LL_RESERVED_SPACE(dev);
382 int tlen = dev->needed_tailroom;
383 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
386 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
388 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
393 skb->protocol = htons(ETH_P_IPV6);
396 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
397 skb_reset_transport_header(skb);
399 /* Manually assign socket ownership as we avoid calling
400 * sock_alloc_send_pskb() to bypass wmem buffer limits
402 skb_set_owner_w(skb, sk);
407 static void ip6_nd_hdr(struct sk_buff *skb,
408 const struct in6_addr *saddr,
409 const struct in6_addr *daddr,
410 int hop_limit, int len)
414 skb_push(skb, sizeof(*hdr));
415 skb_reset_network_header(skb);
418 ip6_flow_hdr(hdr, 0, 0);
420 hdr->payload_len = htons(len);
421 hdr->nexthdr = IPPROTO_ICMPV6;
422 hdr->hop_limit = hop_limit;
428 static void ndisc_send_skb(struct sk_buff *skb,
429 const struct in6_addr *daddr,
430 const struct in6_addr *saddr)
432 struct dst_entry *dst = skb_dst(skb);
433 struct net *net = dev_net(skb->dev);
434 struct sock *sk = net->ipv6.ndisc_sk;
435 struct inet6_dev *idev;
437 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
440 type = icmp6h->icmp6_type;
445 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, skb->dev->ifindex);
446 dst = icmp6_dst_alloc(skb->dev, &fl6);
452 skb_dst_set(skb, dst);
455 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
460 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
463 idev = __in6_dev_get(dst->dev);
464 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
466 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, sk, skb,
470 ICMP6MSGOUT_INC_STATS(net, idev, type);
471 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
477 void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
478 const struct in6_addr *daddr,
479 const struct in6_addr *solicited_addr,
480 bool router, bool solicited, bool override, bool inc_opt)
483 struct in6_addr tmpaddr;
484 struct inet6_ifaddr *ifp;
485 const struct in6_addr *src_addr;
489 /* for anycast or proxy, solicited_addr != src_addr */
490 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
492 src_addr = solicited_addr;
493 if (ifp->flags & IFA_F_OPTIMISTIC)
495 inc_opt |= ifp->idev->cnf.force_tllao;
498 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
499 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
508 optlen += ndisc_opt_addr_space(dev);
510 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
514 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
515 *msg = (struct nd_msg) {
517 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
518 .icmp6_router = router,
519 .icmp6_solicited = solicited,
520 .icmp6_override = override,
522 .target = *solicited_addr,
526 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
530 ndisc_send_skb(skb, daddr, src_addr);
533 static void ndisc_send_unsol_na(struct net_device *dev)
535 struct inet6_dev *idev;
536 struct inet6_ifaddr *ifa;
538 idev = in6_dev_get(dev);
542 read_lock_bh(&idev->lock);
543 list_for_each_entry(ifa, &idev->addr_list, if_list) {
544 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &ifa->addr,
545 /*router=*/ !!idev->cnf.forwarding,
546 /*solicited=*/ false, /*override=*/ true,
549 read_unlock_bh(&idev->lock);
554 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
555 const struct in6_addr *solicit,
556 const struct in6_addr *daddr, const struct in6_addr *saddr,
557 struct sk_buff *oskb)
560 struct in6_addr addr_buf;
561 int inc_opt = dev->addr_len;
566 if (ipv6_get_lladdr(dev, &addr_buf,
567 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
572 if (ipv6_addr_any(saddr))
575 optlen += ndisc_opt_addr_space(dev);
577 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
581 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
582 *msg = (struct nd_msg) {
584 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
590 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
593 if (!(dev->priv_flags & IFF_XMIT_DST_RELEASE) && oskb)
594 skb_dst_copy(skb, oskb);
596 ndisc_send_skb(skb, daddr, saddr);
599 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
600 const struct in6_addr *daddr)
604 int send_sllao = dev->addr_len;
607 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
609 * According to section 2.2 of RFC 4429, we must not
610 * send router solicitations with a sllao from
611 * optimistic addresses, but we may send the solicitation
612 * if we don't include the sllao. So here we check
613 * if our address is optimistic, and if so, we
614 * suppress the inclusion of the sllao.
617 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
620 if (ifp->flags & IFA_F_OPTIMISTIC) {
630 optlen += ndisc_opt_addr_space(dev);
632 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
636 msg = (struct rs_msg *)skb_put(skb, sizeof(*msg));
637 *msg = (struct rs_msg) {
639 .icmp6_type = NDISC_ROUTER_SOLICITATION,
644 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
647 ndisc_send_skb(skb, daddr, saddr);
651 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
654 * "The sender MUST return an ICMP
655 * destination unreachable"
657 dst_link_failure(skb);
661 /* Called with locked neigh: either read or both */
663 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
665 struct in6_addr *saddr = NULL;
666 struct in6_addr mcaddr;
667 struct net_device *dev = neigh->dev;
668 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
669 int probes = atomic_read(&neigh->probes);
671 if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
673 IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
674 saddr = &ipv6_hdr(skb)->saddr;
675 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
677 if (!(neigh->nud_state & NUD_VALID)) {
679 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
682 ndisc_send_ns(dev, neigh, target, target, saddr, skb);
683 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
686 addrconf_addr_solict_mult(target, &mcaddr);
687 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr, skb);
691 static int pndisc_is_router(const void *pkey,
692 struct net_device *dev)
694 struct pneigh_entry *n;
697 read_lock_bh(&nd_tbl.lock);
698 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
700 ret = !!(n->flags & NTF_ROUTER);
701 read_unlock_bh(&nd_tbl.lock);
706 static void ndisc_recv_ns(struct sk_buff *skb)
708 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
709 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
710 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
712 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
713 offsetof(struct nd_msg, opt));
714 struct ndisc_options ndopts;
715 struct net_device *dev = skb->dev;
716 struct inet6_ifaddr *ifp;
717 struct inet6_dev *idev = NULL;
718 struct neighbour *neigh;
719 int dad = ipv6_addr_any(saddr);
723 if (skb->len < sizeof(struct nd_msg)) {
724 ND_PRINTK(2, warn, "NS: packet too short\n");
728 if (ipv6_addr_is_multicast(&msg->target)) {
729 ND_PRINTK(2, warn, "NS: multicast target address\n");
735 * DAD has to be destined for solicited node multicast address.
737 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
738 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
742 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
743 ND_PRINTK(2, warn, "NS: invalid ND options\n");
747 if (ndopts.nd_opts_src_lladdr) {
748 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
751 "NS: invalid link-layer address length\n");
756 * If the IP source address is the unspecified address,
757 * there MUST NOT be source link-layer address option
762 "NS: bad DAD packet (link-layer address option)\n");
767 inc = ipv6_addr_is_multicast(daddr);
769 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
772 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
775 * We are colliding with another node
777 * so fail our DAD process
779 addrconf_dad_failure(ifp);
783 * This is not a dad solicitation.
784 * If we are an optimistic node,
786 * Otherwise, we should ignore it.
788 if (!(ifp->flags & IFA_F_OPTIMISTIC))
795 struct net *net = dev_net(dev);
797 idev = in6_dev_get(dev);
799 /* XXX: count this drop? */
803 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
804 (idev->cnf.forwarding &&
805 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
806 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
807 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
808 skb->pkt_type != PACKET_HOST &&
810 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
812 * for anycast or proxy,
813 * sender should delay its response
814 * by a random time between 0 and
815 * MAX_ANYCAST_DELAY_TIME seconds.
816 * (RFC2461) -- yoshfuji
818 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
820 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
828 is_router = idev->cnf.forwarding;
831 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
832 !!is_router, false, (ifp != NULL), true);
837 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
839 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
842 * update / create cache entry
843 * for the source address
845 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
846 !inc || lladdr || !dev->addr_len);
848 neigh_update(neigh, lladdr, NUD_STALE,
849 NEIGH_UPDATE_F_WEAK_OVERRIDE|
850 NEIGH_UPDATE_F_OVERRIDE);
851 if (neigh || !dev->header_ops) {
852 ndisc_send_na(dev, neigh, saddr, &msg->target,
854 true, (ifp != NULL && inc), inc);
856 neigh_release(neigh);
866 static void ndisc_recv_na(struct sk_buff *skb)
868 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
869 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
870 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
872 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
873 offsetof(struct nd_msg, opt));
874 struct ndisc_options ndopts;
875 struct net_device *dev = skb->dev;
876 struct inet6_ifaddr *ifp;
877 struct neighbour *neigh;
879 if (skb->len < sizeof(struct nd_msg)) {
880 ND_PRINTK(2, warn, "NA: packet too short\n");
884 if (ipv6_addr_is_multicast(&msg->target)) {
885 ND_PRINTK(2, warn, "NA: target address is multicast\n");
889 if (ipv6_addr_is_multicast(daddr) &&
890 msg->icmph.icmp6_solicited) {
891 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
895 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
896 ND_PRINTK(2, warn, "NS: invalid ND option\n");
899 if (ndopts.nd_opts_tgt_lladdr) {
900 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
903 "NA: invalid link-layer address length\n");
907 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
909 if (skb->pkt_type != PACKET_LOOPBACK
910 && (ifp->flags & IFA_F_TENTATIVE)) {
911 addrconf_dad_failure(ifp);
914 /* What should we make now? The advertisement
915 is invalid, but ndisc specs say nothing
916 about it. It could be misconfiguration, or
917 an smart proxy agent tries to help us :-)
919 We should not print the error if NA has been
920 received from loopback - it is just our own
921 unsolicited advertisement.
923 if (skb->pkt_type != PACKET_LOOPBACK)
925 "NA: someone advertises our address %pI6 on %s!\n",
926 &ifp->addr, ifp->idev->dev->name);
930 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
933 u8 old_flags = neigh->flags;
934 struct net *net = dev_net(dev);
936 if (neigh->nud_state & NUD_FAILED)
940 * Don't update the neighbor cache entry on a proxy NA from
941 * ourselves because either the proxied node is off link or it
942 * has already sent a NA to us.
944 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
945 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
946 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
947 /* XXX: idev->cnf.proxy_ndp */
951 neigh_update(neigh, lladdr,
952 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
953 NEIGH_UPDATE_F_WEAK_OVERRIDE|
954 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
955 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
956 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
958 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
960 * Change: router to host
962 rt6_clean_tohost(dev_net(dev), saddr);
966 neigh_release(neigh);
970 static void ndisc_recv_rs(struct sk_buff *skb)
972 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
973 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
974 struct neighbour *neigh;
975 struct inet6_dev *idev;
976 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
977 struct ndisc_options ndopts;
980 if (skb->len < sizeof(*rs_msg))
983 idev = __in6_dev_get(skb->dev);
985 ND_PRINTK(1, err, "RS: can't find in6 device\n");
989 /* Don't accept RS if we're not in router mode */
990 if (!idev->cnf.forwarding)
994 * Don't update NCE if src = ::;
995 * this implies that the source node has no ip address assigned yet.
997 if (ipv6_addr_any(saddr))
1000 /* Parse ND options */
1001 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
1002 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
1006 if (ndopts.nd_opts_src_lladdr) {
1007 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1013 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1015 neigh_update(neigh, lladdr, NUD_STALE,
1016 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1017 NEIGH_UPDATE_F_OVERRIDE|
1018 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1019 neigh_release(neigh);
1025 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1027 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1028 struct sk_buff *skb;
1029 struct nlmsghdr *nlh;
1030 struct nduseroptmsg *ndmsg;
1031 struct net *net = dev_net(ra->dev);
1033 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1034 + (opt->nd_opt_len << 3));
1035 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1037 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1043 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1045 goto nla_put_failure;
1048 ndmsg = nlmsg_data(nlh);
1049 ndmsg->nduseropt_family = AF_INET6;
1050 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1051 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1052 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1053 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1055 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1057 if (nla_put_in6_addr(skb, NDUSEROPT_SRCADDR, &ipv6_hdr(ra)->saddr))
1058 goto nla_put_failure;
1059 nlmsg_end(skb, nlh);
1061 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1068 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1071 static void ndisc_router_discovery(struct sk_buff *skb)
1073 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1074 struct neighbour *neigh = NULL;
1075 struct inet6_dev *in6_dev;
1076 struct rt6_info *rt = NULL;
1078 struct ndisc_options ndopts;
1080 unsigned int pref = 0;
1082 __u8 *opt = (__u8 *)(ra_msg + 1);
1084 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1085 sizeof(struct ra_msg);
1088 "RA: %s, dev: %s\n",
1089 __func__, skb->dev->name);
1090 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1091 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1095 ND_PRINTK(2, warn, "RA: packet too short\n");
1099 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1100 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1101 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1107 * set the RA_RECV flag in the interface
1110 in6_dev = __in6_dev_get(skb->dev);
1112 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1117 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1118 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1122 if (!ipv6_accept_ra(in6_dev)) {
1124 "RA: %s, did not accept ra for dev: %s\n",
1125 __func__, skb->dev->name);
1126 goto skip_linkparms;
1129 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1130 /* skip link-specific parameters from interior routers */
1131 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1133 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1134 __func__, skb->dev->name);
1135 goto skip_linkparms;
1139 if (in6_dev->if_flags & IF_RS_SENT) {
1141 * flag that an RA was received after an RS was sent
1142 * out on this interface.
1144 in6_dev->if_flags |= IF_RA_RCVD;
1148 * Remember the managed/otherconf flags from most recently
1149 * received RA message (RFC 2462) -- yoshfuji
1151 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1153 (ra_msg->icmph.icmp6_addrconf_managed ?
1154 IF_RA_MANAGED : 0) |
1155 (ra_msg->icmph.icmp6_addrconf_other ?
1156 IF_RA_OTHERCONF : 0);
1158 if (!in6_dev->cnf.accept_ra_defrtr) {
1160 "RA: %s, defrtr is false for dev: %s\n",
1161 __func__, skb->dev->name);
1165 /* Do not accept RA with source-addr found on local machine unless
1166 * accept_ra_from_local is set to true.
1168 if (!in6_dev->cnf.accept_ra_from_local &&
1169 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1172 "RA from local address detected on dev: %s: default router ignored\n",
1177 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1179 #ifdef CONFIG_IPV6_ROUTER_PREF
1180 pref = ra_msg->icmph.icmp6_router_pref;
1181 /* 10b is handled as if it were 00b (medium) */
1182 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1183 !in6_dev->cnf.accept_ra_rtr_pref)
1184 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1187 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1190 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1193 "RA: %s got default router without neighbour\n",
1199 if (rt && lifetime == 0) {
1204 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1205 rt, lifetime, skb->dev->name);
1206 if (!rt && lifetime) {
1207 ND_PRINTK(3, info, "RA: adding default router\n");
1209 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1212 "RA: %s failed to add default route\n",
1217 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1220 "RA: %s got default router without neighbour\n",
1225 neigh->flags |= NTF_ROUTER;
1227 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1231 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1232 if (in6_dev->cnf.accept_ra_min_hop_limit < 256 &&
1233 ra_msg->icmph.icmp6_hop_limit) {
1234 if (in6_dev->cnf.accept_ra_min_hop_limit <= ra_msg->icmph.icmp6_hop_limit) {
1235 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1237 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1238 ra_msg->icmph.icmp6_hop_limit);
1240 ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than minimum\n");
1247 * Update Reachable Time and Retrans Timer
1250 if (in6_dev->nd_parms) {
1251 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1253 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1254 rtime = (rtime*HZ)/1000;
1257 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1258 in6_dev->tstamp = jiffies;
1259 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1262 rtime = ntohl(ra_msg->reachable_time);
1263 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1264 rtime = (rtime*HZ)/1000;
1269 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1270 NEIGH_VAR_SET(in6_dev->nd_parms,
1271 BASE_REACHABLE_TIME, rtime);
1272 NEIGH_VAR_SET(in6_dev->nd_parms,
1273 GC_STALETIME, 3 * rtime);
1274 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1275 in6_dev->tstamp = jiffies;
1276 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1288 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1292 if (ndopts.nd_opts_src_lladdr) {
1293 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1297 "RA: invalid link-layer address length\n");
1301 neigh_update(neigh, lladdr, NUD_STALE,
1302 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1303 NEIGH_UPDATE_F_OVERRIDE|
1304 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1305 NEIGH_UPDATE_F_ISROUTER);
1308 if (!ipv6_accept_ra(in6_dev)) {
1310 "RA: %s, accept_ra is false for dev: %s\n",
1311 __func__, skb->dev->name);
1315 #ifdef CONFIG_IPV6_ROUTE_INFO
1316 if (!in6_dev->cnf.accept_ra_from_local &&
1317 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1320 "RA from local address detected on dev: %s: router info ignored.\n",
1322 goto skip_routeinfo;
1325 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1326 struct nd_opt_hdr *p;
1327 for (p = ndopts.nd_opts_ri;
1329 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1330 struct route_info *ri = (struct route_info *)p;
1331 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1332 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1333 ri->prefix_len == 0)
1336 if (ri->prefix_len == 0 &&
1337 !in6_dev->cnf.accept_ra_defrtr)
1339 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1341 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1342 &ipv6_hdr(skb)->saddr);
1349 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1350 /* skip link-specific ndopts from interior routers */
1351 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1353 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1354 __func__, skb->dev->name);
1359 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1360 struct nd_opt_hdr *p;
1361 for (p = ndopts.nd_opts_pi;
1363 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1364 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1365 (p->nd_opt_len) << 3,
1366 ndopts.nd_opts_src_lladdr != NULL);
1370 if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1374 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1377 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1378 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1379 } else if (in6_dev->cnf.mtu6 != mtu) {
1380 in6_dev->cnf.mtu6 = mtu;
1383 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1385 rt6_mtu_change(skb->dev, mtu);
1389 if (ndopts.nd_useropts) {
1390 struct nd_opt_hdr *p;
1391 for (p = ndopts.nd_useropts;
1393 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1394 ndisc_ra_useropt(skb, p);
1398 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1399 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1404 neigh_release(neigh);
1407 static void ndisc_redirect_rcv(struct sk_buff *skb)
1410 struct ndisc_options ndopts;
1411 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1412 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1413 offsetof(struct rd_msg, opt));
1415 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1416 switch (skb->ndisc_nodetype) {
1417 case NDISC_NODETYPE_HOST:
1418 case NDISC_NODETYPE_NODEFAULT:
1420 "Redirect: from host or unauthorized router\n");
1425 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1427 "Redirect: source address is not link-local\n");
1431 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts))
1434 if (!ndopts.nd_opts_rh) {
1435 ip6_redirect_no_header(skb, dev_net(skb->dev),
1436 skb->dev->ifindex, 0);
1440 hdr = (u8 *)ndopts.nd_opts_rh;
1442 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1445 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1448 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1449 struct sk_buff *orig_skb,
1452 u8 *opt = skb_put(skb, rd_len);
1455 *(opt++) = ND_OPT_REDIRECT_HDR;
1456 *(opt++) = (rd_len >> 3);
1459 memcpy(opt, ipv6_hdr(orig_skb), rd_len - 8);
1462 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1464 struct net_device *dev = skb->dev;
1465 struct net *net = dev_net(dev);
1466 struct sock *sk = net->ipv6.ndisc_sk;
1468 struct inet_peer *peer;
1469 struct sk_buff *buff;
1471 struct in6_addr saddr_buf;
1472 struct rt6_info *rt;
1473 struct dst_entry *dst;
1476 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1479 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1480 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1485 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1486 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1488 "Redirect: target address is not link-local unicast\n");
1492 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1493 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1495 dst = ip6_route_output(net, NULL, &fl6);
1500 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1504 rt = (struct rt6_info *) dst;
1506 if (rt->rt6i_flags & RTF_GATEWAY) {
1508 "Redirect: destination is not a neighbour\n");
1511 peer = inet_getpeer_v6(net->ipv6.peers, &ipv6_hdr(skb)->saddr, 1);
1512 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1518 if (dev->addr_len) {
1519 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1522 "Redirect: no neigh for target address\n");
1526 read_lock_bh(&neigh->lock);
1527 if (neigh->nud_state & NUD_VALID) {
1528 memcpy(ha_buf, neigh->ha, dev->addr_len);
1529 read_unlock_bh(&neigh->lock);
1531 optlen += ndisc_opt_addr_space(dev);
1533 read_unlock_bh(&neigh->lock);
1535 neigh_release(neigh);
1538 rd_len = min_t(unsigned int,
1539 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1544 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1548 msg = (struct rd_msg *)skb_put(buff, sizeof(*msg));
1549 *msg = (struct rd_msg) {
1551 .icmp6_type = NDISC_REDIRECT,
1554 .dest = ipv6_hdr(skb)->daddr,
1558 * include target_address option
1562 ndisc_fill_addr_option(buff, ND_OPT_TARGET_LL_ADDR, ha);
1565 * build redirect option and copy skb over to the new packet.
1569 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1571 skb_dst_set(buff, dst);
1572 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1579 static void pndisc_redo(struct sk_buff *skb)
1585 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1587 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1591 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1592 idev->cnf.suppress_frag_ndisc) {
1593 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1599 int ndisc_rcv(struct sk_buff *skb)
1603 if (ndisc_suppress_frag_ndisc(skb))
1606 if (skb_linearize(skb))
1609 msg = (struct nd_msg *)skb_transport_header(skb);
1611 __skb_push(skb, skb->data - skb_transport_header(skb));
1613 if (ipv6_hdr(skb)->hop_limit != 255) {
1614 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1615 ipv6_hdr(skb)->hop_limit);
1619 if (msg->icmph.icmp6_code != 0) {
1620 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1621 msg->icmph.icmp6_code);
1625 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1627 switch (msg->icmph.icmp6_type) {
1628 case NDISC_NEIGHBOUR_SOLICITATION:
1632 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1636 case NDISC_ROUTER_SOLICITATION:
1640 case NDISC_ROUTER_ADVERTISEMENT:
1641 ndisc_router_discovery(skb);
1644 case NDISC_REDIRECT:
1645 ndisc_redirect_rcv(skb);
1652 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1654 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1655 struct netdev_notifier_change_info *change_info;
1656 struct net *net = dev_net(dev);
1657 struct inet6_dev *idev;
1660 case NETDEV_CHANGEADDR:
1661 neigh_changeaddr(&nd_tbl, dev);
1662 fib6_run_gc(0, net, false);
1663 idev = in6_dev_get(dev);
1666 if (idev->cnf.ndisc_notify)
1667 ndisc_send_unsol_na(dev);
1672 if (change_info->flags_changed & IFF_NOARP)
1673 neigh_changeaddr(&nd_tbl, dev);
1676 neigh_ifdown(&nd_tbl, dev);
1677 fib6_run_gc(0, net, false);
1679 case NETDEV_NOTIFY_PEERS:
1680 ndisc_send_unsol_na(dev);
1689 static struct notifier_block ndisc_netdev_notifier = {
1690 .notifier_call = ndisc_netdev_event,
1693 #ifdef CONFIG_SYSCTL
1694 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1695 const char *func, const char *dev_name)
1697 static char warncomm[TASK_COMM_LEN];
1699 if (strcmp(warncomm, current->comm) && warned < 5) {
1700 strcpy(warncomm, current->comm);
1701 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1703 dev_name, ctl->procname,
1704 dev_name, ctl->procname);
1709 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1711 struct net_device *dev = ctl->extra1;
1712 struct inet6_dev *idev;
1715 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1716 (strcmp(ctl->procname, "base_reachable_time") == 0))
1717 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1719 if (strcmp(ctl->procname, "retrans_time") == 0)
1720 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1722 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1723 ret = neigh_proc_dointvec_jiffies(ctl, write,
1724 buffer, lenp, ppos);
1726 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1727 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1728 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1729 buffer, lenp, ppos);
1733 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1734 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1735 idev->nd_parms->reachable_time =
1736 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1737 idev->tstamp = jiffies;
1738 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1747 static int __net_init ndisc_net_init(struct net *net)
1749 struct ipv6_pinfo *np;
1753 err = inet_ctl_sock_create(&sk, PF_INET6,
1754 SOCK_RAW, IPPROTO_ICMPV6, net);
1757 "NDISC: Failed to initialize the control socket (err %d)\n",
1762 net->ipv6.ndisc_sk = sk;
1765 np->hop_limit = 255;
1766 /* Do not loopback ndisc messages */
1772 static void __net_exit ndisc_net_exit(struct net *net)
1774 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1777 static struct pernet_operations ndisc_net_ops = {
1778 .init = ndisc_net_init,
1779 .exit = ndisc_net_exit,
1782 int __init ndisc_init(void)
1786 err = register_pernet_subsys(&ndisc_net_ops);
1790 * Initialize the neighbour table
1792 neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1794 #ifdef CONFIG_SYSCTL
1795 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1796 ndisc_ifinfo_sysctl_change);
1798 goto out_unregister_pernet;
1803 #ifdef CONFIG_SYSCTL
1804 out_unregister_pernet:
1805 unregister_pernet_subsys(&ndisc_net_ops);
1810 int __init ndisc_late_init(void)
1812 return register_netdevice_notifier(&ndisc_netdev_notifier);
1815 void ndisc_late_cleanup(void)
1817 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1820 void ndisc_cleanup(void)
1822 #ifdef CONFIG_SYSCTL
1823 neigh_sysctl_unregister(&nd_tbl.parms);
1825 neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1826 unregister_pernet_subsys(&ndisc_net_ops);
projects / linux.git / blob