2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Pierre Ynard : export userland ND options
19 * through netlink (RDNSS support)
20 * Lars Fenneberg : fixed MTU setting on receipt
22 * Janos Farkas : kmalloc failure checks
23 * Alexey Kuznetsov : state machine reworked
24 * and moved to net/core.
25 * Pekka Savola : RFC2461 validation
26 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
29 /* Set to 3 to get tracing... */
32 #define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
33 #define ND_NOPRINTK(x...) do { ; } while(0)
34 #define ND_PRINTK0 ND_PRINTK
35 #define ND_PRINTK1 ND_NOPRINTK
36 #define ND_PRINTK2 ND_NOPRINTK
37 #define ND_PRINTK3 ND_NOPRINTK
40 #define ND_PRINTK1 ND_PRINTK
44 #define ND_PRINTK2 ND_PRINTK
48 #define ND_PRINTK3 ND_PRINTK
51 #include <linux/module.h>
52 #include <linux/errno.h>
53 #include <linux/types.h>
54 #include <linux/socket.h>
55 #include <linux/sockios.h>
56 #include <linux/sched.h>
57 #include <linux/net.h>
58 #include <linux/in6.h>
59 #include <linux/route.h>
60 #include <linux/init.h>
61 #include <linux/rcupdate.h>
62 #include <linux/slab.h>
64 #include <linux/sysctl.h>
67 #include <linux/if_addr.h>
68 #include <linux/if_arp.h>
69 #include <linux/ipv6.h>
70 #include <linux/icmpv6.h>
71 #include <linux/jhash.h>
77 #include <net/protocol.h>
78 #include <net/ndisc.h>
79 #include <net/ip6_route.h>
80 #include <net/addrconf.h>
83 #include <net/netlink.h>
84 #include <linux/rtnetlink.h>
87 #include <net/ip6_checksum.h>
88 #include <net/inet_common.h>
89 #include <linux/proc_fs.h>
91 #include <linux/netfilter.h>
92 #include <linux/netfilter_ipv6.h>
94 static u32
ndisc_hash(const void *pkey
, const struct net_device
*dev
);
95 static int ndisc_constructor(struct neighbour
*neigh
);
96 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
);
97 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
);
98 static int pndisc_constructor(struct pneigh_entry
*n
);
99 static void pndisc_destructor(struct pneigh_entry
*n
);
100 static void pndisc_redo(struct sk_buff
*skb
);
102 static const struct neigh_ops ndisc_generic_ops
= {
104 .solicit
= ndisc_solicit
,
105 .error_report
= ndisc_error_report
,
106 .output
= neigh_resolve_output
,
107 .connected_output
= neigh_connected_output
,
108 .hh_output
= dev_queue_xmit
,
109 .queue_xmit
= dev_queue_xmit
,
112 static const struct neigh_ops ndisc_hh_ops
= {
114 .solicit
= ndisc_solicit
,
115 .error_report
= ndisc_error_report
,
116 .output
= neigh_resolve_output
,
117 .connected_output
= neigh_resolve_output
,
118 .hh_output
= dev_queue_xmit
,
119 .queue_xmit
= dev_queue_xmit
,
123 static const struct neigh_ops ndisc_direct_ops
= {
125 .output
= dev_queue_xmit
,
126 .connected_output
= dev_queue_xmit
,
127 .hh_output
= dev_queue_xmit
,
128 .queue_xmit
= dev_queue_xmit
,
131 struct neigh_table nd_tbl
= {
133 .entry_size
= sizeof(struct neighbour
) + sizeof(struct in6_addr
),
134 .key_len
= sizeof(struct in6_addr
),
136 .constructor
= ndisc_constructor
,
137 .pconstructor
= pndisc_constructor
,
138 .pdestructor
= pndisc_destructor
,
139 .proxy_redo
= pndisc_redo
,
143 .base_reachable_time
= 30 * HZ
,
144 .retrans_time
= 1 * HZ
,
145 .gc_staletime
= 60 * HZ
,
146 .reachable_time
= 30 * HZ
,
147 .delay_probe_time
= 5 * HZ
,
151 .anycast_delay
= 1 * HZ
,
152 .proxy_delay
= (8 * HZ
) / 10,
155 .gc_interval
= 30 * HZ
,
162 struct ndisc_options
{
163 struct nd_opt_hdr
*nd_opt_array
[__ND_OPT_ARRAY_MAX
];
164 #ifdef CONFIG_IPV6_ROUTE_INFO
165 struct nd_opt_hdr
*nd_opts_ri
;
166 struct nd_opt_hdr
*nd_opts_ri_end
;
168 struct nd_opt_hdr
*nd_useropts
;
169 struct nd_opt_hdr
*nd_useropts_end
;
172 #define nd_opts_src_lladdr nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
173 #define nd_opts_tgt_lladdr nd_opt_array[ND_OPT_TARGET_LL_ADDR]
174 #define nd_opts_pi nd_opt_array[ND_OPT_PREFIX_INFO]
175 #define nd_opts_pi_end nd_opt_array[__ND_OPT_PREFIX_INFO_END]
176 #define nd_opts_rh nd_opt_array[ND_OPT_REDIRECT_HDR]
177 #define nd_opts_mtu nd_opt_array[ND_OPT_MTU]
179 #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
182 * Return the padding between the option length and the start of the
183 * link addr. Currently only IP-over-InfiniBand needs this, although
184 * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
185 * also need a pad of 2.
187 static int ndisc_addr_option_pad(unsigned short type
)
190 case ARPHRD_INFINIBAND
: return 2;
195 static inline int ndisc_opt_addr_space(struct net_device
*dev
)
197 return NDISC_OPT_SPACE(dev
->addr_len
+ ndisc_addr_option_pad(dev
->type
));
200 static u8
*ndisc_fill_addr_option(u8
*opt
, int type
, void *data
, int data_len
,
201 unsigned short addr_type
)
203 int space
= NDISC_OPT_SPACE(data_len
);
204 int pad
= ndisc_addr_option_pad(addr_type
);
209 memset(opt
+ 2, 0, pad
);
213 memcpy(opt
+2, data
, data_len
);
216 if ((space
-= data_len
) > 0)
217 memset(opt
, 0, space
);
221 static struct nd_opt_hdr
*ndisc_next_option(struct nd_opt_hdr
*cur
,
222 struct nd_opt_hdr
*end
)
225 if (!cur
|| !end
|| cur
>= end
)
227 type
= cur
->nd_opt_type
;
229 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
230 } while(cur
< end
&& cur
->nd_opt_type
!= type
);
231 return (cur
<= end
&& cur
->nd_opt_type
== type
? cur
: NULL
);
234 static inline int ndisc_is_useropt(struct nd_opt_hdr
*opt
)
236 return (opt
->nd_opt_type
== ND_OPT_RDNSS
);
239 static struct nd_opt_hdr
*ndisc_next_useropt(struct nd_opt_hdr
*cur
,
240 struct nd_opt_hdr
*end
)
242 if (!cur
|| !end
|| cur
>= end
)
245 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
246 } while(cur
< end
&& !ndisc_is_useropt(cur
));
247 return (cur
<= end
&& ndisc_is_useropt(cur
) ? cur
: NULL
);
250 static struct ndisc_options
*ndisc_parse_options(u8
*opt
, int opt_len
,
251 struct ndisc_options
*ndopts
)
253 struct nd_opt_hdr
*nd_opt
= (struct nd_opt_hdr
*)opt
;
255 if (!nd_opt
|| opt_len
< 0 || !ndopts
)
257 memset(ndopts
, 0, sizeof(*ndopts
));
260 if (opt_len
< sizeof(struct nd_opt_hdr
))
262 l
= nd_opt
->nd_opt_len
<< 3;
263 if (opt_len
< l
|| l
== 0)
265 switch (nd_opt
->nd_opt_type
) {
266 case ND_OPT_SOURCE_LL_ADDR
:
267 case ND_OPT_TARGET_LL_ADDR
:
269 case ND_OPT_REDIRECT_HDR
:
270 if (ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
]) {
271 ND_PRINTK2(KERN_WARNING
272 "%s(): duplicated ND6 option found: type=%d\n",
274 nd_opt
->nd_opt_type
);
276 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
279 case ND_OPT_PREFIX_INFO
:
280 ndopts
->nd_opts_pi_end
= nd_opt
;
281 if (!ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
])
282 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
284 #ifdef CONFIG_IPV6_ROUTE_INFO
285 case ND_OPT_ROUTE_INFO
:
286 ndopts
->nd_opts_ri_end
= nd_opt
;
287 if (!ndopts
->nd_opts_ri
)
288 ndopts
->nd_opts_ri
= nd_opt
;
292 if (ndisc_is_useropt(nd_opt
)) {
293 ndopts
->nd_useropts_end
= nd_opt
;
294 if (!ndopts
->nd_useropts
)
295 ndopts
->nd_useropts
= nd_opt
;
298 * Unknown options must be silently ignored,
299 * to accommodate future extension to the
302 ND_PRINTK2(KERN_NOTICE
303 "%s(): ignored unsupported option; type=%d, len=%d\n",
305 nd_opt
->nd_opt_type
, nd_opt
->nd_opt_len
);
309 nd_opt
= ((void *)nd_opt
) + l
;
314 static inline u8
*ndisc_opt_addr_data(struct nd_opt_hdr
*p
,
315 struct net_device
*dev
)
317 u8
*lladdr
= (u8
*)(p
+ 1);
318 int lladdrlen
= p
->nd_opt_len
<< 3;
319 int prepad
= ndisc_addr_option_pad(dev
->type
);
320 if (lladdrlen
!= NDISC_OPT_SPACE(dev
->addr_len
+ prepad
))
322 return (lladdr
+ prepad
);
325 int ndisc_mc_map(struct in6_addr
*addr
, char *buf
, struct net_device
*dev
, int dir
)
329 case ARPHRD_IEEE802
: /* Not sure. Check it later. --ANK */
331 ipv6_eth_mc_map(addr
, buf
);
333 case ARPHRD_IEEE802_TR
:
334 ipv6_tr_mc_map(addr
,buf
);
337 ipv6_arcnet_mc_map(addr
, buf
);
339 case ARPHRD_INFINIBAND
:
340 ipv6_ib_mc_map(addr
, dev
->broadcast
, buf
);
344 memcpy(buf
, dev
->broadcast
, dev
->addr_len
);
351 EXPORT_SYMBOL(ndisc_mc_map
);
353 static u32
ndisc_hash(const void *pkey
, const struct net_device
*dev
)
355 const u32
*p32
= pkey
;
359 for (i
= 0; i
< (sizeof(struct in6_addr
) / sizeof(u32
)); i
++)
362 return jhash_2words(addr_hash
, dev
->ifindex
, nd_tbl
.hash_rnd
);
365 static int ndisc_constructor(struct neighbour
*neigh
)
367 struct in6_addr
*addr
= (struct in6_addr
*)&neigh
->primary_key
;
368 struct net_device
*dev
= neigh
->dev
;
369 struct inet6_dev
*in6_dev
;
370 struct neigh_parms
*parms
;
371 int is_multicast
= ipv6_addr_is_multicast(addr
);
374 in6_dev
= in6_dev_get(dev
);
375 if (in6_dev
== NULL
) {
380 parms
= in6_dev
->nd_parms
;
381 __neigh_parms_put(neigh
->parms
);
382 neigh
->parms
= neigh_parms_clone(parms
);
385 neigh
->type
= is_multicast
? RTN_MULTICAST
: RTN_UNICAST
;
386 if (!dev
->header_ops
) {
387 neigh
->nud_state
= NUD_NOARP
;
388 neigh
->ops
= &ndisc_direct_ops
;
389 neigh
->output
= neigh
->ops
->queue_xmit
;
392 neigh
->nud_state
= NUD_NOARP
;
393 ndisc_mc_map(addr
, neigh
->ha
, dev
, 1);
394 } else if (dev
->flags
&(IFF_NOARP
|IFF_LOOPBACK
)) {
395 neigh
->nud_state
= NUD_NOARP
;
396 memcpy(neigh
->ha
, dev
->dev_addr
, dev
->addr_len
);
397 if (dev
->flags
&IFF_LOOPBACK
)
398 neigh
->type
= RTN_LOCAL
;
399 } else if (dev
->flags
&IFF_POINTOPOINT
) {
400 neigh
->nud_state
= NUD_NOARP
;
401 memcpy(neigh
->ha
, dev
->broadcast
, dev
->addr_len
);
403 if (dev
->header_ops
->cache
)
404 neigh
->ops
= &ndisc_hh_ops
;
406 neigh
->ops
= &ndisc_generic_ops
;
407 if (neigh
->nud_state
&NUD_VALID
)
408 neigh
->output
= neigh
->ops
->connected_output
;
410 neigh
->output
= neigh
->ops
->output
;
412 in6_dev_put(in6_dev
);
416 static int pndisc_constructor(struct pneigh_entry
*n
)
418 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
419 struct in6_addr maddr
;
420 struct net_device
*dev
= n
->dev
;
422 if (dev
== NULL
|| __in6_dev_get(dev
) == NULL
)
424 addrconf_addr_solict_mult(addr
, &maddr
);
425 ipv6_dev_mc_inc(dev
, &maddr
);
429 static void pndisc_destructor(struct pneigh_entry
*n
)
431 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
432 struct in6_addr maddr
;
433 struct net_device
*dev
= n
->dev
;
435 if (dev
== NULL
|| __in6_dev_get(dev
) == NULL
)
437 addrconf_addr_solict_mult(addr
, &maddr
);
438 ipv6_dev_mc_dec(dev
, &maddr
);
441 struct sk_buff
*ndisc_build_skb(struct net_device
*dev
,
442 const struct in6_addr
*daddr
,
443 const struct in6_addr
*saddr
,
444 struct icmp6hdr
*icmp6h
,
445 const struct in6_addr
*target
,
448 struct net
*net
= dev_net(dev
);
449 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
451 struct icmp6hdr
*hdr
;
459 len
= sizeof(struct icmp6hdr
) + (target
? sizeof(*target
) : 0);
461 len
+= ndisc_opt_addr_space(dev
);
463 skb
= sock_alloc_send_skb(sk
,
464 (MAX_HEADER
+ sizeof(struct ipv6hdr
) +
465 len
+ LL_ALLOCATED_SPACE(dev
)),
469 "ICMPv6 ND: %s() failed to allocate an skb, err=%d.\n",
474 skb_reserve(skb
, LL_RESERVED_SPACE(dev
));
475 ip6_nd_hdr(sk
, skb
, dev
, saddr
, daddr
, IPPROTO_ICMPV6
, len
);
477 skb
->transport_header
= skb
->tail
;
480 hdr
= (struct icmp6hdr
*)skb_transport_header(skb
);
481 memcpy(hdr
, icmp6h
, sizeof(*hdr
));
483 opt
= skb_transport_header(skb
) + sizeof(struct icmp6hdr
);
485 ipv6_addr_copy((struct in6_addr
*)opt
, target
);
486 opt
+= sizeof(*target
);
490 ndisc_fill_addr_option(opt
, llinfo
, dev
->dev_addr
,
491 dev
->addr_len
, dev
->type
);
493 hdr
->icmp6_cksum
= csum_ipv6_magic(saddr
, daddr
, len
,
501 EXPORT_SYMBOL(ndisc_build_skb
);
503 void ndisc_send_skb(struct sk_buff
*skb
,
504 struct net_device
*dev
,
505 struct neighbour
*neigh
,
506 const struct in6_addr
*daddr
,
507 const struct in6_addr
*saddr
,
508 struct icmp6hdr
*icmp6h
)
511 struct dst_entry
*dst
;
512 struct net
*net
= dev_net(dev
);
513 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
514 struct inet6_dev
*idev
;
518 type
= icmp6h
->icmp6_type
;
520 icmpv6_flow_init(sk
, &fl
, type
, saddr
, daddr
, dev
->ifindex
);
522 dst
= icmp6_dst_alloc(dev
, neigh
, daddr
);
528 err
= xfrm_lookup(net
, &dst
, &fl
, NULL
, 0);
534 skb_dst_set(skb
, dst
);
536 idev
= in6_dev_get(dst
->dev
);
537 IP6_UPD_PO_STATS(net
, idev
, IPSTATS_MIB_OUT
, skb
->len
);
539 err
= NF_HOOK(NFPROTO_IPV6
, NF_INET_LOCAL_OUT
, skb
, NULL
, dst
->dev
,
542 ICMP6MSGOUT_INC_STATS(net
, idev
, type
);
543 ICMP6_INC_STATS(net
, idev
, ICMP6_MIB_OUTMSGS
);
546 if (likely(idev
!= NULL
))
550 EXPORT_SYMBOL(ndisc_send_skb
);
553 * Send a Neighbour Discover packet
555 static void __ndisc_send(struct net_device
*dev
,
556 struct neighbour
*neigh
,
557 const struct in6_addr
*daddr
,
558 const struct in6_addr
*saddr
,
559 struct icmp6hdr
*icmp6h
, const struct in6_addr
*target
,
564 skb
= ndisc_build_skb(dev
, daddr
, saddr
, icmp6h
, target
, llinfo
);
568 ndisc_send_skb(skb
, dev
, neigh
, daddr
, saddr
, icmp6h
);
571 static void ndisc_send_na(struct net_device
*dev
, struct neighbour
*neigh
,
572 const struct in6_addr
*daddr
,
573 const struct in6_addr
*solicited_addr
,
574 int router
, int solicited
, int override
, int inc_opt
)
576 struct in6_addr tmpaddr
;
577 struct inet6_ifaddr
*ifp
;
578 const struct in6_addr
*src_addr
;
579 struct icmp6hdr icmp6h
= {
580 .icmp6_type
= NDISC_NEIGHBOUR_ADVERTISEMENT
,
583 /* for anycast or proxy, solicited_addr != src_addr */
584 ifp
= ipv6_get_ifaddr(dev_net(dev
), solicited_addr
, dev
, 1);
586 src_addr
= solicited_addr
;
587 if (ifp
->flags
& IFA_F_OPTIMISTIC
)
591 if (ipv6_dev_get_saddr(dev_net(dev
), dev
, daddr
,
592 inet6_sk(dev_net(dev
)->ipv6
.ndisc_sk
)->srcprefs
,
598 icmp6h
.icmp6_router
= router
;
599 icmp6h
.icmp6_solicited
= solicited
;
600 icmp6h
.icmp6_override
= override
;
602 inc_opt
|= ifp
->idev
->cnf
.force_tllao
;
603 __ndisc_send(dev
, neigh
, daddr
, src_addr
,
604 &icmp6h
, solicited_addr
,
605 inc_opt
? ND_OPT_TARGET_LL_ADDR
: 0);
608 void ndisc_send_ns(struct net_device
*dev
, struct neighbour
*neigh
,
609 const struct in6_addr
*solicit
,
610 const struct in6_addr
*daddr
, const struct in6_addr
*saddr
)
612 struct in6_addr addr_buf
;
613 struct icmp6hdr icmp6h
= {
614 .icmp6_type
= NDISC_NEIGHBOUR_SOLICITATION
,
618 if (ipv6_get_lladdr(dev
, &addr_buf
,
619 (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)))
624 __ndisc_send(dev
, neigh
, daddr
, saddr
,
626 !ipv6_addr_any(saddr
) ? ND_OPT_SOURCE_LL_ADDR
: 0);
629 void ndisc_send_rs(struct net_device
*dev
, const struct in6_addr
*saddr
,
630 const struct in6_addr
*daddr
)
632 struct icmp6hdr icmp6h
= {
633 .icmp6_type
= NDISC_ROUTER_SOLICITATION
,
635 int send_sllao
= dev
->addr_len
;
637 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
639 * According to section 2.2 of RFC 4429, we must not
640 * send router solicitations with a sllao from
641 * optimistic addresses, but we may send the solicitation
642 * if we don't include the sllao. So here we check
643 * if our address is optimistic, and if so, we
644 * suppress the inclusion of the sllao.
647 struct inet6_ifaddr
*ifp
= ipv6_get_ifaddr(dev_net(dev
), saddr
,
650 if (ifp
->flags
& IFA_F_OPTIMISTIC
) {
659 __ndisc_send(dev
, NULL
, daddr
, saddr
,
661 send_sllao
? ND_OPT_SOURCE_LL_ADDR
: 0);
665 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
)
668 * "The sender MUST return an ICMP
669 * destination unreachable"
671 dst_link_failure(skb
);
675 /* Called with locked neigh: either read or both */
677 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
)
679 struct in6_addr
*saddr
= NULL
;
680 struct in6_addr mcaddr
;
681 struct net_device
*dev
= neigh
->dev
;
682 struct in6_addr
*target
= (struct in6_addr
*)&neigh
->primary_key
;
683 int probes
= atomic_read(&neigh
->probes
);
685 if (skb
&& ipv6_chk_addr(dev_net(dev
), &ipv6_hdr(skb
)->saddr
, dev
, 1))
686 saddr
= &ipv6_hdr(skb
)->saddr
;
688 if ((probes
-= neigh
->parms
->ucast_probes
) < 0) {
689 if (!(neigh
->nud_state
& NUD_VALID
)) {
690 ND_PRINTK1(KERN_DEBUG
"%s(): trying to ucast probe in NUD_INVALID: %pI6\n",
693 ndisc_send_ns(dev
, neigh
, target
, target
, saddr
);
694 } else if ((probes
-= neigh
->parms
->app_probes
) < 0) {
699 addrconf_addr_solict_mult(target
, &mcaddr
);
700 ndisc_send_ns(dev
, NULL
, target
, &mcaddr
, saddr
);
704 static int pndisc_is_router(const void *pkey
,
705 struct net_device
*dev
)
707 struct pneigh_entry
*n
;
710 read_lock_bh(&nd_tbl
.lock
);
711 n
= __pneigh_lookup(&nd_tbl
, dev_net(dev
), pkey
, dev
);
713 ret
= !!(n
->flags
& NTF_ROUTER
);
714 read_unlock_bh(&nd_tbl
.lock
);
719 static void ndisc_recv_ns(struct sk_buff
*skb
)
721 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
722 struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
723 struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
725 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
726 offsetof(struct nd_msg
, opt
));
727 struct ndisc_options ndopts
;
728 struct net_device
*dev
= skb
->dev
;
729 struct inet6_ifaddr
*ifp
;
730 struct inet6_dev
*idev
= NULL
;
731 struct neighbour
*neigh
;
732 int dad
= ipv6_addr_any(saddr
);
736 if (ipv6_addr_is_multicast(&msg
->target
)) {
737 ND_PRINTK2(KERN_WARNING
738 "ICMPv6 NS: multicast target address");
744 * DAD has to be destined for solicited node multicast address.
747 !(daddr
->s6_addr32
[0] == htonl(0xff020000) &&
748 daddr
->s6_addr32
[1] == htonl(0x00000000) &&
749 daddr
->s6_addr32
[2] == htonl(0x00000001) &&
750 daddr
->s6_addr
[12] == 0xff )) {
751 ND_PRINTK2(KERN_WARNING
752 "ICMPv6 NS: bad DAD packet (wrong destination)\n");
756 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
)) {
757 ND_PRINTK2(KERN_WARNING
758 "ICMPv6 NS: invalid ND options\n");
762 if (ndopts
.nd_opts_src_lladdr
) {
763 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
, dev
);
765 ND_PRINTK2(KERN_WARNING
766 "ICMPv6 NS: invalid link-layer address length\n");
771 * If the IP source address is the unspecified address,
772 * there MUST NOT be source link-layer address option
776 ND_PRINTK2(KERN_WARNING
777 "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
782 inc
= ipv6_addr_is_multicast(daddr
);
784 ifp
= ipv6_get_ifaddr(dev_net(dev
), &msg
->target
, dev
, 1);
787 if (ifp
->flags
& (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)) {
789 if (dev
->type
== ARPHRD_IEEE802_TR
) {
790 const unsigned char *sadr
;
791 sadr
= skb_mac_header(skb
);
792 if (((sadr
[8] ^ dev
->dev_addr
[0]) & 0x7f) == 0 &&
793 sadr
[9] == dev
->dev_addr
[1] &&
794 sadr
[10] == dev
->dev_addr
[2] &&
795 sadr
[11] == dev
->dev_addr
[3] &&
796 sadr
[12] == dev
->dev_addr
[4] &&
797 sadr
[13] == dev
->dev_addr
[5]) {
798 /* looped-back to us */
804 * We are colliding with another node
806 * so fail our DAD process
808 addrconf_dad_failure(ifp
);
812 * This is not a dad solicitation.
813 * If we are an optimistic node,
815 * Otherwise, we should ignore it.
817 if (!(ifp
->flags
& IFA_F_OPTIMISTIC
))
824 struct net
*net
= dev_net(dev
);
826 idev
= in6_dev_get(dev
);
828 /* XXX: count this drop? */
832 if (ipv6_chk_acast_addr(net
, dev
, &msg
->target
) ||
833 (idev
->cnf
.forwarding
&&
834 (net
->ipv6
.devconf_all
->proxy_ndp
|| idev
->cnf
.proxy_ndp
) &&
835 (is_router
= pndisc_is_router(&msg
->target
, dev
)) >= 0)) {
836 if (!(NEIGH_CB(skb
)->flags
& LOCALLY_ENQUEUED
) &&
837 skb
->pkt_type
!= PACKET_HOST
&&
839 idev
->nd_parms
->proxy_delay
!= 0) {
841 * for anycast or proxy,
842 * sender should delay its response
843 * by a random time between 0 and
844 * MAX_ANYCAST_DELAY_TIME seconds.
845 * (RFC2461) -- yoshfuji
847 struct sk_buff
*n
= skb_clone(skb
, GFP_ATOMIC
);
849 pneigh_enqueue(&nd_tbl
, idev
->nd_parms
, n
);
857 is_router
= !!idev
->cnf
.forwarding
;
860 ndisc_send_na(dev
, NULL
, &in6addr_linklocal_allnodes
, &msg
->target
,
861 is_router
, 0, (ifp
!= NULL
), 1);
866 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_mcast
);
868 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_ucast
);
871 * update / create cache entry
872 * for the source address
874 neigh
= __neigh_lookup(&nd_tbl
, saddr
, dev
,
875 !inc
|| lladdr
|| !dev
->addr_len
);
877 neigh_update(neigh
, lladdr
, NUD_STALE
,
878 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
879 NEIGH_UPDATE_F_OVERRIDE
);
880 if (neigh
|| !dev
->header_ops
) {
881 ndisc_send_na(dev
, neigh
, saddr
, &msg
->target
,
883 1, (ifp
!= NULL
&& inc
), inc
);
885 neigh_release(neigh
);
895 static void ndisc_recv_na(struct sk_buff
*skb
)
897 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
898 struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
899 struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
901 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
902 offsetof(struct nd_msg
, opt
));
903 struct ndisc_options ndopts
;
904 struct net_device
*dev
= skb
->dev
;
905 struct inet6_ifaddr
*ifp
;
906 struct neighbour
*neigh
;
908 if (skb
->len
< sizeof(struct nd_msg
)) {
909 ND_PRINTK2(KERN_WARNING
910 "ICMPv6 NA: packet too short\n");
914 if (ipv6_addr_is_multicast(&msg
->target
)) {
915 ND_PRINTK2(KERN_WARNING
916 "ICMPv6 NA: target address is multicast.\n");
920 if (ipv6_addr_is_multicast(daddr
) &&
921 msg
->icmph
.icmp6_solicited
) {
922 ND_PRINTK2(KERN_WARNING
923 "ICMPv6 NA: solicited NA is multicasted.\n");
927 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
)) {
928 ND_PRINTK2(KERN_WARNING
929 "ICMPv6 NS: invalid ND option\n");
932 if (ndopts
.nd_opts_tgt_lladdr
) {
933 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_tgt_lladdr
, dev
);
935 ND_PRINTK2(KERN_WARNING
936 "ICMPv6 NA: invalid link-layer address length\n");
940 ifp
= ipv6_get_ifaddr(dev_net(dev
), &msg
->target
, dev
, 1);
942 if (ifp
->flags
& IFA_F_TENTATIVE
) {
943 addrconf_dad_failure(ifp
);
946 /* What should we make now? The advertisement
947 is invalid, but ndisc specs say nothing
948 about it. It could be misconfiguration, or
949 an smart proxy agent tries to help us :-)
951 We should not print the error if NA has been
952 received from loopback - it is just our own
953 unsolicited advertisement.
955 if (skb
->pkt_type
!= PACKET_LOOPBACK
)
956 ND_PRINTK1(KERN_WARNING
957 "ICMPv6 NA: someone advertises our address %pI6 on %s!\n",
958 &ifp
->addr
, ifp
->idev
->dev
->name
);
962 neigh
= neigh_lookup(&nd_tbl
, &msg
->target
, dev
);
965 u8 old_flags
= neigh
->flags
;
966 struct net
*net
= dev_net(dev
);
968 if (neigh
->nud_state
& NUD_FAILED
)
972 * Don't update the neighbor cache entry on a proxy NA from
973 * ourselves because either the proxied node is off link or it
974 * has already sent a NA to us.
976 if (lladdr
&& !memcmp(lladdr
, dev
->dev_addr
, dev
->addr_len
) &&
977 net
->ipv6
.devconf_all
->forwarding
&& net
->ipv6
.devconf_all
->proxy_ndp
&&
978 pneigh_lookup(&nd_tbl
, net
, &msg
->target
, dev
, 0)) {
979 /* XXX: idev->cnf.prixy_ndp */
983 neigh_update(neigh
, lladdr
,
984 msg
->icmph
.icmp6_solicited
? NUD_REACHABLE
: NUD_STALE
,
985 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
986 (msg
->icmph
.icmp6_override
? NEIGH_UPDATE_F_OVERRIDE
: 0)|
987 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
988 (msg
->icmph
.icmp6_router
? NEIGH_UPDATE_F_ISROUTER
: 0));
990 if ((old_flags
& ~neigh
->flags
) & NTF_ROUTER
) {
992 * Change: router to host
995 rt
= rt6_get_dflt_router(saddr
, dev
);
1001 neigh_release(neigh
);
1005 static void ndisc_recv_rs(struct sk_buff
*skb
)
1007 struct rs_msg
*rs_msg
= (struct rs_msg
*)skb_transport_header(skb
);
1008 unsigned long ndoptlen
= skb
->len
- sizeof(*rs_msg
);
1009 struct neighbour
*neigh
;
1010 struct inet6_dev
*idev
;
1011 struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
1012 struct ndisc_options ndopts
;
1015 if (skb
->len
< sizeof(*rs_msg
))
1018 idev
= in6_dev_get(skb
->dev
);
1020 if (net_ratelimit())
1021 ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
1025 /* Don't accept RS if we're not in router mode */
1026 if (!idev
->cnf
.forwarding
)
1030 * Don't update NCE if src = ::;
1031 * this implies that the source node has no ip address assigned yet.
1033 if (ipv6_addr_any(saddr
))
1036 /* Parse ND options */
1037 if (!ndisc_parse_options(rs_msg
->opt
, ndoptlen
, &ndopts
)) {
1038 if (net_ratelimit())
1039 ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
1043 if (ndopts
.nd_opts_src_lladdr
) {
1044 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
1050 neigh
= __neigh_lookup(&nd_tbl
, saddr
, skb
->dev
, 1);
1052 neigh_update(neigh
, lladdr
, NUD_STALE
,
1053 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1054 NEIGH_UPDATE_F_OVERRIDE
|
1055 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
);
1056 neigh_release(neigh
);
1062 static void ndisc_ra_useropt(struct sk_buff
*ra
, struct nd_opt_hdr
*opt
)
1064 struct icmp6hdr
*icmp6h
= (struct icmp6hdr
*)skb_transport_header(ra
);
1065 struct sk_buff
*skb
;
1066 struct nlmsghdr
*nlh
;
1067 struct nduseroptmsg
*ndmsg
;
1068 struct net
*net
= dev_net(ra
->dev
);
1070 int base_size
= NLMSG_ALIGN(sizeof(struct nduseroptmsg
)
1071 + (opt
->nd_opt_len
<< 3));
1072 size_t msg_size
= base_size
+ nla_total_size(sizeof(struct in6_addr
));
1074 skb
= nlmsg_new(msg_size
, GFP_ATOMIC
);
1080 nlh
= nlmsg_put(skb
, 0, 0, RTM_NEWNDUSEROPT
, base_size
, 0);
1082 goto nla_put_failure
;
1085 ndmsg
= nlmsg_data(nlh
);
1086 ndmsg
->nduseropt_family
= AF_INET6
;
1087 ndmsg
->nduseropt_ifindex
= ra
->dev
->ifindex
;
1088 ndmsg
->nduseropt_icmp_type
= icmp6h
->icmp6_type
;
1089 ndmsg
->nduseropt_icmp_code
= icmp6h
->icmp6_code
;
1090 ndmsg
->nduseropt_opts_len
= opt
->nd_opt_len
<< 3;
1092 memcpy(ndmsg
+ 1, opt
, opt
->nd_opt_len
<< 3);
1094 NLA_PUT(skb
, NDUSEROPT_SRCADDR
, sizeof(struct in6_addr
),
1095 &ipv6_hdr(ra
)->saddr
);
1096 nlmsg_end(skb
, nlh
);
1098 rtnl_notify(skb
, net
, 0, RTNLGRP_ND_USEROPT
, NULL
, GFP_ATOMIC
);
1105 rtnl_set_sk_err(net
, RTNLGRP_ND_USEROPT
, err
);
1108 static void ndisc_router_discovery(struct sk_buff
*skb
)
1110 struct ra_msg
*ra_msg
= (struct ra_msg
*)skb_transport_header(skb
);
1111 struct neighbour
*neigh
= NULL
;
1112 struct inet6_dev
*in6_dev
;
1113 struct rt6_info
*rt
= NULL
;
1115 struct ndisc_options ndopts
;
1117 unsigned int pref
= 0;
1119 __u8
* opt
= (__u8
*)(ra_msg
+ 1);
1121 optlen
= (skb
->tail
- skb
->transport_header
) - sizeof(struct ra_msg
);
1123 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1124 ND_PRINTK2(KERN_WARNING
1125 "ICMPv6 RA: source address is not link-local.\n");
1129 ND_PRINTK2(KERN_WARNING
1130 "ICMPv6 RA: packet too short\n");
1134 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1135 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_HOST
) {
1136 ND_PRINTK2(KERN_WARNING
1137 "ICMPv6 RA: from host or unauthorized router\n");
1143 * set the RA_RECV flag in the interface
1146 in6_dev
= in6_dev_get(skb
->dev
);
1147 if (in6_dev
== NULL
) {
1149 "ICMPv6 RA: can't find inet6 device for %s.\n",
1154 if (!ndisc_parse_options(opt
, optlen
, &ndopts
)) {
1155 in6_dev_put(in6_dev
);
1156 ND_PRINTK2(KERN_WARNING
1157 "ICMP6 RA: invalid ND options\n");
1161 /* skip route and link configuration on routers */
1162 if (in6_dev
->cnf
.forwarding
|| !in6_dev
->cnf
.accept_ra
)
1163 goto skip_linkparms
;
1165 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1166 /* skip link-specific parameters from interior routers */
1167 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
)
1168 goto skip_linkparms
;
1171 if (in6_dev
->if_flags
& IF_RS_SENT
) {
1173 * flag that an RA was received after an RS was sent
1174 * out on this interface.
1176 in6_dev
->if_flags
|= IF_RA_RCVD
;
1180 * Remember the managed/otherconf flags from most recently
1181 * received RA message (RFC 2462) -- yoshfuji
1183 in6_dev
->if_flags
= (in6_dev
->if_flags
& ~(IF_RA_MANAGED
|
1185 (ra_msg
->icmph
.icmp6_addrconf_managed
?
1186 IF_RA_MANAGED
: 0) |
1187 (ra_msg
->icmph
.icmp6_addrconf_other
?
1188 IF_RA_OTHERCONF
: 0);
1190 if (!in6_dev
->cnf
.accept_ra_defrtr
)
1193 lifetime
= ntohs(ra_msg
->icmph
.icmp6_rt_lifetime
);
1195 #ifdef CONFIG_IPV6_ROUTER_PREF
1196 pref
= ra_msg
->icmph
.icmp6_router_pref
;
1197 /* 10b is handled as if it were 00b (medium) */
1198 if (pref
== ICMPV6_ROUTER_PREF_INVALID
||
1199 !in6_dev
->cnf
.accept_ra_rtr_pref
)
1200 pref
= ICMPV6_ROUTER_PREF_MEDIUM
;
1203 rt
= rt6_get_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
);
1206 neigh
= rt
->rt6i_nexthop
;
1208 if (rt
&& lifetime
== 0) {
1214 if (rt
== NULL
&& lifetime
) {
1215 ND_PRINTK3(KERN_DEBUG
1216 "ICMPv6 RA: adding default router.\n");
1218 rt
= rt6_add_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
, pref
);
1221 "ICMPv6 RA: %s() failed to add default route.\n",
1223 in6_dev_put(in6_dev
);
1227 neigh
= rt
->rt6i_nexthop
;
1228 if (neigh
== NULL
) {
1230 "ICMPv6 RA: %s() got default router without neighbour.\n",
1232 dst_release(&rt
->u
.dst
);
1233 in6_dev_put(in6_dev
);
1236 neigh
->flags
|= NTF_ROUTER
;
1238 rt
->rt6i_flags
= (rt
->rt6i_flags
& ~RTF_PREF_MASK
) | RTF_PREF(pref
);
1242 rt
->rt6i_expires
= jiffies
+ (HZ
* lifetime
);
1244 if (ra_msg
->icmph
.icmp6_hop_limit
) {
1245 in6_dev
->cnf
.hop_limit
= ra_msg
->icmph
.icmp6_hop_limit
;
1247 rt
->u
.dst
.metrics
[RTAX_HOPLIMIT
-1] = ra_msg
->icmph
.icmp6_hop_limit
;
1253 * Update Reachable Time and Retrans Timer
1256 if (in6_dev
->nd_parms
) {
1257 unsigned long rtime
= ntohl(ra_msg
->retrans_timer
);
1259 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/HZ
) {
1260 rtime
= (rtime
*HZ
)/1000;
1263 in6_dev
->nd_parms
->retrans_time
= rtime
;
1264 in6_dev
->tstamp
= jiffies
;
1265 inet6_ifinfo_notify(RTM_NEWLINK
, in6_dev
);
1268 rtime
= ntohl(ra_msg
->reachable_time
);
1269 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/(3*HZ
)) {
1270 rtime
= (rtime
*HZ
)/1000;
1275 if (rtime
!= in6_dev
->nd_parms
->base_reachable_time
) {
1276 in6_dev
->nd_parms
->base_reachable_time
= rtime
;
1277 in6_dev
->nd_parms
->gc_staletime
= 3 * rtime
;
1278 in6_dev
->nd_parms
->reachable_time
= neigh_rand_reach_time(rtime
);
1279 in6_dev
->tstamp
= jiffies
;
1280 inet6_ifinfo_notify(RTM_NEWLINK
, in6_dev
);
1292 neigh
= __neigh_lookup(&nd_tbl
, &ipv6_hdr(skb
)->saddr
,
1296 if (ndopts
.nd_opts_src_lladdr
) {
1297 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
1300 ND_PRINTK2(KERN_WARNING
1301 "ICMPv6 RA: invalid link-layer address length\n");
1305 neigh_update(neigh
, lladdr
, NUD_STALE
,
1306 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1307 NEIGH_UPDATE_F_OVERRIDE
|
1308 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
1309 NEIGH_UPDATE_F_ISROUTER
);
1312 /* skip route and link configuration on routers */
1313 if (in6_dev
->cnf
.forwarding
|| !in6_dev
->cnf
.accept_ra
)
1316 #ifdef CONFIG_IPV6_ROUTE_INFO
1317 if (in6_dev
->cnf
.accept_ra_rtr_pref
&& ndopts
.nd_opts_ri
) {
1318 struct nd_opt_hdr
*p
;
1319 for (p
= ndopts
.nd_opts_ri
;
1321 p
= ndisc_next_option(p
, ndopts
.nd_opts_ri_end
)) {
1322 struct route_info
*ri
= (struct route_info
*)p
;
1323 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1324 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
&&
1325 ri
->prefix_len
== 0)
1328 if (ri
->prefix_len
> in6_dev
->cnf
.accept_ra_rt_info_max_plen
)
1330 rt6_route_rcv(skb
->dev
, (u8
*)p
, (p
->nd_opt_len
) << 3,
1331 &ipv6_hdr(skb
)->saddr
);
1336 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1337 /* skip link-specific ndopts from interior routers */
1338 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
)
1342 if (in6_dev
->cnf
.accept_ra_pinfo
&& ndopts
.nd_opts_pi
) {
1343 struct nd_opt_hdr
*p
;
1344 for (p
= ndopts
.nd_opts_pi
;
1346 p
= ndisc_next_option(p
, ndopts
.nd_opts_pi_end
)) {
1347 addrconf_prefix_rcv(skb
->dev
, (u8
*)p
, (p
->nd_opt_len
) << 3);
1351 if (ndopts
.nd_opts_mtu
) {
1355 memcpy(&n
, ((u8
*)(ndopts
.nd_opts_mtu
+1))+2, sizeof(mtu
));
1358 if (mtu
< IPV6_MIN_MTU
|| mtu
> skb
->dev
->mtu
) {
1359 ND_PRINTK2(KERN_WARNING
1360 "ICMPv6 RA: invalid mtu: %d\n",
1362 } else if (in6_dev
->cnf
.mtu6
!= mtu
) {
1363 in6_dev
->cnf
.mtu6
= mtu
;
1366 rt
->u
.dst
.metrics
[RTAX_MTU
-1] = mtu
;
1368 rt6_mtu_change(skb
->dev
, mtu
);
1372 if (ndopts
.nd_useropts
) {
1373 struct nd_opt_hdr
*p
;
1374 for (p
= ndopts
.nd_useropts
;
1376 p
= ndisc_next_useropt(p
, ndopts
.nd_useropts_end
)) {
1377 ndisc_ra_useropt(skb
, p
);
1381 if (ndopts
.nd_opts_tgt_lladdr
|| ndopts
.nd_opts_rh
) {
1382 ND_PRINTK2(KERN_WARNING
1383 "ICMPv6 RA: invalid RA options");
1387 dst_release(&rt
->u
.dst
);
1389 neigh_release(neigh
);
1390 in6_dev_put(in6_dev
);
1393 static void ndisc_redirect_rcv(struct sk_buff
*skb
)
1395 struct inet6_dev
*in6_dev
;
1396 struct icmp6hdr
*icmph
;
1397 struct in6_addr
*dest
;
1398 struct in6_addr
*target
; /* new first hop to destination */
1399 struct neighbour
*neigh
;
1401 struct ndisc_options ndopts
;
1405 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1406 switch (skb
->ndisc_nodetype
) {
1407 case NDISC_NODETYPE_HOST
:
1408 case NDISC_NODETYPE_NODEFAULT
:
1409 ND_PRINTK2(KERN_WARNING
1410 "ICMPv6 Redirect: from host or unauthorized router\n");
1415 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1416 ND_PRINTK2(KERN_WARNING
1417 "ICMPv6 Redirect: source address is not link-local.\n");
1421 optlen
= skb
->tail
- skb
->transport_header
;
1422 optlen
-= sizeof(struct icmp6hdr
) + 2 * sizeof(struct in6_addr
);
1425 ND_PRINTK2(KERN_WARNING
1426 "ICMPv6 Redirect: packet too short\n");
1430 icmph
= icmp6_hdr(skb
);
1431 target
= (struct in6_addr
*) (icmph
+ 1);
1434 if (ipv6_addr_is_multicast(dest
)) {
1435 ND_PRINTK2(KERN_WARNING
1436 "ICMPv6 Redirect: destination address is multicast.\n");
1440 if (ipv6_addr_equal(dest
, target
)) {
1442 } else if (ipv6_addr_type(target
) !=
1443 (IPV6_ADDR_UNICAST
|IPV6_ADDR_LINKLOCAL
)) {
1444 ND_PRINTK2(KERN_WARNING
1445 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1449 in6_dev
= in6_dev_get(skb
->dev
);
1452 if (in6_dev
->cnf
.forwarding
|| !in6_dev
->cnf
.accept_redirects
) {
1453 in6_dev_put(in6_dev
);
1458 * The IP source address of the Redirect MUST be the same as the current
1459 * first-hop router for the specified ICMP Destination Address.
1462 if (!ndisc_parse_options((u8
*)(dest
+ 1), optlen
, &ndopts
)) {
1463 ND_PRINTK2(KERN_WARNING
1464 "ICMPv6 Redirect: invalid ND options\n");
1465 in6_dev_put(in6_dev
);
1468 if (ndopts
.nd_opts_tgt_lladdr
) {
1469 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_tgt_lladdr
,
1472 ND_PRINTK2(KERN_WARNING
1473 "ICMPv6 Redirect: invalid link-layer address length\n");
1474 in6_dev_put(in6_dev
);
1479 neigh
= __neigh_lookup(&nd_tbl
, target
, skb
->dev
, 1);
1481 rt6_redirect(dest
, &ipv6_hdr(skb
)->daddr
,
1482 &ipv6_hdr(skb
)->saddr
, neigh
, lladdr
,
1484 neigh_release(neigh
);
1486 in6_dev_put(in6_dev
);
1489 void ndisc_send_redirect(struct sk_buff
*skb
, struct neighbour
*neigh
,
1490 const struct in6_addr
*target
)
1492 struct net_device
*dev
= skb
->dev
;
1493 struct net
*net
= dev_net(dev
);
1494 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
1495 int len
= sizeof(struct icmp6hdr
) + 2 * sizeof(struct in6_addr
);
1496 struct sk_buff
*buff
;
1497 struct icmp6hdr
*icmph
;
1498 struct in6_addr saddr_buf
;
1499 struct in6_addr
*addrp
;
1500 struct rt6_info
*rt
;
1501 struct dst_entry
*dst
;
1502 struct inet6_dev
*idev
;
1507 u8 ha_buf
[MAX_ADDR_LEN
], *ha
= NULL
;
1509 if (ipv6_get_lladdr(dev
, &saddr_buf
, IFA_F_TENTATIVE
)) {
1510 ND_PRINTK2(KERN_WARNING
1511 "ICMPv6 Redirect: no link-local address on %s\n",
1516 if (!ipv6_addr_equal(&ipv6_hdr(skb
)->daddr
, target
) &&
1517 ipv6_addr_type(target
) != (IPV6_ADDR_UNICAST
|IPV6_ADDR_LINKLOCAL
)) {
1518 ND_PRINTK2(KERN_WARNING
1519 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1523 icmpv6_flow_init(sk
, &fl
, NDISC_REDIRECT
,
1524 &saddr_buf
, &ipv6_hdr(skb
)->saddr
, dev
->ifindex
);
1526 dst
= ip6_route_output(net
, NULL
, &fl
);
1530 err
= xfrm_lookup(net
, &dst
, &fl
, NULL
, 0);
1534 rt
= (struct rt6_info
*) dst
;
1536 if (rt
->rt6i_flags
& RTF_GATEWAY
) {
1537 ND_PRINTK2(KERN_WARNING
1538 "ICMPv6 Redirect: destination is not a neighbour.\n");
1541 if (!xrlim_allow(dst
, 1*HZ
))
1544 if (dev
->addr_len
) {
1545 read_lock_bh(&neigh
->lock
);
1546 if (neigh
->nud_state
& NUD_VALID
) {
1547 memcpy(ha_buf
, neigh
->ha
, dev
->addr_len
);
1548 read_unlock_bh(&neigh
->lock
);
1550 len
+= ndisc_opt_addr_space(dev
);
1552 read_unlock_bh(&neigh
->lock
);
1555 rd_len
= min_t(unsigned int,
1556 IPV6_MIN_MTU
-sizeof(struct ipv6hdr
)-len
, skb
->len
+ 8);
1560 buff
= sock_alloc_send_skb(sk
,
1561 (MAX_HEADER
+ sizeof(struct ipv6hdr
) +
1562 len
+ LL_ALLOCATED_SPACE(dev
)),
1566 "ICMPv6 Redirect: %s() failed to allocate an skb, err=%d.\n",
1571 skb_reserve(buff
, LL_RESERVED_SPACE(dev
));
1572 ip6_nd_hdr(sk
, buff
, dev
, &saddr_buf
, &ipv6_hdr(skb
)->saddr
,
1573 IPPROTO_ICMPV6
, len
);
1575 skb_set_transport_header(buff
, skb_tail_pointer(buff
) - buff
->data
);
1577 icmph
= icmp6_hdr(buff
);
1579 memset(icmph
, 0, sizeof(struct icmp6hdr
));
1580 icmph
->icmp6_type
= NDISC_REDIRECT
;
1583 * copy target and destination addresses
1586 addrp
= (struct in6_addr
*)(icmph
+ 1);
1587 ipv6_addr_copy(addrp
, target
);
1589 ipv6_addr_copy(addrp
, &ipv6_hdr(skb
)->daddr
);
1591 opt
= (u8
*) (addrp
+ 1);
1594 * include target_address option
1598 opt
= ndisc_fill_addr_option(opt
, ND_OPT_TARGET_LL_ADDR
, ha
,
1599 dev
->addr_len
, dev
->type
);
1602 * build redirect option and copy skb over to the new packet.
1606 *(opt
++) = ND_OPT_REDIRECT_HDR
;
1607 *(opt
++) = (rd_len
>> 3);
1610 memcpy(opt
, ipv6_hdr(skb
), rd_len
- 8);
1612 icmph
->icmp6_cksum
= csum_ipv6_magic(&saddr_buf
, &ipv6_hdr(skb
)->saddr
,
1613 len
, IPPROTO_ICMPV6
,
1614 csum_partial(icmph
, len
, 0));
1616 skb_dst_set(buff
, dst
);
1617 idev
= in6_dev_get(dst
->dev
);
1618 IP6_UPD_PO_STATS(net
, idev
, IPSTATS_MIB_OUT
, skb
->len
);
1619 err
= NF_HOOK(NFPROTO_IPV6
, NF_INET_LOCAL_OUT
, buff
, NULL
, dst
->dev
,
1622 ICMP6MSGOUT_INC_STATS(net
, idev
, NDISC_REDIRECT
);
1623 ICMP6_INC_STATS(net
, idev
, ICMP6_MIB_OUTMSGS
);
1626 if (likely(idev
!= NULL
))
1634 static void pndisc_redo(struct sk_buff
*skb
)
1640 int ndisc_rcv(struct sk_buff
*skb
)
1644 if (!pskb_may_pull(skb
, skb
->len
))
1647 msg
= (struct nd_msg
*)skb_transport_header(skb
);
1649 __skb_push(skb
, skb
->data
- skb_transport_header(skb
));
1651 if (ipv6_hdr(skb
)->hop_limit
!= 255) {
1652 ND_PRINTK2(KERN_WARNING
1653 "ICMPv6 NDISC: invalid hop-limit: %d\n",
1654 ipv6_hdr(skb
)->hop_limit
);
1658 if (msg
->icmph
.icmp6_code
!= 0) {
1659 ND_PRINTK2(KERN_WARNING
1660 "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1661 msg
->icmph
.icmp6_code
);
1665 memset(NEIGH_CB(skb
), 0, sizeof(struct neighbour_cb
));
1667 switch (msg
->icmph
.icmp6_type
) {
1668 case NDISC_NEIGHBOUR_SOLICITATION
:
1672 case NDISC_NEIGHBOUR_ADVERTISEMENT
:
1676 case NDISC_ROUTER_SOLICITATION
:
1680 case NDISC_ROUTER_ADVERTISEMENT
:
1681 ndisc_router_discovery(skb
);
1684 case NDISC_REDIRECT
:
1685 ndisc_redirect_rcv(skb
);
1692 static int ndisc_netdev_event(struct notifier_block
*this, unsigned long event
, void *ptr
)
1694 struct net_device
*dev
= ptr
;
1695 struct net
*net
= dev_net(dev
);
1698 case NETDEV_CHANGEADDR
:
1699 neigh_changeaddr(&nd_tbl
, dev
);
1700 fib6_run_gc(~0UL, net
);
1703 neigh_ifdown(&nd_tbl
, dev
);
1704 fib6_run_gc(~0UL, net
);
1713 static struct notifier_block ndisc_netdev_notifier
= {
1714 .notifier_call
= ndisc_netdev_event
,
1717 #ifdef CONFIG_SYSCTL
1718 static void ndisc_warn_deprecated_sysctl(struct ctl_table
*ctl
,
1719 const char *func
, const char *dev_name
)
1721 static char warncomm
[TASK_COMM_LEN
];
1723 if (strcmp(warncomm
, current
->comm
) && warned
< 5) {
1724 strcpy(warncomm
, current
->comm
);
1726 "process `%s' is using deprecated sysctl (%s) "
1727 "net.ipv6.neigh.%s.%s; "
1728 "Use net.ipv6.neigh.%s.%s_ms "
1731 dev_name
, ctl
->procname
,
1732 dev_name
, ctl
->procname
);
1737 int ndisc_ifinfo_sysctl_change(struct ctl_table
*ctl
, int write
, void __user
*buffer
, size_t *lenp
, loff_t
*ppos
)
1739 struct net_device
*dev
= ctl
->extra1
;
1740 struct inet6_dev
*idev
;
1743 if ((strcmp(ctl
->procname
, "retrans_time") == 0) ||
1744 (strcmp(ctl
->procname
, "base_reachable_time") == 0))
1745 ndisc_warn_deprecated_sysctl(ctl
, "syscall", dev
? dev
->name
: "default");
1747 if (strcmp(ctl
->procname
, "retrans_time") == 0)
1748 ret
= proc_dointvec(ctl
, write
, buffer
, lenp
, ppos
);
1750 else if (strcmp(ctl
->procname
, "base_reachable_time") == 0)
1751 ret
= proc_dointvec_jiffies(ctl
, write
,
1752 buffer
, lenp
, ppos
);
1754 else if ((strcmp(ctl
->procname
, "retrans_time_ms") == 0) ||
1755 (strcmp(ctl
->procname
, "base_reachable_time_ms") == 0))
1756 ret
= proc_dointvec_ms_jiffies(ctl
, write
,
1757 buffer
, lenp
, ppos
);
1761 if (write
&& ret
== 0 && dev
&& (idev
= in6_dev_get(dev
)) != NULL
) {
1762 if (ctl
->data
== &idev
->nd_parms
->base_reachable_time
)
1763 idev
->nd_parms
->reachable_time
= neigh_rand_reach_time(idev
->nd_parms
->base_reachable_time
);
1764 idev
->tstamp
= jiffies
;
1765 inet6_ifinfo_notify(RTM_NEWLINK
, idev
);
1774 static int __net_init
ndisc_net_init(struct net
*net
)
1776 struct ipv6_pinfo
*np
;
1780 err
= inet_ctl_sock_create(&sk
, PF_INET6
,
1781 SOCK_RAW
, IPPROTO_ICMPV6
, net
);
1784 "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1789 net
->ipv6
.ndisc_sk
= sk
;
1792 np
->hop_limit
= 255;
1793 /* Do not loopback ndisc messages */
1799 static void __net_exit
ndisc_net_exit(struct net
*net
)
1801 inet_ctl_sock_destroy(net
->ipv6
.ndisc_sk
);
1804 static struct pernet_operations ndisc_net_ops
= {
1805 .init
= ndisc_net_init
,
1806 .exit
= ndisc_net_exit
,
1809 int __init
ndisc_init(void)
1813 err
= register_pernet_subsys(&ndisc_net_ops
);
1817 * Initialize the neighbour table
1819 neigh_table_init(&nd_tbl
);
1821 #ifdef CONFIG_SYSCTL
1822 err
= neigh_sysctl_register(NULL
, &nd_tbl
.parms
, "ipv6",
1823 &ndisc_ifinfo_sysctl_change
);
1825 goto out_unregister_pernet
;
1827 err
= register_netdevice_notifier(&ndisc_netdev_notifier
);
1829 goto out_unregister_sysctl
;
1833 out_unregister_sysctl
:
1834 #ifdef CONFIG_SYSCTL
1835 neigh_sysctl_unregister(&nd_tbl
.parms
);
1836 out_unregister_pernet
:
1838 unregister_pernet_subsys(&ndisc_net_ops
);
1842 void ndisc_cleanup(void)
1844 unregister_netdevice_notifier(&ndisc_netdev_notifier
);
1845 #ifdef CONFIG_SYSCTL
1846 neigh_sysctl_unregister(&nd_tbl
.parms
);
1848 neigh_table_clear(&nd_tbl
);
1849 unregister_pernet_subsys(&ndisc_net_ops
);