2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Pierre Ynard : export userland ND options
19 * through netlink (RDNSS support)
20 * Lars Fenneberg : fixed MTU setting on receipt
22 * Janos Farkas : kmalloc failure checks
23 * Alexey Kuznetsov : state machine reworked
24 * and moved to net/core.
25 * Pekka Savola : RFC2461 validation
26 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
29 /* Set to 3 to get tracing... */
32 #define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
33 #define ND_NOPRINTK(x...) do { ; } while(0)
34 #define ND_PRINTK0 ND_PRINTK
35 #define ND_PRINTK1 ND_NOPRINTK
36 #define ND_PRINTK2 ND_NOPRINTK
37 #define ND_PRINTK3 ND_NOPRINTK
40 #define ND_PRINTK1 ND_PRINTK
44 #define ND_PRINTK2 ND_PRINTK
48 #define ND_PRINTK3 ND_PRINTK
51 #include <linux/module.h>
52 #include <linux/errno.h>
53 #include <linux/types.h>
54 #include <linux/socket.h>
55 #include <linux/sockios.h>
56 #include <linux/sched.h>
57 #include <linux/net.h>
58 #include <linux/in6.h>
59 #include <linux/route.h>
60 #include <linux/init.h>
61 #include <linux/rcupdate.h>
63 #include <linux/sysctl.h>
66 #include <linux/if_addr.h>
67 #include <linux/if_arp.h>
68 #include <linux/ipv6.h>
69 #include <linux/icmpv6.h>
70 #include <linux/jhash.h>
76 #include <net/protocol.h>
77 #include <net/ndisc.h>
78 #include <net/ip6_route.h>
79 #include <net/addrconf.h>
82 #include <net/netlink.h>
83 #include <linux/rtnetlink.h>
86 #include <net/ip6_checksum.h>
87 #include <linux/proc_fs.h>
89 #include <linux/netfilter.h>
90 #include <linux/netfilter_ipv6.h>
92 static struct socket
*ndisc_socket
;
94 static u32
ndisc_hash(const void *pkey
, const struct net_device
*dev
);
95 static int ndisc_constructor(struct neighbour
*neigh
);
96 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
);
97 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
);
98 static int pndisc_constructor(struct pneigh_entry
*n
);
99 static void pndisc_destructor(struct pneigh_entry
*n
);
100 static void pndisc_redo(struct sk_buff
*skb
);
102 static struct neigh_ops ndisc_generic_ops
= {
104 .solicit
= ndisc_solicit
,
105 .error_report
= ndisc_error_report
,
106 .output
= neigh_resolve_output
,
107 .connected_output
= neigh_connected_output
,
108 .hh_output
= dev_queue_xmit
,
109 .queue_xmit
= dev_queue_xmit
,
112 static struct neigh_ops ndisc_hh_ops
= {
114 .solicit
= ndisc_solicit
,
115 .error_report
= ndisc_error_report
,
116 .output
= neigh_resolve_output
,
117 .connected_output
= neigh_resolve_output
,
118 .hh_output
= dev_queue_xmit
,
119 .queue_xmit
= dev_queue_xmit
,
123 static struct neigh_ops ndisc_direct_ops
= {
125 .output
= dev_queue_xmit
,
126 .connected_output
= dev_queue_xmit
,
127 .hh_output
= dev_queue_xmit
,
128 .queue_xmit
= dev_queue_xmit
,
131 struct neigh_table nd_tbl
= {
133 .entry_size
= sizeof(struct neighbour
) + sizeof(struct in6_addr
),
134 .key_len
= sizeof(struct in6_addr
),
136 .constructor
= ndisc_constructor
,
137 .pconstructor
= pndisc_constructor
,
138 .pdestructor
= pndisc_destructor
,
139 .proxy_redo
= pndisc_redo
,
143 .base_reachable_time
= 30 * HZ
,
144 .retrans_time
= 1 * HZ
,
145 .gc_staletime
= 60 * HZ
,
146 .reachable_time
= 30 * HZ
,
147 .delay_probe_time
= 5 * HZ
,
151 .anycast_delay
= 1 * HZ
,
152 .proxy_delay
= (8 * HZ
) / 10,
155 .gc_interval
= 30 * HZ
,
162 struct ndisc_options
{
163 struct nd_opt_hdr
*nd_opt_array
[__ND_OPT_ARRAY_MAX
];
164 #ifdef CONFIG_IPV6_ROUTE_INFO
165 struct nd_opt_hdr
*nd_opts_ri
;
166 struct nd_opt_hdr
*nd_opts_ri_end
;
168 struct nd_opt_hdr
*nd_useropts
;
169 struct nd_opt_hdr
*nd_useropts_end
;
172 #define nd_opts_src_lladdr nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
173 #define nd_opts_tgt_lladdr nd_opt_array[ND_OPT_TARGET_LL_ADDR]
174 #define nd_opts_pi nd_opt_array[ND_OPT_PREFIX_INFO]
175 #define nd_opts_pi_end nd_opt_array[__ND_OPT_PREFIX_INFO_END]
176 #define nd_opts_rh nd_opt_array[ND_OPT_REDIRECT_HDR]
177 #define nd_opts_mtu nd_opt_array[ND_OPT_MTU]
179 #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
182 * Return the padding between the option length and the start of the
183 * link addr. Currently only IP-over-InfiniBand needs this, although
184 * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
185 * also need a pad of 2.
187 static int ndisc_addr_option_pad(unsigned short type
)
190 case ARPHRD_INFINIBAND
: return 2;
195 static inline int ndisc_opt_addr_space(struct net_device
*dev
)
197 return NDISC_OPT_SPACE(dev
->addr_len
+ ndisc_addr_option_pad(dev
->type
));
200 static u8
*ndisc_fill_addr_option(u8
*opt
, int type
, void *data
, int data_len
,
201 unsigned short addr_type
)
203 int space
= NDISC_OPT_SPACE(data_len
);
204 int pad
= ndisc_addr_option_pad(addr_type
);
209 memset(opt
+ 2, 0, pad
);
213 memcpy(opt
+2, data
, data_len
);
216 if ((space
-= data_len
) > 0)
217 memset(opt
, 0, space
);
221 static struct nd_opt_hdr
*ndisc_next_option(struct nd_opt_hdr
*cur
,
222 struct nd_opt_hdr
*end
)
225 if (!cur
|| !end
|| cur
>= end
)
227 type
= cur
->nd_opt_type
;
229 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
230 } while(cur
< end
&& cur
->nd_opt_type
!= type
);
231 return (cur
<= end
&& cur
->nd_opt_type
== type
? cur
: NULL
);
234 static inline int ndisc_is_useropt(struct nd_opt_hdr
*opt
)
236 return (opt
->nd_opt_type
== ND_OPT_RDNSS
);
239 static struct nd_opt_hdr
*ndisc_next_useropt(struct nd_opt_hdr
*cur
,
240 struct nd_opt_hdr
*end
)
242 if (!cur
|| !end
|| cur
>= end
)
245 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
246 } while(cur
< end
&& !ndisc_is_useropt(cur
));
247 return (cur
<= end
&& ndisc_is_useropt(cur
) ? cur
: NULL
);
250 static struct ndisc_options
*ndisc_parse_options(u8
*opt
, int opt_len
,
251 struct ndisc_options
*ndopts
)
253 struct nd_opt_hdr
*nd_opt
= (struct nd_opt_hdr
*)opt
;
255 if (!nd_opt
|| opt_len
< 0 || !ndopts
)
257 memset(ndopts
, 0, sizeof(*ndopts
));
260 if (opt_len
< sizeof(struct nd_opt_hdr
))
262 l
= nd_opt
->nd_opt_len
<< 3;
263 if (opt_len
< l
|| l
== 0)
265 switch (nd_opt
->nd_opt_type
) {
266 case ND_OPT_SOURCE_LL_ADDR
:
267 case ND_OPT_TARGET_LL_ADDR
:
269 case ND_OPT_REDIRECT_HDR
:
270 if (ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
]) {
271 ND_PRINTK2(KERN_WARNING
272 "%s(): duplicated ND6 option found: type=%d\n",
274 nd_opt
->nd_opt_type
);
276 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
279 case ND_OPT_PREFIX_INFO
:
280 ndopts
->nd_opts_pi_end
= nd_opt
;
281 if (!ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
])
282 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
284 #ifdef CONFIG_IPV6_ROUTE_INFO
285 case ND_OPT_ROUTE_INFO
:
286 ndopts
->nd_opts_ri_end
= nd_opt
;
287 if (!ndopts
->nd_opts_ri
)
288 ndopts
->nd_opts_ri
= nd_opt
;
292 if (ndisc_is_useropt(nd_opt
)) {
293 ndopts
->nd_useropts_end
= nd_opt
;
294 if (!ndopts
->nd_useropts
)
295 ndopts
->nd_useropts
= nd_opt
;
298 * Unknown options must be silently ignored,
299 * to accommodate future extension to the
302 ND_PRINTK2(KERN_NOTICE
303 "%s(): ignored unsupported option; type=%d, len=%d\n",
305 nd_opt
->nd_opt_type
, nd_opt
->nd_opt_len
);
309 nd_opt
= ((void *)nd_opt
) + l
;
314 static inline u8
*ndisc_opt_addr_data(struct nd_opt_hdr
*p
,
315 struct net_device
*dev
)
317 u8
*lladdr
= (u8
*)(p
+ 1);
318 int lladdrlen
= p
->nd_opt_len
<< 3;
319 int prepad
= ndisc_addr_option_pad(dev
->type
);
320 if (lladdrlen
!= NDISC_OPT_SPACE(dev
->addr_len
+ prepad
))
322 return (lladdr
+ prepad
);
325 int ndisc_mc_map(struct in6_addr
*addr
, char *buf
, struct net_device
*dev
, int dir
)
329 case ARPHRD_IEEE802
: /* Not sure. Check it later. --ANK */
331 ipv6_eth_mc_map(addr
, buf
);
333 case ARPHRD_IEEE802_TR
:
334 ipv6_tr_mc_map(addr
,buf
);
337 ipv6_arcnet_mc_map(addr
, buf
);
339 case ARPHRD_INFINIBAND
:
340 ipv6_ib_mc_map(addr
, dev
->broadcast
, buf
);
344 memcpy(buf
, dev
->broadcast
, dev
->addr_len
);
351 EXPORT_SYMBOL(ndisc_mc_map
);
353 static u32
ndisc_hash(const void *pkey
, const struct net_device
*dev
)
355 const u32
*p32
= pkey
;
359 for (i
= 0; i
< (sizeof(struct in6_addr
) / sizeof(u32
)); i
++)
362 return jhash_2words(addr_hash
, dev
->ifindex
, nd_tbl
.hash_rnd
);
365 static int ndisc_constructor(struct neighbour
*neigh
)
367 struct in6_addr
*addr
= (struct in6_addr
*)&neigh
->primary_key
;
368 struct net_device
*dev
= neigh
->dev
;
369 struct inet6_dev
*in6_dev
;
370 struct neigh_parms
*parms
;
371 int is_multicast
= ipv6_addr_is_multicast(addr
);
374 in6_dev
= in6_dev_get(dev
);
375 if (in6_dev
== NULL
) {
380 parms
= in6_dev
->nd_parms
;
381 __neigh_parms_put(neigh
->parms
);
382 neigh
->parms
= neigh_parms_clone(parms
);
385 neigh
->type
= is_multicast
? RTN_MULTICAST
: RTN_UNICAST
;
386 if (!dev
->header_ops
) {
387 neigh
->nud_state
= NUD_NOARP
;
388 neigh
->ops
= &ndisc_direct_ops
;
389 neigh
->output
= neigh
->ops
->queue_xmit
;
392 neigh
->nud_state
= NUD_NOARP
;
393 ndisc_mc_map(addr
, neigh
->ha
, dev
, 1);
394 } else if (dev
->flags
&(IFF_NOARP
|IFF_LOOPBACK
)) {
395 neigh
->nud_state
= NUD_NOARP
;
396 memcpy(neigh
->ha
, dev
->dev_addr
, dev
->addr_len
);
397 if (dev
->flags
&IFF_LOOPBACK
)
398 neigh
->type
= RTN_LOCAL
;
399 } else if (dev
->flags
&IFF_POINTOPOINT
) {
400 neigh
->nud_state
= NUD_NOARP
;
401 memcpy(neigh
->ha
, dev
->broadcast
, dev
->addr_len
);
403 if (dev
->header_ops
->cache
)
404 neigh
->ops
= &ndisc_hh_ops
;
406 neigh
->ops
= &ndisc_generic_ops
;
407 if (neigh
->nud_state
&NUD_VALID
)
408 neigh
->output
= neigh
->ops
->connected_output
;
410 neigh
->output
= neigh
->ops
->output
;
412 in6_dev_put(in6_dev
);
416 static int pndisc_constructor(struct pneigh_entry
*n
)
418 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
419 struct in6_addr maddr
;
420 struct net_device
*dev
= n
->dev
;
422 if (dev
== NULL
|| __in6_dev_get(dev
) == NULL
)
424 addrconf_addr_solict_mult(addr
, &maddr
);
425 ipv6_dev_mc_inc(dev
, &maddr
);
429 static void pndisc_destructor(struct pneigh_entry
*n
)
431 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
432 struct in6_addr maddr
;
433 struct net_device
*dev
= n
->dev
;
435 if (dev
== NULL
|| __in6_dev_get(dev
) == NULL
)
437 addrconf_addr_solict_mult(addr
, &maddr
);
438 ipv6_dev_mc_dec(dev
, &maddr
);
442 * Send a Neighbour Advertisement
445 static inline void ndisc_flow_init(struct flowi
*fl
, u8 type
,
446 struct in6_addr
*saddr
, struct in6_addr
*daddr
,
449 memset(fl
, 0, sizeof(*fl
));
450 ipv6_addr_copy(&fl
->fl6_src
, saddr
);
451 ipv6_addr_copy(&fl
->fl6_dst
, daddr
);
452 fl
->proto
= IPPROTO_ICMPV6
;
453 fl
->fl_icmp_type
= type
;
454 fl
->fl_icmp_code
= 0;
456 security_sk_classify_flow(ndisc_socket
->sk
, fl
);
459 static void __ndisc_send(struct net_device
*dev
,
460 struct neighbour
*neigh
,
461 struct in6_addr
*daddr
, struct in6_addr
*saddr
,
462 struct icmp6hdr
*icmp6h
, struct in6_addr
*target
,
466 struct dst_entry
*dst
;
467 struct sock
*sk
= ndisc_socket
->sk
;
469 struct icmp6hdr
*hdr
;
470 struct inet6_dev
*idev
;
475 type
= icmp6h
->icmp6_type
;
477 ndisc_flow_init(&fl
, type
, saddr
, daddr
,
480 dst
= ndisc_dst_alloc(dev
, neigh
, daddr
, ip6_output
);
484 err
= xfrm_lookup(&dst
, &fl
, NULL
, 0);
491 len
= sizeof(struct icmp6hdr
) + (target
? sizeof(*target
) : 0);
493 len
+= ndisc_opt_addr_space(dev
);
495 skb
= sock_alloc_send_skb(sk
,
496 (MAX_HEADER
+ sizeof(struct ipv6hdr
) +
497 len
+ LL_RESERVED_SPACE(dev
)),
501 "ICMPv6 ND: %s() failed to allocate an skb.\n",
507 skb_reserve(skb
, LL_RESERVED_SPACE(dev
));
508 ip6_nd_hdr(sk
, skb
, dev
, saddr
, daddr
, IPPROTO_ICMPV6
, len
);
510 skb
->transport_header
= skb
->tail
;
513 hdr
= (struct icmp6hdr
*)skb_transport_header(skb
);
514 memcpy(hdr
, icmp6h
, sizeof(*hdr
));
516 opt
= skb_transport_header(skb
) + sizeof(struct icmp6hdr
);
518 ipv6_addr_copy((struct in6_addr
*)opt
, target
);
519 opt
+= sizeof(*target
);
523 ndisc_fill_addr_option(opt
, llinfo
, dev
->dev_addr
,
524 dev
->addr_len
, dev
->type
);
526 hdr
->icmp6_cksum
= csum_ipv6_magic(saddr
, daddr
, len
,
528 csum_partial((__u8
*) hdr
,
533 idev
= in6_dev_get(dst
->dev
);
534 IP6_INC_STATS(idev
, IPSTATS_MIB_OUTREQUESTS
);
536 err
= NF_HOOK(PF_INET6
, NF_INET_LOCAL_OUT
, skb
, NULL
, dst
->dev
,
539 ICMP6MSGOUT_INC_STATS(idev
, type
);
540 ICMP6_INC_STATS(idev
, ICMP6_MIB_OUTMSGS
);
543 if (likely(idev
!= NULL
))
547 static void ndisc_send_na(struct net_device
*dev
, struct neighbour
*neigh
,
548 struct in6_addr
*daddr
, struct in6_addr
*solicited_addr
,
549 int router
, int solicited
, int override
, int inc_opt
)
551 struct in6_addr tmpaddr
;
552 struct inet6_ifaddr
*ifp
;
553 struct in6_addr
*src_addr
;
554 struct icmp6hdr icmp6h
= {
555 .icmp6_type
= NDISC_NEIGHBOUR_ADVERTISEMENT
,
558 /* for anycast or proxy, solicited_addr != src_addr */
559 ifp
= ipv6_get_ifaddr(&init_net
, solicited_addr
, dev
, 1);
561 src_addr
= solicited_addr
;
562 if (ifp
->flags
& IFA_F_OPTIMISTIC
)
566 if (ipv6_dev_get_saddr(dev
, daddr
, &tmpaddr
))
571 icmp6h
.icmp6_router
= router
;
572 icmp6h
.icmp6_solicited
= solicited
;
573 icmp6h
.icmp6_override
= override
;
575 __ndisc_send(dev
, neigh
, daddr
, src_addr
,
576 &icmp6h
, solicited_addr
,
577 inc_opt
? ND_OPT_TARGET_LL_ADDR
: 0);
580 void ndisc_send_ns(struct net_device
*dev
, struct neighbour
*neigh
,
581 struct in6_addr
*solicit
,
582 struct in6_addr
*daddr
, struct in6_addr
*saddr
)
584 struct in6_addr addr_buf
;
585 struct icmp6hdr icmp6h
= {
586 .icmp6_type
= NDISC_NEIGHBOUR_SOLICITATION
,
590 if (ipv6_get_lladdr(dev
, &addr_buf
,
591 (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)))
596 __ndisc_send(dev
, neigh
, daddr
, saddr
,
598 !ipv6_addr_any(saddr
) ? ND_OPT_SOURCE_LL_ADDR
: 0);
601 void ndisc_send_rs(struct net_device
*dev
, struct in6_addr
*saddr
,
602 struct in6_addr
*daddr
)
604 struct icmp6hdr icmp6h
= {
605 .icmp6_type
= NDISC_ROUTER_SOLICITATION
,
607 int send_sllao
= dev
->addr_len
;
609 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
611 * According to section 2.2 of RFC 4429, we must not
612 * send router solicitations with a sllao from
613 * optimistic addresses, but we may send the solicitation
614 * if we don't include the sllao. So here we check
615 * if our address is optimistic, and if so, we
616 * suppress the inclusion of the sllao.
619 struct inet6_ifaddr
*ifp
= ipv6_get_ifaddr(&init_net
, saddr
,
622 if (ifp
->flags
& IFA_F_OPTIMISTIC
) {
631 __ndisc_send(dev
, NULL
, daddr
, saddr
,
633 send_sllao
? ND_OPT_SOURCE_LL_ADDR
: 0);
637 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
)
640 * "The sender MUST return an ICMP
641 * destination unreachable"
643 dst_link_failure(skb
);
647 /* Called with locked neigh: either read or both */
649 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
)
651 struct in6_addr
*saddr
= NULL
;
652 struct in6_addr mcaddr
;
653 struct net_device
*dev
= neigh
->dev
;
654 struct in6_addr
*target
= (struct in6_addr
*)&neigh
->primary_key
;
655 int probes
= atomic_read(&neigh
->probes
);
657 if (skb
&& ipv6_chk_addr(&init_net
, &ipv6_hdr(skb
)->saddr
, dev
, 1))
658 saddr
= &ipv6_hdr(skb
)->saddr
;
660 if ((probes
-= neigh
->parms
->ucast_probes
) < 0) {
661 if (!(neigh
->nud_state
& NUD_VALID
)) {
662 ND_PRINTK1(KERN_DEBUG
663 "%s(): trying to ucast probe in NUD_INVALID: "
668 ndisc_send_ns(dev
, neigh
, target
, target
, saddr
);
669 } else if ((probes
-= neigh
->parms
->app_probes
) < 0) {
674 addrconf_addr_solict_mult(target
, &mcaddr
);
675 ndisc_send_ns(dev
, NULL
, target
, &mcaddr
, saddr
);
679 static struct pneigh_entry
*pndisc_check_router(struct net_device
*dev
,
680 struct in6_addr
*addr
, int *is_router
)
682 struct pneigh_entry
*n
;
684 read_lock_bh(&nd_tbl
.lock
);
685 n
= __pneigh_lookup(&nd_tbl
, &init_net
, addr
, dev
);
687 *is_router
= (n
->flags
& NTF_ROUTER
);
688 read_unlock_bh(&nd_tbl
.lock
);
693 static void ndisc_recv_ns(struct sk_buff
*skb
)
695 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
696 struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
697 struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
699 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
700 offsetof(struct nd_msg
, opt
));
701 struct ndisc_options ndopts
;
702 struct net_device
*dev
= skb
->dev
;
703 struct inet6_ifaddr
*ifp
;
704 struct inet6_dev
*idev
= NULL
;
705 struct neighbour
*neigh
;
706 struct pneigh_entry
*pneigh
= NULL
;
707 int dad
= ipv6_addr_any(saddr
);
711 if (ipv6_addr_is_multicast(&msg
->target
)) {
712 ND_PRINTK2(KERN_WARNING
713 "ICMPv6 NS: multicast target address");
719 * DAD has to be destined for solicited node multicast address.
722 !(daddr
->s6_addr32
[0] == htonl(0xff020000) &&
723 daddr
->s6_addr32
[1] == htonl(0x00000000) &&
724 daddr
->s6_addr32
[2] == htonl(0x00000001) &&
725 daddr
->s6_addr
[12] == 0xff )) {
726 ND_PRINTK2(KERN_WARNING
727 "ICMPv6 NS: bad DAD packet (wrong destination)\n");
731 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
)) {
732 ND_PRINTK2(KERN_WARNING
733 "ICMPv6 NS: invalid ND options\n");
737 if (ndopts
.nd_opts_src_lladdr
) {
738 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
, dev
);
740 ND_PRINTK2(KERN_WARNING
741 "ICMPv6 NS: invalid link-layer address length\n");
746 * If the IP source address is the unspecified address,
747 * there MUST NOT be source link-layer address option
751 ND_PRINTK2(KERN_WARNING
752 "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
757 inc
= ipv6_addr_is_multicast(daddr
);
759 if ((ifp
= ipv6_get_ifaddr(&init_net
, &msg
->target
, dev
, 1)) != NULL
) {
761 if (ifp
->flags
& (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)) {
763 if (dev
->type
== ARPHRD_IEEE802_TR
) {
764 const unsigned char *sadr
;
765 sadr
= skb_mac_header(skb
);
766 if (((sadr
[8] ^ dev
->dev_addr
[0]) & 0x7f) == 0 &&
767 sadr
[9] == dev
->dev_addr
[1] &&
768 sadr
[10] == dev
->dev_addr
[2] &&
769 sadr
[11] == dev
->dev_addr
[3] &&
770 sadr
[12] == dev
->dev_addr
[4] &&
771 sadr
[13] == dev
->dev_addr
[5]) {
772 /* looped-back to us */
778 * We are colliding with another node
780 * so fail our DAD process
782 addrconf_dad_failure(ifp
);
786 * This is not a dad solicitation.
787 * If we are an optimistic node,
789 * Otherwise, we should ignore it.
791 if (!(ifp
->flags
& IFA_F_OPTIMISTIC
))
798 idev
= in6_dev_get(dev
);
800 /* XXX: count this drop? */
804 if (ipv6_chk_acast_addr(dev
, &msg
->target
) ||
805 (idev
->cnf
.forwarding
&&
806 (ipv6_devconf
.proxy_ndp
|| idev
->cnf
.proxy_ndp
) &&
807 (pneigh
= pndisc_check_router(dev
, &msg
->target
,
808 &is_router
)) != NULL
)) {
809 if (!(NEIGH_CB(skb
)->flags
& LOCALLY_ENQUEUED
) &&
810 skb
->pkt_type
!= PACKET_HOST
&&
812 idev
->nd_parms
->proxy_delay
!= 0) {
814 * for anycast or proxy,
815 * sender should delay its response
816 * by a random time between 0 and
817 * MAX_ANYCAST_DELAY_TIME seconds.
818 * (RFC2461) -- yoshfuji
820 struct sk_buff
*n
= skb_clone(skb
, GFP_ATOMIC
);
822 pneigh_enqueue(&nd_tbl
, idev
->nd_parms
, n
);
829 is_router
= !!(pneigh
? is_router
: idev
->cnf
.forwarding
);
832 struct in6_addr maddr
;
834 ipv6_addr_all_nodes(&maddr
);
835 ndisc_send_na(dev
, NULL
, &maddr
, &msg
->target
,
836 is_router
, 0, (ifp
!= NULL
), 1);
841 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_mcast
);
843 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_ucast
);
846 * update / create cache entry
847 * for the source address
849 neigh
= __neigh_lookup(&nd_tbl
, saddr
, dev
,
850 !inc
|| lladdr
|| !dev
->addr_len
);
852 neigh_update(neigh
, lladdr
, NUD_STALE
,
853 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
854 NEIGH_UPDATE_F_OVERRIDE
);
855 if (neigh
|| !dev
->header_ops
) {
856 ndisc_send_na(dev
, neigh
, saddr
, &msg
->target
,
858 1, (ifp
!= NULL
&& inc
), inc
);
860 neigh_release(neigh
);
872 static void ndisc_recv_na(struct sk_buff
*skb
)
874 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
875 struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
876 struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
878 u32 ndoptlen
= skb
->tail
- (skb
->transport_header
+
879 offsetof(struct nd_msg
, opt
));
880 struct ndisc_options ndopts
;
881 struct net_device
*dev
= skb
->dev
;
882 struct inet6_ifaddr
*ifp
;
883 struct neighbour
*neigh
;
885 if (skb
->len
< sizeof(struct nd_msg
)) {
886 ND_PRINTK2(KERN_WARNING
887 "ICMPv6 NA: packet too short\n");
891 if (ipv6_addr_is_multicast(&msg
->target
)) {
892 ND_PRINTK2(KERN_WARNING
893 "ICMPv6 NA: target address is multicast.\n");
897 if (ipv6_addr_is_multicast(daddr
) &&
898 msg
->icmph
.icmp6_solicited
) {
899 ND_PRINTK2(KERN_WARNING
900 "ICMPv6 NA: solicited NA is multicasted.\n");
904 if (!ndisc_parse_options(msg
->opt
, ndoptlen
, &ndopts
)) {
905 ND_PRINTK2(KERN_WARNING
906 "ICMPv6 NS: invalid ND option\n");
909 if (ndopts
.nd_opts_tgt_lladdr
) {
910 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_tgt_lladdr
, dev
);
912 ND_PRINTK2(KERN_WARNING
913 "ICMPv6 NA: invalid link-layer address length\n");
917 if ((ifp
= ipv6_get_ifaddr(&init_net
, &msg
->target
, dev
, 1))) {
918 if (ifp
->flags
& IFA_F_TENTATIVE
) {
919 addrconf_dad_failure(ifp
);
922 /* What should we make now? The advertisement
923 is invalid, but ndisc specs say nothing
924 about it. It could be misconfiguration, or
925 an smart proxy agent tries to help us :-)
927 ND_PRINTK1(KERN_WARNING
928 "ICMPv6 NA: someone advertises our address on %s!\n",
929 ifp
->idev
->dev
->name
);
933 neigh
= neigh_lookup(&nd_tbl
, &msg
->target
, dev
);
936 u8 old_flags
= neigh
->flags
;
938 if (neigh
->nud_state
& NUD_FAILED
)
942 * Don't update the neighbor cache entry on a proxy NA from
943 * ourselves because either the proxied node is off link or it
944 * has already sent a NA to us.
946 if (lladdr
&& !memcmp(lladdr
, dev
->dev_addr
, dev
->addr_len
) &&
947 ipv6_devconf
.forwarding
&& ipv6_devconf
.proxy_ndp
&&
948 pneigh_lookup(&nd_tbl
, &init_net
, &msg
->target
, dev
, 0)) {
949 /* XXX: idev->cnf.prixy_ndp */
953 neigh_update(neigh
, lladdr
,
954 msg
->icmph
.icmp6_solicited
? NUD_REACHABLE
: NUD_STALE
,
955 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
956 (msg
->icmph
.icmp6_override
? NEIGH_UPDATE_F_OVERRIDE
: 0)|
957 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
958 (msg
->icmph
.icmp6_router
? NEIGH_UPDATE_F_ISROUTER
: 0));
960 if ((old_flags
& ~neigh
->flags
) & NTF_ROUTER
) {
962 * Change: router to host
965 rt
= rt6_get_dflt_router(saddr
, dev
);
971 neigh_release(neigh
);
975 static void ndisc_recv_rs(struct sk_buff
*skb
)
977 struct rs_msg
*rs_msg
= (struct rs_msg
*)skb_transport_header(skb
);
978 unsigned long ndoptlen
= skb
->len
- sizeof(*rs_msg
);
979 struct neighbour
*neigh
;
980 struct inet6_dev
*idev
;
981 struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
982 struct ndisc_options ndopts
;
985 if (skb
->len
< sizeof(*rs_msg
))
988 idev
= in6_dev_get(skb
->dev
);
991 ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
995 /* Don't accept RS if we're not in router mode */
996 if (!idev
->cnf
.forwarding
)
1000 * Don't update NCE if src = ::;
1001 * this implies that the source node has no ip address assigned yet.
1003 if (ipv6_addr_any(saddr
))
1006 /* Parse ND options */
1007 if (!ndisc_parse_options(rs_msg
->opt
, ndoptlen
, &ndopts
)) {
1008 if (net_ratelimit())
1009 ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
1013 if (ndopts
.nd_opts_src_lladdr
) {
1014 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
1020 neigh
= __neigh_lookup(&nd_tbl
, saddr
, skb
->dev
, 1);
1022 neigh_update(neigh
, lladdr
, NUD_STALE
,
1023 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1024 NEIGH_UPDATE_F_OVERRIDE
|
1025 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
);
1026 neigh_release(neigh
);
1032 static void ndisc_ra_useropt(struct sk_buff
*ra
, struct nd_opt_hdr
*opt
)
1034 struct icmp6hdr
*icmp6h
= (struct icmp6hdr
*)skb_transport_header(ra
);
1035 struct sk_buff
*skb
;
1036 struct nlmsghdr
*nlh
;
1037 struct nduseroptmsg
*ndmsg
;
1039 int base_size
= NLMSG_ALIGN(sizeof(struct nduseroptmsg
)
1040 + (opt
->nd_opt_len
<< 3));
1041 size_t msg_size
= base_size
+ nla_total_size(sizeof(struct in6_addr
));
1043 skb
= nlmsg_new(msg_size
, GFP_ATOMIC
);
1049 nlh
= nlmsg_put(skb
, 0, 0, RTM_NEWNDUSEROPT
, base_size
, 0);
1051 goto nla_put_failure
;
1054 ndmsg
= nlmsg_data(nlh
);
1055 ndmsg
->nduseropt_family
= AF_INET6
;
1056 ndmsg
->nduseropt_ifindex
= ra
->dev
->ifindex
;
1057 ndmsg
->nduseropt_icmp_type
= icmp6h
->icmp6_type
;
1058 ndmsg
->nduseropt_icmp_code
= icmp6h
->icmp6_code
;
1059 ndmsg
->nduseropt_opts_len
= opt
->nd_opt_len
<< 3;
1061 memcpy(ndmsg
+ 1, opt
, opt
->nd_opt_len
<< 3);
1063 NLA_PUT(skb
, NDUSEROPT_SRCADDR
, sizeof(struct in6_addr
),
1064 &ipv6_hdr(ra
)->saddr
);
1065 nlmsg_end(skb
, nlh
);
1067 err
= rtnl_notify(skb
, &init_net
, 0, RTNLGRP_ND_USEROPT
, NULL
,
1078 rtnl_set_sk_err(&init_net
, RTNLGRP_ND_USEROPT
, err
);
1081 static void ndisc_router_discovery(struct sk_buff
*skb
)
1083 struct ra_msg
*ra_msg
= (struct ra_msg
*)skb_transport_header(skb
);
1084 struct neighbour
*neigh
= NULL
;
1085 struct inet6_dev
*in6_dev
;
1086 struct rt6_info
*rt
= NULL
;
1088 struct ndisc_options ndopts
;
1090 unsigned int pref
= 0;
1092 __u8
* opt
= (__u8
*)(ra_msg
+ 1);
1094 optlen
= (skb
->tail
- skb
->transport_header
) - sizeof(struct ra_msg
);
1096 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1097 ND_PRINTK2(KERN_WARNING
1098 "ICMPv6 RA: source address is not link-local.\n");
1102 ND_PRINTK2(KERN_WARNING
1103 "ICMPv6 RA: packet too short\n");
1108 * set the RA_RECV flag in the interface
1111 in6_dev
= in6_dev_get(skb
->dev
);
1112 if (in6_dev
== NULL
) {
1114 "ICMPv6 RA: can't find inet6 device for %s.\n",
1118 if (in6_dev
->cnf
.forwarding
|| !in6_dev
->cnf
.accept_ra
) {
1119 in6_dev_put(in6_dev
);
1123 if (!ndisc_parse_options(opt
, optlen
, &ndopts
)) {
1124 in6_dev_put(in6_dev
);
1125 ND_PRINTK2(KERN_WARNING
1126 "ICMP6 RA: invalid ND options\n");
1130 if (in6_dev
->if_flags
& IF_RS_SENT
) {
1132 * flag that an RA was received after an RS was sent
1133 * out on this interface.
1135 in6_dev
->if_flags
|= IF_RA_RCVD
;
1139 * Remember the managed/otherconf flags from most recently
1140 * received RA message (RFC 2462) -- yoshfuji
1142 in6_dev
->if_flags
= (in6_dev
->if_flags
& ~(IF_RA_MANAGED
|
1144 (ra_msg
->icmph
.icmp6_addrconf_managed
?
1145 IF_RA_MANAGED
: 0) |
1146 (ra_msg
->icmph
.icmp6_addrconf_other
?
1147 IF_RA_OTHERCONF
: 0);
1149 if (!in6_dev
->cnf
.accept_ra_defrtr
)
1152 lifetime
= ntohs(ra_msg
->icmph
.icmp6_rt_lifetime
);
1154 #ifdef CONFIG_IPV6_ROUTER_PREF
1155 pref
= ra_msg
->icmph
.icmp6_router_pref
;
1156 /* 10b is handled as if it were 00b (medium) */
1157 if (pref
== ICMPV6_ROUTER_PREF_INVALID
||
1158 !in6_dev
->cnf
.accept_ra_rtr_pref
)
1159 pref
= ICMPV6_ROUTER_PREF_MEDIUM
;
1162 rt
= rt6_get_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
);
1165 neigh
= rt
->rt6i_nexthop
;
1167 if (rt
&& lifetime
== 0) {
1173 if (rt
== NULL
&& lifetime
) {
1174 ND_PRINTK3(KERN_DEBUG
1175 "ICMPv6 RA: adding default router.\n");
1177 rt
= rt6_add_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
, pref
);
1180 "ICMPv6 RA: %s() failed to add default route.\n",
1182 in6_dev_put(in6_dev
);
1186 neigh
= rt
->rt6i_nexthop
;
1187 if (neigh
== NULL
) {
1189 "ICMPv6 RA: %s() got default router without neighbour.\n",
1191 dst_release(&rt
->u
.dst
);
1192 in6_dev_put(in6_dev
);
1195 neigh
->flags
|= NTF_ROUTER
;
1197 rt
->rt6i_flags
|= (rt
->rt6i_flags
& ~RTF_PREF_MASK
) | RTF_PREF(pref
);
1201 rt
->rt6i_expires
= jiffies
+ (HZ
* lifetime
);
1203 if (ra_msg
->icmph
.icmp6_hop_limit
) {
1204 in6_dev
->cnf
.hop_limit
= ra_msg
->icmph
.icmp6_hop_limit
;
1206 rt
->u
.dst
.metrics
[RTAX_HOPLIMIT
-1] = ra_msg
->icmph
.icmp6_hop_limit
;
1212 * Update Reachable Time and Retrans Timer
1215 if (in6_dev
->nd_parms
) {
1216 unsigned long rtime
= ntohl(ra_msg
->retrans_timer
);
1218 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/HZ
) {
1219 rtime
= (rtime
*HZ
)/1000;
1222 in6_dev
->nd_parms
->retrans_time
= rtime
;
1223 in6_dev
->tstamp
= jiffies
;
1224 inet6_ifinfo_notify(RTM_NEWLINK
, in6_dev
);
1227 rtime
= ntohl(ra_msg
->reachable_time
);
1228 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/(3*HZ
)) {
1229 rtime
= (rtime
*HZ
)/1000;
1234 if (rtime
!= in6_dev
->nd_parms
->base_reachable_time
) {
1235 in6_dev
->nd_parms
->base_reachable_time
= rtime
;
1236 in6_dev
->nd_parms
->gc_staletime
= 3 * rtime
;
1237 in6_dev
->nd_parms
->reachable_time
= neigh_rand_reach_time(rtime
);
1238 in6_dev
->tstamp
= jiffies
;
1239 inet6_ifinfo_notify(RTM_NEWLINK
, in6_dev
);
1249 neigh
= __neigh_lookup(&nd_tbl
, &ipv6_hdr(skb
)->saddr
,
1253 if (ndopts
.nd_opts_src_lladdr
) {
1254 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
1257 ND_PRINTK2(KERN_WARNING
1258 "ICMPv6 RA: invalid link-layer address length\n");
1262 neigh_update(neigh
, lladdr
, NUD_STALE
,
1263 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1264 NEIGH_UPDATE_F_OVERRIDE
|
1265 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
1266 NEIGH_UPDATE_F_ISROUTER
);
1269 #ifdef CONFIG_IPV6_ROUTE_INFO
1270 if (in6_dev
->cnf
.accept_ra_rtr_pref
&& ndopts
.nd_opts_ri
) {
1271 struct nd_opt_hdr
*p
;
1272 for (p
= ndopts
.nd_opts_ri
;
1274 p
= ndisc_next_option(p
, ndopts
.nd_opts_ri_end
)) {
1275 if (((struct route_info
*)p
)->prefix_len
> in6_dev
->cnf
.accept_ra_rt_info_max_plen
)
1277 rt6_route_rcv(skb
->dev
, (u8
*)p
, (p
->nd_opt_len
) << 3,
1278 &ipv6_hdr(skb
)->saddr
);
1283 if (in6_dev
->cnf
.accept_ra_pinfo
&& ndopts
.nd_opts_pi
) {
1284 struct nd_opt_hdr
*p
;
1285 for (p
= ndopts
.nd_opts_pi
;
1287 p
= ndisc_next_option(p
, ndopts
.nd_opts_pi_end
)) {
1288 addrconf_prefix_rcv(skb
->dev
, (u8
*)p
, (p
->nd_opt_len
) << 3);
1292 if (ndopts
.nd_opts_mtu
) {
1296 memcpy(&n
, ((u8
*)(ndopts
.nd_opts_mtu
+1))+2, sizeof(mtu
));
1299 if (mtu
< IPV6_MIN_MTU
|| mtu
> skb
->dev
->mtu
) {
1300 ND_PRINTK2(KERN_WARNING
1301 "ICMPv6 RA: invalid mtu: %d\n",
1303 } else if (in6_dev
->cnf
.mtu6
!= mtu
) {
1304 in6_dev
->cnf
.mtu6
= mtu
;
1307 rt
->u
.dst
.metrics
[RTAX_MTU
-1] = mtu
;
1309 rt6_mtu_change(skb
->dev
, mtu
);
1313 if (ndopts
.nd_useropts
) {
1314 struct nd_opt_hdr
*p
;
1315 for (p
= ndopts
.nd_useropts
;
1317 p
= ndisc_next_useropt(p
, ndopts
.nd_useropts_end
)) {
1318 ndisc_ra_useropt(skb
, p
);
1322 if (ndopts
.nd_opts_tgt_lladdr
|| ndopts
.nd_opts_rh
) {
1323 ND_PRINTK2(KERN_WARNING
1324 "ICMPv6 RA: invalid RA options");
1328 dst_release(&rt
->u
.dst
);
1330 neigh_release(neigh
);
1331 in6_dev_put(in6_dev
);
1334 static void ndisc_redirect_rcv(struct sk_buff
*skb
)
1336 struct inet6_dev
*in6_dev
;
1337 struct icmp6hdr
*icmph
;
1338 struct in6_addr
*dest
;
1339 struct in6_addr
*target
; /* new first hop to destination */
1340 struct neighbour
*neigh
;
1342 struct ndisc_options ndopts
;
1346 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1347 ND_PRINTK2(KERN_WARNING
1348 "ICMPv6 Redirect: source address is not link-local.\n");
1352 optlen
= skb
->tail
- skb
->transport_header
;
1353 optlen
-= sizeof(struct icmp6hdr
) + 2 * sizeof(struct in6_addr
);
1356 ND_PRINTK2(KERN_WARNING
1357 "ICMPv6 Redirect: packet too short\n");
1361 icmph
= icmp6_hdr(skb
);
1362 target
= (struct in6_addr
*) (icmph
+ 1);
1365 if (ipv6_addr_is_multicast(dest
)) {
1366 ND_PRINTK2(KERN_WARNING
1367 "ICMPv6 Redirect: destination address is multicast.\n");
1371 if (ipv6_addr_equal(dest
, target
)) {
1373 } else if (ipv6_addr_type(target
) !=
1374 (IPV6_ADDR_UNICAST
|IPV6_ADDR_LINKLOCAL
)) {
1375 ND_PRINTK2(KERN_WARNING
1376 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1380 in6_dev
= in6_dev_get(skb
->dev
);
1383 if (in6_dev
->cnf
.forwarding
|| !in6_dev
->cnf
.accept_redirects
) {
1384 in6_dev_put(in6_dev
);
1389 * The IP source address of the Redirect MUST be the same as the current
1390 * first-hop router for the specified ICMP Destination Address.
1393 if (!ndisc_parse_options((u8
*)(dest
+ 1), optlen
, &ndopts
)) {
1394 ND_PRINTK2(KERN_WARNING
1395 "ICMPv6 Redirect: invalid ND options\n");
1396 in6_dev_put(in6_dev
);
1399 if (ndopts
.nd_opts_tgt_lladdr
) {
1400 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_tgt_lladdr
,
1403 ND_PRINTK2(KERN_WARNING
1404 "ICMPv6 Redirect: invalid link-layer address length\n");
1405 in6_dev_put(in6_dev
);
1410 neigh
= __neigh_lookup(&nd_tbl
, target
, skb
->dev
, 1);
1412 rt6_redirect(dest
, &ipv6_hdr(skb
)->daddr
,
1413 &ipv6_hdr(skb
)->saddr
, neigh
, lladdr
,
1415 neigh_release(neigh
);
1417 in6_dev_put(in6_dev
);
1420 void ndisc_send_redirect(struct sk_buff
*skb
, struct neighbour
*neigh
,
1421 struct in6_addr
*target
)
1423 struct sock
*sk
= ndisc_socket
->sk
;
1424 int len
= sizeof(struct icmp6hdr
) + 2 * sizeof(struct in6_addr
);
1425 struct sk_buff
*buff
;
1426 struct icmp6hdr
*icmph
;
1427 struct in6_addr saddr_buf
;
1428 struct in6_addr
*addrp
;
1429 struct net_device
*dev
;
1430 struct rt6_info
*rt
;
1431 struct dst_entry
*dst
;
1432 struct inet6_dev
*idev
;
1437 u8 ha_buf
[MAX_ADDR_LEN
], *ha
= NULL
;
1441 if (ipv6_get_lladdr(dev
, &saddr_buf
, IFA_F_TENTATIVE
)) {
1442 ND_PRINTK2(KERN_WARNING
1443 "ICMPv6 Redirect: no link-local address on %s\n",
1448 if (!ipv6_addr_equal(&ipv6_hdr(skb
)->daddr
, target
) &&
1449 ipv6_addr_type(target
) != (IPV6_ADDR_UNICAST
|IPV6_ADDR_LINKLOCAL
)) {
1450 ND_PRINTK2(KERN_WARNING
1451 "ICMPv6 Redirect: target address is not link-local unicast.\n");
1455 ndisc_flow_init(&fl
, NDISC_REDIRECT
, &saddr_buf
, &ipv6_hdr(skb
)->saddr
,
1458 dst
= ip6_route_output(NULL
, &fl
);
1462 err
= xfrm_lookup(&dst
, &fl
, NULL
, 0);
1466 rt
= (struct rt6_info
*) dst
;
1468 if (rt
->rt6i_flags
& RTF_GATEWAY
) {
1469 ND_PRINTK2(KERN_WARNING
1470 "ICMPv6 Redirect: destination is not a neighbour.\n");
1474 if (!xrlim_allow(dst
, 1*HZ
)) {
1479 if (dev
->addr_len
) {
1480 read_lock_bh(&neigh
->lock
);
1481 if (neigh
->nud_state
& NUD_VALID
) {
1482 memcpy(ha_buf
, neigh
->ha
, dev
->addr_len
);
1483 read_unlock_bh(&neigh
->lock
);
1485 len
+= ndisc_opt_addr_space(dev
);
1487 read_unlock_bh(&neigh
->lock
);
1490 rd_len
= min_t(unsigned int,
1491 IPV6_MIN_MTU
-sizeof(struct ipv6hdr
)-len
, skb
->len
+ 8);
1495 buff
= sock_alloc_send_skb(sk
,
1496 (MAX_HEADER
+ sizeof(struct ipv6hdr
) +
1497 len
+ LL_RESERVED_SPACE(dev
)),
1501 "ICMPv6 Redirect: %s() failed to allocate an skb.\n",
1508 skb_reserve(buff
, LL_RESERVED_SPACE(dev
));
1509 ip6_nd_hdr(sk
, buff
, dev
, &saddr_buf
, &ipv6_hdr(skb
)->saddr
,
1510 IPPROTO_ICMPV6
, len
);
1512 skb_set_transport_header(buff
, skb_tail_pointer(buff
) - buff
->data
);
1514 icmph
= icmp6_hdr(buff
);
1516 memset(icmph
, 0, sizeof(struct icmp6hdr
));
1517 icmph
->icmp6_type
= NDISC_REDIRECT
;
1520 * copy target and destination addresses
1523 addrp
= (struct in6_addr
*)(icmph
+ 1);
1524 ipv6_addr_copy(addrp
, target
);
1526 ipv6_addr_copy(addrp
, &ipv6_hdr(skb
)->daddr
);
1528 opt
= (u8
*) (addrp
+ 1);
1531 * include target_address option
1535 opt
= ndisc_fill_addr_option(opt
, ND_OPT_TARGET_LL_ADDR
, ha
,
1536 dev
->addr_len
, dev
->type
);
1539 * build redirect option and copy skb over to the new packet.
1543 *(opt
++) = ND_OPT_REDIRECT_HDR
;
1544 *(opt
++) = (rd_len
>> 3);
1547 memcpy(opt
, ipv6_hdr(skb
), rd_len
- 8);
1549 icmph
->icmp6_cksum
= csum_ipv6_magic(&saddr_buf
, &ipv6_hdr(skb
)->saddr
,
1550 len
, IPPROTO_ICMPV6
,
1551 csum_partial((u8
*) icmph
, len
, 0));
1554 idev
= in6_dev_get(dst
->dev
);
1555 IP6_INC_STATS(idev
, IPSTATS_MIB_OUTREQUESTS
);
1556 err
= NF_HOOK(PF_INET6
, NF_INET_LOCAL_OUT
, buff
, NULL
, dst
->dev
,
1559 ICMP6MSGOUT_INC_STATS(idev
, NDISC_REDIRECT
);
1560 ICMP6_INC_STATS(idev
, ICMP6_MIB_OUTMSGS
);
1563 if (likely(idev
!= NULL
))
1567 static void pndisc_redo(struct sk_buff
*skb
)
1573 int ndisc_rcv(struct sk_buff
*skb
)
1577 if (!pskb_may_pull(skb
, skb
->len
))
1580 msg
= (struct nd_msg
*)skb_transport_header(skb
);
1582 __skb_push(skb
, skb
->data
- skb_transport_header(skb
));
1584 if (ipv6_hdr(skb
)->hop_limit
!= 255) {
1585 ND_PRINTK2(KERN_WARNING
1586 "ICMPv6 NDISC: invalid hop-limit: %d\n",
1587 ipv6_hdr(skb
)->hop_limit
);
1591 if (msg
->icmph
.icmp6_code
!= 0) {
1592 ND_PRINTK2(KERN_WARNING
1593 "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1594 msg
->icmph
.icmp6_code
);
1598 memset(NEIGH_CB(skb
), 0, sizeof(struct neighbour_cb
));
1600 switch (msg
->icmph
.icmp6_type
) {
1601 case NDISC_NEIGHBOUR_SOLICITATION
:
1605 case NDISC_NEIGHBOUR_ADVERTISEMENT
:
1609 case NDISC_ROUTER_SOLICITATION
:
1613 case NDISC_ROUTER_ADVERTISEMENT
:
1614 ndisc_router_discovery(skb
);
1617 case NDISC_REDIRECT
:
1618 ndisc_redirect_rcv(skb
);
1625 static int ndisc_netdev_event(struct notifier_block
*this, unsigned long event
, void *ptr
)
1627 struct net_device
*dev
= ptr
;
1629 if (dev
->nd_net
!= &init_net
)
1633 case NETDEV_CHANGEADDR
:
1634 neigh_changeaddr(&nd_tbl
, dev
);
1638 neigh_ifdown(&nd_tbl
, dev
);
1648 static struct notifier_block ndisc_netdev_notifier
= {
1649 .notifier_call
= ndisc_netdev_event
,
1652 #ifdef CONFIG_SYSCTL
1653 static void ndisc_warn_deprecated_sysctl(struct ctl_table
*ctl
,
1654 const char *func
, const char *dev_name
)
1656 static char warncomm
[TASK_COMM_LEN
];
1658 if (strcmp(warncomm
, current
->comm
) && warned
< 5) {
1659 strcpy(warncomm
, current
->comm
);
1661 "process `%s' is using deprecated sysctl (%s) "
1662 "net.ipv6.neigh.%s.%s; "
1663 "Use net.ipv6.neigh.%s.%s_ms "
1666 dev_name
, ctl
->procname
,
1667 dev_name
, ctl
->procname
);
1672 int ndisc_ifinfo_sysctl_change(struct ctl_table
*ctl
, int write
, struct file
* filp
, void __user
*buffer
, size_t *lenp
, loff_t
*ppos
)
1674 struct net_device
*dev
= ctl
->extra1
;
1675 struct inet6_dev
*idev
;
1678 if ((strcmp(ctl
->procname
, "retrans_time") == 0) ||
1679 (strcmp(ctl
->procname
, "base_reachable_time") == 0))
1680 ndisc_warn_deprecated_sysctl(ctl
, "syscall", dev
? dev
->name
: "default");
1682 if (strcmp(ctl
->procname
, "retrans_time") == 0)
1683 ret
= proc_dointvec(ctl
, write
, filp
, buffer
, lenp
, ppos
);
1685 else if (strcmp(ctl
->procname
, "base_reachable_time") == 0)
1686 ret
= proc_dointvec_jiffies(ctl
, write
,
1687 filp
, buffer
, lenp
, ppos
);
1689 else if ((strcmp(ctl
->procname
, "retrans_time_ms") == 0) ||
1690 (strcmp(ctl
->procname
, "base_reachable_time_ms") == 0))
1691 ret
= proc_dointvec_ms_jiffies(ctl
, write
,
1692 filp
, buffer
, lenp
, ppos
);
1696 if (write
&& ret
== 0 && dev
&& (idev
= in6_dev_get(dev
)) != NULL
) {
1697 if (ctl
->data
== &idev
->nd_parms
->base_reachable_time
)
1698 idev
->nd_parms
->reachable_time
= neigh_rand_reach_time(idev
->nd_parms
->base_reachable_time
);
1699 idev
->tstamp
= jiffies
;
1700 inet6_ifinfo_notify(RTM_NEWLINK
, idev
);
1706 static int ndisc_ifinfo_sysctl_strategy(ctl_table
*ctl
, int __user
*name
,
1707 int nlen
, void __user
*oldval
,
1708 size_t __user
*oldlenp
,
1709 void __user
*newval
, size_t newlen
)
1711 struct net_device
*dev
= ctl
->extra1
;
1712 struct inet6_dev
*idev
;
1715 if (ctl
->ctl_name
== NET_NEIGH_RETRANS_TIME
||
1716 ctl
->ctl_name
== NET_NEIGH_REACHABLE_TIME
)
1717 ndisc_warn_deprecated_sysctl(ctl
, "procfs", dev
? dev
->name
: "default");
1719 switch (ctl
->ctl_name
) {
1720 case NET_NEIGH_REACHABLE_TIME
:
1721 ret
= sysctl_jiffies(ctl
, name
, nlen
,
1722 oldval
, oldlenp
, newval
, newlen
);
1724 case NET_NEIGH_RETRANS_TIME_MS
:
1725 case NET_NEIGH_REACHABLE_TIME_MS
:
1726 ret
= sysctl_ms_jiffies(ctl
, name
, nlen
,
1727 oldval
, oldlenp
, newval
, newlen
);
1733 if (newval
&& newlen
&& ret
> 0 &&
1734 dev
&& (idev
= in6_dev_get(dev
)) != NULL
) {
1735 if (ctl
->ctl_name
== NET_NEIGH_REACHABLE_TIME
||
1736 ctl
->ctl_name
== NET_NEIGH_REACHABLE_TIME_MS
)
1737 idev
->nd_parms
->reachable_time
= neigh_rand_reach_time(idev
->nd_parms
->base_reachable_time
);
1738 idev
->tstamp
= jiffies
;
1739 inet6_ifinfo_notify(RTM_NEWLINK
, idev
);
1748 int __init
ndisc_init(struct net_proto_family
*ops
)
1750 struct ipv6_pinfo
*np
;
1754 err
= sock_create_kern(PF_INET6
, SOCK_RAW
, IPPROTO_ICMPV6
, &ndisc_socket
);
1757 "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1759 ndisc_socket
= NULL
; /* For safety. */
1763 sk
= ndisc_socket
->sk
;
1765 sk
->sk_allocation
= GFP_ATOMIC
;
1766 np
->hop_limit
= 255;
1767 /* Do not loopback ndisc messages */
1769 sk
->sk_prot
->unhash(sk
);
1772 * Initialize the neighbour table
1775 neigh_table_init(&nd_tbl
);
1777 #ifdef CONFIG_SYSCTL
1778 neigh_sysctl_register(NULL
, &nd_tbl
.parms
, NET_IPV6
, NET_IPV6_NEIGH
,
1780 &ndisc_ifinfo_sysctl_change
,
1781 &ndisc_ifinfo_sysctl_strategy
);
1784 register_netdevice_notifier(&ndisc_netdev_notifier
);
1788 void ndisc_cleanup(void)
1790 unregister_netdevice_notifier(&ndisc_netdev_notifier
);
1791 #ifdef CONFIG_SYSCTL
1792 neigh_sysctl_unregister(&nd_tbl
.parms
);
1794 neigh_table_clear(&nd_tbl
);
1795 sock_release(ndisc_socket
);
1796 ndisc_socket
= NULL
; /* For safety. */