search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
x86/speculation/mds: Fix documentation typo
[linux/fpc-iii.git] / net / ipv6 / ndisc.c
blob5f80e57e93ed9974b49c9d1975eac78eb1a2de56
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
22 * of an RA.
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
28 */
29
30 #define pr_fmt(fmt) "ICMPv6: " fmt
31
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
44 #ifdef CONFIG_SYSCTL
45 #include <linux/sysctl.h>
46 #endif
47
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
53
54 #include <net/sock.h>
55 #include <net/snmp.h>
56
57 #include <net/ipv6.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
62 #include <net/icmp.h>
63
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
66
67 #include <net/flow.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
71
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
74
75 static u32 ndisc_hash(const void *pkey,
76 const struct net_device *dev,
77 __u32 *hash_rnd);
78 static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey);
79 static int ndisc_constructor(struct neighbour *neigh);
80 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
81 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
82 static int pndisc_constructor(struct pneigh_entry *n);
83 static void pndisc_destructor(struct pneigh_entry *n);
84 static void pndisc_redo(struct sk_buff *skb);
85
86 static const struct neigh_ops ndisc_generic_ops = {
87 .family = AF_INET6,
88 .solicit = ndisc_solicit,
89 .error_report = ndisc_error_report,
90 .output = neigh_resolve_output,
91 .connected_output = neigh_connected_output,
92 };
93
94 static const struct neigh_ops ndisc_hh_ops = {
95 .family = AF_INET6,
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_resolve_output,
100 };
101
102
103 static const struct neigh_ops ndisc_direct_ops = {
104 .family = AF_INET6,
105 .output = neigh_direct_output,
106 .connected_output = neigh_direct_output,
107 };
108
109 struct neigh_table nd_tbl = {
110 .family = AF_INET6,
111 .key_len = sizeof(struct in6_addr),
112 .protocol = cpu_to_be16(ETH_P_IPV6),
113 .hash = ndisc_hash,
114 .key_eq = ndisc_key_eq,
115 .constructor = ndisc_constructor,
116 .pconstructor = pndisc_constructor,
117 .pdestructor = pndisc_destructor,
118 .proxy_redo = pndisc_redo,
119 .id = "ndisc_cache",
120 .parms = {
121 .tbl = &nd_tbl,
122 .reachable_time = ND_REACHABLE_TIME,
123 .data = {
124 [NEIGH_VAR_MCAST_PROBES] = 3,
125 [NEIGH_VAR_UCAST_PROBES] = 3,
126 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
127 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
128 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
129 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
130 [NEIGH_VAR_QUEUE_LEN_BYTES] = SK_WMEM_MAX,
131 [NEIGH_VAR_PROXY_QLEN] = 64,
132 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
133 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
134 },
135 },
136 .gc_interval = 30 * HZ,
137 .gc_thresh1 = 128,
138 .gc_thresh2 = 512,
139 .gc_thresh3 = 1024,
140 };
141 EXPORT_SYMBOL_GPL(nd_tbl);
142
143 void __ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data,
144 int data_len, int pad)
145 {
146 int space = __ndisc_opt_addr_space(data_len, pad);
147 u8 *opt = skb_put(skb, space);
148
149 opt[0] = type;
150 opt[1] = space>>3;
151
152 memset(opt + 2, 0, pad);
153 opt += pad;
154 space -= pad;
155
156 memcpy(opt+2, data, data_len);
157 data_len += 2;
158 opt += data_len;
159 space -= data_len;
160 if (space > 0)
161 memset(opt, 0, space);
162 }
163 EXPORT_SYMBOL_GPL(__ndisc_fill_addr_option);
164
165 static inline void ndisc_fill_addr_option(struct sk_buff *skb, int type,
166 void *data, u8 icmp6_type)
167 {
168 __ndisc_fill_addr_option(skb, type, data, skb->dev->addr_len,
169 ndisc_addr_option_pad(skb->dev->type));
170 ndisc_ops_fill_addr_option(skb->dev, skb, icmp6_type);
171 }
172
173 static inline void ndisc_fill_redirect_addr_option(struct sk_buff *skb,
174 void *ha,
175 const u8 *ops_data)
176 {
177 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR, ha, NDISC_REDIRECT);
178 ndisc_ops_fill_redirect_addr_option(skb->dev, skb, ops_data);
179 }
180
181 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
182 struct nd_opt_hdr *end)
183 {
184 int type;
185 if (!cur || !end || cur >= end)
186 return NULL;
187 type = cur->nd_opt_type;
188 do {
189 cur = ((void *)cur) + (cur->nd_opt_len << 3);
190 } while (cur < end && cur->nd_opt_type != type);
191 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
192 }
193
194 static inline int ndisc_is_useropt(const struct net_device *dev,
195 struct nd_opt_hdr *opt)
196 {
197 return opt->nd_opt_type == ND_OPT_RDNSS ||
198 opt->nd_opt_type == ND_OPT_DNSSL ||
199 ndisc_ops_is_useropt(dev, opt->nd_opt_type);
200 }
201
202 static struct nd_opt_hdr *ndisc_next_useropt(const struct net_device *dev,
203 struct nd_opt_hdr *cur,
204 struct nd_opt_hdr *end)
205 {
206 if (!cur || !end || cur >= end)
207 return NULL;
208 do {
209 cur = ((void *)cur) + (cur->nd_opt_len << 3);
210 } while (cur < end && !ndisc_is_useropt(dev, cur));
211 return cur <= end && ndisc_is_useropt(dev, cur) ? cur : NULL;
212 }
213
214 struct ndisc_options *ndisc_parse_options(const struct net_device *dev,
215 u8 *opt, int opt_len,
216 struct ndisc_options *ndopts)
217 {
218 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
219
220 if (!nd_opt || opt_len < 0 || !ndopts)
221 return NULL;
222 memset(ndopts, 0, sizeof(*ndopts));
223 while (opt_len) {
224 int l;
225 if (opt_len < sizeof(struct nd_opt_hdr))
226 return NULL;
227 l = nd_opt->nd_opt_len << 3;
228 if (opt_len < l || l == 0)
229 return NULL;
230 if (ndisc_ops_parse_options(dev, nd_opt, ndopts))
231 goto next_opt;
232 switch (nd_opt->nd_opt_type) {
233 case ND_OPT_SOURCE_LL_ADDR:
234 case ND_OPT_TARGET_LL_ADDR:
235 case ND_OPT_MTU:
236 case ND_OPT_NONCE:
237 case ND_OPT_REDIRECT_HDR:
238 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
239 ND_PRINTK(2, warn,
240 "%s: duplicated ND6 option found: type=%d\n",
241 __func__, nd_opt->nd_opt_type);
242 } else {
243 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
244 }
245 break;
246 case ND_OPT_PREFIX_INFO:
247 ndopts->nd_opts_pi_end = nd_opt;
248 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
249 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
250 break;
251 #ifdef CONFIG_IPV6_ROUTE_INFO
252 case ND_OPT_ROUTE_INFO:
253 ndopts->nd_opts_ri_end = nd_opt;
254 if (!ndopts->nd_opts_ri)
255 ndopts->nd_opts_ri = nd_opt;
256 break;
257 #endif
258 default:
259 if (ndisc_is_useropt(dev, nd_opt)) {
260 ndopts->nd_useropts_end = nd_opt;
261 if (!ndopts->nd_useropts)
262 ndopts->nd_useropts = nd_opt;
263 } else {
264 /*
265 * Unknown options must be silently ignored,
266 * to accommodate future extension to the
267 * protocol.
268 */
269 ND_PRINTK(2, notice,
270 "%s: ignored unsupported option; type=%d, len=%d\n",
271 __func__,
272 nd_opt->nd_opt_type,
273 nd_opt->nd_opt_len);
274 }
275 }
276 next_opt:
277 opt_len -= l;
278 nd_opt = ((void *)nd_opt) + l;
279 }
280 return ndopts;
281 }
282
283 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
284 {
285 switch (dev->type) {
286 case ARPHRD_ETHER:
287 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
288 case ARPHRD_FDDI:
289 ipv6_eth_mc_map(addr, buf);
290 return 0;
291 case ARPHRD_ARCNET:
292 ipv6_arcnet_mc_map(addr, buf);
293 return 0;
294 case ARPHRD_INFINIBAND:
295 ipv6_ib_mc_map(addr, dev->broadcast, buf);
296 return 0;
297 case ARPHRD_IPGRE:
298 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
299 default:
300 if (dir) {
301 memcpy(buf, dev->broadcast, dev->addr_len);
302 return 0;
303 }
304 }
305 return -EINVAL;
306 }
307 EXPORT_SYMBOL(ndisc_mc_map);
308
309 static u32 ndisc_hash(const void *pkey,
310 const struct net_device *dev,
311 __u32 *hash_rnd)
312 {
313 return ndisc_hashfn(pkey, dev, hash_rnd);
314 }
315
316 static bool ndisc_key_eq(const struct neighbour *n, const void *pkey)
317 {
318 return neigh_key_eq128(n, pkey);
319 }
320
321 static int ndisc_constructor(struct neighbour *neigh)
322 {
323 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
324 struct net_device *dev = neigh->dev;
325 struct inet6_dev *in6_dev;
326 struct neigh_parms *parms;
327 bool is_multicast = ipv6_addr_is_multicast(addr);
328
329 in6_dev = in6_dev_get(dev);
330 if (!in6_dev) {
331 return -EINVAL;
332 }
333
334 parms = in6_dev->nd_parms;
335 __neigh_parms_put(neigh->parms);
336 neigh->parms = neigh_parms_clone(parms);
337
338 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
339 if (!dev->header_ops) {
340 neigh->nud_state = NUD_NOARP;
341 neigh->ops = &ndisc_direct_ops;
342 neigh->output = neigh_direct_output;
343 } else {
344 if (is_multicast) {
345 neigh->nud_state = NUD_NOARP;
346 ndisc_mc_map(addr, neigh->ha, dev, 1);
347 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
348 neigh->nud_state = NUD_NOARP;
349 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
350 if (dev->flags&IFF_LOOPBACK)
351 neigh->type = RTN_LOCAL;
352 } else if (dev->flags&IFF_POINTOPOINT) {
353 neigh->nud_state = NUD_NOARP;
354 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
355 }
356 if (dev->header_ops->cache)
357 neigh->ops = &ndisc_hh_ops;
358 else
359 neigh->ops = &ndisc_generic_ops;
360 if (neigh->nud_state&NUD_VALID)
361 neigh->output = neigh->ops->connected_output;
362 else
363 neigh->output = neigh->ops->output;
364 }
365 in6_dev_put(in6_dev);
366 return 0;
367 }
368
369 static int pndisc_constructor(struct pneigh_entry *n)
370 {
371 struct in6_addr *addr = (struct in6_addr *)&n->key;
372 struct in6_addr maddr;
373 struct net_device *dev = n->dev;
374
375 if (!dev || !__in6_dev_get(dev))
376 return -EINVAL;
377 addrconf_addr_solict_mult(addr, &maddr);
378 ipv6_dev_mc_inc(dev, &maddr);
379 return 0;
380 }
381
382 static void pndisc_destructor(struct pneigh_entry *n)
383 {
384 struct in6_addr *addr = (struct in6_addr *)&n->key;
385 struct in6_addr maddr;
386 struct net_device *dev = n->dev;
387
388 if (!dev || !__in6_dev_get(dev))
389 return;
390 addrconf_addr_solict_mult(addr, &maddr);
391 ipv6_dev_mc_dec(dev, &maddr);
392 }
393
394 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
395 int len)
396 {
397 int hlen = LL_RESERVED_SPACE(dev);
398 int tlen = dev->needed_tailroom;
399 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
400 struct sk_buff *skb;
401
402 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
403 if (!skb) {
404 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
405 __func__);
406 return NULL;
407 }
408
409 skb->protocol = htons(ETH_P_IPV6);
410 skb->dev = dev;
411
412 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
413 skb_reset_transport_header(skb);
414
415 /* Manually assign socket ownership as we avoid calling
416 * sock_alloc_send_pskb() to bypass wmem buffer limits
417 */
418 skb_set_owner_w(skb, sk);
419
420 return skb;
421 }
422
423 static void ip6_nd_hdr(struct sk_buff *skb,
424 const struct in6_addr *saddr,
425 const struct in6_addr *daddr,
426 int hop_limit, int len)
427 {
428 struct ipv6hdr *hdr;
429
430 skb_push(skb, sizeof(*hdr));
431 skb_reset_network_header(skb);
432 hdr = ipv6_hdr(skb);
433
434 ip6_flow_hdr(hdr, 0, 0);
435
436 hdr->payload_len = htons(len);
437 hdr->nexthdr = IPPROTO_ICMPV6;
438 hdr->hop_limit = hop_limit;
439
440 hdr->saddr = *saddr;
441 hdr->daddr = *daddr;
442 }
443
444 static void ndisc_send_skb(struct sk_buff *skb,
445 const struct in6_addr *daddr,
446 const struct in6_addr *saddr)
447 {
448 struct dst_entry *dst = skb_dst(skb);
449 struct net *net = dev_net(skb->dev);
450 struct sock *sk = net->ipv6.ndisc_sk;
451 struct inet6_dev *idev;
452 int err;
453 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
454 u8 type;
455
456 type = icmp6h->icmp6_type;
457
458 if (!dst) {
459 struct flowi6 fl6;
460 int oif = skb->dev->ifindex;
461
462 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, oif);
463 dst = icmp6_dst_alloc(skb->dev, &fl6);
464 if (IS_ERR(dst)) {
465 kfree_skb(skb);
466 return;
467 }
468
469 skb_dst_set(skb, dst);
470 }
471
472 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
473 IPPROTO_ICMPV6,
474 csum_partial(icmp6h,
475 skb->len, 0));
476
477 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
478
479 rcu_read_lock();
480 idev = __in6_dev_get(dst->dev);
481 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
482
483 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
484 net, sk, skb, NULL, dst->dev,
485 dst_output);
486 if (!err) {
487 ICMP6MSGOUT_INC_STATS(net, idev, type);
488 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
489 }
490
491 rcu_read_unlock();
492 }
493
494 void ndisc_send_na(struct net_device *dev, const struct in6_addr *daddr,
495 const struct in6_addr *solicited_addr,
496 bool router, bool solicited, bool override, bool inc_opt)
497 {
498 struct sk_buff *skb;
499 struct in6_addr tmpaddr;
500 struct inet6_ifaddr *ifp;
501 const struct in6_addr *src_addr;
502 struct nd_msg *msg;
503 int optlen = 0;
504
505 /* for anycast or proxy, solicited_addr != src_addr */
506 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
507 if (ifp) {
508 src_addr = solicited_addr;
509 if (ifp->flags & IFA_F_OPTIMISTIC)
510 override = false;
511 inc_opt |= ifp->idev->cnf.force_tllao;
512 in6_ifa_put(ifp);
513 } else {
514 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
515 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
516 &tmpaddr))
517 return;
518 src_addr = &tmpaddr;
519 }
520
521 if (!dev->addr_len)
522 inc_opt = 0;
523 if (inc_opt)
524 optlen += ndisc_opt_addr_space(dev,
525 NDISC_NEIGHBOUR_ADVERTISEMENT);
526
527 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
528 if (!skb)
529 return;
530
531 msg = skb_put(skb, sizeof(*msg));
532 *msg = (struct nd_msg) {
533 .icmph = {
534 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
535 .icmp6_router = router,
536 .icmp6_solicited = solicited,
537 .icmp6_override = override,
538 },
539 .target = *solicited_addr,
540 };
541
542 if (inc_opt)
543 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
544 dev->dev_addr,
545 NDISC_NEIGHBOUR_ADVERTISEMENT);
546
547 ndisc_send_skb(skb, daddr, src_addr);
548 }
549
550 static void ndisc_send_unsol_na(struct net_device *dev)
551 {
552 struct inet6_dev *idev;
553 struct inet6_ifaddr *ifa;
554
555 idev = in6_dev_get(dev);
556 if (!idev)
557 return;
558
559 read_lock_bh(&idev->lock);
560 list_for_each_entry(ifa, &idev->addr_list, if_list) {
561 /* skip tentative addresses until dad completes */
562 if (ifa->flags & IFA_F_TENTATIVE &&
563 !(ifa->flags & IFA_F_OPTIMISTIC))
564 continue;
565
566 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &ifa->addr,
567 /*router=*/ !!idev->cnf.forwarding,
568 /*solicited=*/ false, /*override=*/ true,
569 /*inc_opt=*/ true);
570 }
571 read_unlock_bh(&idev->lock);
572
573 in6_dev_put(idev);
574 }
575
576 void ndisc_send_ns(struct net_device *dev, const struct in6_addr *solicit,
577 const struct in6_addr *daddr, const struct in6_addr *saddr,
578 u64 nonce)
579 {
580 struct sk_buff *skb;
581 struct in6_addr addr_buf;
582 int inc_opt = dev->addr_len;
583 int optlen = 0;
584 struct nd_msg *msg;
585
586 if (!saddr) {
587 if (ipv6_get_lladdr(dev, &addr_buf,
588 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
589 return;
590 saddr = &addr_buf;
591 }
592
593 if (ipv6_addr_any(saddr))
594 inc_opt = false;
595 if (inc_opt)
596 optlen += ndisc_opt_addr_space(dev,
597 NDISC_NEIGHBOUR_SOLICITATION);
598 if (nonce != 0)
599 optlen += 8;
600
601 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
602 if (!skb)
603 return;
604
605 msg = skb_put(skb, sizeof(*msg));
606 *msg = (struct nd_msg) {
607 .icmph = {
608 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
609 },
610 .target = *solicit,
611 };
612
613 if (inc_opt)
614 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
615 dev->dev_addr,
616 NDISC_NEIGHBOUR_SOLICITATION);
617 if (nonce != 0) {
618 u8 *opt = skb_put(skb, 8);
619
620 opt[0] = ND_OPT_NONCE;
621 opt[1] = 8 >> 3;
622 memcpy(opt + 2, &nonce, 6);
623 }
624
625 ndisc_send_skb(skb, daddr, saddr);
626 }
627
628 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
629 const struct in6_addr *daddr)
630 {
631 struct sk_buff *skb;
632 struct rs_msg *msg;
633 int send_sllao = dev->addr_len;
634 int optlen = 0;
635
636 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
637 /*
638 * According to section 2.2 of RFC 4429, we must not
639 * send router solicitations with a sllao from
640 * optimistic addresses, but we may send the solicitation
641 * if we don't include the sllao. So here we check
642 * if our address is optimistic, and if so, we
643 * suppress the inclusion of the sllao.
644 */
645 if (send_sllao) {
646 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
647 dev, 1);
648 if (ifp) {
649 if (ifp->flags & IFA_F_OPTIMISTIC) {
650 send_sllao = 0;
651 }
652 in6_ifa_put(ifp);
653 } else {
654 send_sllao = 0;
655 }
656 }
657 #endif
658 if (send_sllao)
659 optlen += ndisc_opt_addr_space(dev, NDISC_ROUTER_SOLICITATION);
660
661 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
662 if (!skb)
663 return;
664
665 msg = skb_put(skb, sizeof(*msg));
666 *msg = (struct rs_msg) {
667 .icmph = {
668 .icmp6_type = NDISC_ROUTER_SOLICITATION,
669 },
670 };
671
672 if (send_sllao)
673 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
674 dev->dev_addr,
675 NDISC_ROUTER_SOLICITATION);
676
677 ndisc_send_skb(skb, daddr, saddr);
678 }
679
680
681 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
682 {
683 /*
684 * "The sender MUST return an ICMP
685 * destination unreachable"
686 */
687 dst_link_failure(skb);
688 kfree_skb(skb);
689 }
690
691 /* Called with locked neigh: either read or both */
692
693 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
694 {
695 struct in6_addr *saddr = NULL;
696 struct in6_addr mcaddr;
697 struct net_device *dev = neigh->dev;
698 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
699 int probes = atomic_read(&neigh->probes);
700
701 if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
702 dev, 1,
703 IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
704 saddr = &ipv6_hdr(skb)->saddr;
705 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
706 if (probes < 0) {
707 if (!(neigh->nud_state & NUD_VALID)) {
708 ND_PRINTK(1, dbg,
709 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
710 __func__, target);
711 }
712 ndisc_send_ns(dev, target, target, saddr, 0);
713 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
714 neigh_app_ns(neigh);
715 } else {
716 addrconf_addr_solict_mult(target, &mcaddr);
717 ndisc_send_ns(dev, target, &mcaddr, saddr, 0);
718 }
719 }
720
721 static int pndisc_is_router(const void *pkey,
722 struct net_device *dev)
723 {
724 struct pneigh_entry *n;
725 int ret = -1;
726
727 read_lock_bh(&nd_tbl.lock);
728 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
729 if (n)
730 ret = !!(n->flags & NTF_ROUTER);
731 read_unlock_bh(&nd_tbl.lock);
732
733 return ret;
734 }
735
736 void ndisc_update(const struct net_device *dev, struct neighbour *neigh,
737 const u8 *lladdr, u8 new, u32 flags, u8 icmp6_type,
738 struct ndisc_options *ndopts)
739 {
740 neigh_update(neigh, lladdr, new, flags, 0);
741 /* report ndisc ops about neighbour update */
742 ndisc_ops_update(dev, neigh, flags, icmp6_type, ndopts);
743 }
744
745 static void ndisc_recv_ns(struct sk_buff *skb)
746 {
747 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
748 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
749 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
750 u8 *lladdr = NULL;
751 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
752 offsetof(struct nd_msg, opt));
753 struct ndisc_options ndopts;
754 struct net_device *dev = skb->dev;
755 struct inet6_ifaddr *ifp;
756 struct inet6_dev *idev = NULL;
757 struct neighbour *neigh;
758 int dad = ipv6_addr_any(saddr);
759 bool inc;
760 int is_router = -1;
761 u64 nonce = 0;
762
763 if (skb->len < sizeof(struct nd_msg)) {
764 ND_PRINTK(2, warn, "NS: packet too short\n");
765 return;
766 }
767
768 if (ipv6_addr_is_multicast(&msg->target)) {
769 ND_PRINTK(2, warn, "NS: multicast target address\n");
770 return;
771 }
772
773 /*
774 * RFC2461 7.1.1:
775 * DAD has to be destined for solicited node multicast address.
776 */
777 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
778 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
779 return;
780 }
781
782 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
783 ND_PRINTK(2, warn, "NS: invalid ND options\n");
784 return;
785 }
786
787 if (ndopts.nd_opts_src_lladdr) {
788 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
789 if (!lladdr) {
790 ND_PRINTK(2, warn,
791 "NS: invalid link-layer address length\n");
792 return;
793 }
794
795 /* RFC2461 7.1.1:
796 * If the IP source address is the unspecified address,
797 * there MUST NOT be source link-layer address option
798 * in the message.
799 */
800 if (dad) {
801 ND_PRINTK(2, warn,
802 "NS: bad DAD packet (link-layer address option)\n");
803 return;
804 }
805 }
806 if (ndopts.nd_opts_nonce && ndopts.nd_opts_nonce->nd_opt_len == 1)
807 memcpy(&nonce, (u8 *)(ndopts.nd_opts_nonce + 1), 6);
808
809 inc = ipv6_addr_is_multicast(daddr);
810
811 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
812 if (ifp) {
813 have_ifp:
814 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
815 if (dad) {
816 if (nonce != 0 && ifp->dad_nonce == nonce) {
817 u8 *np = (u8 *)&nonce;
818 /* Matching nonce if looped back */
819 ND_PRINTK(2, notice,
820 "%s: IPv6 DAD loopback for address %pI6c nonce %pM ignored\n",
821 ifp->idev->dev->name,
822 &ifp->addr, np);
823 goto out;
824 }
825 /*
826 * We are colliding with another node
827 * who is doing DAD
828 * so fail our DAD process
829 */
830 addrconf_dad_failure(ifp);
831 return;
832 } else {
833 /*
834 * This is not a dad solicitation.
835 * If we are an optimistic node,
836 * we should respond.
837 * Otherwise, we should ignore it.
838 */
839 if (!(ifp->flags & IFA_F_OPTIMISTIC))
840 goto out;
841 }
842 }
843
844 idev = ifp->idev;
845 } else {
846 struct net *net = dev_net(dev);
847
848 /* perhaps an address on the master device */
849 if (netif_is_l3_slave(dev)) {
850 struct net_device *mdev;
851
852 mdev = netdev_master_upper_dev_get_rcu(dev);
853 if (mdev) {
854 ifp = ipv6_get_ifaddr(net, &msg->target, mdev, 1);
855 if (ifp)
856 goto have_ifp;
857 }
858 }
859
860 idev = in6_dev_get(dev);
861 if (!idev) {
862 /* XXX: count this drop? */
863 return;
864 }
865
866 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
867 (idev->cnf.forwarding &&
868 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
869 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
870 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
871 skb->pkt_type != PACKET_HOST &&
872 inc &&
873 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
874 /*
875 * for anycast or proxy,
876 * sender should delay its response
877 * by a random time between 0 and
878 * MAX_ANYCAST_DELAY_TIME seconds.
879 * (RFC2461) -- yoshfuji
880 */
881 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
882 if (n)
883 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
884 goto out;
885 }
886 } else
887 goto out;
888 }
889
890 if (is_router < 0)
891 is_router = idev->cnf.forwarding;
892
893 if (dad) {
894 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &msg->target,
895 !!is_router, false, (ifp != NULL), true);
896 goto out;
897 }
898
899 if (inc)
900 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
901 else
902 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
903
904 /*
905 * update / create cache entry
906 * for the source address
907 */
908 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
909 !inc || lladdr || !dev->addr_len);
910 if (neigh)
911 ndisc_update(dev, neigh, lladdr, NUD_STALE,
912 NEIGH_UPDATE_F_WEAK_OVERRIDE|
913 NEIGH_UPDATE_F_OVERRIDE,
914 NDISC_NEIGHBOUR_SOLICITATION, &ndopts);
915 if (neigh || !dev->header_ops) {
916 ndisc_send_na(dev, saddr, &msg->target, !!is_router,
917 true, (ifp != NULL && inc), inc);
918 if (neigh)
919 neigh_release(neigh);
920 }
921
922 out:
923 if (ifp)
924 in6_ifa_put(ifp);
925 else
926 in6_dev_put(idev);
927 }
928
929 static void ndisc_recv_na(struct sk_buff *skb)
930 {
931 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
932 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
933 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
934 u8 *lladdr = NULL;
935 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
936 offsetof(struct nd_msg, opt));
937 struct ndisc_options ndopts;
938 struct net_device *dev = skb->dev;
939 struct inet6_dev *idev = __in6_dev_get(dev);
940 struct inet6_ifaddr *ifp;
941 struct neighbour *neigh;
942
943 if (skb->len < sizeof(struct nd_msg)) {
944 ND_PRINTK(2, warn, "NA: packet too short\n");
945 return;
946 }
947
948 if (ipv6_addr_is_multicast(&msg->target)) {
949 ND_PRINTK(2, warn, "NA: target address is multicast\n");
950 return;
951 }
952
953 if (ipv6_addr_is_multicast(daddr) &&
954 msg->icmph.icmp6_solicited) {
955 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
956 return;
957 }
958
959 /* For some 802.11 wireless deployments (and possibly other networks),
960 * there will be a NA proxy and unsolicitd packets are attacks
961 * and thus should not be accepted.
962 */
963 if (!msg->icmph.icmp6_solicited && idev &&
964 idev->cnf.drop_unsolicited_na)
965 return;
966
967 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
968 ND_PRINTK(2, warn, "NS: invalid ND option\n");
969 return;
970 }
971 if (ndopts.nd_opts_tgt_lladdr) {
972 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
973 if (!lladdr) {
974 ND_PRINTK(2, warn,
975 "NA: invalid link-layer address length\n");
976 return;
977 }
978 }
979 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
980 if (ifp) {
981 if (skb->pkt_type != PACKET_LOOPBACK
982 && (ifp->flags & IFA_F_TENTATIVE)) {
983 addrconf_dad_failure(ifp);
984 return;
985 }
986 /* What should we make now? The advertisement
987 is invalid, but ndisc specs say nothing
988 about it. It could be misconfiguration, or
989 an smart proxy agent tries to help us :-)
990
991 We should not print the error if NA has been
992 received from loopback - it is just our own
993 unsolicited advertisement.
994 */
995 if (skb->pkt_type != PACKET_LOOPBACK)
996 ND_PRINTK(1, warn,
997 "NA: someone advertises our address %pI6 on %s!\n",
998 &ifp->addr, ifp->idev->dev->name);
999 in6_ifa_put(ifp);
1000 return;
1001 }
1002 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
1003
1004 if (neigh) {
1005 u8 old_flags = neigh->flags;
1006 struct net *net = dev_net(dev);
1007
1008 if (neigh->nud_state & NUD_FAILED)
1009 goto out;
1010
1011 /*
1012 * Don't update the neighbor cache entry on a proxy NA from
1013 * ourselves because either the proxied node is off link or it
1014 * has already sent a NA to us.
1015 */
1016 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
1017 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
1018 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
1019 /* XXX: idev->cnf.proxy_ndp */
1020 goto out;
1021 }
1022
1023 ndisc_update(dev, neigh, lladdr,
1024 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
1025 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1026 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
1027 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1028 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0),
1029 NDISC_NEIGHBOUR_ADVERTISEMENT, &ndopts);
1030
1031 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
1032 /*
1033 * Change: router to host
1034 */
1035 rt6_clean_tohost(dev_net(dev), saddr);
1036 }
1037
1038 out:
1039 neigh_release(neigh);
1040 }
1041 }
1042
1043 static void ndisc_recv_rs(struct sk_buff *skb)
1044 {
1045 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1046 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1047 struct neighbour *neigh;
1048 struct inet6_dev *idev;
1049 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1050 struct ndisc_options ndopts;
1051 u8 *lladdr = NULL;
1052
1053 if (skb->len < sizeof(*rs_msg))
1054 return;
1055
1056 idev = __in6_dev_get(skb->dev);
1057 if (!idev) {
1058 ND_PRINTK(1, err, "RS: can't find in6 device\n");
1059 return;
1060 }
1061
1062 /* Don't accept RS if we're not in router mode */
1063 if (!idev->cnf.forwarding)
1064 goto out;
1065
1066 /*
1067 * Don't update NCE if src = ::;
1068 * this implies that the source node has no ip address assigned yet.
1069 */
1070 if (ipv6_addr_any(saddr))
1071 goto out;
1072
1073 /* Parse ND options */
1074 if (!ndisc_parse_options(skb->dev, rs_msg->opt, ndoptlen, &ndopts)) {
1075 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
1076 goto out;
1077 }
1078
1079 if (ndopts.nd_opts_src_lladdr) {
1080 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1081 skb->dev);
1082 if (!lladdr)
1083 goto out;
1084 }
1085
1086 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1087 if (neigh) {
1088 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1089 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1090 NEIGH_UPDATE_F_OVERRIDE|
1091 NEIGH_UPDATE_F_OVERRIDE_ISROUTER,
1092 NDISC_ROUTER_SOLICITATION, &ndopts);
1093 neigh_release(neigh);
1094 }
1095 out:
1096 return;
1097 }
1098
1099 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1100 {
1101 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1102 struct sk_buff *skb;
1103 struct nlmsghdr *nlh;
1104 struct nduseroptmsg *ndmsg;
1105 struct net *net = dev_net(ra->dev);
1106 int err;
1107 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1108 + (opt->nd_opt_len << 3));
1109 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1110
1111 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1112 if (!skb) {
1113 err = -ENOBUFS;
1114 goto errout;
1115 }
1116
1117 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1118 if (!nlh) {
1119 goto nla_put_failure;
1120 }
1121
1122 ndmsg = nlmsg_data(nlh);
1123 ndmsg->nduseropt_family = AF_INET6;
1124 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1125 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1126 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1127 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1128
1129 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1130
1131 if (nla_put_in6_addr(skb, NDUSEROPT_SRCADDR, &ipv6_hdr(ra)->saddr))
1132 goto nla_put_failure;
1133 nlmsg_end(skb, nlh);
1134
1135 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1136 return;
1137
1138 nla_put_failure:
1139 nlmsg_free(skb);
1140 err = -EMSGSIZE;
1141 errout:
1142 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1143 }
1144
1145 static void ndisc_router_discovery(struct sk_buff *skb)
1146 {
1147 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1148 struct neighbour *neigh = NULL;
1149 struct inet6_dev *in6_dev;
1150 struct rt6_info *rt = NULL;
1151 int lifetime;
1152 struct ndisc_options ndopts;
1153 int optlen;
1154 unsigned int pref = 0;
1155 __u32 old_if_flags;
1156 bool send_ifinfo_notify = false;
1157
1158 __u8 *opt = (__u8 *)(ra_msg + 1);
1159
1160 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1161 sizeof(struct ra_msg);
1162
1163 ND_PRINTK(2, info,
1164 "RA: %s, dev: %s\n",
1165 __func__, skb->dev->name);
1166 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1167 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1168 return;
1169 }
1170 if (optlen < 0) {
1171 ND_PRINTK(2, warn, "RA: packet too short\n");
1172 return;
1173 }
1174
1175 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1176 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1177 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1178 return;
1179 }
1180 #endif
1181
1182 /*
1183 * set the RA_RECV flag in the interface
1184 */
1185
1186 in6_dev = __in6_dev_get(skb->dev);
1187 if (!in6_dev) {
1188 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1189 skb->dev->name);
1190 return;
1191 }
1192
1193 if (!ndisc_parse_options(skb->dev, opt, optlen, &ndopts)) {
1194 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1195 return;
1196 }
1197
1198 if (!ipv6_accept_ra(in6_dev)) {
1199 ND_PRINTK(2, info,
1200 "RA: %s, did not accept ra for dev: %s\n",
1201 __func__, skb->dev->name);
1202 goto skip_linkparms;
1203 }
1204
1205 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1206 /* skip link-specific parameters from interior routers */
1207 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1208 ND_PRINTK(2, info,
1209 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1210 __func__, skb->dev->name);
1211 goto skip_linkparms;
1212 }
1213 #endif
1214
1215 if (in6_dev->if_flags & IF_RS_SENT) {
1216 /*
1217 * flag that an RA was received after an RS was sent
1218 * out on this interface.
1219 */
1220 in6_dev->if_flags |= IF_RA_RCVD;
1221 }
1222
1223 /*
1224 * Remember the managed/otherconf flags from most recently
1225 * received RA message (RFC 2462) -- yoshfuji
1226 */
1227 old_if_flags = in6_dev->if_flags;
1228 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1229 IF_RA_OTHERCONF)) |
1230 (ra_msg->icmph.icmp6_addrconf_managed ?
1231 IF_RA_MANAGED : 0) |
1232 (ra_msg->icmph.icmp6_addrconf_other ?
1233 IF_RA_OTHERCONF : 0);
1234
1235 if (old_if_flags != in6_dev->if_flags)
1236 send_ifinfo_notify = true;
1237
1238 if (!in6_dev->cnf.accept_ra_defrtr) {
1239 ND_PRINTK(2, info,
1240 "RA: %s, defrtr is false for dev: %s\n",
1241 __func__, skb->dev->name);
1242 goto skip_defrtr;
1243 }
1244
1245 /* Do not accept RA with source-addr found on local machine unless
1246 * accept_ra_from_local is set to true.
1247 */
1248 if (!in6_dev->cnf.accept_ra_from_local &&
1249 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1250 in6_dev->dev, 0)) {
1251 ND_PRINTK(2, info,
1252 "RA from local address detected on dev: %s: default router ignored\n",
1253 skb->dev->name);
1254 goto skip_defrtr;
1255 }
1256
1257 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1258
1259 #ifdef CONFIG_IPV6_ROUTER_PREF
1260 pref = ra_msg->icmph.icmp6_router_pref;
1261 /* 10b is handled as if it were 00b (medium) */
1262 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1263 !in6_dev->cnf.accept_ra_rtr_pref)
1264 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1265 #endif
1266
1267 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1268
1269 if (rt) {
1270 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1271 if (!neigh) {
1272 ND_PRINTK(0, err,
1273 "RA: %s got default router without neighbour\n",
1274 __func__);
1275 ip6_rt_put(rt);
1276 return;
1277 }
1278 }
1279 if (rt && lifetime == 0) {
1280 ip6_del_rt(rt);
1281 rt = NULL;
1282 }
1283
1284 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1285 rt, lifetime, skb->dev->name);
1286 if (!rt && lifetime) {
1287 ND_PRINTK(3, info, "RA: adding default router\n");
1288
1289 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1290 if (!rt) {
1291 ND_PRINTK(0, err,
1292 "RA: %s failed to add default route\n",
1293 __func__);
1294 return;
1295 }
1296
1297 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1298 if (!neigh) {
1299 ND_PRINTK(0, err,
1300 "RA: %s got default router without neighbour\n",
1301 __func__);
1302 ip6_rt_put(rt);
1303 return;
1304 }
1305 neigh->flags |= NTF_ROUTER;
1306 } else if (rt) {
1307 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1308 }
1309
1310 if (rt)
1311 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1312 if (in6_dev->cnf.accept_ra_min_hop_limit < 256 &&
1313 ra_msg->icmph.icmp6_hop_limit) {
1314 if (in6_dev->cnf.accept_ra_min_hop_limit <= ra_msg->icmph.icmp6_hop_limit) {
1315 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1316 if (rt)
1317 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1318 ra_msg->icmph.icmp6_hop_limit);
1319 } else {
1320 ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than minimum\n");
1321 }
1322 }
1323
1324 skip_defrtr:
1325
1326 /*
1327 * Update Reachable Time and Retrans Timer
1328 */
1329
1330 if (in6_dev->nd_parms) {
1331 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1332
1333 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1334 rtime = (rtime*HZ)/1000;
1335 if (rtime < HZ/10)
1336 rtime = HZ/10;
1337 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1338 in6_dev->tstamp = jiffies;
1339 send_ifinfo_notify = true;
1340 }
1341
1342 rtime = ntohl(ra_msg->reachable_time);
1343 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1344 rtime = (rtime*HZ)/1000;
1345
1346 if (rtime < HZ/10)
1347 rtime = HZ/10;
1348
1349 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1350 NEIGH_VAR_SET(in6_dev->nd_parms,
1351 BASE_REACHABLE_TIME, rtime);
1352 NEIGH_VAR_SET(in6_dev->nd_parms,
1353 GC_STALETIME, 3 * rtime);
1354 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1355 in6_dev->tstamp = jiffies;
1356 send_ifinfo_notify = true;
1357 }
1358 }
1359 }
1360
1361 /*
1362 * Send a notify if RA changed managed/otherconf flags or timer settings
1363 */
1364 if (send_ifinfo_notify)
1365 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1366
1367 skip_linkparms:
1368
1369 /*
1370 * Process options.
1371 */
1372
1373 if (!neigh)
1374 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1375 skb->dev, 1);
1376 if (neigh) {
1377 u8 *lladdr = NULL;
1378 if (ndopts.nd_opts_src_lladdr) {
1379 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1380 skb->dev);
1381 if (!lladdr) {
1382 ND_PRINTK(2, warn,
1383 "RA: invalid link-layer address length\n");
1384 goto out;
1385 }
1386 }
1387 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1388 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1389 NEIGH_UPDATE_F_OVERRIDE|
1390 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1391 NEIGH_UPDATE_F_ISROUTER,
1392 NDISC_ROUTER_ADVERTISEMENT, &ndopts);
1393 }
1394
1395 if (!ipv6_accept_ra(in6_dev)) {
1396 ND_PRINTK(2, info,
1397 "RA: %s, accept_ra is false for dev: %s\n",
1398 __func__, skb->dev->name);
1399 goto out;
1400 }
1401
1402 #ifdef CONFIG_IPV6_ROUTE_INFO
1403 if (!in6_dev->cnf.accept_ra_from_local &&
1404 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1405 in6_dev->dev, 0)) {
1406 ND_PRINTK(2, info,
1407 "RA from local address detected on dev: %s: router info ignored.\n",
1408 skb->dev->name);
1409 goto skip_routeinfo;
1410 }
1411
1412 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1413 struct nd_opt_hdr *p;
1414 for (p = ndopts.nd_opts_ri;
1415 p;
1416 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1417 struct route_info *ri = (struct route_info *)p;
1418 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1419 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1420 ri->prefix_len == 0)
1421 continue;
1422 #endif
1423 if (ri->prefix_len == 0 &&
1424 !in6_dev->cnf.accept_ra_defrtr)
1425 continue;
1426 if (ri->prefix_len < in6_dev->cnf.accept_ra_rt_info_min_plen)
1427 continue;
1428 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1429 continue;
1430 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1431 &ipv6_hdr(skb)->saddr);
1432 }
1433 }
1434
1435 skip_routeinfo:
1436 #endif
1437
1438 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1439 /* skip link-specific ndopts from interior routers */
1440 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1441 ND_PRINTK(2, info,
1442 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1443 __func__, skb->dev->name);
1444 goto out;
1445 }
1446 #endif
1447
1448 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1449 struct nd_opt_hdr *p;
1450 for (p = ndopts.nd_opts_pi;
1451 p;
1452 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1453 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1454 (p->nd_opt_len) << 3,
1455 ndopts.nd_opts_src_lladdr != NULL);
1456 }
1457 }
1458
1459 if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1460 __be32 n;
1461 u32 mtu;
1462
1463 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1464 mtu = ntohl(n);
1465
1466 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1467 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1468 } else if (in6_dev->cnf.mtu6 != mtu) {
1469 in6_dev->cnf.mtu6 = mtu;
1470
1471 if (rt)
1472 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1473
1474 rt6_mtu_change(skb->dev, mtu);
1475 }
1476 }
1477
1478 if (ndopts.nd_useropts) {
1479 struct nd_opt_hdr *p;
1480 for (p = ndopts.nd_useropts;
1481 p;
1482 p = ndisc_next_useropt(skb->dev, p,
1483 ndopts.nd_useropts_end)) {
1484 ndisc_ra_useropt(skb, p);
1485 }
1486 }
1487
1488 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1489 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1490 }
1491 out:
1492 ip6_rt_put(rt);
1493 if (neigh)
1494 neigh_release(neigh);
1495 }
1496
1497 static void ndisc_redirect_rcv(struct sk_buff *skb)
1498 {
1499 u8 *hdr;
1500 struct ndisc_options ndopts;
1501 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1502 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1503 offsetof(struct rd_msg, opt));
1504
1505 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1506 switch (skb->ndisc_nodetype) {
1507 case NDISC_NODETYPE_HOST:
1508 case NDISC_NODETYPE_NODEFAULT:
1509 ND_PRINTK(2, warn,
1510 "Redirect: from host or unauthorized router\n");
1511 return;
1512 }
1513 #endif
1514
1515 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1516 ND_PRINTK(2, warn,
1517 "Redirect: source address is not link-local\n");
1518 return;
1519 }
1520
1521 if (!ndisc_parse_options(skb->dev, msg->opt, ndoptlen, &ndopts))
1522 return;
1523
1524 if (!ndopts.nd_opts_rh) {
1525 ip6_redirect_no_header(skb, dev_net(skb->dev),
1526 skb->dev->ifindex, 0);
1527 return;
1528 }
1529
1530 hdr = (u8 *)ndopts.nd_opts_rh;
1531 hdr += 8;
1532 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1533 return;
1534
1535 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1536 }
1537
1538 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1539 struct sk_buff *orig_skb,
1540 int rd_len)
1541 {
1542 u8 *opt = skb_put(skb, rd_len);
1543
1544 memset(opt, 0, 8);
1545 *(opt++) = ND_OPT_REDIRECT_HDR;
1546 *(opt++) = (rd_len >> 3);
1547 opt += 6;
1548
1549 skb_copy_bits(orig_skb, skb_network_offset(orig_skb), opt,
1550 rd_len - 8);
1551 }
1552
1553 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1554 {
1555 struct net_device *dev = skb->dev;
1556 struct net *net = dev_net(dev);
1557 struct sock *sk = net->ipv6.ndisc_sk;
1558 int optlen = 0;
1559 struct inet_peer *peer;
1560 struct sk_buff *buff;
1561 struct rd_msg *msg;
1562 struct in6_addr saddr_buf;
1563 struct rt6_info *rt;
1564 struct dst_entry *dst;
1565 struct flowi6 fl6;
1566 int rd_len;
1567 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL,
1568 ops_data_buf[NDISC_OPS_REDIRECT_DATA_SPACE], *ops_data = NULL;
1569 bool ret;
1570
1571 if (netif_is_l3_master(skb->dev)) {
1572 dev = __dev_get_by_index(dev_net(skb->dev), IPCB(skb)->iif);
1573 if (!dev)
1574 return;
1575 }
1576
1577 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1578 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1579 dev->name);
1580 return;
1581 }
1582
1583 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1584 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1585 ND_PRINTK(2, warn,
1586 "Redirect: target address is not link-local unicast\n");
1587 return;
1588 }
1589
1590 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1591 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1592
1593 dst = ip6_route_output(net, NULL, &fl6);
1594 if (dst->error) {
1595 dst_release(dst);
1596 return;
1597 }
1598 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1599 if (IS_ERR(dst))
1600 return;
1601
1602 rt = (struct rt6_info *) dst;
1603
1604 if (rt->rt6i_flags & RTF_GATEWAY) {
1605 ND_PRINTK(2, warn,
1606 "Redirect: destination is not a neighbour\n");
1607 goto release;
1608 }
1609 peer = inet_getpeer_v6(net->ipv6.peers, &ipv6_hdr(skb)->saddr, 1);
1610 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1611 if (peer)
1612 inet_putpeer(peer);
1613 if (!ret)
1614 goto release;
1615
1616 if (dev->addr_len) {
1617 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1618 if (!neigh) {
1619 ND_PRINTK(2, warn,
1620 "Redirect: no neigh for target address\n");
1621 goto release;
1622 }
1623
1624 read_lock_bh(&neigh->lock);
1625 if (neigh->nud_state & NUD_VALID) {
1626 memcpy(ha_buf, neigh->ha, dev->addr_len);
1627 read_unlock_bh(&neigh->lock);
1628 ha = ha_buf;
1629 optlen += ndisc_redirect_opt_addr_space(dev, neigh,
1630 ops_data_buf,
1631 &ops_data);
1632 } else
1633 read_unlock_bh(&neigh->lock);
1634
1635 neigh_release(neigh);
1636 }
1637
1638 rd_len = min_t(unsigned int,
1639 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1640 skb->len + 8);
1641 rd_len &= ~0x7;
1642 optlen += rd_len;
1643
1644 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1645 if (!buff)
1646 goto release;
1647
1648 msg = skb_put(buff, sizeof(*msg));
1649 *msg = (struct rd_msg) {
1650 .icmph = {
1651 .icmp6_type = NDISC_REDIRECT,
1652 },
1653 .target = *target,
1654 .dest = ipv6_hdr(skb)->daddr,
1655 };
1656
1657 /*
1658 * include target_address option
1659 */
1660
1661 if (ha)
1662 ndisc_fill_redirect_addr_option(buff, ha, ops_data);
1663
1664 /*
1665 * build redirect option and copy skb over to the new packet.
1666 */
1667
1668 if (rd_len)
1669 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1670
1671 skb_dst_set(buff, dst);
1672 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1673 return;
1674
1675 release:
1676 dst_release(dst);
1677 }
1678
1679 static void pndisc_redo(struct sk_buff *skb)
1680 {
1681 ndisc_recv_ns(skb);
1682 kfree_skb(skb);
1683 }
1684
1685 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1686 {
1687 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1688
1689 if (!idev)
1690 return true;
1691 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1692 idev->cnf.suppress_frag_ndisc) {
1693 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1694 return true;
1695 }
1696 return false;
1697 }
1698
1699 int ndisc_rcv(struct sk_buff *skb)
1700 {
1701 struct nd_msg *msg;
1702
1703 if (ndisc_suppress_frag_ndisc(skb))
1704 return 0;
1705
1706 if (skb_linearize(skb))
1707 return 0;
1708
1709 msg = (struct nd_msg *)skb_transport_header(skb);
1710
1711 __skb_push(skb, skb->data - skb_transport_header(skb));
1712
1713 if (ipv6_hdr(skb)->hop_limit != 255) {
1714 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1715 ipv6_hdr(skb)->hop_limit);
1716 return 0;
1717 }
1718
1719 if (msg->icmph.icmp6_code != 0) {
1720 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1721 msg->icmph.icmp6_code);
1722 return 0;
1723 }
1724
1725 switch (msg->icmph.icmp6_type) {
1726 case NDISC_NEIGHBOUR_SOLICITATION:
1727 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1728 ndisc_recv_ns(skb);
1729 break;
1730
1731 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1732 ndisc_recv_na(skb);
1733 break;
1734
1735 case NDISC_ROUTER_SOLICITATION:
1736 ndisc_recv_rs(skb);
1737 break;
1738
1739 case NDISC_ROUTER_ADVERTISEMENT:
1740 ndisc_router_discovery(skb);
1741 break;
1742
1743 case NDISC_REDIRECT:
1744 ndisc_redirect_rcv(skb);
1745 break;
1746 }
1747
1748 return 0;
1749 }
1750
1751 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1752 {
1753 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1754 struct netdev_notifier_change_info *change_info;
1755 struct net *net = dev_net(dev);
1756 struct inet6_dev *idev;
1757
1758 switch (event) {
1759 case NETDEV_CHANGEADDR:
1760 neigh_changeaddr(&nd_tbl, dev);
1761 fib6_run_gc(0, net, false);
1762 /* fallthrough */
1763 case NETDEV_UP:
1764 idev = in6_dev_get(dev);
1765 if (!idev)
1766 break;
1767 if (idev->cnf.ndisc_notify ||
1768 net->ipv6.devconf_all->ndisc_notify)
1769 ndisc_send_unsol_na(dev);
1770 in6_dev_put(idev);
1771 break;
1772 case NETDEV_CHANGE:
1773 change_info = ptr;
1774 if (change_info->flags_changed & IFF_NOARP)
1775 neigh_changeaddr(&nd_tbl, dev);
1776 break;
1777 case NETDEV_DOWN:
1778 neigh_ifdown(&nd_tbl, dev);
1779 fib6_run_gc(0, net, false);
1780 break;
1781 case NETDEV_NOTIFY_PEERS:
1782 ndisc_send_unsol_na(dev);
1783 break;
1784 default:
1785 break;
1786 }
1787
1788 return NOTIFY_DONE;
1789 }
1790
1791 static struct notifier_block ndisc_netdev_notifier = {
1792 .notifier_call = ndisc_netdev_event,
1793 .priority = ADDRCONF_NOTIFY_PRIORITY - 5,
1794 };
1795
1796 #ifdef CONFIG_SYSCTL
1797 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1798 const char *func, const char *dev_name)
1799 {
1800 static char warncomm[TASK_COMM_LEN];
1801 static int warned;
1802 if (strcmp(warncomm, current->comm) && warned < 5) {
1803 strcpy(warncomm, current->comm);
1804 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1805 warncomm, func,
1806 dev_name, ctl->procname,
1807 dev_name, ctl->procname);
1808 warned++;
1809 }
1810 }
1811
1812 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1813 {
1814 struct net_device *dev = ctl->extra1;
1815 struct inet6_dev *idev;
1816 int ret;
1817
1818 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1819 (strcmp(ctl->procname, "base_reachable_time") == 0))
1820 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1821
1822 if (strcmp(ctl->procname, "retrans_time") == 0)
1823 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1824
1825 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1826 ret = neigh_proc_dointvec_jiffies(ctl, write,
1827 buffer, lenp, ppos);
1828
1829 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1830 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1831 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1832 buffer, lenp, ppos);
1833 else
1834 ret = -1;
1835
1836 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1837 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1838 idev->nd_parms->reachable_time =
1839 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1840 idev->tstamp = jiffies;
1841 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1842 in6_dev_put(idev);
1843 }
1844 return ret;
1845 }
1846
1847
1848 #endif
1849
1850 static int __net_init ndisc_net_init(struct net *net)
1851 {
1852 struct ipv6_pinfo *np;
1853 struct sock *sk;
1854 int err;
1855
1856 err = inet_ctl_sock_create(&sk, PF_INET6,
1857 SOCK_RAW, IPPROTO_ICMPV6, net);
1858 if (err < 0) {
1859 ND_PRINTK(0, err,
1860 "NDISC: Failed to initialize the control socket (err %d)\n",
1861 err);
1862 return err;
1863 }
1864
1865 net->ipv6.ndisc_sk = sk;
1866
1867 np = inet6_sk(sk);
1868 np->hop_limit = 255;
1869 /* Do not loopback ndisc messages */
1870 np->mc_loop = 0;
1871
1872 return 0;
1873 }
1874
1875 static void __net_exit ndisc_net_exit(struct net *net)
1876 {
1877 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1878 }
1879
1880 static struct pernet_operations ndisc_net_ops = {
1881 .init = ndisc_net_init,
1882 .exit = ndisc_net_exit,
1883 };
1884
1885 int __init ndisc_init(void)
1886 {
1887 int err;
1888
1889 err = register_pernet_subsys(&ndisc_net_ops);
1890 if (err)
1891 return err;
1892 /*
1893 * Initialize the neighbour table
1894 */
1895 neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1896
1897 #ifdef CONFIG_SYSCTL
1898 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1899 ndisc_ifinfo_sysctl_change);
1900 if (err)
1901 goto out_unregister_pernet;
1902 out:
1903 #endif
1904 return err;
1905
1906 #ifdef CONFIG_SYSCTL
1907 out_unregister_pernet:
1908 unregister_pernet_subsys(&ndisc_net_ops);
1909 goto out;
1910 #endif
1911 }
1912
1913 int __init ndisc_late_init(void)
1914 {
1915 return register_netdevice_notifier(&ndisc_netdev_notifier);
1916 }
1917
1918 void ndisc_late_cleanup(void)
1919 {
1920 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1921 }
1922
1923 void ndisc_cleanup(void)
1924 {
1925 #ifdef CONFIG_SYSCTL
1926 neigh_sysctl_unregister(&nd_tbl.parms);
1927 #endif
1928 neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1929 unregister_pernet_subsys(&ndisc_net_ops);
1930 }
Linux with added FPC-III support