2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
30 #define pr_fmt(fmt) "ICMPv6: " fmt
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
45 #include <linux/sysctl.h>
48 #include <linux/if_addr.h>
49 #include <linux/if_ether.h>
50 #include <linux/if_arp.h>
51 #include <linux/ipv6.h>
52 #include <linux/icmpv6.h>
53 #include <linux/jhash.h>
59 #include <net/protocol.h>
60 #include <net/ndisc.h>
61 #include <net/ip6_route.h>
62 #include <net/addrconf.h>
65 #include <net/netlink.h>
66 #include <linux/rtnetlink.h>
69 #include <net/ip6_checksum.h>
70 #include <net/inet_common.h>
71 #include <linux/proc_fs.h>
73 #include <linux/netfilter.h>
74 #include <linux/netfilter_ipv6.h>
76 static u32
ndisc_hash(const void *pkey
,
77 const struct net_device
*dev
,
79 static bool ndisc_key_eq(const struct neighbour
*neigh
, const void *pkey
);
80 static int ndisc_constructor(struct neighbour
*neigh
);
81 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
);
82 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
);
83 static int pndisc_constructor(struct pneigh_entry
*n
);
84 static void pndisc_destructor(struct pneigh_entry
*n
);
85 static void pndisc_redo(struct sk_buff
*skb
);
87 static const struct neigh_ops ndisc_generic_ops
= {
89 .solicit
= ndisc_solicit
,
90 .error_report
= ndisc_error_report
,
91 .output
= neigh_resolve_output
,
92 .connected_output
= neigh_connected_output
,
95 static const struct neigh_ops ndisc_hh_ops
= {
97 .solicit
= ndisc_solicit
,
98 .error_report
= ndisc_error_report
,
99 .output
= neigh_resolve_output
,
100 .connected_output
= neigh_resolve_output
,
104 static const struct neigh_ops ndisc_direct_ops
= {
106 .output
= neigh_direct_output
,
107 .connected_output
= neigh_direct_output
,
110 struct neigh_table nd_tbl
= {
112 .key_len
= sizeof(struct in6_addr
),
113 .protocol
= cpu_to_be16(ETH_P_IPV6
),
115 .key_eq
= ndisc_key_eq
,
116 .constructor
= ndisc_constructor
,
117 .pconstructor
= pndisc_constructor
,
118 .pdestructor
= pndisc_destructor
,
119 .proxy_redo
= pndisc_redo
,
123 .reachable_time
= ND_REACHABLE_TIME
,
125 [NEIGH_VAR_MCAST_PROBES
] = 3,
126 [NEIGH_VAR_UCAST_PROBES
] = 3,
127 [NEIGH_VAR_RETRANS_TIME
] = ND_RETRANS_TIMER
,
128 [NEIGH_VAR_BASE_REACHABLE_TIME
] = ND_REACHABLE_TIME
,
129 [NEIGH_VAR_DELAY_PROBE_TIME
] = 5 * HZ
,
130 [NEIGH_VAR_GC_STALETIME
] = 60 * HZ
,
131 [NEIGH_VAR_QUEUE_LEN_BYTES
] = SK_WMEM_MAX
,
132 [NEIGH_VAR_PROXY_QLEN
] = 64,
133 [NEIGH_VAR_ANYCAST_DELAY
] = 1 * HZ
,
134 [NEIGH_VAR_PROXY_DELAY
] = (8 * HZ
) / 10,
137 .gc_interval
= 30 * HZ
,
142 EXPORT_SYMBOL_GPL(nd_tbl
);
144 void __ndisc_fill_addr_option(struct sk_buff
*skb
, int type
, void *data
,
145 int data_len
, int pad
)
147 int space
= __ndisc_opt_addr_space(data_len
, pad
);
148 u8
*opt
= skb_put(skb
, space
);
153 memset(opt
+ 2, 0, pad
);
157 memcpy(opt
+2, data
, data_len
);
162 memset(opt
, 0, space
);
164 EXPORT_SYMBOL_GPL(__ndisc_fill_addr_option
);
166 static inline void ndisc_fill_addr_option(struct sk_buff
*skb
, int type
,
167 void *data
, u8 icmp6_type
)
169 __ndisc_fill_addr_option(skb
, type
, data
, skb
->dev
->addr_len
,
170 ndisc_addr_option_pad(skb
->dev
->type
));
171 ndisc_ops_fill_addr_option(skb
->dev
, skb
, icmp6_type
);
174 static inline void ndisc_fill_redirect_addr_option(struct sk_buff
*skb
,
178 ndisc_fill_addr_option(skb
, ND_OPT_TARGET_LL_ADDR
, ha
, NDISC_REDIRECT
);
179 ndisc_ops_fill_redirect_addr_option(skb
->dev
, skb
, ops_data
);
182 static struct nd_opt_hdr
*ndisc_next_option(struct nd_opt_hdr
*cur
,
183 struct nd_opt_hdr
*end
)
186 if (!cur
|| !end
|| cur
>= end
)
188 type
= cur
->nd_opt_type
;
190 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
191 } while (cur
< end
&& cur
->nd_opt_type
!= type
);
192 return cur
<= end
&& cur
->nd_opt_type
== type
? cur
: NULL
;
195 static inline int ndisc_is_useropt(const struct net_device
*dev
,
196 struct nd_opt_hdr
*opt
)
198 return opt
->nd_opt_type
== ND_OPT_RDNSS
||
199 opt
->nd_opt_type
== ND_OPT_DNSSL
||
200 ndisc_ops_is_useropt(dev
, opt
->nd_opt_type
);
203 static struct nd_opt_hdr
*ndisc_next_useropt(const struct net_device
*dev
,
204 struct nd_opt_hdr
*cur
,
205 struct nd_opt_hdr
*end
)
207 if (!cur
|| !end
|| cur
>= end
)
210 cur
= ((void *)cur
) + (cur
->nd_opt_len
<< 3);
211 } while (cur
< end
&& !ndisc_is_useropt(dev
, cur
));
212 return cur
<= end
&& ndisc_is_useropt(dev
, cur
) ? cur
: NULL
;
215 struct ndisc_options
*ndisc_parse_options(const struct net_device
*dev
,
216 u8
*opt
, int opt_len
,
217 struct ndisc_options
*ndopts
)
219 struct nd_opt_hdr
*nd_opt
= (struct nd_opt_hdr
*)opt
;
221 if (!nd_opt
|| opt_len
< 0 || !ndopts
)
223 memset(ndopts
, 0, sizeof(*ndopts
));
226 if (opt_len
< sizeof(struct nd_opt_hdr
))
228 l
= nd_opt
->nd_opt_len
<< 3;
229 if (opt_len
< l
|| l
== 0)
231 if (ndisc_ops_parse_options(dev
, nd_opt
, ndopts
))
233 switch (nd_opt
->nd_opt_type
) {
234 case ND_OPT_SOURCE_LL_ADDR
:
235 case ND_OPT_TARGET_LL_ADDR
:
238 case ND_OPT_REDIRECT_HDR
:
239 if (ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
]) {
241 "%s: duplicated ND6 option found: type=%d\n",
242 __func__
, nd_opt
->nd_opt_type
);
244 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
247 case ND_OPT_PREFIX_INFO
:
248 ndopts
->nd_opts_pi_end
= nd_opt
;
249 if (!ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
])
250 ndopts
->nd_opt_array
[nd_opt
->nd_opt_type
] = nd_opt
;
252 #ifdef CONFIG_IPV6_ROUTE_INFO
253 case ND_OPT_ROUTE_INFO
:
254 ndopts
->nd_opts_ri_end
= nd_opt
;
255 if (!ndopts
->nd_opts_ri
)
256 ndopts
->nd_opts_ri
= nd_opt
;
260 if (ndisc_is_useropt(dev
, nd_opt
)) {
261 ndopts
->nd_useropts_end
= nd_opt
;
262 if (!ndopts
->nd_useropts
)
263 ndopts
->nd_useropts
= nd_opt
;
266 * Unknown options must be silently ignored,
267 * to accommodate future extension to the
271 "%s: ignored unsupported option; type=%d, len=%d\n",
279 nd_opt
= ((void *)nd_opt
) + l
;
284 int ndisc_mc_map(const struct in6_addr
*addr
, char *buf
, struct net_device
*dev
, int dir
)
288 case ARPHRD_IEEE802
: /* Not sure. Check it later. --ANK */
290 ipv6_eth_mc_map(addr
, buf
);
293 ipv6_arcnet_mc_map(addr
, buf
);
295 case ARPHRD_INFINIBAND
:
296 ipv6_ib_mc_map(addr
, dev
->broadcast
, buf
);
299 return ipv6_ipgre_mc_map(addr
, dev
->broadcast
, buf
);
302 memcpy(buf
, dev
->broadcast
, dev
->addr_len
);
308 EXPORT_SYMBOL(ndisc_mc_map
);
310 static u32
ndisc_hash(const void *pkey
,
311 const struct net_device
*dev
,
314 return ndisc_hashfn(pkey
, dev
, hash_rnd
);
317 static bool ndisc_key_eq(const struct neighbour
*n
, const void *pkey
)
319 return neigh_key_eq128(n
, pkey
);
322 static int ndisc_constructor(struct neighbour
*neigh
)
324 struct in6_addr
*addr
= (struct in6_addr
*)&neigh
->primary_key
;
325 struct net_device
*dev
= neigh
->dev
;
326 struct inet6_dev
*in6_dev
;
327 struct neigh_parms
*parms
;
328 bool is_multicast
= ipv6_addr_is_multicast(addr
);
330 in6_dev
= in6_dev_get(dev
);
335 parms
= in6_dev
->nd_parms
;
336 __neigh_parms_put(neigh
->parms
);
337 neigh
->parms
= neigh_parms_clone(parms
);
339 neigh
->type
= is_multicast
? RTN_MULTICAST
: RTN_UNICAST
;
340 if (!dev
->header_ops
) {
341 neigh
->nud_state
= NUD_NOARP
;
342 neigh
->ops
= &ndisc_direct_ops
;
343 neigh
->output
= neigh_direct_output
;
346 neigh
->nud_state
= NUD_NOARP
;
347 ndisc_mc_map(addr
, neigh
->ha
, dev
, 1);
348 } else if (dev
->flags
&(IFF_NOARP
|IFF_LOOPBACK
)) {
349 neigh
->nud_state
= NUD_NOARP
;
350 memcpy(neigh
->ha
, dev
->dev_addr
, dev
->addr_len
);
351 if (dev
->flags
&IFF_LOOPBACK
)
352 neigh
->type
= RTN_LOCAL
;
353 } else if (dev
->flags
&IFF_POINTOPOINT
) {
354 neigh
->nud_state
= NUD_NOARP
;
355 memcpy(neigh
->ha
, dev
->broadcast
, dev
->addr_len
);
357 if (dev
->header_ops
->cache
)
358 neigh
->ops
= &ndisc_hh_ops
;
360 neigh
->ops
= &ndisc_generic_ops
;
361 if (neigh
->nud_state
&NUD_VALID
)
362 neigh
->output
= neigh
->ops
->connected_output
;
364 neigh
->output
= neigh
->ops
->output
;
366 in6_dev_put(in6_dev
);
370 static int pndisc_constructor(struct pneigh_entry
*n
)
372 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
373 struct in6_addr maddr
;
374 struct net_device
*dev
= n
->dev
;
376 if (!dev
|| !__in6_dev_get(dev
))
378 addrconf_addr_solict_mult(addr
, &maddr
);
379 ipv6_dev_mc_inc(dev
, &maddr
);
383 static void pndisc_destructor(struct pneigh_entry
*n
)
385 struct in6_addr
*addr
= (struct in6_addr
*)&n
->key
;
386 struct in6_addr maddr
;
387 struct net_device
*dev
= n
->dev
;
389 if (!dev
|| !__in6_dev_get(dev
))
391 addrconf_addr_solict_mult(addr
, &maddr
);
392 ipv6_dev_mc_dec(dev
, &maddr
);
395 static struct sk_buff
*ndisc_alloc_skb(struct net_device
*dev
,
398 int hlen
= LL_RESERVED_SPACE(dev
);
399 int tlen
= dev
->needed_tailroom
;
400 struct sock
*sk
= dev_net(dev
)->ipv6
.ndisc_sk
;
403 skb
= alloc_skb(hlen
+ sizeof(struct ipv6hdr
) + len
+ tlen
, GFP_ATOMIC
);
405 ND_PRINTK(0, err
, "ndisc: %s failed to allocate an skb\n",
410 skb
->protocol
= htons(ETH_P_IPV6
);
413 skb_reserve(skb
, hlen
+ sizeof(struct ipv6hdr
));
414 skb_reset_transport_header(skb
);
416 /* Manually assign socket ownership as we avoid calling
417 * sock_alloc_send_pskb() to bypass wmem buffer limits
419 skb_set_owner_w(skb
, sk
);
424 static void ip6_nd_hdr(struct sk_buff
*skb
,
425 const struct in6_addr
*saddr
,
426 const struct in6_addr
*daddr
,
427 int hop_limit
, int len
)
430 struct inet6_dev
*idev
;
434 idev
= __in6_dev_get(skb
->dev
);
435 tclass
= idev
? idev
->cnf
.ndisc_tclass
: 0;
438 skb_push(skb
, sizeof(*hdr
));
439 skb_reset_network_header(skb
);
442 ip6_flow_hdr(hdr
, tclass
, 0);
444 hdr
->payload_len
= htons(len
);
445 hdr
->nexthdr
= IPPROTO_ICMPV6
;
446 hdr
->hop_limit
= hop_limit
;
452 static void ndisc_send_skb(struct sk_buff
*skb
,
453 const struct in6_addr
*daddr
,
454 const struct in6_addr
*saddr
)
456 struct dst_entry
*dst
= skb_dst(skb
);
457 struct net
*net
= dev_net(skb
->dev
);
458 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
459 struct inet6_dev
*idev
;
461 struct icmp6hdr
*icmp6h
= icmp6_hdr(skb
);
464 type
= icmp6h
->icmp6_type
;
468 int oif
= skb
->dev
->ifindex
;
470 icmpv6_flow_init(sk
, &fl6
, type
, saddr
, daddr
, oif
);
471 dst
= icmp6_dst_alloc(skb
->dev
, &fl6
);
477 skb_dst_set(skb
, dst
);
480 icmp6h
->icmp6_cksum
= csum_ipv6_magic(saddr
, daddr
, skb
->len
,
485 ip6_nd_hdr(skb
, saddr
, daddr
, inet6_sk(sk
)->hop_limit
, skb
->len
);
488 idev
= __in6_dev_get(dst
->dev
);
489 IP6_UPD_PO_STATS(net
, idev
, IPSTATS_MIB_OUT
, skb
->len
);
491 err
= NF_HOOK(NFPROTO_IPV6
, NF_INET_LOCAL_OUT
,
492 net
, sk
, skb
, NULL
, dst
->dev
,
495 ICMP6MSGOUT_INC_STATS(net
, idev
, type
);
496 ICMP6_INC_STATS(net
, idev
, ICMP6_MIB_OUTMSGS
);
502 void ndisc_send_na(struct net_device
*dev
, const struct in6_addr
*daddr
,
503 const struct in6_addr
*solicited_addr
,
504 bool router
, bool solicited
, bool override
, bool inc_opt
)
507 struct in6_addr tmpaddr
;
508 struct inet6_ifaddr
*ifp
;
509 const struct in6_addr
*src_addr
;
513 /* for anycast or proxy, solicited_addr != src_addr */
514 ifp
= ipv6_get_ifaddr(dev_net(dev
), solicited_addr
, dev
, 1);
516 src_addr
= solicited_addr
;
517 if (ifp
->flags
& IFA_F_OPTIMISTIC
)
519 inc_opt
|= ifp
->idev
->cnf
.force_tllao
;
522 if (ipv6_dev_get_saddr(dev_net(dev
), dev
, daddr
,
523 inet6_sk(dev_net(dev
)->ipv6
.ndisc_sk
)->srcprefs
,
532 optlen
+= ndisc_opt_addr_space(dev
,
533 NDISC_NEIGHBOUR_ADVERTISEMENT
);
535 skb
= ndisc_alloc_skb(dev
, sizeof(*msg
) + optlen
);
539 msg
= skb_put(skb
, sizeof(*msg
));
540 *msg
= (struct nd_msg
) {
542 .icmp6_type
= NDISC_NEIGHBOUR_ADVERTISEMENT
,
543 .icmp6_router
= router
,
544 .icmp6_solicited
= solicited
,
545 .icmp6_override
= override
,
547 .target
= *solicited_addr
,
551 ndisc_fill_addr_option(skb
, ND_OPT_TARGET_LL_ADDR
,
553 NDISC_NEIGHBOUR_ADVERTISEMENT
);
555 ndisc_send_skb(skb
, daddr
, src_addr
);
558 static void ndisc_send_unsol_na(struct net_device
*dev
)
560 struct inet6_dev
*idev
;
561 struct inet6_ifaddr
*ifa
;
563 idev
= in6_dev_get(dev
);
567 read_lock_bh(&idev
->lock
);
568 list_for_each_entry(ifa
, &idev
->addr_list
, if_list
) {
569 ndisc_send_na(dev
, &in6addr_linklocal_allnodes
, &ifa
->addr
,
570 /*router=*/ !!idev
->cnf
.forwarding
,
571 /*solicited=*/ false, /*override=*/ true,
574 read_unlock_bh(&idev
->lock
);
579 void ndisc_send_ns(struct net_device
*dev
, const struct in6_addr
*solicit
,
580 const struct in6_addr
*daddr
, const struct in6_addr
*saddr
,
584 struct in6_addr addr_buf
;
585 int inc_opt
= dev
->addr_len
;
590 if (ipv6_get_lladdr(dev
, &addr_buf
,
591 (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)))
596 if (ipv6_addr_any(saddr
))
599 optlen
+= ndisc_opt_addr_space(dev
,
600 NDISC_NEIGHBOUR_SOLICITATION
);
604 skb
= ndisc_alloc_skb(dev
, sizeof(*msg
) + optlen
);
608 msg
= skb_put(skb
, sizeof(*msg
));
609 *msg
= (struct nd_msg
) {
611 .icmp6_type
= NDISC_NEIGHBOUR_SOLICITATION
,
617 ndisc_fill_addr_option(skb
, ND_OPT_SOURCE_LL_ADDR
,
619 NDISC_NEIGHBOUR_SOLICITATION
);
621 u8
*opt
= skb_put(skb
, 8);
623 opt
[0] = ND_OPT_NONCE
;
625 memcpy(opt
+ 2, &nonce
, 6);
628 ndisc_send_skb(skb
, daddr
, saddr
);
631 void ndisc_send_rs(struct net_device
*dev
, const struct in6_addr
*saddr
,
632 const struct in6_addr
*daddr
)
636 int send_sllao
= dev
->addr_len
;
639 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
641 * According to section 2.2 of RFC 4429, we must not
642 * send router solicitations with a sllao from
643 * optimistic addresses, but we may send the solicitation
644 * if we don't include the sllao. So here we check
645 * if our address is optimistic, and if so, we
646 * suppress the inclusion of the sllao.
649 struct inet6_ifaddr
*ifp
= ipv6_get_ifaddr(dev_net(dev
), saddr
,
652 if (ifp
->flags
& IFA_F_OPTIMISTIC
) {
662 optlen
+= ndisc_opt_addr_space(dev
, NDISC_ROUTER_SOLICITATION
);
664 skb
= ndisc_alloc_skb(dev
, sizeof(*msg
) + optlen
);
668 msg
= skb_put(skb
, sizeof(*msg
));
669 *msg
= (struct rs_msg
) {
671 .icmp6_type
= NDISC_ROUTER_SOLICITATION
,
676 ndisc_fill_addr_option(skb
, ND_OPT_SOURCE_LL_ADDR
,
678 NDISC_ROUTER_SOLICITATION
);
680 ndisc_send_skb(skb
, daddr
, saddr
);
684 static void ndisc_error_report(struct neighbour
*neigh
, struct sk_buff
*skb
)
687 * "The sender MUST return an ICMP
688 * destination unreachable"
690 dst_link_failure(skb
);
694 /* Called with locked neigh: either read or both */
696 static void ndisc_solicit(struct neighbour
*neigh
, struct sk_buff
*skb
)
698 struct in6_addr
*saddr
= NULL
;
699 struct in6_addr mcaddr
;
700 struct net_device
*dev
= neigh
->dev
;
701 struct in6_addr
*target
= (struct in6_addr
*)&neigh
->primary_key
;
702 int probes
= atomic_read(&neigh
->probes
);
704 if (skb
&& ipv6_chk_addr_and_flags(dev_net(dev
), &ipv6_hdr(skb
)->saddr
,
706 IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
))
707 saddr
= &ipv6_hdr(skb
)->saddr
;
708 probes
-= NEIGH_VAR(neigh
->parms
, UCAST_PROBES
);
710 if (!(neigh
->nud_state
& NUD_VALID
)) {
712 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
715 ndisc_send_ns(dev
, target
, target
, saddr
, 0);
716 } else if ((probes
-= NEIGH_VAR(neigh
->parms
, APP_PROBES
)) < 0) {
719 addrconf_addr_solict_mult(target
, &mcaddr
);
720 ndisc_send_ns(dev
, target
, &mcaddr
, saddr
, 0);
724 static int pndisc_is_router(const void *pkey
,
725 struct net_device
*dev
)
727 struct pneigh_entry
*n
;
730 read_lock_bh(&nd_tbl
.lock
);
731 n
= __pneigh_lookup(&nd_tbl
, dev_net(dev
), pkey
, dev
);
733 ret
= !!(n
->flags
& NTF_ROUTER
);
734 read_unlock_bh(&nd_tbl
.lock
);
739 void ndisc_update(const struct net_device
*dev
, struct neighbour
*neigh
,
740 const u8
*lladdr
, u8
new, u32 flags
, u8 icmp6_type
,
741 struct ndisc_options
*ndopts
)
743 neigh_update(neigh
, lladdr
, new, flags
, 0);
744 /* report ndisc ops about neighbour update */
745 ndisc_ops_update(dev
, neigh
, flags
, icmp6_type
, ndopts
);
748 static void ndisc_recv_ns(struct sk_buff
*skb
)
750 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
751 const struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
752 const struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
754 u32 ndoptlen
= skb_tail_pointer(skb
) - (skb_transport_header(skb
) +
755 offsetof(struct nd_msg
, opt
));
756 struct ndisc_options ndopts
;
757 struct net_device
*dev
= skb
->dev
;
758 struct inet6_ifaddr
*ifp
;
759 struct inet6_dev
*idev
= NULL
;
760 struct neighbour
*neigh
;
761 int dad
= ipv6_addr_any(saddr
);
766 if (skb
->len
< sizeof(struct nd_msg
)) {
767 ND_PRINTK(2, warn
, "NS: packet too short\n");
771 if (ipv6_addr_is_multicast(&msg
->target
)) {
772 ND_PRINTK(2, warn
, "NS: multicast target address\n");
778 * DAD has to be destined for solicited node multicast address.
780 if (dad
&& !ipv6_addr_is_solict_mult(daddr
)) {
781 ND_PRINTK(2, warn
, "NS: bad DAD packet (wrong destination)\n");
785 if (!ndisc_parse_options(dev
, msg
->opt
, ndoptlen
, &ndopts
)) {
786 ND_PRINTK(2, warn
, "NS: invalid ND options\n");
790 if (ndopts
.nd_opts_src_lladdr
) {
791 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
, dev
);
794 "NS: invalid link-layer address length\n");
799 * If the IP source address is the unspecified address,
800 * there MUST NOT be source link-layer address option
805 "NS: bad DAD packet (link-layer address option)\n");
809 if (ndopts
.nd_opts_nonce
)
810 memcpy(&nonce
, (u8
*)(ndopts
.nd_opts_nonce
+ 1), 6);
812 inc
= ipv6_addr_is_multicast(daddr
);
814 ifp
= ipv6_get_ifaddr(dev_net(dev
), &msg
->target
, dev
, 1);
817 if (ifp
->flags
& (IFA_F_TENTATIVE
|IFA_F_OPTIMISTIC
)) {
819 if (nonce
!= 0 && ifp
->dad_nonce
== nonce
) {
820 u8
*np
= (u8
*)&nonce
;
821 /* Matching nonce if looped back */
823 "%s: IPv6 DAD loopback for address %pI6c nonce %pM ignored\n",
824 ifp
->idev
->dev
->name
,
829 * We are colliding with another node
831 * so fail our DAD process
833 addrconf_dad_failure(skb
, ifp
);
837 * This is not a dad solicitation.
838 * If we are an optimistic node,
840 * Otherwise, we should ignore it.
842 if (!(ifp
->flags
& IFA_F_OPTIMISTIC
))
849 struct net
*net
= dev_net(dev
);
851 /* perhaps an address on the master device */
852 if (netif_is_l3_slave(dev
)) {
853 struct net_device
*mdev
;
855 mdev
= netdev_master_upper_dev_get_rcu(dev
);
857 ifp
= ipv6_get_ifaddr(net
, &msg
->target
, mdev
, 1);
863 idev
= in6_dev_get(dev
);
865 /* XXX: count this drop? */
869 if (ipv6_chk_acast_addr(net
, dev
, &msg
->target
) ||
870 (idev
->cnf
.forwarding
&&
871 (net
->ipv6
.devconf_all
->proxy_ndp
|| idev
->cnf
.proxy_ndp
) &&
872 (is_router
= pndisc_is_router(&msg
->target
, dev
)) >= 0)) {
873 if (!(NEIGH_CB(skb
)->flags
& LOCALLY_ENQUEUED
) &&
874 skb
->pkt_type
!= PACKET_HOST
&&
876 NEIGH_VAR(idev
->nd_parms
, PROXY_DELAY
) != 0) {
878 * for anycast or proxy,
879 * sender should delay its response
880 * by a random time between 0 and
881 * MAX_ANYCAST_DELAY_TIME seconds.
882 * (RFC2461) -- yoshfuji
884 struct sk_buff
*n
= skb_clone(skb
, GFP_ATOMIC
);
886 pneigh_enqueue(&nd_tbl
, idev
->nd_parms
, n
);
894 is_router
= idev
->cnf
.forwarding
;
897 ndisc_send_na(dev
, &in6addr_linklocal_allnodes
, &msg
->target
,
898 !!is_router
, false, (ifp
!= NULL
), true);
903 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_mcast
);
905 NEIGH_CACHE_STAT_INC(&nd_tbl
, rcv_probes_ucast
);
908 * update / create cache entry
909 * for the source address
911 neigh
= __neigh_lookup(&nd_tbl
, saddr
, dev
,
912 !inc
|| lladdr
|| !dev
->addr_len
);
914 ndisc_update(dev
, neigh
, lladdr
, NUD_STALE
,
915 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
916 NEIGH_UPDATE_F_OVERRIDE
,
917 NDISC_NEIGHBOUR_SOLICITATION
, &ndopts
);
918 if (neigh
|| !dev
->header_ops
) {
919 ndisc_send_na(dev
, saddr
, &msg
->target
, !!is_router
,
920 true, (ifp
!= NULL
&& inc
), inc
);
922 neigh_release(neigh
);
932 static void ndisc_recv_na(struct sk_buff
*skb
)
934 struct nd_msg
*msg
= (struct nd_msg
*)skb_transport_header(skb
);
935 struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
936 const struct in6_addr
*daddr
= &ipv6_hdr(skb
)->daddr
;
938 u32 ndoptlen
= skb_tail_pointer(skb
) - (skb_transport_header(skb
) +
939 offsetof(struct nd_msg
, opt
));
940 struct ndisc_options ndopts
;
941 struct net_device
*dev
= skb
->dev
;
942 struct inet6_dev
*idev
= __in6_dev_get(dev
);
943 struct inet6_ifaddr
*ifp
;
944 struct neighbour
*neigh
;
946 if (skb
->len
< sizeof(struct nd_msg
)) {
947 ND_PRINTK(2, warn
, "NA: packet too short\n");
951 if (ipv6_addr_is_multicast(&msg
->target
)) {
952 ND_PRINTK(2, warn
, "NA: target address is multicast\n");
956 if (ipv6_addr_is_multicast(daddr
) &&
957 msg
->icmph
.icmp6_solicited
) {
958 ND_PRINTK(2, warn
, "NA: solicited NA is multicasted\n");
962 /* For some 802.11 wireless deployments (and possibly other networks),
963 * there will be a NA proxy and unsolicitd packets are attacks
964 * and thus should not be accepted.
966 if (!msg
->icmph
.icmp6_solicited
&& idev
&&
967 idev
->cnf
.drop_unsolicited_na
)
970 if (!ndisc_parse_options(dev
, msg
->opt
, ndoptlen
, &ndopts
)) {
971 ND_PRINTK(2, warn
, "NS: invalid ND option\n");
974 if (ndopts
.nd_opts_tgt_lladdr
) {
975 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_tgt_lladdr
, dev
);
978 "NA: invalid link-layer address length\n");
982 ifp
= ipv6_get_ifaddr(dev_net(dev
), &msg
->target
, dev
, 1);
984 if (skb
->pkt_type
!= PACKET_LOOPBACK
985 && (ifp
->flags
& IFA_F_TENTATIVE
)) {
986 addrconf_dad_failure(skb
, ifp
);
989 /* What should we make now? The advertisement
990 is invalid, but ndisc specs say nothing
991 about it. It could be misconfiguration, or
992 an smart proxy agent tries to help us :-)
994 We should not print the error if NA has been
995 received from loopback - it is just our own
996 unsolicited advertisement.
998 if (skb
->pkt_type
!= PACKET_LOOPBACK
)
1000 "NA: %pM advertised our address %pI6c on %s!\n",
1001 eth_hdr(skb
)->h_source
, &ifp
->addr
, ifp
->idev
->dev
->name
);
1005 neigh
= neigh_lookup(&nd_tbl
, &msg
->target
, dev
);
1008 u8 old_flags
= neigh
->flags
;
1009 struct net
*net
= dev_net(dev
);
1011 if (neigh
->nud_state
& NUD_FAILED
)
1015 * Don't update the neighbor cache entry on a proxy NA from
1016 * ourselves because either the proxied node is off link or it
1017 * has already sent a NA to us.
1019 if (lladdr
&& !memcmp(lladdr
, dev
->dev_addr
, dev
->addr_len
) &&
1020 net
->ipv6
.devconf_all
->forwarding
&& net
->ipv6
.devconf_all
->proxy_ndp
&&
1021 pneigh_lookup(&nd_tbl
, net
, &msg
->target
, dev
, 0)) {
1022 /* XXX: idev->cnf.proxy_ndp */
1026 ndisc_update(dev
, neigh
, lladdr
,
1027 msg
->icmph
.icmp6_solicited
? NUD_REACHABLE
: NUD_STALE
,
1028 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1029 (msg
->icmph
.icmp6_override
? NEIGH_UPDATE_F_OVERRIDE
: 0)|
1030 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
1031 (msg
->icmph
.icmp6_router
? NEIGH_UPDATE_F_ISROUTER
: 0),
1032 NDISC_NEIGHBOUR_ADVERTISEMENT
, &ndopts
);
1034 if ((old_flags
& ~neigh
->flags
) & NTF_ROUTER
) {
1036 * Change: router to host
1038 rt6_clean_tohost(dev_net(dev
), saddr
);
1042 neigh_release(neigh
);
1046 static void ndisc_recv_rs(struct sk_buff
*skb
)
1048 struct rs_msg
*rs_msg
= (struct rs_msg
*)skb_transport_header(skb
);
1049 unsigned long ndoptlen
= skb
->len
- sizeof(*rs_msg
);
1050 struct neighbour
*neigh
;
1051 struct inet6_dev
*idev
;
1052 const struct in6_addr
*saddr
= &ipv6_hdr(skb
)->saddr
;
1053 struct ndisc_options ndopts
;
1056 if (skb
->len
< sizeof(*rs_msg
))
1059 idev
= __in6_dev_get(skb
->dev
);
1061 ND_PRINTK(1, err
, "RS: can't find in6 device\n");
1065 /* Don't accept RS if we're not in router mode */
1066 if (!idev
->cnf
.forwarding
)
1070 * Don't update NCE if src = ::;
1071 * this implies that the source node has no ip address assigned yet.
1073 if (ipv6_addr_any(saddr
))
1076 /* Parse ND options */
1077 if (!ndisc_parse_options(skb
->dev
, rs_msg
->opt
, ndoptlen
, &ndopts
)) {
1078 ND_PRINTK(2, notice
, "NS: invalid ND option, ignored\n");
1082 if (ndopts
.nd_opts_src_lladdr
) {
1083 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
1089 neigh
= __neigh_lookup(&nd_tbl
, saddr
, skb
->dev
, 1);
1091 ndisc_update(skb
->dev
, neigh
, lladdr
, NUD_STALE
,
1092 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1093 NEIGH_UPDATE_F_OVERRIDE
|
1094 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
,
1095 NDISC_ROUTER_SOLICITATION
, &ndopts
);
1096 neigh_release(neigh
);
1102 static void ndisc_ra_useropt(struct sk_buff
*ra
, struct nd_opt_hdr
*opt
)
1104 struct icmp6hdr
*icmp6h
= (struct icmp6hdr
*)skb_transport_header(ra
);
1105 struct sk_buff
*skb
;
1106 struct nlmsghdr
*nlh
;
1107 struct nduseroptmsg
*ndmsg
;
1108 struct net
*net
= dev_net(ra
->dev
);
1110 int base_size
= NLMSG_ALIGN(sizeof(struct nduseroptmsg
)
1111 + (opt
->nd_opt_len
<< 3));
1112 size_t msg_size
= base_size
+ nla_total_size(sizeof(struct in6_addr
));
1114 skb
= nlmsg_new(msg_size
, GFP_ATOMIC
);
1120 nlh
= nlmsg_put(skb
, 0, 0, RTM_NEWNDUSEROPT
, base_size
, 0);
1122 goto nla_put_failure
;
1125 ndmsg
= nlmsg_data(nlh
);
1126 ndmsg
->nduseropt_family
= AF_INET6
;
1127 ndmsg
->nduseropt_ifindex
= ra
->dev
->ifindex
;
1128 ndmsg
->nduseropt_icmp_type
= icmp6h
->icmp6_type
;
1129 ndmsg
->nduseropt_icmp_code
= icmp6h
->icmp6_code
;
1130 ndmsg
->nduseropt_opts_len
= opt
->nd_opt_len
<< 3;
1132 memcpy(ndmsg
+ 1, opt
, opt
->nd_opt_len
<< 3);
1134 if (nla_put_in6_addr(skb
, NDUSEROPT_SRCADDR
, &ipv6_hdr(ra
)->saddr
))
1135 goto nla_put_failure
;
1136 nlmsg_end(skb
, nlh
);
1138 rtnl_notify(skb
, net
, 0, RTNLGRP_ND_USEROPT
, NULL
, GFP_ATOMIC
);
1145 rtnl_set_sk_err(net
, RTNLGRP_ND_USEROPT
, err
);
1148 static void ndisc_router_discovery(struct sk_buff
*skb
)
1150 struct ra_msg
*ra_msg
= (struct ra_msg
*)skb_transport_header(skb
);
1151 struct neighbour
*neigh
= NULL
;
1152 struct inet6_dev
*in6_dev
;
1153 struct rt6_info
*rt
= NULL
;
1155 struct ndisc_options ndopts
;
1157 unsigned int pref
= 0;
1159 bool send_ifinfo_notify
= false;
1161 __u8
*opt
= (__u8
*)(ra_msg
+ 1);
1163 optlen
= (skb_tail_pointer(skb
) - skb_transport_header(skb
)) -
1164 sizeof(struct ra_msg
);
1167 "RA: %s, dev: %s\n",
1168 __func__
, skb
->dev
->name
);
1169 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1170 ND_PRINTK(2, warn
, "RA: source address is not link-local\n");
1174 ND_PRINTK(2, warn
, "RA: packet too short\n");
1178 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1179 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_HOST
) {
1180 ND_PRINTK(2, warn
, "RA: from host or unauthorized router\n");
1186 * set the RA_RECV flag in the interface
1189 in6_dev
= __in6_dev_get(skb
->dev
);
1191 ND_PRINTK(0, err
, "RA: can't find inet6 device for %s\n",
1196 if (!ndisc_parse_options(skb
->dev
, opt
, optlen
, &ndopts
)) {
1197 ND_PRINTK(2, warn
, "RA: invalid ND options\n");
1201 if (!ipv6_accept_ra(in6_dev
)) {
1203 "RA: %s, did not accept ra for dev: %s\n",
1204 __func__
, skb
->dev
->name
);
1205 goto skip_linkparms
;
1208 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1209 /* skip link-specific parameters from interior routers */
1210 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
) {
1212 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1213 __func__
, skb
->dev
->name
);
1214 goto skip_linkparms
;
1218 if (in6_dev
->if_flags
& IF_RS_SENT
) {
1220 * flag that an RA was received after an RS was sent
1221 * out on this interface.
1223 in6_dev
->if_flags
|= IF_RA_RCVD
;
1227 * Remember the managed/otherconf flags from most recently
1228 * received RA message (RFC 2462) -- yoshfuji
1230 old_if_flags
= in6_dev
->if_flags
;
1231 in6_dev
->if_flags
= (in6_dev
->if_flags
& ~(IF_RA_MANAGED
|
1233 (ra_msg
->icmph
.icmp6_addrconf_managed
?
1234 IF_RA_MANAGED
: 0) |
1235 (ra_msg
->icmph
.icmp6_addrconf_other
?
1236 IF_RA_OTHERCONF
: 0);
1238 if (old_if_flags
!= in6_dev
->if_flags
)
1239 send_ifinfo_notify
= true;
1241 if (!in6_dev
->cnf
.accept_ra_defrtr
) {
1243 "RA: %s, defrtr is false for dev: %s\n",
1244 __func__
, skb
->dev
->name
);
1248 /* Do not accept RA with source-addr found on local machine unless
1249 * accept_ra_from_local is set to true.
1251 if (!in6_dev
->cnf
.accept_ra_from_local
&&
1252 ipv6_chk_addr(dev_net(in6_dev
->dev
), &ipv6_hdr(skb
)->saddr
,
1255 "RA from local address detected on dev: %s: default router ignored\n",
1260 lifetime
= ntohs(ra_msg
->icmph
.icmp6_rt_lifetime
);
1262 #ifdef CONFIG_IPV6_ROUTER_PREF
1263 pref
= ra_msg
->icmph
.icmp6_router_pref
;
1264 /* 10b is handled as if it were 00b (medium) */
1265 if (pref
== ICMPV6_ROUTER_PREF_INVALID
||
1266 !in6_dev
->cnf
.accept_ra_rtr_pref
)
1267 pref
= ICMPV6_ROUTER_PREF_MEDIUM
;
1270 rt
= rt6_get_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
);
1273 neigh
= dst_neigh_lookup(&rt
->dst
, &ipv6_hdr(skb
)->saddr
);
1276 "RA: %s got default router without neighbour\n",
1282 if (rt
&& lifetime
== 0) {
1287 ND_PRINTK(3, info
, "RA: rt: %p lifetime: %d, for dev: %s\n",
1288 rt
, lifetime
, skb
->dev
->name
);
1289 if (!rt
&& lifetime
) {
1290 ND_PRINTK(3, info
, "RA: adding default router\n");
1292 rt
= rt6_add_dflt_router(&ipv6_hdr(skb
)->saddr
, skb
->dev
, pref
);
1295 "RA: %s failed to add default route\n",
1300 neigh
= dst_neigh_lookup(&rt
->dst
, &ipv6_hdr(skb
)->saddr
);
1303 "RA: %s got default router without neighbour\n",
1308 neigh
->flags
|= NTF_ROUTER
;
1310 rt
->rt6i_flags
= (rt
->rt6i_flags
& ~RTF_PREF_MASK
) | RTF_PREF(pref
);
1314 rt6_set_expires(rt
, jiffies
+ (HZ
* lifetime
));
1315 if (in6_dev
->cnf
.accept_ra_min_hop_limit
< 256 &&
1316 ra_msg
->icmph
.icmp6_hop_limit
) {
1317 if (in6_dev
->cnf
.accept_ra_min_hop_limit
<= ra_msg
->icmph
.icmp6_hop_limit
) {
1318 in6_dev
->cnf
.hop_limit
= ra_msg
->icmph
.icmp6_hop_limit
;
1320 dst_metric_set(&rt
->dst
, RTAX_HOPLIMIT
,
1321 ra_msg
->icmph
.icmp6_hop_limit
);
1323 ND_PRINTK(2, warn
, "RA: Got route advertisement with lower hop_limit than minimum\n");
1330 * Update Reachable Time and Retrans Timer
1333 if (in6_dev
->nd_parms
) {
1334 unsigned long rtime
= ntohl(ra_msg
->retrans_timer
);
1336 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/HZ
) {
1337 rtime
= (rtime
*HZ
)/1000;
1340 NEIGH_VAR_SET(in6_dev
->nd_parms
, RETRANS_TIME
, rtime
);
1341 in6_dev
->tstamp
= jiffies
;
1342 send_ifinfo_notify
= true;
1345 rtime
= ntohl(ra_msg
->reachable_time
);
1346 if (rtime
&& rtime
/1000 < MAX_SCHEDULE_TIMEOUT
/(3*HZ
)) {
1347 rtime
= (rtime
*HZ
)/1000;
1352 if (rtime
!= NEIGH_VAR(in6_dev
->nd_parms
, BASE_REACHABLE_TIME
)) {
1353 NEIGH_VAR_SET(in6_dev
->nd_parms
,
1354 BASE_REACHABLE_TIME
, rtime
);
1355 NEIGH_VAR_SET(in6_dev
->nd_parms
,
1356 GC_STALETIME
, 3 * rtime
);
1357 in6_dev
->nd_parms
->reachable_time
= neigh_rand_reach_time(rtime
);
1358 in6_dev
->tstamp
= jiffies
;
1359 send_ifinfo_notify
= true;
1365 * Send a notify if RA changed managed/otherconf flags or timer settings
1367 if (send_ifinfo_notify
)
1368 inet6_ifinfo_notify(RTM_NEWLINK
, in6_dev
);
1377 neigh
= __neigh_lookup(&nd_tbl
, &ipv6_hdr(skb
)->saddr
,
1381 if (ndopts
.nd_opts_src_lladdr
) {
1382 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_src_lladdr
,
1386 "RA: invalid link-layer address length\n");
1390 ndisc_update(skb
->dev
, neigh
, lladdr
, NUD_STALE
,
1391 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
1392 NEIGH_UPDATE_F_OVERRIDE
|
1393 NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
1394 NEIGH_UPDATE_F_ISROUTER
,
1395 NDISC_ROUTER_ADVERTISEMENT
, &ndopts
);
1398 if (!ipv6_accept_ra(in6_dev
)) {
1400 "RA: %s, accept_ra is false for dev: %s\n",
1401 __func__
, skb
->dev
->name
);
1405 #ifdef CONFIG_IPV6_ROUTE_INFO
1406 if (!in6_dev
->cnf
.accept_ra_from_local
&&
1407 ipv6_chk_addr(dev_net(in6_dev
->dev
), &ipv6_hdr(skb
)->saddr
,
1410 "RA from local address detected on dev: %s: router info ignored.\n",
1412 goto skip_routeinfo
;
1415 if (in6_dev
->cnf
.accept_ra_rtr_pref
&& ndopts
.nd_opts_ri
) {
1416 struct nd_opt_hdr
*p
;
1417 for (p
= ndopts
.nd_opts_ri
;
1419 p
= ndisc_next_option(p
, ndopts
.nd_opts_ri_end
)) {
1420 struct route_info
*ri
= (struct route_info
*)p
;
1421 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1422 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
&&
1423 ri
->prefix_len
== 0)
1426 if (ri
->prefix_len
== 0 &&
1427 !in6_dev
->cnf
.accept_ra_defrtr
)
1429 if (ri
->prefix_len
< in6_dev
->cnf
.accept_ra_rt_info_min_plen
)
1431 if (ri
->prefix_len
> in6_dev
->cnf
.accept_ra_rt_info_max_plen
)
1433 rt6_route_rcv(skb
->dev
, (u8
*)p
, (p
->nd_opt_len
) << 3,
1434 &ipv6_hdr(skb
)->saddr
);
1441 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1442 /* skip link-specific ndopts from interior routers */
1443 if (skb
->ndisc_nodetype
== NDISC_NODETYPE_NODEFAULT
) {
1445 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1446 __func__
, skb
->dev
->name
);
1451 if (in6_dev
->cnf
.accept_ra_pinfo
&& ndopts
.nd_opts_pi
) {
1452 struct nd_opt_hdr
*p
;
1453 for (p
= ndopts
.nd_opts_pi
;
1455 p
= ndisc_next_option(p
, ndopts
.nd_opts_pi_end
)) {
1456 addrconf_prefix_rcv(skb
->dev
, (u8
*)p
,
1457 (p
->nd_opt_len
) << 3,
1458 ndopts
.nd_opts_src_lladdr
!= NULL
);
1462 if (ndopts
.nd_opts_mtu
&& in6_dev
->cnf
.accept_ra_mtu
) {
1466 memcpy(&n
, ((u8
*)(ndopts
.nd_opts_mtu
+1))+2, sizeof(mtu
));
1469 if (mtu
< IPV6_MIN_MTU
|| mtu
> skb
->dev
->mtu
) {
1470 ND_PRINTK(2, warn
, "RA: invalid mtu: %d\n", mtu
);
1471 } else if (in6_dev
->cnf
.mtu6
!= mtu
) {
1472 in6_dev
->cnf
.mtu6
= mtu
;
1475 dst_metric_set(&rt
->dst
, RTAX_MTU
, mtu
);
1477 rt6_mtu_change(skb
->dev
, mtu
);
1481 if (ndopts
.nd_useropts
) {
1482 struct nd_opt_hdr
*p
;
1483 for (p
= ndopts
.nd_useropts
;
1485 p
= ndisc_next_useropt(skb
->dev
, p
,
1486 ndopts
.nd_useropts_end
)) {
1487 ndisc_ra_useropt(skb
, p
);
1491 if (ndopts
.nd_opts_tgt_lladdr
|| ndopts
.nd_opts_rh
) {
1492 ND_PRINTK(2, warn
, "RA: invalid RA options\n");
1497 neigh_release(neigh
);
1500 static void ndisc_redirect_rcv(struct sk_buff
*skb
)
1503 struct ndisc_options ndopts
;
1504 struct rd_msg
*msg
= (struct rd_msg
*)skb_transport_header(skb
);
1505 u32 ndoptlen
= skb_tail_pointer(skb
) - (skb_transport_header(skb
) +
1506 offsetof(struct rd_msg
, opt
));
1508 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1509 switch (skb
->ndisc_nodetype
) {
1510 case NDISC_NODETYPE_HOST
:
1511 case NDISC_NODETYPE_NODEFAULT
:
1513 "Redirect: from host or unauthorized router\n");
1518 if (!(ipv6_addr_type(&ipv6_hdr(skb
)->saddr
) & IPV6_ADDR_LINKLOCAL
)) {
1520 "Redirect: source address is not link-local\n");
1524 if (!ndisc_parse_options(skb
->dev
, msg
->opt
, ndoptlen
, &ndopts
))
1527 if (!ndopts
.nd_opts_rh
) {
1528 ip6_redirect_no_header(skb
, dev_net(skb
->dev
),
1529 skb
->dev
->ifindex
, 0);
1533 hdr
= (u8
*)ndopts
.nd_opts_rh
;
1535 if (!pskb_pull(skb
, hdr
- skb_transport_header(skb
)))
1538 icmpv6_notify(skb
, NDISC_REDIRECT
, 0, 0);
1541 static void ndisc_fill_redirect_hdr_option(struct sk_buff
*skb
,
1542 struct sk_buff
*orig_skb
,
1545 u8
*opt
= skb_put(skb
, rd_len
);
1548 *(opt
++) = ND_OPT_REDIRECT_HDR
;
1549 *(opt
++) = (rd_len
>> 3);
1552 memcpy(opt
, ipv6_hdr(orig_skb
), rd_len
- 8);
1555 void ndisc_send_redirect(struct sk_buff
*skb
, const struct in6_addr
*target
)
1557 struct net_device
*dev
= skb
->dev
;
1558 struct net
*net
= dev_net(dev
);
1559 struct sock
*sk
= net
->ipv6
.ndisc_sk
;
1561 struct inet_peer
*peer
;
1562 struct sk_buff
*buff
;
1564 struct in6_addr saddr_buf
;
1565 struct rt6_info
*rt
;
1566 struct dst_entry
*dst
;
1569 u8 ha_buf
[MAX_ADDR_LEN
], *ha
= NULL
,
1570 ops_data_buf
[NDISC_OPS_REDIRECT_DATA_SPACE
], *ops_data
= NULL
;
1573 if (ipv6_get_lladdr(dev
, &saddr_buf
, IFA_F_TENTATIVE
)) {
1574 ND_PRINTK(2, warn
, "Redirect: no link-local address on %s\n",
1579 if (!ipv6_addr_equal(&ipv6_hdr(skb
)->daddr
, target
) &&
1580 ipv6_addr_type(target
) != (IPV6_ADDR_UNICAST
|IPV6_ADDR_LINKLOCAL
)) {
1582 "Redirect: target address is not link-local unicast\n");
1586 icmpv6_flow_init(sk
, &fl6
, NDISC_REDIRECT
,
1587 &saddr_buf
, &ipv6_hdr(skb
)->saddr
, dev
->ifindex
);
1589 dst
= ip6_route_output(net
, NULL
, &fl6
);
1594 dst
= xfrm_lookup(net
, dst
, flowi6_to_flowi(&fl6
), NULL
, 0);
1598 rt
= (struct rt6_info
*) dst
;
1600 if (rt
->rt6i_flags
& RTF_GATEWAY
) {
1602 "Redirect: destination is not a neighbour\n");
1605 peer
= inet_getpeer_v6(net
->ipv6
.peers
, &ipv6_hdr(skb
)->saddr
, 1);
1606 ret
= inet_peer_xrlim_allow(peer
, 1*HZ
);
1612 if (dev
->addr_len
) {
1613 struct neighbour
*neigh
= dst_neigh_lookup(skb_dst(skb
), target
);
1616 "Redirect: no neigh for target address\n");
1620 read_lock_bh(&neigh
->lock
);
1621 if (neigh
->nud_state
& NUD_VALID
) {
1622 memcpy(ha_buf
, neigh
->ha
, dev
->addr_len
);
1623 read_unlock_bh(&neigh
->lock
);
1625 optlen
+= ndisc_redirect_opt_addr_space(dev
, neigh
,
1629 read_unlock_bh(&neigh
->lock
);
1631 neigh_release(neigh
);
1634 rd_len
= min_t(unsigned int,
1635 IPV6_MIN_MTU
- sizeof(struct ipv6hdr
) - sizeof(*msg
) - optlen
,
1640 buff
= ndisc_alloc_skb(dev
, sizeof(*msg
) + optlen
);
1644 msg
= skb_put(buff
, sizeof(*msg
));
1645 *msg
= (struct rd_msg
) {
1647 .icmp6_type
= NDISC_REDIRECT
,
1650 .dest
= ipv6_hdr(skb
)->daddr
,
1654 * include target_address option
1658 ndisc_fill_redirect_addr_option(buff
, ha
, ops_data
);
1661 * build redirect option and copy skb over to the new packet.
1665 ndisc_fill_redirect_hdr_option(buff
, skb
, rd_len
);
1667 skb_dst_set(buff
, dst
);
1668 ndisc_send_skb(buff
, &ipv6_hdr(skb
)->saddr
, &saddr_buf
);
1675 static void pndisc_redo(struct sk_buff
*skb
)
1681 static bool ndisc_suppress_frag_ndisc(struct sk_buff
*skb
)
1683 struct inet6_dev
*idev
= __in6_dev_get(skb
->dev
);
1687 if (IP6CB(skb
)->flags
& IP6SKB_FRAGMENTED
&&
1688 idev
->cnf
.suppress_frag_ndisc
) {
1689 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1695 int ndisc_rcv(struct sk_buff
*skb
)
1699 if (ndisc_suppress_frag_ndisc(skb
))
1702 if (skb_linearize(skb
))
1705 msg
= (struct nd_msg
*)skb_transport_header(skb
);
1707 __skb_push(skb
, skb
->data
- skb_transport_header(skb
));
1709 if (ipv6_hdr(skb
)->hop_limit
!= 255) {
1710 ND_PRINTK(2, warn
, "NDISC: invalid hop-limit: %d\n",
1711 ipv6_hdr(skb
)->hop_limit
);
1715 if (msg
->icmph
.icmp6_code
!= 0) {
1716 ND_PRINTK(2, warn
, "NDISC: invalid ICMPv6 code: %d\n",
1717 msg
->icmph
.icmp6_code
);
1721 memset(NEIGH_CB(skb
), 0, sizeof(struct neighbour_cb
));
1723 switch (msg
->icmph
.icmp6_type
) {
1724 case NDISC_NEIGHBOUR_SOLICITATION
:
1728 case NDISC_NEIGHBOUR_ADVERTISEMENT
:
1732 case NDISC_ROUTER_SOLICITATION
:
1736 case NDISC_ROUTER_ADVERTISEMENT
:
1737 ndisc_router_discovery(skb
);
1740 case NDISC_REDIRECT
:
1741 ndisc_redirect_rcv(skb
);
1748 static int ndisc_netdev_event(struct notifier_block
*this, unsigned long event
, void *ptr
)
1750 struct net_device
*dev
= netdev_notifier_info_to_dev(ptr
);
1751 struct netdev_notifier_change_info
*change_info
;
1752 struct net
*net
= dev_net(dev
);
1753 struct inet6_dev
*idev
;
1756 case NETDEV_CHANGEADDR
:
1757 neigh_changeaddr(&nd_tbl
, dev
);
1758 fib6_run_gc(0, net
, false);
1761 idev
= in6_dev_get(dev
);
1764 if (idev
->cnf
.ndisc_notify
||
1765 net
->ipv6
.devconf_all
->ndisc_notify
)
1766 ndisc_send_unsol_na(dev
);
1771 if (change_info
->flags_changed
& IFF_NOARP
)
1772 neigh_changeaddr(&nd_tbl
, dev
);
1775 neigh_ifdown(&nd_tbl
, dev
);
1776 fib6_run_gc(0, net
, false);
1778 case NETDEV_NOTIFY_PEERS
:
1779 ndisc_send_unsol_na(dev
);
1788 static struct notifier_block ndisc_netdev_notifier
= {
1789 .notifier_call
= ndisc_netdev_event
,
1790 .priority
= ADDRCONF_NOTIFY_PRIORITY
- 5,
1793 #ifdef CONFIG_SYSCTL
1794 static void ndisc_warn_deprecated_sysctl(struct ctl_table
*ctl
,
1795 const char *func
, const char *dev_name
)
1797 static char warncomm
[TASK_COMM_LEN
];
1799 if (strcmp(warncomm
, current
->comm
) && warned
< 5) {
1800 strcpy(warncomm
, current
->comm
);
1801 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1803 dev_name
, ctl
->procname
,
1804 dev_name
, ctl
->procname
);
1809 int ndisc_ifinfo_sysctl_change(struct ctl_table
*ctl
, int write
, void __user
*buffer
, size_t *lenp
, loff_t
*ppos
)
1811 struct net_device
*dev
= ctl
->extra1
;
1812 struct inet6_dev
*idev
;
1815 if ((strcmp(ctl
->procname
, "retrans_time") == 0) ||
1816 (strcmp(ctl
->procname
, "base_reachable_time") == 0))
1817 ndisc_warn_deprecated_sysctl(ctl
, "syscall", dev
? dev
->name
: "default");
1819 if (strcmp(ctl
->procname
, "retrans_time") == 0)
1820 ret
= neigh_proc_dointvec(ctl
, write
, buffer
, lenp
, ppos
);
1822 else if (strcmp(ctl
->procname
, "base_reachable_time") == 0)
1823 ret
= neigh_proc_dointvec_jiffies(ctl
, write
,
1824 buffer
, lenp
, ppos
);
1826 else if ((strcmp(ctl
->procname
, "retrans_time_ms") == 0) ||
1827 (strcmp(ctl
->procname
, "base_reachable_time_ms") == 0))
1828 ret
= neigh_proc_dointvec_ms_jiffies(ctl
, write
,
1829 buffer
, lenp
, ppos
);
1833 if (write
&& ret
== 0 && dev
&& (idev
= in6_dev_get(dev
)) != NULL
) {
1834 if (ctl
->data
== &NEIGH_VAR(idev
->nd_parms
, BASE_REACHABLE_TIME
))
1835 idev
->nd_parms
->reachable_time
=
1836 neigh_rand_reach_time(NEIGH_VAR(idev
->nd_parms
, BASE_REACHABLE_TIME
));
1837 idev
->tstamp
= jiffies
;
1838 inet6_ifinfo_notify(RTM_NEWLINK
, idev
);
1847 static int __net_init
ndisc_net_init(struct net
*net
)
1849 struct ipv6_pinfo
*np
;
1853 err
= inet_ctl_sock_create(&sk
, PF_INET6
,
1854 SOCK_RAW
, IPPROTO_ICMPV6
, net
);
1857 "NDISC: Failed to initialize the control socket (err %d)\n",
1862 net
->ipv6
.ndisc_sk
= sk
;
1865 np
->hop_limit
= 255;
1866 /* Do not loopback ndisc messages */
1872 static void __net_exit
ndisc_net_exit(struct net
*net
)
1874 inet_ctl_sock_destroy(net
->ipv6
.ndisc_sk
);
1877 static struct pernet_operations ndisc_net_ops
= {
1878 .init
= ndisc_net_init
,
1879 .exit
= ndisc_net_exit
,
1882 int __init
ndisc_init(void)
1886 err
= register_pernet_subsys(&ndisc_net_ops
);
1890 * Initialize the neighbour table
1892 neigh_table_init(NEIGH_ND_TABLE
, &nd_tbl
);
1894 #ifdef CONFIG_SYSCTL
1895 err
= neigh_sysctl_register(NULL
, &nd_tbl
.parms
,
1896 ndisc_ifinfo_sysctl_change
);
1898 goto out_unregister_pernet
;
1903 #ifdef CONFIG_SYSCTL
1904 out_unregister_pernet
:
1905 unregister_pernet_subsys(&ndisc_net_ops
);
1910 int __init
ndisc_late_init(void)
1912 return register_netdevice_notifier(&ndisc_netdev_notifier
);
1915 void ndisc_late_cleanup(void)
1917 unregister_netdevice_notifier(&ndisc_netdev_notifier
);
1920 void ndisc_cleanup(void)
1922 #ifdef CONFIG_SYSCTL
1923 neigh_sysctl_unregister(&nd_tbl
.parms
);
1925 neigh_table_clear(NEIGH_ND_TABLE
, &nd_tbl
);
1926 unregister_pernet_subsys(&ndisc_net_ops
);