search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6
[linux/fpc-iii.git] / net / ipv6 / ndisc.c
blob41a8a5f06602b2a98c36225925765783cb21d075
1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Lars Fenneberg : fixed MTU setting on receipt
19 * of an RA.
20 *
21 * Janos Farkas : kmalloc failure checks
22 * Alexey Kuznetsov : state machine reworked
23 * and moved to net/core.
24 * Pekka Savola : RFC2461 validation
25 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
26 */
27
28 /* Set to 3 to get tracing... */
29 #define ND_DEBUG 1
30
31 #define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
32 #define ND_NOPRINTK(x...) do { ; } while(0)
33 #define ND_PRINTK0 ND_PRINTK
34 #define ND_PRINTK1 ND_NOPRINTK
35 #define ND_PRINTK2 ND_NOPRINTK
36 #define ND_PRINTK3 ND_NOPRINTK
37 #if ND_DEBUG >= 1
38 #undef ND_PRINTK1
39 #define ND_PRINTK1 ND_PRINTK
40 #endif
41 #if ND_DEBUG >= 2
42 #undef ND_PRINTK2
43 #define ND_PRINTK2 ND_PRINTK
44 #endif
45 #if ND_DEBUG >= 3
46 #undef ND_PRINTK3
47 #define ND_PRINTK3 ND_PRINTK
48 #endif
49
50 #include <linux/module.h>
51 #include <linux/errno.h>
52 #include <linux/types.h>
53 #include <linux/socket.h>
54 #include <linux/sockios.h>
55 #include <linux/sched.h>
56 #include <linux/net.h>
57 #include <linux/in6.h>
58 #include <linux/route.h>
59 #include <linux/init.h>
60 #include <linux/rcupdate.h>
61 #ifdef CONFIG_SYSCTL
62 #include <linux/sysctl.h>
63 #endif
64
65 #include <linux/if_addr.h>
66 #include <linux/if_arp.h>
67 #include <linux/ipv6.h>
68 #include <linux/icmpv6.h>
69 #include <linux/jhash.h>
70
71 #include <net/sock.h>
72 #include <net/snmp.h>
73
74 #include <net/ipv6.h>
75 #include <net/protocol.h>
76 #include <net/ndisc.h>
77 #include <net/ip6_route.h>
78 #include <net/addrconf.h>
79 #include <net/icmp.h>
80
81 #include <net/flow.h>
82 #include <net/ip6_checksum.h>
83 #include <linux/proc_fs.h>
84
85 #include <linux/netfilter.h>
86 #include <linux/netfilter_ipv6.h>
87
88 static struct socket *ndisc_socket;
89
90 static u32 ndisc_hash(const void *pkey, const struct net_device *dev);
91 static int ndisc_constructor(struct neighbour *neigh);
92 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
93 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
94 static int pndisc_constructor(struct pneigh_entry *n);
95 static void pndisc_destructor(struct pneigh_entry *n);
96 static void pndisc_redo(struct sk_buff *skb);
97
98 static struct neigh_ops ndisc_generic_ops = {
99 .family = AF_INET6,
100 .solicit = ndisc_solicit,
101 .error_report = ndisc_error_report,
102 .output = neigh_resolve_output,
103 .connected_output = neigh_connected_output,
104 .hh_output = dev_queue_xmit,
105 .queue_xmit = dev_queue_xmit,
106 };
107
108 static struct neigh_ops ndisc_hh_ops = {
109 .family = AF_INET6,
110 .solicit = ndisc_solicit,
111 .error_report = ndisc_error_report,
112 .output = neigh_resolve_output,
113 .connected_output = neigh_resolve_output,
114 .hh_output = dev_queue_xmit,
115 .queue_xmit = dev_queue_xmit,
116 };
117
118
119 static struct neigh_ops ndisc_direct_ops = {
120 .family = AF_INET6,
121 .output = dev_queue_xmit,
122 .connected_output = dev_queue_xmit,
123 .hh_output = dev_queue_xmit,
124 .queue_xmit = dev_queue_xmit,
125 };
126
127 struct neigh_table nd_tbl = {
128 .family = AF_INET6,
129 .entry_size = sizeof(struct neighbour) + sizeof(struct in6_addr),
130 .key_len = sizeof(struct in6_addr),
131 .hash = ndisc_hash,
132 .constructor = ndisc_constructor,
133 .pconstructor = pndisc_constructor,
134 .pdestructor = pndisc_destructor,
135 .proxy_redo = pndisc_redo,
136 .id = "ndisc_cache",
137 .parms = {
138 .tbl = &nd_tbl,
139 .base_reachable_time = 30 * HZ,
140 .retrans_time = 1 * HZ,
141 .gc_staletime = 60 * HZ,
142 .reachable_time = 30 * HZ,
143 .delay_probe_time = 5 * HZ,
144 .queue_len = 3,
145 .ucast_probes = 3,
146 .mcast_probes = 3,
147 .anycast_delay = 1 * HZ,
148 .proxy_delay = (8 * HZ) / 10,
149 .proxy_qlen = 64,
150 },
151 .gc_interval = 30 * HZ,
152 .gc_thresh1 = 128,
153 .gc_thresh2 = 512,
154 .gc_thresh3 = 1024,
155 };
156
157 /* ND options */
158 struct ndisc_options {
159 struct nd_opt_hdr *nd_opt_array[__ND_OPT_ARRAY_MAX];
160 #ifdef CONFIG_IPV6_ROUTE_INFO
161 struct nd_opt_hdr *nd_opts_ri;
162 struct nd_opt_hdr *nd_opts_ri_end;
163 #endif
164 };
165
166 #define nd_opts_src_lladdr nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
167 #define nd_opts_tgt_lladdr nd_opt_array[ND_OPT_TARGET_LL_ADDR]
168 #define nd_opts_pi nd_opt_array[ND_OPT_PREFIX_INFO]
169 #define nd_opts_pi_end nd_opt_array[__ND_OPT_PREFIX_INFO_END]
170 #define nd_opts_rh nd_opt_array[ND_OPT_REDIRECT_HDR]
171 #define nd_opts_mtu nd_opt_array[ND_OPT_MTU]
172
173 #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
174
175 /*
176 * Return the padding between the option length and the start of the
177 * link addr. Currently only IP-over-InfiniBand needs this, although
178 * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
179 * also need a pad of 2.
180 */
181 static int ndisc_addr_option_pad(unsigned short type)
182 {
183 switch (type) {
184 case ARPHRD_INFINIBAND: return 2;
185 default: return 0;
186 }
187 }
188
189 static inline int ndisc_opt_addr_space(struct net_device *dev)
190 {
191 return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
192 }
193
194 static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
195 unsigned short addr_type)
196 {
197 int space = NDISC_OPT_SPACE(data_len);
198 int pad = ndisc_addr_option_pad(addr_type);
199
200 opt[0] = type;
201 opt[1] = space>>3;
202
203 memset(opt + 2, 0, pad);
204 opt += pad;
205 space -= pad;
206
207 memcpy(opt+2, data, data_len);
208 data_len += 2;
209 opt += data_len;
210 if ((space -= data_len) > 0)
211 memset(opt, 0, space);
212 return opt + space;
213 }
214
215 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
216 struct nd_opt_hdr *end)
217 {
218 int type;
219 if (!cur || !end || cur >= end)
220 return NULL;
221 type = cur->nd_opt_type;
222 do {
223 cur = ((void *)cur) + (cur->nd_opt_len << 3);
224 } while(cur < end && cur->nd_opt_type != type);
225 return (cur <= end && cur->nd_opt_type == type ? cur : NULL);
226 }
227
228 static struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
229 struct ndisc_options *ndopts)
230 {
231 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
232
233 if (!nd_opt || opt_len < 0 || !ndopts)
234 return NULL;
235 memset(ndopts, 0, sizeof(*ndopts));
236 while (opt_len) {
237 int l;
238 if (opt_len < sizeof(struct nd_opt_hdr))
239 return NULL;
240 l = nd_opt->nd_opt_len << 3;
241 if (opt_len < l || l == 0)
242 return NULL;
243 switch (nd_opt->nd_opt_type) {
244 case ND_OPT_SOURCE_LL_ADDR:
245 case ND_OPT_TARGET_LL_ADDR:
246 case ND_OPT_MTU:
247 case ND_OPT_REDIRECT_HDR:
248 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
249 ND_PRINTK2(KERN_WARNING
250 "%s(): duplicated ND6 option found: type=%d\n",
251 __FUNCTION__,
252 nd_opt->nd_opt_type);
253 } else {
254 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
255 }
256 break;
257 case ND_OPT_PREFIX_INFO:
258 ndopts->nd_opts_pi_end = nd_opt;
259 if (ndopts->nd_opt_array[nd_opt->nd_opt_type] == 0)
260 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
261 break;
262 #ifdef CONFIG_IPV6_ROUTE_INFO
263 case ND_OPT_ROUTE_INFO:
264 ndopts->nd_opts_ri_end = nd_opt;
265 if (!ndopts->nd_opts_ri)
266 ndopts->nd_opts_ri = nd_opt;
267 break;
268 #endif
269 default:
270 /*
271 * Unknown options must be silently ignored,
272 * to accommodate future extension to the protocol.
273 */
274 ND_PRINTK2(KERN_NOTICE
275 "%s(): ignored unsupported option; type=%d, len=%d\n",
276 __FUNCTION__,
277 nd_opt->nd_opt_type, nd_opt->nd_opt_len);
278 }
279 opt_len -= l;
280 nd_opt = ((void *)nd_opt) + l;
281 }
282 return ndopts;
283 }
284
285 static inline u8 *ndisc_opt_addr_data(struct nd_opt_hdr *p,
286 struct net_device *dev)
287 {
288 u8 *lladdr = (u8 *)(p + 1);
289 int lladdrlen = p->nd_opt_len << 3;
290 int prepad = ndisc_addr_option_pad(dev->type);
291 if (lladdrlen != NDISC_OPT_SPACE(dev->addr_len + prepad))
292 return NULL;
293 return (lladdr + prepad);
294 }
295
296 int ndisc_mc_map(struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
297 {
298 switch (dev->type) {
299 case ARPHRD_ETHER:
300 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
301 case ARPHRD_FDDI:
302 ipv6_eth_mc_map(addr, buf);
303 return 0;
304 case ARPHRD_IEEE802_TR:
305 ipv6_tr_mc_map(addr,buf);
306 return 0;
307 case ARPHRD_ARCNET:
308 ipv6_arcnet_mc_map(addr, buf);
309 return 0;
310 case ARPHRD_INFINIBAND:
311 ipv6_ib_mc_map(addr, buf);
312 return 0;
313 default:
314 if (dir) {
315 memcpy(buf, dev->broadcast, dev->addr_len);
316 return 0;
317 }
318 }
319 return -EINVAL;
320 }
321
322 static u32 ndisc_hash(const void *pkey, const struct net_device *dev)
323 {
324 const u32 *p32 = pkey;
325 u32 addr_hash, i;
326
327 addr_hash = 0;
328 for (i = 0; i < (sizeof(struct in6_addr) / sizeof(u32)); i++)
329 addr_hash ^= *p32++;
330
331 return jhash_2words(addr_hash, dev->ifindex, nd_tbl.hash_rnd);
332 }
333
334 static int ndisc_constructor(struct neighbour *neigh)
335 {
336 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
337 struct net_device *dev = neigh->dev;
338 struct inet6_dev *in6_dev;
339 struct neigh_parms *parms;
340 int is_multicast = ipv6_addr_is_multicast(addr);
341
342 rcu_read_lock();
343 in6_dev = in6_dev_get(dev);
344 if (in6_dev == NULL) {
345 rcu_read_unlock();
346 return -EINVAL;
347 }
348
349 parms = in6_dev->nd_parms;
350 __neigh_parms_put(neigh->parms);
351 neigh->parms = neigh_parms_clone(parms);
352 rcu_read_unlock();
353
354 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
355 if (dev->hard_header == NULL) {
356 neigh->nud_state = NUD_NOARP;
357 neigh->ops = &ndisc_direct_ops;
358 neigh->output = neigh->ops->queue_xmit;
359 } else {
360 if (is_multicast) {
361 neigh->nud_state = NUD_NOARP;
362 ndisc_mc_map(addr, neigh->ha, dev, 1);
363 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
364 neigh->nud_state = NUD_NOARP;
365 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
366 if (dev->flags&IFF_LOOPBACK)
367 neigh->type = RTN_LOCAL;
368 } else if (dev->flags&IFF_POINTOPOINT) {
369 neigh->nud_state = NUD_NOARP;
370 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
371 }
372 if (dev->hard_header_cache)
373 neigh->ops = &ndisc_hh_ops;
374 else
375 neigh->ops = &ndisc_generic_ops;
376 if (neigh->nud_state&NUD_VALID)
377 neigh->output = neigh->ops->connected_output;
378 else
379 neigh->output = neigh->ops->output;
380 }
381 in6_dev_put(in6_dev);
382 return 0;
383 }
384
385 static int pndisc_constructor(struct pneigh_entry *n)
386 {
387 struct in6_addr *addr = (struct in6_addr*)&n->key;
388 struct in6_addr maddr;
389 struct net_device *dev = n->dev;
390
391 if (dev == NULL || __in6_dev_get(dev) == NULL)
392 return -EINVAL;
393 addrconf_addr_solict_mult(addr, &maddr);
394 ipv6_dev_mc_inc(dev, &maddr);
395 return 0;
396 }
397
398 static void pndisc_destructor(struct pneigh_entry *n)
399 {
400 struct in6_addr *addr = (struct in6_addr*)&n->key;
401 struct in6_addr maddr;
402 struct net_device *dev = n->dev;
403
404 if (dev == NULL || __in6_dev_get(dev) == NULL)
405 return;
406 addrconf_addr_solict_mult(addr, &maddr);
407 ipv6_dev_mc_dec(dev, &maddr);
408 }
409
410 /*
411 * Send a Neighbour Advertisement
412 */
413
414 static inline void ndisc_flow_init(struct flowi *fl, u8 type,
415 struct in6_addr *saddr, struct in6_addr *daddr,
416 int oif)
417 {
418 memset(fl, 0, sizeof(*fl));
419 ipv6_addr_copy(&fl->fl6_src, saddr);
420 ipv6_addr_copy(&fl->fl6_dst, daddr);
421 fl->proto = IPPROTO_ICMPV6;
422 fl->fl_icmp_type = type;
423 fl->fl_icmp_code = 0;
424 fl->oif = oif;
425 security_sk_classify_flow(ndisc_socket->sk, fl);
426 }
427
428 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
429 struct in6_addr *daddr, struct in6_addr *solicited_addr,
430 int router, int solicited, int override, int inc_opt)
431 {
432 struct in6_addr tmpaddr;
433 struct inet6_ifaddr *ifp;
434 struct inet6_dev *idev;
435 struct flowi fl;
436 struct dst_entry* dst;
437 struct sock *sk = ndisc_socket->sk;
438 struct in6_addr *src_addr;
439 struct nd_msg *msg;
440 int len;
441 struct sk_buff *skb;
442 int err;
443
444 len = sizeof(struct icmp6hdr) + sizeof(struct in6_addr);
445
446 /* for anycast or proxy, solicited_addr != src_addr */
447 ifp = ipv6_get_ifaddr(solicited_addr, dev, 1);
448 if (ifp) {
449 src_addr = solicited_addr;
450 in6_ifa_put(ifp);
451 } else {
452 if (ipv6_dev_get_saddr(dev, daddr, &tmpaddr))
453 return;
454 src_addr = &tmpaddr;
455 }
456
457 ndisc_flow_init(&fl, NDISC_NEIGHBOUR_ADVERTISEMENT, src_addr, daddr,
458 dev->ifindex);
459
460 dst = ndisc_dst_alloc(dev, neigh, daddr, ip6_output);
461 if (!dst)
462 return;
463
464 err = xfrm_lookup(&dst, &fl, NULL, 0);
465 if (err < 0)
466 return;
467
468 if (inc_opt) {
469 if (dev->addr_len)
470 len += ndisc_opt_addr_space(dev);
471 else
472 inc_opt = 0;
473 }
474
475 skb = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
476 1, &err);
477
478 if (skb == NULL) {
479 ND_PRINTK0(KERN_ERR
480 "ICMPv6 NA: %s() failed to allocate an skb.\n",
481 __FUNCTION__);
482 dst_release(dst);
483 return;
484 }
485
486 skb_reserve(skb, LL_RESERVED_SPACE(dev));
487 ip6_nd_hdr(sk, skb, dev, src_addr, daddr, IPPROTO_ICMPV6, len);
488
489 msg = (struct nd_msg *)skb_put(skb, len);
490 skb->h.raw = (unsigned char*)msg;
491
492 msg->icmph.icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT;
493 msg->icmph.icmp6_code = 0;
494 msg->icmph.icmp6_cksum = 0;
495
496 msg->icmph.icmp6_unused = 0;
497 msg->icmph.icmp6_router = router;
498 msg->icmph.icmp6_solicited = solicited;
499 msg->icmph.icmp6_override = override;
500
501 /* Set the target address. */
502 ipv6_addr_copy(&msg->target, solicited_addr);
503
504 if (inc_opt)
505 ndisc_fill_addr_option(msg->opt, ND_OPT_TARGET_LL_ADDR, dev->dev_addr,
506 dev->addr_len, dev->type);
507
508 /* checksum */
509 msg->icmph.icmp6_cksum = csum_ipv6_magic(src_addr, daddr, len,
510 IPPROTO_ICMPV6,
511 csum_partial((__u8 *) msg,
512 len, 0));
513
514 skb->dst = dst;
515 idev = in6_dev_get(dst->dev);
516 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
517 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, dst_output);
518 if (!err) {
519 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTNEIGHBORADVERTISEMENTS);
520 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
521 }
522
523 if (likely(idev != NULL))
524 in6_dev_put(idev);
525 }
526
527 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
528 struct in6_addr *solicit,
529 struct in6_addr *daddr, struct in6_addr *saddr)
530 {
531 struct flowi fl;
532 struct dst_entry* dst;
533 struct inet6_dev *idev;
534 struct sock *sk = ndisc_socket->sk;
535 struct sk_buff *skb;
536 struct nd_msg *msg;
537 struct in6_addr addr_buf;
538 int len;
539 int err;
540 int send_llinfo;
541
542 if (saddr == NULL) {
543 if (ipv6_get_lladdr(dev, &addr_buf))
544 return;
545 saddr = &addr_buf;
546 }
547
548 ndisc_flow_init(&fl, NDISC_NEIGHBOUR_SOLICITATION, saddr, daddr,
549 dev->ifindex);
550
551 dst = ndisc_dst_alloc(dev, neigh, daddr, ip6_output);
552 if (!dst)
553 return;
554
555 err = xfrm_lookup(&dst, &fl, NULL, 0);
556 if (err < 0)
557 return;
558
559 len = sizeof(struct icmp6hdr) + sizeof(struct in6_addr);
560 send_llinfo = dev->addr_len && !ipv6_addr_any(saddr);
561 if (send_llinfo)
562 len += ndisc_opt_addr_space(dev);
563
564 skb = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
565 1, &err);
566 if (skb == NULL) {
567 ND_PRINTK0(KERN_ERR
568 "ICMPv6 NA: %s() failed to allocate an skb.\n",
569 __FUNCTION__);
570 dst_release(dst);
571 return;
572 }
573
574 skb_reserve(skb, LL_RESERVED_SPACE(dev));
575 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
576
577 msg = (struct nd_msg *)skb_put(skb, len);
578 skb->h.raw = (unsigned char*)msg;
579 msg->icmph.icmp6_type = NDISC_NEIGHBOUR_SOLICITATION;
580 msg->icmph.icmp6_code = 0;
581 msg->icmph.icmp6_cksum = 0;
582 msg->icmph.icmp6_unused = 0;
583
584 /* Set the target address. */
585 ipv6_addr_copy(&msg->target, solicit);
586
587 if (send_llinfo)
588 ndisc_fill_addr_option(msg->opt, ND_OPT_SOURCE_LL_ADDR, dev->dev_addr,
589 dev->addr_len, dev->type);
590
591 /* checksum */
592 msg->icmph.icmp6_cksum = csum_ipv6_magic(&skb->nh.ipv6h->saddr,
593 daddr, len,
594 IPPROTO_ICMPV6,
595 csum_partial((__u8 *) msg,
596 len, 0));
597 /* send it! */
598 skb->dst = dst;
599 idev = in6_dev_get(dst->dev);
600 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
601 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, dst_output);
602 if (!err) {
603 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTNEIGHBORSOLICITS);
604 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
605 }
606
607 if (likely(idev != NULL))
608 in6_dev_put(idev);
609 }
610
611 void ndisc_send_rs(struct net_device *dev, struct in6_addr *saddr,
612 struct in6_addr *daddr)
613 {
614 struct flowi fl;
615 struct dst_entry* dst;
616 struct inet6_dev *idev;
617 struct sock *sk = ndisc_socket->sk;
618 struct sk_buff *skb;
619 struct icmp6hdr *hdr;
620 __u8 * opt;
621 int len;
622 int err;
623
624 ndisc_flow_init(&fl, NDISC_ROUTER_SOLICITATION, saddr, daddr,
625 dev->ifindex);
626
627 dst = ndisc_dst_alloc(dev, NULL, daddr, ip6_output);
628 if (!dst)
629 return;
630
631 err = xfrm_lookup(&dst, &fl, NULL, 0);
632 if (err < 0)
633 return;
634
635 len = sizeof(struct icmp6hdr);
636 if (dev->addr_len)
637 len += ndisc_opt_addr_space(dev);
638
639 skb = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
640 1, &err);
641 if (skb == NULL) {
642 ND_PRINTK0(KERN_ERR
643 "ICMPv6 RS: %s() failed to allocate an skb.\n",
644 __FUNCTION__);
645 dst_release(dst);
646 return;
647 }
648
649 skb_reserve(skb, LL_RESERVED_SPACE(dev));
650 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
651
652 hdr = (struct icmp6hdr *)skb_put(skb, len);
653 skb->h.raw = (unsigned char*)hdr;
654 hdr->icmp6_type = NDISC_ROUTER_SOLICITATION;
655 hdr->icmp6_code = 0;
656 hdr->icmp6_cksum = 0;
657 hdr->icmp6_unused = 0;
658
659 opt = (u8*) (hdr + 1);
660
661 if (dev->addr_len)
662 ndisc_fill_addr_option(opt, ND_OPT_SOURCE_LL_ADDR, dev->dev_addr,
663 dev->addr_len, dev->type);
664
665 /* checksum */
666 hdr->icmp6_cksum = csum_ipv6_magic(&skb->nh.ipv6h->saddr, daddr, len,
667 IPPROTO_ICMPV6,
668 csum_partial((__u8 *) hdr, len, 0));
669
670 /* send it! */
671 skb->dst = dst;
672 idev = in6_dev_get(dst->dev);
673 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
674 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, dst_output);
675 if (!err) {
676 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTROUTERSOLICITS);
677 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
678 }
679
680 if (likely(idev != NULL))
681 in6_dev_put(idev);
682 }
683
684
685 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
686 {
687 /*
688 * "The sender MUST return an ICMP
689 * destination unreachable"
690 */
691 dst_link_failure(skb);
692 kfree_skb(skb);
693 }
694
695 /* Called with locked neigh: either read or both */
696
697 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
698 {
699 struct in6_addr *saddr = NULL;
700 struct in6_addr mcaddr;
701 struct net_device *dev = neigh->dev;
702 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
703 int probes = atomic_read(&neigh->probes);
704
705 if (skb && ipv6_chk_addr(&skb->nh.ipv6h->saddr, dev, 1))
706 saddr = &skb->nh.ipv6h->saddr;
707
708 if ((probes -= neigh->parms->ucast_probes) < 0) {
709 if (!(neigh->nud_state & NUD_VALID)) {
710 ND_PRINTK1(KERN_DEBUG
711 "%s(): trying to ucast probe in NUD_INVALID: "
712 NIP6_FMT "\n",
713 __FUNCTION__,
714 NIP6(*target));
715 }
716 ndisc_send_ns(dev, neigh, target, target, saddr);
717 } else if ((probes -= neigh->parms->app_probes) < 0) {
718 #ifdef CONFIG_ARPD
719 neigh_app_ns(neigh);
720 #endif
721 } else {
722 addrconf_addr_solict_mult(target, &mcaddr);
723 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
724 }
725 }
726
727 static void ndisc_recv_ns(struct sk_buff *skb)
728 {
729 struct nd_msg *msg = (struct nd_msg *)skb->h.raw;
730 struct in6_addr *saddr = &skb->nh.ipv6h->saddr;
731 struct in6_addr *daddr = &skb->nh.ipv6h->daddr;
732 u8 *lladdr = NULL;
733 u32 ndoptlen = skb->tail - msg->opt;
734 struct ndisc_options ndopts;
735 struct net_device *dev = skb->dev;
736 struct inet6_ifaddr *ifp;
737 struct inet6_dev *idev = NULL;
738 struct neighbour *neigh;
739 struct pneigh_entry *pneigh = NULL;
740 int dad = ipv6_addr_any(saddr);
741 int inc;
742 int is_router;
743
744 if (ipv6_addr_is_multicast(&msg->target)) {
745 ND_PRINTK2(KERN_WARNING
746 "ICMPv6 NS: multicast target address");
747 return;
748 }
749
750 /*
751 * RFC2461 7.1.1:
752 * DAD has to be destined for solicited node multicast address.
753 */
754 if (dad &&
755 !(daddr->s6_addr32[0] == htonl(0xff020000) &&
756 daddr->s6_addr32[1] == htonl(0x00000000) &&
757 daddr->s6_addr32[2] == htonl(0x00000001) &&
758 daddr->s6_addr [12] == 0xff )) {
759 ND_PRINTK2(KERN_WARNING
760 "ICMPv6 NS: bad DAD packet (wrong destination)\n");
761 return;
762 }
763
764 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
765 ND_PRINTK2(KERN_WARNING
766 "ICMPv6 NS: invalid ND options\n");
767 return;
768 }
769
770 if (ndopts.nd_opts_src_lladdr) {
771 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
772 if (!lladdr) {
773 ND_PRINTK2(KERN_WARNING
774 "ICMPv6 NS: invalid link-layer address length\n");
775 return;
776 }
777
778 /* RFC2461 7.1.1:
779 * If the IP source address is the unspecified address,
780 * there MUST NOT be source link-layer address option
781 * in the message.
782 */
783 if (dad) {
784 ND_PRINTK2(KERN_WARNING
785 "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
786 return;
787 }
788 }
789
790 inc = ipv6_addr_is_multicast(daddr);
791
792 if ((ifp = ipv6_get_ifaddr(&msg->target, dev, 1)) != NULL) {
793 if (ifp->flags & IFA_F_TENTATIVE) {
794 /* Address is tentative. If the source
795 is unspecified address, it is someone
796 does DAD, otherwise we ignore solicitations
797 until DAD timer expires.
798 */
799 if (!dad)
800 goto out;
801 if (dev->type == ARPHRD_IEEE802_TR) {
802 unsigned char *sadr = skb->mac.raw;
803 if (((sadr[8] ^ dev->dev_addr[0]) & 0x7f) == 0 &&
804 sadr[9] == dev->dev_addr[1] &&
805 sadr[10] == dev->dev_addr[2] &&
806 sadr[11] == dev->dev_addr[3] &&
807 sadr[12] == dev->dev_addr[4] &&
808 sadr[13] == dev->dev_addr[5]) {
809 /* looped-back to us */
810 goto out;
811 }
812 }
813 addrconf_dad_failure(ifp);
814 return;
815 }
816
817 idev = ifp->idev;
818 } else {
819 idev = in6_dev_get(dev);
820 if (!idev) {
821 /* XXX: count this drop? */
822 return;
823 }
824
825 if (ipv6_chk_acast_addr(dev, &msg->target) ||
826 (idev->cnf.forwarding &&
827 (ipv6_devconf.proxy_ndp || idev->cnf.proxy_ndp) &&
828 (pneigh = pneigh_lookup(&nd_tbl,
829 &msg->target, dev, 0)) != NULL)) {
830 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
831 skb->pkt_type != PACKET_HOST &&
832 inc != 0 &&
833 idev->nd_parms->proxy_delay != 0) {
834 /*
835 * for anycast or proxy,
836 * sender should delay its response
837 * by a random time between 0 and
838 * MAX_ANYCAST_DELAY_TIME seconds.
839 * (RFC2461) -- yoshfuji
840 */
841 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
842 if (n)
843 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
844 goto out;
845 }
846 } else
847 goto out;
848 }
849
850 is_router = !!(pneigh ? pneigh->flags & NTF_ROUTER : idev->cnf.forwarding);
851
852 if (dad) {
853 struct in6_addr maddr;
854
855 ipv6_addr_all_nodes(&maddr);
856 ndisc_send_na(dev, NULL, &maddr, &msg->target,
857 is_router, 0, (ifp != NULL), 1);
858 goto out;
859 }
860
861 if (inc)
862 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
863 else
864 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
865
866 /*
867 * update / create cache entry
868 * for the source address
869 */
870 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
871 !inc || lladdr || !dev->addr_len);
872 if (neigh)
873 neigh_update(neigh, lladdr, NUD_STALE,
874 NEIGH_UPDATE_F_WEAK_OVERRIDE|
875 NEIGH_UPDATE_F_OVERRIDE);
876 if (neigh || !dev->hard_header) {
877 ndisc_send_na(dev, neigh, saddr, &msg->target,
878 is_router,
879 1, (ifp != NULL && inc), inc);
880 if (neigh)
881 neigh_release(neigh);
882 }
883
884 out:
885 if (ifp)
886 in6_ifa_put(ifp);
887 else
888 in6_dev_put(idev);
889
890 return;
891 }
892
893 static void ndisc_recv_na(struct sk_buff *skb)
894 {
895 struct nd_msg *msg = (struct nd_msg *)skb->h.raw;
896 struct in6_addr *saddr = &skb->nh.ipv6h->saddr;
897 struct in6_addr *daddr = &skb->nh.ipv6h->daddr;
898 u8 *lladdr = NULL;
899 u32 ndoptlen = skb->tail - msg->opt;
900 struct ndisc_options ndopts;
901 struct net_device *dev = skb->dev;
902 struct inet6_ifaddr *ifp;
903 struct neighbour *neigh;
904
905 if (skb->len < sizeof(struct nd_msg)) {
906 ND_PRINTK2(KERN_WARNING
907 "ICMPv6 NA: packet too short\n");
908 return;
909 }
910
911 if (ipv6_addr_is_multicast(&msg->target)) {
912 ND_PRINTK2(KERN_WARNING
913 "ICMPv6 NA: target address is multicast.\n");
914 return;
915 }
916
917 if (ipv6_addr_is_multicast(daddr) &&
918 msg->icmph.icmp6_solicited) {
919 ND_PRINTK2(KERN_WARNING
920 "ICMPv6 NA: solicited NA is multicasted.\n");
921 return;
922 }
923
924 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
925 ND_PRINTK2(KERN_WARNING
926 "ICMPv6 NS: invalid ND option\n");
927 return;
928 }
929 if (ndopts.nd_opts_tgt_lladdr) {
930 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
931 if (!lladdr) {
932 ND_PRINTK2(KERN_WARNING
933 "ICMPv6 NA: invalid link-layer address length\n");
934 return;
935 }
936 }
937 if ((ifp = ipv6_get_ifaddr(&msg->target, dev, 1))) {
938 if (ifp->flags & IFA_F_TENTATIVE) {
939 addrconf_dad_failure(ifp);
940 return;
941 }
942 /* What should we make now? The advertisement
943 is invalid, but ndisc specs say nothing
944 about it. It could be misconfiguration, or
945 an smart proxy agent tries to help us :-)
946 */
947 ND_PRINTK1(KERN_WARNING
948 "ICMPv6 NA: someone advertises our address on %s!\n",
949 ifp->idev->dev->name);
950 in6_ifa_put(ifp);
951 return;
952 }
953 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
954
955 if (neigh) {
956 u8 old_flags = neigh->flags;
957
958 if (neigh->nud_state & NUD_FAILED)
959 goto out;
960
961 /*
962 * Don't update the neighbor cache entry on a proxy NA from
963 * ourselves because either the proxied node is off link or it
964 * has already sent a NA to us.
965 */
966 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
967 ipv6_devconf.forwarding && ipv6_devconf.proxy_ndp &&
968 pneigh_lookup(&nd_tbl, &msg->target, dev, 0)) {
969 /* XXX: idev->cnf.prixy_ndp */
970 goto out;
971 }
972
973 neigh_update(neigh, lladdr,
974 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
975 NEIGH_UPDATE_F_WEAK_OVERRIDE|
976 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
977 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
978 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
979
980 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
981 /*
982 * Change: router to host
983 */
984 struct rt6_info *rt;
985 rt = rt6_get_dflt_router(saddr, dev);
986 if (rt)
987 ip6_del_rt(rt);
988 }
989
990 out:
991 neigh_release(neigh);
992 }
993 }
994
995 static void ndisc_recv_rs(struct sk_buff *skb)
996 {
997 struct rs_msg *rs_msg = (struct rs_msg *) skb->h.raw;
998 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
999 struct neighbour *neigh;
1000 struct inet6_dev *idev;
1001 struct in6_addr *saddr = &skb->nh.ipv6h->saddr;
1002 struct ndisc_options ndopts;
1003 u8 *lladdr = NULL;
1004
1005 if (skb->len < sizeof(*rs_msg))
1006 return;
1007
1008 idev = in6_dev_get(skb->dev);
1009 if (!idev) {
1010 if (net_ratelimit())
1011 ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
1012 return;
1013 }
1014
1015 /* Don't accept RS if we're not in router mode */
1016 if (!idev->cnf.forwarding)
1017 goto out;
1018
1019 /*
1020 * Don't update NCE if src = ::;
1021 * this implies that the source node has no ip address assigned yet.
1022 */
1023 if (ipv6_addr_any(saddr))
1024 goto out;
1025
1026 /* Parse ND options */
1027 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
1028 if (net_ratelimit())
1029 ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
1030 goto out;
1031 }
1032
1033 if (ndopts.nd_opts_src_lladdr) {
1034 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1035 skb->dev);
1036 if (!lladdr)
1037 goto out;
1038 }
1039
1040 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1041 if (neigh) {
1042 neigh_update(neigh, lladdr, NUD_STALE,
1043 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1044 NEIGH_UPDATE_F_OVERRIDE|
1045 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1046 neigh_release(neigh);
1047 }
1048 out:
1049 in6_dev_put(idev);
1050 }
1051
1052 static void ndisc_router_discovery(struct sk_buff *skb)
1053 {
1054 struct ra_msg *ra_msg = (struct ra_msg *) skb->h.raw;
1055 struct neighbour *neigh = NULL;
1056 struct inet6_dev *in6_dev;
1057 struct rt6_info *rt = NULL;
1058 int lifetime;
1059 struct ndisc_options ndopts;
1060 int optlen;
1061 unsigned int pref = 0;
1062
1063 __u8 * opt = (__u8 *)(ra_msg + 1);
1064
1065 optlen = (skb->tail - skb->h.raw) - sizeof(struct ra_msg);
1066
1067 if (!(ipv6_addr_type(&skb->nh.ipv6h->saddr) & IPV6_ADDR_LINKLOCAL)) {
1068 ND_PRINTK2(KERN_WARNING
1069 "ICMPv6 RA: source address is not link-local.\n");
1070 return;
1071 }
1072 if (optlen < 0) {
1073 ND_PRINTK2(KERN_WARNING
1074 "ICMPv6 RA: packet too short\n");
1075 return;
1076 }
1077
1078 /*
1079 * set the RA_RECV flag in the interface
1080 */
1081
1082 in6_dev = in6_dev_get(skb->dev);
1083 if (in6_dev == NULL) {
1084 ND_PRINTK0(KERN_ERR
1085 "ICMPv6 RA: can't find inet6 device for %s.\n",
1086 skb->dev->name);
1087 return;
1088 }
1089 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_ra) {
1090 in6_dev_put(in6_dev);
1091 return;
1092 }
1093
1094 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1095 in6_dev_put(in6_dev);
1096 ND_PRINTK2(KERN_WARNING
1097 "ICMP6 RA: invalid ND options\n");
1098 return;
1099 }
1100
1101 if (in6_dev->if_flags & IF_RS_SENT) {
1102 /*
1103 * flag that an RA was received after an RS was sent
1104 * out on this interface.
1105 */
1106 in6_dev->if_flags |= IF_RA_RCVD;
1107 }
1108
1109 /*
1110 * Remember the managed/otherconf flags from most recently
1111 * received RA message (RFC 2462) -- yoshfuji
1112 */
1113 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1114 IF_RA_OTHERCONF)) |
1115 (ra_msg->icmph.icmp6_addrconf_managed ?
1116 IF_RA_MANAGED : 0) |
1117 (ra_msg->icmph.icmp6_addrconf_other ?
1118 IF_RA_OTHERCONF : 0);
1119
1120 if (!in6_dev->cnf.accept_ra_defrtr)
1121 goto skip_defrtr;
1122
1123 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1124
1125 #ifdef CONFIG_IPV6_ROUTER_PREF
1126 pref = ra_msg->icmph.icmp6_router_pref;
1127 /* 10b is handled as if it were 00b (medium) */
1128 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1129 in6_dev->cnf.accept_ra_rtr_pref)
1130 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1131 #endif
1132
1133 rt = rt6_get_dflt_router(&skb->nh.ipv6h->saddr, skb->dev);
1134
1135 if (rt)
1136 neigh = rt->rt6i_nexthop;
1137
1138 if (rt && lifetime == 0) {
1139 neigh_clone(neigh);
1140 ip6_del_rt(rt);
1141 rt = NULL;
1142 }
1143
1144 if (rt == NULL && lifetime) {
1145 ND_PRINTK3(KERN_DEBUG
1146 "ICMPv6 RA: adding default router.\n");
1147
1148 rt = rt6_add_dflt_router(&skb->nh.ipv6h->saddr, skb->dev, pref);
1149 if (rt == NULL) {
1150 ND_PRINTK0(KERN_ERR
1151 "ICMPv6 RA: %s() failed to add default route.\n",
1152 __FUNCTION__);
1153 in6_dev_put(in6_dev);
1154 return;
1155 }
1156
1157 neigh = rt->rt6i_nexthop;
1158 if (neigh == NULL) {
1159 ND_PRINTK0(KERN_ERR
1160 "ICMPv6 RA: %s() got default router without neighbour.\n",
1161 __FUNCTION__);
1162 dst_release(&rt->u.dst);
1163 in6_dev_put(in6_dev);
1164 return;
1165 }
1166 neigh->flags |= NTF_ROUTER;
1167 } else if (rt) {
1168 rt->rt6i_flags |= (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1169 }
1170
1171 if (rt)
1172 rt->rt6i_expires = jiffies + (HZ * lifetime);
1173
1174 if (ra_msg->icmph.icmp6_hop_limit) {
1175 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1176 if (rt)
1177 rt->u.dst.metrics[RTAX_HOPLIMIT-1] = ra_msg->icmph.icmp6_hop_limit;
1178 }
1179
1180 skip_defrtr:
1181
1182 /*
1183 * Update Reachable Time and Retrans Timer
1184 */
1185
1186 if (in6_dev->nd_parms) {
1187 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1188
1189 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1190 rtime = (rtime*HZ)/1000;
1191 if (rtime < HZ/10)
1192 rtime = HZ/10;
1193 in6_dev->nd_parms->retrans_time = rtime;
1194 in6_dev->tstamp = jiffies;
1195 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1196 }
1197
1198 rtime = ntohl(ra_msg->reachable_time);
1199 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1200 rtime = (rtime*HZ)/1000;
1201
1202 if (rtime < HZ/10)
1203 rtime = HZ/10;
1204
1205 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1206 in6_dev->nd_parms->base_reachable_time = rtime;
1207 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1208 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1209 in6_dev->tstamp = jiffies;
1210 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1211 }
1212 }
1213 }
1214
1215 /*
1216 * Process options.
1217 */
1218
1219 if (!neigh)
1220 neigh = __neigh_lookup(&nd_tbl, &skb->nh.ipv6h->saddr,
1221 skb->dev, 1);
1222 if (neigh) {
1223 u8 *lladdr = NULL;
1224 if (ndopts.nd_opts_src_lladdr) {
1225 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1226 skb->dev);
1227 if (!lladdr) {
1228 ND_PRINTK2(KERN_WARNING
1229 "ICMPv6 RA: invalid link-layer address length\n");
1230 goto out;
1231 }
1232 }
1233 neigh_update(neigh, lladdr, NUD_STALE,
1234 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1235 NEIGH_UPDATE_F_OVERRIDE|
1236 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1237 NEIGH_UPDATE_F_ISROUTER);
1238 }
1239
1240 #ifdef CONFIG_IPV6_ROUTE_INFO
1241 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1242 struct nd_opt_hdr *p;
1243 for (p = ndopts.nd_opts_ri;
1244 p;
1245 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1246 if (((struct route_info *)p)->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1247 continue;
1248 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1249 &skb->nh.ipv6h->saddr);
1250 }
1251 }
1252 #endif
1253
1254 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1255 struct nd_opt_hdr *p;
1256 for (p = ndopts.nd_opts_pi;
1257 p;
1258 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1259 addrconf_prefix_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3);
1260 }
1261 }
1262
1263 if (ndopts.nd_opts_mtu) {
1264 u32 mtu;
1265
1266 memcpy(&mtu, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1267 mtu = ntohl(mtu);
1268
1269 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1270 ND_PRINTK2(KERN_WARNING
1271 "ICMPv6 RA: invalid mtu: %d\n",
1272 mtu);
1273 } else if (in6_dev->cnf.mtu6 != mtu) {
1274 in6_dev->cnf.mtu6 = mtu;
1275
1276 if (rt)
1277 rt->u.dst.metrics[RTAX_MTU-1] = mtu;
1278
1279 rt6_mtu_change(skb->dev, mtu);
1280 }
1281 }
1282
1283 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1284 ND_PRINTK2(KERN_WARNING
1285 "ICMPv6 RA: invalid RA options");
1286 }
1287 out:
1288 if (rt)
1289 dst_release(&rt->u.dst);
1290 else if (neigh)
1291 neigh_release(neigh);
1292 in6_dev_put(in6_dev);
1293 }
1294
1295 static void ndisc_redirect_rcv(struct sk_buff *skb)
1296 {
1297 struct inet6_dev *in6_dev;
1298 struct icmp6hdr *icmph;
1299 struct in6_addr *dest;
1300 struct in6_addr *target; /* new first hop to destination */
1301 struct neighbour *neigh;
1302 int on_link = 0;
1303 struct ndisc_options ndopts;
1304 int optlen;
1305 u8 *lladdr = NULL;
1306
1307 if (!(ipv6_addr_type(&skb->nh.ipv6h->saddr) & IPV6_ADDR_LINKLOCAL)) {
1308 ND_PRINTK2(KERN_WARNING
1309 "ICMPv6 Redirect: source address is not link-local.\n");
1310 return;
1311 }
1312
1313 optlen = skb->tail - skb->h.raw;
1314 optlen -= sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1315
1316 if (optlen < 0) {
1317 ND_PRINTK2(KERN_WARNING
1318 "ICMPv6 Redirect: packet too short\n");
1319 return;
1320 }
1321
1322 icmph = (struct icmp6hdr *) skb->h.raw;
1323 target = (struct in6_addr *) (icmph + 1);
1324 dest = target + 1;
1325
1326 if (ipv6_addr_is_multicast(dest)) {
1327 ND_PRINTK2(KERN_WARNING
1328 "ICMPv6 Redirect: destination address is multicast.\n");
1329 return;
1330 }
1331
1332 if (ipv6_addr_equal(dest, target)) {
1333 on_link = 1;
1334 } else if (!(ipv6_addr_type(target) & IPV6_ADDR_LINKLOCAL)) {
1335 ND_PRINTK2(KERN_WARNING
1336 "ICMPv6 Redirect: target address is not link-local.\n");
1337 return;
1338 }
1339
1340 in6_dev = in6_dev_get(skb->dev);
1341 if (!in6_dev)
1342 return;
1343 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) {
1344 in6_dev_put(in6_dev);
1345 return;
1346 }
1347
1348 /* RFC2461 8.1:
1349 * The IP source address of the Redirect MUST be the same as the current
1350 * first-hop router for the specified ICMP Destination Address.
1351 */
1352
1353 if (!ndisc_parse_options((u8*)(dest + 1), optlen, &ndopts)) {
1354 ND_PRINTK2(KERN_WARNING
1355 "ICMPv6 Redirect: invalid ND options\n");
1356 in6_dev_put(in6_dev);
1357 return;
1358 }
1359 if (ndopts.nd_opts_tgt_lladdr) {
1360 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
1361 skb->dev);
1362 if (!lladdr) {
1363 ND_PRINTK2(KERN_WARNING
1364 "ICMPv6 Redirect: invalid link-layer address length\n");
1365 in6_dev_put(in6_dev);
1366 return;
1367 }
1368 }
1369
1370 neigh = __neigh_lookup(&nd_tbl, target, skb->dev, 1);
1371 if (neigh) {
1372 rt6_redirect(dest, &skb->nh.ipv6h->daddr,
1373 &skb->nh.ipv6h->saddr, neigh, lladdr,
1374 on_link);
1375 neigh_release(neigh);
1376 }
1377 in6_dev_put(in6_dev);
1378 }
1379
1380 void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh,
1381 struct in6_addr *target)
1382 {
1383 struct sock *sk = ndisc_socket->sk;
1384 int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1385 struct sk_buff *buff;
1386 struct icmp6hdr *icmph;
1387 struct in6_addr saddr_buf;
1388 struct in6_addr *addrp;
1389 struct net_device *dev;
1390 struct rt6_info *rt;
1391 struct dst_entry *dst;
1392 struct inet6_dev *idev;
1393 struct flowi fl;
1394 u8 *opt;
1395 int rd_len;
1396 int err;
1397 int hlen;
1398 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1399
1400 dev = skb->dev;
1401
1402 if (ipv6_get_lladdr(dev, &saddr_buf)) {
1403 ND_PRINTK2(KERN_WARNING
1404 "ICMPv6 Redirect: no link-local address on %s\n",
1405 dev->name);
1406 return;
1407 }
1408
1409 ndisc_flow_init(&fl, NDISC_REDIRECT, &saddr_buf, &skb->nh.ipv6h->saddr,
1410 dev->ifindex);
1411
1412 dst = ip6_route_output(NULL, &fl);
1413 if (dst == NULL)
1414 return;
1415
1416 err = xfrm_lookup(&dst, &fl, NULL, 0);
1417 if (err)
1418 return;
1419
1420 rt = (struct rt6_info *) dst;
1421
1422 if (rt->rt6i_flags & RTF_GATEWAY) {
1423 ND_PRINTK2(KERN_WARNING
1424 "ICMPv6 Redirect: destination is not a neighbour.\n");
1425 dst_release(dst);
1426 return;
1427 }
1428 if (!xrlim_allow(dst, 1*HZ)) {
1429 dst_release(dst);
1430 return;
1431 }
1432
1433 if (dev->addr_len) {
1434 read_lock_bh(&neigh->lock);
1435 if (neigh->nud_state & NUD_VALID) {
1436 memcpy(ha_buf, neigh->ha, dev->addr_len);
1437 read_unlock_bh(&neigh->lock);
1438 ha = ha_buf;
1439 len += ndisc_opt_addr_space(dev);
1440 } else
1441 read_unlock_bh(&neigh->lock);
1442 }
1443
1444 rd_len = min_t(unsigned int,
1445 IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1446 rd_len &= ~0x7;
1447 len += rd_len;
1448
1449 buff = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
1450 1, &err);
1451 if (buff == NULL) {
1452 ND_PRINTK0(KERN_ERR
1453 "ICMPv6 Redirect: %s() failed to allocate an skb.\n",
1454 __FUNCTION__);
1455 dst_release(dst);
1456 return;
1457 }
1458
1459 hlen = 0;
1460
1461 skb_reserve(buff, LL_RESERVED_SPACE(dev));
1462 ip6_nd_hdr(sk, buff, dev, &saddr_buf, &skb->nh.ipv6h->saddr,
1463 IPPROTO_ICMPV6, len);
1464
1465 icmph = (struct icmp6hdr *)skb_put(buff, len);
1466 buff->h.raw = (unsigned char*)icmph;
1467
1468 memset(icmph, 0, sizeof(struct icmp6hdr));
1469 icmph->icmp6_type = NDISC_REDIRECT;
1470
1471 /*
1472 * copy target and destination addresses
1473 */
1474
1475 addrp = (struct in6_addr *)(icmph + 1);
1476 ipv6_addr_copy(addrp, target);
1477 addrp++;
1478 ipv6_addr_copy(addrp, &skb->nh.ipv6h->daddr);
1479
1480 opt = (u8*) (addrp + 1);
1481
1482 /*
1483 * include target_address option
1484 */
1485
1486 if (ha)
1487 opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1488 dev->addr_len, dev->type);
1489
1490 /*
1491 * build redirect option and copy skb over to the new packet.
1492 */
1493
1494 memset(opt, 0, 8);
1495 *(opt++) = ND_OPT_REDIRECT_HDR;
1496 *(opt++) = (rd_len >> 3);
1497 opt += 6;
1498
1499 memcpy(opt, skb->nh.ipv6h, rd_len - 8);
1500
1501 icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &skb->nh.ipv6h->saddr,
1502 len, IPPROTO_ICMPV6,
1503 csum_partial((u8 *) icmph, len, 0));
1504
1505 buff->dst = dst;
1506 idev = in6_dev_get(dst->dev);
1507 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
1508 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, buff, NULL, dst->dev, dst_output);
1509 if (!err) {
1510 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTREDIRECTS);
1511 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
1512 }
1513
1514 if (likely(idev != NULL))
1515 in6_dev_put(idev);
1516 }
1517
1518 static void pndisc_redo(struct sk_buff *skb)
1519 {
1520 ndisc_recv_ns(skb);
1521 kfree_skb(skb);
1522 }
1523
1524 int ndisc_rcv(struct sk_buff *skb)
1525 {
1526 struct nd_msg *msg;
1527
1528 if (!pskb_may_pull(skb, skb->len))
1529 return 0;
1530
1531 msg = (struct nd_msg *) skb->h.raw;
1532
1533 __skb_push(skb, skb->data-skb->h.raw);
1534
1535 if (skb->nh.ipv6h->hop_limit != 255) {
1536 ND_PRINTK2(KERN_WARNING
1537 "ICMPv6 NDISC: invalid hop-limit: %d\n",
1538 skb->nh.ipv6h->hop_limit);
1539 return 0;
1540 }
1541
1542 if (msg->icmph.icmp6_code != 0) {
1543 ND_PRINTK2(KERN_WARNING
1544 "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1545 msg->icmph.icmp6_code);
1546 return 0;
1547 }
1548
1549 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1550
1551 switch (msg->icmph.icmp6_type) {
1552 case NDISC_NEIGHBOUR_SOLICITATION:
1553 ndisc_recv_ns(skb);
1554 break;
1555
1556 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1557 ndisc_recv_na(skb);
1558 break;
1559
1560 case NDISC_ROUTER_SOLICITATION:
1561 ndisc_recv_rs(skb);
1562 break;
1563
1564 case NDISC_ROUTER_ADVERTISEMENT:
1565 ndisc_router_discovery(skb);
1566 break;
1567
1568 case NDISC_REDIRECT:
1569 ndisc_redirect_rcv(skb);
1570 break;
1571 };
1572
1573 return 0;
1574 }
1575
1576 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1577 {
1578 struct net_device *dev = ptr;
1579
1580 switch (event) {
1581 case NETDEV_CHANGEADDR:
1582 neigh_changeaddr(&nd_tbl, dev);
1583 fib6_run_gc(~0UL);
1584 break;
1585 case NETDEV_DOWN:
1586 neigh_ifdown(&nd_tbl, dev);
1587 fib6_run_gc(~0UL);
1588 break;
1589 default:
1590 break;
1591 }
1592
1593 return NOTIFY_DONE;
1594 }
1595
1596 static struct notifier_block ndisc_netdev_notifier = {
1597 .notifier_call = ndisc_netdev_event,
1598 };
1599
1600 #ifdef CONFIG_SYSCTL
1601 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1602 const char *func, const char *dev_name)
1603 {
1604 static char warncomm[TASK_COMM_LEN];
1605 static int warned;
1606 if (strcmp(warncomm, current->comm) && warned < 5) {
1607 strcpy(warncomm, current->comm);
1608 printk(KERN_WARNING
1609 "process `%s' is using deprecated sysctl (%s) "
1610 "net.ipv6.neigh.%s.%s; "
1611 "Use net.ipv6.neigh.%s.%s_ms "
1612 "instead.\n",
1613 warncomm, func,
1614 dev_name, ctl->procname,
1615 dev_name, ctl->procname);
1616 warned++;
1617 }
1618 }
1619
1620 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, struct file * filp, void __user *buffer, size_t *lenp, loff_t *ppos)
1621 {
1622 struct net_device *dev = ctl->extra1;
1623 struct inet6_dev *idev;
1624 int ret;
1625
1626 if (ctl->ctl_name == NET_NEIGH_RETRANS_TIME ||
1627 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME)
1628 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1629
1630 switch (ctl->ctl_name) {
1631 case NET_NEIGH_RETRANS_TIME:
1632 ret = proc_dointvec(ctl, write, filp, buffer, lenp, ppos);
1633 break;
1634 case NET_NEIGH_REACHABLE_TIME:
1635 ret = proc_dointvec_jiffies(ctl, write,
1636 filp, buffer, lenp, ppos);
1637 break;
1638 case NET_NEIGH_RETRANS_TIME_MS:
1639 case NET_NEIGH_REACHABLE_TIME_MS:
1640 ret = proc_dointvec_ms_jiffies(ctl, write,
1641 filp, buffer, lenp, ppos);
1642 break;
1643 default:
1644 ret = -1;
1645 }
1646
1647 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1648 if (ctl->ctl_name == NET_NEIGH_REACHABLE_TIME ||
1649 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME_MS)
1650 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1651 idev->tstamp = jiffies;
1652 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1653 in6_dev_put(idev);
1654 }
1655 return ret;
1656 }
1657
1658 static int ndisc_ifinfo_sysctl_strategy(ctl_table *ctl, int __user *name,
1659 int nlen, void __user *oldval,
1660 size_t __user *oldlenp,
1661 void __user *newval, size_t newlen,
1662 void **context)
1663 {
1664 struct net_device *dev = ctl->extra1;
1665 struct inet6_dev *idev;
1666 int ret;
1667
1668 if (ctl->ctl_name == NET_NEIGH_RETRANS_TIME ||
1669 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME)
1670 ndisc_warn_deprecated_sysctl(ctl, "procfs", dev ? dev->name : "default");
1671
1672 switch (ctl->ctl_name) {
1673 case NET_NEIGH_REACHABLE_TIME:
1674 ret = sysctl_jiffies(ctl, name, nlen,
1675 oldval, oldlenp, newval, newlen,
1676 context);
1677 break;
1678 case NET_NEIGH_RETRANS_TIME_MS:
1679 case NET_NEIGH_REACHABLE_TIME_MS:
1680 ret = sysctl_ms_jiffies(ctl, name, nlen,
1681 oldval, oldlenp, newval, newlen,
1682 context);
1683 break;
1684 default:
1685 ret = 0;
1686 }
1687
1688 if (newval && newlen && ret > 0 &&
1689 dev && (idev = in6_dev_get(dev)) != NULL) {
1690 if (ctl->ctl_name == NET_NEIGH_REACHABLE_TIME ||
1691 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME_MS)
1692 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1693 idev->tstamp = jiffies;
1694 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1695 in6_dev_put(idev);
1696 }
1697
1698 return ret;
1699 }
1700
1701 #endif
1702
1703 int __init ndisc_init(struct net_proto_family *ops)
1704 {
1705 struct ipv6_pinfo *np;
1706 struct sock *sk;
1707 int err;
1708
1709 err = sock_create_kern(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6, &ndisc_socket);
1710 if (err < 0) {
1711 ND_PRINTK0(KERN_ERR
1712 "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1713 err);
1714 ndisc_socket = NULL; /* For safety. */
1715 return err;
1716 }
1717
1718 sk = ndisc_socket->sk;
1719 np = inet6_sk(sk);
1720 sk->sk_allocation = GFP_ATOMIC;
1721 np->hop_limit = 255;
1722 /* Do not loopback ndisc messages */
1723 np->mc_loop = 0;
1724 sk->sk_prot->unhash(sk);
1725
1726 /*
1727 * Initialize the neighbour table
1728 */
1729
1730 neigh_table_init(&nd_tbl);
1731
1732 #ifdef CONFIG_SYSCTL
1733 neigh_sysctl_register(NULL, &nd_tbl.parms, NET_IPV6, NET_IPV6_NEIGH,
1734 "ipv6",
1735 &ndisc_ifinfo_sysctl_change,
1736 &ndisc_ifinfo_sysctl_strategy);
1737 #endif
1738
1739 register_netdevice_notifier(&ndisc_netdev_notifier);
1740 return 0;
1741 }
1742
1743 void ndisc_cleanup(void)
1744 {
1745 #ifdef CONFIG_SYSCTL
1746 neigh_sysctl_unregister(&nd_tbl.parms);
1747 #endif
1748 neigh_table_clear(&nd_tbl);
1749 sock_release(ndisc_socket);
1750 ndisc_socket = NULL; /* For safety. */
1751 }
Linux with added FPC-III support