2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
30 #define pr_fmt(fmt) "ICMPv6: " fmt
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
45 #include <linux/sysctl.h>
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
75 static u32 ndisc_hash(const void *pkey,
76 const struct net_device *dev,
78 static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey);
79 static int ndisc_constructor(struct neighbour *neigh);
80 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
81 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
82 static int pndisc_constructor(struct pneigh_entry *n);
83 static void pndisc_destructor(struct pneigh_entry *n);
84 static void pndisc_redo(struct sk_buff *skb);
86 static const struct neigh_ops ndisc_generic_ops = {
88 .solicit = ndisc_solicit,
89 .error_report = ndisc_error_report,
90 .output = neigh_resolve_output,
91 .connected_output = neigh_connected_output,
94 static const struct neigh_ops ndisc_hh_ops = {
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_resolve_output,
103 static const struct neigh_ops ndisc_direct_ops = {
105 .output = neigh_direct_output,
106 .connected_output = neigh_direct_output,
109 struct neigh_table nd_tbl = {
111 .key_len = sizeof(struct in6_addr),
112 .protocol = cpu_to_be16(ETH_P_IPV6),
114 .key_eq = ndisc_key_eq,
115 .constructor = ndisc_constructor,
116 .pconstructor = pndisc_constructor,
117 .pdestructor = pndisc_destructor,
118 .proxy_redo = pndisc_redo,
122 .reachable_time = ND_REACHABLE_TIME,
124 [NEIGH_VAR_MCAST_PROBES] = 3,
125 [NEIGH_VAR_UCAST_PROBES] = 3,
126 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
127 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
128 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
129 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
130 [NEIGH_VAR_QUEUE_LEN_BYTES] = 64 * 1024,
131 [NEIGH_VAR_PROXY_QLEN] = 64,
132 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
133 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
136 .gc_interval = 30 * HZ,
141 EXPORT_SYMBOL_GPL(nd_tbl);
143 void __ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data,
144 int data_len, int pad)
146 int space = __ndisc_opt_addr_space(data_len, pad);
147 u8 *opt = skb_put(skb, space);
152 memset(opt + 2, 0, pad);
156 memcpy(opt+2, data, data_len);
161 memset(opt, 0, space);
163 EXPORT_SYMBOL_GPL(__ndisc_fill_addr_option);
165 static inline void ndisc_fill_addr_option(struct sk_buff *skb, int type,
166 void *data, u8 icmp6_type)
168 __ndisc_fill_addr_option(skb, type, data, skb->dev->addr_len,
169 ndisc_addr_option_pad(skb->dev->type));
170 ndisc_ops_fill_addr_option(skb->dev, skb, icmp6_type);
173 static inline void ndisc_fill_redirect_addr_option(struct sk_buff *skb,
177 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR, ha, NDISC_REDIRECT);
178 ndisc_ops_fill_redirect_addr_option(skb->dev, skb, ops_data);
181 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
182 struct nd_opt_hdr *end)
185 if (!cur || !end || cur >= end)
187 type = cur->nd_opt_type;
189 cur = ((void *)cur) + (cur->nd_opt_len << 3);
190 } while (cur < end && cur->nd_opt_type != type);
191 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
194 static inline int ndisc_is_useropt(const struct net_device *dev,
195 struct nd_opt_hdr *opt)
197 return opt->nd_opt_type == ND_OPT_RDNSS ||
198 opt->nd_opt_type == ND_OPT_DNSSL ||
199 ndisc_ops_is_useropt(dev, opt->nd_opt_type);
202 static struct nd_opt_hdr *ndisc_next_useropt(const struct net_device *dev,
203 struct nd_opt_hdr *cur,
204 struct nd_opt_hdr *end)
206 if (!cur || !end || cur >= end)
209 cur = ((void *)cur) + (cur->nd_opt_len << 3);
210 } while (cur < end && !ndisc_is_useropt(dev, cur));
211 return cur <= end && ndisc_is_useropt(dev, cur) ? cur : NULL;
214 struct ndisc_options *ndisc_parse_options(const struct net_device *dev,
215 u8 *opt, int opt_len,
216 struct ndisc_options *ndopts)
218 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
220 if (!nd_opt || opt_len < 0 || !ndopts)
222 memset(ndopts, 0, sizeof(*ndopts));
225 if (opt_len < sizeof(struct nd_opt_hdr))
227 l = nd_opt->nd_opt_len << 3;
228 if (opt_len < l || l == 0)
230 if (ndisc_ops_parse_options(dev, nd_opt, ndopts))
232 switch (nd_opt->nd_opt_type) {
233 case ND_OPT_SOURCE_LL_ADDR:
234 case ND_OPT_TARGET_LL_ADDR:
237 case ND_OPT_REDIRECT_HDR:
238 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
240 "%s: duplicated ND6 option found: type=%d\n",
241 __func__, nd_opt->nd_opt_type);
243 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
246 case ND_OPT_PREFIX_INFO:
247 ndopts->nd_opts_pi_end = nd_opt;
248 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
249 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
251 #ifdef CONFIG_IPV6_ROUTE_INFO
252 case ND_OPT_ROUTE_INFO:
253 ndopts->nd_opts_ri_end = nd_opt;
254 if (!ndopts->nd_opts_ri)
255 ndopts->nd_opts_ri = nd_opt;
259 if (ndisc_is_useropt(dev, nd_opt)) {
260 ndopts->nd_useropts_end = nd_opt;
261 if (!ndopts->nd_useropts)
262 ndopts->nd_useropts = nd_opt;
265 * Unknown options must be silently ignored,
266 * to accommodate future extension to the
270 "%s: ignored unsupported option; type=%d, len=%d\n",
278 nd_opt = ((void *)nd_opt) + l;
283 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
287 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
289 ipv6_eth_mc_map(addr, buf);
292 ipv6_arcnet_mc_map(addr, buf);
294 case ARPHRD_INFINIBAND:
295 ipv6_ib_mc_map(addr, dev->broadcast, buf);
298 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
301 memcpy(buf, dev->broadcast, dev->addr_len);
307 EXPORT_SYMBOL(ndisc_mc_map);
309 static u32 ndisc_hash(const void *pkey,
310 const struct net_device *dev,
313 return ndisc_hashfn(pkey, dev, hash_rnd);
316 static bool ndisc_key_eq(const struct neighbour *n, const void *pkey)
318 return neigh_key_eq128(n, pkey);
321 static int ndisc_constructor(struct neighbour *neigh)
323 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
324 struct net_device *dev = neigh->dev;
325 struct inet6_dev *in6_dev;
326 struct neigh_parms *parms;
327 bool is_multicast = ipv6_addr_is_multicast(addr);
329 in6_dev = in6_dev_get(dev);
334 parms = in6_dev->nd_parms;
335 __neigh_parms_put(neigh->parms);
336 neigh->parms = neigh_parms_clone(parms);
338 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
339 if (!dev->header_ops) {
340 neigh->nud_state = NUD_NOARP;
341 neigh->ops = &ndisc_direct_ops;
342 neigh->output = neigh_direct_output;
345 neigh->nud_state = NUD_NOARP;
346 ndisc_mc_map(addr, neigh->ha, dev, 1);
347 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
348 neigh->nud_state = NUD_NOARP;
349 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
350 if (dev->flags&IFF_LOOPBACK)
351 neigh->type = RTN_LOCAL;
352 } else if (dev->flags&IFF_POINTOPOINT) {
353 neigh->nud_state = NUD_NOARP;
354 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
356 if (dev->header_ops->cache)
357 neigh->ops = &ndisc_hh_ops;
359 neigh->ops = &ndisc_generic_ops;
360 if (neigh->nud_state&NUD_VALID)
361 neigh->output = neigh->ops->connected_output;
363 neigh->output = neigh->ops->output;
365 in6_dev_put(in6_dev);
369 static int pndisc_constructor(struct pneigh_entry *n)
371 struct in6_addr *addr = (struct in6_addr *)&n->key;
372 struct in6_addr maddr;
373 struct net_device *dev = n->dev;
375 if (!dev || !__in6_dev_get(dev))
377 addrconf_addr_solict_mult(addr, &maddr);
378 ipv6_dev_mc_inc(dev, &maddr);
382 static void pndisc_destructor(struct pneigh_entry *n)
384 struct in6_addr *addr = (struct in6_addr *)&n->key;
385 struct in6_addr maddr;
386 struct net_device *dev = n->dev;
388 if (!dev || !__in6_dev_get(dev))
390 addrconf_addr_solict_mult(addr, &maddr);
391 ipv6_dev_mc_dec(dev, &maddr);
394 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
397 int hlen = LL_RESERVED_SPACE(dev);
398 int tlen = dev->needed_tailroom;
399 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
402 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
404 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
409 skb->protocol = htons(ETH_P_IPV6);
412 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
413 skb_reset_transport_header(skb);
415 /* Manually assign socket ownership as we avoid calling
416 * sock_alloc_send_pskb() to bypass wmem buffer limits
418 skb_set_owner_w(skb, sk);
423 static void ip6_nd_hdr(struct sk_buff *skb,
424 const struct in6_addr *saddr,
425 const struct in6_addr *daddr,
426 int hop_limit, int len)
430 skb_push(skb, sizeof(*hdr));
431 skb_reset_network_header(skb);
434 ip6_flow_hdr(hdr, 0, 0);
436 hdr->payload_len = htons(len);
437 hdr->nexthdr = IPPROTO_ICMPV6;
438 hdr->hop_limit = hop_limit;
444 static void ndisc_send_skb(struct sk_buff *skb,
445 const struct in6_addr *daddr,
446 const struct in6_addr *saddr)
448 struct dst_entry *dst = skb_dst(skb);
449 struct net *net = dev_net(skb->dev);
450 struct sock *sk = net->ipv6.ndisc_sk;
451 struct inet6_dev *idev;
453 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
456 type = icmp6h->icmp6_type;
460 int oif = skb->dev->ifindex;
462 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, oif);
463 dst = icmp6_dst_alloc(skb->dev, &fl6);
469 skb_dst_set(skb, dst);
472 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
477 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
480 idev = __in6_dev_get(dst->dev);
481 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
483 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
484 net, sk, skb, NULL, dst->dev,
487 ICMP6MSGOUT_INC_STATS(net, idev, type);
488 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
494 void ndisc_send_na(struct net_device *dev, const struct in6_addr *daddr,
495 const struct in6_addr *solicited_addr,
496 bool router, bool solicited, bool override, bool inc_opt)
499 struct in6_addr tmpaddr;
500 struct inet6_ifaddr *ifp;
501 const struct in6_addr *src_addr;
505 /* for anycast or proxy, solicited_addr != src_addr */
506 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
508 src_addr = solicited_addr;
509 if (ifp->flags & IFA_F_OPTIMISTIC)
511 inc_opt |= ifp->idev->cnf.force_tllao;
514 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
515 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
524 optlen += ndisc_opt_addr_space(dev,
525 NDISC_NEIGHBOUR_ADVERTISEMENT);
527 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
531 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
532 *msg = (struct nd_msg) {
534 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
535 .icmp6_router = router,
536 .icmp6_solicited = solicited,
537 .icmp6_override = override,
539 .target = *solicited_addr,
543 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
545 NDISC_NEIGHBOUR_ADVERTISEMENT);
547 ndisc_send_skb(skb, daddr, src_addr);
550 static void ndisc_send_unsol_na(struct net_device *dev)
552 struct inet6_dev *idev;
553 struct inet6_ifaddr *ifa;
555 idev = in6_dev_get(dev);
559 read_lock_bh(&idev->lock);
560 list_for_each_entry(ifa, &idev->addr_list, if_list) {
561 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &ifa->addr,
562 /*router=*/ !!idev->cnf.forwarding,
563 /*solicited=*/ false, /*override=*/ true,
566 read_unlock_bh(&idev->lock);
571 void ndisc_send_ns(struct net_device *dev, const struct in6_addr *solicit,
572 const struct in6_addr *daddr, const struct in6_addr *saddr,
576 struct in6_addr addr_buf;
577 int inc_opt = dev->addr_len;
582 if (ipv6_get_lladdr(dev, &addr_buf,
583 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
588 if (ipv6_addr_any(saddr))
591 optlen += ndisc_opt_addr_space(dev,
592 NDISC_NEIGHBOUR_SOLICITATION);
596 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
600 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
601 *msg = (struct nd_msg) {
603 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
609 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
611 NDISC_NEIGHBOUR_SOLICITATION);
613 u8 *opt = skb_put(skb, 8);
615 opt[0] = ND_OPT_NONCE;
617 memcpy(opt + 2, &nonce, 6);
620 ndisc_send_skb(skb, daddr, saddr);
623 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
624 const struct in6_addr *daddr)
628 int send_sllao = dev->addr_len;
631 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
633 * According to section 2.2 of RFC 4429, we must not
634 * send router solicitations with a sllao from
635 * optimistic addresses, but we may send the solicitation
636 * if we don't include the sllao. So here we check
637 * if our address is optimistic, and if so, we
638 * suppress the inclusion of the sllao.
641 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
644 if (ifp->flags & IFA_F_OPTIMISTIC) {
654 optlen += ndisc_opt_addr_space(dev, NDISC_ROUTER_SOLICITATION);
656 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
660 msg = (struct rs_msg *)skb_put(skb, sizeof(*msg));
661 *msg = (struct rs_msg) {
663 .icmp6_type = NDISC_ROUTER_SOLICITATION,
668 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
670 NDISC_ROUTER_SOLICITATION);
672 ndisc_send_skb(skb, daddr, saddr);
676 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
679 * "The sender MUST return an ICMP
680 * destination unreachable"
682 dst_link_failure(skb);
686 /* Called with locked neigh: either read or both */
688 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
690 struct in6_addr *saddr = NULL;
691 struct in6_addr mcaddr;
692 struct net_device *dev = neigh->dev;
693 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
694 int probes = atomic_read(&neigh->probes);
696 if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
698 IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
699 saddr = &ipv6_hdr(skb)->saddr;
700 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
702 if (!(neigh->nud_state & NUD_VALID)) {
704 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
707 ndisc_send_ns(dev, target, target, saddr, 0);
708 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
711 addrconf_addr_solict_mult(target, &mcaddr);
712 ndisc_send_ns(dev, target, &mcaddr, saddr, 0);
716 static int pndisc_is_router(const void *pkey,
717 struct net_device *dev)
719 struct pneigh_entry *n;
722 read_lock_bh(&nd_tbl.lock);
723 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
725 ret = !!(n->flags & NTF_ROUTER);
726 read_unlock_bh(&nd_tbl.lock);
731 void ndisc_update(const struct net_device *dev, struct neighbour *neigh,
732 const u8 *lladdr, u8 new, u32 flags, u8 icmp6_type,
733 struct ndisc_options *ndopts)
735 neigh_update(neigh, lladdr, new, flags);
736 /* report ndisc ops about neighbour update */
737 ndisc_ops_update(dev, neigh, flags, icmp6_type, ndopts);
740 static void ndisc_recv_ns(struct sk_buff *skb)
742 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
743 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
744 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
746 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
747 offsetof(struct nd_msg, opt));
748 struct ndisc_options ndopts;
749 struct net_device *dev = skb->dev;
750 struct inet6_ifaddr *ifp;
751 struct inet6_dev *idev = NULL;
752 struct neighbour *neigh;
753 int dad = ipv6_addr_any(saddr);
758 if (skb->len < sizeof(struct nd_msg)) {
759 ND_PRINTK(2, warn, "NS: packet too short\n");
763 if (ipv6_addr_is_multicast(&msg->target)) {
764 ND_PRINTK(2, warn, "NS: multicast target address\n");
770 * DAD has to be destined for solicited node multicast address.
772 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
773 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
777 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
778 ND_PRINTK(2, warn, "NS: invalid ND options\n");
782 if (ndopts.nd_opts_src_lladdr) {
783 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
786 "NS: invalid link-layer address length\n");
791 * If the IP source address is the unspecified address,
792 * there MUST NOT be source link-layer address option
797 "NS: bad DAD packet (link-layer address option)\n");
801 if (ndopts.nd_opts_nonce)
802 memcpy(&nonce, (u8 *)(ndopts.nd_opts_nonce + 1), 6);
804 inc = ipv6_addr_is_multicast(daddr);
806 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
809 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
811 if (nonce != 0 && ifp->dad_nonce == nonce) {
812 u8 *np = (u8 *)&nonce;
813 /* Matching nonce if looped back */
815 "%s: IPv6 DAD loopback for address %pI6c nonce %pM ignored\n",
816 ifp->idev->dev->name,
821 * We are colliding with another node
823 * so fail our DAD process
825 addrconf_dad_failure(ifp);
829 * This is not a dad solicitation.
830 * If we are an optimistic node,
832 * Otherwise, we should ignore it.
834 if (!(ifp->flags & IFA_F_OPTIMISTIC))
841 struct net *net = dev_net(dev);
843 /* perhaps an address on the master device */
844 if (netif_is_l3_slave(dev)) {
845 struct net_device *mdev;
847 mdev = netdev_master_upper_dev_get_rcu(dev);
849 ifp = ipv6_get_ifaddr(net, &msg->target, mdev, 1);
855 idev = in6_dev_get(dev);
857 /* XXX: count this drop? */
861 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
862 (idev->cnf.forwarding &&
863 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
864 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
865 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
866 skb->pkt_type != PACKET_HOST &&
868 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
870 * for anycast or proxy,
871 * sender should delay its response
872 * by a random time between 0 and
873 * MAX_ANYCAST_DELAY_TIME seconds.
874 * (RFC2461) -- yoshfuji
876 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
878 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
886 is_router = idev->cnf.forwarding;
889 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &msg->target,
890 !!is_router, false, (ifp != NULL), true);
895 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
897 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
900 * update / create cache entry
901 * for the source address
903 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
904 !inc || lladdr || !dev->addr_len);
906 ndisc_update(dev, neigh, lladdr, NUD_STALE,
907 NEIGH_UPDATE_F_WEAK_OVERRIDE|
908 NEIGH_UPDATE_F_OVERRIDE,
909 NDISC_NEIGHBOUR_SOLICITATION, &ndopts);
910 if (neigh || !dev->header_ops) {
911 ndisc_send_na(dev, saddr, &msg->target, !!is_router,
912 true, (ifp != NULL && inc), inc);
914 neigh_release(neigh);
924 static void ndisc_recv_na(struct sk_buff *skb)
926 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
927 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
928 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
930 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
931 offsetof(struct nd_msg, opt));
932 struct ndisc_options ndopts;
933 struct net_device *dev = skb->dev;
934 struct inet6_dev *idev = __in6_dev_get(dev);
935 struct inet6_ifaddr *ifp;
936 struct neighbour *neigh;
938 if (skb->len < sizeof(struct nd_msg)) {
939 ND_PRINTK(2, warn, "NA: packet too short\n");
943 if (ipv6_addr_is_multicast(&msg->target)) {
944 ND_PRINTK(2, warn, "NA: target address is multicast\n");
948 if (ipv6_addr_is_multicast(daddr) &&
949 msg->icmph.icmp6_solicited) {
950 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
954 /* For some 802.11 wireless deployments (and possibly other networks),
955 * there will be a NA proxy and unsolicitd packets are attacks
956 * and thus should not be accepted.
958 if (!msg->icmph.icmp6_solicited && idev &&
959 idev->cnf.drop_unsolicited_na)
962 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
963 ND_PRINTK(2, warn, "NS: invalid ND option\n");
966 if (ndopts.nd_opts_tgt_lladdr) {
967 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
970 "NA: invalid link-layer address length\n");
974 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
976 if (skb->pkt_type != PACKET_LOOPBACK
977 && (ifp->flags & IFA_F_TENTATIVE)) {
978 addrconf_dad_failure(ifp);
981 /* What should we make now? The advertisement
982 is invalid, but ndisc specs say nothing
983 about it. It could be misconfiguration, or
984 an smart proxy agent tries to help us :-)
986 We should not print the error if NA has been
987 received from loopback - it is just our own
988 unsolicited advertisement.
990 if (skb->pkt_type != PACKET_LOOPBACK)
992 "NA: someone advertises our address %pI6 on %s!\n",
993 &ifp->addr, ifp->idev->dev->name);
997 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
1000 u8 old_flags = neigh->flags;
1001 struct net *net = dev_net(dev);
1003 if (neigh->nud_state & NUD_FAILED)
1007 * Don't update the neighbor cache entry on a proxy NA from
1008 * ourselves because either the proxied node is off link or it
1009 * has already sent a NA to us.
1011 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
1012 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
1013 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
1014 /* XXX: idev->cnf.proxy_ndp */
1018 ndisc_update(dev, neigh, lladdr,
1019 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
1020 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1021 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
1022 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1023 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0),
1024 NDISC_NEIGHBOUR_ADVERTISEMENT, &ndopts);
1026 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
1028 * Change: router to host
1030 rt6_clean_tohost(dev_net(dev), saddr);
1034 neigh_release(neigh);
1038 static void ndisc_recv_rs(struct sk_buff *skb)
1040 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1041 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1042 struct neighbour *neigh;
1043 struct inet6_dev *idev;
1044 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1045 struct ndisc_options ndopts;
1048 if (skb->len < sizeof(*rs_msg))
1051 idev = __in6_dev_get(skb->dev);
1053 ND_PRINTK(1, err, "RS: can't find in6 device\n");
1057 /* Don't accept RS if we're not in router mode */
1058 if (!idev->cnf.forwarding)
1062 * Don't update NCE if src = ::;
1063 * this implies that the source node has no ip address assigned yet.
1065 if (ipv6_addr_any(saddr))
1068 /* Parse ND options */
1069 if (!ndisc_parse_options(skb->dev, rs_msg->opt, ndoptlen, &ndopts)) {
1070 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
1074 if (ndopts.nd_opts_src_lladdr) {
1075 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1081 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1083 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1084 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1085 NEIGH_UPDATE_F_OVERRIDE|
1086 NEIGH_UPDATE_F_OVERRIDE_ISROUTER,
1087 NDISC_ROUTER_SOLICITATION, &ndopts);
1088 neigh_release(neigh);
1094 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1096 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1097 struct sk_buff *skb;
1098 struct nlmsghdr *nlh;
1099 struct nduseroptmsg *ndmsg;
1100 struct net *net = dev_net(ra->dev);
1102 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1103 + (opt->nd_opt_len << 3));
1104 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1106 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1112 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1114 goto nla_put_failure;
1117 ndmsg = nlmsg_data(nlh);
1118 ndmsg->nduseropt_family = AF_INET6;
1119 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1120 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1121 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1122 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1124 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1126 if (nla_put_in6_addr(skb, NDUSEROPT_SRCADDR, &ipv6_hdr(ra)->saddr))
1127 goto nla_put_failure;
1128 nlmsg_end(skb, nlh);
1130 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1137 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1140 static void ndisc_router_discovery(struct sk_buff *skb)
1142 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1143 struct neighbour *neigh = NULL;
1144 struct inet6_dev *in6_dev;
1145 struct rt6_info *rt = NULL;
1147 struct ndisc_options ndopts;
1149 unsigned int pref = 0;
1151 bool send_ifinfo_notify = false;
1153 __u8 *opt = (__u8 *)(ra_msg + 1);
1155 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1156 sizeof(struct ra_msg);
1159 "RA: %s, dev: %s\n",
1160 __func__, skb->dev->name);
1161 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1162 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1166 ND_PRINTK(2, warn, "RA: packet too short\n");
1170 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1171 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1172 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1178 * set the RA_RECV flag in the interface
1181 in6_dev = __in6_dev_get(skb->dev);
1183 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1188 if (!ndisc_parse_options(skb->dev, opt, optlen, &ndopts)) {
1189 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1193 if (!ipv6_accept_ra(in6_dev)) {
1195 "RA: %s, did not accept ra for dev: %s\n",
1196 __func__, skb->dev->name);
1197 goto skip_linkparms;
1200 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1201 /* skip link-specific parameters from interior routers */
1202 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1204 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1205 __func__, skb->dev->name);
1206 goto skip_linkparms;
1210 if (in6_dev->if_flags & IF_RS_SENT) {
1212 * flag that an RA was received after an RS was sent
1213 * out on this interface.
1215 in6_dev->if_flags |= IF_RA_RCVD;
1219 * Remember the managed/otherconf flags from most recently
1220 * received RA message (RFC 2462) -- yoshfuji
1222 old_if_flags = in6_dev->if_flags;
1223 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1225 (ra_msg->icmph.icmp6_addrconf_managed ?
1226 IF_RA_MANAGED : 0) |
1227 (ra_msg->icmph.icmp6_addrconf_other ?
1228 IF_RA_OTHERCONF : 0);
1230 if (old_if_flags != in6_dev->if_flags)
1231 send_ifinfo_notify = true;
1233 if (!in6_dev->cnf.accept_ra_defrtr) {
1235 "RA: %s, defrtr is false for dev: %s\n",
1236 __func__, skb->dev->name);
1240 /* Do not accept RA with source-addr found on local machine unless
1241 * accept_ra_from_local is set to true.
1243 if (!in6_dev->cnf.accept_ra_from_local &&
1244 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1247 "RA from local address detected on dev: %s: default router ignored\n",
1252 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1254 #ifdef CONFIG_IPV6_ROUTER_PREF
1255 pref = ra_msg->icmph.icmp6_router_pref;
1256 /* 10b is handled as if it were 00b (medium) */
1257 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1258 !in6_dev->cnf.accept_ra_rtr_pref)
1259 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1262 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1265 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1268 "RA: %s got default router without neighbour\n",
1274 if (rt && lifetime == 0) {
1279 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1280 rt, lifetime, skb->dev->name);
1281 if (!rt && lifetime) {
1282 ND_PRINTK(3, info, "RA: adding default router\n");
1284 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1287 "RA: %s failed to add default route\n",
1292 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1295 "RA: %s got default router without neighbour\n",
1300 neigh->flags |= NTF_ROUTER;
1302 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1306 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1307 if (in6_dev->cnf.accept_ra_min_hop_limit < 256 &&
1308 ra_msg->icmph.icmp6_hop_limit) {
1309 if (in6_dev->cnf.accept_ra_min_hop_limit <= ra_msg->icmph.icmp6_hop_limit) {
1310 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1312 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1313 ra_msg->icmph.icmp6_hop_limit);
1315 ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than minimum\n");
1322 * Update Reachable Time and Retrans Timer
1325 if (in6_dev->nd_parms) {
1326 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1328 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1329 rtime = (rtime*HZ)/1000;
1332 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1333 in6_dev->tstamp = jiffies;
1334 send_ifinfo_notify = true;
1337 rtime = ntohl(ra_msg->reachable_time);
1338 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1339 rtime = (rtime*HZ)/1000;
1344 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1345 NEIGH_VAR_SET(in6_dev->nd_parms,
1346 BASE_REACHABLE_TIME, rtime);
1347 NEIGH_VAR_SET(in6_dev->nd_parms,
1348 GC_STALETIME, 3 * rtime);
1349 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1350 in6_dev->tstamp = jiffies;
1351 send_ifinfo_notify = true;
1357 * Send a notify if RA changed managed/otherconf flags or timer settings
1359 if (send_ifinfo_notify)
1360 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1369 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1373 if (ndopts.nd_opts_src_lladdr) {
1374 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1378 "RA: invalid link-layer address length\n");
1382 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1383 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1384 NEIGH_UPDATE_F_OVERRIDE|
1385 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1386 NEIGH_UPDATE_F_ISROUTER,
1387 NDISC_ROUTER_ADVERTISEMENT, &ndopts);
1390 if (!ipv6_accept_ra(in6_dev)) {
1392 "RA: %s, accept_ra is false for dev: %s\n",
1393 __func__, skb->dev->name);
1397 #ifdef CONFIG_IPV6_ROUTE_INFO
1398 if (!in6_dev->cnf.accept_ra_from_local &&
1399 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1402 "RA from local address detected on dev: %s: router info ignored.\n",
1404 goto skip_routeinfo;
1407 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1408 struct nd_opt_hdr *p;
1409 for (p = ndopts.nd_opts_ri;
1411 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1412 struct route_info *ri = (struct route_info *)p;
1413 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1414 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1415 ri->prefix_len == 0)
1418 if (ri->prefix_len == 0 &&
1419 !in6_dev->cnf.accept_ra_defrtr)
1421 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1423 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1424 &ipv6_hdr(skb)->saddr);
1431 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1432 /* skip link-specific ndopts from interior routers */
1433 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1435 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1436 __func__, skb->dev->name);
1441 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1442 struct nd_opt_hdr *p;
1443 for (p = ndopts.nd_opts_pi;
1445 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1446 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1447 (p->nd_opt_len) << 3,
1448 ndopts.nd_opts_src_lladdr != NULL);
1452 if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1456 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1459 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1460 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1461 } else if (in6_dev->cnf.mtu6 != mtu) {
1462 in6_dev->cnf.mtu6 = mtu;
1465 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1467 rt6_mtu_change(skb->dev, mtu);
1471 if (ndopts.nd_useropts) {
1472 struct nd_opt_hdr *p;
1473 for (p = ndopts.nd_useropts;
1475 p = ndisc_next_useropt(skb->dev, p,
1476 ndopts.nd_useropts_end)) {
1477 ndisc_ra_useropt(skb, p);
1481 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1482 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1487 neigh_release(neigh);
1490 static void ndisc_redirect_rcv(struct sk_buff *skb)
1493 struct ndisc_options ndopts;
1494 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1495 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1496 offsetof(struct rd_msg, opt));
1498 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1499 switch (skb->ndisc_nodetype) {
1500 case NDISC_NODETYPE_HOST:
1501 case NDISC_NODETYPE_NODEFAULT:
1503 "Redirect: from host or unauthorized router\n");
1508 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1510 "Redirect: source address is not link-local\n");
1514 if (!ndisc_parse_options(skb->dev, msg->opt, ndoptlen, &ndopts))
1517 if (!ndopts.nd_opts_rh) {
1518 ip6_redirect_no_header(skb, dev_net(skb->dev),
1519 skb->dev->ifindex, 0);
1523 hdr = (u8 *)ndopts.nd_opts_rh;
1525 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1528 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1531 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1532 struct sk_buff *orig_skb,
1535 u8 *opt = skb_put(skb, rd_len);
1538 *(opt++) = ND_OPT_REDIRECT_HDR;
1539 *(opt++) = (rd_len >> 3);
1542 memcpy(opt, ipv6_hdr(orig_skb), rd_len - 8);
1545 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1547 struct net_device *dev = skb->dev;
1548 struct net *net = dev_net(dev);
1549 struct sock *sk = net->ipv6.ndisc_sk;
1551 struct inet_peer *peer;
1552 struct sk_buff *buff;
1554 struct in6_addr saddr_buf;
1555 struct rt6_info *rt;
1556 struct dst_entry *dst;
1559 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL,
1560 ops_data_buf[NDISC_OPS_REDIRECT_DATA_SPACE], *ops_data = NULL;
1563 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1564 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1569 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1570 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1572 "Redirect: target address is not link-local unicast\n");
1576 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1577 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1579 dst = ip6_route_output(net, NULL, &fl6);
1584 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1588 rt = (struct rt6_info *) dst;
1590 if (rt->rt6i_flags & RTF_GATEWAY) {
1592 "Redirect: destination is not a neighbour\n");
1595 peer = inet_getpeer_v6(net->ipv6.peers, &ipv6_hdr(skb)->saddr, 1);
1596 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1602 if (dev->addr_len) {
1603 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1606 "Redirect: no neigh for target address\n");
1610 read_lock_bh(&neigh->lock);
1611 if (neigh->nud_state & NUD_VALID) {
1612 memcpy(ha_buf, neigh->ha, dev->addr_len);
1613 read_unlock_bh(&neigh->lock);
1615 optlen += ndisc_redirect_opt_addr_space(dev, neigh,
1619 read_unlock_bh(&neigh->lock);
1621 neigh_release(neigh);
1624 rd_len = min_t(unsigned int,
1625 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1630 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1634 msg = (struct rd_msg *)skb_put(buff, sizeof(*msg));
1635 *msg = (struct rd_msg) {
1637 .icmp6_type = NDISC_REDIRECT,
1640 .dest = ipv6_hdr(skb)->daddr,
1644 * include target_address option
1648 ndisc_fill_redirect_addr_option(buff, ha, ops_data);
1651 * build redirect option and copy skb over to the new packet.
1655 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1657 skb_dst_set(buff, dst);
1658 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1665 static void pndisc_redo(struct sk_buff *skb)
1671 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1673 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1677 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1678 idev->cnf.suppress_frag_ndisc) {
1679 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1685 int ndisc_rcv(struct sk_buff *skb)
1689 if (ndisc_suppress_frag_ndisc(skb))
1692 if (skb_linearize(skb))
1695 msg = (struct nd_msg *)skb_transport_header(skb);
1697 __skb_push(skb, skb->data - skb_transport_header(skb));
1699 if (ipv6_hdr(skb)->hop_limit != 255) {
1700 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1701 ipv6_hdr(skb)->hop_limit);
1705 if (msg->icmph.icmp6_code != 0) {
1706 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1707 msg->icmph.icmp6_code);
1711 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1713 switch (msg->icmph.icmp6_type) {
1714 case NDISC_NEIGHBOUR_SOLICITATION:
1718 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1722 case NDISC_ROUTER_SOLICITATION:
1726 case NDISC_ROUTER_ADVERTISEMENT:
1727 ndisc_router_discovery(skb);
1730 case NDISC_REDIRECT:
1731 ndisc_redirect_rcv(skb);
1738 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1740 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1741 struct netdev_notifier_change_info *change_info;
1742 struct net *net = dev_net(dev);
1743 struct inet6_dev *idev;
1746 case NETDEV_CHANGEADDR:
1747 neigh_changeaddr(&nd_tbl, dev);
1748 fib6_run_gc(0, net, false);
1749 idev = in6_dev_get(dev);
1752 if (idev->cnf.ndisc_notify)
1753 ndisc_send_unsol_na(dev);
1758 if (change_info->flags_changed & IFF_NOARP)
1759 neigh_changeaddr(&nd_tbl, dev);
1762 neigh_ifdown(&nd_tbl, dev);
1763 fib6_run_gc(0, net, false);
1765 case NETDEV_NOTIFY_PEERS:
1766 ndisc_send_unsol_na(dev);
1775 static struct notifier_block ndisc_netdev_notifier = {
1776 .notifier_call = ndisc_netdev_event,
1779 #ifdef CONFIG_SYSCTL
1780 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1781 const char *func, const char *dev_name)
1783 static char warncomm[TASK_COMM_LEN];
1785 if (strcmp(warncomm, current->comm) && warned < 5) {
1786 strcpy(warncomm, current->comm);
1787 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1789 dev_name, ctl->procname,
1790 dev_name, ctl->procname);
1795 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1797 struct net_device *dev = ctl->extra1;
1798 struct inet6_dev *idev;
1801 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1802 (strcmp(ctl->procname, "base_reachable_time") == 0))
1803 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1805 if (strcmp(ctl->procname, "retrans_time") == 0)
1806 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1808 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1809 ret = neigh_proc_dointvec_jiffies(ctl, write,
1810 buffer, lenp, ppos);
1812 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1813 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1814 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1815 buffer, lenp, ppos);
1819 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1820 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1821 idev->nd_parms->reachable_time =
1822 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1823 idev->tstamp = jiffies;
1824 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1833 static int __net_init ndisc_net_init(struct net *net)
1835 struct ipv6_pinfo *np;
1839 err = inet_ctl_sock_create(&sk, PF_INET6,
1840 SOCK_RAW, IPPROTO_ICMPV6, net);
1843 "NDISC: Failed to initialize the control socket (err %d)\n",
1848 net->ipv6.ndisc_sk = sk;
1851 np->hop_limit = 255;
1852 /* Do not loopback ndisc messages */
1858 static void __net_exit ndisc_net_exit(struct net *net)
1860 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1863 static struct pernet_operations ndisc_net_ops = {
1864 .init = ndisc_net_init,
1865 .exit = ndisc_net_exit,
1868 int __init ndisc_init(void)
1872 err = register_pernet_subsys(&ndisc_net_ops);
1876 * Initialize the neighbour table
1878 neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1880 #ifdef CONFIG_SYSCTL
1881 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1882 ndisc_ifinfo_sysctl_change);
1884 goto out_unregister_pernet;
1889 #ifdef CONFIG_SYSCTL
1890 out_unregister_pernet:
1891 unregister_pernet_subsys(&ndisc_net_ops);
1896 int __init ndisc_late_init(void)
1898 return register_netdevice_notifier(&ndisc_netdev_notifier);
1901 void ndisc_late_cleanup(void)
1903 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1906 void ndisc_cleanup(void)
1908 #ifdef CONFIG_SYSCTL
1909 neigh_sysctl_unregister(&nd_tbl.parms);
1911 neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1912 unregister_pernet_subsys(&ndisc_net_ops);
projects / linux.git / blob