blob: 1f6256909674307727408937e83d5c2280d81d4d [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001/*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15/*
16 * Changes:
17 *
18 * Lars Fenneberg : fixed MTU setting on receipt
19 * of an RA.
20 *
21 * Janos Farkas : kmalloc failure checks
22 * Alexey Kuznetsov : state machine reworked
23 * and moved to net/core.
24 * Pekka Savola : RFC2461 validation
25 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
26 */
27
28/* Set to 3 to get tracing... */
29#define ND_DEBUG 1
30
31#define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
32#define ND_NOPRINTK(x...) do { ; } while(0)
33#define ND_PRINTK0 ND_PRINTK
34#define ND_PRINTK1 ND_NOPRINTK
35#define ND_PRINTK2 ND_NOPRINTK
36#define ND_PRINTK3 ND_NOPRINTK
37#if ND_DEBUG >= 1
38#undef ND_PRINTK1
39#define ND_PRINTK1 ND_PRINTK
40#endif
41#if ND_DEBUG >= 2
42#undef ND_PRINTK2
43#define ND_PRINTK2 ND_PRINTK
44#endif
45#if ND_DEBUG >= 3
46#undef ND_PRINTK3
47#define ND_PRINTK3 ND_PRINTK
48#endif
49
50#include <linux/module.h>
51#include <linux/config.h>
52#include <linux/errno.h>
53#include <linux/types.h>
54#include <linux/socket.h>
55#include <linux/sockios.h>
56#include <linux/sched.h>
57#include <linux/net.h>
58#include <linux/in6.h>
59#include <linux/route.h>
60#include <linux/init.h>
61#include <linux/rcupdate.h>
62#ifdef CONFIG_SYSCTL
63#include <linux/sysctl.h>
64#endif
65
66#include <linux/if_arp.h>
67#include <linux/ipv6.h>
68#include <linux/icmpv6.h>
69#include <linux/jhash.h>
70
71#include <net/sock.h>
72#include <net/snmp.h>
73
74#include <net/ipv6.h>
75#include <net/protocol.h>
76#include <net/ndisc.h>
77#include <net/ip6_route.h>
78#include <net/addrconf.h>
79#include <net/icmp.h>
80
81#include <net/flow.h>
82#include <net/ip6_checksum.h>
83#include <linux/proc_fs.h>
84
85#include <linux/netfilter.h>
86#include <linux/netfilter_ipv6.h>
87
88static struct socket *ndisc_socket;
89
90static u32 ndisc_hash(const void *pkey, const struct net_device *dev);
91static int ndisc_constructor(struct neighbour *neigh);
92static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
93static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
94static int pndisc_constructor(struct pneigh_entry *n);
95static void pndisc_destructor(struct pneigh_entry *n);
96static void pndisc_redo(struct sk_buff *skb);
97
98static struct neigh_ops ndisc_generic_ops = {
99 .family = AF_INET6,
100 .solicit = ndisc_solicit,
101 .error_report = ndisc_error_report,
102 .output = neigh_resolve_output,
103 .connected_output = neigh_connected_output,
104 .hh_output = dev_queue_xmit,
105 .queue_xmit = dev_queue_xmit,
106};
107
108static struct neigh_ops ndisc_hh_ops = {
109 .family = AF_INET6,
110 .solicit = ndisc_solicit,
111 .error_report = ndisc_error_report,
112 .output = neigh_resolve_output,
113 .connected_output = neigh_resolve_output,
114 .hh_output = dev_queue_xmit,
115 .queue_xmit = dev_queue_xmit,
116};
117
118
119static struct neigh_ops ndisc_direct_ops = {
120 .family = AF_INET6,
121 .output = dev_queue_xmit,
122 .connected_output = dev_queue_xmit,
123 .hh_output = dev_queue_xmit,
124 .queue_xmit = dev_queue_xmit,
125};
126
127struct neigh_table nd_tbl = {
128 .family = AF_INET6,
129 .entry_size = sizeof(struct neighbour) + sizeof(struct in6_addr),
130 .key_len = sizeof(struct in6_addr),
131 .hash = ndisc_hash,
132 .constructor = ndisc_constructor,
133 .pconstructor = pndisc_constructor,
134 .pdestructor = pndisc_destructor,
135 .proxy_redo = pndisc_redo,
136 .id = "ndisc_cache",
137 .parms = {
138 .tbl = &nd_tbl,
139 .base_reachable_time = 30 * HZ,
140 .retrans_time = 1 * HZ,
141 .gc_staletime = 60 * HZ,
142 .reachable_time = 30 * HZ,
143 .delay_probe_time = 5 * HZ,
144 .queue_len = 3,
145 .ucast_probes = 3,
146 .mcast_probes = 3,
147 .anycast_delay = 1 * HZ,
148 .proxy_delay = (8 * HZ) / 10,
149 .proxy_qlen = 64,
150 },
151 .gc_interval = 30 * HZ,
152 .gc_thresh1 = 128,
153 .gc_thresh2 = 512,
154 .gc_thresh3 = 1024,
155};
156
157/* ND options */
158struct ndisc_options {
YOSHIFUJI Hideaki70ceb4f2006-03-20 17:06:24 -0800159 struct nd_opt_hdr *nd_opt_array[__ND_OPT_ARRAY_MAX];
160#ifdef CONFIG_IPV6_ROUTE_INFO
161 struct nd_opt_hdr *nd_opts_ri;
162 struct nd_opt_hdr *nd_opts_ri_end;
163#endif
Linus Torvalds1da177e2005-04-16 15:20:36 -0700164};
165
166#define nd_opts_src_lladdr nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
167#define nd_opts_tgt_lladdr nd_opt_array[ND_OPT_TARGET_LL_ADDR]
168#define nd_opts_pi nd_opt_array[ND_OPT_PREFIX_INFO]
169#define nd_opts_pi_end nd_opt_array[__ND_OPT_PREFIX_INFO_END]
170#define nd_opts_rh nd_opt_array[ND_OPT_REDIRECT_HDR]
171#define nd_opts_mtu nd_opt_array[ND_OPT_MTU]
172
173#define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
174
175/*
176 * Return the padding between the option length and the start of the
177 * link addr. Currently only IP-over-InfiniBand needs this, although
178 * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
179 * also need a pad of 2.
180 */
181static int ndisc_addr_option_pad(unsigned short type)
182{
183 switch (type) {
184 case ARPHRD_INFINIBAND: return 2;
185 default: return 0;
186 }
187}
188
189static inline int ndisc_opt_addr_space(struct net_device *dev)
190{
191 return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
192}
193
194static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
195 unsigned short addr_type)
196{
197 int space = NDISC_OPT_SPACE(data_len);
198 int pad = ndisc_addr_option_pad(addr_type);
199
200 opt[0] = type;
201 opt[1] = space>>3;
202
203 memset(opt + 2, 0, pad);
204 opt += pad;
205 space -= pad;
206
207 memcpy(opt+2, data, data_len);
208 data_len += 2;
209 opt += data_len;
210 if ((space -= data_len) > 0)
211 memset(opt, 0, space);
212 return opt + space;
213}
214
215static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
216 struct nd_opt_hdr *end)
217{
218 int type;
219 if (!cur || !end || cur >= end)
220 return NULL;
221 type = cur->nd_opt_type;
222 do {
223 cur = ((void *)cur) + (cur->nd_opt_len << 3);
224 } while(cur < end && cur->nd_opt_type != type);
225 return (cur <= end && cur->nd_opt_type == type ? cur : NULL);
226}
227
228static struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
229 struct ndisc_options *ndopts)
230{
231 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
232
233 if (!nd_opt || opt_len < 0 || !ndopts)
234 return NULL;
235 memset(ndopts, 0, sizeof(*ndopts));
236 while (opt_len) {
237 int l;
238 if (opt_len < sizeof(struct nd_opt_hdr))
239 return NULL;
240 l = nd_opt->nd_opt_len << 3;
241 if (opt_len < l || l == 0)
242 return NULL;
243 switch (nd_opt->nd_opt_type) {
244 case ND_OPT_SOURCE_LL_ADDR:
245 case ND_OPT_TARGET_LL_ADDR:
246 case ND_OPT_MTU:
247 case ND_OPT_REDIRECT_HDR:
248 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
249 ND_PRINTK2(KERN_WARNING
250 "%s(): duplicated ND6 option found: type=%d\n",
251 __FUNCTION__,
252 nd_opt->nd_opt_type);
253 } else {
254 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
255 }
256 break;
257 case ND_OPT_PREFIX_INFO:
258 ndopts->nd_opts_pi_end = nd_opt;
259 if (ndopts->nd_opt_array[nd_opt->nd_opt_type] == 0)
260 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
261 break;
YOSHIFUJI Hideaki70ceb4f2006-03-20 17:06:24 -0800262#ifdef CONFIG_IPV6_ROUTE_INFO
263 case ND_OPT_ROUTE_INFO:
264 ndopts->nd_opts_ri_end = nd_opt;
265 if (!ndopts->nd_opts_ri)
266 ndopts->nd_opts_ri = nd_opt;
267 break;
268#endif
Linus Torvalds1da177e2005-04-16 15:20:36 -0700269 default:
270 /*
271 * Unknown options must be silently ignored,
272 * to accommodate future extension to the protocol.
273 */
274 ND_PRINTK2(KERN_NOTICE
275 "%s(): ignored unsupported option; type=%d, len=%d\n",
276 __FUNCTION__,
277 nd_opt->nd_opt_type, nd_opt->nd_opt_len);
278 }
279 opt_len -= l;
280 nd_opt = ((void *)nd_opt) + l;
281 }
282 return ndopts;
283}
284
285static inline u8 *ndisc_opt_addr_data(struct nd_opt_hdr *p,
286 struct net_device *dev)
287{
288 u8 *lladdr = (u8 *)(p + 1);
289 int lladdrlen = p->nd_opt_len << 3;
290 int prepad = ndisc_addr_option_pad(dev->type);
291 if (lladdrlen != NDISC_OPT_SPACE(dev->addr_len + prepad))
292 return NULL;
293 return (lladdr + prepad);
294}
295
296int ndisc_mc_map(struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
297{
298 switch (dev->type) {
299 case ARPHRD_ETHER:
300 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
301 case ARPHRD_FDDI:
302 ipv6_eth_mc_map(addr, buf);
303 return 0;
304 case ARPHRD_IEEE802_TR:
305 ipv6_tr_mc_map(addr,buf);
306 return 0;
307 case ARPHRD_ARCNET:
308 ipv6_arcnet_mc_map(addr, buf);
309 return 0;
310 case ARPHRD_INFINIBAND:
311 ipv6_ib_mc_map(addr, buf);
312 return 0;
313 default:
314 if (dir) {
315 memcpy(buf, dev->broadcast, dev->addr_len);
316 return 0;
317 }
318 }
319 return -EINVAL;
320}
321
322static u32 ndisc_hash(const void *pkey, const struct net_device *dev)
323{
324 const u32 *p32 = pkey;
325 u32 addr_hash, i;
326
327 addr_hash = 0;
328 for (i = 0; i < (sizeof(struct in6_addr) / sizeof(u32)); i++)
329 addr_hash ^= *p32++;
330
331 return jhash_2words(addr_hash, dev->ifindex, nd_tbl.hash_rnd);
332}
333
334static int ndisc_constructor(struct neighbour *neigh)
335{
336 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
337 struct net_device *dev = neigh->dev;
338 struct inet6_dev *in6_dev;
339 struct neigh_parms *parms;
340 int is_multicast = ipv6_addr_is_multicast(addr);
341
342 rcu_read_lock();
343 in6_dev = in6_dev_get(dev);
344 if (in6_dev == NULL) {
345 rcu_read_unlock();
346 return -EINVAL;
347 }
348
349 parms = in6_dev->nd_parms;
350 __neigh_parms_put(neigh->parms);
351 neigh->parms = neigh_parms_clone(parms);
352 rcu_read_unlock();
353
354 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
355 if (dev->hard_header == NULL) {
356 neigh->nud_state = NUD_NOARP;
357 neigh->ops = &ndisc_direct_ops;
358 neigh->output = neigh->ops->queue_xmit;
359 } else {
360 if (is_multicast) {
361 neigh->nud_state = NUD_NOARP;
362 ndisc_mc_map(addr, neigh->ha, dev, 1);
363 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
364 neigh->nud_state = NUD_NOARP;
365 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
366 if (dev->flags&IFF_LOOPBACK)
367 neigh->type = RTN_LOCAL;
368 } else if (dev->flags&IFF_POINTOPOINT) {
369 neigh->nud_state = NUD_NOARP;
370 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
371 }
372 if (dev->hard_header_cache)
373 neigh->ops = &ndisc_hh_ops;
374 else
375 neigh->ops = &ndisc_generic_ops;
376 if (neigh->nud_state&NUD_VALID)
377 neigh->output = neigh->ops->connected_output;
378 else
379 neigh->output = neigh->ops->output;
380 }
381 in6_dev_put(in6_dev);
382 return 0;
383}
384
385static int pndisc_constructor(struct pneigh_entry *n)
386{
387 struct in6_addr *addr = (struct in6_addr*)&n->key;
388 struct in6_addr maddr;
389 struct net_device *dev = n->dev;
390
391 if (dev == NULL || __in6_dev_get(dev) == NULL)
392 return -EINVAL;
393 addrconf_addr_solict_mult(addr, &maddr);
394 ipv6_dev_mc_inc(dev, &maddr);
395 return 0;
396}
397
398static void pndisc_destructor(struct pneigh_entry *n)
399{
400 struct in6_addr *addr = (struct in6_addr*)&n->key;
401 struct in6_addr maddr;
402 struct net_device *dev = n->dev;
403
404 if (dev == NULL || __in6_dev_get(dev) == NULL)
405 return;
406 addrconf_addr_solict_mult(addr, &maddr);
407 ipv6_dev_mc_dec(dev, &maddr);
408}
409
410/*
411 * Send a Neighbour Advertisement
412 */
413
414static inline void ndisc_flow_init(struct flowi *fl, u8 type,
415 struct in6_addr *saddr, struct in6_addr *daddr)
416{
417 memset(fl, 0, sizeof(*fl));
418 ipv6_addr_copy(&fl->fl6_src, saddr);
419 ipv6_addr_copy(&fl->fl6_dst, daddr);
420 fl->proto = IPPROTO_ICMPV6;
421 fl->fl_icmp_type = type;
422 fl->fl_icmp_code = 0;
423}
424
425static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
426 struct in6_addr *daddr, struct in6_addr *solicited_addr,
427 int router, int solicited, int override, int inc_opt)
428{
429 struct in6_addr tmpaddr;
430 struct inet6_ifaddr *ifp;
431 struct inet6_dev *idev;
432 struct flowi fl;
433 struct dst_entry* dst;
434 struct sock *sk = ndisc_socket->sk;
435 struct in6_addr *src_addr;
436 struct nd_msg *msg;
437 int len;
438 struct sk_buff *skb;
439 int err;
440
441 len = sizeof(struct icmp6hdr) + sizeof(struct in6_addr);
442
443 /* for anycast or proxy, solicited_addr != src_addr */
444 ifp = ipv6_get_ifaddr(solicited_addr, dev, 1);
445 if (ifp) {
446 src_addr = solicited_addr;
447 in6_ifa_put(ifp);
448 } else {
449 if (ipv6_dev_get_saddr(dev, daddr, &tmpaddr))
450 return;
451 src_addr = &tmpaddr;
452 }
453
454 ndisc_flow_init(&fl, NDISC_NEIGHBOUR_ADVERTISEMENT, src_addr, daddr);
455
456 dst = ndisc_dst_alloc(dev, neigh, daddr, ip6_output);
457 if (!dst)
458 return;
459
460 err = xfrm_lookup(&dst, &fl, NULL, 0);
Patrick McHardye104411b2005-09-08 15:11:55 -0700461 if (err < 0)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700462 return;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700463
464 if (inc_opt) {
465 if (dev->addr_len)
466 len += ndisc_opt_addr_space(dev);
467 else
468 inc_opt = 0;
469 }
470
471 skb = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
472 1, &err);
473
474 if (skb == NULL) {
475 ND_PRINTK0(KERN_ERR
476 "ICMPv6 NA: %s() failed to allocate an skb.\n",
477 __FUNCTION__);
478 dst_release(dst);
479 return;
480 }
481
482 skb_reserve(skb, LL_RESERVED_SPACE(dev));
483 ip6_nd_hdr(sk, skb, dev, src_addr, daddr, IPPROTO_ICMPV6, len);
484
485 msg = (struct nd_msg *)skb_put(skb, len);
486 skb->h.raw = (unsigned char*)msg;
487
488 msg->icmph.icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT;
489 msg->icmph.icmp6_code = 0;
490 msg->icmph.icmp6_cksum = 0;
491
492 msg->icmph.icmp6_unused = 0;
493 msg->icmph.icmp6_router = router;
494 msg->icmph.icmp6_solicited = solicited;
495 msg->icmph.icmp6_override = !!override;
496
497 /* Set the target address. */
498 ipv6_addr_copy(&msg->target, solicited_addr);
499
500 if (inc_opt)
501 ndisc_fill_addr_option(msg->opt, ND_OPT_TARGET_LL_ADDR, dev->dev_addr,
502 dev->addr_len, dev->type);
503
504 /* checksum */
505 msg->icmph.icmp6_cksum = csum_ipv6_magic(src_addr, daddr, len,
506 IPPROTO_ICMPV6,
507 csum_partial((__u8 *) msg,
508 len, 0));
509
510 skb->dst = dst;
511 idev = in6_dev_get(dst->dev);
512 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
513 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, dst_output);
514 if (!err) {
515 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTNEIGHBORADVERTISEMENTS);
516 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
517 }
518
519 if (likely(idev != NULL))
520 in6_dev_put(idev);
521}
522
523void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
524 struct in6_addr *solicit,
525 struct in6_addr *daddr, struct in6_addr *saddr)
526{
527 struct flowi fl;
528 struct dst_entry* dst;
529 struct inet6_dev *idev;
530 struct sock *sk = ndisc_socket->sk;
531 struct sk_buff *skb;
532 struct nd_msg *msg;
533 struct in6_addr addr_buf;
534 int len;
535 int err;
536 int send_llinfo;
537
538 if (saddr == NULL) {
539 if (ipv6_get_lladdr(dev, &addr_buf))
540 return;
541 saddr = &addr_buf;
542 }
543
544 ndisc_flow_init(&fl, NDISC_NEIGHBOUR_SOLICITATION, saddr, daddr);
545
546 dst = ndisc_dst_alloc(dev, neigh, daddr, ip6_output);
547 if (!dst)
548 return;
549
550 err = xfrm_lookup(&dst, &fl, NULL, 0);
Patrick McHardye104411b2005-09-08 15:11:55 -0700551 if (err < 0)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700552 return;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700553
554 len = sizeof(struct icmp6hdr) + sizeof(struct in6_addr);
555 send_llinfo = dev->addr_len && !ipv6_addr_any(saddr);
556 if (send_llinfo)
557 len += ndisc_opt_addr_space(dev);
558
559 skb = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
560 1, &err);
561 if (skb == NULL) {
562 ND_PRINTK0(KERN_ERR
563 "ICMPv6 NA: %s() failed to allocate an skb.\n",
564 __FUNCTION__);
565 dst_release(dst);
566 return;
567 }
568
569 skb_reserve(skb, LL_RESERVED_SPACE(dev));
570 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
571
572 msg = (struct nd_msg *)skb_put(skb, len);
573 skb->h.raw = (unsigned char*)msg;
574 msg->icmph.icmp6_type = NDISC_NEIGHBOUR_SOLICITATION;
575 msg->icmph.icmp6_code = 0;
576 msg->icmph.icmp6_cksum = 0;
577 msg->icmph.icmp6_unused = 0;
578
579 /* Set the target address. */
580 ipv6_addr_copy(&msg->target, solicit);
581
582 if (send_llinfo)
583 ndisc_fill_addr_option(msg->opt, ND_OPT_SOURCE_LL_ADDR, dev->dev_addr,
584 dev->addr_len, dev->type);
585
586 /* checksum */
587 msg->icmph.icmp6_cksum = csum_ipv6_magic(&skb->nh.ipv6h->saddr,
588 daddr, len,
589 IPPROTO_ICMPV6,
590 csum_partial((__u8 *) msg,
591 len, 0));
592 /* send it! */
593 skb->dst = dst;
594 idev = in6_dev_get(dst->dev);
595 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
596 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, dst_output);
597 if (!err) {
598 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTNEIGHBORSOLICITS);
599 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
600 }
601
602 if (likely(idev != NULL))
603 in6_dev_put(idev);
604}
605
606void ndisc_send_rs(struct net_device *dev, struct in6_addr *saddr,
607 struct in6_addr *daddr)
608{
609 struct flowi fl;
610 struct dst_entry* dst;
611 struct inet6_dev *idev;
612 struct sock *sk = ndisc_socket->sk;
613 struct sk_buff *skb;
614 struct icmp6hdr *hdr;
615 __u8 * opt;
616 int len;
617 int err;
618
619 ndisc_flow_init(&fl, NDISC_ROUTER_SOLICITATION, saddr, daddr);
620
621 dst = ndisc_dst_alloc(dev, NULL, daddr, ip6_output);
622 if (!dst)
623 return;
624
625 err = xfrm_lookup(&dst, &fl, NULL, 0);
Patrick McHardye104411b2005-09-08 15:11:55 -0700626 if (err < 0)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700627 return;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700628
629 len = sizeof(struct icmp6hdr);
630 if (dev->addr_len)
631 len += ndisc_opt_addr_space(dev);
632
633 skb = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
634 1, &err);
635 if (skb == NULL) {
636 ND_PRINTK0(KERN_ERR
637 "ICMPv6 RS: %s() failed to allocate an skb.\n",
638 __FUNCTION__);
639 dst_release(dst);
640 return;
641 }
642
643 skb_reserve(skb, LL_RESERVED_SPACE(dev));
644 ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
645
646 hdr = (struct icmp6hdr *)skb_put(skb, len);
647 skb->h.raw = (unsigned char*)hdr;
648 hdr->icmp6_type = NDISC_ROUTER_SOLICITATION;
649 hdr->icmp6_code = 0;
650 hdr->icmp6_cksum = 0;
651 hdr->icmp6_unused = 0;
652
653 opt = (u8*) (hdr + 1);
654
655 if (dev->addr_len)
656 ndisc_fill_addr_option(opt, ND_OPT_SOURCE_LL_ADDR, dev->dev_addr,
657 dev->addr_len, dev->type);
658
659 /* checksum */
660 hdr->icmp6_cksum = csum_ipv6_magic(&skb->nh.ipv6h->saddr, daddr, len,
661 IPPROTO_ICMPV6,
662 csum_partial((__u8 *) hdr, len, 0));
663
664 /* send it! */
665 skb->dst = dst;
666 idev = in6_dev_get(dst->dev);
667 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
668 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, dst_output);
669 if (!err) {
670 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTROUTERSOLICITS);
671 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
672 }
673
674 if (likely(idev != NULL))
675 in6_dev_put(idev);
676}
677
678
679static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
680{
681 /*
682 * "The sender MUST return an ICMP
683 * destination unreachable"
684 */
685 dst_link_failure(skb);
686 kfree_skb(skb);
687}
688
689/* Called with locked neigh: either read or both */
690
691static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
692{
693 struct in6_addr *saddr = NULL;
694 struct in6_addr mcaddr;
695 struct net_device *dev = neigh->dev;
696 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
697 int probes = atomic_read(&neigh->probes);
698
699 if (skb && ipv6_chk_addr(&skb->nh.ipv6h->saddr, dev, 1))
700 saddr = &skb->nh.ipv6h->saddr;
701
702 if ((probes -= neigh->parms->ucast_probes) < 0) {
703 if (!(neigh->nud_state & NUD_VALID)) {
704 ND_PRINTK1(KERN_DEBUG
705 "%s(): trying to ucast probe in NUD_INVALID: "
Joe Perches46b86a22006-01-13 14:29:07 -0800706 NIP6_FMT "\n",
Linus Torvalds1da177e2005-04-16 15:20:36 -0700707 __FUNCTION__,
708 NIP6(*target));
709 }
710 ndisc_send_ns(dev, neigh, target, target, saddr);
711 } else if ((probes -= neigh->parms->app_probes) < 0) {
712#ifdef CONFIG_ARPD
713 neigh_app_ns(neigh);
714#endif
715 } else {
716 addrconf_addr_solict_mult(target, &mcaddr);
717 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
718 }
719}
720
721static void ndisc_recv_ns(struct sk_buff *skb)
722{
723 struct nd_msg *msg = (struct nd_msg *)skb->h.raw;
724 struct in6_addr *saddr = &skb->nh.ipv6h->saddr;
725 struct in6_addr *daddr = &skb->nh.ipv6h->daddr;
726 u8 *lladdr = NULL;
727 u32 ndoptlen = skb->tail - msg->opt;
728 struct ndisc_options ndopts;
729 struct net_device *dev = skb->dev;
730 struct inet6_ifaddr *ifp;
731 struct inet6_dev *idev = NULL;
732 struct neighbour *neigh;
733 int dad = ipv6_addr_any(saddr);
734 int inc;
735
736 if (ipv6_addr_is_multicast(&msg->target)) {
737 ND_PRINTK2(KERN_WARNING
738 "ICMPv6 NS: multicast target address");
739 return;
740 }
741
742 /*
743 * RFC2461 7.1.1:
744 * DAD has to be destined for solicited node multicast address.
745 */
746 if (dad &&
747 !(daddr->s6_addr32[0] == htonl(0xff020000) &&
748 daddr->s6_addr32[1] == htonl(0x00000000) &&
749 daddr->s6_addr32[2] == htonl(0x00000001) &&
750 daddr->s6_addr [12] == 0xff )) {
751 ND_PRINTK2(KERN_WARNING
752 "ICMPv6 NS: bad DAD packet (wrong destination)\n");
753 return;
754 }
755
756 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
757 ND_PRINTK2(KERN_WARNING
758 "ICMPv6 NS: invalid ND options\n");
759 return;
760 }
761
762 if (ndopts.nd_opts_src_lladdr) {
763 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
764 if (!lladdr) {
765 ND_PRINTK2(KERN_WARNING
766 "ICMPv6 NS: invalid link-layer address length\n");
767 return;
768 }
769
770 /* RFC2461 7.1.1:
771 * If the IP source address is the unspecified address,
772 * there MUST NOT be source link-layer address option
773 * in the message.
774 */
775 if (dad) {
776 ND_PRINTK2(KERN_WARNING
777 "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
778 return;
779 }
780 }
781
782 inc = ipv6_addr_is_multicast(daddr);
783
784 if ((ifp = ipv6_get_ifaddr(&msg->target, dev, 1)) != NULL) {
785 if (ifp->flags & IFA_F_TENTATIVE) {
786 /* Address is tentative. If the source
787 is unspecified address, it is someone
788 does DAD, otherwise we ignore solicitations
789 until DAD timer expires.
790 */
791 if (!dad)
792 goto out;
793 if (dev->type == ARPHRD_IEEE802_TR) {
794 unsigned char *sadr = skb->mac.raw;
795 if (((sadr[8] ^ dev->dev_addr[0]) & 0x7f) == 0 &&
796 sadr[9] == dev->dev_addr[1] &&
797 sadr[10] == dev->dev_addr[2] &&
798 sadr[11] == dev->dev_addr[3] &&
799 sadr[12] == dev->dev_addr[4] &&
800 sadr[13] == dev->dev_addr[5]) {
801 /* looped-back to us */
802 goto out;
803 }
804 }
805 addrconf_dad_failure(ifp);
806 return;
807 }
808
809 idev = ifp->idev;
810 } else {
811 idev = in6_dev_get(dev);
812 if (!idev) {
813 /* XXX: count this drop? */
814 return;
815 }
816
817 if (ipv6_chk_acast_addr(dev, &msg->target) ||
818 (idev->cnf.forwarding &&
819 pneigh_lookup(&nd_tbl, &msg->target, dev, 0))) {
Patrick McHardya61bbcf2005-08-14 17:24:31 -0700820 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
Linus Torvalds1da177e2005-04-16 15:20:36 -0700821 skb->pkt_type != PACKET_HOST &&
822 inc != 0 &&
823 idev->nd_parms->proxy_delay != 0) {
824 /*
825 * for anycast or proxy,
826 * sender should delay its response
827 * by a random time between 0 and
828 * MAX_ANYCAST_DELAY_TIME seconds.
829 * (RFC2461) -- yoshfuji
830 */
831 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
832 if (n)
833 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
834 goto out;
835 }
836 } else
837 goto out;
838 }
839
840 if (dad) {
841 struct in6_addr maddr;
842
843 ipv6_addr_all_nodes(&maddr);
844 ndisc_send_na(dev, NULL, &maddr, &msg->target,
845 idev->cnf.forwarding, 0, (ifp != NULL), 1);
846 goto out;
847 }
848
849 if (inc)
850 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
851 else
852 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
853
854 /*
855 * update / create cache entry
856 * for the source address
857 */
858 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
859 !inc || lladdr || !dev->addr_len);
860 if (neigh)
861 neigh_update(neigh, lladdr, NUD_STALE,
862 NEIGH_UPDATE_F_WEAK_OVERRIDE|
863 NEIGH_UPDATE_F_OVERRIDE);
864 if (neigh || !dev->hard_header) {
865 ndisc_send_na(dev, neigh, saddr, &msg->target,
866 idev->cnf.forwarding,
867 1, (ifp != NULL && inc), inc);
868 if (neigh)
869 neigh_release(neigh);
870 }
871
872out:
873 if (ifp)
874 in6_ifa_put(ifp);
875 else
876 in6_dev_put(idev);
877
878 return;
879}
880
881static void ndisc_recv_na(struct sk_buff *skb)
882{
883 struct nd_msg *msg = (struct nd_msg *)skb->h.raw;
884 struct in6_addr *saddr = &skb->nh.ipv6h->saddr;
885 struct in6_addr *daddr = &skb->nh.ipv6h->daddr;
886 u8 *lladdr = NULL;
887 u32 ndoptlen = skb->tail - msg->opt;
888 struct ndisc_options ndopts;
889 struct net_device *dev = skb->dev;
890 struct inet6_ifaddr *ifp;
891 struct neighbour *neigh;
892
893 if (skb->len < sizeof(struct nd_msg)) {
894 ND_PRINTK2(KERN_WARNING
895 "ICMPv6 NA: packet too short\n");
896 return;
897 }
898
899 if (ipv6_addr_is_multicast(&msg->target)) {
900 ND_PRINTK2(KERN_WARNING
901 "ICMPv6 NA: target address is multicast.\n");
902 return;
903 }
904
905 if (ipv6_addr_is_multicast(daddr) &&
906 msg->icmph.icmp6_solicited) {
907 ND_PRINTK2(KERN_WARNING
908 "ICMPv6 NA: solicited NA is multicasted.\n");
909 return;
910 }
911
912 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
913 ND_PRINTK2(KERN_WARNING
914 "ICMPv6 NS: invalid ND option\n");
915 return;
916 }
917 if (ndopts.nd_opts_tgt_lladdr) {
918 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
919 if (!lladdr) {
920 ND_PRINTK2(KERN_WARNING
921 "ICMPv6 NA: invalid link-layer address length\n");
922 return;
923 }
924 }
925 if ((ifp = ipv6_get_ifaddr(&msg->target, dev, 1))) {
926 if (ifp->flags & IFA_F_TENTATIVE) {
927 addrconf_dad_failure(ifp);
928 return;
929 }
930 /* What should we make now? The advertisement
931 is invalid, but ndisc specs say nothing
932 about it. It could be misconfiguration, or
933 an smart proxy agent tries to help us :-)
934 */
935 ND_PRINTK1(KERN_WARNING
936 "ICMPv6 NA: someone advertises our address on %s!\n",
937 ifp->idev->dev->name);
938 in6_ifa_put(ifp);
939 return;
940 }
941 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
942
943 if (neigh) {
944 u8 old_flags = neigh->flags;
945
946 if (neigh->nud_state & NUD_FAILED)
947 goto out;
948
949 neigh_update(neigh, lladdr,
950 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
951 NEIGH_UPDATE_F_WEAK_OVERRIDE|
952 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
953 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
954 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
955
956 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
957 /*
958 * Change: router to host
959 */
960 struct rt6_info *rt;
961 rt = rt6_get_dflt_router(saddr, dev);
962 if (rt)
Jamal Hadi Salim0d51aa82005-06-21 13:51:04 -0700963 ip6_del_rt(rt, NULL, NULL, NULL);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700964 }
965
966out:
967 neigh_release(neigh);
968 }
969}
970
971static void ndisc_recv_rs(struct sk_buff *skb)
972{
973 struct rs_msg *rs_msg = (struct rs_msg *) skb->h.raw;
974 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
975 struct neighbour *neigh;
976 struct inet6_dev *idev;
977 struct in6_addr *saddr = &skb->nh.ipv6h->saddr;
978 struct ndisc_options ndopts;
979 u8 *lladdr = NULL;
980
981 if (skb->len < sizeof(*rs_msg))
982 return;
983
984 idev = in6_dev_get(skb->dev);
985 if (!idev) {
986 if (net_ratelimit())
987 ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
988 return;
989 }
990
991 /* Don't accept RS if we're not in router mode */
992 if (!idev->cnf.forwarding)
993 goto out;
994
995 /*
996 * Don't update NCE if src = ::;
997 * this implies that the source node has no ip address assigned yet.
998 */
999 if (ipv6_addr_any(saddr))
1000 goto out;
1001
1002 /* Parse ND options */
1003 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
1004 if (net_ratelimit())
1005 ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
1006 goto out;
1007 }
1008
1009 if (ndopts.nd_opts_src_lladdr) {
1010 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1011 skb->dev);
1012 if (!lladdr)
1013 goto out;
1014 }
1015
1016 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1017 if (neigh) {
1018 neigh_update(neigh, lladdr, NUD_STALE,
1019 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1020 NEIGH_UPDATE_F_OVERRIDE|
1021 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1022 neigh_release(neigh);
1023 }
1024out:
1025 in6_dev_put(idev);
1026}
1027
1028static void ndisc_router_discovery(struct sk_buff *skb)
1029{
1030 struct ra_msg *ra_msg = (struct ra_msg *) skb->h.raw;
1031 struct neighbour *neigh = NULL;
1032 struct inet6_dev *in6_dev;
YOSHIFUJI Hideaki65f5c7c2006-03-20 16:55:08 -08001033 struct rt6_info *rt = NULL;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001034 int lifetime;
1035 struct ndisc_options ndopts;
1036 int optlen;
YOSHIFUJI Hideakiebacaaa2006-03-20 17:04:53 -08001037 unsigned int pref = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001038
1039 __u8 * opt = (__u8 *)(ra_msg + 1);
1040
1041 optlen = (skb->tail - skb->h.raw) - sizeof(struct ra_msg);
1042
1043 if (!(ipv6_addr_type(&skb->nh.ipv6h->saddr) & IPV6_ADDR_LINKLOCAL)) {
1044 ND_PRINTK2(KERN_WARNING
1045 "ICMPv6 RA: source address is not link-local.\n");
1046 return;
1047 }
1048 if (optlen < 0) {
1049 ND_PRINTK2(KERN_WARNING
1050 "ICMPv6 RA: packet too short\n");
1051 return;
1052 }
1053
1054 /*
1055 * set the RA_RECV flag in the interface
1056 */
1057
1058 in6_dev = in6_dev_get(skb->dev);
1059 if (in6_dev == NULL) {
1060 ND_PRINTK0(KERN_ERR
1061 "ICMPv6 RA: can't find inet6 device for %s.\n",
1062 skb->dev->name);
1063 return;
1064 }
1065 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_ra) {
1066 in6_dev_put(in6_dev);
1067 return;
1068 }
1069
1070 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1071 in6_dev_put(in6_dev);
1072 ND_PRINTK2(KERN_WARNING
1073 "ICMP6 RA: invalid ND options\n");
1074 return;
1075 }
1076
1077 if (in6_dev->if_flags & IF_RS_SENT) {
1078 /*
1079 * flag that an RA was received after an RS was sent
1080 * out on this interface.
1081 */
1082 in6_dev->if_flags |= IF_RA_RCVD;
1083 }
1084
1085 /*
1086 * Remember the managed/otherconf flags from most recently
1087 * received RA message (RFC 2462) -- yoshfuji
1088 */
1089 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1090 IF_RA_OTHERCONF)) |
1091 (ra_msg->icmph.icmp6_addrconf_managed ?
1092 IF_RA_MANAGED : 0) |
1093 (ra_msg->icmph.icmp6_addrconf_other ?
1094 IF_RA_OTHERCONF : 0);
1095
YOSHIFUJI Hideaki65f5c7c2006-03-20 16:55:08 -08001096 if (!in6_dev->cnf.accept_ra_defrtr)
1097 goto skip_defrtr;
1098
Linus Torvalds1da177e2005-04-16 15:20:36 -07001099 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1100
YOSHIFUJI Hideakiebacaaa2006-03-20 17:04:53 -08001101#ifdef CONFIG_IPV6_ROUTER_PREF
1102 pref = ra_msg->icmph.icmp6_router_pref;
1103 /* 10b is handled as if it were 00b (medium) */
YOSHIFUJI Hideaki930d6ff2006-03-20 17:05:30 -08001104 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1105 in6_dev->cnf.accept_ra_rtr_pref)
YOSHIFUJI Hideakiebacaaa2006-03-20 17:04:53 -08001106 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1107#endif
1108
Linus Torvalds1da177e2005-04-16 15:20:36 -07001109 rt = rt6_get_dflt_router(&skb->nh.ipv6h->saddr, skb->dev);
1110
1111 if (rt)
1112 neigh = rt->rt6i_nexthop;
1113
1114 if (rt && lifetime == 0) {
1115 neigh_clone(neigh);
Jamal Hadi Salim0d51aa82005-06-21 13:51:04 -07001116 ip6_del_rt(rt, NULL, NULL, NULL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001117 rt = NULL;
1118 }
1119
1120 if (rt == NULL && lifetime) {
1121 ND_PRINTK3(KERN_DEBUG
1122 "ICMPv6 RA: adding default router.\n");
1123
YOSHIFUJI Hideakiebacaaa2006-03-20 17:04:53 -08001124 rt = rt6_add_dflt_router(&skb->nh.ipv6h->saddr, skb->dev, pref);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001125 if (rt == NULL) {
1126 ND_PRINTK0(KERN_ERR
1127 "ICMPv6 RA: %s() failed to add default route.\n",
1128 __FUNCTION__);
1129 in6_dev_put(in6_dev);
1130 return;
1131 }
1132
1133 neigh = rt->rt6i_nexthop;
1134 if (neigh == NULL) {
1135 ND_PRINTK0(KERN_ERR
1136 "ICMPv6 RA: %s() got default router without neighbour.\n",
1137 __FUNCTION__);
1138 dst_release(&rt->u.dst);
1139 in6_dev_put(in6_dev);
1140 return;
1141 }
1142 neigh->flags |= NTF_ROUTER;
YOSHIFUJI Hideakiebacaaa2006-03-20 17:04:53 -08001143 } else if (rt) {
1144 rt->rt6i_flags |= (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001145 }
1146
1147 if (rt)
1148 rt->rt6i_expires = jiffies + (HZ * lifetime);
1149
1150 if (ra_msg->icmph.icmp6_hop_limit) {
1151 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1152 if (rt)
1153 rt->u.dst.metrics[RTAX_HOPLIMIT-1] = ra_msg->icmph.icmp6_hop_limit;
1154 }
1155
YOSHIFUJI Hideaki65f5c7c2006-03-20 16:55:08 -08001156skip_defrtr:
1157
Linus Torvalds1da177e2005-04-16 15:20:36 -07001158 /*
1159 * Update Reachable Time and Retrans Timer
1160 */
1161
1162 if (in6_dev->nd_parms) {
1163 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1164
1165 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1166 rtime = (rtime*HZ)/1000;
1167 if (rtime < HZ/10)
1168 rtime = HZ/10;
1169 in6_dev->nd_parms->retrans_time = rtime;
1170 in6_dev->tstamp = jiffies;
1171 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1172 }
1173
1174 rtime = ntohl(ra_msg->reachable_time);
1175 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1176 rtime = (rtime*HZ)/1000;
1177
1178 if (rtime < HZ/10)
1179 rtime = HZ/10;
1180
1181 if (rtime != in6_dev->nd_parms->base_reachable_time) {
1182 in6_dev->nd_parms->base_reachable_time = rtime;
1183 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1184 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1185 in6_dev->tstamp = jiffies;
1186 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1187 }
1188 }
1189 }
1190
1191 /*
1192 * Process options.
1193 */
1194
1195 if (!neigh)
1196 neigh = __neigh_lookup(&nd_tbl, &skb->nh.ipv6h->saddr,
1197 skb->dev, 1);
1198 if (neigh) {
1199 u8 *lladdr = NULL;
1200 if (ndopts.nd_opts_src_lladdr) {
1201 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1202 skb->dev);
1203 if (!lladdr) {
1204 ND_PRINTK2(KERN_WARNING
1205 "ICMPv6 RA: invalid link-layer address length\n");
1206 goto out;
1207 }
1208 }
1209 neigh_update(neigh, lladdr, NUD_STALE,
1210 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1211 NEIGH_UPDATE_F_OVERRIDE|
1212 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1213 NEIGH_UPDATE_F_ISROUTER);
1214 }
1215
YOSHIFUJI Hideaki70ceb4f2006-03-20 17:06:24 -08001216#ifdef CONFIG_IPV6_ROUTE_INFO
1217 if (ndopts.nd_opts_ri) {
1218 struct nd_opt_hdr *p;
1219 for (p = ndopts.nd_opts_ri;
1220 p;
1221 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1222 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1223 &skb->nh.ipv6h->saddr);
1224 }
1225 }
1226#endif
1227
YOSHIFUJI Hideakic4fd30e2006-03-20 16:55:26 -08001228 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
Linus Torvalds1da177e2005-04-16 15:20:36 -07001229 struct nd_opt_hdr *p;
1230 for (p = ndopts.nd_opts_pi;
1231 p;
1232 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1233 addrconf_prefix_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3);
1234 }
1235 }
1236
1237 if (ndopts.nd_opts_mtu) {
1238 u32 mtu;
1239
1240 memcpy(&mtu, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1241 mtu = ntohl(mtu);
1242
1243 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1244 ND_PRINTK2(KERN_WARNING
1245 "ICMPv6 RA: invalid mtu: %d\n",
1246 mtu);
1247 } else if (in6_dev->cnf.mtu6 != mtu) {
1248 in6_dev->cnf.mtu6 = mtu;
1249
1250 if (rt)
1251 rt->u.dst.metrics[RTAX_MTU-1] = mtu;
1252
1253 rt6_mtu_change(skb->dev, mtu);
1254 }
1255 }
1256
1257 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1258 ND_PRINTK2(KERN_WARNING
1259 "ICMPv6 RA: invalid RA options");
1260 }
1261out:
1262 if (rt)
1263 dst_release(&rt->u.dst);
1264 else if (neigh)
1265 neigh_release(neigh);
1266 in6_dev_put(in6_dev);
1267}
1268
1269static void ndisc_redirect_rcv(struct sk_buff *skb)
1270{
1271 struct inet6_dev *in6_dev;
1272 struct icmp6hdr *icmph;
1273 struct in6_addr *dest;
1274 struct in6_addr *target; /* new first hop to destination */
1275 struct neighbour *neigh;
1276 int on_link = 0;
1277 struct ndisc_options ndopts;
1278 int optlen;
1279 u8 *lladdr = NULL;
1280
1281 if (!(ipv6_addr_type(&skb->nh.ipv6h->saddr) & IPV6_ADDR_LINKLOCAL)) {
1282 ND_PRINTK2(KERN_WARNING
1283 "ICMPv6 Redirect: source address is not link-local.\n");
1284 return;
1285 }
1286
1287 optlen = skb->tail - skb->h.raw;
1288 optlen -= sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1289
1290 if (optlen < 0) {
1291 ND_PRINTK2(KERN_WARNING
1292 "ICMPv6 Redirect: packet too short\n");
1293 return;
1294 }
1295
1296 icmph = (struct icmp6hdr *) skb->h.raw;
1297 target = (struct in6_addr *) (icmph + 1);
1298 dest = target + 1;
1299
1300 if (ipv6_addr_is_multicast(dest)) {
1301 ND_PRINTK2(KERN_WARNING
1302 "ICMPv6 Redirect: destination address is multicast.\n");
1303 return;
1304 }
1305
1306 if (ipv6_addr_equal(dest, target)) {
1307 on_link = 1;
1308 } else if (!(ipv6_addr_type(target) & IPV6_ADDR_LINKLOCAL)) {
1309 ND_PRINTK2(KERN_WARNING
1310 "ICMPv6 Redirect: target address is not link-local.\n");
1311 return;
1312 }
1313
1314 in6_dev = in6_dev_get(skb->dev);
1315 if (!in6_dev)
1316 return;
1317 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) {
1318 in6_dev_put(in6_dev);
1319 return;
1320 }
1321
1322 /* RFC2461 8.1:
1323 * The IP source address of the Redirect MUST be the same as the current
1324 * first-hop router for the specified ICMP Destination Address.
1325 */
1326
1327 if (!ndisc_parse_options((u8*)(dest + 1), optlen, &ndopts)) {
1328 ND_PRINTK2(KERN_WARNING
1329 "ICMPv6 Redirect: invalid ND options\n");
1330 in6_dev_put(in6_dev);
1331 return;
1332 }
1333 if (ndopts.nd_opts_tgt_lladdr) {
1334 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
1335 skb->dev);
1336 if (!lladdr) {
1337 ND_PRINTK2(KERN_WARNING
1338 "ICMPv6 Redirect: invalid link-layer address length\n");
1339 in6_dev_put(in6_dev);
1340 return;
1341 }
1342 }
1343
1344 neigh = __neigh_lookup(&nd_tbl, target, skb->dev, 1);
1345 if (neigh) {
1346 rt6_redirect(dest, &skb->nh.ipv6h->saddr, neigh, lladdr,
1347 on_link);
1348 neigh_release(neigh);
1349 }
1350 in6_dev_put(in6_dev);
1351}
1352
1353void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh,
1354 struct in6_addr *target)
1355{
1356 struct sock *sk = ndisc_socket->sk;
1357 int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1358 struct sk_buff *buff;
1359 struct icmp6hdr *icmph;
1360 struct in6_addr saddr_buf;
1361 struct in6_addr *addrp;
1362 struct net_device *dev;
1363 struct rt6_info *rt;
1364 struct dst_entry *dst;
1365 struct inet6_dev *idev;
1366 struct flowi fl;
1367 u8 *opt;
1368 int rd_len;
1369 int err;
1370 int hlen;
1371 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1372
1373 dev = skb->dev;
1374
1375 if (ipv6_get_lladdr(dev, &saddr_buf)) {
1376 ND_PRINTK2(KERN_WARNING
1377 "ICMPv6 Redirect: no link-local address on %s\n",
1378 dev->name);
1379 return;
1380 }
1381
1382 ndisc_flow_init(&fl, NDISC_REDIRECT, &saddr_buf, &skb->nh.ipv6h->saddr);
1383
1384 dst = ip6_route_output(NULL, &fl);
1385 if (dst == NULL)
1386 return;
1387
1388 err = xfrm_lookup(&dst, &fl, NULL, 0);
Patrick McHardye104411b2005-09-08 15:11:55 -07001389 if (err)
Linus Torvalds1da177e2005-04-16 15:20:36 -07001390 return;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001391
1392 rt = (struct rt6_info *) dst;
1393
1394 if (rt->rt6i_flags & RTF_GATEWAY) {
1395 ND_PRINTK2(KERN_WARNING
1396 "ICMPv6 Redirect: destination is not a neighbour.\n");
1397 dst_release(dst);
1398 return;
1399 }
1400 if (!xrlim_allow(dst, 1*HZ)) {
1401 dst_release(dst);
1402 return;
1403 }
1404
1405 if (dev->addr_len) {
1406 read_lock_bh(&neigh->lock);
1407 if (neigh->nud_state & NUD_VALID) {
1408 memcpy(ha_buf, neigh->ha, dev->addr_len);
1409 read_unlock_bh(&neigh->lock);
1410 ha = ha_buf;
1411 len += ndisc_opt_addr_space(dev);
1412 } else
1413 read_unlock_bh(&neigh->lock);
1414 }
1415
1416 rd_len = min_t(unsigned int,
1417 IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1418 rd_len &= ~0x7;
1419 len += rd_len;
1420
1421 buff = sock_alloc_send_skb(sk, MAX_HEADER + len + LL_RESERVED_SPACE(dev),
1422 1, &err);
1423 if (buff == NULL) {
1424 ND_PRINTK0(KERN_ERR
1425 "ICMPv6 Redirect: %s() failed to allocate an skb.\n",
1426 __FUNCTION__);
1427 dst_release(dst);
1428 return;
1429 }
1430
1431 hlen = 0;
1432
1433 skb_reserve(buff, LL_RESERVED_SPACE(dev));
1434 ip6_nd_hdr(sk, buff, dev, &saddr_buf, &skb->nh.ipv6h->saddr,
1435 IPPROTO_ICMPV6, len);
1436
1437 icmph = (struct icmp6hdr *)skb_put(buff, len);
1438 buff->h.raw = (unsigned char*)icmph;
1439
1440 memset(icmph, 0, sizeof(struct icmp6hdr));
1441 icmph->icmp6_type = NDISC_REDIRECT;
1442
1443 /*
1444 * copy target and destination addresses
1445 */
1446
1447 addrp = (struct in6_addr *)(icmph + 1);
1448 ipv6_addr_copy(addrp, target);
1449 addrp++;
1450 ipv6_addr_copy(addrp, &skb->nh.ipv6h->daddr);
1451
1452 opt = (u8*) (addrp + 1);
1453
1454 /*
1455 * include target_address option
1456 */
1457
1458 if (ha)
1459 opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1460 dev->addr_len, dev->type);
1461
1462 /*
1463 * build redirect option and copy skb over to the new packet.
1464 */
1465
1466 memset(opt, 0, 8);
1467 *(opt++) = ND_OPT_REDIRECT_HDR;
1468 *(opt++) = (rd_len >> 3);
1469 opt += 6;
1470
1471 memcpy(opt, skb->nh.ipv6h, rd_len - 8);
1472
1473 icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &skb->nh.ipv6h->saddr,
1474 len, IPPROTO_ICMPV6,
1475 csum_partial((u8 *) icmph, len, 0));
1476
1477 buff->dst = dst;
1478 idev = in6_dev_get(dst->dev);
1479 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
1480 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, buff, NULL, dst->dev, dst_output);
1481 if (!err) {
1482 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTREDIRECTS);
1483 ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
1484 }
1485
1486 if (likely(idev != NULL))
1487 in6_dev_put(idev);
1488}
1489
1490static void pndisc_redo(struct sk_buff *skb)
1491{
YOSHIFUJI Hideaki140e26fc2005-10-05 12:11:41 -07001492 ndisc_recv_ns(skb);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001493 kfree_skb(skb);
1494}
1495
1496int ndisc_rcv(struct sk_buff *skb)
1497{
1498 struct nd_msg *msg;
1499
1500 if (!pskb_may_pull(skb, skb->len))
1501 return 0;
1502
1503 msg = (struct nd_msg *) skb->h.raw;
1504
1505 __skb_push(skb, skb->data-skb->h.raw);
1506
1507 if (skb->nh.ipv6h->hop_limit != 255) {
1508 ND_PRINTK2(KERN_WARNING
1509 "ICMPv6 NDISC: invalid hop-limit: %d\n",
1510 skb->nh.ipv6h->hop_limit);
1511 return 0;
1512 }
1513
1514 if (msg->icmph.icmp6_code != 0) {
1515 ND_PRINTK2(KERN_WARNING
1516 "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1517 msg->icmph.icmp6_code);
1518 return 0;
1519 }
1520
Patrick McHardya61bbcf2005-08-14 17:24:31 -07001521 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1522
Linus Torvalds1da177e2005-04-16 15:20:36 -07001523 switch (msg->icmph.icmp6_type) {
1524 case NDISC_NEIGHBOUR_SOLICITATION:
1525 ndisc_recv_ns(skb);
1526 break;
1527
1528 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1529 ndisc_recv_na(skb);
1530 break;
1531
1532 case NDISC_ROUTER_SOLICITATION:
1533 ndisc_recv_rs(skb);
1534 break;
1535
1536 case NDISC_ROUTER_ADVERTISEMENT:
1537 ndisc_router_discovery(skb);
1538 break;
1539
1540 case NDISC_REDIRECT:
1541 ndisc_redirect_rcv(skb);
1542 break;
1543 };
1544
1545 return 0;
1546}
1547
1548static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1549{
1550 struct net_device *dev = ptr;
1551
1552 switch (event) {
1553 case NETDEV_CHANGEADDR:
1554 neigh_changeaddr(&nd_tbl, dev);
1555 fib6_run_gc(~0UL);
1556 break;
1557 case NETDEV_DOWN:
1558 neigh_ifdown(&nd_tbl, dev);
1559 fib6_run_gc(~0UL);
1560 break;
1561 default:
1562 break;
1563 }
1564
1565 return NOTIFY_DONE;
1566}
1567
1568static struct notifier_block ndisc_netdev_notifier = {
1569 .notifier_call = ndisc_netdev_event,
1570};
1571
1572#ifdef CONFIG_SYSCTL
1573static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1574 const char *func, const char *dev_name)
1575{
1576 static char warncomm[TASK_COMM_LEN];
1577 static int warned;
1578 if (strcmp(warncomm, current->comm) && warned < 5) {
1579 strcpy(warncomm, current->comm);
1580 printk(KERN_WARNING
1581 "process `%s' is using deprecated sysctl (%s) "
1582 "net.ipv6.neigh.%s.%s; "
1583 "Use net.ipv6.neigh.%s.%s_ms "
1584 "instead.\n",
1585 warncomm, func,
1586 dev_name, ctl->procname,
1587 dev_name, ctl->procname);
1588 warned++;
1589 }
1590}
1591
1592int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, struct file * filp, void __user *buffer, size_t *lenp, loff_t *ppos)
1593{
1594 struct net_device *dev = ctl->extra1;
1595 struct inet6_dev *idev;
1596 int ret;
1597
1598 if (ctl->ctl_name == NET_NEIGH_RETRANS_TIME ||
1599 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME)
1600 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1601
1602 switch (ctl->ctl_name) {
1603 case NET_NEIGH_RETRANS_TIME:
1604 ret = proc_dointvec(ctl, write, filp, buffer, lenp, ppos);
1605 break;
1606 case NET_NEIGH_REACHABLE_TIME:
1607 ret = proc_dointvec_jiffies(ctl, write,
1608 filp, buffer, lenp, ppos);
1609 break;
1610 case NET_NEIGH_RETRANS_TIME_MS:
1611 case NET_NEIGH_REACHABLE_TIME_MS:
1612 ret = proc_dointvec_ms_jiffies(ctl, write,
1613 filp, buffer, lenp, ppos);
1614 break;
1615 default:
1616 ret = -1;
1617 }
1618
1619 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1620 if (ctl->ctl_name == NET_NEIGH_REACHABLE_TIME ||
1621 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME_MS)
1622 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1623 idev->tstamp = jiffies;
1624 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1625 in6_dev_put(idev);
1626 }
1627 return ret;
1628}
1629
1630static int ndisc_ifinfo_sysctl_strategy(ctl_table *ctl, int __user *name,
1631 int nlen, void __user *oldval,
1632 size_t __user *oldlenp,
1633 void __user *newval, size_t newlen,
1634 void **context)
1635{
1636 struct net_device *dev = ctl->extra1;
1637 struct inet6_dev *idev;
1638 int ret;
1639
1640 if (ctl->ctl_name == NET_NEIGH_RETRANS_TIME ||
1641 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME)
1642 ndisc_warn_deprecated_sysctl(ctl, "procfs", dev ? dev->name : "default");
1643
1644 switch (ctl->ctl_name) {
1645 case NET_NEIGH_REACHABLE_TIME:
1646 ret = sysctl_jiffies(ctl, name, nlen,
1647 oldval, oldlenp, newval, newlen,
1648 context);
1649 break;
1650 case NET_NEIGH_RETRANS_TIME_MS:
1651 case NET_NEIGH_REACHABLE_TIME_MS:
1652 ret = sysctl_ms_jiffies(ctl, name, nlen,
1653 oldval, oldlenp, newval, newlen,
1654 context);
1655 break;
1656 default:
1657 ret = 0;
1658 }
1659
1660 if (newval && newlen && ret > 0 &&
1661 dev && (idev = in6_dev_get(dev)) != NULL) {
1662 if (ctl->ctl_name == NET_NEIGH_REACHABLE_TIME ||
1663 ctl->ctl_name == NET_NEIGH_REACHABLE_TIME_MS)
1664 idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1665 idev->tstamp = jiffies;
1666 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1667 in6_dev_put(idev);
1668 }
1669
1670 return ret;
1671}
1672
1673#endif
1674
1675int __init ndisc_init(struct net_proto_family *ops)
1676{
1677 struct ipv6_pinfo *np;
1678 struct sock *sk;
1679 int err;
1680
1681 err = sock_create_kern(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6, &ndisc_socket);
1682 if (err < 0) {
1683 ND_PRINTK0(KERN_ERR
1684 "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1685 err);
1686 ndisc_socket = NULL; /* For safety. */
1687 return err;
1688 }
1689
1690 sk = ndisc_socket->sk;
1691 np = inet6_sk(sk);
1692 sk->sk_allocation = GFP_ATOMIC;
1693 np->hop_limit = 255;
1694 /* Do not loopback ndisc messages */
1695 np->mc_loop = 0;
1696 sk->sk_prot->unhash(sk);
1697
1698 /*
1699 * Initialize the neighbour table
1700 */
1701
1702 neigh_table_init(&nd_tbl);
1703
1704#ifdef CONFIG_SYSCTL
1705 neigh_sysctl_register(NULL, &nd_tbl.parms, NET_IPV6, NET_IPV6_NEIGH,
1706 "ipv6",
1707 &ndisc_ifinfo_sysctl_change,
1708 &ndisc_ifinfo_sysctl_strategy);
1709#endif
1710
1711 register_netdevice_notifier(&ndisc_netdev_notifier);
1712 return 0;
1713}
1714
1715void ndisc_cleanup(void)
1716{
1717#ifdef CONFIG_SYSCTL
1718 neigh_sysctl_unregister(&nd_tbl.parms);
1719#endif
1720 neigh_table_clear(&nd_tbl);
1721 sock_release(ndisc_socket);
1722 ndisc_socket = NULL; /* For safety. */
1723}