2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
30 #define pr_fmt(fmt) "ICMPv6: " fmt
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
45 #include <linux/sysctl.h>
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
75 /* Set to 3 to get tracing... */
78 #define ND_PRINTK(val, level, fmt, ...) \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
84 static u32 ndisc_hash(const void *pkey,
85 const struct net_device *dev,
87 static int ndisc_constructor(struct neighbour *neigh);
88 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
89 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
90 static int pndisc_constructor(struct pneigh_entry *n);
91 static void pndisc_destructor(struct pneigh_entry *n);
92 static void pndisc_redo(struct sk_buff *skb);
94 static const struct neigh_ops ndisc_generic_ops = {
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_connected_output,
102 static const struct neigh_ops ndisc_hh_ops = {
104 .solicit = ndisc_solicit,
105 .error_report = ndisc_error_report,
106 .output = neigh_resolve_output,
107 .connected_output = neigh_resolve_output,
111 static const struct neigh_ops ndisc_direct_ops = {
113 .output = neigh_direct_output,
114 .connected_output = neigh_direct_output,
117 struct neigh_table nd_tbl = {
119 .key_len = sizeof(struct in6_addr),
121 .constructor = ndisc_constructor,
122 .pconstructor = pndisc_constructor,
123 .pdestructor = pndisc_destructor,
124 .proxy_redo = pndisc_redo,
128 .reachable_time = ND_REACHABLE_TIME,
130 [NEIGH_VAR_MCAST_PROBES] = 3,
131 [NEIGH_VAR_UCAST_PROBES] = 3,
132 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
133 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
134 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
135 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
136 [NEIGH_VAR_QUEUE_LEN_BYTES] = 64 * 1024,
137 [NEIGH_VAR_PROXY_QLEN] = 64,
138 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
139 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
142 .gc_interval = 30 * HZ,
148 static void ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data)
150 int pad = ndisc_addr_option_pad(skb->dev->type);
151 int data_len = skb->dev->addr_len;
152 int space = ndisc_opt_addr_space(skb->dev);
153 u8 *opt = skb_put(skb, space);
158 memset(opt + 2, 0, pad);
162 memcpy(opt+2, data, data_len);
165 if ((space -= data_len) > 0)
166 memset(opt, 0, space);
169 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
170 struct nd_opt_hdr *end)
173 if (!cur || !end || cur >= end)
175 type = cur->nd_opt_type;
177 cur = ((void *)cur) + (cur->nd_opt_len << 3);
178 } while(cur < end && cur->nd_opt_type != type);
179 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
182 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
184 return opt->nd_opt_type == ND_OPT_RDNSS ||
185 opt->nd_opt_type == ND_OPT_DNSSL;
188 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
189 struct nd_opt_hdr *end)
191 if (!cur || !end || cur >= end)
194 cur = ((void *)cur) + (cur->nd_opt_len << 3);
195 } while(cur < end && !ndisc_is_useropt(cur));
196 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
199 struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
200 struct ndisc_options *ndopts)
202 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
204 if (!nd_opt || opt_len < 0 || !ndopts)
206 memset(ndopts, 0, sizeof(*ndopts));
209 if (opt_len < sizeof(struct nd_opt_hdr))
211 l = nd_opt->nd_opt_len << 3;
212 if (opt_len < l || l == 0)
214 switch (nd_opt->nd_opt_type) {
215 case ND_OPT_SOURCE_LL_ADDR:
216 case ND_OPT_TARGET_LL_ADDR:
218 case ND_OPT_REDIRECT_HDR:
219 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
221 "%s: duplicated ND6 option found: type=%d\n",
222 __func__, nd_opt->nd_opt_type);
224 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
227 case ND_OPT_PREFIX_INFO:
228 ndopts->nd_opts_pi_end = nd_opt;
229 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
230 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
232 #ifdef CONFIG_IPV6_ROUTE_INFO
233 case ND_OPT_ROUTE_INFO:
234 ndopts->nd_opts_ri_end = nd_opt;
235 if (!ndopts->nd_opts_ri)
236 ndopts->nd_opts_ri = nd_opt;
240 if (ndisc_is_useropt(nd_opt)) {
241 ndopts->nd_useropts_end = nd_opt;
242 if (!ndopts->nd_useropts)
243 ndopts->nd_useropts = nd_opt;
246 * Unknown options must be silently ignored,
247 * to accommodate future extension to the
251 "%s: ignored unsupported option; type=%d, len=%d\n",
258 nd_opt = ((void *)nd_opt) + l;
263 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
267 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
269 ipv6_eth_mc_map(addr, buf);
272 ipv6_arcnet_mc_map(addr, buf);
274 case ARPHRD_INFINIBAND:
275 ipv6_ib_mc_map(addr, dev->broadcast, buf);
278 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
281 memcpy(buf, dev->broadcast, dev->addr_len);
288 EXPORT_SYMBOL(ndisc_mc_map);
290 static u32 ndisc_hash(const void *pkey,
291 const struct net_device *dev,
294 return ndisc_hashfn(pkey, dev, hash_rnd);
297 static int ndisc_constructor(struct neighbour *neigh)
299 struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
300 struct net_device *dev = neigh->dev;
301 struct inet6_dev *in6_dev;
302 struct neigh_parms *parms;
303 bool is_multicast = ipv6_addr_is_multicast(addr);
305 in6_dev = in6_dev_get(dev);
306 if (in6_dev == NULL) {
310 parms = in6_dev->nd_parms;
311 __neigh_parms_put(neigh->parms);
312 neigh->parms = neigh_parms_clone(parms);
314 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
315 if (!dev->header_ops) {
316 neigh->nud_state = NUD_NOARP;
317 neigh->ops = &ndisc_direct_ops;
318 neigh->output = neigh_direct_output;
321 neigh->nud_state = NUD_NOARP;
322 ndisc_mc_map(addr, neigh->ha, dev, 1);
323 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
324 neigh->nud_state = NUD_NOARP;
325 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
326 if (dev->flags&IFF_LOOPBACK)
327 neigh->type = RTN_LOCAL;
328 } else if (dev->flags&IFF_POINTOPOINT) {
329 neigh->nud_state = NUD_NOARP;
330 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
332 if (dev->header_ops->cache)
333 neigh->ops = &ndisc_hh_ops;
335 neigh->ops = &ndisc_generic_ops;
336 if (neigh->nud_state&NUD_VALID)
337 neigh->output = neigh->ops->connected_output;
339 neigh->output = neigh->ops->output;
341 in6_dev_put(in6_dev);
345 static int pndisc_constructor(struct pneigh_entry *n)
347 struct in6_addr *addr = (struct in6_addr*)&n->key;
348 struct in6_addr maddr;
349 struct net_device *dev = n->dev;
351 if (dev == NULL || __in6_dev_get(dev) == NULL)
353 addrconf_addr_solict_mult(addr, &maddr);
354 ipv6_dev_mc_inc(dev, &maddr);
358 static void pndisc_destructor(struct pneigh_entry *n)
360 struct in6_addr *addr = (struct in6_addr*)&n->key;
361 struct in6_addr maddr;
362 struct net_device *dev = n->dev;
364 if (dev == NULL || __in6_dev_get(dev) == NULL)
366 addrconf_addr_solict_mult(addr, &maddr);
367 ipv6_dev_mc_dec(dev, &maddr);
370 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
373 int hlen = LL_RESERVED_SPACE(dev);
374 int tlen = dev->needed_tailroom;
375 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
378 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
380 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
385 skb->protocol = htons(ETH_P_IPV6);
388 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
389 skb_reset_transport_header(skb);
391 /* Manually assign socket ownership as we avoid calling
392 * sock_alloc_send_pskb() to bypass wmem buffer limits
394 skb_set_owner_w(skb, sk);
399 static void ip6_nd_hdr(struct sk_buff *skb,
400 const struct in6_addr *saddr,
401 const struct in6_addr *daddr,
402 int hop_limit, int len)
406 skb_push(skb, sizeof(*hdr));
407 skb_reset_network_header(skb);
410 ip6_flow_hdr(hdr, 0, 0);
412 hdr->payload_len = htons(len);
413 hdr->nexthdr = IPPROTO_ICMPV6;
414 hdr->hop_limit = hop_limit;
420 static void ndisc_send_skb(struct sk_buff *skb,
421 const struct in6_addr *daddr,
422 const struct in6_addr *saddr)
424 struct dst_entry *dst = skb_dst(skb);
425 struct net *net = dev_net(skb->dev);
426 struct sock *sk = net->ipv6.ndisc_sk;
427 struct inet6_dev *idev;
429 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
432 type = icmp6h->icmp6_type;
437 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, skb->dev->ifindex);
438 dst = icmp6_dst_alloc(skb->dev, &fl6);
444 skb_dst_set(skb, dst);
447 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
452 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
455 idev = __in6_dev_get(dst->dev);
456 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
458 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
461 ICMP6MSGOUT_INC_STATS(net, idev, type);
462 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
468 void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
469 const struct in6_addr *daddr,
470 const struct in6_addr *solicited_addr,
471 bool router, bool solicited, bool override, bool inc_opt)
474 struct in6_addr tmpaddr;
475 struct inet6_ifaddr *ifp;
476 const struct in6_addr *src_addr;
480 /* for anycast or proxy, solicited_addr != src_addr */
481 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
483 src_addr = solicited_addr;
484 if (ifp->flags & IFA_F_OPTIMISTIC)
486 inc_opt |= ifp->idev->cnf.force_tllao;
489 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
490 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
499 optlen += ndisc_opt_addr_space(dev);
501 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
505 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
506 *msg = (struct nd_msg) {
508 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
509 .icmp6_router = router,
510 .icmp6_solicited = solicited,
511 .icmp6_override = override,
513 .target = *solicited_addr,
517 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
521 ndisc_send_skb(skb, daddr, src_addr);
524 static void ndisc_send_unsol_na(struct net_device *dev)
526 struct inet6_dev *idev;
527 struct inet6_ifaddr *ifa;
529 idev = in6_dev_get(dev);
533 read_lock_bh(&idev->lock);
534 list_for_each_entry(ifa, &idev->addr_list, if_list) {
535 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &ifa->addr,
536 /*router=*/ !!idev->cnf.forwarding,
537 /*solicited=*/ false, /*override=*/ true,
540 read_unlock_bh(&idev->lock);
545 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
546 const struct in6_addr *solicit,
547 const struct in6_addr *daddr, const struct in6_addr *saddr)
550 struct in6_addr addr_buf;
551 int inc_opt = dev->addr_len;
556 if (ipv6_get_lladdr(dev, &addr_buf,
557 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
562 if (ipv6_addr_any(saddr))
565 optlen += ndisc_opt_addr_space(dev);
567 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
571 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
572 *msg = (struct nd_msg) {
574 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
580 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
583 ndisc_send_skb(skb, daddr, saddr);
586 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
587 const struct in6_addr *daddr)
591 int send_sllao = dev->addr_len;
594 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
596 * According to section 2.2 of RFC 4429, we must not
597 * send router solicitations with a sllao from
598 * optimistic addresses, but we may send the solicitation
599 * if we don't include the sllao. So here we check
600 * if our address is optimistic, and if so, we
601 * suppress the inclusion of the sllao.
604 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
607 if (ifp->flags & IFA_F_OPTIMISTIC) {
617 optlen += ndisc_opt_addr_space(dev);
619 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
623 msg = (struct rs_msg *)skb_put(skb, sizeof(*msg));
624 *msg = (struct rs_msg) {
626 .icmp6_type = NDISC_ROUTER_SOLICITATION,
631 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
634 ndisc_send_skb(skb, daddr, saddr);
638 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
641 * "The sender MUST return an ICMP
642 * destination unreachable"
644 dst_link_failure(skb);
648 /* Called with locked neigh: either read or both */
650 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
652 struct in6_addr *saddr = NULL;
653 struct in6_addr mcaddr;
654 struct net_device *dev = neigh->dev;
655 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
656 int probes = atomic_read(&neigh->probes);
658 if (skb && ipv6_chk_addr(dev_net(dev), &ipv6_hdr(skb)->saddr, dev, 1))
659 saddr = &ipv6_hdr(skb)->saddr;
661 if ((probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES)) < 0) {
662 if (!(neigh->nud_state & NUD_VALID)) {
664 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
667 ndisc_send_ns(dev, neigh, target, target, saddr);
668 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
671 addrconf_addr_solict_mult(target, &mcaddr);
672 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
676 static int pndisc_is_router(const void *pkey,
677 struct net_device *dev)
679 struct pneigh_entry *n;
682 read_lock_bh(&nd_tbl.lock);
683 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
685 ret = !!(n->flags & NTF_ROUTER);
686 read_unlock_bh(&nd_tbl.lock);
691 static void ndisc_recv_ns(struct sk_buff *skb)
693 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
694 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
695 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
697 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
698 offsetof(struct nd_msg, opt));
699 struct ndisc_options ndopts;
700 struct net_device *dev = skb->dev;
701 struct inet6_ifaddr *ifp;
702 struct inet6_dev *idev = NULL;
703 struct neighbour *neigh;
704 int dad = ipv6_addr_any(saddr);
708 if (skb->len < sizeof(struct nd_msg)) {
709 ND_PRINTK(2, warn, "NS: packet too short\n");
713 if (ipv6_addr_is_multicast(&msg->target)) {
714 ND_PRINTK(2, warn, "NS: multicast target address\n");
720 * DAD has to be destined for solicited node multicast address.
722 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
723 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
727 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
728 ND_PRINTK(2, warn, "NS: invalid ND options\n");
732 if (ndopts.nd_opts_src_lladdr) {
733 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
736 "NS: invalid link-layer address length\n");
741 * If the IP source address is the unspecified address,
742 * there MUST NOT be source link-layer address option
747 "NS: bad DAD packet (link-layer address option)\n");
752 inc = ipv6_addr_is_multicast(daddr);
754 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
757 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
760 * We are colliding with another node
762 * so fail our DAD process
764 addrconf_dad_failure(ifp);
768 * This is not a dad solicitation.
769 * If we are an optimistic node,
771 * Otherwise, we should ignore it.
773 if (!(ifp->flags & IFA_F_OPTIMISTIC))
780 struct net *net = dev_net(dev);
782 idev = in6_dev_get(dev);
784 /* XXX: count this drop? */
788 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
789 (idev->cnf.forwarding &&
790 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
791 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
792 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
793 skb->pkt_type != PACKET_HOST &&
795 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
797 * for anycast or proxy,
798 * sender should delay its response
799 * by a random time between 0 and
800 * MAX_ANYCAST_DELAY_TIME seconds.
801 * (RFC2461) -- yoshfuji
803 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
805 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
813 is_router = idev->cnf.forwarding;
816 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
817 !!is_router, false, (ifp != NULL), true);
822 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
824 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
827 * update / create cache entry
828 * for the source address
830 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
831 !inc || lladdr || !dev->addr_len);
833 neigh_update(neigh, lladdr, NUD_STALE,
834 NEIGH_UPDATE_F_WEAK_OVERRIDE|
835 NEIGH_UPDATE_F_OVERRIDE);
836 if (neigh || !dev->header_ops) {
837 ndisc_send_na(dev, neigh, saddr, &msg->target,
839 true, (ifp != NULL && inc), inc);
841 neigh_release(neigh);
851 static void ndisc_recv_na(struct sk_buff *skb)
853 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
854 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
855 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
857 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
858 offsetof(struct nd_msg, opt));
859 struct ndisc_options ndopts;
860 struct net_device *dev = skb->dev;
861 struct inet6_ifaddr *ifp;
862 struct neighbour *neigh;
864 if (skb->len < sizeof(struct nd_msg)) {
865 ND_PRINTK(2, warn, "NA: packet too short\n");
869 if (ipv6_addr_is_multicast(&msg->target)) {
870 ND_PRINTK(2, warn, "NA: target address is multicast\n");
874 if (ipv6_addr_is_multicast(daddr) &&
875 msg->icmph.icmp6_solicited) {
876 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
880 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
881 ND_PRINTK(2, warn, "NS: invalid ND option\n");
884 if (ndopts.nd_opts_tgt_lladdr) {
885 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
888 "NA: invalid link-layer address length\n");
892 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
894 if (skb->pkt_type != PACKET_LOOPBACK
895 && (ifp->flags & IFA_F_TENTATIVE)) {
896 addrconf_dad_failure(ifp);
899 /* What should we make now? The advertisement
900 is invalid, but ndisc specs say nothing
901 about it. It could be misconfiguration, or
902 an smart proxy agent tries to help us :-)
904 We should not print the error if NA has been
905 received from loopback - it is just our own
906 unsolicited advertisement.
908 if (skb->pkt_type != PACKET_LOOPBACK)
910 "NA: someone advertises our address %pI6 on %s!\n",
911 &ifp->addr, ifp->idev->dev->name);
915 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
918 u8 old_flags = neigh->flags;
919 struct net *net = dev_net(dev);
921 if (neigh->nud_state & NUD_FAILED)
925 * Don't update the neighbor cache entry on a proxy NA from
926 * ourselves because either the proxied node is off link or it
927 * has already sent a NA to us.
929 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
930 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
931 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
932 /* XXX: idev->cnf.proxy_ndp */
936 neigh_update(neigh, lladdr,
937 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
938 NEIGH_UPDATE_F_WEAK_OVERRIDE|
939 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
940 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
941 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
943 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
945 * Change: router to host
947 rt6_clean_tohost(dev_net(dev), saddr);
951 neigh_release(neigh);
955 static void ndisc_recv_rs(struct sk_buff *skb)
957 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
958 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
959 struct neighbour *neigh;
960 struct inet6_dev *idev;
961 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
962 struct ndisc_options ndopts;
965 if (skb->len < sizeof(*rs_msg))
968 idev = __in6_dev_get(skb->dev);
970 ND_PRINTK(1, err, "RS: can't find in6 device\n");
974 /* Don't accept RS if we're not in router mode */
975 if (!idev->cnf.forwarding)
979 * Don't update NCE if src = ::;
980 * this implies that the source node has no ip address assigned yet.
982 if (ipv6_addr_any(saddr))
985 /* Parse ND options */
986 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
987 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
991 if (ndopts.nd_opts_src_lladdr) {
992 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
998 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1000 neigh_update(neigh, lladdr, NUD_STALE,
1001 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1002 NEIGH_UPDATE_F_OVERRIDE|
1003 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1004 neigh_release(neigh);
1010 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1012 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1013 struct sk_buff *skb;
1014 struct nlmsghdr *nlh;
1015 struct nduseroptmsg *ndmsg;
1016 struct net *net = dev_net(ra->dev);
1018 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1019 + (opt->nd_opt_len << 3));
1020 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1022 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1028 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1030 goto nla_put_failure;
1033 ndmsg = nlmsg_data(nlh);
1034 ndmsg->nduseropt_family = AF_INET6;
1035 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1036 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1037 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1038 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1040 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1042 if (nla_put(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1043 &ipv6_hdr(ra)->saddr))
1044 goto nla_put_failure;
1045 nlmsg_end(skb, nlh);
1047 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1054 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1057 static void ndisc_router_discovery(struct sk_buff *skb)
1059 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1060 struct neighbour *neigh = NULL;
1061 struct inet6_dev *in6_dev;
1062 struct rt6_info *rt = NULL;
1064 struct ndisc_options ndopts;
1066 unsigned int pref = 0;
1068 __u8 * opt = (__u8 *)(ra_msg + 1);
1070 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1071 sizeof(struct ra_msg);
1074 "RA: %s, dev: %s\n",
1075 __func__, skb->dev->name);
1076 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1077 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1081 ND_PRINTK(2, warn, "RA: packet too short\n");
1085 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1086 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1087 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1093 * set the RA_RECV flag in the interface
1096 in6_dev = __in6_dev_get(skb->dev);
1097 if (in6_dev == NULL) {
1098 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1103 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1104 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1108 if (!ipv6_accept_ra(in6_dev)) {
1110 "RA: %s, did not accept ra for dev: %s\n",
1111 __func__, skb->dev->name);
1112 goto skip_linkparms;
1115 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1116 /* skip link-specific parameters from interior routers */
1117 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1119 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1120 __func__, skb->dev->name);
1121 goto skip_linkparms;
1125 if (in6_dev->if_flags & IF_RS_SENT) {
1127 * flag that an RA was received after an RS was sent
1128 * out on this interface.
1130 in6_dev->if_flags |= IF_RA_RCVD;
1134 * Remember the managed/otherconf flags from most recently
1135 * received RA message (RFC 2462) -- yoshfuji
1137 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1139 (ra_msg->icmph.icmp6_addrconf_managed ?
1140 IF_RA_MANAGED : 0) |
1141 (ra_msg->icmph.icmp6_addrconf_other ?
1142 IF_RA_OTHERCONF : 0);
1144 if (!in6_dev->cnf.accept_ra_defrtr) {
1146 "RA: %s, defrtr is false for dev: %s\n",
1147 __func__, skb->dev->name);
1151 /* Do not accept RA with source-addr found on local machine unless
1152 * accept_ra_from_local is set to true.
1154 if (!in6_dev->cnf.accept_ra_from_local &&
1155 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1158 "RA from local address detected on dev: %s: default router ignored\n",
1163 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1165 #ifdef CONFIG_IPV6_ROUTER_PREF
1166 pref = ra_msg->icmph.icmp6_router_pref;
1167 /* 10b is handled as if it were 00b (medium) */
1168 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1169 !in6_dev->cnf.accept_ra_rtr_pref)
1170 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1173 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1176 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1179 "RA: %s got default router without neighbour\n",
1185 if (rt && lifetime == 0) {
1190 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1191 rt, lifetime, skb->dev->name);
1192 if (rt == NULL && lifetime) {
1193 ND_PRINTK(3, info, "RA: adding default router\n");
1195 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1198 "RA: %s failed to add default route\n",
1203 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1204 if (neigh == NULL) {
1206 "RA: %s got default router without neighbour\n",
1211 neigh->flags |= NTF_ROUTER;
1213 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1217 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1218 if (ra_msg->icmph.icmp6_hop_limit) {
1219 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1221 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1222 ra_msg->icmph.icmp6_hop_limit);
1228 * Update Reachable Time and Retrans Timer
1231 if (in6_dev->nd_parms) {
1232 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1234 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1235 rtime = (rtime*HZ)/1000;
1238 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1239 in6_dev->tstamp = jiffies;
1240 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1243 rtime = ntohl(ra_msg->reachable_time);
1244 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1245 rtime = (rtime*HZ)/1000;
1250 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1251 NEIGH_VAR_SET(in6_dev->nd_parms,
1252 BASE_REACHABLE_TIME, rtime);
1253 NEIGH_VAR_SET(in6_dev->nd_parms,
1254 GC_STALETIME, 3 * rtime);
1255 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1256 in6_dev->tstamp = jiffies;
1257 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1269 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1273 if (ndopts.nd_opts_src_lladdr) {
1274 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1278 "RA: invalid link-layer address length\n");
1282 neigh_update(neigh, lladdr, NUD_STALE,
1283 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1284 NEIGH_UPDATE_F_OVERRIDE|
1285 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1286 NEIGH_UPDATE_F_ISROUTER);
1289 if (!ipv6_accept_ra(in6_dev)) {
1291 "RA: %s, accept_ra is false for dev: %s\n",
1292 __func__, skb->dev->name);
1296 #ifdef CONFIG_IPV6_ROUTE_INFO
1297 if (!in6_dev->cnf.accept_ra_from_local &&
1298 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1301 "RA from local address detected on dev: %s: router info ignored.\n",
1303 goto skip_routeinfo;
1306 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1307 struct nd_opt_hdr *p;
1308 for (p = ndopts.nd_opts_ri;
1310 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1311 struct route_info *ri = (struct route_info *)p;
1312 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1313 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1314 ri->prefix_len == 0)
1317 if (ri->prefix_len == 0 &&
1318 !in6_dev->cnf.accept_ra_defrtr)
1320 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1322 rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1323 &ipv6_hdr(skb)->saddr);
1330 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1331 /* skip link-specific ndopts from interior routers */
1332 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1334 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1335 __func__, skb->dev->name);
1340 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1341 struct nd_opt_hdr *p;
1342 for (p = ndopts.nd_opts_pi;
1344 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1345 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1346 (p->nd_opt_len) << 3,
1347 ndopts.nd_opts_src_lladdr != NULL);
1351 if (ndopts.nd_opts_mtu) {
1355 memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1358 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1359 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1360 } else if (in6_dev->cnf.mtu6 != mtu) {
1361 in6_dev->cnf.mtu6 = mtu;
1364 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1366 rt6_mtu_change(skb->dev, mtu);
1370 if (ndopts.nd_useropts) {
1371 struct nd_opt_hdr *p;
1372 for (p = ndopts.nd_useropts;
1374 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1375 ndisc_ra_useropt(skb, p);
1379 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1380 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1385 neigh_release(neigh);
1388 static void ndisc_redirect_rcv(struct sk_buff *skb)
1391 struct ndisc_options ndopts;
1392 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1393 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1394 offsetof(struct rd_msg, opt));
1396 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1397 switch (skb->ndisc_nodetype) {
1398 case NDISC_NODETYPE_HOST:
1399 case NDISC_NODETYPE_NODEFAULT:
1401 "Redirect: from host or unauthorized router\n");
1406 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1408 "Redirect: source address is not link-local\n");
1412 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts))
1415 if (!ndopts.nd_opts_rh) {
1416 ip6_redirect_no_header(skb, dev_net(skb->dev),
1417 skb->dev->ifindex, 0);
1421 hdr = (u8 *)ndopts.nd_opts_rh;
1423 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1426 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1429 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1430 struct sk_buff *orig_skb,
1433 u8 *opt = skb_put(skb, rd_len);
1436 *(opt++) = ND_OPT_REDIRECT_HDR;
1437 *(opt++) = (rd_len >> 3);
1440 memcpy(opt, ipv6_hdr(orig_skb), rd_len - 8);
1443 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1445 struct net_device *dev = skb->dev;
1446 struct net *net = dev_net(dev);
1447 struct sock *sk = net->ipv6.ndisc_sk;
1449 struct inet_peer *peer;
1450 struct sk_buff *buff;
1452 struct in6_addr saddr_buf;
1453 struct rt6_info *rt;
1454 struct dst_entry *dst;
1457 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1460 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1461 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1466 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1467 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1469 "Redirect: target address is not link-local unicast\n");
1473 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1474 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1476 dst = ip6_route_output(net, NULL, &fl6);
1481 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1485 rt = (struct rt6_info *) dst;
1487 if (rt->rt6i_flags & RTF_GATEWAY) {
1489 "Redirect: destination is not a neighbour\n");
1492 peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
1493 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1499 if (dev->addr_len) {
1500 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1503 "Redirect: no neigh for target address\n");
1507 read_lock_bh(&neigh->lock);
1508 if (neigh->nud_state & NUD_VALID) {
1509 memcpy(ha_buf, neigh->ha, dev->addr_len);
1510 read_unlock_bh(&neigh->lock);
1512 optlen += ndisc_opt_addr_space(dev);
1514 read_unlock_bh(&neigh->lock);
1516 neigh_release(neigh);
1519 rd_len = min_t(unsigned int,
1520 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1525 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1529 msg = (struct rd_msg *)skb_put(buff, sizeof(*msg));
1530 *msg = (struct rd_msg) {
1532 .icmp6_type = NDISC_REDIRECT,
1535 .dest = ipv6_hdr(skb)->daddr,
1539 * include target_address option
1543 ndisc_fill_addr_option(buff, ND_OPT_TARGET_LL_ADDR, ha);
1546 * build redirect option and copy skb over to the new packet.
1550 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1552 skb_dst_set(buff, dst);
1553 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1560 static void pndisc_redo(struct sk_buff *skb)
1566 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1568 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1572 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1573 idev->cnf.suppress_frag_ndisc) {
1574 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1580 int ndisc_rcv(struct sk_buff *skb)
1584 if (ndisc_suppress_frag_ndisc(skb))
1587 if (skb_linearize(skb))
1590 msg = (struct nd_msg *)skb_transport_header(skb);
1592 __skb_push(skb, skb->data - skb_transport_header(skb));
1594 if (ipv6_hdr(skb)->hop_limit != 255) {
1595 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1596 ipv6_hdr(skb)->hop_limit);
1600 if (msg->icmph.icmp6_code != 0) {
1601 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1602 msg->icmph.icmp6_code);
1606 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1608 switch (msg->icmph.icmp6_type) {
1609 case NDISC_NEIGHBOUR_SOLICITATION:
1613 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1617 case NDISC_ROUTER_SOLICITATION:
1621 case NDISC_ROUTER_ADVERTISEMENT:
1622 ndisc_router_discovery(skb);
1625 case NDISC_REDIRECT:
1626 ndisc_redirect_rcv(skb);
1633 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1635 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1636 struct net *net = dev_net(dev);
1637 struct inet6_dev *idev;
1640 case NETDEV_CHANGEADDR:
1641 neigh_changeaddr(&nd_tbl, dev);
1642 fib6_run_gc(0, net, false);
1643 idev = in6_dev_get(dev);
1646 if (idev->cnf.ndisc_notify)
1647 ndisc_send_unsol_na(dev);
1651 neigh_ifdown(&nd_tbl, dev);
1652 fib6_run_gc(0, net, false);
1654 case NETDEV_NOTIFY_PEERS:
1655 ndisc_send_unsol_na(dev);
1664 static struct notifier_block ndisc_netdev_notifier = {
1665 .notifier_call = ndisc_netdev_event,
1668 #ifdef CONFIG_SYSCTL
1669 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1670 const char *func, const char *dev_name)
1672 static char warncomm[TASK_COMM_LEN];
1674 if (strcmp(warncomm, current->comm) && warned < 5) {
1675 strcpy(warncomm, current->comm);
1676 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1678 dev_name, ctl->procname,
1679 dev_name, ctl->procname);
1684 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1686 struct net_device *dev = ctl->extra1;
1687 struct inet6_dev *idev;
1690 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1691 (strcmp(ctl->procname, "base_reachable_time") == 0))
1692 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1694 if (strcmp(ctl->procname, "retrans_time") == 0)
1695 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1697 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1698 ret = neigh_proc_dointvec_jiffies(ctl, write,
1699 buffer, lenp, ppos);
1701 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1702 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1703 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1704 buffer, lenp, ppos);
1708 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1709 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1710 idev->nd_parms->reachable_time =
1711 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1712 idev->tstamp = jiffies;
1713 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1722 static int __net_init ndisc_net_init(struct net *net)
1724 struct ipv6_pinfo *np;
1728 err = inet_ctl_sock_create(&sk, PF_INET6,
1729 SOCK_RAW, IPPROTO_ICMPV6, net);
1732 "NDISC: Failed to initialize the control socket (err %d)\n",
1737 net->ipv6.ndisc_sk = sk;
1740 np->hop_limit = 255;
1741 /* Do not loopback ndisc messages */
1747 static void __net_exit ndisc_net_exit(struct net *net)
1749 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1752 static struct pernet_operations ndisc_net_ops = {
1753 .init = ndisc_net_init,
1754 .exit = ndisc_net_exit,
1757 int __init ndisc_init(void)
1761 err = register_pernet_subsys(&ndisc_net_ops);
1765 * Initialize the neighbour table
1767 neigh_table_init(&nd_tbl);
1769 #ifdef CONFIG_SYSCTL
1770 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1771 ndisc_ifinfo_sysctl_change);
1773 goto out_unregister_pernet;
1778 #ifdef CONFIG_SYSCTL
1779 out_unregister_pernet:
1780 unregister_pernet_subsys(&ndisc_net_ops);
1785 int __init ndisc_late_init(void)
1787 return register_netdevice_notifier(&ndisc_netdev_notifier);
1790 void ndisc_late_cleanup(void)
1792 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1795 void ndisc_cleanup(void)
1797 #ifdef CONFIG_SYSCTL
1798 neigh_sysctl_unregister(&nd_tbl.parms);
1800 neigh_table_clear(&nd_tbl);
1801 unregister_pernet_subsys(&ndisc_net_ops);
projects / cascardo / linux.git / blob