2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
30 #define pr_fmt(fmt) "ICMPv6: " fmt
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
45 #include <linux/sysctl.h>
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <net/l3mdev.h>
71 #include <linux/proc_fs.h>
73 #include <linux/netfilter.h>
74 #include <linux/netfilter_ipv6.h>
76 /* Set to 3 to get tracing... */
79 #define ND_PRINTK(val, level, fmt, ...) \
81 if (val <= ND_DEBUG) \
82 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
85 static u32 ndisc_hash(const void *pkey,
86 const struct net_device *dev,
88 static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey);
89 static int ndisc_constructor(struct neighbour *neigh);
90 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
91 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
92 static int pndisc_constructor(struct pneigh_entry *n);
93 static void pndisc_destructor(struct pneigh_entry *n);
94 static void pndisc_redo(struct sk_buff *skb);
96 static const struct neigh_ops ndisc_generic_ops = {
98 .solicit = ndisc_solicit,
99 .error_report = ndisc_error_report,
100 .output = neigh_resolve_output,
101 .connected_output = neigh_connected_output,
104 static const struct neigh_ops ndisc_hh_ops = {
106 .solicit = ndisc_solicit,
107 .error_report = ndisc_error_report,
108 .output = neigh_resolve_output,
109 .connected_output = neigh_resolve_output,
113 static const struct neigh_ops ndisc_direct_ops = {
115 .output = neigh_direct_output,
116 .connected_output = neigh_direct_output,
119 struct neigh_table nd_tbl = {
121 .key_len = sizeof(struct in6_addr),
122 .protocol = cpu_to_be16(ETH_P_IPV6),
124 .key_eq = ndisc_key_eq,
125 .constructor = ndisc_constructor,
126 .pconstructor = pndisc_constructor,
127 .pdestructor = pndisc_destructor,
128 .proxy_redo = pndisc_redo,
132 .reachable_time = ND_REACHABLE_TIME,
134 [NEIGH_VAR_MCAST_PROBES] = 3,
135 [NEIGH_VAR_UCAST_PROBES] = 3,
136 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
137 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
138 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
139 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
140 [NEIGH_VAR_QUEUE_LEN_BYTES] = 64 * 1024,
141 [NEIGH_VAR_PROXY_QLEN] = 64,
142 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
143 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
146 .gc_interval = 30 * HZ,
151 EXPORT_SYMBOL_GPL(nd_tbl);
153 static void ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data)
155 int pad = ndisc_addr_option_pad(skb->dev->type);
156 int data_len = skb->dev->addr_len;
157 int space = ndisc_opt_addr_space(skb->dev);
158 u8 *opt = skb_put(skb, space);
163 memset(opt + 2, 0, pad);
167 memcpy(opt+2, data, data_len);
172 memset(opt, 0, space);
175 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
176 struct nd_opt_hdr *end)
179 if (!cur || !end || cur >= end)
181 type = cur->nd_opt_type;
183 cur = ((void *)cur) + (cur->nd_opt_len << 3);
184 } while (cur < end && cur->nd_opt_type != type);
185 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
188 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
190 return opt->nd_opt_type == ND_OPT_RDNSS ||
191 opt->nd_opt_type == ND_OPT_DNSSL;
194 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
195 struct nd_opt_hdr *end)
197 if (!cur || !end || cur >= end)
200 cur = ((void *)cur) + (cur->nd_opt_len << 3);
201 } while (cur < end && !ndisc_is_useropt(cur));
202 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
205 struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
206 struct ndisc_options *ndopts)
208 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
210 if (!nd_opt || opt_len < 0 || !ndopts)
212 memset(ndopts, 0, sizeof(*ndopts));
215 if (opt_len < sizeof(struct nd_opt_hdr))
217 l = nd_opt->nd_opt_len << 3;
218 if (opt_len < l || l == 0)
220 switch (nd_opt->nd_opt_type) {
221 case ND_OPT_SOURCE_LL_ADDR:
222 case ND_OPT_TARGET_LL_ADDR:
224 case ND_OPT_REDIRECT_HDR:
225 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
227 "%s: duplicated ND6 option found: type=%d\n",
228 __func__, nd_opt->nd_opt_type);
230 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
233 case ND_OPT_PREFIX_INFO:
234 ndopts->nd_opts_pi_end = nd_opt;
235 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
236 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
238 #ifdef CONFIG_IPV6_ROUTE_INFO
239 case ND_OPT_ROUTE_INFO:
240 ndopts->nd_opts_ri_end = nd_opt;
241 if (!ndopts->nd_opts_ri)
242 ndopts->nd_opts_ri = nd_opt;
246 if (ndisc_is_useropt(nd_opt)) {
247 ndopts->nd_useropts_end = nd_opt;
248 if (!ndopts->nd_useropts)
249 ndopts->nd_useropts = nd_opt;
252 * Unknown options must be silently ignored,
253 * to accommodate future extension to the
257 "%s: ignored unsupported option; type=%d, len=%d\n",
264 nd_opt = ((void *)nd_opt) + l;
269 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
273 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
275 ipv6_eth_mc_map(addr, buf);
278 ipv6_arcnet_mc_map(addr, buf);
280 case ARPHRD_INFINIBAND:
281 ipv6_ib_mc_map(addr, dev->broadcast, buf);
284 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
287 memcpy(buf, dev->broadcast, dev->addr_len);
293 EXPORT_SYMBOL(ndisc_mc_map);
295 static u32 ndisc_hash(const void *pkey,
296 const struct net_device *dev,
299 return ndisc_hashfn(pkey, dev, hash_rnd);
302 static bool ndisc_key_eq(const struct neighbour *n, const void *pkey)
304 return neigh_key_eq128(n, pkey);
307 static int ndisc_constructor(struct neighbour *neigh)
309 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
310 struct net_device *dev = neigh->dev;
311 struct inet6_dev *in6_dev;
312 struct neigh_parms *parms;
313 bool is_multicast = ipv6_addr_is_multicast(addr);
315 in6_dev = in6_dev_get(dev);
320 parms = in6_dev->nd_parms;
321 __neigh_parms_put(neigh->parms);
322 neigh->parms = neigh_parms_clone(parms);
324 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
325 if (!dev->header_ops) {
326 neigh->nud_state = NUD_NOARP;
327 neigh->ops = &ndisc_direct_ops;
328 neigh->output = neigh_direct_output;
331 neigh->nud_state = NUD_NOARP;
332 ndisc_mc_map(addr, neigh->ha, dev, 1);
333 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
334 neigh->nud_state = NUD_NOARP;
335 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
336 if (dev->flags&IFF_LOOPBACK)
337 neigh->type = RTN_LOCAL;
338 } else if (dev->flags&IFF_POINTOPOINT) {
339 neigh->nud_state = NUD_NOARP;
340 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
342 if (dev->header_ops->cache)
343 neigh->ops = &ndisc_hh_ops;
345 neigh->ops = &ndisc_generic_ops;
346 if (neigh->nud_state&NUD_VALID)
347 neigh->output = neigh->ops->connected_output;
349 neigh->output = neigh->ops->output;
351 in6_dev_put(in6_dev);
355 static int pndisc_constructor(struct pneigh_entry *n)
357 struct in6_addr *addr = (struct in6_addr *)&n->key;
358 struct in6_addr maddr;
359 struct net_device *dev = n->dev;
361 if (!dev || !__in6_dev_get(dev))
363 addrconf_addr_solict_mult(addr, &maddr);
364 ipv6_dev_mc_inc(dev, &maddr);
368 static void pndisc_destructor(struct pneigh_entry *n)
370 struct in6_addr *addr = (struct in6_addr *)&n->key;
371 struct in6_addr maddr;
372 struct net_device *dev = n->dev;
374 if (!dev || !__in6_dev_get(dev))
376 addrconf_addr_solict_mult(addr, &maddr);
377 ipv6_dev_mc_dec(dev, &maddr);
380 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
383 int hlen = LL_RESERVED_SPACE(dev);
384 int tlen = dev->needed_tailroom;
385 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
388 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
390 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
395 skb->protocol = htons(ETH_P_IPV6);
398 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
399 skb_reset_transport_header(skb);
401 /* Manually assign socket ownership as we avoid calling
402 * sock_alloc_send_pskb() to bypass wmem buffer limits
404 skb_set_owner_w(skb, sk);
409 static void ip6_nd_hdr(struct sk_buff *skb,
410 const struct in6_addr *saddr,
411 const struct in6_addr *daddr,
412 int hop_limit, int len)
416 skb_push(skb, sizeof(*hdr));
417 skb_reset_network_header(skb);
420 ip6_flow_hdr(hdr, 0, 0);
422 hdr->payload_len = htons(len);
423 hdr->nexthdr = IPPROTO_ICMPV6;
424 hdr->hop_limit = hop_limit;
430 static void ndisc_send_skb(struct sk_buff *skb,
431 const struct in6_addr *daddr,
432 const struct in6_addr *saddr)
434 struct dst_entry *dst = skb_dst(skb);
435 struct net *net = dev_net(skb->dev);
436 struct sock *sk = net->ipv6.ndisc_sk;
437 struct inet6_dev *idev;
439 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
442 type = icmp6h->icmp6_type;
446 int oif = l3mdev_fib_oif(skb->dev);
448 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, oif);
449 if (oif != skb->dev->ifindex)
450 fl6.flowi6_flags |= FLOWI_FLAG_L3MDEV_SRC;
451 dst = icmp6_dst_alloc(skb->dev, &fl6);
457 skb_dst_set(skb, dst);
460 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
465 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
468 idev = __in6_dev_get(dst->dev);
469 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
471 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
472 net, sk, skb, NULL, dst->dev,
475 ICMP6MSGOUT_INC_STATS(net, idev, type);
476 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
482 void ndisc_send_na(struct net_device *dev, const struct in6_addr *daddr,
483 const struct in6_addr *solicited_addr,
484 bool router, bool solicited, bool override, bool inc_opt)
487 struct in6_addr tmpaddr;
488 struct inet6_ifaddr *ifp;
489 const struct in6_addr *src_addr;
493 /* for anycast or proxy, solicited_addr != src_addr */
494 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
496 src_addr = solicited_addr;
497 if (ifp->flags & IFA_F_OPTIMISTIC)
499 inc_opt |= ifp->idev->cnf.force_tllao;
502 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
503 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
512 optlen += ndisc_opt_addr_space(dev);
514 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
518 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
519 *msg = (struct nd_msg) {
521 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
522 .icmp6_router = router,
523 .icmp6_solicited = solicited,
524 .icmp6_override = override,
526 .target = *solicited_addr,
530 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
534 ndisc_send_skb(skb, daddr, src_addr);
537 static void ndisc_send_unsol_na(struct net_device *dev)
539 struct inet6_dev *idev;
540 struct inet6_ifaddr *ifa;
542 idev = in6_dev_get(dev);
546 read_lock_bh(&idev->lock);
547 list_for_each_entry(ifa, &idev->addr_list, if_list) {
548 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &ifa->addr,
549 /*router=*/ !!idev->cnf.forwarding,
550 /*solicited=*/ false, /*override=*/ true,
553 read_unlock_bh(&idev->lock);
558 void ndisc_send_ns(struct net_device *dev, const struct in6_addr *solicit,
559 const struct in6_addr *daddr, const struct in6_addr *saddr,
560 struct sk_buff *oskb)
563 struct in6_addr addr_buf;
564 int inc_opt = dev->addr_len;
569 if (ipv6_get_lladdr(dev, &addr_buf,
570 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
575 if (ipv6_addr_any(saddr))
578 optlen += ndisc_opt_addr_space(dev);
580 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
584 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
585 *msg = (struct nd_msg) {
587 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
593 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
596 if (!(dev->priv_flags & IFF_XMIT_DST_RELEASE) && oskb)
597 skb_dst_copy(skb, oskb);
599 ndisc_send_skb(skb, daddr, saddr);
602 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
603 const struct in6_addr *daddr)
607 int send_sllao = dev->addr_len;
610 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
612 * According to section 2.2 of RFC 4429, we must not
613 * send router solicitations with a sllao from
614 * optimistic addresses, but we may send the solicitation
615 * if we don't include the sllao. So here we check
616 * if our address is optimistic, and if so, we
617 * suppress the inclusion of the sllao.
620 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
623 if (ifp->flags & IFA_F_OPTIMISTIC) {
633 optlen += ndisc_opt_addr_space(dev);
635 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
639 msg = (struct rs_msg *)skb_put(skb, sizeof(*msg));
640 *msg = (struct rs_msg) {
642 .icmp6_type = NDISC_ROUTER_SOLICITATION,
647 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
650 ndisc_send_skb(skb, daddr, saddr);
654 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
657 * "The sender MUST return an ICMP
658 * destination unreachable"
660 dst_link_failure(skb);
664 /* Called with locked neigh: either read or both */
666 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
668 struct in6_addr *saddr = NULL;
669 struct in6_addr mcaddr;
670 struct net_device *dev = neigh->dev;
671 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
672 int probes = atomic_read(&neigh->probes);
674 if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
676 IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
677 saddr = &ipv6_hdr(skb)->saddr;
678 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
680 if (!(neigh->nud_state & NUD_VALID)) {
682 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
685 ndisc_send_ns(dev, target, target, saddr, skb);
686 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
689 addrconf_addr_solict_mult(target, &mcaddr);
690 ndisc_send_ns(dev, target, &mcaddr, saddr, skb);
694 static int pndisc_is_router(const void *pkey,
695 struct net_device *dev)
697 struct pneigh_entry *n;
700 read_lock_bh(&nd_tbl.lock);
701 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
703 ret = !!(n->flags & NTF_ROUTER);
704 read_unlock_bh(&nd_tbl.lock);
709 static void ndisc_recv_ns(struct sk_buff *skb)
711 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
712 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
713 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
715 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
716 offsetof(struct nd_msg, opt));
717 struct ndisc_options ndopts;
718 struct net_device *dev = skb->dev;
719 struct inet6_ifaddr *ifp;
720 struct inet6_dev *idev = NULL;
721 struct neighbour *neigh;
722 int dad = ipv6_addr_any(saddr);
726 if (skb->len < sizeof(struct nd_msg)) {
727 ND_PRINTK(2, warn, "NS: packet too short\n");
731 if (ipv6_addr_is_multicast(&msg->target)) {
732 ND_PRINTK(2, warn, "NS: multicast target address\n");
738 * DAD has to be destined for solicited node multicast address.
740 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
741 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
745 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
746 ND_PRINTK(2, warn, "NS: invalid ND options\n");
750 if (ndopts.nd_opts_src_lladdr) {
751 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
754 "NS: invalid link-layer address length\n");
759 * If the IP source address is the unspecified address,
760 * there MUST NOT be source link-layer address option
765 "NS: bad DAD packet (link-layer address option)\n");
770 inc = ipv6_addr_is_multicast(daddr);
772 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
775 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
778 * We are colliding with another node
780 * so fail our DAD process
782 addrconf_dad_failure(ifp);
786 * This is not a dad solicitation.
787 * If we are an optimistic node,
789 * Otherwise, we should ignore it.
791 if (!(ifp->flags & IFA_F_OPTIMISTIC))
798 struct net *net = dev_net(dev);
800 /* perhaps an address on the master device */
801 if (netif_is_l3_slave(dev)) {
802 struct net_device *mdev;
804 mdev = netdev_master_upper_dev_get_rcu(dev);
806 ifp = ipv6_get_ifaddr(net, &msg->target, mdev, 1);
812 idev = in6_dev_get(dev);
814 /* XXX: count this drop? */
818 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
819 (idev->cnf.forwarding &&
820 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
821 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
822 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
823 skb->pkt_type != PACKET_HOST &&
825 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
827 * for anycast or proxy,
828 * sender should delay its response
829 * by a random time between 0 and
830 * MAX_ANYCAST_DELAY_TIME seconds.
831 * (RFC2461) -- yoshfuji
833 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
835 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
843 is_router = idev->cnf.forwarding;
846 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &msg->target,
847 !!is_router, false, (ifp != NULL), true);
852 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
854 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
857 * update / create cache entry
858 * for the source address
860 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
861 !inc || lladdr || !dev->addr_len);
863 neigh_update(neigh, lladdr, NUD_STALE,
864 NEIGH_UPDATE_F_WEAK_OVERRIDE|
865 NEIGH_UPDATE_F_OVERRIDE);
866 if (neigh || !dev->header_ops) {
867 ndisc_send_na(dev, saddr, &msg->target, !!is_router,
868 true, (ifp != NULL && inc), inc);
870 neigh_release(neigh);
880 static void ndisc_recv_na(struct sk_buff *skb)
882 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
883 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
884 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
886 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
887 offsetof(struct nd_msg, opt));
888 struct ndisc_options ndopts;
889 struct net_device *dev = skb->dev;
890 struct inet6_ifaddr *ifp;
891 struct neighbour *neigh;
893 if (skb->len < sizeof(struct nd_msg)) {
894 ND_PRINTK(2, warn, "NA: packet too short\n");
898 if (ipv6_addr_is_multicast(&msg->target)) {
899 ND_PRINTK(2, warn, "NA: target address is multicast\n");
903 if (ipv6_addr_is_multicast(daddr) &&
904 msg->icmph.icmp6_solicited) {
905 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
909 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
910 ND_PRINTK(2, warn, "NS: invalid ND option\n");
913 if (ndopts.nd_opts_tgt_lladdr) {
914 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
917 "NA: invalid link-layer address length\n");
921 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
923 if (skb->pkt_type != PACKET_LOOPBACK
924 && (ifp->flags & IFA_F_TENTATIVE)) {
925 addrconf_dad_failure(ifp);
928 /* What should we make now? The advertisement
929 is invalid, but ndisc specs say nothing
930 about it. It could be misconfiguration, or
931 an smart proxy agent tries to help us :-)
933 We should not print the error if NA has been
934 received from loopback - it is just our own
935 unsolicited advertisement.
937 if (skb->pkt_type != PACKET_LOOPBACK)
939 "NA: someone advertises our address %pI6 on %s!\n",
940 &ifp->addr, ifp->idev->dev->name);
944 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
947 u8 old_flags = neigh->flags;
948 struct net *net = dev_net(dev);
950 if (neigh->nud_state & NUD_FAILED)
954 * Don't update the neighbor cache entry on a proxy NA from
955 * ourselves because either the proxied node is off link or it
956 * has already sent a NA to us.
958 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
959 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
960 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
961 /* XXX: idev->cnf.proxy_ndp */
965 neigh_update(neigh, lladdr,
966 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
967 NEIGH_UPDATE_F_WEAK_OVERRIDE|
968 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
969 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
970 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
972 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
974 * Change: router to host
976 rt6_clean_tohost(dev_net(dev), saddr);
980 neigh_release(neigh);
984 static void ndisc_recv_rs(struct sk_buff *skb)
986 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
987 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
988 struct neighbour *neigh;
989 struct inet6_dev *idev;
990 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
991 struct ndisc_options ndopts;
994 if (skb->len < sizeof(*rs_msg))
997 idev = __in6_dev_get(skb->dev);
999 ND_PRINTK(1, err, "RS: can't find in6 device\n");
1003 /* Don't accept RS if we're not in router mode */
1004 if (!idev->cnf.forwarding)
1008 * Don't update NCE if src = ::;
1009 * this implies that the source node has no ip address assigned yet.
1011 if (ipv6_addr_any(saddr))
1014 /* Parse ND options */
1015 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
1016 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
1020 if (ndopts.nd_opts_src_lladdr) {
1021 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1027 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1029 neigh_update(neigh, lladdr, NUD_STALE,
1030 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1031 NEIGH_UPDATE_F_OVERRIDE|
1032 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1033 neigh_release(neigh);
1039 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1041 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1042 struct sk_buff *skb;
1043 struct nlmsghdr *nlh;
1044 struct nduseroptmsg *ndmsg;
1045 struct net *net = dev_net(ra->dev);
1047 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1048 + (opt->nd_opt_len << 3));
1049 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1051 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1057 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1059 goto nla_put_failure;
1062 ndmsg = nlmsg_data(nlh);
1063 ndmsg->nduseropt_family = AF_INET6;
1064 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1065 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1066 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1067 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1069 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1071 if (nla_put_in6_addr(skb, NDUSEROPT_SRCADDR, &ipv6_hdr(ra)->saddr))
1072 goto nla_put_failure;
1073 nlmsg_end(skb, nlh);
1075 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1082 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1085 static void ndisc_router_discovery(struct sk_buff *skb)
1087 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1088 struct neighbour *neigh = NULL;
1089 struct inet6_dev *in6_dev;
1090 struct rt6_info *rt = NULL;
1092 struct ndisc_options ndopts;
1094 unsigned int pref = 0;
1096 bool send_ifinfo_notify = false;
1098 __u8 *opt = (__u8 *)(ra_msg + 1);
1100 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1101 sizeof(struct ra_msg);
1104 "RA: %s, dev: %s\n",
1105 __func__, skb->dev->name);
1106 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1107 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1111 ND_PRINTK(2, warn, "RA: packet too short\n");
1115 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1116 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1117 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1123 * set the RA_RECV flag in the interface
1126 in6_dev = __in6_dev_get(skb->dev);
1128 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1133 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1134 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1138 if (!ipv6_accept_ra(in6_dev)) {
1140 "RA: %s, did not accept ra for dev: %s\n",
1141 __func__, skb->dev->name);
1142 goto skip_linkparms;
1145 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1146 /* skip link-specific parameters from interior routers */
1147 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1149 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1150 __func__, skb->dev->name);
1151 goto skip_linkparms;
1155 if (in6_dev->if_flags & IF_RS_SENT) {
1157 * flag that an RA was received after an RS was sent
1158 * out on this interface.
1160 in6_dev->if_flags |= IF_RA_RCVD;
1164 * Remember the managed/otherconf flags from most recently
1165 * received RA message (RFC 2462) -- yoshfuji
1167 old_if_flags = in6_dev->if_flags;
1168 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1170 (ra_msg->icmph.icmp6_addrconf_managed ?
1171 IF_RA_MANAGED : 0) |
1172 (ra_msg->icmph.icmp6_addrconf_other ?
1173 IF_RA_OTHERCONF : 0);
1175 if (old_if_flags != in6_dev->if_flags)
1176 send_ifinfo_notify = true;
1178 if (!in6_dev->cnf.accept_ra_defrtr) {
1180 "RA: %s, defrtr is false for dev: %s\n",
1181 __func__, skb->dev->name);
1185 /* Do not accept RA with source-addr found on local machine unless
1186 * accept_ra_from_local is set to true.
1188 if (!in6_dev->cnf.accept_ra_from_local &&
1189 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1192 "RA from local address detected on dev: %s: default router ignored\n",
1197 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1199 #ifdef CONFIG_IPV6_ROUTER_PREF
1200 pref = ra_msg->icmph.icmp6_router_pref;
1201 /* 10b is handled as if it were 00b (medium) */
1202 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1203 !in6_dev->cnf.accept_ra_rtr_pref)
1204 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1207 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1210 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1213 "RA: %s got default router without neighbour\n",
1219 if (rt && lifetime == 0) {
1224 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1225 rt, lifetime, skb->dev->name);
1226 if (!rt && lifetime) {
1227 ND_PRINTK(3, info, "RA: adding default router\n");
1229 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1232 "RA: %s failed to add default route\n",
1237 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1240 "RA: %s got default router without neighbour\n",
1245 neigh->flags |= NTF_ROUTER;
1247 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1251 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1252 if (in6_dev->cnf.accept_ra_min_hop_limit < 256 &&
1253 ra_msg->icmph.icmp6_hop_limit) {
1254 if (in6_dev->cnf.accept_ra_min_hop_limit <= ra_msg->icmph.icmp6_hop_limit) {
1255 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1257 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1258 ra_msg->icmph.icmp6_hop_limit);
1260 ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than minimum\n");
1267 * Update Reachable Time and Retrans Timer
1270 if (in6_dev->nd_parms) {
1271 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1273 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1274 rtime = (rtime*HZ)/1000;
1277 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1278 in6_dev->tstamp = jiffies;
1279 send_ifinfo_notify = true;
1282 rtime = ntohl(ra_msg->reachable_time);
1283 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1284 rtime = (rtime*HZ)/1000;
1289 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1290 NEIGH_VAR_SET(in6_dev->nd_parms,
1291 BASE_REACHABLE_TIME, rtime);
1292 NEIGH_VAR_SET(in6_dev->nd_parms,
1293 GC_STALETIME, 3 * rtime);
1294 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1295 in6_dev->tstamp = jiffies;
1296 send_ifinfo_notify = true;
1302 * Send a notify if RA changed managed/otherconf flags or timer settings
1304 if (send_ifinfo_notify)
1305 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1314 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1318 if (ndopts.nd_opts_src_lladdr) {
1319 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1323 "RA: invalid link-layer address length\n");
1327 neigh_update(neigh, lladdr, NUD_STALE,
1328 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1329 NEIGH_UPDATE_F_OVERRIDE|
1330 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1331 NEIGH_UPDATE_F_ISROUTER);
1334 if (!ipv6_accept_ra(in6_dev)) {
1336 "RA: %s, accept_ra is false for dev: %s\n",
1337 __func__, skb->dev->name);
1341 #ifdef CONFIG_IPV6_ROUTE_INFO
1342 if (!in6_dev->cnf.accept_ra_from_local &&
1343 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1346 "RA from local address detected on dev: %s: router info ignored.\n",
1348 goto skip_routeinfo;
1351 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1352 struct nd_opt_hdr *p;
1353 for (p = ndopts.nd_opts_ri;
1355 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1356 struct route_info *ri = (struct route_info *)p;
1357 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1358 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1359 ri->prefix_len == 0)
1362 if (ri->prefix_len == 0 &&
1363 !in6_dev->cnf.accept_ra_defrtr)
1365 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1367 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1368 &ipv6_hdr(skb)->saddr);
1375 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1376 /* skip link-specific ndopts from interior routers */
1377 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1379 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1380 __func__, skb->dev->name);
1385 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1386 struct nd_opt_hdr *p;
1387 for (p = ndopts.nd_opts_pi;
1389 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1390 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1391 (p->nd_opt_len) << 3,
1392 ndopts.nd_opts_src_lladdr != NULL);
1396 if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1400 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1403 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1404 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1405 } else if (in6_dev->cnf.mtu6 != mtu) {
1406 in6_dev->cnf.mtu6 = mtu;
1409 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1411 rt6_mtu_change(skb->dev, mtu);
1415 if (ndopts.nd_useropts) {
1416 struct nd_opt_hdr *p;
1417 for (p = ndopts.nd_useropts;
1419 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1420 ndisc_ra_useropt(skb, p);
1424 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1425 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1430 neigh_release(neigh);
1433 static void ndisc_redirect_rcv(struct sk_buff *skb)
1436 struct ndisc_options ndopts;
1437 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1438 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1439 offsetof(struct rd_msg, opt));
1441 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1442 switch (skb->ndisc_nodetype) {
1443 case NDISC_NODETYPE_HOST:
1444 case NDISC_NODETYPE_NODEFAULT:
1446 "Redirect: from host or unauthorized router\n");
1451 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1453 "Redirect: source address is not link-local\n");
1457 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts))
1460 if (!ndopts.nd_opts_rh) {
1461 ip6_redirect_no_header(skb, dev_net(skb->dev),
1462 skb->dev->ifindex, 0);
1466 hdr = (u8 *)ndopts.nd_opts_rh;
1468 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1471 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1474 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1475 struct sk_buff *orig_skb,
1478 u8 *opt = skb_put(skb, rd_len);
1481 *(opt++) = ND_OPT_REDIRECT_HDR;
1482 *(opt++) = (rd_len >> 3);
1485 memcpy(opt, ipv6_hdr(orig_skb), rd_len - 8);
1488 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1490 struct net_device *dev = skb->dev;
1491 struct net *net = dev_net(dev);
1492 struct sock *sk = net->ipv6.ndisc_sk;
1494 struct inet_peer *peer;
1495 struct sk_buff *buff;
1497 struct in6_addr saddr_buf;
1498 struct rt6_info *rt;
1499 struct dst_entry *dst;
1502 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1503 int oif = l3mdev_fib_oif(dev);
1506 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1507 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1512 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1513 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1515 "Redirect: target address is not link-local unicast\n");
1519 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1520 &saddr_buf, &ipv6_hdr(skb)->saddr, oif);
1522 if (oif != skb->dev->ifindex)
1523 fl6.flowi6_flags |= FLOWI_FLAG_L3MDEV_SRC;
1525 dst = ip6_route_output(net, NULL, &fl6);
1530 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1534 rt = (struct rt6_info *) dst;
1536 if (rt->rt6i_flags & RTF_GATEWAY) {
1538 "Redirect: destination is not a neighbour\n");
1541 peer = inet_getpeer_v6(net->ipv6.peers, &ipv6_hdr(skb)->saddr, 1);
1542 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1548 if (dev->addr_len) {
1549 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1552 "Redirect: no neigh for target address\n");
1556 read_lock_bh(&neigh->lock);
1557 if (neigh->nud_state & NUD_VALID) {
1558 memcpy(ha_buf, neigh->ha, dev->addr_len);
1559 read_unlock_bh(&neigh->lock);
1561 optlen += ndisc_opt_addr_space(dev);
1563 read_unlock_bh(&neigh->lock);
1565 neigh_release(neigh);
1568 rd_len = min_t(unsigned int,
1569 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1574 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1578 msg = (struct rd_msg *)skb_put(buff, sizeof(*msg));
1579 *msg = (struct rd_msg) {
1581 .icmp6_type = NDISC_REDIRECT,
1584 .dest = ipv6_hdr(skb)->daddr,
1588 * include target_address option
1592 ndisc_fill_addr_option(buff, ND_OPT_TARGET_LL_ADDR, ha);
1595 * build redirect option and copy skb over to the new packet.
1599 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1601 skb_dst_set(buff, dst);
1602 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1609 static void pndisc_redo(struct sk_buff *skb)
1615 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1617 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1621 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1622 idev->cnf.suppress_frag_ndisc) {
1623 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1629 int ndisc_rcv(struct sk_buff *skb)
1633 if (ndisc_suppress_frag_ndisc(skb))
1636 if (skb_linearize(skb))
1639 msg = (struct nd_msg *)skb_transport_header(skb);
1641 __skb_push(skb, skb->data - skb_transport_header(skb));
1643 if (ipv6_hdr(skb)->hop_limit != 255) {
1644 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1645 ipv6_hdr(skb)->hop_limit);
1649 if (msg->icmph.icmp6_code != 0) {
1650 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1651 msg->icmph.icmp6_code);
1655 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1657 switch (msg->icmph.icmp6_type) {
1658 case NDISC_NEIGHBOUR_SOLICITATION:
1662 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1666 case NDISC_ROUTER_SOLICITATION:
1670 case NDISC_ROUTER_ADVERTISEMENT:
1671 ndisc_router_discovery(skb);
1674 case NDISC_REDIRECT:
1675 ndisc_redirect_rcv(skb);
1682 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1684 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1685 struct netdev_notifier_change_info *change_info;
1686 struct net *net = dev_net(dev);
1687 struct inet6_dev *idev;
1690 case NETDEV_CHANGEADDR:
1691 neigh_changeaddr(&nd_tbl, dev);
1692 fib6_run_gc(0, net, false);
1693 idev = in6_dev_get(dev);
1696 if (idev->cnf.ndisc_notify)
1697 ndisc_send_unsol_na(dev);
1702 if (change_info->flags_changed & IFF_NOARP)
1703 neigh_changeaddr(&nd_tbl, dev);
1706 neigh_ifdown(&nd_tbl, dev);
1707 fib6_run_gc(0, net, false);
1709 case NETDEV_NOTIFY_PEERS:
1710 ndisc_send_unsol_na(dev);
1719 static struct notifier_block ndisc_netdev_notifier = {
1720 .notifier_call = ndisc_netdev_event,
1723 #ifdef CONFIG_SYSCTL
1724 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1725 const char *func, const char *dev_name)
1727 static char warncomm[TASK_COMM_LEN];
1729 if (strcmp(warncomm, current->comm) && warned < 5) {
1730 strcpy(warncomm, current->comm);
1731 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1733 dev_name, ctl->procname,
1734 dev_name, ctl->procname);
1739 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1741 struct net_device *dev = ctl->extra1;
1742 struct inet6_dev *idev;
1745 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1746 (strcmp(ctl->procname, "base_reachable_time") == 0))
1747 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1749 if (strcmp(ctl->procname, "retrans_time") == 0)
1750 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1752 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1753 ret = neigh_proc_dointvec_jiffies(ctl, write,
1754 buffer, lenp, ppos);
1756 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1757 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1758 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1759 buffer, lenp, ppos);
1763 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1764 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1765 idev->nd_parms->reachable_time =
1766 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1767 idev->tstamp = jiffies;
1768 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1777 static int __net_init ndisc_net_init(struct net *net)
1779 struct ipv6_pinfo *np;
1783 err = inet_ctl_sock_create(&sk, PF_INET6,
1784 SOCK_RAW, IPPROTO_ICMPV6, net);
1787 "NDISC: Failed to initialize the control socket (err %d)\n",
1792 net->ipv6.ndisc_sk = sk;
1795 np->hop_limit = 255;
1796 /* Do not loopback ndisc messages */
1802 static void __net_exit ndisc_net_exit(struct net *net)
1804 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1807 static struct pernet_operations ndisc_net_ops = {
1808 .init = ndisc_net_init,
1809 .exit = ndisc_net_exit,
1812 int __init ndisc_init(void)
1816 err = register_pernet_subsys(&ndisc_net_ops);
1820 * Initialize the neighbour table
1822 neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1824 #ifdef CONFIG_SYSCTL
1825 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1826 ndisc_ifinfo_sysctl_change);
1828 goto out_unregister_pernet;
1833 #ifdef CONFIG_SYSCTL
1834 out_unregister_pernet:
1835 unregister_pernet_subsys(&ndisc_net_ops);
1840 int __init ndisc_late_init(void)
1842 return register_netdevice_notifier(&ndisc_netdev_notifier);
1845 void ndisc_late_cleanup(void)
1847 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1850 void ndisc_cleanup(void)
1852 #ifdef CONFIG_SYSCTL
1853 neigh_sysctl_unregister(&nd_tbl.parms);
1855 neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1856 unregister_pernet_subsys(&ndisc_net_ops);
projects / cascardo / linux.git / blob