2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
30 #define pr_fmt(fmt) "ICMPv6: " fmt
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
45 #include <linux/sysctl.h>
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <net/l3mdev.h>
71 #include <linux/proc_fs.h>
73 #include <linux/netfilter.h>
74 #include <linux/netfilter_ipv6.h>
76 /* Set to 3 to get tracing... */
79 #define ND_PRINTK(val, level, fmt, ...) \
81 if (val <= ND_DEBUG) \
82 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
85 static u32 ndisc_hash(const void *pkey,
86 const struct net_device *dev,
88 static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey);
89 static int ndisc_constructor(struct neighbour *neigh);
90 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
91 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
92 static int pndisc_constructor(struct pneigh_entry *n);
93 static void pndisc_destructor(struct pneigh_entry *n);
94 static void pndisc_redo(struct sk_buff *skb);
96 static const struct neigh_ops ndisc_generic_ops = {
98 .solicit = ndisc_solicit,
99 .error_report = ndisc_error_report,
100 .output = neigh_resolve_output,
101 .connected_output = neigh_connected_output,
104 static const struct neigh_ops ndisc_hh_ops = {
106 .solicit = ndisc_solicit,
107 .error_report = ndisc_error_report,
108 .output = neigh_resolve_output,
109 .connected_output = neigh_resolve_output,
113 static const struct neigh_ops ndisc_direct_ops = {
115 .output = neigh_direct_output,
116 .connected_output = neigh_direct_output,
119 struct neigh_table nd_tbl = {
121 .key_len = sizeof(struct in6_addr),
122 .protocol = cpu_to_be16(ETH_P_IPV6),
124 .key_eq = ndisc_key_eq,
125 .constructor = ndisc_constructor,
126 .pconstructor = pndisc_constructor,
127 .pdestructor = pndisc_destructor,
128 .proxy_redo = pndisc_redo,
132 .reachable_time = ND_REACHABLE_TIME,
134 [NEIGH_VAR_MCAST_PROBES] = 3,
135 [NEIGH_VAR_UCAST_PROBES] = 3,
136 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
137 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
138 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
139 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
140 [NEIGH_VAR_QUEUE_LEN_BYTES] = 64 * 1024,
141 [NEIGH_VAR_PROXY_QLEN] = 64,
142 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
143 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
146 .gc_interval = 30 * HZ,
151 EXPORT_SYMBOL_GPL(nd_tbl);
153 static void ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data)
155 int pad = ndisc_addr_option_pad(skb->dev->type);
156 int data_len = skb->dev->addr_len;
157 int space = ndisc_opt_addr_space(skb->dev);
158 u8 *opt = skb_put(skb, space);
163 memset(opt + 2, 0, pad);
167 memcpy(opt+2, data, data_len);
172 memset(opt, 0, space);
175 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
176 struct nd_opt_hdr *end)
179 if (!cur || !end || cur >= end)
181 type = cur->nd_opt_type;
183 cur = ((void *)cur) + (cur->nd_opt_len << 3);
184 } while (cur < end && cur->nd_opt_type != type);
185 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
188 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
190 return opt->nd_opt_type == ND_OPT_RDNSS ||
191 opt->nd_opt_type == ND_OPT_DNSSL;
194 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
195 struct nd_opt_hdr *end)
197 if (!cur || !end || cur >= end)
200 cur = ((void *)cur) + (cur->nd_opt_len << 3);
201 } while (cur < end && !ndisc_is_useropt(cur));
202 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
205 struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
206 struct ndisc_options *ndopts)
208 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
210 if (!nd_opt || opt_len < 0 || !ndopts)
212 memset(ndopts, 0, sizeof(*ndopts));
215 if (opt_len < sizeof(struct nd_opt_hdr))
217 l = nd_opt->nd_opt_len << 3;
218 if (opt_len < l || l == 0)
220 switch (nd_opt->nd_opt_type) {
221 case ND_OPT_SOURCE_LL_ADDR:
222 case ND_OPT_TARGET_LL_ADDR:
224 case ND_OPT_REDIRECT_HDR:
225 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
227 "%s: duplicated ND6 option found: type=%d\n",
228 __func__, nd_opt->nd_opt_type);
230 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
233 case ND_OPT_PREFIX_INFO:
234 ndopts->nd_opts_pi_end = nd_opt;
235 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
236 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
238 #ifdef CONFIG_IPV6_ROUTE_INFO
239 case ND_OPT_ROUTE_INFO:
240 ndopts->nd_opts_ri_end = nd_opt;
241 if (!ndopts->nd_opts_ri)
242 ndopts->nd_opts_ri = nd_opt;
246 if (ndisc_is_useropt(nd_opt)) {
247 ndopts->nd_useropts_end = nd_opt;
248 if (!ndopts->nd_useropts)
249 ndopts->nd_useropts = nd_opt;
252 * Unknown options must be silently ignored,
253 * to accommodate future extension to the
257 "%s: ignored unsupported option; type=%d, len=%d\n",
264 nd_opt = ((void *)nd_opt) + l;
269 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
273 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
275 ipv6_eth_mc_map(addr, buf);
278 ipv6_arcnet_mc_map(addr, buf);
280 case ARPHRD_INFINIBAND:
281 ipv6_ib_mc_map(addr, dev->broadcast, buf);
284 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
287 memcpy(buf, dev->broadcast, dev->addr_len);
293 EXPORT_SYMBOL(ndisc_mc_map);
295 static u32 ndisc_hash(const void *pkey,
296 const struct net_device *dev,
299 return ndisc_hashfn(pkey, dev, hash_rnd);
302 static bool ndisc_key_eq(const struct neighbour *n, const void *pkey)
304 return neigh_key_eq128(n, pkey);
307 static int ndisc_constructor(struct neighbour *neigh)
309 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
310 struct net_device *dev = neigh->dev;
311 struct inet6_dev *in6_dev;
312 struct neigh_parms *parms;
313 bool is_multicast = ipv6_addr_is_multicast(addr);
315 in6_dev = in6_dev_get(dev);
320 parms = in6_dev->nd_parms;
321 __neigh_parms_put(neigh->parms);
322 neigh->parms = neigh_parms_clone(parms);
324 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
325 if (!dev->header_ops) {
326 neigh->nud_state = NUD_NOARP;
327 neigh->ops = &ndisc_direct_ops;
328 neigh->output = neigh_direct_output;
331 neigh->nud_state = NUD_NOARP;
332 ndisc_mc_map(addr, neigh->ha, dev, 1);
333 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
334 neigh->nud_state = NUD_NOARP;
335 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
336 if (dev->flags&IFF_LOOPBACK)
337 neigh->type = RTN_LOCAL;
338 } else if (dev->flags&IFF_POINTOPOINT) {
339 neigh->nud_state = NUD_NOARP;
340 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
342 if (dev->header_ops->cache)
343 neigh->ops = &ndisc_hh_ops;
345 neigh->ops = &ndisc_generic_ops;
346 if (neigh->nud_state&NUD_VALID)
347 neigh->output = neigh->ops->connected_output;
349 neigh->output = neigh->ops->output;
351 in6_dev_put(in6_dev);
355 static int pndisc_constructor(struct pneigh_entry *n)
357 struct in6_addr *addr = (struct in6_addr *)&n->key;
358 struct in6_addr maddr;
359 struct net_device *dev = n->dev;
361 if (!dev || !__in6_dev_get(dev))
363 addrconf_addr_solict_mult(addr, &maddr);
364 ipv6_dev_mc_inc(dev, &maddr);
368 static void pndisc_destructor(struct pneigh_entry *n)
370 struct in6_addr *addr = (struct in6_addr *)&n->key;
371 struct in6_addr maddr;
372 struct net_device *dev = n->dev;
374 if (!dev || !__in6_dev_get(dev))
376 addrconf_addr_solict_mult(addr, &maddr);
377 ipv6_dev_mc_dec(dev, &maddr);
380 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
383 int hlen = LL_RESERVED_SPACE(dev);
384 int tlen = dev->needed_tailroom;
385 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
388 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
390 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
395 skb->protocol = htons(ETH_P_IPV6);
398 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
399 skb_reset_transport_header(skb);
401 /* Manually assign socket ownership as we avoid calling
402 * sock_alloc_send_pskb() to bypass wmem buffer limits
404 skb_set_owner_w(skb, sk);
409 static void ip6_nd_hdr(struct sk_buff *skb,
410 const struct in6_addr *saddr,
411 const struct in6_addr *daddr,
412 int hop_limit, int len)
416 skb_push(skb, sizeof(*hdr));
417 skb_reset_network_header(skb);
420 ip6_flow_hdr(hdr, 0, 0);
422 hdr->payload_len = htons(len);
423 hdr->nexthdr = IPPROTO_ICMPV6;
424 hdr->hop_limit = hop_limit;
430 static void ndisc_send_skb(struct sk_buff *skb,
431 const struct in6_addr *daddr,
432 const struct in6_addr *saddr)
434 struct dst_entry *dst = skb_dst(skb);
435 struct net *net = dev_net(skb->dev);
436 struct sock *sk = net->ipv6.ndisc_sk;
437 struct inet6_dev *idev;
439 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
442 type = icmp6h->icmp6_type;
446 int oif = l3mdev_fib_oif(skb->dev);
448 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, oif);
449 if (oif != skb->dev->ifindex)
450 fl6.flowi6_flags |= FLOWI_FLAG_L3MDEV_SRC;
451 dst = icmp6_dst_alloc(skb->dev, &fl6);
457 skb_dst_set(skb, dst);
460 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
465 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
468 idev = __in6_dev_get(dst->dev);
469 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
471 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
472 net, sk, skb, NULL, dst->dev,
475 ICMP6MSGOUT_INC_STATS(net, idev, type);
476 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
482 void ndisc_send_na(struct net_device *dev, const struct in6_addr *daddr,
483 const struct in6_addr *solicited_addr,
484 bool router, bool solicited, bool override, bool inc_opt)
487 struct in6_addr tmpaddr;
488 struct inet6_ifaddr *ifp;
489 const struct in6_addr *src_addr;
493 /* for anycast or proxy, solicited_addr != src_addr */
494 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
496 src_addr = solicited_addr;
497 if (ifp->flags & IFA_F_OPTIMISTIC)
499 inc_opt |= ifp->idev->cnf.force_tllao;
502 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
503 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
512 optlen += ndisc_opt_addr_space(dev);
514 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
518 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
519 *msg = (struct nd_msg) {
521 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
522 .icmp6_router = router,
523 .icmp6_solicited = solicited,
524 .icmp6_override = override,
526 .target = *solicited_addr,
530 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
534 ndisc_send_skb(skb, daddr, src_addr);
537 static void ndisc_send_unsol_na(struct net_device *dev)
539 struct inet6_dev *idev;
540 struct inet6_ifaddr *ifa;
542 idev = in6_dev_get(dev);
546 read_lock_bh(&idev->lock);
547 list_for_each_entry(ifa, &idev->addr_list, if_list) {
548 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &ifa->addr,
549 /*router=*/ !!idev->cnf.forwarding,
550 /*solicited=*/ false, /*override=*/ true,
553 read_unlock_bh(&idev->lock);
558 void ndisc_send_ns(struct net_device *dev, const struct in6_addr *solicit,
559 const struct in6_addr *daddr, const struct in6_addr *saddr)
562 struct in6_addr addr_buf;
563 int inc_opt = dev->addr_len;
568 if (ipv6_get_lladdr(dev, &addr_buf,
569 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
574 if (ipv6_addr_any(saddr))
577 optlen += ndisc_opt_addr_space(dev);
579 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
583 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
584 *msg = (struct nd_msg) {
586 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
592 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
595 ndisc_send_skb(skb, daddr, saddr);
598 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
599 const struct in6_addr *daddr)
603 int send_sllao = dev->addr_len;
606 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
608 * According to section 2.2 of RFC 4429, we must not
609 * send router solicitations with a sllao from
610 * optimistic addresses, but we may send the solicitation
611 * if we don't include the sllao. So here we check
612 * if our address is optimistic, and if so, we
613 * suppress the inclusion of the sllao.
616 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
619 if (ifp->flags & IFA_F_OPTIMISTIC) {
629 optlen += ndisc_opt_addr_space(dev);
631 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
635 msg = (struct rs_msg *)skb_put(skb, sizeof(*msg));
636 *msg = (struct rs_msg) {
638 .icmp6_type = NDISC_ROUTER_SOLICITATION,
643 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
646 ndisc_send_skb(skb, daddr, saddr);
650 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
653 * "The sender MUST return an ICMP
654 * destination unreachable"
656 dst_link_failure(skb);
660 /* Called with locked neigh: either read or both */
662 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
664 struct in6_addr *saddr = NULL;
665 struct in6_addr mcaddr;
666 struct net_device *dev = neigh->dev;
667 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
668 int probes = atomic_read(&neigh->probes);
670 if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
672 IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
673 saddr = &ipv6_hdr(skb)->saddr;
674 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
676 if (!(neigh->nud_state & NUD_VALID)) {
678 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
681 ndisc_send_ns(dev, target, target, saddr);
682 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
685 addrconf_addr_solict_mult(target, &mcaddr);
686 ndisc_send_ns(dev, target, &mcaddr, saddr);
690 static int pndisc_is_router(const void *pkey,
691 struct net_device *dev)
693 struct pneigh_entry *n;
696 read_lock_bh(&nd_tbl.lock);
697 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
699 ret = !!(n->flags & NTF_ROUTER);
700 read_unlock_bh(&nd_tbl.lock);
705 static void ndisc_recv_ns(struct sk_buff *skb)
707 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
708 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
709 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
711 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
712 offsetof(struct nd_msg, opt));
713 struct ndisc_options ndopts;
714 struct net_device *dev = skb->dev;
715 struct inet6_ifaddr *ifp;
716 struct inet6_dev *idev = NULL;
717 struct neighbour *neigh;
718 int dad = ipv6_addr_any(saddr);
722 if (skb->len < sizeof(struct nd_msg)) {
723 ND_PRINTK(2, warn, "NS: packet too short\n");
727 if (ipv6_addr_is_multicast(&msg->target)) {
728 ND_PRINTK(2, warn, "NS: multicast target address\n");
734 * DAD has to be destined for solicited node multicast address.
736 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
737 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
741 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
742 ND_PRINTK(2, warn, "NS: invalid ND options\n");
746 if (ndopts.nd_opts_src_lladdr) {
747 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
750 "NS: invalid link-layer address length\n");
755 * If the IP source address is the unspecified address,
756 * there MUST NOT be source link-layer address option
761 "NS: bad DAD packet (link-layer address option)\n");
766 inc = ipv6_addr_is_multicast(daddr);
768 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
771 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
774 * We are colliding with another node
776 * so fail our DAD process
778 addrconf_dad_failure(ifp);
782 * This is not a dad solicitation.
783 * If we are an optimistic node,
785 * Otherwise, we should ignore it.
787 if (!(ifp->flags & IFA_F_OPTIMISTIC))
794 struct net *net = dev_net(dev);
796 /* perhaps an address on the master device */
797 if (netif_is_l3_slave(dev)) {
798 struct net_device *mdev;
800 mdev = netdev_master_upper_dev_get_rcu(dev);
802 ifp = ipv6_get_ifaddr(net, &msg->target, mdev, 1);
808 idev = in6_dev_get(dev);
810 /* XXX: count this drop? */
814 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
815 (idev->cnf.forwarding &&
816 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
817 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
818 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
819 skb->pkt_type != PACKET_HOST &&
821 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
823 * for anycast or proxy,
824 * sender should delay its response
825 * by a random time between 0 and
826 * MAX_ANYCAST_DELAY_TIME seconds.
827 * (RFC2461) -- yoshfuji
829 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
831 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
839 is_router = idev->cnf.forwarding;
842 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &msg->target,
843 !!is_router, false, (ifp != NULL), true);
848 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
850 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
853 * update / create cache entry
854 * for the source address
856 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
857 !inc || lladdr || !dev->addr_len);
859 neigh_update(neigh, lladdr, NUD_STALE,
860 NEIGH_UPDATE_F_WEAK_OVERRIDE|
861 NEIGH_UPDATE_F_OVERRIDE);
862 if (neigh || !dev->header_ops) {
863 ndisc_send_na(dev, saddr, &msg->target, !!is_router,
864 true, (ifp != NULL && inc), inc);
866 neigh_release(neigh);
876 static void ndisc_recv_na(struct sk_buff *skb)
878 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
879 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
880 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
882 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
883 offsetof(struct nd_msg, opt));
884 struct ndisc_options ndopts;
885 struct net_device *dev = skb->dev;
886 struct inet6_ifaddr *ifp;
887 struct neighbour *neigh;
889 if (skb->len < sizeof(struct nd_msg)) {
890 ND_PRINTK(2, warn, "NA: packet too short\n");
894 if (ipv6_addr_is_multicast(&msg->target)) {
895 ND_PRINTK(2, warn, "NA: target address is multicast\n");
899 if (ipv6_addr_is_multicast(daddr) &&
900 msg->icmph.icmp6_solicited) {
901 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
905 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
906 ND_PRINTK(2, warn, "NS: invalid ND option\n");
909 if (ndopts.nd_opts_tgt_lladdr) {
910 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
913 "NA: invalid link-layer address length\n");
917 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
919 if (skb->pkt_type != PACKET_LOOPBACK
920 && (ifp->flags & IFA_F_TENTATIVE)) {
921 addrconf_dad_failure(ifp);
924 /* What should we make now? The advertisement
925 is invalid, but ndisc specs say nothing
926 about it. It could be misconfiguration, or
927 an smart proxy agent tries to help us :-)
929 We should not print the error if NA has been
930 received from loopback - it is just our own
931 unsolicited advertisement.
933 if (skb->pkt_type != PACKET_LOOPBACK)
935 "NA: someone advertises our address %pI6 on %s!\n",
936 &ifp->addr, ifp->idev->dev->name);
940 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
943 u8 old_flags = neigh->flags;
944 struct net *net = dev_net(dev);
946 if (neigh->nud_state & NUD_FAILED)
950 * Don't update the neighbor cache entry on a proxy NA from
951 * ourselves because either the proxied node is off link or it
952 * has already sent a NA to us.
954 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
955 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
956 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
957 /* XXX: idev->cnf.proxy_ndp */
961 neigh_update(neigh, lladdr,
962 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
963 NEIGH_UPDATE_F_WEAK_OVERRIDE|
964 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
965 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
966 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
968 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
970 * Change: router to host
972 rt6_clean_tohost(dev_net(dev), saddr);
976 neigh_release(neigh);
980 static void ndisc_recv_rs(struct sk_buff *skb)
982 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
983 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
984 struct neighbour *neigh;
985 struct inet6_dev *idev;
986 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
987 struct ndisc_options ndopts;
990 if (skb->len < sizeof(*rs_msg))
993 idev = __in6_dev_get(skb->dev);
995 ND_PRINTK(1, err, "RS: can't find in6 device\n");
999 /* Don't accept RS if we're not in router mode */
1000 if (!idev->cnf.forwarding)
1004 * Don't update NCE if src = ::;
1005 * this implies that the source node has no ip address assigned yet.
1007 if (ipv6_addr_any(saddr))
1010 /* Parse ND options */
1011 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
1012 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
1016 if (ndopts.nd_opts_src_lladdr) {
1017 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1023 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1025 neigh_update(neigh, lladdr, NUD_STALE,
1026 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1027 NEIGH_UPDATE_F_OVERRIDE|
1028 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1029 neigh_release(neigh);
1035 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1037 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1038 struct sk_buff *skb;
1039 struct nlmsghdr *nlh;
1040 struct nduseroptmsg *ndmsg;
1041 struct net *net = dev_net(ra->dev);
1043 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1044 + (opt->nd_opt_len << 3));
1045 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1047 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1053 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1055 goto nla_put_failure;
1058 ndmsg = nlmsg_data(nlh);
1059 ndmsg->nduseropt_family = AF_INET6;
1060 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1061 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1062 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1063 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1065 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1067 if (nla_put_in6_addr(skb, NDUSEROPT_SRCADDR, &ipv6_hdr(ra)->saddr))
1068 goto nla_put_failure;
1069 nlmsg_end(skb, nlh);
1071 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1078 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1081 static void ndisc_router_discovery(struct sk_buff *skb)
1083 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1084 struct neighbour *neigh = NULL;
1085 struct inet6_dev *in6_dev;
1086 struct rt6_info *rt = NULL;
1088 struct ndisc_options ndopts;
1090 unsigned int pref = 0;
1092 bool send_ifinfo_notify = false;
1094 __u8 *opt = (__u8 *)(ra_msg + 1);
1096 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1097 sizeof(struct ra_msg);
1100 "RA: %s, dev: %s\n",
1101 __func__, skb->dev->name);
1102 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1103 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1107 ND_PRINTK(2, warn, "RA: packet too short\n");
1111 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1112 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1113 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1119 * set the RA_RECV flag in the interface
1122 in6_dev = __in6_dev_get(skb->dev);
1124 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1129 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1130 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1134 if (!ipv6_accept_ra(in6_dev)) {
1136 "RA: %s, did not accept ra for dev: %s\n",
1137 __func__, skb->dev->name);
1138 goto skip_linkparms;
1141 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1142 /* skip link-specific parameters from interior routers */
1143 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1145 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1146 __func__, skb->dev->name);
1147 goto skip_linkparms;
1151 if (in6_dev->if_flags & IF_RS_SENT) {
1153 * flag that an RA was received after an RS was sent
1154 * out on this interface.
1156 in6_dev->if_flags |= IF_RA_RCVD;
1160 * Remember the managed/otherconf flags from most recently
1161 * received RA message (RFC 2462) -- yoshfuji
1163 old_if_flags = in6_dev->if_flags;
1164 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1166 (ra_msg->icmph.icmp6_addrconf_managed ?
1167 IF_RA_MANAGED : 0) |
1168 (ra_msg->icmph.icmp6_addrconf_other ?
1169 IF_RA_OTHERCONF : 0);
1171 if (old_if_flags != in6_dev->if_flags)
1172 send_ifinfo_notify = true;
1174 if (!in6_dev->cnf.accept_ra_defrtr) {
1176 "RA: %s, defrtr is false for dev: %s\n",
1177 __func__, skb->dev->name);
1181 /* Do not accept RA with source-addr found on local machine unless
1182 * accept_ra_from_local is set to true.
1184 if (!in6_dev->cnf.accept_ra_from_local &&
1185 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1188 "RA from local address detected on dev: %s: default router ignored\n",
1193 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1195 #ifdef CONFIG_IPV6_ROUTER_PREF
1196 pref = ra_msg->icmph.icmp6_router_pref;
1197 /* 10b is handled as if it were 00b (medium) */
1198 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1199 !in6_dev->cnf.accept_ra_rtr_pref)
1200 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1203 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1206 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1209 "RA: %s got default router without neighbour\n",
1215 if (rt && lifetime == 0) {
1220 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1221 rt, lifetime, skb->dev->name);
1222 if (!rt && lifetime) {
1223 ND_PRINTK(3, info, "RA: adding default router\n");
1225 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1228 "RA: %s failed to add default route\n",
1233 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1236 "RA: %s got default router without neighbour\n",
1241 neigh->flags |= NTF_ROUTER;
1243 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1247 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1248 if (in6_dev->cnf.accept_ra_min_hop_limit < 256 &&
1249 ra_msg->icmph.icmp6_hop_limit) {
1250 if (in6_dev->cnf.accept_ra_min_hop_limit <= ra_msg->icmph.icmp6_hop_limit) {
1251 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1253 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1254 ra_msg->icmph.icmp6_hop_limit);
1256 ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than minimum\n");
1263 * Update Reachable Time and Retrans Timer
1266 if (in6_dev->nd_parms) {
1267 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1269 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1270 rtime = (rtime*HZ)/1000;
1273 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1274 in6_dev->tstamp = jiffies;
1275 send_ifinfo_notify = true;
1278 rtime = ntohl(ra_msg->reachable_time);
1279 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1280 rtime = (rtime*HZ)/1000;
1285 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1286 NEIGH_VAR_SET(in6_dev->nd_parms,
1287 BASE_REACHABLE_TIME, rtime);
1288 NEIGH_VAR_SET(in6_dev->nd_parms,
1289 GC_STALETIME, 3 * rtime);
1290 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1291 in6_dev->tstamp = jiffies;
1292 send_ifinfo_notify = true;
1298 * Send a notify if RA changed managed/otherconf flags or timer settings
1300 if (send_ifinfo_notify)
1301 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1310 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1314 if (ndopts.nd_opts_src_lladdr) {
1315 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1319 "RA: invalid link-layer address length\n");
1323 neigh_update(neigh, lladdr, NUD_STALE,
1324 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1325 NEIGH_UPDATE_F_OVERRIDE|
1326 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1327 NEIGH_UPDATE_F_ISROUTER);
1330 if (!ipv6_accept_ra(in6_dev)) {
1332 "RA: %s, accept_ra is false for dev: %s\n",
1333 __func__, skb->dev->name);
1337 #ifdef CONFIG_IPV6_ROUTE_INFO
1338 if (!in6_dev->cnf.accept_ra_from_local &&
1339 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1342 "RA from local address detected on dev: %s: router info ignored.\n",
1344 goto skip_routeinfo;
1347 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1348 struct nd_opt_hdr *p;
1349 for (p = ndopts.nd_opts_ri;
1351 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1352 struct route_info *ri = (struct route_info *)p;
1353 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1354 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1355 ri->prefix_len == 0)
1358 if (ri->prefix_len == 0 &&
1359 !in6_dev->cnf.accept_ra_defrtr)
1361 if (ri->prefix_len < in6_dev->cnf.accept_ra_rt_info_min_plen)
1363 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1365 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1366 &ipv6_hdr(skb)->saddr);
1373 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1374 /* skip link-specific ndopts from interior routers */
1375 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1377 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1378 __func__, skb->dev->name);
1383 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1384 struct nd_opt_hdr *p;
1385 for (p = ndopts.nd_opts_pi;
1387 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1388 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1389 (p->nd_opt_len) << 3,
1390 ndopts.nd_opts_src_lladdr != NULL);
1394 if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1398 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1401 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1402 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1403 } else if (in6_dev->cnf.mtu6 != mtu) {
1404 in6_dev->cnf.mtu6 = mtu;
1407 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1409 rt6_mtu_change(skb->dev, mtu);
1413 if (ndopts.nd_useropts) {
1414 struct nd_opt_hdr *p;
1415 for (p = ndopts.nd_useropts;
1417 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1418 ndisc_ra_useropt(skb, p);
1422 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1423 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1428 neigh_release(neigh);
1431 static void ndisc_redirect_rcv(struct sk_buff *skb)
1434 struct ndisc_options ndopts;
1435 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1436 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1437 offsetof(struct rd_msg, opt));
1439 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1440 switch (skb->ndisc_nodetype) {
1441 case NDISC_NODETYPE_HOST:
1442 case NDISC_NODETYPE_NODEFAULT:
1444 "Redirect: from host or unauthorized router\n");
1449 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1451 "Redirect: source address is not link-local\n");
1455 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts))
1458 if (!ndopts.nd_opts_rh) {
1459 ip6_redirect_no_header(skb, dev_net(skb->dev),
1460 skb->dev->ifindex, 0);
1464 hdr = (u8 *)ndopts.nd_opts_rh;
1466 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1469 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1472 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1473 struct sk_buff *orig_skb,
1476 u8 *opt = skb_put(skb, rd_len);
1479 *(opt++) = ND_OPT_REDIRECT_HDR;
1480 *(opt++) = (rd_len >> 3);
1483 skb_copy_bits(orig_skb, skb_network_offset(orig_skb), opt,
1487 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1489 struct net_device *dev = skb->dev;
1490 struct net *net = dev_net(dev);
1491 struct sock *sk = net->ipv6.ndisc_sk;
1493 struct inet_peer *peer;
1494 struct sk_buff *buff;
1496 struct in6_addr saddr_buf;
1497 struct rt6_info *rt;
1498 struct dst_entry *dst;
1501 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1502 int oif = l3mdev_fib_oif(dev);
1505 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1506 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1511 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1512 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1514 "Redirect: target address is not link-local unicast\n");
1518 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1519 &saddr_buf, &ipv6_hdr(skb)->saddr, oif);
1521 if (oif != skb->dev->ifindex)
1522 fl6.flowi6_flags |= FLOWI_FLAG_L3MDEV_SRC;
1524 dst = ip6_route_output(net, NULL, &fl6);
1529 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1533 rt = (struct rt6_info *) dst;
1535 if (rt->rt6i_flags & RTF_GATEWAY) {
1537 "Redirect: destination is not a neighbour\n");
1540 peer = inet_getpeer_v6(net->ipv6.peers, &ipv6_hdr(skb)->saddr, 1);
1541 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1547 if (dev->addr_len) {
1548 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1551 "Redirect: no neigh for target address\n");
1555 read_lock_bh(&neigh->lock);
1556 if (neigh->nud_state & NUD_VALID) {
1557 memcpy(ha_buf, neigh->ha, dev->addr_len);
1558 read_unlock_bh(&neigh->lock);
1560 optlen += ndisc_opt_addr_space(dev);
1562 read_unlock_bh(&neigh->lock);
1564 neigh_release(neigh);
1567 rd_len = min_t(unsigned int,
1568 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1573 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1577 msg = (struct rd_msg *)skb_put(buff, sizeof(*msg));
1578 *msg = (struct rd_msg) {
1580 .icmp6_type = NDISC_REDIRECT,
1583 .dest = ipv6_hdr(skb)->daddr,
1587 * include target_address option
1591 ndisc_fill_addr_option(buff, ND_OPT_TARGET_LL_ADDR, ha);
1594 * build redirect option and copy skb over to the new packet.
1598 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1600 skb_dst_set(buff, dst);
1601 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1608 static void pndisc_redo(struct sk_buff *skb)
1614 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1616 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1620 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1621 idev->cnf.suppress_frag_ndisc) {
1622 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1628 int ndisc_rcv(struct sk_buff *skb)
1632 if (ndisc_suppress_frag_ndisc(skb))
1635 if (skb_linearize(skb))
1638 msg = (struct nd_msg *)skb_transport_header(skb);
1640 __skb_push(skb, skb->data - skb_transport_header(skb));
1642 if (ipv6_hdr(skb)->hop_limit != 255) {
1643 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1644 ipv6_hdr(skb)->hop_limit);
1648 if (msg->icmph.icmp6_code != 0) {
1649 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1650 msg->icmph.icmp6_code);
1654 switch (msg->icmph.icmp6_type) {
1655 case NDISC_NEIGHBOUR_SOLICITATION:
1656 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1660 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1664 case NDISC_ROUTER_SOLICITATION:
1668 case NDISC_ROUTER_ADVERTISEMENT:
1669 ndisc_router_discovery(skb);
1672 case NDISC_REDIRECT:
1673 ndisc_redirect_rcv(skb);
1680 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1682 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1683 struct netdev_notifier_change_info *change_info;
1684 struct net *net = dev_net(dev);
1685 struct inet6_dev *idev;
1688 case NETDEV_CHANGEADDR:
1689 neigh_changeaddr(&nd_tbl, dev);
1690 fib6_run_gc(0, net, false);
1693 idev = in6_dev_get(dev);
1696 if (idev->cnf.ndisc_notify)
1697 ndisc_send_unsol_na(dev);
1702 if (change_info->flags_changed & IFF_NOARP)
1703 neigh_changeaddr(&nd_tbl, dev);
1706 neigh_ifdown(&nd_tbl, dev);
1707 fib6_run_gc(0, net, false);
1709 case NETDEV_NOTIFY_PEERS:
1710 ndisc_send_unsol_na(dev);
1719 static struct notifier_block ndisc_netdev_notifier = {
1720 .notifier_call = ndisc_netdev_event,
1723 #ifdef CONFIG_SYSCTL
1724 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1725 const char *func, const char *dev_name)
1727 static char warncomm[TASK_COMM_LEN];
1729 if (strcmp(warncomm, current->comm) && warned < 5) {
1730 strcpy(warncomm, current->comm);
1731 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1733 dev_name, ctl->procname,
1734 dev_name, ctl->procname);
1739 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1741 struct net_device *dev = ctl->extra1;
1742 struct inet6_dev *idev;
1745 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1746 (strcmp(ctl->procname, "base_reachable_time") == 0))
1747 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1749 if (strcmp(ctl->procname, "retrans_time") == 0)
1750 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1752 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1753 ret = neigh_proc_dointvec_jiffies(ctl, write,
1754 buffer, lenp, ppos);
1756 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1757 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1758 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1759 buffer, lenp, ppos);
1763 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1764 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1765 idev->nd_parms->reachable_time =
1766 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1767 idev->tstamp = jiffies;
1768 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1777 static int __net_init ndisc_net_init(struct net *net)
1779 struct ipv6_pinfo *np;
1783 err = inet_ctl_sock_create(&sk, PF_INET6,
1784 SOCK_RAW, IPPROTO_ICMPV6, net);
1787 "NDISC: Failed to initialize the control socket (err %d)\n",
1792 net->ipv6.ndisc_sk = sk;
1795 np->hop_limit = 255;
1796 /* Do not loopback ndisc messages */
1802 static void __net_exit ndisc_net_exit(struct net *net)
1804 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1807 static struct pernet_operations ndisc_net_ops = {
1808 .init = ndisc_net_init,
1809 .exit = ndisc_net_exit,
1812 int __init ndisc_init(void)
1816 err = register_pernet_subsys(&ndisc_net_ops);
1820 * Initialize the neighbour table
1822 neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1824 #ifdef CONFIG_SYSCTL
1825 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1826 ndisc_ifinfo_sysctl_change);
1828 goto out_unregister_pernet;
1833 #ifdef CONFIG_SYSCTL
1834 out_unregister_pernet:
1835 unregister_pernet_subsys(&ndisc_net_ops);
1840 int __init ndisc_late_init(void)
1842 return register_netdevice_notifier(&ndisc_netdev_notifier);
1845 void ndisc_late_cleanup(void)
1847 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1850 void ndisc_cleanup(void)
1852 #ifdef CONFIG_SYSCTL
1853 neigh_sysctl_unregister(&nd_tbl.parms);
1855 neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1856 unregister_pernet_subsys(&ndisc_net_ops);
OSDN Git Service
