1 /*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
22 * of an RA.
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
28 */
29
30 #define pr_fmt(fmt) "ICMPv6: " fmt
31
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
44 #ifdef CONFIG_SYSCTL
45 #include <linux/sysctl.h>
46 #endif
47
48 #include <linux/if_addr.h>
49 #include <linux/if_ether.h>
50 #include <linux/if_arp.h>
51 #include <linux/ipv6.h>
52 #include <linux/icmpv6.h>
53 #include <linux/jhash.h>
54
55 #include <net/sock.h>
56 #include <net/snmp.h>
57
58 #include <net/ipv6.h>
59 #include <net/protocol.h>
60 #include <net/ndisc.h>
61 #include <net/ip6_route.h>
62 #include <net/addrconf.h>
63 #include <net/icmp.h>
64
65 #include <net/netlink.h>
66 #include <linux/rtnetlink.h>
67
68 #include <net/flow.h>
69 #include <net/ip6_checksum.h>
70 #include <net/inet_common.h>
71 #include <linux/proc_fs.h>
72
73 #include <linux/netfilter.h>
74 #include <linux/netfilter_ipv6.h>
75
76 static u32 ndisc_hash(const void *pkey,
77 const struct net_device *dev,
78 __u32 *hash_rnd);
79 static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey);
80 static int ndisc_constructor(struct neighbour *neigh);
81 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
82 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
83 static int pndisc_constructor(struct pneigh_entry *n);
84 static void pndisc_destructor(struct pneigh_entry *n);
85 static void pndisc_redo(struct sk_buff *skb);
86
87 static const struct neigh_ops ndisc_generic_ops = {
88 .family = AF_INET6,
89 .solicit = ndisc_solicit,
90 .error_report = ndisc_error_report,
91 .output = neigh_resolve_output,
92 .connected_output = neigh_connected_output,
93 };
94
95 static const struct neigh_ops ndisc_hh_ops = {
96 .family = AF_INET6,
97 .solicit = ndisc_solicit,
98 .error_report = ndisc_error_report,
99 .output = neigh_resolve_output,
100 .connected_output = neigh_resolve_output,
101 };
102
103
104 static const struct neigh_ops ndisc_direct_ops = {
105 .family = AF_INET6,
106 .output = neigh_direct_output,
107 .connected_output = neigh_direct_output,
108 };
109
110 struct neigh_table nd_tbl = {
111 .family = AF_INET6,
112 .key_len = sizeof(struct in6_addr),
113 .protocol = cpu_to_be16(ETH_P_IPV6),
114 .hash = ndisc_hash,
115 .key_eq = ndisc_key_eq,
116 .constructor = ndisc_constructor,
117 .pconstructor = pndisc_constructor,
118 .pdestructor = pndisc_destructor,
119 .proxy_redo = pndisc_redo,
120 .id = "ndisc_cache",
121 .parms = {
122 .tbl = &nd_tbl,
123 .reachable_time = ND_REACHABLE_TIME,
124 .data = {
125 [NEIGH_VAR_MCAST_PROBES] = 3,
126 [NEIGH_VAR_UCAST_PROBES] = 3,
127 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
128 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
129 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
130 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
131 [NEIGH_VAR_QUEUE_LEN_BYTES] = SK_WMEM_MAX,
132 [NEIGH_VAR_PROXY_QLEN] = 64,
133 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
134 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
135 },
136 },
137 .gc_interval = 30 * HZ,
138 .gc_thresh1 = 128,
139 .gc_thresh2 = 512,
140 .gc_thresh3 = 1024,
141 };
142 EXPORT_SYMBOL_GPL(nd_tbl);
143
__ndisc_fill_addr_option(struct sk_buff * skb,int type,void * data,int data_len,int pad)144 void __ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data,
145 int data_len, int pad)
146 {
147 int space = __ndisc_opt_addr_space(data_len, pad);
148 u8 *opt = skb_put(skb, space);
149
150 opt[0] = type;
151 opt[1] = space>>3;
152
153 memset(opt + 2, 0, pad);
154 opt += pad;
155 space -= pad;
156
157 memcpy(opt+2, data, data_len);
158 data_len += 2;
159 opt += data_len;
160 space -= data_len;
161 if (space > 0)
162 memset(opt, 0, space);
163 }
164 EXPORT_SYMBOL_GPL(__ndisc_fill_addr_option);
165
ndisc_fill_addr_option(struct sk_buff * skb,int type,void * data,u8 icmp6_type)166 static inline void ndisc_fill_addr_option(struct sk_buff *skb, int type,
167 void *data, u8 icmp6_type)
168 {
169 __ndisc_fill_addr_option(skb, type, data, skb->dev->addr_len,
170 ndisc_addr_option_pad(skb->dev->type));
171 ndisc_ops_fill_addr_option(skb->dev, skb, icmp6_type);
172 }
173
ndisc_fill_redirect_addr_option(struct sk_buff * skb,void * ha,const u8 * ops_data)174 static inline void ndisc_fill_redirect_addr_option(struct sk_buff *skb,
175 void *ha,
176 const u8 *ops_data)
177 {
178 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR, ha, NDISC_REDIRECT);
179 ndisc_ops_fill_redirect_addr_option(skb->dev, skb, ops_data);
180 }
181
ndisc_next_option(struct nd_opt_hdr * cur,struct nd_opt_hdr * end)182 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
183 struct nd_opt_hdr *end)
184 {
185 int type;
186 if (!cur || !end || cur >= end)
187 return NULL;
188 type = cur->nd_opt_type;
189 do {
190 cur = ((void *)cur) + (cur->nd_opt_len << 3);
191 } while (cur < end && cur->nd_opt_type != type);
192 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
193 }
194
ndisc_is_useropt(const struct net_device * dev,struct nd_opt_hdr * opt)195 static inline int ndisc_is_useropt(const struct net_device *dev,
196 struct nd_opt_hdr *opt)
197 {
198 return opt->nd_opt_type == ND_OPT_RDNSS ||
199 opt->nd_opt_type == ND_OPT_DNSSL ||
200 ndisc_ops_is_useropt(dev, opt->nd_opt_type);
201 }
202
ndisc_next_useropt(const struct net_device * dev,struct nd_opt_hdr * cur,struct nd_opt_hdr * end)203 static struct nd_opt_hdr *ndisc_next_useropt(const struct net_device *dev,
204 struct nd_opt_hdr *cur,
205 struct nd_opt_hdr *end)
206 {
207 if (!cur || !end || cur >= end)
208 return NULL;
209 do {
210 cur = ((void *)cur) + (cur->nd_opt_len << 3);
211 } while (cur < end && !ndisc_is_useropt(dev, cur));
212 return cur <= end && ndisc_is_useropt(dev, cur) ? cur : NULL;
213 }
214
ndisc_parse_options(const struct net_device * dev,u8 * opt,int opt_len,struct ndisc_options * ndopts)215 struct ndisc_options *ndisc_parse_options(const struct net_device *dev,
216 u8 *opt, int opt_len,
217 struct ndisc_options *ndopts)
218 {
219 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
220
221 if (!nd_opt || opt_len < 0 || !ndopts)
222 return NULL;
223 memset(ndopts, 0, sizeof(*ndopts));
224 while (opt_len) {
225 int l;
226 if (opt_len < sizeof(struct nd_opt_hdr))
227 return NULL;
228 l = nd_opt->nd_opt_len << 3;
229 if (opt_len < l || l == 0)
230 return NULL;
231 if (ndisc_ops_parse_options(dev, nd_opt, ndopts))
232 goto next_opt;
233 switch (nd_opt->nd_opt_type) {
234 case ND_OPT_SOURCE_LL_ADDR:
235 case ND_OPT_TARGET_LL_ADDR:
236 case ND_OPT_MTU:
237 case ND_OPT_NONCE:
238 case ND_OPT_REDIRECT_HDR:
239 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
240 ND_PRINTK(2, warn,
241 "%s: duplicated ND6 option found: type=%d\n",
242 __func__, nd_opt->nd_opt_type);
243 } else {
244 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
245 }
246 break;
247 case ND_OPT_PREFIX_INFO:
248 ndopts->nd_opts_pi_end = nd_opt;
249 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
250 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
251 break;
252 #ifdef CONFIG_IPV6_ROUTE_INFO
253 case ND_OPT_ROUTE_INFO:
254 ndopts->nd_opts_ri_end = nd_opt;
255 if (!ndopts->nd_opts_ri)
256 ndopts->nd_opts_ri = nd_opt;
257 break;
258 #endif
259 default:
260 if (ndisc_is_useropt(dev, nd_opt)) {
261 ndopts->nd_useropts_end = nd_opt;
262 if (!ndopts->nd_useropts)
263 ndopts->nd_useropts = nd_opt;
264 } else {
265 /*
266 * Unknown options must be silently ignored,
267 * to accommodate future extension to the
268 * protocol.
269 */
270 ND_PRINTK(2, notice,
271 "%s: ignored unsupported option; type=%d, len=%d\n",
272 __func__,
273 nd_opt->nd_opt_type,
274 nd_opt->nd_opt_len);
275 }
276 }
277 next_opt:
278 opt_len -= l;
279 nd_opt = ((void *)nd_opt) + l;
280 }
281 return ndopts;
282 }
283
ndisc_mc_map(const struct in6_addr * addr,char * buf,struct net_device * dev,int dir)284 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
285 {
286 switch (dev->type) {
287 case ARPHRD_ETHER:
288 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
289 case ARPHRD_FDDI:
290 ipv6_eth_mc_map(addr, buf);
291 return 0;
292 case ARPHRD_ARCNET:
293 ipv6_arcnet_mc_map(addr, buf);
294 return 0;
295 case ARPHRD_INFINIBAND:
296 ipv6_ib_mc_map(addr, dev->broadcast, buf);
297 return 0;
298 case ARPHRD_IPGRE:
299 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
300 default:
301 if (dir) {
302 memcpy(buf, dev->broadcast, dev->addr_len);
303 return 0;
304 }
305 }
306 return -EINVAL;
307 }
308 EXPORT_SYMBOL(ndisc_mc_map);
309
ndisc_hash(const void * pkey,const struct net_device * dev,__u32 * hash_rnd)310 static u32 ndisc_hash(const void *pkey,
311 const struct net_device *dev,
312 __u32 *hash_rnd)
313 {
314 return ndisc_hashfn(pkey, dev, hash_rnd);
315 }
316
ndisc_key_eq(const struct neighbour * n,const void * pkey)317 static bool ndisc_key_eq(const struct neighbour *n, const void *pkey)
318 {
319 return neigh_key_eq128(n, pkey);
320 }
321
ndisc_constructor(struct neighbour * neigh)322 static int ndisc_constructor(struct neighbour *neigh)
323 {
324 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
325 struct net_device *dev = neigh->dev;
326 struct inet6_dev *in6_dev;
327 struct neigh_parms *parms;
328 bool is_multicast = ipv6_addr_is_multicast(addr);
329
330 in6_dev = in6_dev_get(dev);
331 if (!in6_dev) {
332 return -EINVAL;
333 }
334
335 parms = in6_dev->nd_parms;
336 __neigh_parms_put(neigh->parms);
337 neigh->parms = neigh_parms_clone(parms);
338
339 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
340 if (!dev->header_ops) {
341 neigh->nud_state = NUD_NOARP;
342 neigh->ops = &ndisc_direct_ops;
343 neigh->output = neigh_direct_output;
344 } else {
345 if (is_multicast) {
346 neigh->nud_state = NUD_NOARP;
347 ndisc_mc_map(addr, neigh->ha, dev, 1);
348 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
349 neigh->nud_state = NUD_NOARP;
350 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
351 if (dev->flags&IFF_LOOPBACK)
352 neigh->type = RTN_LOCAL;
353 } else if (dev->flags&IFF_POINTOPOINT) {
354 neigh->nud_state = NUD_NOARP;
355 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
356 }
357 if (dev->header_ops->cache)
358 neigh->ops = &ndisc_hh_ops;
359 else
360 neigh->ops = &ndisc_generic_ops;
361 if (neigh->nud_state&NUD_VALID)
362 neigh->output = neigh->ops->connected_output;
363 else
364 neigh->output = neigh->ops->output;
365 }
366 in6_dev_put(in6_dev);
367 return 0;
368 }
369
pndisc_constructor(struct pneigh_entry * n)370 static int pndisc_constructor(struct pneigh_entry *n)
371 {
372 struct in6_addr *addr = (struct in6_addr *)&n->key;
373 struct in6_addr maddr;
374 struct net_device *dev = n->dev;
375
376 if (!dev || !__in6_dev_get(dev))
377 return -EINVAL;
378 addrconf_addr_solict_mult(addr, &maddr);
379 ipv6_dev_mc_inc(dev, &maddr);
380 return 0;
381 }
382
pndisc_destructor(struct pneigh_entry * n)383 static void pndisc_destructor(struct pneigh_entry *n)
384 {
385 struct in6_addr *addr = (struct in6_addr *)&n->key;
386 struct in6_addr maddr;
387 struct net_device *dev = n->dev;
388
389 if (!dev || !__in6_dev_get(dev))
390 return;
391 addrconf_addr_solict_mult(addr, &maddr);
392 ipv6_dev_mc_dec(dev, &maddr);
393 }
394
ndisc_alloc_skb(struct net_device * dev,int len)395 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
396 int len)
397 {
398 int hlen = LL_RESERVED_SPACE(dev);
399 int tlen = dev->needed_tailroom;
400 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
401 struct sk_buff *skb;
402
403 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
404 if (!skb) {
405 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
406 __func__);
407 return NULL;
408 }
409
410 skb->protocol = htons(ETH_P_IPV6);
411 skb->dev = dev;
412
413 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
414 skb_reset_transport_header(skb);
415
416 /* Manually assign socket ownership as we avoid calling
417 * sock_alloc_send_pskb() to bypass wmem buffer limits
418 */
419 skb_set_owner_w(skb, sk);
420
421 return skb;
422 }
423
ip6_nd_hdr(struct sk_buff * skb,const struct in6_addr * saddr,const struct in6_addr * daddr,int hop_limit,int len)424 static void ip6_nd_hdr(struct sk_buff *skb,
425 const struct in6_addr *saddr,
426 const struct in6_addr *daddr,
427 int hop_limit, int len)
428 {
429 struct ipv6hdr *hdr;
430 struct inet6_dev *idev;
431 unsigned tclass;
432
433 rcu_read_lock();
434 idev = __in6_dev_get(skb->dev);
435 tclass = idev ? idev->cnf.ndisc_tclass : 0;
436 rcu_read_unlock();
437
438 skb_push(skb, sizeof(*hdr));
439 skb_reset_network_header(skb);
440 hdr = ipv6_hdr(skb);
441
442 ip6_flow_hdr(hdr, tclass, 0);
443
444 hdr->payload_len = htons(len);
445 hdr->nexthdr = IPPROTO_ICMPV6;
446 hdr->hop_limit = hop_limit;
447
448 hdr->saddr = *saddr;
449 hdr->daddr = *daddr;
450 }
451
ndisc_send_skb(struct sk_buff * skb,const struct in6_addr * daddr,const struct in6_addr * saddr)452 static void ndisc_send_skb(struct sk_buff *skb,
453 const struct in6_addr *daddr,
454 const struct in6_addr *saddr)
455 {
456 struct dst_entry *dst = skb_dst(skb);
457 struct net *net = dev_net(skb->dev);
458 struct sock *sk = net->ipv6.ndisc_sk;
459 struct inet6_dev *idev;
460 int err;
461 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
462 u8 type;
463
464 type = icmp6h->icmp6_type;
465
466 if (!dst) {
467 struct flowi6 fl6;
468 int oif = skb->dev->ifindex;
469
470 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, oif);
471 dst = icmp6_dst_alloc(skb->dev, &fl6);
472 if (IS_ERR(dst)) {
473 kfree_skb(skb);
474 return;
475 }
476
477 skb_dst_set(skb, dst);
478 }
479
480 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
481 IPPROTO_ICMPV6,
482 csum_partial(icmp6h,
483 skb->len, 0));
484
485 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
486
487 rcu_read_lock();
488 idev = __in6_dev_get(dst->dev);
489 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
490
491 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
492 net, sk, skb, NULL, dst->dev,
493 dst_output);
494 if (!err) {
495 ICMP6MSGOUT_INC_STATS(net, idev, type);
496 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
497 }
498
499 rcu_read_unlock();
500 }
501
ndisc_send_na(struct net_device * dev,const struct in6_addr * daddr,const struct in6_addr * solicited_addr,bool router,bool solicited,bool override,bool inc_opt)502 void ndisc_send_na(struct net_device *dev, const struct in6_addr *daddr,
503 const struct in6_addr *solicited_addr,
504 bool router, bool solicited, bool override, bool inc_opt)
505 {
506 struct sk_buff *skb;
507 struct in6_addr tmpaddr;
508 struct inet6_ifaddr *ifp;
509 const struct in6_addr *src_addr;
510 struct nd_msg *msg;
511 int optlen = 0;
512
513 /* for anycast or proxy, solicited_addr != src_addr */
514 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
515 if (ifp) {
516 src_addr = solicited_addr;
517 if (ifp->flags & IFA_F_OPTIMISTIC)
518 override = false;
519 inc_opt |= ifp->idev->cnf.force_tllao;
520 in6_ifa_put(ifp);
521 } else {
522 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
523 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
524 &tmpaddr))
525 return;
526 src_addr = &tmpaddr;
527 }
528
529 if (!dev->addr_len)
530 inc_opt = false;
531 if (inc_opt)
532 optlen += ndisc_opt_addr_space(dev,
533 NDISC_NEIGHBOUR_ADVERTISEMENT);
534
535 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
536 if (!skb)
537 return;
538
539 msg = skb_put(skb, sizeof(*msg));
540 *msg = (struct nd_msg) {
541 .icmph = {
542 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
543 .icmp6_router = router,
544 .icmp6_solicited = solicited,
545 .icmp6_override = override,
546 },
547 .target = *solicited_addr,
548 };
549
550 if (inc_opt)
551 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
552 dev->dev_addr,
553 NDISC_NEIGHBOUR_ADVERTISEMENT);
554
555 ndisc_send_skb(skb, daddr, src_addr);
556 }
557
ndisc_send_unsol_na(struct net_device * dev)558 static void ndisc_send_unsol_na(struct net_device *dev)
559 {
560 struct inet6_dev *idev;
561 struct inet6_ifaddr *ifa;
562
563 idev = in6_dev_get(dev);
564 if (!idev)
565 return;
566
567 read_lock_bh(&idev->lock);
568 list_for_each_entry(ifa, &idev->addr_list, if_list) {
569 /* skip tentative addresses until dad completes */
570 if (ifa->flags & IFA_F_TENTATIVE &&
571 !(ifa->flags & IFA_F_OPTIMISTIC))
572 continue;
573
574 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &ifa->addr,
575 /*router=*/ !!idev->cnf.forwarding,
576 /*solicited=*/ false, /*override=*/ true,
577 /*inc_opt=*/ true);
578 }
579 read_unlock_bh(&idev->lock);
580
581 in6_dev_put(idev);
582 }
583
ndisc_send_ns(struct net_device * dev,const struct in6_addr * solicit,const struct in6_addr * daddr,const struct in6_addr * saddr,u64 nonce)584 void ndisc_send_ns(struct net_device *dev, const struct in6_addr *solicit,
585 const struct in6_addr *daddr, const struct in6_addr *saddr,
586 u64 nonce)
587 {
588 struct sk_buff *skb;
589 struct in6_addr addr_buf;
590 int inc_opt = dev->addr_len;
591 int optlen = 0;
592 struct nd_msg *msg;
593
594 if (!saddr) {
595 if (ipv6_get_lladdr(dev, &addr_buf,
596 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
597 return;
598 saddr = &addr_buf;
599 }
600
601 if (ipv6_addr_any(saddr))
602 inc_opt = false;
603 if (inc_opt)
604 optlen += ndisc_opt_addr_space(dev,
605 NDISC_NEIGHBOUR_SOLICITATION);
606 if (nonce != 0)
607 optlen += 8;
608
609 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
610 if (!skb)
611 return;
612
613 msg = skb_put(skb, sizeof(*msg));
614 *msg = (struct nd_msg) {
615 .icmph = {
616 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
617 },
618 .target = *solicit,
619 };
620
621 if (inc_opt)
622 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
623 dev->dev_addr,
624 NDISC_NEIGHBOUR_SOLICITATION);
625 if (nonce != 0) {
626 u8 *opt = skb_put(skb, 8);
627
628 opt[0] = ND_OPT_NONCE;
629 opt[1] = 8 >> 3;
630 memcpy(opt + 2, &nonce, 6);
631 }
632
633 ndisc_send_skb(skb, daddr, saddr);
634 }
635
ndisc_send_rs(struct net_device * dev,const struct in6_addr * saddr,const struct in6_addr * daddr)636 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
637 const struct in6_addr *daddr)
638 {
639 struct sk_buff *skb;
640 struct rs_msg *msg;
641 int send_sllao = dev->addr_len;
642 int optlen = 0;
643
644 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
645 /*
646 * According to section 2.2 of RFC 4429, we must not
647 * send router solicitations with a sllao from
648 * optimistic addresses, but we may send the solicitation
649 * if we don't include the sllao. So here we check
650 * if our address is optimistic, and if so, we
651 * suppress the inclusion of the sllao.
652 */
653 if (send_sllao) {
654 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
655 dev, 1);
656 if (ifp) {
657 if (ifp->flags & IFA_F_OPTIMISTIC) {
658 send_sllao = 0;
659 }
660 in6_ifa_put(ifp);
661 } else {
662 send_sllao = 0;
663 }
664 }
665 #endif
666 if (send_sllao)
667 optlen += ndisc_opt_addr_space(dev, NDISC_ROUTER_SOLICITATION);
668
669 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
670 if (!skb)
671 return;
672
673 msg = skb_put(skb, sizeof(*msg));
674 *msg = (struct rs_msg) {
675 .icmph = {
676 .icmp6_type = NDISC_ROUTER_SOLICITATION,
677 },
678 };
679
680 if (send_sllao)
681 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
682 dev->dev_addr,
683 NDISC_ROUTER_SOLICITATION);
684
685 ndisc_send_skb(skb, daddr, saddr);
686 }
687
688
ndisc_error_report(struct neighbour * neigh,struct sk_buff * skb)689 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
690 {
691 /*
692 * "The sender MUST return an ICMP
693 * destination unreachable"
694 */
695 dst_link_failure(skb);
696 kfree_skb(skb);
697 }
698
699 /* Called with locked neigh: either read or both */
700
ndisc_solicit(struct neighbour * neigh,struct sk_buff * skb)701 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
702 {
703 struct in6_addr *saddr = NULL;
704 struct in6_addr mcaddr;
705 struct net_device *dev = neigh->dev;
706 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
707 int probes = atomic_read(&neigh->probes);
708
709 if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
710 dev, false, 1,
711 IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
712 saddr = &ipv6_hdr(skb)->saddr;
713 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
714 if (probes < 0) {
715 if (!(neigh->nud_state & NUD_VALID)) {
716 ND_PRINTK(1, dbg,
717 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
718 __func__, target);
719 }
720 ndisc_send_ns(dev, target, target, saddr, 0);
721 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
722 neigh_app_ns(neigh);
723 } else {
724 addrconf_addr_solict_mult(target, &mcaddr);
725 ndisc_send_ns(dev, target, &mcaddr, saddr, 0);
726 }
727 }
728
pndisc_is_router(const void * pkey,struct net_device * dev)729 static int pndisc_is_router(const void *pkey,
730 struct net_device *dev)
731 {
732 struct pneigh_entry *n;
733 int ret = -1;
734
735 read_lock_bh(&nd_tbl.lock);
736 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
737 if (n)
738 ret = !!(n->flags & NTF_ROUTER);
739 read_unlock_bh(&nd_tbl.lock);
740
741 return ret;
742 }
743
ndisc_update(const struct net_device * dev,struct neighbour * neigh,const u8 * lladdr,u8 new,u32 flags,u8 icmp6_type,struct ndisc_options * ndopts)744 void ndisc_update(const struct net_device *dev, struct neighbour *neigh,
745 const u8 *lladdr, u8 new, u32 flags, u8 icmp6_type,
746 struct ndisc_options *ndopts)
747 {
748 neigh_update(neigh, lladdr, new, flags, 0);
749 /* report ndisc ops about neighbour update */
750 ndisc_ops_update(dev, neigh, flags, icmp6_type, ndopts);
751 }
752
ndisc_recv_ns(struct sk_buff * skb)753 static void ndisc_recv_ns(struct sk_buff *skb)
754 {
755 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
756 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
757 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
758 u8 *lladdr = NULL;
759 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
760 offsetof(struct nd_msg, opt));
761 struct ndisc_options ndopts;
762 struct net_device *dev = skb->dev;
763 struct inet6_ifaddr *ifp;
764 struct inet6_dev *idev = NULL;
765 struct neighbour *neigh;
766 int dad = ipv6_addr_any(saddr);
767 bool inc;
768 int is_router = -1;
769 u64 nonce = 0;
770
771 if (skb->len < sizeof(struct nd_msg)) {
772 ND_PRINTK(2, warn, "NS: packet too short\n");
773 return;
774 }
775
776 if (ipv6_addr_is_multicast(&msg->target)) {
777 ND_PRINTK(2, warn, "NS: multicast target address\n");
778 return;
779 }
780
781 /*
782 * RFC2461 7.1.1:
783 * DAD has to be destined for solicited node multicast address.
784 */
785 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
786 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
787 return;
788 }
789
790 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
791 ND_PRINTK(2, warn, "NS: invalid ND options\n");
792 return;
793 }
794
795 if (ndopts.nd_opts_src_lladdr) {
796 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
797 if (!lladdr) {
798 ND_PRINTK(2, warn,
799 "NS: invalid link-layer address length\n");
800 return;
801 }
802
803 /* RFC2461 7.1.1:
804 * If the IP source address is the unspecified address,
805 * there MUST NOT be source link-layer address option
806 * in the message.
807 */
808 if (dad) {
809 ND_PRINTK(2, warn,
810 "NS: bad DAD packet (link-layer address option)\n");
811 return;
812 }
813 }
814 if (ndopts.nd_opts_nonce && ndopts.nd_opts_nonce->nd_opt_len == 1)
815 memcpy(&nonce, (u8 *)(ndopts.nd_opts_nonce + 1), 6);
816
817 inc = ipv6_addr_is_multicast(daddr);
818
819 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
820 if (ifp) {
821 have_ifp:
822 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
823 if (dad) {
824 if (nonce != 0 && ifp->dad_nonce == nonce) {
825 u8 *np = (u8 *)&nonce;
826 /* Matching nonce if looped back */
827 ND_PRINTK(2, notice,
828 "%s: IPv6 DAD loopback for address %pI6c nonce %pM ignored\n",
829 ifp->idev->dev->name,
830 &ifp->addr, np);
831 goto out;
832 }
833 /*
834 * We are colliding with another node
835 * who is doing DAD
836 * so fail our DAD process
837 */
838 addrconf_dad_failure(skb, ifp);
839 return;
840 } else {
841 /*
842 * This is not a dad solicitation.
843 * If we are an optimistic node,
844 * we should respond.
845 * Otherwise, we should ignore it.
846 */
847 if (!(ifp->flags & IFA_F_OPTIMISTIC))
848 goto out;
849 }
850 }
851
852 idev = ifp->idev;
853 } else {
854 struct net *net = dev_net(dev);
855
856 /* perhaps an address on the master device */
857 if (netif_is_l3_slave(dev)) {
858 struct net_device *mdev;
859
860 mdev = netdev_master_upper_dev_get_rcu(dev);
861 if (mdev) {
862 ifp = ipv6_get_ifaddr(net, &msg->target, mdev, 1);
863 if (ifp)
864 goto have_ifp;
865 }
866 }
867
868 idev = in6_dev_get(dev);
869 if (!idev) {
870 /* XXX: count this drop? */
871 return;
872 }
873
874 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
875 (idev->cnf.forwarding &&
876 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
877 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
878 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
879 skb->pkt_type != PACKET_HOST &&
880 inc &&
881 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
882 /*
883 * for anycast or proxy,
884 * sender should delay its response
885 * by a random time between 0 and
886 * MAX_ANYCAST_DELAY_TIME seconds.
887 * (RFC2461) -- yoshfuji
888 */
889 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
890 if (n)
891 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
892 goto out;
893 }
894 } else
895 goto out;
896 }
897
898 if (is_router < 0)
899 is_router = idev->cnf.forwarding;
900
901 if (dad) {
902 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &msg->target,
903 !!is_router, false, (ifp != NULL), true);
904 goto out;
905 }
906
907 if (inc)
908 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
909 else
910 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
911
912 /*
913 * update / create cache entry
914 * for the source address
915 */
916 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
917 !inc || lladdr || !dev->addr_len);
918 if (neigh)
919 ndisc_update(dev, neigh, lladdr, NUD_STALE,
920 NEIGH_UPDATE_F_WEAK_OVERRIDE|
921 NEIGH_UPDATE_F_OVERRIDE,
922 NDISC_NEIGHBOUR_SOLICITATION, &ndopts);
923 if (neigh || !dev->header_ops) {
924 ndisc_send_na(dev, saddr, &msg->target, !!is_router,
925 true, (ifp != NULL && inc), inc);
926 if (neigh)
927 neigh_release(neigh);
928 }
929
930 out:
931 if (ifp)
932 in6_ifa_put(ifp);
933 else
934 in6_dev_put(idev);
935 }
936
ndisc_recv_na(struct sk_buff * skb)937 static void ndisc_recv_na(struct sk_buff *skb)
938 {
939 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
940 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
941 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
942 u8 *lladdr = NULL;
943 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
944 offsetof(struct nd_msg, opt));
945 struct ndisc_options ndopts;
946 struct net_device *dev = skb->dev;
947 struct inet6_dev *idev = __in6_dev_get(dev);
948 struct inet6_ifaddr *ifp;
949 struct neighbour *neigh;
950
951 if (skb->len < sizeof(struct nd_msg)) {
952 ND_PRINTK(2, warn, "NA: packet too short\n");
953 return;
954 }
955
956 if (ipv6_addr_is_multicast(&msg->target)) {
957 ND_PRINTK(2, warn, "NA: target address is multicast\n");
958 return;
959 }
960
961 if (ipv6_addr_is_multicast(daddr) &&
962 msg->icmph.icmp6_solicited) {
963 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
964 return;
965 }
966
967 /* For some 802.11 wireless deployments (and possibly other networks),
968 * there will be a NA proxy and unsolicitd packets are attacks
969 * and thus should not be accepted.
970 */
971 if (!msg->icmph.icmp6_solicited && idev &&
972 idev->cnf.drop_unsolicited_na)
973 return;
974
975 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
976 ND_PRINTK(2, warn, "NS: invalid ND option\n");
977 return;
978 }
979 if (ndopts.nd_opts_tgt_lladdr) {
980 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
981 if (!lladdr) {
982 ND_PRINTK(2, warn,
983 "NA: invalid link-layer address length\n");
984 return;
985 }
986 }
987 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
988 if (ifp) {
989 if (skb->pkt_type != PACKET_LOOPBACK
990 && (ifp->flags & IFA_F_TENTATIVE)) {
991 addrconf_dad_failure(skb, ifp);
992 return;
993 }
994 /* What should we make now? The advertisement
995 is invalid, but ndisc specs say nothing
996 about it. It could be misconfiguration, or
997 an smart proxy agent tries to help us :-)
998
999 We should not print the error if NA has been
1000 received from loopback - it is just our own
1001 unsolicited advertisement.
1002 */
1003 if (skb->pkt_type != PACKET_LOOPBACK)
1004 ND_PRINTK(1, warn,
1005 "NA: %pM advertised our address %pI6c on %s!\n",
1006 eth_hdr(skb)->h_source, &ifp->addr, ifp->idev->dev->name);
1007 in6_ifa_put(ifp);
1008 return;
1009 }
1010 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
1011
1012 if (neigh) {
1013 u8 old_flags = neigh->flags;
1014 struct net *net = dev_net(dev);
1015
1016 if (neigh->nud_state & NUD_FAILED)
1017 goto out;
1018
1019 /*
1020 * Don't update the neighbor cache entry on a proxy NA from
1021 * ourselves because either the proxied node is off link or it
1022 * has already sent a NA to us.
1023 */
1024 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
1025 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
1026 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
1027 /* XXX: idev->cnf.proxy_ndp */
1028 goto out;
1029 }
1030
1031 ndisc_update(dev, neigh, lladdr,
1032 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
1033 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1034 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
1035 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1036 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0),
1037 NDISC_NEIGHBOUR_ADVERTISEMENT, &ndopts);
1038
1039 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
1040 /*
1041 * Change: router to host
1042 */
1043 rt6_clean_tohost(dev_net(dev), saddr);
1044 }
1045
1046 out:
1047 neigh_release(neigh);
1048 }
1049 }
1050
ndisc_recv_rs(struct sk_buff * skb)1051 static void ndisc_recv_rs(struct sk_buff *skb)
1052 {
1053 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1054 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1055 struct neighbour *neigh;
1056 struct inet6_dev *idev;
1057 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1058 struct ndisc_options ndopts;
1059 u8 *lladdr = NULL;
1060
1061 if (skb->len < sizeof(*rs_msg))
1062 return;
1063
1064 idev = __in6_dev_get(skb->dev);
1065 if (!idev) {
1066 ND_PRINTK(1, err, "RS: can't find in6 device\n");
1067 return;
1068 }
1069
1070 /* Don't accept RS if we're not in router mode */
1071 if (!idev->cnf.forwarding)
1072 goto out;
1073
1074 /*
1075 * Don't update NCE if src = ::;
1076 * this implies that the source node has no ip address assigned yet.
1077 */
1078 if (ipv6_addr_any(saddr))
1079 goto out;
1080
1081 /* Parse ND options */
1082 if (!ndisc_parse_options(skb->dev, rs_msg->opt, ndoptlen, &ndopts)) {
1083 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
1084 goto out;
1085 }
1086
1087 if (ndopts.nd_opts_src_lladdr) {
1088 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1089 skb->dev);
1090 if (!lladdr)
1091 goto out;
1092 }
1093
1094 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1095 if (neigh) {
1096 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1097 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1098 NEIGH_UPDATE_F_OVERRIDE|
1099 NEIGH_UPDATE_F_OVERRIDE_ISROUTER,
1100 NDISC_ROUTER_SOLICITATION, &ndopts);
1101 neigh_release(neigh);
1102 }
1103 out:
1104 return;
1105 }
1106
ndisc_ra_useropt(struct sk_buff * ra,struct nd_opt_hdr * opt)1107 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1108 {
1109 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1110 struct sk_buff *skb;
1111 struct nlmsghdr *nlh;
1112 struct nduseroptmsg *ndmsg;
1113 struct net *net = dev_net(ra->dev);
1114 int err;
1115 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1116 + (opt->nd_opt_len << 3));
1117 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1118
1119 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1120 if (!skb) {
1121 err = -ENOBUFS;
1122 goto errout;
1123 }
1124
1125 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1126 if (!nlh) {
1127 goto nla_put_failure;
1128 }
1129
1130 ndmsg = nlmsg_data(nlh);
1131 ndmsg->nduseropt_family = AF_INET6;
1132 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1133 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1134 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1135 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1136
1137 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1138
1139 if (nla_put_in6_addr(skb, NDUSEROPT_SRCADDR, &ipv6_hdr(ra)->saddr))
1140 goto nla_put_failure;
1141 nlmsg_end(skb, nlh);
1142
1143 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1144 return;
1145
1146 nla_put_failure:
1147 nlmsg_free(skb);
1148 err = -EMSGSIZE;
1149 errout:
1150 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1151 }
1152
ndisc_router_discovery(struct sk_buff * skb)1153 static void ndisc_router_discovery(struct sk_buff *skb)
1154 {
1155 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1156 struct neighbour *neigh = NULL;
1157 struct inet6_dev *in6_dev;
1158 struct fib6_info *rt = NULL;
1159 struct net *net;
1160 int lifetime;
1161 struct ndisc_options ndopts;
1162 int optlen;
1163 unsigned int pref = 0;
1164 __u32 old_if_flags;
1165 bool send_ifinfo_notify = false;
1166
1167 __u8 *opt = (__u8 *)(ra_msg + 1);
1168
1169 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1170 sizeof(struct ra_msg);
1171
1172 ND_PRINTK(2, info,
1173 "RA: %s, dev: %s\n",
1174 __func__, skb->dev->name);
1175 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1176 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1177 return;
1178 }
1179 if (optlen < 0) {
1180 ND_PRINTK(2, warn, "RA: packet too short\n");
1181 return;
1182 }
1183
1184 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1185 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1186 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1187 return;
1188 }
1189 #endif
1190
1191 /*
1192 * set the RA_RECV flag in the interface
1193 */
1194
1195 in6_dev = __in6_dev_get(skb->dev);
1196 if (!in6_dev) {
1197 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1198 skb->dev->name);
1199 return;
1200 }
1201
1202 if (!ndisc_parse_options(skb->dev, opt, optlen, &ndopts)) {
1203 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1204 return;
1205 }
1206
1207 if (!ipv6_accept_ra(in6_dev)) {
1208 ND_PRINTK(2, info,
1209 "RA: %s, did not accept ra for dev: %s\n",
1210 __func__, skb->dev->name);
1211 goto skip_linkparms;
1212 }
1213
1214 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1215 /* skip link-specific parameters from interior routers */
1216 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1217 ND_PRINTK(2, info,
1218 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1219 __func__, skb->dev->name);
1220 goto skip_linkparms;
1221 }
1222 #endif
1223
1224 if (in6_dev->if_flags & IF_RS_SENT) {
1225 /*
1226 * flag that an RA was received after an RS was sent
1227 * out on this interface.
1228 */
1229 in6_dev->if_flags |= IF_RA_RCVD;
1230 }
1231
1232 /*
1233 * Remember the managed/otherconf flags from most recently
1234 * received RA message (RFC 2462) -- yoshfuji
1235 */
1236 old_if_flags = in6_dev->if_flags;
1237 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1238 IF_RA_OTHERCONF)) |
1239 (ra_msg->icmph.icmp6_addrconf_managed ?
1240 IF_RA_MANAGED : 0) |
1241 (ra_msg->icmph.icmp6_addrconf_other ?
1242 IF_RA_OTHERCONF : 0);
1243
1244 if (old_if_flags != in6_dev->if_flags)
1245 send_ifinfo_notify = true;
1246
1247 if (!in6_dev->cnf.accept_ra_defrtr) {
1248 ND_PRINTK(2, info,
1249 "RA: %s, defrtr is false for dev: %s\n",
1250 __func__, skb->dev->name);
1251 goto skip_defrtr;
1252 }
1253
1254 /* Do not accept RA with source-addr found on local machine unless
1255 * accept_ra_from_local is set to true.
1256 */
1257 net = dev_net(in6_dev->dev);
1258 if (!in6_dev->cnf.accept_ra_from_local &&
1259 ipv6_chk_addr(net, &ipv6_hdr(skb)->saddr, in6_dev->dev, 0)) {
1260 ND_PRINTK(2, info,
1261 "RA from local address detected on dev: %s: default router ignored\n",
1262 skb->dev->name);
1263 goto skip_defrtr;
1264 }
1265
1266 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1267
1268 #ifdef CONFIG_IPV6_ROUTER_PREF
1269 pref = ra_msg->icmph.icmp6_router_pref;
1270 /* 10b is handled as if it were 00b (medium) */
1271 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1272 !in6_dev->cnf.accept_ra_rtr_pref)
1273 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1274 #endif
1275
1276 rt = rt6_get_dflt_router(net, &ipv6_hdr(skb)->saddr, skb->dev);
1277
1278 if (rt) {
1279 neigh = ip6_neigh_lookup(&rt->fib6_nh.nh_gw,
1280 rt->fib6_nh.nh_dev, NULL,
1281 &ipv6_hdr(skb)->saddr);
1282 if (!neigh) {
1283 ND_PRINTK(0, err,
1284 "RA: %s got default router without neighbour\n",
1285 __func__);
1286 fib6_info_release(rt);
1287 return;
1288 }
1289 }
1290 if (rt && lifetime == 0) {
1291 ip6_del_rt(net, rt);
1292 rt = NULL;
1293 }
1294
1295 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1296 rt, lifetime, skb->dev->name);
1297 if (!rt && lifetime) {
1298 ND_PRINTK(3, info, "RA: adding default router\n");
1299
1300 rt = rt6_add_dflt_router(net, &ipv6_hdr(skb)->saddr,
1301 skb->dev, pref);
1302 if (!rt) {
1303 ND_PRINTK(0, err,
1304 "RA: %s failed to add default route\n",
1305 __func__);
1306 return;
1307 }
1308
1309 neigh = ip6_neigh_lookup(&rt->fib6_nh.nh_gw,
1310 rt->fib6_nh.nh_dev, NULL,
1311 &ipv6_hdr(skb)->saddr);
1312 if (!neigh) {
1313 ND_PRINTK(0, err,
1314 "RA: %s got default router without neighbour\n",
1315 __func__);
1316 fib6_info_release(rt);
1317 return;
1318 }
1319 neigh->flags |= NTF_ROUTER;
1320 } else if (rt) {
1321 rt->fib6_flags = (rt->fib6_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1322 }
1323
1324 if (rt)
1325 fib6_set_expires(rt, jiffies + (HZ * lifetime));
1326 if (in6_dev->cnf.accept_ra_min_hop_limit < 256 &&
1327 ra_msg->icmph.icmp6_hop_limit) {
1328 if (in6_dev->cnf.accept_ra_min_hop_limit <= ra_msg->icmph.icmp6_hop_limit) {
1329 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1330 fib6_metric_set(rt, RTAX_HOPLIMIT,
1331 ra_msg->icmph.icmp6_hop_limit);
1332 } else {
1333 ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than minimum\n");
1334 }
1335 }
1336
1337 skip_defrtr:
1338
1339 /*
1340 * Update Reachable Time and Retrans Timer
1341 */
1342
1343 if (in6_dev->nd_parms) {
1344 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1345
1346 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1347 rtime = (rtime*HZ)/1000;
1348 if (rtime < HZ/10)
1349 rtime = HZ/10;
1350 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1351 in6_dev->tstamp = jiffies;
1352 send_ifinfo_notify = true;
1353 }
1354
1355 rtime = ntohl(ra_msg->reachable_time);
1356 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1357 rtime = (rtime*HZ)/1000;
1358
1359 if (rtime < HZ/10)
1360 rtime = HZ/10;
1361
1362 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1363 NEIGH_VAR_SET(in6_dev->nd_parms,
1364 BASE_REACHABLE_TIME, rtime);
1365 NEIGH_VAR_SET(in6_dev->nd_parms,
1366 GC_STALETIME, 3 * rtime);
1367 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1368 in6_dev->tstamp = jiffies;
1369 send_ifinfo_notify = true;
1370 }
1371 }
1372 }
1373
1374 /*
1375 * Send a notify if RA changed managed/otherconf flags or timer settings
1376 */
1377 if (send_ifinfo_notify)
1378 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1379
1380 skip_linkparms:
1381
1382 /*
1383 * Process options.
1384 */
1385
1386 if (!neigh)
1387 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1388 skb->dev, 1);
1389 if (neigh) {
1390 u8 *lladdr = NULL;
1391 if (ndopts.nd_opts_src_lladdr) {
1392 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1393 skb->dev);
1394 if (!lladdr) {
1395 ND_PRINTK(2, warn,
1396 "RA: invalid link-layer address length\n");
1397 goto out;
1398 }
1399 }
1400 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1401 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1402 NEIGH_UPDATE_F_OVERRIDE|
1403 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1404 NEIGH_UPDATE_F_ISROUTER,
1405 NDISC_ROUTER_ADVERTISEMENT, &ndopts);
1406 }
1407
1408 if (!ipv6_accept_ra(in6_dev)) {
1409 ND_PRINTK(2, info,
1410 "RA: %s, accept_ra is false for dev: %s\n",
1411 __func__, skb->dev->name);
1412 goto out;
1413 }
1414
1415 #ifdef CONFIG_IPV6_ROUTE_INFO
1416 if (!in6_dev->cnf.accept_ra_from_local &&
1417 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1418 in6_dev->dev, 0)) {
1419 ND_PRINTK(2, info,
1420 "RA from local address detected on dev: %s: router info ignored.\n",
1421 skb->dev->name);
1422 goto skip_routeinfo;
1423 }
1424
1425 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1426 struct nd_opt_hdr *p;
1427 for (p = ndopts.nd_opts_ri;
1428 p;
1429 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1430 struct route_info *ri = (struct route_info *)p;
1431 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1432 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1433 ri->prefix_len == 0)
1434 continue;
1435 #endif
1436 if (ri->prefix_len == 0 &&
1437 !in6_dev->cnf.accept_ra_defrtr)
1438 continue;
1439 if (ri->prefix_len < in6_dev->cnf.accept_ra_rt_info_min_plen)
1440 continue;
1441 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1442 continue;
1443 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1444 &ipv6_hdr(skb)->saddr);
1445 }
1446 }
1447
1448 skip_routeinfo:
1449 #endif
1450
1451 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1452 /* skip link-specific ndopts from interior routers */
1453 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1454 ND_PRINTK(2, info,
1455 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1456 __func__, skb->dev->name);
1457 goto out;
1458 }
1459 #endif
1460
1461 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1462 struct nd_opt_hdr *p;
1463 for (p = ndopts.nd_opts_pi;
1464 p;
1465 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1466 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1467 (p->nd_opt_len) << 3,
1468 ndopts.nd_opts_src_lladdr != NULL);
1469 }
1470 }
1471
1472 if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1473 __be32 n;
1474 u32 mtu;
1475
1476 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1477 mtu = ntohl(n);
1478
1479 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1480 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1481 } else if (in6_dev->cnf.mtu6 != mtu) {
1482 in6_dev->cnf.mtu6 = mtu;
1483 fib6_metric_set(rt, RTAX_MTU, mtu);
1484 rt6_mtu_change(skb->dev, mtu);
1485 }
1486 }
1487
1488 if (ndopts.nd_useropts) {
1489 struct nd_opt_hdr *p;
1490 for (p = ndopts.nd_useropts;
1491 p;
1492 p = ndisc_next_useropt(skb->dev, p,
1493 ndopts.nd_useropts_end)) {
1494 ndisc_ra_useropt(skb, p);
1495 }
1496 }
1497
1498 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1499 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1500 }
1501 out:
1502 fib6_info_release(rt);
1503 if (neigh)
1504 neigh_release(neigh);
1505 }
1506
ndisc_redirect_rcv(struct sk_buff * skb)1507 static void ndisc_redirect_rcv(struct sk_buff *skb)
1508 {
1509 u8 *hdr;
1510 struct ndisc_options ndopts;
1511 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1512 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1513 offsetof(struct rd_msg, opt));
1514
1515 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1516 switch (skb->ndisc_nodetype) {
1517 case NDISC_NODETYPE_HOST:
1518 case NDISC_NODETYPE_NODEFAULT:
1519 ND_PRINTK(2, warn,
1520 "Redirect: from host or unauthorized router\n");
1521 return;
1522 }
1523 #endif
1524
1525 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1526 ND_PRINTK(2, warn,
1527 "Redirect: source address is not link-local\n");
1528 return;
1529 }
1530
1531 if (!ndisc_parse_options(skb->dev, msg->opt, ndoptlen, &ndopts))
1532 return;
1533
1534 if (!ndopts.nd_opts_rh) {
1535 ip6_redirect_no_header(skb, dev_net(skb->dev),
1536 skb->dev->ifindex, 0);
1537 return;
1538 }
1539
1540 hdr = (u8 *)ndopts.nd_opts_rh;
1541 hdr += 8;
1542 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1543 return;
1544
1545 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1546 }
1547
ndisc_fill_redirect_hdr_option(struct sk_buff * skb,struct sk_buff * orig_skb,int rd_len)1548 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1549 struct sk_buff *orig_skb,
1550 int rd_len)
1551 {
1552 u8 *opt = skb_put(skb, rd_len);
1553
1554 memset(opt, 0, 8);
1555 *(opt++) = ND_OPT_REDIRECT_HDR;
1556 *(opt++) = (rd_len >> 3);
1557 opt += 6;
1558
1559 skb_copy_bits(orig_skb, skb_network_offset(orig_skb), opt,
1560 rd_len - 8);
1561 }
1562
ndisc_send_redirect(struct sk_buff * skb,const struct in6_addr * target)1563 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1564 {
1565 struct net_device *dev = skb->dev;
1566 struct net *net = dev_net(dev);
1567 struct sock *sk = net->ipv6.ndisc_sk;
1568 int optlen = 0;
1569 struct inet_peer *peer;
1570 struct sk_buff *buff;
1571 struct rd_msg *msg;
1572 struct in6_addr saddr_buf;
1573 struct rt6_info *rt;
1574 struct dst_entry *dst;
1575 struct flowi6 fl6;
1576 int rd_len;
1577 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL,
1578 ops_data_buf[NDISC_OPS_REDIRECT_DATA_SPACE], *ops_data = NULL;
1579 bool ret;
1580
1581 if (netif_is_l3_master(skb->dev)) {
1582 dev = __dev_get_by_index(dev_net(skb->dev), IPCB(skb)->iif);
1583 if (!dev)
1584 return;
1585 }
1586
1587 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1588 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1589 dev->name);
1590 return;
1591 }
1592
1593 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1594 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1595 ND_PRINTK(2, warn,
1596 "Redirect: target address is not link-local unicast\n");
1597 return;
1598 }
1599
1600 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1601 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1602
1603 dst = ip6_route_output(net, NULL, &fl6);
1604 if (dst->error) {
1605 dst_release(dst);
1606 return;
1607 }
1608 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1609 if (IS_ERR(dst))
1610 return;
1611
1612 rt = (struct rt6_info *) dst;
1613
1614 if (rt->rt6i_flags & RTF_GATEWAY) {
1615 ND_PRINTK(2, warn,
1616 "Redirect: destination is not a neighbour\n");
1617 goto release;
1618 }
1619 peer = inet_getpeer_v6(net->ipv6.peers, &ipv6_hdr(skb)->saddr, 1);
1620 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1621 if (peer)
1622 inet_putpeer(peer);
1623 if (!ret)
1624 goto release;
1625
1626 if (dev->addr_len) {
1627 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1628 if (!neigh) {
1629 ND_PRINTK(2, warn,
1630 "Redirect: no neigh for target address\n");
1631 goto release;
1632 }
1633
1634 read_lock_bh(&neigh->lock);
1635 if (neigh->nud_state & NUD_VALID) {
1636 memcpy(ha_buf, neigh->ha, dev->addr_len);
1637 read_unlock_bh(&neigh->lock);
1638 ha = ha_buf;
1639 optlen += ndisc_redirect_opt_addr_space(dev, neigh,
1640 ops_data_buf,
1641 &ops_data);
1642 } else
1643 read_unlock_bh(&neigh->lock);
1644
1645 neigh_release(neigh);
1646 }
1647
1648 rd_len = min_t(unsigned int,
1649 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1650 skb->len + 8);
1651 rd_len &= ~0x7;
1652 optlen += rd_len;
1653
1654 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1655 if (!buff)
1656 goto release;
1657
1658 msg = skb_put(buff, sizeof(*msg));
1659 *msg = (struct rd_msg) {
1660 .icmph = {
1661 .icmp6_type = NDISC_REDIRECT,
1662 },
1663 .target = *target,
1664 .dest = ipv6_hdr(skb)->daddr,
1665 };
1666
1667 /*
1668 * include target_address option
1669 */
1670
1671 if (ha)
1672 ndisc_fill_redirect_addr_option(buff, ha, ops_data);
1673
1674 /*
1675 * build redirect option and copy skb over to the new packet.
1676 */
1677
1678 if (rd_len)
1679 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1680
1681 skb_dst_set(buff, dst);
1682 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1683 return;
1684
1685 release:
1686 dst_release(dst);
1687 }
1688
pndisc_redo(struct sk_buff * skb)1689 static void pndisc_redo(struct sk_buff *skb)
1690 {
1691 ndisc_recv_ns(skb);
1692 kfree_skb(skb);
1693 }
1694
ndisc_suppress_frag_ndisc(struct sk_buff * skb)1695 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1696 {
1697 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1698
1699 if (!idev)
1700 return true;
1701 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1702 idev->cnf.suppress_frag_ndisc) {
1703 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1704 return true;
1705 }
1706 return false;
1707 }
1708
ndisc_rcv(struct sk_buff * skb)1709 int ndisc_rcv(struct sk_buff *skb)
1710 {
1711 struct nd_msg *msg;
1712
1713 if (ndisc_suppress_frag_ndisc(skb))
1714 return 0;
1715
1716 if (skb_linearize(skb))
1717 return 0;
1718
1719 msg = (struct nd_msg *)skb_transport_header(skb);
1720
1721 __skb_push(skb, skb->data - skb_transport_header(skb));
1722
1723 if (ipv6_hdr(skb)->hop_limit != 255) {
1724 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1725 ipv6_hdr(skb)->hop_limit);
1726 return 0;
1727 }
1728
1729 if (msg->icmph.icmp6_code != 0) {
1730 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1731 msg->icmph.icmp6_code);
1732 return 0;
1733 }
1734
1735 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1736
1737 switch (msg->icmph.icmp6_type) {
1738 case NDISC_NEIGHBOUR_SOLICITATION:
1739 ndisc_recv_ns(skb);
1740 break;
1741
1742 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1743 ndisc_recv_na(skb);
1744 break;
1745
1746 case NDISC_ROUTER_SOLICITATION:
1747 ndisc_recv_rs(skb);
1748 break;
1749
1750 case NDISC_ROUTER_ADVERTISEMENT:
1751 ndisc_router_discovery(skb);
1752 break;
1753
1754 case NDISC_REDIRECT:
1755 ndisc_redirect_rcv(skb);
1756 break;
1757 }
1758
1759 return 0;
1760 }
1761
ndisc_netdev_event(struct notifier_block * this,unsigned long event,void * ptr)1762 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1763 {
1764 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1765 struct netdev_notifier_change_info *change_info;
1766 struct net *net = dev_net(dev);
1767 struct inet6_dev *idev;
1768
1769 switch (event) {
1770 case NETDEV_CHANGEADDR:
1771 neigh_changeaddr(&nd_tbl, dev);
1772 fib6_run_gc(0, net, false);
1773 /* fallthrough */
1774 case NETDEV_UP:
1775 idev = in6_dev_get(dev);
1776 if (!idev)
1777 break;
1778 if (idev->cnf.ndisc_notify ||
1779 net->ipv6.devconf_all->ndisc_notify)
1780 ndisc_send_unsol_na(dev);
1781 in6_dev_put(idev);
1782 break;
1783 case NETDEV_CHANGE:
1784 change_info = ptr;
1785 if (change_info->flags_changed & IFF_NOARP)
1786 neigh_changeaddr(&nd_tbl, dev);
1787 break;
1788 case NETDEV_DOWN:
1789 neigh_ifdown(&nd_tbl, dev);
1790 fib6_run_gc(0, net, false);
1791 break;
1792 case NETDEV_NOTIFY_PEERS:
1793 ndisc_send_unsol_na(dev);
1794 break;
1795 default:
1796 break;
1797 }
1798
1799 return NOTIFY_DONE;
1800 }
1801
1802 static struct notifier_block ndisc_netdev_notifier = {
1803 .notifier_call = ndisc_netdev_event,
1804 .priority = ADDRCONF_NOTIFY_PRIORITY - 5,
1805 };
1806
1807 #ifdef CONFIG_SYSCTL
ndisc_warn_deprecated_sysctl(struct ctl_table * ctl,const char * func,const char * dev_name)1808 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1809 const char *func, const char *dev_name)
1810 {
1811 static char warncomm[TASK_COMM_LEN];
1812 static int warned;
1813 if (strcmp(warncomm, current->comm) && warned < 5) {
1814 strcpy(warncomm, current->comm);
1815 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1816 warncomm, func,
1817 dev_name, ctl->procname,
1818 dev_name, ctl->procname);
1819 warned++;
1820 }
1821 }
1822
ndisc_ifinfo_sysctl_change(struct ctl_table * ctl,int write,void __user * buffer,size_t * lenp,loff_t * ppos)1823 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1824 {
1825 struct net_device *dev = ctl->extra1;
1826 struct inet6_dev *idev;
1827 int ret;
1828
1829 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1830 (strcmp(ctl->procname, "base_reachable_time") == 0))
1831 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1832
1833 if (strcmp(ctl->procname, "retrans_time") == 0)
1834 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1835
1836 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1837 ret = neigh_proc_dointvec_jiffies(ctl, write,
1838 buffer, lenp, ppos);
1839
1840 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1841 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1842 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1843 buffer, lenp, ppos);
1844 else
1845 ret = -1;
1846
1847 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1848 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1849 idev->nd_parms->reachable_time =
1850 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1851 idev->tstamp = jiffies;
1852 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1853 in6_dev_put(idev);
1854 }
1855 return ret;
1856 }
1857
1858
1859 #endif
1860
ndisc_net_init(struct net * net)1861 static int __net_init ndisc_net_init(struct net *net)
1862 {
1863 struct ipv6_pinfo *np;
1864 struct sock *sk;
1865 int err;
1866
1867 err = inet_ctl_sock_create(&sk, PF_INET6,
1868 SOCK_RAW, IPPROTO_ICMPV6, net);
1869 if (err < 0) {
1870 ND_PRINTK(0, err,
1871 "NDISC: Failed to initialize the control socket (err %d)\n",
1872 err);
1873 return err;
1874 }
1875
1876 net->ipv6.ndisc_sk = sk;
1877
1878 np = inet6_sk(sk);
1879 np->hop_limit = 255;
1880 /* Do not loopback ndisc messages */
1881 np->mc_loop = 0;
1882
1883 return 0;
1884 }
1885
ndisc_net_exit(struct net * net)1886 static void __net_exit ndisc_net_exit(struct net *net)
1887 {
1888 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1889 }
1890
1891 static struct pernet_operations ndisc_net_ops = {
1892 .init = ndisc_net_init,
1893 .exit = ndisc_net_exit,
1894 };
1895
ndisc_init(void)1896 int __init ndisc_init(void)
1897 {
1898 int err;
1899
1900 err = register_pernet_subsys(&ndisc_net_ops);
1901 if (err)
1902 return err;
1903 /*
1904 * Initialize the neighbour table
1905 */
1906 neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1907
1908 #ifdef CONFIG_SYSCTL
1909 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1910 ndisc_ifinfo_sysctl_change);
1911 if (err)
1912 goto out_unregister_pernet;
1913 out:
1914 #endif
1915 return err;
1916
1917 #ifdef CONFIG_SYSCTL
1918 out_unregister_pernet:
1919 unregister_pernet_subsys(&ndisc_net_ops);
1920 goto out;
1921 #endif
1922 }
1923
ndisc_late_init(void)1924 int __init ndisc_late_init(void)
1925 {
1926 return register_netdevice_notifier(&ndisc_netdev_notifier);
1927 }
1928
ndisc_late_cleanup(void)1929 void ndisc_late_cleanup(void)
1930 {
1931 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1932 }
1933
ndisc_cleanup(void)1934 void ndisc_cleanup(void)
1935 {
1936 #ifdef CONFIG_SYSCTL
1937 neigh_sysctl_unregister(&nd_tbl.parms);
1938 #endif
1939 neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1940 unregister_pernet_subsys(&ndisc_net_ops);
1941 }
1942