0001
0002
0003
0004
0005
0006
0007
0008
0009
0010
0011
0012
0013
0014
0015
0016
0017
0018
0019
0020
0021
0022
0023
0024
0025
0026 #define pr_fmt(fmt) "ICMPv6: " fmt
0027
0028 #include <linux/module.h>
0029 #include <linux/errno.h>
0030 #include <linux/types.h>
0031 #include <linux/socket.h>
0032 #include <linux/sockios.h>
0033 #include <linux/sched.h>
0034 #include <linux/net.h>
0035 #include <linux/in6.h>
0036 #include <linux/route.h>
0037 #include <linux/init.h>
0038 #include <linux/rcupdate.h>
0039 #include <linux/slab.h>
0040 #ifdef CONFIG_SYSCTL
0041 #include <linux/sysctl.h>
0042 #endif
0043
0044 #include <linux/if_addr.h>
0045 #include <linux/if_ether.h>
0046 #include <linux/if_arp.h>
0047 #include <linux/ipv6.h>
0048 #include <linux/icmpv6.h>
0049 #include <linux/jhash.h>
0050
0051 #include <net/sock.h>
0052 #include <net/snmp.h>
0053
0054 #include <net/ipv6.h>
0055 #include <net/protocol.h>
0056 #include <net/ndisc.h>
0057 #include <net/ip6_route.h>
0058 #include <net/addrconf.h>
0059 #include <net/icmp.h>
0060
0061 #include <net/netlink.h>
0062 #include <linux/rtnetlink.h>
0063
0064 #include <net/flow.h>
0065 #include <net/ip6_checksum.h>
0066 #include <net/inet_common.h>
0067 #include <linux/proc_fs.h>
0068
0069 #include <linux/netfilter.h>
0070 #include <linux/netfilter_ipv6.h>
0071
0072 static u32 ndisc_hash(const void *pkey,
0073 const struct net_device *dev,
0074 __u32 *hash_rnd);
0075 static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey);
0076 static bool ndisc_allow_add(const struct net_device *dev,
0077 struct netlink_ext_ack *extack);
0078 static int ndisc_constructor(struct neighbour *neigh);
0079 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
0080 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
0081 static int pndisc_constructor(struct pneigh_entry *n);
0082 static void pndisc_destructor(struct pneigh_entry *n);
0083 static void pndisc_redo(struct sk_buff *skb);
0084 static int ndisc_is_multicast(const void *pkey);
0085
0086 static const struct neigh_ops ndisc_generic_ops = {
0087 .family = AF_INET6,
0088 .solicit = ndisc_solicit,
0089 .error_report = ndisc_error_report,
0090 .output = neigh_resolve_output,
0091 .connected_output = neigh_connected_output,
0092 };
0093
0094 static const struct neigh_ops ndisc_hh_ops = {
0095 .family = AF_INET6,
0096 .solicit = ndisc_solicit,
0097 .error_report = ndisc_error_report,
0098 .output = neigh_resolve_output,
0099 .connected_output = neigh_resolve_output,
0100 };
0101
0102
0103 static const struct neigh_ops ndisc_direct_ops = {
0104 .family = AF_INET6,
0105 .output = neigh_direct_output,
0106 .connected_output = neigh_direct_output,
0107 };
0108
0109 struct neigh_table nd_tbl = {
0110 .family = AF_INET6,
0111 .key_len = sizeof(struct in6_addr),
0112 .protocol = cpu_to_be16(ETH_P_IPV6),
0113 .hash = ndisc_hash,
0114 .key_eq = ndisc_key_eq,
0115 .constructor = ndisc_constructor,
0116 .pconstructor = pndisc_constructor,
0117 .pdestructor = pndisc_destructor,
0118 .proxy_redo = pndisc_redo,
0119 .is_multicast = ndisc_is_multicast,
0120 .allow_add = ndisc_allow_add,
0121 .id = "ndisc_cache",
0122 .parms = {
0123 .tbl = &nd_tbl,
0124 .reachable_time = ND_REACHABLE_TIME,
0125 .data = {
0126 [NEIGH_VAR_MCAST_PROBES] = 3,
0127 [NEIGH_VAR_UCAST_PROBES] = 3,
0128 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
0129 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
0130 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
0131 [NEIGH_VAR_INTERVAL_PROBE_TIME_MS] = 5 * HZ,
0132 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
0133 [NEIGH_VAR_QUEUE_LEN_BYTES] = SK_WMEM_MAX,
0134 [NEIGH_VAR_PROXY_QLEN] = 64,
0135 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
0136 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
0137 },
0138 },
0139 .gc_interval = 30 * HZ,
0140 .gc_thresh1 = 128,
0141 .gc_thresh2 = 512,
0142 .gc_thresh3 = 1024,
0143 };
0144 EXPORT_SYMBOL_GPL(nd_tbl);
0145
0146 void __ndisc_fill_addr_option(struct sk_buff *skb, int type, const void *data,
0147 int data_len, int pad)
0148 {
0149 int space = __ndisc_opt_addr_space(data_len, pad);
0150 u8 *opt = skb_put(skb, space);
0151
0152 opt[0] = type;
0153 opt[1] = space>>3;
0154
0155 memset(opt + 2, 0, pad);
0156 opt += pad;
0157 space -= pad;
0158
0159 memcpy(opt+2, data, data_len);
0160 data_len += 2;
0161 opt += data_len;
0162 space -= data_len;
0163 if (space > 0)
0164 memset(opt, 0, space);
0165 }
0166 EXPORT_SYMBOL_GPL(__ndisc_fill_addr_option);
0167
0168 static inline void ndisc_fill_addr_option(struct sk_buff *skb, int type,
0169 const void *data, u8 icmp6_type)
0170 {
0171 __ndisc_fill_addr_option(skb, type, data, skb->dev->addr_len,
0172 ndisc_addr_option_pad(skb->dev->type));
0173 ndisc_ops_fill_addr_option(skb->dev, skb, icmp6_type);
0174 }
0175
0176 static inline void ndisc_fill_redirect_addr_option(struct sk_buff *skb,
0177 void *ha,
0178 const u8 *ops_data)
0179 {
0180 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR, ha, NDISC_REDIRECT);
0181 ndisc_ops_fill_redirect_addr_option(skb->dev, skb, ops_data);
0182 }
0183
0184 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
0185 struct nd_opt_hdr *end)
0186 {
0187 int type;
0188 if (!cur || !end || cur >= end)
0189 return NULL;
0190 type = cur->nd_opt_type;
0191 do {
0192 cur = ((void *)cur) + (cur->nd_opt_len << 3);
0193 } while (cur < end && cur->nd_opt_type != type);
0194 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
0195 }
0196
0197 static inline int ndisc_is_useropt(const struct net_device *dev,
0198 struct nd_opt_hdr *opt)
0199 {
0200 return opt->nd_opt_type == ND_OPT_RDNSS ||
0201 opt->nd_opt_type == ND_OPT_DNSSL ||
0202 opt->nd_opt_type == ND_OPT_CAPTIVE_PORTAL ||
0203 opt->nd_opt_type == ND_OPT_PREF64 ||
0204 ndisc_ops_is_useropt(dev, opt->nd_opt_type);
0205 }
0206
0207 static struct nd_opt_hdr *ndisc_next_useropt(const struct net_device *dev,
0208 struct nd_opt_hdr *cur,
0209 struct nd_opt_hdr *end)
0210 {
0211 if (!cur || !end || cur >= end)
0212 return NULL;
0213 do {
0214 cur = ((void *)cur) + (cur->nd_opt_len << 3);
0215 } while (cur < end && !ndisc_is_useropt(dev, cur));
0216 return cur <= end && ndisc_is_useropt(dev, cur) ? cur : NULL;
0217 }
0218
0219 struct ndisc_options *ndisc_parse_options(const struct net_device *dev,
0220 u8 *opt, int opt_len,
0221 struct ndisc_options *ndopts)
0222 {
0223 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
0224
0225 if (!nd_opt || opt_len < 0 || !ndopts)
0226 return NULL;
0227 memset(ndopts, 0, sizeof(*ndopts));
0228 while (opt_len) {
0229 int l;
0230 if (opt_len < sizeof(struct nd_opt_hdr))
0231 return NULL;
0232 l = nd_opt->nd_opt_len << 3;
0233 if (opt_len < l || l == 0)
0234 return NULL;
0235 if (ndisc_ops_parse_options(dev, nd_opt, ndopts))
0236 goto next_opt;
0237 switch (nd_opt->nd_opt_type) {
0238 case ND_OPT_SOURCE_LL_ADDR:
0239 case ND_OPT_TARGET_LL_ADDR:
0240 case ND_OPT_MTU:
0241 case ND_OPT_NONCE:
0242 case ND_OPT_REDIRECT_HDR:
0243 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
0244 ND_PRINTK(2, warn,
0245 "%s: duplicated ND6 option found: type=%d\n",
0246 __func__, nd_opt->nd_opt_type);
0247 } else {
0248 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
0249 }
0250 break;
0251 case ND_OPT_PREFIX_INFO:
0252 ndopts->nd_opts_pi_end = nd_opt;
0253 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
0254 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
0255 break;
0256 #ifdef CONFIG_IPV6_ROUTE_INFO
0257 case ND_OPT_ROUTE_INFO:
0258 ndopts->nd_opts_ri_end = nd_opt;
0259 if (!ndopts->nd_opts_ri)
0260 ndopts->nd_opts_ri = nd_opt;
0261 break;
0262 #endif
0263 default:
0264 if (ndisc_is_useropt(dev, nd_opt)) {
0265 ndopts->nd_useropts_end = nd_opt;
0266 if (!ndopts->nd_useropts)
0267 ndopts->nd_useropts = nd_opt;
0268 } else {
0269
0270
0271
0272
0273
0274 ND_PRINTK(2, notice,
0275 "%s: ignored unsupported option; type=%d, len=%d\n",
0276 __func__,
0277 nd_opt->nd_opt_type,
0278 nd_opt->nd_opt_len);
0279 }
0280 }
0281 next_opt:
0282 opt_len -= l;
0283 nd_opt = ((void *)nd_opt) + l;
0284 }
0285 return ndopts;
0286 }
0287
0288 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
0289 {
0290 switch (dev->type) {
0291 case ARPHRD_ETHER:
0292 case ARPHRD_IEEE802:
0293 case ARPHRD_FDDI:
0294 ipv6_eth_mc_map(addr, buf);
0295 return 0;
0296 case ARPHRD_ARCNET:
0297 ipv6_arcnet_mc_map(addr, buf);
0298 return 0;
0299 case ARPHRD_INFINIBAND:
0300 ipv6_ib_mc_map(addr, dev->broadcast, buf);
0301 return 0;
0302 case ARPHRD_IPGRE:
0303 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
0304 default:
0305 if (dir) {
0306 memcpy(buf, dev->broadcast, dev->addr_len);
0307 return 0;
0308 }
0309 }
0310 return -EINVAL;
0311 }
0312 EXPORT_SYMBOL(ndisc_mc_map);
0313
0314 static u32 ndisc_hash(const void *pkey,
0315 const struct net_device *dev,
0316 __u32 *hash_rnd)
0317 {
0318 return ndisc_hashfn(pkey, dev, hash_rnd);
0319 }
0320
0321 static bool ndisc_key_eq(const struct neighbour *n, const void *pkey)
0322 {
0323 return neigh_key_eq128(n, pkey);
0324 }
0325
0326 static int ndisc_constructor(struct neighbour *neigh)
0327 {
0328 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
0329 struct net_device *dev = neigh->dev;
0330 struct inet6_dev *in6_dev;
0331 struct neigh_parms *parms;
0332 bool is_multicast = ipv6_addr_is_multicast(addr);
0333
0334 in6_dev = in6_dev_get(dev);
0335 if (!in6_dev) {
0336 return -EINVAL;
0337 }
0338
0339 parms = in6_dev->nd_parms;
0340 __neigh_parms_put(neigh->parms);
0341 neigh->parms = neigh_parms_clone(parms);
0342
0343 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
0344 if (!dev->header_ops) {
0345 neigh->nud_state = NUD_NOARP;
0346 neigh->ops = &ndisc_direct_ops;
0347 neigh->output = neigh_direct_output;
0348 } else {
0349 if (is_multicast) {
0350 neigh->nud_state = NUD_NOARP;
0351 ndisc_mc_map(addr, neigh->ha, dev, 1);
0352 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
0353 neigh->nud_state = NUD_NOARP;
0354 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
0355 if (dev->flags&IFF_LOOPBACK)
0356 neigh->type = RTN_LOCAL;
0357 } else if (dev->flags&IFF_POINTOPOINT) {
0358 neigh->nud_state = NUD_NOARP;
0359 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
0360 }
0361 if (dev->header_ops->cache)
0362 neigh->ops = &ndisc_hh_ops;
0363 else
0364 neigh->ops = &ndisc_generic_ops;
0365 if (neigh->nud_state&NUD_VALID)
0366 neigh->output = neigh->ops->connected_output;
0367 else
0368 neigh->output = neigh->ops->output;
0369 }
0370 in6_dev_put(in6_dev);
0371 return 0;
0372 }
0373
0374 static int pndisc_constructor(struct pneigh_entry *n)
0375 {
0376 struct in6_addr *addr = (struct in6_addr *)&n->key;
0377 struct in6_addr maddr;
0378 struct net_device *dev = n->dev;
0379
0380 if (!dev || !__in6_dev_get(dev))
0381 return -EINVAL;
0382 addrconf_addr_solict_mult(addr, &maddr);
0383 ipv6_dev_mc_inc(dev, &maddr);
0384 return 0;
0385 }
0386
0387 static void pndisc_destructor(struct pneigh_entry *n)
0388 {
0389 struct in6_addr *addr = (struct in6_addr *)&n->key;
0390 struct in6_addr maddr;
0391 struct net_device *dev = n->dev;
0392
0393 if (!dev || !__in6_dev_get(dev))
0394 return;
0395 addrconf_addr_solict_mult(addr, &maddr);
0396 ipv6_dev_mc_dec(dev, &maddr);
0397 }
0398
0399
0400 static bool ndisc_allow_add(const struct net_device *dev,
0401 struct netlink_ext_ack *extack)
0402 {
0403 struct inet6_dev *idev = __in6_dev_get(dev);
0404
0405 if (!idev || idev->cnf.disable_ipv6) {
0406 NL_SET_ERR_MSG(extack, "IPv6 is disabled on this device");
0407 return false;
0408 }
0409
0410 return true;
0411 }
0412
0413 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
0414 int len)
0415 {
0416 int hlen = LL_RESERVED_SPACE(dev);
0417 int tlen = dev->needed_tailroom;
0418 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
0419 struct sk_buff *skb;
0420
0421 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
0422 if (!skb) {
0423 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
0424 __func__);
0425 return NULL;
0426 }
0427
0428 skb->protocol = htons(ETH_P_IPV6);
0429 skb->dev = dev;
0430
0431 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
0432 skb_reset_transport_header(skb);
0433
0434
0435
0436
0437 skb_set_owner_w(skb, sk);
0438
0439 return skb;
0440 }
0441
0442 static void ip6_nd_hdr(struct sk_buff *skb,
0443 const struct in6_addr *saddr,
0444 const struct in6_addr *daddr,
0445 int hop_limit, int len)
0446 {
0447 struct ipv6hdr *hdr;
0448 struct inet6_dev *idev;
0449 unsigned tclass;
0450
0451 rcu_read_lock();
0452 idev = __in6_dev_get(skb->dev);
0453 tclass = idev ? idev->cnf.ndisc_tclass : 0;
0454 rcu_read_unlock();
0455
0456 skb_push(skb, sizeof(*hdr));
0457 skb_reset_network_header(skb);
0458 hdr = ipv6_hdr(skb);
0459
0460 ip6_flow_hdr(hdr, tclass, 0);
0461
0462 hdr->payload_len = htons(len);
0463 hdr->nexthdr = IPPROTO_ICMPV6;
0464 hdr->hop_limit = hop_limit;
0465
0466 hdr->saddr = *saddr;
0467 hdr->daddr = *daddr;
0468 }
0469
0470 void ndisc_send_skb(struct sk_buff *skb, const struct in6_addr *daddr,
0471 const struct in6_addr *saddr)
0472 {
0473 struct dst_entry *dst = skb_dst(skb);
0474 struct net *net = dev_net(skb->dev);
0475 struct sock *sk = net->ipv6.ndisc_sk;
0476 struct inet6_dev *idev;
0477 int err;
0478 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
0479 u8 type;
0480
0481 type = icmp6h->icmp6_type;
0482
0483 if (!dst) {
0484 struct flowi6 fl6;
0485 int oif = skb->dev->ifindex;
0486
0487 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, oif);
0488 dst = icmp6_dst_alloc(skb->dev, &fl6);
0489 if (IS_ERR(dst)) {
0490 kfree_skb(skb);
0491 return;
0492 }
0493
0494 skb_dst_set(skb, dst);
0495 }
0496
0497 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
0498 IPPROTO_ICMPV6,
0499 csum_partial(icmp6h,
0500 skb->len, 0));
0501
0502 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
0503
0504 rcu_read_lock();
0505 idev = __in6_dev_get(dst->dev);
0506 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
0507
0508 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
0509 net, sk, skb, NULL, dst->dev,
0510 dst_output);
0511 if (!err) {
0512 ICMP6MSGOUT_INC_STATS(net, idev, type);
0513 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
0514 }
0515
0516 rcu_read_unlock();
0517 }
0518 EXPORT_SYMBOL(ndisc_send_skb);
0519
0520 void ndisc_send_na(struct net_device *dev, const struct in6_addr *daddr,
0521 const struct in6_addr *solicited_addr,
0522 bool router, bool solicited, bool override, bool inc_opt)
0523 {
0524 struct sk_buff *skb;
0525 struct in6_addr tmpaddr;
0526 struct inet6_ifaddr *ifp;
0527 const struct in6_addr *src_addr;
0528 struct nd_msg *msg;
0529 int optlen = 0;
0530
0531
0532 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
0533 if (ifp) {
0534 src_addr = solicited_addr;
0535 if (ifp->flags & IFA_F_OPTIMISTIC)
0536 override = false;
0537 inc_opt |= ifp->idev->cnf.force_tllao;
0538 in6_ifa_put(ifp);
0539 } else {
0540 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
0541 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
0542 &tmpaddr))
0543 return;
0544 src_addr = &tmpaddr;
0545 }
0546
0547 if (!dev->addr_len)
0548 inc_opt = false;
0549 if (inc_opt)
0550 optlen += ndisc_opt_addr_space(dev,
0551 NDISC_NEIGHBOUR_ADVERTISEMENT);
0552
0553 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
0554 if (!skb)
0555 return;
0556
0557 msg = skb_put(skb, sizeof(*msg));
0558 *msg = (struct nd_msg) {
0559 .icmph = {
0560 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
0561 .icmp6_router = router,
0562 .icmp6_solicited = solicited,
0563 .icmp6_override = override,
0564 },
0565 .target = *solicited_addr,
0566 };
0567
0568 if (inc_opt)
0569 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
0570 dev->dev_addr,
0571 NDISC_NEIGHBOUR_ADVERTISEMENT);
0572
0573 ndisc_send_skb(skb, daddr, src_addr);
0574 }
0575
0576 static void ndisc_send_unsol_na(struct net_device *dev)
0577 {
0578 struct inet6_dev *idev;
0579 struct inet6_ifaddr *ifa;
0580
0581 idev = in6_dev_get(dev);
0582 if (!idev)
0583 return;
0584
0585 read_lock_bh(&idev->lock);
0586 list_for_each_entry(ifa, &idev->addr_list, if_list) {
0587
0588 if (ifa->flags & IFA_F_TENTATIVE &&
0589 !(ifa->flags & IFA_F_OPTIMISTIC))
0590 continue;
0591
0592 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &ifa->addr,
0593 !!idev->cnf.forwarding,
0594 false, true,
0595 true);
0596 }
0597 read_unlock_bh(&idev->lock);
0598
0599 in6_dev_put(idev);
0600 }
0601
0602 struct sk_buff *ndisc_ns_create(struct net_device *dev, const struct in6_addr *solicit,
0603 const struct in6_addr *saddr, u64 nonce)
0604 {
0605 int inc_opt = dev->addr_len;
0606 struct sk_buff *skb;
0607 struct nd_msg *msg;
0608 int optlen = 0;
0609
0610 if (!saddr)
0611 return NULL;
0612
0613 if (ipv6_addr_any(saddr))
0614 inc_opt = false;
0615 if (inc_opt)
0616 optlen += ndisc_opt_addr_space(dev,
0617 NDISC_NEIGHBOUR_SOLICITATION);
0618 if (nonce != 0)
0619 optlen += 8;
0620
0621 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
0622 if (!skb)
0623 return NULL;
0624
0625 msg = skb_put(skb, sizeof(*msg));
0626 *msg = (struct nd_msg) {
0627 .icmph = {
0628 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
0629 },
0630 .target = *solicit,
0631 };
0632
0633 if (inc_opt)
0634 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
0635 dev->dev_addr,
0636 NDISC_NEIGHBOUR_SOLICITATION);
0637 if (nonce != 0) {
0638 u8 *opt = skb_put(skb, 8);
0639
0640 opt[0] = ND_OPT_NONCE;
0641 opt[1] = 8 >> 3;
0642 memcpy(opt + 2, &nonce, 6);
0643 }
0644
0645 return skb;
0646 }
0647 EXPORT_SYMBOL(ndisc_ns_create);
0648
0649 void ndisc_send_ns(struct net_device *dev, const struct in6_addr *solicit,
0650 const struct in6_addr *daddr, const struct in6_addr *saddr,
0651 u64 nonce)
0652 {
0653 struct in6_addr addr_buf;
0654 struct sk_buff *skb;
0655
0656 if (!saddr) {
0657 if (ipv6_get_lladdr(dev, &addr_buf,
0658 (IFA_F_TENTATIVE | IFA_F_OPTIMISTIC)))
0659 return;
0660 saddr = &addr_buf;
0661 }
0662
0663 skb = ndisc_ns_create(dev, solicit, saddr, nonce);
0664
0665 if (skb)
0666 ndisc_send_skb(skb, daddr, saddr);
0667 }
0668
0669 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
0670 const struct in6_addr *daddr)
0671 {
0672 struct sk_buff *skb;
0673 struct rs_msg *msg;
0674 int send_sllao = dev->addr_len;
0675 int optlen = 0;
0676
0677 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
0678
0679
0680
0681
0682
0683
0684
0685
0686 if (send_sllao) {
0687 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
0688 dev, 1);
0689 if (ifp) {
0690 if (ifp->flags & IFA_F_OPTIMISTIC) {
0691 send_sllao = 0;
0692 }
0693 in6_ifa_put(ifp);
0694 } else {
0695 send_sllao = 0;
0696 }
0697 }
0698 #endif
0699 if (send_sllao)
0700 optlen += ndisc_opt_addr_space(dev, NDISC_ROUTER_SOLICITATION);
0701
0702 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
0703 if (!skb)
0704 return;
0705
0706 msg = skb_put(skb, sizeof(*msg));
0707 *msg = (struct rs_msg) {
0708 .icmph = {
0709 .icmp6_type = NDISC_ROUTER_SOLICITATION,
0710 },
0711 };
0712
0713 if (send_sllao)
0714 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
0715 dev->dev_addr,
0716 NDISC_ROUTER_SOLICITATION);
0717
0718 ndisc_send_skb(skb, daddr, saddr);
0719 }
0720
0721
0722 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
0723 {
0724
0725
0726
0727
0728 dst_link_failure(skb);
0729 kfree_skb(skb);
0730 }
0731
0732
0733
0734 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
0735 {
0736 struct in6_addr *saddr = NULL;
0737 struct in6_addr mcaddr;
0738 struct net_device *dev = neigh->dev;
0739 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
0740 int probes = atomic_read(&neigh->probes);
0741
0742 if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
0743 dev, false, 1,
0744 IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
0745 saddr = &ipv6_hdr(skb)->saddr;
0746 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
0747 if (probes < 0) {
0748 if (!(neigh->nud_state & NUD_VALID)) {
0749 ND_PRINTK(1, dbg,
0750 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
0751 __func__, target);
0752 }
0753 ndisc_send_ns(dev, target, target, saddr, 0);
0754 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
0755 neigh_app_ns(neigh);
0756 } else {
0757 addrconf_addr_solict_mult(target, &mcaddr);
0758 ndisc_send_ns(dev, target, &mcaddr, saddr, 0);
0759 }
0760 }
0761
0762 static int pndisc_is_router(const void *pkey,
0763 struct net_device *dev)
0764 {
0765 struct pneigh_entry *n;
0766 int ret = -1;
0767
0768 read_lock_bh(&nd_tbl.lock);
0769 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
0770 if (n)
0771 ret = !!(n->flags & NTF_ROUTER);
0772 read_unlock_bh(&nd_tbl.lock);
0773
0774 return ret;
0775 }
0776
0777 void ndisc_update(const struct net_device *dev, struct neighbour *neigh,
0778 const u8 *lladdr, u8 new, u32 flags, u8 icmp6_type,
0779 struct ndisc_options *ndopts)
0780 {
0781 neigh_update(neigh, lladdr, new, flags, 0);
0782
0783 ndisc_ops_update(dev, neigh, flags, icmp6_type, ndopts);
0784 }
0785
0786 static void ndisc_recv_ns(struct sk_buff *skb)
0787 {
0788 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
0789 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
0790 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
0791 u8 *lladdr = NULL;
0792 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
0793 offsetof(struct nd_msg, opt));
0794 struct ndisc_options ndopts;
0795 struct net_device *dev = skb->dev;
0796 struct inet6_ifaddr *ifp;
0797 struct inet6_dev *idev = NULL;
0798 struct neighbour *neigh;
0799 int dad = ipv6_addr_any(saddr);
0800 bool inc;
0801 int is_router = -1;
0802 u64 nonce = 0;
0803
0804 if (skb->len < sizeof(struct nd_msg)) {
0805 ND_PRINTK(2, warn, "NS: packet too short\n");
0806 return;
0807 }
0808
0809 if (ipv6_addr_is_multicast(&msg->target)) {
0810 ND_PRINTK(2, warn, "NS: multicast target address\n");
0811 return;
0812 }
0813
0814
0815
0816
0817
0818 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
0819 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
0820 return;
0821 }
0822
0823 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
0824 ND_PRINTK(2, warn, "NS: invalid ND options\n");
0825 return;
0826 }
0827
0828 if (ndopts.nd_opts_src_lladdr) {
0829 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
0830 if (!lladdr) {
0831 ND_PRINTK(2, warn,
0832 "NS: invalid link-layer address length\n");
0833 return;
0834 }
0835
0836
0837
0838
0839
0840
0841 if (dad) {
0842 ND_PRINTK(2, warn,
0843 "NS: bad DAD packet (link-layer address option)\n");
0844 return;
0845 }
0846 }
0847 if (ndopts.nd_opts_nonce && ndopts.nd_opts_nonce->nd_opt_len == 1)
0848 memcpy(&nonce, (u8 *)(ndopts.nd_opts_nonce + 1), 6);
0849
0850 inc = ipv6_addr_is_multicast(daddr);
0851
0852 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
0853 if (ifp) {
0854 have_ifp:
0855 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
0856 if (dad) {
0857 if (nonce != 0 && ifp->dad_nonce == nonce) {
0858 u8 *np = (u8 *)&nonce;
0859
0860 ND_PRINTK(2, notice,
0861 "%s: IPv6 DAD loopback for address %pI6c nonce %pM ignored\n",
0862 ifp->idev->dev->name,
0863 &ifp->addr, np);
0864 goto out;
0865 }
0866
0867
0868
0869
0870
0871 addrconf_dad_failure(skb, ifp);
0872 return;
0873 } else {
0874
0875
0876
0877
0878
0879
0880 if (!(ifp->flags & IFA_F_OPTIMISTIC))
0881 goto out;
0882 }
0883 }
0884
0885 idev = ifp->idev;
0886 } else {
0887 struct net *net = dev_net(dev);
0888
0889
0890 if (netif_is_l3_slave(dev)) {
0891 struct net_device *mdev;
0892
0893 mdev = netdev_master_upper_dev_get_rcu(dev);
0894 if (mdev) {
0895 ifp = ipv6_get_ifaddr(net, &msg->target, mdev, 1);
0896 if (ifp)
0897 goto have_ifp;
0898 }
0899 }
0900
0901 idev = in6_dev_get(dev);
0902 if (!idev) {
0903
0904 return;
0905 }
0906
0907 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
0908 (idev->cnf.forwarding &&
0909 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
0910 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
0911 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
0912 skb->pkt_type != PACKET_HOST &&
0913 inc &&
0914 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
0915
0916
0917
0918
0919
0920
0921
0922 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
0923 if (n)
0924 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
0925 goto out;
0926 }
0927 } else
0928 goto out;
0929 }
0930
0931 if (is_router < 0)
0932 is_router = idev->cnf.forwarding;
0933
0934 if (dad) {
0935 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &msg->target,
0936 !!is_router, false, (ifp != NULL), true);
0937 goto out;
0938 }
0939
0940 if (inc)
0941 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
0942 else
0943 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
0944
0945
0946
0947
0948
0949 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
0950 !inc || lladdr || !dev->addr_len);
0951 if (neigh)
0952 ndisc_update(dev, neigh, lladdr, NUD_STALE,
0953 NEIGH_UPDATE_F_WEAK_OVERRIDE|
0954 NEIGH_UPDATE_F_OVERRIDE,
0955 NDISC_NEIGHBOUR_SOLICITATION, &ndopts);
0956 if (neigh || !dev->header_ops) {
0957 ndisc_send_na(dev, saddr, &msg->target, !!is_router,
0958 true, (ifp != NULL && inc), inc);
0959 if (neigh)
0960 neigh_release(neigh);
0961 }
0962
0963 out:
0964 if (ifp)
0965 in6_ifa_put(ifp);
0966 else
0967 in6_dev_put(idev);
0968 }
0969
0970 static int accept_untracked_na(struct net_device *dev, struct in6_addr *saddr)
0971 {
0972 struct inet6_dev *idev = __in6_dev_get(dev);
0973
0974 switch (idev->cnf.accept_untracked_na) {
0975 case 0:
0976 return 0;
0977 case 1:
0978 return 1;
0979 case 2:
0980
0981
0982
0983 return !!ipv6_chk_prefix(saddr, dev);
0984 default:
0985 return 0;
0986 }
0987 }
0988
0989 static void ndisc_recv_na(struct sk_buff *skb)
0990 {
0991 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
0992 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
0993 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
0994 u8 *lladdr = NULL;
0995 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
0996 offsetof(struct nd_msg, opt));
0997 struct ndisc_options ndopts;
0998 struct net_device *dev = skb->dev;
0999 struct inet6_dev *idev = __in6_dev_get(dev);
1000 struct inet6_ifaddr *ifp;
1001 struct neighbour *neigh;
1002 u8 new_state;
1003
1004 if (skb->len < sizeof(struct nd_msg)) {
1005 ND_PRINTK(2, warn, "NA: packet too short\n");
1006 return;
1007 }
1008
1009 if (ipv6_addr_is_multicast(&msg->target)) {
1010 ND_PRINTK(2, warn, "NA: target address is multicast\n");
1011 return;
1012 }
1013
1014 if (ipv6_addr_is_multicast(daddr) &&
1015 msg->icmph.icmp6_solicited) {
1016 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
1017 return;
1018 }
1019
1020
1021
1022
1023
1024
1025 if (!msg->icmph.icmp6_solicited && idev &&
1026 idev->cnf.drop_unsolicited_na)
1027 return;
1028
1029 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
1030 ND_PRINTK(2, warn, "NS: invalid ND option\n");
1031 return;
1032 }
1033 if (ndopts.nd_opts_tgt_lladdr) {
1034 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
1035 if (!lladdr) {
1036 ND_PRINTK(2, warn,
1037 "NA: invalid link-layer address length\n");
1038 return;
1039 }
1040 }
1041 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
1042 if (ifp) {
1043 if (skb->pkt_type != PACKET_LOOPBACK
1044 && (ifp->flags & IFA_F_TENTATIVE)) {
1045 addrconf_dad_failure(skb, ifp);
1046 return;
1047 }
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057 if (skb->pkt_type != PACKET_LOOPBACK)
1058 ND_PRINTK(1, warn,
1059 "NA: %pM advertised our address %pI6c on %s!\n",
1060 eth_hdr(skb)->h_source, &ifp->addr, ifp->idev->dev->name);
1061 in6_ifa_put(ifp);
1062 return;
1063 }
1064
1065 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082 new_state = msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE;
1083 if (!neigh && lladdr && idev && idev->cnf.forwarding) {
1084 if (accept_untracked_na(dev, saddr)) {
1085 neigh = neigh_create(&nd_tbl, &msg->target, dev);
1086 new_state = NUD_STALE;
1087 }
1088 }
1089
1090 if (neigh && !IS_ERR(neigh)) {
1091 u8 old_flags = neigh->flags;
1092 struct net *net = dev_net(dev);
1093
1094 if (neigh->nud_state & NUD_FAILED)
1095 goto out;
1096
1097
1098
1099
1100
1101
1102 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
1103 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
1104 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
1105
1106 goto out;
1107 }
1108
1109 ndisc_update(dev, neigh, lladdr,
1110 new_state,
1111 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1112 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
1113 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1114 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0),
1115 NDISC_NEIGHBOUR_ADVERTISEMENT, &ndopts);
1116
1117 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
1118
1119
1120
1121 rt6_clean_tohost(dev_net(dev), saddr);
1122 }
1123
1124 out:
1125 neigh_release(neigh);
1126 }
1127 }
1128
1129 static void ndisc_recv_rs(struct sk_buff *skb)
1130 {
1131 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1132 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1133 struct neighbour *neigh;
1134 struct inet6_dev *idev;
1135 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1136 struct ndisc_options ndopts;
1137 u8 *lladdr = NULL;
1138
1139 if (skb->len < sizeof(*rs_msg))
1140 return;
1141
1142 idev = __in6_dev_get(skb->dev);
1143 if (!idev) {
1144 ND_PRINTK(1, err, "RS: can't find in6 device\n");
1145 return;
1146 }
1147
1148
1149 if (!idev->cnf.forwarding)
1150 goto out;
1151
1152
1153
1154
1155
1156 if (ipv6_addr_any(saddr))
1157 goto out;
1158
1159
1160 if (!ndisc_parse_options(skb->dev, rs_msg->opt, ndoptlen, &ndopts)) {
1161 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
1162 goto out;
1163 }
1164
1165 if (ndopts.nd_opts_src_lladdr) {
1166 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1167 skb->dev);
1168 if (!lladdr)
1169 goto out;
1170 }
1171
1172 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1173 if (neigh) {
1174 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1175 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1176 NEIGH_UPDATE_F_OVERRIDE|
1177 NEIGH_UPDATE_F_OVERRIDE_ISROUTER,
1178 NDISC_ROUTER_SOLICITATION, &ndopts);
1179 neigh_release(neigh);
1180 }
1181 out:
1182 return;
1183 }
1184
1185 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1186 {
1187 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1188 struct sk_buff *skb;
1189 struct nlmsghdr *nlh;
1190 struct nduseroptmsg *ndmsg;
1191 struct net *net = dev_net(ra->dev);
1192 int err;
1193 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1194 + (opt->nd_opt_len << 3));
1195 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1196
1197 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1198 if (!skb) {
1199 err = -ENOBUFS;
1200 goto errout;
1201 }
1202
1203 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1204 if (!nlh) {
1205 goto nla_put_failure;
1206 }
1207
1208 ndmsg = nlmsg_data(nlh);
1209 ndmsg->nduseropt_family = AF_INET6;
1210 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1211 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1212 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1213 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1214
1215 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1216
1217 if (nla_put_in6_addr(skb, NDUSEROPT_SRCADDR, &ipv6_hdr(ra)->saddr))
1218 goto nla_put_failure;
1219 nlmsg_end(skb, nlh);
1220
1221 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1222 return;
1223
1224 nla_put_failure:
1225 nlmsg_free(skb);
1226 err = -EMSGSIZE;
1227 errout:
1228 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1229 }
1230
1231 static void ndisc_router_discovery(struct sk_buff *skb)
1232 {
1233 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1234 struct neighbour *neigh = NULL;
1235 struct inet6_dev *in6_dev;
1236 struct fib6_info *rt = NULL;
1237 u32 defrtr_usr_metric;
1238 struct net *net;
1239 int lifetime;
1240 struct ndisc_options ndopts;
1241 int optlen;
1242 unsigned int pref = 0;
1243 __u32 old_if_flags;
1244 bool send_ifinfo_notify = false;
1245
1246 __u8 *opt = (__u8 *)(ra_msg + 1);
1247
1248 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1249 sizeof(struct ra_msg);
1250
1251 ND_PRINTK(2, info,
1252 "RA: %s, dev: %s\n",
1253 __func__, skb->dev->name);
1254 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1255 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1256 return;
1257 }
1258 if (optlen < 0) {
1259 ND_PRINTK(2, warn, "RA: packet too short\n");
1260 return;
1261 }
1262
1263 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1264 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1265 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1266 return;
1267 }
1268 #endif
1269
1270
1271
1272
1273
1274 in6_dev = __in6_dev_get(skb->dev);
1275 if (!in6_dev) {
1276 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1277 skb->dev->name);
1278 return;
1279 }
1280
1281 if (!ndisc_parse_options(skb->dev, opt, optlen, &ndopts)) {
1282 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1283 return;
1284 }
1285
1286 if (!ipv6_accept_ra(in6_dev)) {
1287 ND_PRINTK(2, info,
1288 "RA: %s, did not accept ra for dev: %s\n",
1289 __func__, skb->dev->name);
1290 goto skip_linkparms;
1291 }
1292
1293 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1294
1295 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1296 ND_PRINTK(2, info,
1297 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1298 __func__, skb->dev->name);
1299 goto skip_linkparms;
1300 }
1301 #endif
1302
1303 if (in6_dev->if_flags & IF_RS_SENT) {
1304
1305
1306
1307
1308 in6_dev->if_flags |= IF_RA_RCVD;
1309 }
1310
1311
1312
1313
1314
1315 old_if_flags = in6_dev->if_flags;
1316 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1317 IF_RA_OTHERCONF)) |
1318 (ra_msg->icmph.icmp6_addrconf_managed ?
1319 IF_RA_MANAGED : 0) |
1320 (ra_msg->icmph.icmp6_addrconf_other ?
1321 IF_RA_OTHERCONF : 0);
1322
1323 if (old_if_flags != in6_dev->if_flags)
1324 send_ifinfo_notify = true;
1325
1326 if (!in6_dev->cnf.accept_ra_defrtr) {
1327 ND_PRINTK(2, info,
1328 "RA: %s, defrtr is false for dev: %s\n",
1329 __func__, skb->dev->name);
1330 goto skip_defrtr;
1331 }
1332
1333
1334
1335
1336 net = dev_net(in6_dev->dev);
1337 if (!in6_dev->cnf.accept_ra_from_local &&
1338 ipv6_chk_addr(net, &ipv6_hdr(skb)->saddr, in6_dev->dev, 0)) {
1339 ND_PRINTK(2, info,
1340 "RA from local address detected on dev: %s: default router ignored\n",
1341 skb->dev->name);
1342 goto skip_defrtr;
1343 }
1344
1345 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1346
1347 #ifdef CONFIG_IPV6_ROUTER_PREF
1348 pref = ra_msg->icmph.icmp6_router_pref;
1349
1350 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1351 !in6_dev->cnf.accept_ra_rtr_pref)
1352 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1353 #endif
1354
1355 rt = rt6_get_dflt_router(net, &ipv6_hdr(skb)->saddr, skb->dev);
1356 if (rt) {
1357 neigh = ip6_neigh_lookup(&rt->fib6_nh->fib_nh_gw6,
1358 rt->fib6_nh->fib_nh_dev, NULL,
1359 &ipv6_hdr(skb)->saddr);
1360 if (!neigh) {
1361 ND_PRINTK(0, err,
1362 "RA: %s got default router without neighbour\n",
1363 __func__);
1364 fib6_info_release(rt);
1365 return;
1366 }
1367 }
1368
1369 defrtr_usr_metric = in6_dev->cnf.ra_defrtr_metric;
1370
1371 if (rt && (lifetime == 0 || rt->fib6_metric != defrtr_usr_metric)) {
1372 ip6_del_rt(net, rt, false);
1373 rt = NULL;
1374 }
1375
1376 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, metric: %d, for dev: %s\n",
1377 rt, lifetime, defrtr_usr_metric, skb->dev->name);
1378 if (!rt && lifetime) {
1379 ND_PRINTK(3, info, "RA: adding default router\n");
1380
1381 if (neigh)
1382 neigh_release(neigh);
1383
1384 rt = rt6_add_dflt_router(net, &ipv6_hdr(skb)->saddr,
1385 skb->dev, pref, defrtr_usr_metric);
1386 if (!rt) {
1387 ND_PRINTK(0, err,
1388 "RA: %s failed to add default route\n",
1389 __func__);
1390 return;
1391 }
1392
1393 neigh = ip6_neigh_lookup(&rt->fib6_nh->fib_nh_gw6,
1394 rt->fib6_nh->fib_nh_dev, NULL,
1395 &ipv6_hdr(skb)->saddr);
1396 if (!neigh) {
1397 ND_PRINTK(0, err,
1398 "RA: %s got default router without neighbour\n",
1399 __func__);
1400 fib6_info_release(rt);
1401 return;
1402 }
1403 neigh->flags |= NTF_ROUTER;
1404 } else if (rt && IPV6_EXTRACT_PREF(rt->fib6_flags) != pref) {
1405 struct nl_info nlinfo = {
1406 .nl_net = net,
1407 };
1408 rt->fib6_flags = (rt->fib6_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1409 inet6_rt_notify(RTM_NEWROUTE, rt, &nlinfo, NLM_F_REPLACE);
1410 }
1411
1412 if (rt)
1413 fib6_set_expires(rt, jiffies + (HZ * lifetime));
1414 if (in6_dev->cnf.accept_ra_min_hop_limit < 256 &&
1415 ra_msg->icmph.icmp6_hop_limit) {
1416 if (in6_dev->cnf.accept_ra_min_hop_limit <= ra_msg->icmph.icmp6_hop_limit) {
1417 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1418 fib6_metric_set(rt, RTAX_HOPLIMIT,
1419 ra_msg->icmph.icmp6_hop_limit);
1420 } else {
1421 ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than minimum\n");
1422 }
1423 }
1424
1425 skip_defrtr:
1426
1427
1428
1429
1430
1431 if (in6_dev->nd_parms) {
1432 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1433
1434 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1435 rtime = (rtime*HZ)/1000;
1436 if (rtime < HZ/100)
1437 rtime = HZ/100;
1438 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1439 in6_dev->tstamp = jiffies;
1440 send_ifinfo_notify = true;
1441 }
1442
1443 rtime = ntohl(ra_msg->reachable_time);
1444 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1445 rtime = (rtime*HZ)/1000;
1446
1447 if (rtime < HZ/10)
1448 rtime = HZ/10;
1449
1450 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1451 NEIGH_VAR_SET(in6_dev->nd_parms,
1452 BASE_REACHABLE_TIME, rtime);
1453 NEIGH_VAR_SET(in6_dev->nd_parms,
1454 GC_STALETIME, 3 * rtime);
1455 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1456 in6_dev->tstamp = jiffies;
1457 send_ifinfo_notify = true;
1458 }
1459 }
1460 }
1461
1462 skip_linkparms:
1463
1464
1465
1466
1467
1468 if (!neigh)
1469 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1470 skb->dev, 1);
1471 if (neigh) {
1472 u8 *lladdr = NULL;
1473 if (ndopts.nd_opts_src_lladdr) {
1474 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1475 skb->dev);
1476 if (!lladdr) {
1477 ND_PRINTK(2, warn,
1478 "RA: invalid link-layer address length\n");
1479 goto out;
1480 }
1481 }
1482 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1483 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1484 NEIGH_UPDATE_F_OVERRIDE|
1485 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1486 NEIGH_UPDATE_F_ISROUTER,
1487 NDISC_ROUTER_ADVERTISEMENT, &ndopts);
1488 }
1489
1490 if (!ipv6_accept_ra(in6_dev)) {
1491 ND_PRINTK(2, info,
1492 "RA: %s, accept_ra is false for dev: %s\n",
1493 __func__, skb->dev->name);
1494 goto out;
1495 }
1496
1497 #ifdef CONFIG_IPV6_ROUTE_INFO
1498 if (!in6_dev->cnf.accept_ra_from_local &&
1499 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1500 in6_dev->dev, 0)) {
1501 ND_PRINTK(2, info,
1502 "RA from local address detected on dev: %s: router info ignored.\n",
1503 skb->dev->name);
1504 goto skip_routeinfo;
1505 }
1506
1507 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1508 struct nd_opt_hdr *p;
1509 for (p = ndopts.nd_opts_ri;
1510 p;
1511 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1512 struct route_info *ri = (struct route_info *)p;
1513 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1514 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1515 ri->prefix_len == 0)
1516 continue;
1517 #endif
1518 if (ri->prefix_len == 0 &&
1519 !in6_dev->cnf.accept_ra_defrtr)
1520 continue;
1521 if (ri->prefix_len < in6_dev->cnf.accept_ra_rt_info_min_plen)
1522 continue;
1523 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1524 continue;
1525 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1526 &ipv6_hdr(skb)->saddr);
1527 }
1528 }
1529
1530 skip_routeinfo:
1531 #endif
1532
1533 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1534
1535 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1536 ND_PRINTK(2, info,
1537 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1538 __func__, skb->dev->name);
1539 goto out;
1540 }
1541 #endif
1542
1543 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1544 struct nd_opt_hdr *p;
1545 for (p = ndopts.nd_opts_pi;
1546 p;
1547 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1548 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1549 (p->nd_opt_len) << 3,
1550 ndopts.nd_opts_src_lladdr != NULL);
1551 }
1552 }
1553
1554 if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1555 __be32 n;
1556 u32 mtu;
1557
1558 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1559 mtu = ntohl(n);
1560
1561 if (in6_dev->ra_mtu != mtu) {
1562 in6_dev->ra_mtu = mtu;
1563 send_ifinfo_notify = true;
1564 }
1565
1566 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1567 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1568 } else if (in6_dev->cnf.mtu6 != mtu) {
1569 in6_dev->cnf.mtu6 = mtu;
1570 fib6_metric_set(rt, RTAX_MTU, mtu);
1571 rt6_mtu_change(skb->dev, mtu);
1572 }
1573 }
1574
1575 if (ndopts.nd_useropts) {
1576 struct nd_opt_hdr *p;
1577 for (p = ndopts.nd_useropts;
1578 p;
1579 p = ndisc_next_useropt(skb->dev, p,
1580 ndopts.nd_useropts_end)) {
1581 ndisc_ra_useropt(skb, p);
1582 }
1583 }
1584
1585 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1586 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1587 }
1588 out:
1589
1590
1591
1592 if (send_ifinfo_notify)
1593 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1594
1595 fib6_info_release(rt);
1596 if (neigh)
1597 neigh_release(neigh);
1598 }
1599
1600 static void ndisc_redirect_rcv(struct sk_buff *skb)
1601 {
1602 u8 *hdr;
1603 struct ndisc_options ndopts;
1604 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1605 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1606 offsetof(struct rd_msg, opt));
1607
1608 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1609 switch (skb->ndisc_nodetype) {
1610 case NDISC_NODETYPE_HOST:
1611 case NDISC_NODETYPE_NODEFAULT:
1612 ND_PRINTK(2, warn,
1613 "Redirect: from host or unauthorized router\n");
1614 return;
1615 }
1616 #endif
1617
1618 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1619 ND_PRINTK(2, warn,
1620 "Redirect: source address is not link-local\n");
1621 return;
1622 }
1623
1624 if (!ndisc_parse_options(skb->dev, msg->opt, ndoptlen, &ndopts))
1625 return;
1626
1627 if (!ndopts.nd_opts_rh) {
1628 ip6_redirect_no_header(skb, dev_net(skb->dev),
1629 skb->dev->ifindex);
1630 return;
1631 }
1632
1633 hdr = (u8 *)ndopts.nd_opts_rh;
1634 hdr += 8;
1635 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1636 return;
1637
1638 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1639 }
1640
1641 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1642 struct sk_buff *orig_skb,
1643 int rd_len)
1644 {
1645 u8 *opt = skb_put(skb, rd_len);
1646
1647 memset(opt, 0, 8);
1648 *(opt++) = ND_OPT_REDIRECT_HDR;
1649 *(opt++) = (rd_len >> 3);
1650 opt += 6;
1651
1652 skb_copy_bits(orig_skb, skb_network_offset(orig_skb), opt,
1653 rd_len - 8);
1654 }
1655
1656 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1657 {
1658 struct net_device *dev = skb->dev;
1659 struct net *net = dev_net(dev);
1660 struct sock *sk = net->ipv6.ndisc_sk;
1661 int optlen = 0;
1662 struct inet_peer *peer;
1663 struct sk_buff *buff;
1664 struct rd_msg *msg;
1665 struct in6_addr saddr_buf;
1666 struct rt6_info *rt;
1667 struct dst_entry *dst;
1668 struct flowi6 fl6;
1669 int rd_len;
1670 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL,
1671 ops_data_buf[NDISC_OPS_REDIRECT_DATA_SPACE], *ops_data = NULL;
1672 bool ret;
1673
1674 if (netif_is_l3_master(skb->dev)) {
1675 dev = __dev_get_by_index(dev_net(skb->dev), IPCB(skb)->iif);
1676 if (!dev)
1677 return;
1678 }
1679
1680 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1681 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1682 dev->name);
1683 return;
1684 }
1685
1686 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1687 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1688 ND_PRINTK(2, warn,
1689 "Redirect: target address is not link-local unicast\n");
1690 return;
1691 }
1692
1693 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1694 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1695
1696 dst = ip6_route_output(net, NULL, &fl6);
1697 if (dst->error) {
1698 dst_release(dst);
1699 return;
1700 }
1701 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1702 if (IS_ERR(dst))
1703 return;
1704
1705 rt = (struct rt6_info *) dst;
1706
1707 if (rt->rt6i_flags & RTF_GATEWAY) {
1708 ND_PRINTK(2, warn,
1709 "Redirect: destination is not a neighbour\n");
1710 goto release;
1711 }
1712 peer = inet_getpeer_v6(net->ipv6.peers, &ipv6_hdr(skb)->saddr, 1);
1713 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1714 if (peer)
1715 inet_putpeer(peer);
1716 if (!ret)
1717 goto release;
1718
1719 if (dev->addr_len) {
1720 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1721 if (!neigh) {
1722 ND_PRINTK(2, warn,
1723 "Redirect: no neigh for target address\n");
1724 goto release;
1725 }
1726
1727 read_lock_bh(&neigh->lock);
1728 if (neigh->nud_state & NUD_VALID) {
1729 memcpy(ha_buf, neigh->ha, dev->addr_len);
1730 read_unlock_bh(&neigh->lock);
1731 ha = ha_buf;
1732 optlen += ndisc_redirect_opt_addr_space(dev, neigh,
1733 ops_data_buf,
1734 &ops_data);
1735 } else
1736 read_unlock_bh(&neigh->lock);
1737
1738 neigh_release(neigh);
1739 }
1740
1741 rd_len = min_t(unsigned int,
1742 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1743 skb->len + 8);
1744 rd_len &= ~0x7;
1745 optlen += rd_len;
1746
1747 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1748 if (!buff)
1749 goto release;
1750
1751 msg = skb_put(buff, sizeof(*msg));
1752 *msg = (struct rd_msg) {
1753 .icmph = {
1754 .icmp6_type = NDISC_REDIRECT,
1755 },
1756 .target = *target,
1757 .dest = ipv6_hdr(skb)->daddr,
1758 };
1759
1760
1761
1762
1763
1764 if (ha)
1765 ndisc_fill_redirect_addr_option(buff, ha, ops_data);
1766
1767
1768
1769
1770
1771 if (rd_len)
1772 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1773
1774 skb_dst_set(buff, dst);
1775 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1776 return;
1777
1778 release:
1779 dst_release(dst);
1780 }
1781
1782 static void pndisc_redo(struct sk_buff *skb)
1783 {
1784 ndisc_recv_ns(skb);
1785 kfree_skb(skb);
1786 }
1787
1788 static int ndisc_is_multicast(const void *pkey)
1789 {
1790 return ipv6_addr_is_multicast((struct in6_addr *)pkey);
1791 }
1792
1793 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1794 {
1795 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1796
1797 if (!idev)
1798 return true;
1799 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1800 idev->cnf.suppress_frag_ndisc) {
1801 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1802 return true;
1803 }
1804 return false;
1805 }
1806
1807 int ndisc_rcv(struct sk_buff *skb)
1808 {
1809 struct nd_msg *msg;
1810
1811 if (ndisc_suppress_frag_ndisc(skb))
1812 return 0;
1813
1814 if (skb_linearize(skb))
1815 return 0;
1816
1817 msg = (struct nd_msg *)skb_transport_header(skb);
1818
1819 __skb_push(skb, skb->data - skb_transport_header(skb));
1820
1821 if (ipv6_hdr(skb)->hop_limit != 255) {
1822 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1823 ipv6_hdr(skb)->hop_limit);
1824 return 0;
1825 }
1826
1827 if (msg->icmph.icmp6_code != 0) {
1828 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1829 msg->icmph.icmp6_code);
1830 return 0;
1831 }
1832
1833 switch (msg->icmph.icmp6_type) {
1834 case NDISC_NEIGHBOUR_SOLICITATION:
1835 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1836 ndisc_recv_ns(skb);
1837 break;
1838
1839 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1840 ndisc_recv_na(skb);
1841 break;
1842
1843 case NDISC_ROUTER_SOLICITATION:
1844 ndisc_recv_rs(skb);
1845 break;
1846
1847 case NDISC_ROUTER_ADVERTISEMENT:
1848 ndisc_router_discovery(skb);
1849 break;
1850
1851 case NDISC_REDIRECT:
1852 ndisc_redirect_rcv(skb);
1853 break;
1854 }
1855
1856 return 0;
1857 }
1858
1859 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1860 {
1861 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1862 struct netdev_notifier_change_info *change_info;
1863 struct net *net = dev_net(dev);
1864 struct inet6_dev *idev;
1865 bool evict_nocarrier;
1866
1867 switch (event) {
1868 case NETDEV_CHANGEADDR:
1869 neigh_changeaddr(&nd_tbl, dev);
1870 fib6_run_gc(0, net, false);
1871 fallthrough;
1872 case NETDEV_UP:
1873 idev = in6_dev_get(dev);
1874 if (!idev)
1875 break;
1876 if (idev->cnf.ndisc_notify ||
1877 net->ipv6.devconf_all->ndisc_notify)
1878 ndisc_send_unsol_na(dev);
1879 in6_dev_put(idev);
1880 break;
1881 case NETDEV_CHANGE:
1882 idev = in6_dev_get(dev);
1883 if (!idev)
1884 evict_nocarrier = true;
1885 else {
1886 evict_nocarrier = idev->cnf.ndisc_evict_nocarrier &&
1887 net->ipv6.devconf_all->ndisc_evict_nocarrier;
1888 in6_dev_put(idev);
1889 }
1890
1891 change_info = ptr;
1892 if (change_info->flags_changed & IFF_NOARP)
1893 neigh_changeaddr(&nd_tbl, dev);
1894 if (evict_nocarrier && !netif_carrier_ok(dev))
1895 neigh_carrier_down(&nd_tbl, dev);
1896 break;
1897 case NETDEV_DOWN:
1898 neigh_ifdown(&nd_tbl, dev);
1899 fib6_run_gc(0, net, false);
1900 break;
1901 case NETDEV_NOTIFY_PEERS:
1902 ndisc_send_unsol_na(dev);
1903 break;
1904 default:
1905 break;
1906 }
1907
1908 return NOTIFY_DONE;
1909 }
1910
1911 static struct notifier_block ndisc_netdev_notifier = {
1912 .notifier_call = ndisc_netdev_event,
1913 .priority = ADDRCONF_NOTIFY_PRIORITY - 5,
1914 };
1915
1916 #ifdef CONFIG_SYSCTL
1917 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1918 const char *func, const char *dev_name)
1919 {
1920 static char warncomm[TASK_COMM_LEN];
1921 static int warned;
1922 if (strcmp(warncomm, current->comm) && warned < 5) {
1923 strcpy(warncomm, current->comm);
1924 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1925 warncomm, func,
1926 dev_name, ctl->procname,
1927 dev_name, ctl->procname);
1928 warned++;
1929 }
1930 }
1931
1932 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void *buffer,
1933 size_t *lenp, loff_t *ppos)
1934 {
1935 struct net_device *dev = ctl->extra1;
1936 struct inet6_dev *idev;
1937 int ret;
1938
1939 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1940 (strcmp(ctl->procname, "base_reachable_time") == 0))
1941 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1942
1943 if (strcmp(ctl->procname, "retrans_time") == 0)
1944 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1945
1946 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1947 ret = neigh_proc_dointvec_jiffies(ctl, write,
1948 buffer, lenp, ppos);
1949
1950 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1951 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1952 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1953 buffer, lenp, ppos);
1954 else
1955 ret = -1;
1956
1957 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1958 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1959 idev->nd_parms->reachable_time =
1960 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1961 idev->tstamp = jiffies;
1962 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1963 in6_dev_put(idev);
1964 }
1965 return ret;
1966 }
1967
1968
1969 #endif
1970
1971 static int __net_init ndisc_net_init(struct net *net)
1972 {
1973 struct ipv6_pinfo *np;
1974 struct sock *sk;
1975 int err;
1976
1977 err = inet_ctl_sock_create(&sk, PF_INET6,
1978 SOCK_RAW, IPPROTO_ICMPV6, net);
1979 if (err < 0) {
1980 ND_PRINTK(0, err,
1981 "NDISC: Failed to initialize the control socket (err %d)\n",
1982 err);
1983 return err;
1984 }
1985
1986 net->ipv6.ndisc_sk = sk;
1987
1988 np = inet6_sk(sk);
1989 np->hop_limit = 255;
1990
1991 np->mc_loop = 0;
1992
1993 return 0;
1994 }
1995
1996 static void __net_exit ndisc_net_exit(struct net *net)
1997 {
1998 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1999 }
2000
2001 static struct pernet_operations ndisc_net_ops = {
2002 .init = ndisc_net_init,
2003 .exit = ndisc_net_exit,
2004 };
2005
2006 int __init ndisc_init(void)
2007 {
2008 int err;
2009
2010 err = register_pernet_subsys(&ndisc_net_ops);
2011 if (err)
2012 return err;
2013
2014
2015
2016 neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
2017
2018 #ifdef CONFIG_SYSCTL
2019 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
2020 ndisc_ifinfo_sysctl_change);
2021 if (err)
2022 goto out_unregister_pernet;
2023 out:
2024 #endif
2025 return err;
2026
2027 #ifdef CONFIG_SYSCTL
2028 out_unregister_pernet:
2029 unregister_pernet_subsys(&ndisc_net_ops);
2030 goto out;
2031 #endif
2032 }
2033
2034 int __init ndisc_late_init(void)
2035 {
2036 return register_netdevice_notifier(&ndisc_netdev_notifier);
2037 }
2038
2039 void ndisc_late_cleanup(void)
2040 {
2041 unregister_netdevice_notifier(&ndisc_netdev_notifier);
2042 }
2043
2044 void ndisc_cleanup(void)
2045 {
2046 #ifdef CONFIG_SYSCTL
2047 neigh_sysctl_unregister(&nd_tbl.parms);
2048 #endif
2049 neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
2050 unregister_pernet_subsys(&ndisc_net_ops);
2051 }
