~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/ipv6/ndisc.c

Version: ~ [ linux-4.20-rc3 ] ~ [ linux-4.19.2 ] ~ [ linux-4.18.19 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.81 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.137 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.163 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.125 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.60 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-3.9.11 ] ~ [ linux-3.8.13 ] ~ [ linux-3.7.10 ] ~ [ linux-3.6.11 ] ~ [ linux-3.5.7 ] ~ [ linux-3.4.113 ] ~ [ linux-3.3.8 ] ~ [ linux-3.2.102 ] ~ [ linux-3.1.10 ] ~ [ linux-3.0.101 ] ~ [ linux-2.6.39.4 ] ~ [ linux-2.6.38.8 ] ~ [ linux-2.6.37.6 ] ~ [ linux-2.6.36.4 ] ~ [ linux-2.6.35.14 ] ~ [ linux-2.6.34.15 ] ~ [ linux-2.6.33.20 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.31.14 ] ~ [ linux-2.6.30.10 ] ~ [ linux-2.6.29.6 ] ~ [ linux-2.6.28.10 ] ~ [ linux-2.6.27.62 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /*
  2  *      Neighbour Discovery for IPv6
  3  *      Linux INET6 implementation
  4  *
  5  *      Authors:
  6  *      Pedro Roque             <roque@di.fc.ul.pt>
  7  *      Mike Shaver             <shaver@ingenia.com>
  8  *
  9  *      This program is free software; you can redistribute it and/or
 10  *      modify it under the terms of the GNU General Public License
 11  *      as published by the Free Software Foundation; either version
 12  *      2 of the License, or (at your option) any later version.
 13  */
 14 
 15 /*
 16  *      Changes:
 17  *
 18  *      Alexey I. Froloff               :       RFC6106 (DNSSL) support
 19  *      Pierre Ynard                    :       export userland ND options
 20  *                                              through netlink (RDNSS support)
 21  *      Lars Fenneberg                  :       fixed MTU setting on receipt
 22  *                                              of an RA.
 23  *      Janos Farkas                    :       kmalloc failure checks
 24  *      Alexey Kuznetsov                :       state machine reworked
 25  *                                              and moved to net/core.
 26  *      Pekka Savola                    :       RFC2461 validation
 27  *      YOSHIFUJI Hideaki @USAGI        :       Verify ND options properly
 28  */
 29 
 30 #define pr_fmt(fmt) "ICMPv6: " fmt
 31 
 32 #include <linux/module.h>
 33 #include <linux/errno.h>
 34 #include <linux/types.h>
 35 #include <linux/socket.h>
 36 #include <linux/sockios.h>
 37 #include <linux/sched.h>
 38 #include <linux/net.h>
 39 #include <linux/in6.h>
 40 #include <linux/route.h>
 41 #include <linux/init.h>
 42 #include <linux/rcupdate.h>
 43 #include <linux/slab.h>
 44 #ifdef CONFIG_SYSCTL
 45 #include <linux/sysctl.h>
 46 #endif
 47 
 48 #include <linux/if_addr.h>
 49 #include <linux/if_ether.h>
 50 #include <linux/if_arp.h>
 51 #include <linux/ipv6.h>
 52 #include <linux/icmpv6.h>
 53 #include <linux/jhash.h>
 54 
 55 #include <net/sock.h>
 56 #include <net/snmp.h>
 57 
 58 #include <net/ipv6.h>
 59 #include <net/protocol.h>
 60 #include <net/ndisc.h>
 61 #include <net/ip6_route.h>
 62 #include <net/addrconf.h>
 63 #include <net/icmp.h>
 64 
 65 #include <net/netlink.h>
 66 #include <linux/rtnetlink.h>
 67 
 68 #include <net/flow.h>
 69 #include <net/ip6_checksum.h>
 70 #include <net/inet_common.h>
 71 #include <linux/proc_fs.h>
 72 
 73 #include <linux/netfilter.h>
 74 #include <linux/netfilter_ipv6.h>
 75 
 76 static u32 ndisc_hash(const void *pkey,
 77                       const struct net_device *dev,
 78                       __u32 *hash_rnd);
 79 static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey);
 80 static int ndisc_constructor(struct neighbour *neigh);
 81 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
 82 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
 83 static int pndisc_constructor(struct pneigh_entry *n);
 84 static void pndisc_destructor(struct pneigh_entry *n);
 85 static void pndisc_redo(struct sk_buff *skb);
 86 
 87 static const struct neigh_ops ndisc_generic_ops = {
 88         .family =               AF_INET6,
 89         .solicit =              ndisc_solicit,
 90         .error_report =         ndisc_error_report,
 91         .output =               neigh_resolve_output,
 92         .connected_output =     neigh_connected_output,
 93 };
 94 
 95 static const struct neigh_ops ndisc_hh_ops = {
 96         .family =               AF_INET6,
 97         .solicit =              ndisc_solicit,
 98         .error_report =         ndisc_error_report,
 99         .output =               neigh_resolve_output,
100         .connected_output =     neigh_resolve_output,
101 };
102 
103 
104 static const struct neigh_ops ndisc_direct_ops = {
105         .family =               AF_INET6,
106         .output =               neigh_direct_output,
107         .connected_output =     neigh_direct_output,
108 };
109 
110 struct neigh_table nd_tbl = {
111         .family =       AF_INET6,
112         .key_len =      sizeof(struct in6_addr),
113         .protocol =     cpu_to_be16(ETH_P_IPV6),
114         .hash =         ndisc_hash,
115         .key_eq =       ndisc_key_eq,
116         .constructor =  ndisc_constructor,
117         .pconstructor = pndisc_constructor,
118         .pdestructor =  pndisc_destructor,
119         .proxy_redo =   pndisc_redo,
120         .id =           "ndisc_cache",
121         .parms = {
122                 .tbl                    = &nd_tbl,
123                 .reachable_time         = ND_REACHABLE_TIME,
124                 .data = {
125                         [NEIGH_VAR_MCAST_PROBES] = 3,
126                         [NEIGH_VAR_UCAST_PROBES] = 3,
127                         [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
128                         [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
129                         [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
130                         [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
131                         [NEIGH_VAR_QUEUE_LEN_BYTES] = SK_WMEM_MAX,
132                         [NEIGH_VAR_PROXY_QLEN] = 64,
133                         [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
134                         [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
135                 },
136         },
137         .gc_interval =    30 * HZ,
138         .gc_thresh1 =    128,
139         .gc_thresh2 =    512,
140         .gc_thresh3 =   1024,
141 };
142 EXPORT_SYMBOL_GPL(nd_tbl);
143 
144 void __ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data,
145                               int data_len, int pad)
146 {
147         int space = __ndisc_opt_addr_space(data_len, pad);
148         u8 *opt = skb_put(skb, space);
149 
150         opt[0] = type;
151         opt[1] = space>>3;
152 
153         memset(opt + 2, 0, pad);
154         opt   += pad;
155         space -= pad;
156 
157         memcpy(opt+2, data, data_len);
158         data_len += 2;
159         opt += data_len;
160         space -= data_len;
161         if (space > 0)
162                 memset(opt, 0, space);
163 }
164 EXPORT_SYMBOL_GPL(__ndisc_fill_addr_option);
165 
166 static inline void ndisc_fill_addr_option(struct sk_buff *skb, int type,
167                                           void *data, u8 icmp6_type)
168 {
169         __ndisc_fill_addr_option(skb, type, data, skb->dev->addr_len,
170                                  ndisc_addr_option_pad(skb->dev->type));
171         ndisc_ops_fill_addr_option(skb->dev, skb, icmp6_type);
172 }
173 
174 static inline void ndisc_fill_redirect_addr_option(struct sk_buff *skb,
175                                                    void *ha,
176                                                    const u8 *ops_data)
177 {
178         ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR, ha, NDISC_REDIRECT);
179         ndisc_ops_fill_redirect_addr_option(skb->dev, skb, ops_data);
180 }
181 
182 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
183                                             struct nd_opt_hdr *end)
184 {
185         int type;
186         if (!cur || !end || cur >= end)
187                 return NULL;
188         type = cur->nd_opt_type;
189         do {
190                 cur = ((void *)cur) + (cur->nd_opt_len << 3);
191         } while (cur < end && cur->nd_opt_type != type);
192         return cur <= end && cur->nd_opt_type == type ? cur : NULL;
193 }
194 
195 static inline int ndisc_is_useropt(const struct net_device *dev,
196                                    struct nd_opt_hdr *opt)
197 {
198         return opt->nd_opt_type == ND_OPT_RDNSS ||
199                 opt->nd_opt_type == ND_OPT_DNSSL ||
200                 ndisc_ops_is_useropt(dev, opt->nd_opt_type);
201 }
202 
203 static struct nd_opt_hdr *ndisc_next_useropt(const struct net_device *dev,
204                                              struct nd_opt_hdr *cur,
205                                              struct nd_opt_hdr *end)
206 {
207         if (!cur || !end || cur >= end)
208                 return NULL;
209         do {
210                 cur = ((void *)cur) + (cur->nd_opt_len << 3);
211         } while (cur < end && !ndisc_is_useropt(dev, cur));
212         return cur <= end && ndisc_is_useropt(dev, cur) ? cur : NULL;
213 }
214 
215 struct ndisc_options *ndisc_parse_options(const struct net_device *dev,
216                                           u8 *opt, int opt_len,
217                                           struct ndisc_options *ndopts)
218 {
219         struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
220 
221         if (!nd_opt || opt_len < 0 || !ndopts)
222                 return NULL;
223         memset(ndopts, 0, sizeof(*ndopts));
224         while (opt_len) {
225                 int l;
226                 if (opt_len < sizeof(struct nd_opt_hdr))
227                         return NULL;
228                 l = nd_opt->nd_opt_len << 3;
229                 if (opt_len < l || l == 0)
230                         return NULL;
231                 if (ndisc_ops_parse_options(dev, nd_opt, ndopts))
232                         goto next_opt;
233                 switch (nd_opt->nd_opt_type) {
234                 case ND_OPT_SOURCE_LL_ADDR:
235                 case ND_OPT_TARGET_LL_ADDR:
236                 case ND_OPT_MTU:
237                 case ND_OPT_NONCE:
238                 case ND_OPT_REDIRECT_HDR:
239                         if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
240                                 ND_PRINTK(2, warn,
241                                           "%s: duplicated ND6 option found: type=%d\n",
242                                           __func__, nd_opt->nd_opt_type);
243                         } else {
244                                 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
245                         }
246                         break;
247                 case ND_OPT_PREFIX_INFO:
248                         ndopts->nd_opts_pi_end = nd_opt;
249                         if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
250                                 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
251                         break;
252 #ifdef CONFIG_IPV6_ROUTE_INFO
253                 case ND_OPT_ROUTE_INFO:
254                         ndopts->nd_opts_ri_end = nd_opt;
255                         if (!ndopts->nd_opts_ri)
256                                 ndopts->nd_opts_ri = nd_opt;
257                         break;
258 #endif
259                 default:
260                         if (ndisc_is_useropt(dev, nd_opt)) {
261                                 ndopts->nd_useropts_end = nd_opt;
262                                 if (!ndopts->nd_useropts)
263                                         ndopts->nd_useropts = nd_opt;
264                         } else {
265                                 /*
266                                  * Unknown options must be silently ignored,
267                                  * to accommodate future extension to the
268                                  * protocol.
269                                  */
270                                 ND_PRINTK(2, notice,
271                                           "%s: ignored unsupported option; type=%d, len=%d\n",
272                                           __func__,
273                                           nd_opt->nd_opt_type,
274                                           nd_opt->nd_opt_len);
275                         }
276                 }
277 next_opt:
278                 opt_len -= l;
279                 nd_opt = ((void *)nd_opt) + l;
280         }
281         return ndopts;
282 }
283 
284 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
285 {
286         switch (dev->type) {
287         case ARPHRD_ETHER:
288         case ARPHRD_IEEE802:    /* Not sure. Check it later. --ANK */
289         case ARPHRD_FDDI:
290                 ipv6_eth_mc_map(addr, buf);
291                 return 0;
292         case ARPHRD_ARCNET:
293                 ipv6_arcnet_mc_map(addr, buf);
294                 return 0;
295         case ARPHRD_INFINIBAND:
296                 ipv6_ib_mc_map(addr, dev->broadcast, buf);
297                 return 0;
298         case ARPHRD_IPGRE:
299                 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
300         default:
301                 if (dir) {
302                         memcpy(buf, dev->broadcast, dev->addr_len);
303                         return 0;
304                 }
305         }
306         return -EINVAL;
307 }
308 EXPORT_SYMBOL(ndisc_mc_map);
309 
310 static u32 ndisc_hash(const void *pkey,
311                       const struct net_device *dev,
312                       __u32 *hash_rnd)
313 {
314         return ndisc_hashfn(pkey, dev, hash_rnd);
315 }
316 
317 static bool ndisc_key_eq(const struct neighbour *n, const void *pkey)
318 {
319         return neigh_key_eq128(n, pkey);
320 }
321 
322 static int ndisc_constructor(struct neighbour *neigh)
323 {
324         struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
325         struct net_device *dev = neigh->dev;
326         struct inet6_dev *in6_dev;
327         struct neigh_parms *parms;
328         bool is_multicast = ipv6_addr_is_multicast(addr);
329 
330         in6_dev = in6_dev_get(dev);
331         if (!in6_dev) {
332                 return -EINVAL;
333         }
334 
335         parms = in6_dev->nd_parms;
336         __neigh_parms_put(neigh->parms);
337         neigh->parms = neigh_parms_clone(parms);
338 
339         neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
340         if (!dev->header_ops) {
341                 neigh->nud_state = NUD_NOARP;
342                 neigh->ops = &ndisc_direct_ops;
343                 neigh->output = neigh_direct_output;
344         } else {
345                 if (is_multicast) {
346                         neigh->nud_state = NUD_NOARP;
347                         ndisc_mc_map(addr, neigh->ha, dev, 1);
348                 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
349                         neigh->nud_state = NUD_NOARP;
350                         memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
351                         if (dev->flags&IFF_LOOPBACK)
352                                 neigh->type = RTN_LOCAL;
353                 } else if (dev->flags&IFF_POINTOPOINT) {
354                         neigh->nud_state = NUD_NOARP;
355                         memcpy(neigh->ha, dev->broadcast, dev->addr_len);
356                 }
357                 if (dev->header_ops->cache)
358                         neigh->ops = &ndisc_hh_ops;
359                 else
360                         neigh->ops = &ndisc_generic_ops;
361                 if (neigh->nud_state&NUD_VALID)
362                         neigh->output = neigh->ops->connected_output;
363                 else
364                         neigh->output = neigh->ops->output;
365         }
366         in6_dev_put(in6_dev);
367         return 0;
368 }
369 
370 static int pndisc_constructor(struct pneigh_entry *n)
371 {
372         struct in6_addr *addr = (struct in6_addr *)&n->key;
373         struct in6_addr maddr;
374         struct net_device *dev = n->dev;
375 
376         if (!dev || !__in6_dev_get(dev))
377                 return -EINVAL;
378         addrconf_addr_solict_mult(addr, &maddr);
379         ipv6_dev_mc_inc(dev, &maddr);
380         return 0;
381 }
382 
383 static void pndisc_destructor(struct pneigh_entry *n)
384 {
385         struct in6_addr *addr = (struct in6_addr *)&n->key;
386         struct in6_addr maddr;
387         struct net_device *dev = n->dev;
388 
389         if (!dev || !__in6_dev_get(dev))
390                 return;
391         addrconf_addr_solict_mult(addr, &maddr);
392         ipv6_dev_mc_dec(dev, &maddr);
393 }
394 
395 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
396                                        int len)
397 {
398         int hlen = LL_RESERVED_SPACE(dev);
399         int tlen = dev->needed_tailroom;
400         struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
401         struct sk_buff *skb;
402 
403         skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
404         if (!skb) {
405                 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
406                           __func__);
407                 return NULL;
408         }
409 
410         skb->protocol = htons(ETH_P_IPV6);
411         skb->dev = dev;
412 
413         skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
414         skb_reset_transport_header(skb);
415 
416         /* Manually assign socket ownership as we avoid calling
417          * sock_alloc_send_pskb() to bypass wmem buffer limits
418          */
419         skb_set_owner_w(skb, sk);
420 
421         return skb;
422 }
423 
424 static void ip6_nd_hdr(struct sk_buff *skb,
425                        const struct in6_addr *saddr,
426                        const struct in6_addr *daddr,
427                        int hop_limit, int len)
428 {
429         struct ipv6hdr *hdr;
430         struct inet6_dev *idev;
431         unsigned tclass;
432 
433         rcu_read_lock();
434         idev = __in6_dev_get(skb->dev);
435         tclass = idev ? idev->cnf.ndisc_tclass : 0;
436         rcu_read_unlock();
437 
438         skb_push(skb, sizeof(*hdr));
439         skb_reset_network_header(skb);
440         hdr = ipv6_hdr(skb);
441 
442         ip6_flow_hdr(hdr, tclass, 0);
443 
444         hdr->payload_len = htons(len);
445         hdr->nexthdr = IPPROTO_ICMPV6;
446         hdr->hop_limit = hop_limit;
447 
448         hdr->saddr = *saddr;
449         hdr->daddr = *daddr;
450 }
451 
452 static void ndisc_send_skb(struct sk_buff *skb,
453                            const struct in6_addr *daddr,
454                            const struct in6_addr *saddr)
455 {
456         struct dst_entry *dst = skb_dst(skb);
457         struct net *net = dev_net(skb->dev);
458         struct sock *sk = net->ipv6.ndisc_sk;
459         struct inet6_dev *idev;
460         int err;
461         struct icmp6hdr *icmp6h = icmp6_hdr(skb);
462         u8 type;
463 
464         type = icmp6h->icmp6_type;
465 
466         if (!dst) {
467                 struct flowi6 fl6;
468                 int oif = skb->dev->ifindex;
469 
470                 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, oif);
471                 dst = icmp6_dst_alloc(skb->dev, &fl6);
472                 if (IS_ERR(dst)) {
473                         kfree_skb(skb);
474                         return;
475                 }
476 
477                 skb_dst_set(skb, dst);
478         }
479 
480         icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
481                                               IPPROTO_ICMPV6,
482                                               csum_partial(icmp6h,
483                                                            skb->len, 0));
484 
485         ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
486 
487         rcu_read_lock();
488         idev = __in6_dev_get(dst->dev);
489         IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
490 
491         err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
492                       net, sk, skb, NULL, dst->dev,
493                       dst_output);
494         if (!err) {
495                 ICMP6MSGOUT_INC_STATS(net, idev, type);
496                 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
497         }
498 
499         rcu_read_unlock();
500 }
501 
502 void ndisc_send_na(struct net_device *dev, const struct in6_addr *daddr,
503                    const struct in6_addr *solicited_addr,
504                    bool router, bool solicited, bool override, bool inc_opt)
505 {
506         struct sk_buff *skb;
507         struct in6_addr tmpaddr;
508         struct inet6_ifaddr *ifp;
509         const struct in6_addr *src_addr;
510         struct nd_msg *msg;
511         int optlen = 0;
512 
513         /* for anycast or proxy, solicited_addr != src_addr */
514         ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
515         if (ifp) {
516                 src_addr = solicited_addr;
517                 if (ifp->flags & IFA_F_OPTIMISTIC)
518                         override = false;
519                 inc_opt |= ifp->idev->cnf.force_tllao;
520                 in6_ifa_put(ifp);
521         } else {
522                 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
523                                        inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
524                                        &tmpaddr))
525                         return;
526                 src_addr = &tmpaddr;
527         }
528 
529         if (!dev->addr_len)
530                 inc_opt = false;
531         if (inc_opt)
532                 optlen += ndisc_opt_addr_space(dev,
533                                                NDISC_NEIGHBOUR_ADVERTISEMENT);
534 
535         skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
536         if (!skb)
537                 return;
538 
539         msg = skb_put(skb, sizeof(*msg));
540         *msg = (struct nd_msg) {
541                 .icmph = {
542                         .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
543                         .icmp6_router = router,
544                         .icmp6_solicited = solicited,
545                         .icmp6_override = override,
546                 },
547                 .target = *solicited_addr,
548         };
549 
550         if (inc_opt)
551                 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
552                                        dev->dev_addr,
553                                        NDISC_NEIGHBOUR_ADVERTISEMENT);
554 
555         ndisc_send_skb(skb, daddr, src_addr);
556 }
557 
558 static void ndisc_send_unsol_na(struct net_device *dev)
559 {
560         struct inet6_dev *idev;
561         struct inet6_ifaddr *ifa;
562 
563         idev = in6_dev_get(dev);
564         if (!idev)
565                 return;
566 
567         read_lock_bh(&idev->lock);
568         list_for_each_entry(ifa, &idev->addr_list, if_list) {
569                 /* skip tentative addresses until dad completes */
570                 if (ifa->flags & IFA_F_TENTATIVE &&
571                     !(ifa->flags & IFA_F_OPTIMISTIC))
572                         continue;
573 
574                 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &ifa->addr,
575                               /*router=*/ !!idev->cnf.forwarding,
576                               /*solicited=*/ false, /*override=*/ true,
577                               /*inc_opt=*/ true);
578         }
579         read_unlock_bh(&idev->lock);
580 
581         in6_dev_put(idev);
582 }
583 
584 void ndisc_send_ns(struct net_device *dev, const struct in6_addr *solicit,
585                    const struct in6_addr *daddr, const struct in6_addr *saddr,
586                    u64 nonce)
587 {
588         struct sk_buff *skb;
589         struct in6_addr addr_buf;
590         int inc_opt = dev->addr_len;
591         int optlen = 0;
592         struct nd_msg *msg;
593 
594         if (!saddr) {
595                 if (ipv6_get_lladdr(dev, &addr_buf,
596                                    (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
597                         return;
598                 saddr = &addr_buf;
599         }
600 
601         if (ipv6_addr_any(saddr))
602                 inc_opt = false;
603         if (inc_opt)
604                 optlen += ndisc_opt_addr_space(dev,
605                                                NDISC_NEIGHBOUR_SOLICITATION);
606         if (nonce != 0)
607                 optlen += 8;
608 
609         skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
610         if (!skb)
611                 return;
612 
613         msg = skb_put(skb, sizeof(*msg));
614         *msg = (struct nd_msg) {
615                 .icmph = {
616                         .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
617                 },
618                 .target = *solicit,
619         };
620 
621         if (inc_opt)
622                 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
623                                        dev->dev_addr,
624                                        NDISC_NEIGHBOUR_SOLICITATION);
625         if (nonce != 0) {
626                 u8 *opt = skb_put(skb, 8);
627 
628                 opt[0] = ND_OPT_NONCE;
629                 opt[1] = 8 >> 3;
630                 memcpy(opt + 2, &nonce, 6);
631         }
632 
633         ndisc_send_skb(skb, daddr, saddr);
634 }
635 
636 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
637                    const struct in6_addr *daddr)
638 {
639         struct sk_buff *skb;
640         struct rs_msg *msg;
641         int send_sllao = dev->addr_len;
642         int optlen = 0;
643 
644 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
645         /*
646          * According to section 2.2 of RFC 4429, we must not
647          * send router solicitations with a sllao from
648          * optimistic addresses, but we may send the solicitation
649          * if we don't include the sllao.  So here we check
650          * if our address is optimistic, and if so, we
651          * suppress the inclusion of the sllao.
652          */
653         if (send_sllao) {
654                 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
655                                                            dev, 1);
656                 if (ifp) {
657                         if (ifp->flags & IFA_F_OPTIMISTIC)  {
658                                 send_sllao = 0;
659                         }
660                         in6_ifa_put(ifp);
661                 } else {
662                         send_sllao = 0;
663                 }
664         }
665 #endif
666         if (send_sllao)
667                 optlen += ndisc_opt_addr_space(dev, NDISC_ROUTER_SOLICITATION);
668 
669         skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
670         if (!skb)
671                 return;
672 
673         msg = skb_put(skb, sizeof(*msg));
674         *msg = (struct rs_msg) {
675                 .icmph = {
676                         .icmp6_type = NDISC_ROUTER_SOLICITATION,
677                 },
678         };
679 
680         if (send_sllao)
681                 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
682                                        dev->dev_addr,
683                                        NDISC_ROUTER_SOLICITATION);
684 
685         ndisc_send_skb(skb, daddr, saddr);
686 }
687 
688 
689 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
690 {
691         /*
692          *      "The sender MUST return an ICMP
693          *       destination unreachable"
694          */
695         dst_link_failure(skb);
696         kfree_skb(skb);
697 }
698 
699 /* Called with locked neigh: either read or both */
700 
701 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
702 {
703         struct in6_addr *saddr = NULL;
704         struct in6_addr mcaddr;
705         struct net_device *dev = neigh->dev;
706         struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
707         int probes = atomic_read(&neigh->probes);
708 
709         if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
710                                            dev, false, 1,
711                                            IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
712                 saddr = &ipv6_hdr(skb)->saddr;
713         probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
714         if (probes < 0) {
715                 if (!(neigh->nud_state & NUD_VALID)) {
716                         ND_PRINTK(1, dbg,
717                                   "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
718                                   __func__, target);
719                 }
720                 ndisc_send_ns(dev, target, target, saddr, 0);
721         } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
722                 neigh_app_ns(neigh);
723         } else {
724                 addrconf_addr_solict_mult(target, &mcaddr);
725                 ndisc_send_ns(dev, target, &mcaddr, saddr, 0);
726         }
727 }
728 
729 static int pndisc_is_router(const void *pkey,
730                             struct net_device *dev)
731 {
732         struct pneigh_entry *n;
733         int ret = -1;
734 
735         read_lock_bh(&nd_tbl.lock);
736         n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
737         if (n)
738                 ret = !!(n->flags & NTF_ROUTER);
739         read_unlock_bh(&nd_tbl.lock);
740 
741         return ret;
742 }
743 
744 void ndisc_update(const struct net_device *dev, struct neighbour *neigh,
745                   const u8 *lladdr, u8 new, u32 flags, u8 icmp6_type,
746                   struct ndisc_options *ndopts)
747 {
748         neigh_update(neigh, lladdr, new, flags, 0);
749         /* report ndisc ops about neighbour update */
750         ndisc_ops_update(dev, neigh, flags, icmp6_type, ndopts);
751 }
752 
753 static void ndisc_recv_ns(struct sk_buff *skb)
754 {
755         struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
756         const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
757         const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
758         u8 *lladdr = NULL;
759         u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
760                                     offsetof(struct nd_msg, opt));
761         struct ndisc_options ndopts;
762         struct net_device *dev = skb->dev;
763         struct inet6_ifaddr *ifp;
764         struct inet6_dev *idev = NULL;
765         struct neighbour *neigh;
766         int dad = ipv6_addr_any(saddr);
767         bool inc;
768         int is_router = -1;
769         u64 nonce = 0;
770 
771         if (skb->len < sizeof(struct nd_msg)) {
772                 ND_PRINTK(2, warn, "NS: packet too short\n");
773                 return;
774         }
775 
776         if (ipv6_addr_is_multicast(&msg->target)) {
777                 ND_PRINTK(2, warn, "NS: multicast target address\n");
778                 return;
779         }
780 
781         /*
782          * RFC2461 7.1.1:
783          * DAD has to be destined for solicited node multicast address.
784          */
785         if (dad && !ipv6_addr_is_solict_mult(daddr)) {
786                 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
787                 return;
788         }
789 
790         if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
791                 ND_PRINTK(2, warn, "NS: invalid ND options\n");
792                 return;
793         }
794 
795         if (ndopts.nd_opts_src_lladdr) {
796                 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
797                 if (!lladdr) {
798                         ND_PRINTK(2, warn,
799                                   "NS: invalid link-layer address length\n");
800                         return;
801                 }
802 
803                 /* RFC2461 7.1.1:
804                  *      If the IP source address is the unspecified address,
805                  *      there MUST NOT be source link-layer address option
806                  *      in the message.
807                  */
808                 if (dad) {
809                         ND_PRINTK(2, warn,
810                                   "NS: bad DAD packet (link-layer address option)\n");
811                         return;
812                 }
813         }
814         if (ndopts.nd_opts_nonce && ndopts.nd_opts_nonce->nd_opt_len == 1)
815                 memcpy(&nonce, (u8 *)(ndopts.nd_opts_nonce + 1), 6);
816 
817         inc = ipv6_addr_is_multicast(daddr);
818 
819         ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
820         if (ifp) {
821 have_ifp:
822                 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
823                         if (dad) {
824                                 if (nonce != 0 && ifp->dad_nonce == nonce) {
825                                         u8 *np = (u8 *)&nonce;
826                                         /* Matching nonce if looped back */
827                                         ND_PRINTK(2, notice,
828                                                   "%s: IPv6 DAD loopback for address %pI6c nonce %pM ignored\n",
829                                                   ifp->idev->dev->name,
830                                                   &ifp->addr, np);
831                                         goto out;
832                                 }
833                                 /*
834                                  * We are colliding with another node
835                                  * who is doing DAD
836                                  * so fail our DAD process
837                                  */
838                                 addrconf_dad_failure(skb, ifp);
839                                 return;
840                         } else {
841                                 /*
842                                  * This is not a dad solicitation.
843                                  * If we are an optimistic node,
844                                  * we should respond.
845                                  * Otherwise, we should ignore it.
846                                  */
847                                 if (!(ifp->flags & IFA_F_OPTIMISTIC))
848                                         goto out;
849                         }
850                 }
851 
852                 idev = ifp->idev;
853         } else {
854                 struct net *net = dev_net(dev);
855 
856                 /* perhaps an address on the master device */
857                 if (netif_is_l3_slave(dev)) {
858                         struct net_device *mdev;
859 
860                         mdev = netdev_master_upper_dev_get_rcu(dev);
861                         if (mdev) {
862                                 ifp = ipv6_get_ifaddr(net, &msg->target, mdev, 1);
863                                 if (ifp)
864                                         goto have_ifp;
865                         }
866                 }
867 
868                 idev = in6_dev_get(dev);
869                 if (!idev) {
870                         /* XXX: count this drop? */
871                         return;
872                 }
873 
874                 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
875                     (idev->cnf.forwarding &&
876                      (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
877                      (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
878                         if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
879                             skb->pkt_type != PACKET_HOST &&
880                             inc &&
881                             NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
882                                 /*
883                                  * for anycast or proxy,
884                                  * sender should delay its response
885                                  * by a random time between 0 and
886                                  * MAX_ANYCAST_DELAY_TIME seconds.
887                                  * (RFC2461) -- yoshfuji
888                                  */
889                                 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
890                                 if (n)
891                                         pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
892                                 goto out;
893                         }
894                 } else
895                         goto out;
896         }
897 
898         if (is_router < 0)
899                 is_router = idev->cnf.forwarding;
900 
901         if (dad) {
902                 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &msg->target,
903                               !!is_router, false, (ifp != NULL), true);
904                 goto out;
905         }
906 
907         if (inc)
908                 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
909         else
910                 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
911 
912         /*
913          *      update / create cache entry
914          *      for the source address
915          */
916         neigh = __neigh_lookup(&nd_tbl, saddr, dev,
917                                !inc || lladdr || !dev->addr_len);
918         if (neigh)
919                 ndisc_update(dev, neigh, lladdr, NUD_STALE,
920                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
921                              NEIGH_UPDATE_F_OVERRIDE,
922                              NDISC_NEIGHBOUR_SOLICITATION, &ndopts);
923         if (neigh || !dev->header_ops) {
924                 ndisc_send_na(dev, saddr, &msg->target, !!is_router,
925                               true, (ifp != NULL && inc), inc);
926                 if (neigh)
927                         neigh_release(neigh);
928         }
929 
930 out:
931         if (ifp)
932                 in6_ifa_put(ifp);
933         else
934                 in6_dev_put(idev);
935 }
936 
937 static void ndisc_recv_na(struct sk_buff *skb)
938 {
939         struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
940         struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
941         const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
942         u8 *lladdr = NULL;
943         u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
944                                     offsetof(struct nd_msg, opt));
945         struct ndisc_options ndopts;
946         struct net_device *dev = skb->dev;
947         struct inet6_dev *idev = __in6_dev_get(dev);
948         struct inet6_ifaddr *ifp;
949         struct neighbour *neigh;
950 
951         if (skb->len < sizeof(struct nd_msg)) {
952                 ND_PRINTK(2, warn, "NA: packet too short\n");
953                 return;
954         }
955 
956         if (ipv6_addr_is_multicast(&msg->target)) {
957                 ND_PRINTK(2, warn, "NA: target address is multicast\n");
958                 return;
959         }
960 
961         if (ipv6_addr_is_multicast(daddr) &&
962             msg->icmph.icmp6_solicited) {
963                 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
964                 return;
965         }
966 
967         /* For some 802.11 wireless deployments (and possibly other networks),
968          * there will be a NA proxy and unsolicitd packets are attacks
969          * and thus should not be accepted.
970          */
971         if (!msg->icmph.icmp6_solicited && idev &&
972             idev->cnf.drop_unsolicited_na)
973                 return;
974 
975         if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
976                 ND_PRINTK(2, warn, "NS: invalid ND option\n");
977                 return;
978         }
979         if (ndopts.nd_opts_tgt_lladdr) {
980                 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
981                 if (!lladdr) {
982                         ND_PRINTK(2, warn,
983                                   "NA: invalid link-layer address length\n");
984                         return;
985                 }
986         }
987         ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
988         if (ifp) {
989                 if (skb->pkt_type != PACKET_LOOPBACK
990                     && (ifp->flags & IFA_F_TENTATIVE)) {
991                                 addrconf_dad_failure(skb, ifp);
992                                 return;
993                 }
994                 /* What should we make now? The advertisement
995                    is invalid, but ndisc specs say nothing
996                    about it. It could be misconfiguration, or
997                    an smart proxy agent tries to help us :-)
998 
999                    We should not print the error if NA has been
1000                    received from loopback - it is just our own
1001                    unsolicited advertisement.
1002                  */
1003                 if (skb->pkt_type != PACKET_LOOPBACK)
1004                         ND_PRINTK(1, warn,
1005                                   "NA: %pM advertised our address %pI6c on %s!\n",
1006                                   eth_hdr(skb)->h_source, &ifp->addr, ifp->idev->dev->name);
1007                 in6_ifa_put(ifp);
1008                 return;
1009         }
1010         neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
1011 
1012         if (neigh) {
1013                 u8 old_flags = neigh->flags;
1014                 struct net *net = dev_net(dev);
1015 
1016                 if (neigh->nud_state & NUD_FAILED)
1017                         goto out;
1018 
1019                 /*
1020                  * Don't update the neighbor cache entry on a proxy NA from
1021                  * ourselves because either the proxied node is off link or it
1022                  * has already sent a NA to us.
1023                  */
1024                 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
1025                     net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
1026                     pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
1027                         /* XXX: idev->cnf.proxy_ndp */
1028                         goto out;
1029                 }
1030 
1031                 ndisc_update(dev, neigh, lladdr,
1032                              msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
1033                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
1034                              (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
1035                              NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1036                              (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0),
1037                              NDISC_NEIGHBOUR_ADVERTISEMENT, &ndopts);
1038 
1039                 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
1040                         /*
1041                          * Change: router to host
1042                          */
1043                         rt6_clean_tohost(dev_net(dev),  saddr);
1044                 }
1045 
1046 out:
1047                 neigh_release(neigh);
1048         }
1049 }
1050 
1051 static void ndisc_recv_rs(struct sk_buff *skb)
1052 {
1053         struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1054         unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1055         struct neighbour *neigh;
1056         struct inet6_dev *idev;
1057         const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1058         struct ndisc_options ndopts;
1059         u8 *lladdr = NULL;
1060 
1061         if (skb->len < sizeof(*rs_msg))
1062                 return;
1063 
1064         idev = __in6_dev_get(skb->dev);
1065         if (!idev) {
1066                 ND_PRINTK(1, err, "RS: can't find in6 device\n");
1067                 return;
1068         }
1069 
1070         /* Don't accept RS if we're not in router mode */
1071         if (!idev->cnf.forwarding)
1072                 goto out;
1073 
1074         /*
1075          * Don't update NCE if src = ::;
1076          * this implies that the source node has no ip address assigned yet.
1077          */
1078         if (ipv6_addr_any(saddr))
1079                 goto out;
1080 
1081         /* Parse ND options */
1082         if (!ndisc_parse_options(skb->dev, rs_msg->opt, ndoptlen, &ndopts)) {
1083                 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
1084                 goto out;
1085         }
1086 
1087         if (ndopts.nd_opts_src_lladdr) {
1088                 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1089                                              skb->dev);
1090                 if (!lladdr)
1091                         goto out;
1092         }
1093 
1094         neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1095         if (neigh) {
1096                 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1097                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
1098                              NEIGH_UPDATE_F_OVERRIDE|
1099                              NEIGH_UPDATE_F_OVERRIDE_ISROUTER,
1100                              NDISC_ROUTER_SOLICITATION, &ndopts);
1101                 neigh_release(neigh);
1102         }
1103 out:
1104         return;
1105 }
1106 
1107 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1108 {
1109         struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1110         struct sk_buff *skb;
1111         struct nlmsghdr *nlh;
1112         struct nduseroptmsg *ndmsg;
1113         struct net *net = dev_net(ra->dev);
1114         int err;
1115         int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1116                                     + (opt->nd_opt_len << 3));
1117         size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1118 
1119         skb = nlmsg_new(msg_size, GFP_ATOMIC);
1120         if (!skb) {
1121                 err = -ENOBUFS;
1122                 goto errout;
1123         }
1124 
1125         nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1126         if (!nlh) {
1127                 goto nla_put_failure;
1128         }
1129 
1130         ndmsg = nlmsg_data(nlh);
1131         ndmsg->nduseropt_family = AF_INET6;
1132         ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1133         ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1134         ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1135         ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1136 
1137         memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1138 
1139         if (nla_put_in6_addr(skb, NDUSEROPT_SRCADDR, &ipv6_hdr(ra)->saddr))
1140                 goto nla_put_failure;
1141         nlmsg_end(skb, nlh);
1142 
1143         rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1144         return;
1145 
1146 nla_put_failure:
1147         nlmsg_free(skb);
1148         err = -EMSGSIZE;
1149 errout:
1150         rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1151 }
1152 
1153 static void ndisc_router_discovery(struct sk_buff *skb)
1154 {
1155         struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1156         struct neighbour *neigh = NULL;
1157         struct inet6_dev *in6_dev;
1158         struct fib6_info *rt = NULL;
1159         struct net *net;
1160         int lifetime;
1161         struct ndisc_options ndopts;
1162         int optlen;
1163         unsigned int pref = 0;
1164         __u32 old_if_flags;
1165         bool send_ifinfo_notify = false;
1166 
1167         __u8 *opt = (__u8 *)(ra_msg + 1);
1168 
1169         optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1170                 sizeof(struct ra_msg);
1171 
1172         ND_PRINTK(2, info,
1173                   "RA: %s, dev: %s\n",
1174                   __func__, skb->dev->name);
1175         if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1176                 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1177                 return;
1178         }
1179         if (optlen < 0) {
1180                 ND_PRINTK(2, warn, "RA: packet too short\n");
1181                 return;
1182         }
1183 
1184 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1185         if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1186                 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1187                 return;
1188         }
1189 #endif
1190 
1191         /*
1192          *      set the RA_RECV flag in the interface
1193          */
1194 
1195         in6_dev = __in6_dev_get(skb->dev);
1196         if (!in6_dev) {
1197                 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1198                           skb->dev->name);
1199                 return;
1200         }
1201 
1202         if (!ndisc_parse_options(skb->dev, opt, optlen, &ndopts)) {
1203                 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1204                 return;
1205         }
1206 
1207         if (!ipv6_accept_ra(in6_dev)) {
1208                 ND_PRINTK(2, info,
1209                           "RA: %s, did not accept ra for dev: %s\n",
1210                           __func__, skb->dev->name);
1211                 goto skip_linkparms;
1212         }
1213 
1214 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1215         /* skip link-specific parameters from interior routers */
1216         if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1217                 ND_PRINTK(2, info,
1218                           "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1219                           __func__, skb->dev->name);
1220                 goto skip_linkparms;
1221         }
1222 #endif
1223 
1224         if (in6_dev->if_flags & IF_RS_SENT) {
1225                 /*
1226                  *      flag that an RA was received after an RS was sent
1227                  *      out on this interface.
1228                  */
1229                 in6_dev->if_flags |= IF_RA_RCVD;
1230         }
1231 
1232         /*
1233          * Remember the managed/otherconf flags from most recently
1234          * received RA message (RFC 2462) -- yoshfuji
1235          */
1236         old_if_flags = in6_dev->if_flags;
1237         in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1238                                 IF_RA_OTHERCONF)) |
1239                                 (ra_msg->icmph.icmp6_addrconf_managed ?
1240                                         IF_RA_MANAGED : 0) |
1241                                 (ra_msg->icmph.icmp6_addrconf_other ?
1242                                         IF_RA_OTHERCONF : 0);
1243 
1244         if (old_if_flags != in6_dev->if_flags)
1245                 send_ifinfo_notify = true;
1246 
1247         if (!in6_dev->cnf.accept_ra_defrtr) {
1248                 ND_PRINTK(2, info,
1249                           "RA: %s, defrtr is false for dev: %s\n",
1250                           __func__, skb->dev->name);
1251                 goto skip_defrtr;
1252         }
1253 
1254         /* Do not accept RA with source-addr found on local machine unless
1255          * accept_ra_from_local is set to true.
1256          */
1257         net = dev_net(in6_dev->dev);
1258         if (!in6_dev->cnf.accept_ra_from_local &&
1259             ipv6_chk_addr(net, &ipv6_hdr(skb)->saddr, in6_dev->dev, 0)) {
1260                 ND_PRINTK(2, info,
1261                           "RA from local address detected on dev: %s: default router ignored\n",
1262                           skb->dev->name);
1263                 goto skip_defrtr;
1264         }
1265 
1266         lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1267 
1268 #ifdef CONFIG_IPV6_ROUTER_PREF
1269         pref = ra_msg->icmph.icmp6_router_pref;
1270         /* 10b is handled as if it were 00b (medium) */
1271         if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1272             !in6_dev->cnf.accept_ra_rtr_pref)
1273                 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1274 #endif
1275 
1276         rt = rt6_get_dflt_router(net, &ipv6_hdr(skb)->saddr, skb->dev);
1277 
1278         if (rt) {
1279                 neigh = ip6_neigh_lookup(&rt->fib6_nh.nh_gw,
1280                                          rt->fib6_nh.nh_dev, NULL,
1281                                           &ipv6_hdr(skb)->saddr);
1282                 if (!neigh) {
1283                         ND_PRINTK(0, err,
1284                                   "RA: %s got default router without neighbour\n",
1285                                   __func__);
1286                         fib6_info_release(rt);
1287                         return;
1288                 }
1289         }
1290         if (rt && lifetime == 0) {
1291                 ip6_del_rt(net, rt);
1292                 rt = NULL;
1293         }
1294 
1295         ND_PRINTK(3, info, "RA: rt: %p  lifetime: %d, for dev: %s\n",
1296                   rt, lifetime, skb->dev->name);
1297         if (!rt && lifetime) {
1298                 ND_PRINTK(3, info, "RA: adding default router\n");
1299 
1300                 rt = rt6_add_dflt_router(net, &ipv6_hdr(skb)->saddr,
1301                                          skb->dev, pref);
1302                 if (!rt) {
1303                         ND_PRINTK(0, err,
1304                                   "RA: %s failed to add default route\n",
1305                                   __func__);
1306                         return;
1307                 }
1308 
1309                 neigh = ip6_neigh_lookup(&rt->fib6_nh.nh_gw,
1310                                          rt->fib6_nh.nh_dev, NULL,
1311                                           &ipv6_hdr(skb)->saddr);
1312                 if (!neigh) {
1313                         ND_PRINTK(0, err,
1314                                   "RA: %s got default router without neighbour\n",
1315                                   __func__);
1316                         fib6_info_release(rt);
1317                         return;
1318                 }
1319                 neigh->flags |= NTF_ROUTER;
1320         } else if (rt) {
1321                 rt->fib6_flags = (rt->fib6_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1322         }
1323 
1324         if (rt)
1325                 fib6_set_expires(rt, jiffies + (HZ * lifetime));
1326         if (in6_dev->cnf.accept_ra_min_hop_limit < 256 &&
1327             ra_msg->icmph.icmp6_hop_limit) {
1328                 if (in6_dev->cnf.accept_ra_min_hop_limit <= ra_msg->icmph.icmp6_hop_limit) {
1329                         in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1330                         fib6_metric_set(rt, RTAX_HOPLIMIT,
1331                                         ra_msg->icmph.icmp6_hop_limit);
1332                 } else {
1333                         ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than minimum\n");
1334                 }
1335         }
1336 
1337 skip_defrtr:
1338 
1339         /*
1340          *      Update Reachable Time and Retrans Timer
1341          */
1342 
1343         if (in6_dev->nd_parms) {
1344                 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1345 
1346                 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1347                         rtime = (rtime*HZ)/1000;
1348                         if (rtime < HZ/10)
1349                                 rtime = HZ/10;
1350                         NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1351                         in6_dev->tstamp = jiffies;
1352                         send_ifinfo_notify = true;
1353                 }
1354 
1355                 rtime = ntohl(ra_msg->reachable_time);
1356                 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1357                         rtime = (rtime*HZ)/1000;
1358 
1359                         if (rtime < HZ/10)
1360                                 rtime = HZ/10;
1361 
1362                         if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1363                                 NEIGH_VAR_SET(in6_dev->nd_parms,
1364                                               BASE_REACHABLE_TIME, rtime);
1365                                 NEIGH_VAR_SET(in6_dev->nd_parms,
1366                                               GC_STALETIME, 3 * rtime);
1367                                 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1368                                 in6_dev->tstamp = jiffies;
1369                                 send_ifinfo_notify = true;
1370                         }
1371                 }
1372         }
1373 
1374         /*
1375          *      Send a notify if RA changed managed/otherconf flags or timer settings
1376          */
1377         if (send_ifinfo_notify)
1378                 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1379 
1380 skip_linkparms:
1381 
1382         /*
1383          *      Process options.
1384          */
1385 
1386         if (!neigh)
1387                 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1388                                        skb->dev, 1);
1389         if (neigh) {
1390                 u8 *lladdr = NULL;
1391                 if (ndopts.nd_opts_src_lladdr) {
1392                         lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1393                                                      skb->dev);
1394                         if (!lladdr) {
1395                                 ND_PRINTK(2, warn,
1396                                           "RA: invalid link-layer address length\n");
1397                                 goto out;
1398                         }
1399                 }
1400                 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1401                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
1402                              NEIGH_UPDATE_F_OVERRIDE|
1403                              NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1404                              NEIGH_UPDATE_F_ISROUTER,
1405                              NDISC_ROUTER_ADVERTISEMENT, &ndopts);
1406         }
1407 
1408         if (!ipv6_accept_ra(in6_dev)) {
1409                 ND_PRINTK(2, info,
1410                           "RA: %s, accept_ra is false for dev: %s\n",
1411                           __func__, skb->dev->name);
1412                 goto out;
1413         }
1414 
1415 #ifdef CONFIG_IPV6_ROUTE_INFO
1416         if (!in6_dev->cnf.accept_ra_from_local &&
1417             ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1418                           in6_dev->dev, 0)) {
1419                 ND_PRINTK(2, info,
1420                           "RA from local address detected on dev: %s: router info ignored.\n",
1421                           skb->dev->name);
1422                 goto skip_routeinfo;
1423         }
1424 
1425         if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1426                 struct nd_opt_hdr *p;
1427                 for (p = ndopts.nd_opts_ri;
1428                      p;
1429                      p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1430                         struct route_info *ri = (struct route_info *)p;
1431 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1432                         if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1433                             ri->prefix_len == 0)
1434                                 continue;
1435 #endif
1436                         if (ri->prefix_len == 0 &&
1437                             !in6_dev->cnf.accept_ra_defrtr)
1438                                 continue;
1439                         if (ri->prefix_len < in6_dev->cnf.accept_ra_rt_info_min_plen)
1440                                 continue;
1441                         if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1442                                 continue;
1443                         rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1444                                       &ipv6_hdr(skb)->saddr);
1445                 }
1446         }
1447 
1448 skip_routeinfo:
1449 #endif
1450 
1451 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1452         /* skip link-specific ndopts from interior routers */
1453         if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1454                 ND_PRINTK(2, info,
1455                           "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1456                           __func__, skb->dev->name);
1457                 goto out;
1458         }
1459 #endif
1460 
1461         if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1462                 struct nd_opt_hdr *p;
1463                 for (p = ndopts.nd_opts_pi;
1464                      p;
1465                      p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1466                         addrconf_prefix_rcv(skb->dev, (u8 *)p,
1467                                             (p->nd_opt_len) << 3,
1468                                             ndopts.nd_opts_src_lladdr != NULL);
1469                 }
1470         }
1471 
1472         if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1473                 __be32 n;
1474                 u32 mtu;
1475 
1476                 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1477                 mtu = ntohl(n);
1478 
1479                 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1480                         ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1481                 } else if (in6_dev->cnf.mtu6 != mtu) {
1482                         in6_dev->cnf.mtu6 = mtu;
1483                         fib6_metric_set(rt, RTAX_MTU, mtu);
1484                         rt6_mtu_change(skb->dev, mtu);
1485                 }
1486         }
1487 
1488         if (ndopts.nd_useropts) {
1489                 struct nd_opt_hdr *p;
1490                 for (p = ndopts.nd_useropts;
1491                      p;
1492                      p = ndisc_next_useropt(skb->dev, p,
1493                                             ndopts.nd_useropts_end)) {
1494                         ndisc_ra_useropt(skb, p);
1495                 }
1496         }
1497 
1498         if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1499                 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1500         }
1501 out:
1502         fib6_info_release(rt);
1503         if (neigh)
1504                 neigh_release(neigh);
1505 }
1506 
1507 static void ndisc_redirect_rcv(struct sk_buff *skb)
1508 {
1509         u8 *hdr;
1510         struct ndisc_options ndopts;
1511         struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1512         u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1513                                     offsetof(struct rd_msg, opt));
1514 
1515 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1516         switch (skb->ndisc_nodetype) {
1517         case NDISC_NODETYPE_HOST:
1518         case NDISC_NODETYPE_NODEFAULT:
1519                 ND_PRINTK(2, warn,
1520                           "Redirect: from host or unauthorized router\n");
1521                 return;
1522         }
1523 #endif
1524 
1525         if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1526                 ND_PRINTK(2, warn,
1527                           "Redirect: source address is not link-local\n");
1528                 return;
1529         }
1530 
1531         if (!ndisc_parse_options(skb->dev, msg->opt, ndoptlen, &ndopts))
1532                 return;
1533 
1534         if (!ndopts.nd_opts_rh) {
1535                 ip6_redirect_no_header(skb, dev_net(skb->dev),
1536                                         skb->dev->ifindex);
1537                 return;
1538         }
1539 
1540         hdr = (u8 *)ndopts.nd_opts_rh;
1541         hdr += 8;
1542         if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1543                 return;
1544 
1545         icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1546 }
1547 
1548 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1549                                            struct sk_buff *orig_skb,
1550                                            int rd_len)
1551 {
1552         u8 *opt = skb_put(skb, rd_len);
1553 
1554         memset(opt, 0, 8);
1555         *(opt++) = ND_OPT_REDIRECT_HDR;
1556         *(opt++) = (rd_len >> 3);
1557         opt += 6;
1558 
1559         skb_copy_bits(orig_skb, skb_network_offset(orig_skb), opt,
1560                       rd_len - 8);
1561 }
1562 
1563 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1564 {
1565         struct net_device *dev = skb->dev;
1566         struct net *net = dev_net(dev);
1567         struct sock *sk = net->ipv6.ndisc_sk;
1568         int optlen = 0;
1569         struct inet_peer *peer;
1570         struct sk_buff *buff;
1571         struct rd_msg *msg;
1572         struct in6_addr saddr_buf;
1573         struct rt6_info *rt;
1574         struct dst_entry *dst;
1575         struct flowi6 fl6;
1576         int rd_len;
1577         u8 ha_buf[MAX_ADDR_LEN], *ha = NULL,
1578            ops_data_buf[NDISC_OPS_REDIRECT_DATA_SPACE], *ops_data = NULL;
1579         bool ret;
1580 
1581         if (netif_is_l3_master(skb->dev)) {
1582                 dev = __dev_get_by_index(dev_net(skb->dev), IPCB(skb)->iif);
1583                 if (!dev)
1584                         return;
1585         }
1586 
1587         if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1588                 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1589                           dev->name);
1590                 return;
1591         }
1592 
1593         if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1594             ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1595                 ND_PRINTK(2, warn,
1596                           "Redirect: target address is not link-local unicast\n");
1597                 return;
1598         }
1599 
1600         icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1601                          &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1602 
1603         dst = ip6_route_output(net, NULL, &fl6);
1604         if (dst->error) {
1605                 dst_release(dst);
1606                 return;
1607         }
1608         dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1609         if (IS_ERR(dst))
1610                 return;
1611 
1612         rt = (struct rt6_info *) dst;
1613 
1614         if (rt->rt6i_flags & RTF_GATEWAY) {
1615                 ND_PRINTK(2, warn,
1616                           "Redirect: destination is not a neighbour\n");
1617                 goto release;
1618         }
1619         peer = inet_getpeer_v6(net->ipv6.peers, &ipv6_hdr(skb)->saddr, 1);
1620         ret = inet_peer_xrlim_allow(peer, 1*HZ);
1621         if (peer)
1622                 inet_putpeer(peer);
1623         if (!ret)
1624                 goto release;
1625 
1626         if (dev->addr_len) {
1627                 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1628                 if (!neigh) {
1629                         ND_PRINTK(2, warn,
1630                                   "Redirect: no neigh for target address\n");
1631                         goto release;
1632                 }
1633 
1634                 read_lock_bh(&neigh->lock);
1635                 if (neigh->nud_state & NUD_VALID) {
1636                         memcpy(ha_buf, neigh->ha, dev->addr_len);
1637                         read_unlock_bh(&neigh->lock);
1638                         ha = ha_buf;
1639                         optlen += ndisc_redirect_opt_addr_space(dev, neigh,
1640                                                                 ops_data_buf,
1641                                                                 &ops_data);
1642                 } else
1643                         read_unlock_bh(&neigh->lock);
1644 
1645                 neigh_release(neigh);
1646         }
1647 
1648         rd_len = min_t(unsigned int,
1649                        IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1650                        skb->len + 8);
1651         rd_len &= ~0x7;
1652         optlen += rd_len;
1653 
1654         buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1655         if (!buff)
1656                 goto release;
1657 
1658         msg = skb_put(buff, sizeof(*msg));
1659         *msg = (struct rd_msg) {
1660                 .icmph = {
1661                         .icmp6_type = NDISC_REDIRECT,
1662                 },
1663                 .target = *target,
1664                 .dest = ipv6_hdr(skb)->daddr,
1665         };
1666 
1667         /*
1668          *      include target_address option
1669          */
1670 
1671         if (ha)
1672                 ndisc_fill_redirect_addr_option(buff, ha, ops_data);
1673 
1674         /*
1675          *      build redirect option and copy skb over to the new packet.
1676          */
1677 
1678         if (rd_len)
1679                 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1680 
1681         skb_dst_set(buff, dst);
1682         ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1683         return;
1684 
1685 release:
1686         dst_release(dst);
1687 }
1688 
1689 static void pndisc_redo(struct sk_buff *skb)
1690 {
1691         ndisc_recv_ns(skb);
1692         kfree_skb(skb);
1693 }
1694 
1695 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1696 {
1697         struct inet6_dev *idev = __in6_dev_get(skb->dev);
1698 
1699         if (!idev)
1700                 return true;
1701         if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1702             idev->cnf.suppress_frag_ndisc) {
1703                 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1704                 return true;
1705         }
1706         return false;
1707 }
1708 
1709 int ndisc_rcv(struct sk_buff *skb)
1710 {
1711         struct nd_msg *msg;
1712 
1713         if (ndisc_suppress_frag_ndisc(skb))
1714                 return 0;
1715 
1716         if (skb_linearize(skb))
1717                 return 0;
1718 
1719         msg = (struct nd_msg *)skb_transport_header(skb);
1720 
1721         __skb_push(skb, skb->data - skb_transport_header(skb));
1722 
1723         if (ipv6_hdr(skb)->hop_limit != 255) {
1724                 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1725                           ipv6_hdr(skb)->hop_limit);
1726                 return 0;
1727         }
1728 
1729         if (msg->icmph.icmp6_code != 0) {
1730                 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1731                           msg->icmph.icmp6_code);
1732                 return 0;
1733         }
1734 
1735         switch (msg->icmph.icmp6_type) {
1736         case NDISC_NEIGHBOUR_SOLICITATION:
1737                 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1738                 ndisc_recv_ns(skb);
1739                 break;
1740 
1741         case NDISC_NEIGHBOUR_ADVERTISEMENT:
1742                 ndisc_recv_na(skb);
1743                 break;
1744 
1745         case NDISC_ROUTER_SOLICITATION:
1746                 ndisc_recv_rs(skb);
1747                 break;
1748 
1749         case NDISC_ROUTER_ADVERTISEMENT:
1750                 ndisc_router_discovery(skb);
1751                 break;
1752 
1753         case NDISC_REDIRECT:
1754                 ndisc_redirect_rcv(skb);
1755                 break;
1756         }
1757 
1758         return 0;
1759 }
1760 
1761 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1762 {
1763         struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1764         struct netdev_notifier_change_info *change_info;
1765         struct net *net = dev_net(dev);
1766         struct inet6_dev *idev;
1767 
1768         switch (event) {
1769         case NETDEV_CHANGEADDR:
1770                 neigh_changeaddr(&nd_tbl, dev);
1771                 fib6_run_gc(0, net, false);
1772                 /* fallthrough */
1773         case NETDEV_UP:
1774                 idev = in6_dev_get(dev);
1775                 if (!idev)
1776                         break;
1777                 if (idev->cnf.ndisc_notify ||
1778                     net->ipv6.devconf_all->ndisc_notify)
1779                         ndisc_send_unsol_na(dev);
1780                 in6_dev_put(idev);
1781                 break;
1782         case NETDEV_CHANGE:
1783                 change_info = ptr;
1784                 if (change_info->flags_changed & IFF_NOARP)
1785                         neigh_changeaddr(&nd_tbl, dev);
1786                 if (!netif_carrier_ok(dev))
1787                         neigh_carrier_down(&nd_tbl, dev);
1788                 break;
1789         case NETDEV_DOWN:
1790                 neigh_ifdown(&nd_tbl, dev);
1791                 fib6_run_gc(0, net, false);
1792                 break;
1793         case NETDEV_NOTIFY_PEERS:
1794                 ndisc_send_unsol_na(dev);
1795                 break;
1796         default:
1797                 break;
1798         }
1799 
1800         return NOTIFY_DONE;
1801 }
1802 
1803 static struct notifier_block ndisc_netdev_notifier = {
1804         .notifier_call = ndisc_netdev_event,
1805         .priority = ADDRCONF_NOTIFY_PRIORITY - 5,
1806 };
1807 
1808 #ifdef CONFIG_SYSCTL
1809 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1810                                          const char *func, const char *dev_name)
1811 {
1812         static char warncomm[TASK_COMM_LEN];
1813         static int warned;
1814         if (strcmp(warncomm, current->comm) && warned < 5) {
1815                 strcpy(warncomm, current->comm);
1816                 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1817                         warncomm, func,
1818                         dev_name, ctl->procname,
1819                         dev_name, ctl->procname);
1820                 warned++;
1821         }
1822 }
1823 
1824 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1825 {
1826         struct net_device *dev = ctl->extra1;
1827         struct inet6_dev *idev;
1828         int ret;
1829 
1830         if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1831             (strcmp(ctl->procname, "base_reachable_time") == 0))
1832                 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1833 
1834         if (strcmp(ctl->procname, "retrans_time") == 0)
1835                 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1836 
1837         else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1838                 ret = neigh_proc_dointvec_jiffies(ctl, write,
1839                                                   buffer, lenp, ppos);
1840 
1841         else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1842                  (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1843                 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1844                                                      buffer, lenp, ppos);
1845         else
1846                 ret = -1;
1847 
1848         if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1849                 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1850                         idev->nd_parms->reachable_time =
1851                                         neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1852                 idev->tstamp = jiffies;
1853                 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1854                 in6_dev_put(idev);
1855         }
1856         return ret;
1857 }
1858 
1859 
1860 #endif
1861 
1862 static int __net_init ndisc_net_init(struct net *net)
1863 {
1864         struct ipv6_pinfo *np;
1865         struct sock *sk;
1866         int err;
1867 
1868         err = inet_ctl_sock_create(&sk, PF_INET6,
1869                                    SOCK_RAW, IPPROTO_ICMPV6, net);
1870         if (err < 0) {
1871                 ND_PRINTK(0, err,
1872                           "NDISC: Failed to initialize the control socket (err %d)\n",
1873                           err);
1874                 return err;
1875         }
1876 
1877         net->ipv6.ndisc_sk = sk;
1878 
1879         np = inet6_sk(sk);
1880         np->hop_limit = 255;
1881         /* Do not loopback ndisc messages */
1882         np->mc_loop = 0;
1883 
1884         return 0;
1885 }
1886 
1887 static void __net_exit ndisc_net_exit(struct net *net)
1888 {
1889         inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1890 }
1891 
1892 static struct pernet_operations ndisc_net_ops = {
1893         .init = ndisc_net_init,
1894         .exit = ndisc_net_exit,
1895 };
1896 
1897 int __init ndisc_init(void)
1898 {
1899         int err;
1900 
1901         err = register_pernet_subsys(&ndisc_net_ops);
1902         if (err)
1903                 return err;
1904         /*
1905          * Initialize the neighbour table
1906          */
1907         neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1908 
1909 #ifdef CONFIG_SYSCTL
1910         err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1911                                     ndisc_ifinfo_sysctl_change);
1912         if (err)
1913                 goto out_unregister_pernet;
1914 out:
1915 #endif
1916         return err;
1917 
1918 #ifdef CONFIG_SYSCTL
1919 out_unregister_pernet:
1920         unregister_pernet_subsys(&ndisc_net_ops);
1921         goto out;
1922 #endif
1923 }
1924 
1925 int __init ndisc_late_init(void)
1926 {
1927         return register_netdevice_notifier(&ndisc_netdev_notifier);
1928 }
1929 
1930 void ndisc_late_cleanup(void)
1931 {
1932         unregister_netdevice_notifier(&ndisc_netdev_notifier);
1933 }
1934 
1935 void ndisc_cleanup(void)
1936 {
1937 #ifdef CONFIG_SYSCTL
1938         neigh_sysctl_unregister(&nd_tbl.parms);
1939 #endif
1940         neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1941         unregister_pernet_subsys(&ndisc_net_ops);
1942 }
1943 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp