~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/ipv6/ndisc.c

Version: ~ [ linux-5.7-rc7 ] ~ [ linux-5.6.14 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.42 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.124 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.181 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.224 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.224 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.140 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.84 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 // SPDX-License-Identifier: GPL-2.0-or-later
  2 /*
  3  *      Neighbour Discovery for IPv6
  4  *      Linux INET6 implementation
  5  *
  6  *      Authors:
  7  *      Pedro Roque             <roque@di.fc.ul.pt>
  8  *      Mike Shaver             <shaver@ingenia.com>
  9  */
 10 
 11 /*
 12  *      Changes:
 13  *
 14  *      Alexey I. Froloff               :       RFC6106 (DNSSL) support
 15  *      Pierre Ynard                    :       export userland ND options
 16  *                                              through netlink (RDNSS support)
 17  *      Lars Fenneberg                  :       fixed MTU setting on receipt
 18  *                                              of an RA.
 19  *      Janos Farkas                    :       kmalloc failure checks
 20  *      Alexey Kuznetsov                :       state machine reworked
 21  *                                              and moved to net/core.
 22  *      Pekka Savola                    :       RFC2461 validation
 23  *      YOSHIFUJI Hideaki @USAGI        :       Verify ND options properly
 24  */
 25 
 26 #define pr_fmt(fmt) "ICMPv6: " fmt
 27 
 28 #include <linux/module.h>
 29 #include <linux/errno.h>
 30 #include <linux/types.h>
 31 #include <linux/socket.h>
 32 #include <linux/sockios.h>
 33 #include <linux/sched.h>
 34 #include <linux/net.h>
 35 #include <linux/in6.h>
 36 #include <linux/route.h>
 37 #include <linux/init.h>
 38 #include <linux/rcupdate.h>
 39 #include <linux/slab.h>
 40 #ifdef CONFIG_SYSCTL
 41 #include <linux/sysctl.h>
 42 #endif
 43 
 44 #include <linux/if_addr.h>
 45 #include <linux/if_ether.h>
 46 #include <linux/if_arp.h>
 47 #include <linux/ipv6.h>
 48 #include <linux/icmpv6.h>
 49 #include <linux/jhash.h>
 50 
 51 #include <net/sock.h>
 52 #include <net/snmp.h>
 53 
 54 #include <net/ipv6.h>
 55 #include <net/protocol.h>
 56 #include <net/ndisc.h>
 57 #include <net/ip6_route.h>
 58 #include <net/addrconf.h>
 59 #include <net/icmp.h>
 60 
 61 #include <net/netlink.h>
 62 #include <linux/rtnetlink.h>
 63 
 64 #include <net/flow.h>
 65 #include <net/ip6_checksum.h>
 66 #include <net/inet_common.h>
 67 #include <linux/proc_fs.h>
 68 
 69 #include <linux/netfilter.h>
 70 #include <linux/netfilter_ipv6.h>
 71 
 72 static u32 ndisc_hash(const void *pkey,
 73                       const struct net_device *dev,
 74                       __u32 *hash_rnd);
 75 static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey);
 76 static bool ndisc_allow_add(const struct net_device *dev,
 77                             struct netlink_ext_ack *extack);
 78 static int ndisc_constructor(struct neighbour *neigh);
 79 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
 80 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
 81 static int pndisc_constructor(struct pneigh_entry *n);
 82 static void pndisc_destructor(struct pneigh_entry *n);
 83 static void pndisc_redo(struct sk_buff *skb);
 84 
 85 static const struct neigh_ops ndisc_generic_ops = {
 86         .family =               AF_INET6,
 87         .solicit =              ndisc_solicit,
 88         .error_report =         ndisc_error_report,
 89         .output =               neigh_resolve_output,
 90         .connected_output =     neigh_connected_output,
 91 };
 92 
 93 static const struct neigh_ops ndisc_hh_ops = {
 94         .family =               AF_INET6,
 95         .solicit =              ndisc_solicit,
 96         .error_report =         ndisc_error_report,
 97         .output =               neigh_resolve_output,
 98         .connected_output =     neigh_resolve_output,
 99 };
100 
101 
102 static const struct neigh_ops ndisc_direct_ops = {
103         .family =               AF_INET6,
104         .output =               neigh_direct_output,
105         .connected_output =     neigh_direct_output,
106 };
107 
108 struct neigh_table nd_tbl = {
109         .family =       AF_INET6,
110         .key_len =      sizeof(struct in6_addr),
111         .protocol =     cpu_to_be16(ETH_P_IPV6),
112         .hash =         ndisc_hash,
113         .key_eq =       ndisc_key_eq,
114         .constructor =  ndisc_constructor,
115         .pconstructor = pndisc_constructor,
116         .pdestructor =  pndisc_destructor,
117         .proxy_redo =   pndisc_redo,
118         .allow_add  =   ndisc_allow_add,
119         .id =           "ndisc_cache",
120         .parms = {
121                 .tbl                    = &nd_tbl,
122                 .reachable_time         = ND_REACHABLE_TIME,
123                 .data = {
124                         [NEIGH_VAR_MCAST_PROBES] = 3,
125                         [NEIGH_VAR_UCAST_PROBES] = 3,
126                         [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
127                         [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
128                         [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
129                         [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
130                         [NEIGH_VAR_QUEUE_LEN_BYTES] = SK_WMEM_MAX,
131                         [NEIGH_VAR_PROXY_QLEN] = 64,
132                         [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
133                         [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
134                 },
135         },
136         .gc_interval =    30 * HZ,
137         .gc_thresh1 =    128,
138         .gc_thresh2 =    512,
139         .gc_thresh3 =   1024,
140 };
141 EXPORT_SYMBOL_GPL(nd_tbl);
142 
143 void __ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data,
144                               int data_len, int pad)
145 {
146         int space = __ndisc_opt_addr_space(data_len, pad);
147         u8 *opt = skb_put(skb, space);
148 
149         opt[0] = type;
150         opt[1] = space>>3;
151 
152         memset(opt + 2, 0, pad);
153         opt   += pad;
154         space -= pad;
155 
156         memcpy(opt+2, data, data_len);
157         data_len += 2;
158         opt += data_len;
159         space -= data_len;
160         if (space > 0)
161                 memset(opt, 0, space);
162 }
163 EXPORT_SYMBOL_GPL(__ndisc_fill_addr_option);
164 
165 static inline void ndisc_fill_addr_option(struct sk_buff *skb, int type,
166                                           void *data, u8 icmp6_type)
167 {
168         __ndisc_fill_addr_option(skb, type, data, skb->dev->addr_len,
169                                  ndisc_addr_option_pad(skb->dev->type));
170         ndisc_ops_fill_addr_option(skb->dev, skb, icmp6_type);
171 }
172 
173 static inline void ndisc_fill_redirect_addr_option(struct sk_buff *skb,
174                                                    void *ha,
175                                                    const u8 *ops_data)
176 {
177         ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR, ha, NDISC_REDIRECT);
178         ndisc_ops_fill_redirect_addr_option(skb->dev, skb, ops_data);
179 }
180 
181 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
182                                             struct nd_opt_hdr *end)
183 {
184         int type;
185         if (!cur || !end || cur >= end)
186                 return NULL;
187         type = cur->nd_opt_type;
188         do {
189                 cur = ((void *)cur) + (cur->nd_opt_len << 3);
190         } while (cur < end && cur->nd_opt_type != type);
191         return cur <= end && cur->nd_opt_type == type ? cur : NULL;
192 }
193 
194 static inline int ndisc_is_useropt(const struct net_device *dev,
195                                    struct nd_opt_hdr *opt)
196 {
197         return opt->nd_opt_type == ND_OPT_RDNSS ||
198                 opt->nd_opt_type == ND_OPT_DNSSL ||
199                 opt->nd_opt_type == ND_OPT_CAPTIVE_PORTAL ||
200                 opt->nd_opt_type == ND_OPT_PREF64 ||
201                 ndisc_ops_is_useropt(dev, opt->nd_opt_type);
202 }
203 
204 static struct nd_opt_hdr *ndisc_next_useropt(const struct net_device *dev,
205                                              struct nd_opt_hdr *cur,
206                                              struct nd_opt_hdr *end)
207 {
208         if (!cur || !end || cur >= end)
209                 return NULL;
210         do {
211                 cur = ((void *)cur) + (cur->nd_opt_len << 3);
212         } while (cur < end && !ndisc_is_useropt(dev, cur));
213         return cur <= end && ndisc_is_useropt(dev, cur) ? cur : NULL;
214 }
215 
216 struct ndisc_options *ndisc_parse_options(const struct net_device *dev,
217                                           u8 *opt, int opt_len,
218                                           struct ndisc_options *ndopts)
219 {
220         struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
221 
222         if (!nd_opt || opt_len < 0 || !ndopts)
223                 return NULL;
224         memset(ndopts, 0, sizeof(*ndopts));
225         while (opt_len) {
226                 int l;
227                 if (opt_len < sizeof(struct nd_opt_hdr))
228                         return NULL;
229                 l = nd_opt->nd_opt_len << 3;
230                 if (opt_len < l || l == 0)
231                         return NULL;
232                 if (ndisc_ops_parse_options(dev, nd_opt, ndopts))
233                         goto next_opt;
234                 switch (nd_opt->nd_opt_type) {
235                 case ND_OPT_SOURCE_LL_ADDR:
236                 case ND_OPT_TARGET_LL_ADDR:
237                 case ND_OPT_MTU:
238                 case ND_OPT_NONCE:
239                 case ND_OPT_REDIRECT_HDR:
240                         if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
241                                 ND_PRINTK(2, warn,
242                                           "%s: duplicated ND6 option found: type=%d\n",
243                                           __func__, nd_opt->nd_opt_type);
244                         } else {
245                                 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
246                         }
247                         break;
248                 case ND_OPT_PREFIX_INFO:
249                         ndopts->nd_opts_pi_end = nd_opt;
250                         if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
251                                 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
252                         break;
253 #ifdef CONFIG_IPV6_ROUTE_INFO
254                 case ND_OPT_ROUTE_INFO:
255                         ndopts->nd_opts_ri_end = nd_opt;
256                         if (!ndopts->nd_opts_ri)
257                                 ndopts->nd_opts_ri = nd_opt;
258                         break;
259 #endif
260                 default:
261                         if (ndisc_is_useropt(dev, nd_opt)) {
262                                 ndopts->nd_useropts_end = nd_opt;
263                                 if (!ndopts->nd_useropts)
264                                         ndopts->nd_useropts = nd_opt;
265                         } else {
266                                 /*
267                                  * Unknown options must be silently ignored,
268                                  * to accommodate future extension to the
269                                  * protocol.
270                                  */
271                                 ND_PRINTK(2, notice,
272                                           "%s: ignored unsupported option; type=%d, len=%d\n",
273                                           __func__,
274                                           nd_opt->nd_opt_type,
275                                           nd_opt->nd_opt_len);
276                         }
277                 }
278 next_opt:
279                 opt_len -= l;
280                 nd_opt = ((void *)nd_opt) + l;
281         }
282         return ndopts;
283 }
284 
285 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
286 {
287         switch (dev->type) {
288         case ARPHRD_ETHER:
289         case ARPHRD_IEEE802:    /* Not sure. Check it later. --ANK */
290         case ARPHRD_FDDI:
291                 ipv6_eth_mc_map(addr, buf);
292                 return 0;
293         case ARPHRD_ARCNET:
294                 ipv6_arcnet_mc_map(addr, buf);
295                 return 0;
296         case ARPHRD_INFINIBAND:
297                 ipv6_ib_mc_map(addr, dev->broadcast, buf);
298                 return 0;
299         case ARPHRD_IPGRE:
300                 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
301         default:
302                 if (dir) {
303                         memcpy(buf, dev->broadcast, dev->addr_len);
304                         return 0;
305                 }
306         }
307         return -EINVAL;
308 }
309 EXPORT_SYMBOL(ndisc_mc_map);
310 
311 static u32 ndisc_hash(const void *pkey,
312                       const struct net_device *dev,
313                       __u32 *hash_rnd)
314 {
315         return ndisc_hashfn(pkey, dev, hash_rnd);
316 }
317 
318 static bool ndisc_key_eq(const struct neighbour *n, const void *pkey)
319 {
320         return neigh_key_eq128(n, pkey);
321 }
322 
323 static int ndisc_constructor(struct neighbour *neigh)
324 {
325         struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
326         struct net_device *dev = neigh->dev;
327         struct inet6_dev *in6_dev;
328         struct neigh_parms *parms;
329         bool is_multicast = ipv6_addr_is_multicast(addr);
330 
331         in6_dev = in6_dev_get(dev);
332         if (!in6_dev) {
333                 return -EINVAL;
334         }
335 
336         parms = in6_dev->nd_parms;
337         __neigh_parms_put(neigh->parms);
338         neigh->parms = neigh_parms_clone(parms);
339 
340         neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
341         if (!dev->header_ops) {
342                 neigh->nud_state = NUD_NOARP;
343                 neigh->ops = &ndisc_direct_ops;
344                 neigh->output = neigh_direct_output;
345         } else {
346                 if (is_multicast) {
347                         neigh->nud_state = NUD_NOARP;
348                         ndisc_mc_map(addr, neigh->ha, dev, 1);
349                 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
350                         neigh->nud_state = NUD_NOARP;
351                         memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
352                         if (dev->flags&IFF_LOOPBACK)
353                                 neigh->type = RTN_LOCAL;
354                 } else if (dev->flags&IFF_POINTOPOINT) {
355                         neigh->nud_state = NUD_NOARP;
356                         memcpy(neigh->ha, dev->broadcast, dev->addr_len);
357                 }
358                 if (dev->header_ops->cache)
359                         neigh->ops = &ndisc_hh_ops;
360                 else
361                         neigh->ops = &ndisc_generic_ops;
362                 if (neigh->nud_state&NUD_VALID)
363                         neigh->output = neigh->ops->connected_output;
364                 else
365                         neigh->output = neigh->ops->output;
366         }
367         in6_dev_put(in6_dev);
368         return 0;
369 }
370 
371 static int pndisc_constructor(struct pneigh_entry *n)
372 {
373         struct in6_addr *addr = (struct in6_addr *)&n->key;
374         struct in6_addr maddr;
375         struct net_device *dev = n->dev;
376 
377         if (!dev || !__in6_dev_get(dev))
378                 return -EINVAL;
379         addrconf_addr_solict_mult(addr, &maddr);
380         ipv6_dev_mc_inc(dev, &maddr);
381         return 0;
382 }
383 
384 static void pndisc_destructor(struct pneigh_entry *n)
385 {
386         struct in6_addr *addr = (struct in6_addr *)&n->key;
387         struct in6_addr maddr;
388         struct net_device *dev = n->dev;
389 
390         if (!dev || !__in6_dev_get(dev))
391                 return;
392         addrconf_addr_solict_mult(addr, &maddr);
393         ipv6_dev_mc_dec(dev, &maddr);
394 }
395 
396 /* called with rtnl held */
397 static bool ndisc_allow_add(const struct net_device *dev,
398                             struct netlink_ext_ack *extack)
399 {
400         struct inet6_dev *idev = __in6_dev_get(dev);
401 
402         if (!idev || idev->cnf.disable_ipv6) {
403                 NL_SET_ERR_MSG(extack, "IPv6 is disabled on this device");
404                 return false;
405         }
406 
407         return true;
408 }
409 
410 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
411                                        int len)
412 {
413         int hlen = LL_RESERVED_SPACE(dev);
414         int tlen = dev->needed_tailroom;
415         struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
416         struct sk_buff *skb;
417 
418         skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
419         if (!skb) {
420                 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
421                           __func__);
422                 return NULL;
423         }
424 
425         skb->protocol = htons(ETH_P_IPV6);
426         skb->dev = dev;
427 
428         skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
429         skb_reset_transport_header(skb);
430 
431         /* Manually assign socket ownership as we avoid calling
432          * sock_alloc_send_pskb() to bypass wmem buffer limits
433          */
434         skb_set_owner_w(skb, sk);
435 
436         return skb;
437 }
438 
439 static void ip6_nd_hdr(struct sk_buff *skb,
440                        const struct in6_addr *saddr,
441                        const struct in6_addr *daddr,
442                        int hop_limit, int len)
443 {
444         struct ipv6hdr *hdr;
445         struct inet6_dev *idev;
446         unsigned tclass;
447 
448         rcu_read_lock();
449         idev = __in6_dev_get(skb->dev);
450         tclass = idev ? idev->cnf.ndisc_tclass : 0;
451         rcu_read_unlock();
452 
453         skb_push(skb, sizeof(*hdr));
454         skb_reset_network_header(skb);
455         hdr = ipv6_hdr(skb);
456 
457         ip6_flow_hdr(hdr, tclass, 0);
458 
459         hdr->payload_len = htons(len);
460         hdr->nexthdr = IPPROTO_ICMPV6;
461         hdr->hop_limit = hop_limit;
462 
463         hdr->saddr = *saddr;
464         hdr->daddr = *daddr;
465 }
466 
467 static void ndisc_send_skb(struct sk_buff *skb,
468                            const struct in6_addr *daddr,
469                            const struct in6_addr *saddr)
470 {
471         struct dst_entry *dst = skb_dst(skb);
472         struct net *net = dev_net(skb->dev);
473         struct sock *sk = net->ipv6.ndisc_sk;
474         struct inet6_dev *idev;
475         int err;
476         struct icmp6hdr *icmp6h = icmp6_hdr(skb);
477         u8 type;
478 
479         type = icmp6h->icmp6_type;
480 
481         if (!dst) {
482                 struct flowi6 fl6;
483                 int oif = skb->dev->ifindex;
484 
485                 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, oif);
486                 dst = icmp6_dst_alloc(skb->dev, &fl6);
487                 if (IS_ERR(dst)) {
488                         kfree_skb(skb);
489                         return;
490                 }
491 
492                 skb_dst_set(skb, dst);
493         }
494 
495         icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
496                                               IPPROTO_ICMPV6,
497                                               csum_partial(icmp6h,
498                                                            skb->len, 0));
499 
500         ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
501 
502         rcu_read_lock();
503         idev = __in6_dev_get(dst->dev);
504         IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
505 
506         err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
507                       net, sk, skb, NULL, dst->dev,
508                       dst_output);
509         if (!err) {
510                 ICMP6MSGOUT_INC_STATS(net, idev, type);
511                 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
512         }
513 
514         rcu_read_unlock();
515 }
516 
517 void ndisc_send_na(struct net_device *dev, const struct in6_addr *daddr,
518                    const struct in6_addr *solicited_addr,
519                    bool router, bool solicited, bool override, bool inc_opt)
520 {
521         struct sk_buff *skb;
522         struct in6_addr tmpaddr;
523         struct inet6_ifaddr *ifp;
524         const struct in6_addr *src_addr;
525         struct nd_msg *msg;
526         int optlen = 0;
527 
528         /* for anycast or proxy, solicited_addr != src_addr */
529         ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
530         if (ifp) {
531                 src_addr = solicited_addr;
532                 if (ifp->flags & IFA_F_OPTIMISTIC)
533                         override = false;
534                 inc_opt |= ifp->idev->cnf.force_tllao;
535                 in6_ifa_put(ifp);
536         } else {
537                 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
538                                        inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
539                                        &tmpaddr))
540                         return;
541                 src_addr = &tmpaddr;
542         }
543 
544         if (!dev->addr_len)
545                 inc_opt = false;
546         if (inc_opt)
547                 optlen += ndisc_opt_addr_space(dev,
548                                                NDISC_NEIGHBOUR_ADVERTISEMENT);
549 
550         skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
551         if (!skb)
552                 return;
553 
554         msg = skb_put(skb, sizeof(*msg));
555         *msg = (struct nd_msg) {
556                 .icmph = {
557                         .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
558                         .icmp6_router = router,
559                         .icmp6_solicited = solicited,
560                         .icmp6_override = override,
561                 },
562                 .target = *solicited_addr,
563         };
564 
565         if (inc_opt)
566                 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
567                                        dev->dev_addr,
568                                        NDISC_NEIGHBOUR_ADVERTISEMENT);
569 
570         ndisc_send_skb(skb, daddr, src_addr);
571 }
572 
573 static void ndisc_send_unsol_na(struct net_device *dev)
574 {
575         struct inet6_dev *idev;
576         struct inet6_ifaddr *ifa;
577 
578         idev = in6_dev_get(dev);
579         if (!idev)
580                 return;
581 
582         read_lock_bh(&idev->lock);
583         list_for_each_entry(ifa, &idev->addr_list, if_list) {
584                 /* skip tentative addresses until dad completes */
585                 if (ifa->flags & IFA_F_TENTATIVE &&
586                     !(ifa->flags & IFA_F_OPTIMISTIC))
587                         continue;
588 
589                 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &ifa->addr,
590                               /*router=*/ !!idev->cnf.forwarding,
591                               /*solicited=*/ false, /*override=*/ true,
592                               /*inc_opt=*/ true);
593         }
594         read_unlock_bh(&idev->lock);
595 
596         in6_dev_put(idev);
597 }
598 
599 void ndisc_send_ns(struct net_device *dev, const struct in6_addr *solicit,
600                    const struct in6_addr *daddr, const struct in6_addr *saddr,
601                    u64 nonce)
602 {
603         struct sk_buff *skb;
604         struct in6_addr addr_buf;
605         int inc_opt = dev->addr_len;
606         int optlen = 0;
607         struct nd_msg *msg;
608 
609         if (!saddr) {
610                 if (ipv6_get_lladdr(dev, &addr_buf,
611                                    (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
612                         return;
613                 saddr = &addr_buf;
614         }
615 
616         if (ipv6_addr_any(saddr))
617                 inc_opt = false;
618         if (inc_opt)
619                 optlen += ndisc_opt_addr_space(dev,
620                                                NDISC_NEIGHBOUR_SOLICITATION);
621         if (nonce != 0)
622                 optlen += 8;
623 
624         skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
625         if (!skb)
626                 return;
627 
628         msg = skb_put(skb, sizeof(*msg));
629         *msg = (struct nd_msg) {
630                 .icmph = {
631                         .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
632                 },
633                 .target = *solicit,
634         };
635 
636         if (inc_opt)
637                 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
638                                        dev->dev_addr,
639                                        NDISC_NEIGHBOUR_SOLICITATION);
640         if (nonce != 0) {
641                 u8 *opt = skb_put(skb, 8);
642 
643                 opt[0] = ND_OPT_NONCE;
644                 opt[1] = 8 >> 3;
645                 memcpy(opt + 2, &nonce, 6);
646         }
647 
648         ndisc_send_skb(skb, daddr, saddr);
649 }
650 
651 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
652                    const struct in6_addr *daddr)
653 {
654         struct sk_buff *skb;
655         struct rs_msg *msg;
656         int send_sllao = dev->addr_len;
657         int optlen = 0;
658 
659 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
660         /*
661          * According to section 2.2 of RFC 4429, we must not
662          * send router solicitations with a sllao from
663          * optimistic addresses, but we may send the solicitation
664          * if we don't include the sllao.  So here we check
665          * if our address is optimistic, and if so, we
666          * suppress the inclusion of the sllao.
667          */
668         if (send_sllao) {
669                 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
670                                                            dev, 1);
671                 if (ifp) {
672                         if (ifp->flags & IFA_F_OPTIMISTIC)  {
673                                 send_sllao = 0;
674                         }
675                         in6_ifa_put(ifp);
676                 } else {
677                         send_sllao = 0;
678                 }
679         }
680 #endif
681         if (send_sllao)
682                 optlen += ndisc_opt_addr_space(dev, NDISC_ROUTER_SOLICITATION);
683 
684         skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
685         if (!skb)
686                 return;
687 
688         msg = skb_put(skb, sizeof(*msg));
689         *msg = (struct rs_msg) {
690                 .icmph = {
691                         .icmp6_type = NDISC_ROUTER_SOLICITATION,
692                 },
693         };
694 
695         if (send_sllao)
696                 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
697                                        dev->dev_addr,
698                                        NDISC_ROUTER_SOLICITATION);
699 
700         ndisc_send_skb(skb, daddr, saddr);
701 }
702 
703 
704 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
705 {
706         /*
707          *      "The sender MUST return an ICMP
708          *       destination unreachable"
709          */
710         dst_link_failure(skb);
711         kfree_skb(skb);
712 }
713 
714 /* Called with locked neigh: either read or both */
715 
716 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
717 {
718         struct in6_addr *saddr = NULL;
719         struct in6_addr mcaddr;
720         struct net_device *dev = neigh->dev;
721         struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
722         int probes = atomic_read(&neigh->probes);
723 
724         if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
725                                            dev, false, 1,
726                                            IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
727                 saddr = &ipv6_hdr(skb)->saddr;
728         probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
729         if (probes < 0) {
730                 if (!(neigh->nud_state & NUD_VALID)) {
731                         ND_PRINTK(1, dbg,
732                                   "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
733                                   __func__, target);
734                 }
735                 ndisc_send_ns(dev, target, target, saddr, 0);
736         } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
737                 neigh_app_ns(neigh);
738         } else {
739                 addrconf_addr_solict_mult(target, &mcaddr);
740                 ndisc_send_ns(dev, target, &mcaddr, saddr, 0);
741         }
742 }
743 
744 static int pndisc_is_router(const void *pkey,
745                             struct net_device *dev)
746 {
747         struct pneigh_entry *n;
748         int ret = -1;
749 
750         read_lock_bh(&nd_tbl.lock);
751         n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
752         if (n)
753                 ret = !!(n->flags & NTF_ROUTER);
754         read_unlock_bh(&nd_tbl.lock);
755 
756         return ret;
757 }
758 
759 void ndisc_update(const struct net_device *dev, struct neighbour *neigh,
760                   const u8 *lladdr, u8 new, u32 flags, u8 icmp6_type,
761                   struct ndisc_options *ndopts)
762 {
763         neigh_update(neigh, lladdr, new, flags, 0);
764         /* report ndisc ops about neighbour update */
765         ndisc_ops_update(dev, neigh, flags, icmp6_type, ndopts);
766 }
767 
768 static void ndisc_recv_ns(struct sk_buff *skb)
769 {
770         struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
771         const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
772         const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
773         u8 *lladdr = NULL;
774         u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
775                                     offsetof(struct nd_msg, opt));
776         struct ndisc_options ndopts;
777         struct net_device *dev = skb->dev;
778         struct inet6_ifaddr *ifp;
779         struct inet6_dev *idev = NULL;
780         struct neighbour *neigh;
781         int dad = ipv6_addr_any(saddr);
782         bool inc;
783         int is_router = -1;
784         u64 nonce = 0;
785 
786         if (skb->len < sizeof(struct nd_msg)) {
787                 ND_PRINTK(2, warn, "NS: packet too short\n");
788                 return;
789         }
790 
791         if (ipv6_addr_is_multicast(&msg->target)) {
792                 ND_PRINTK(2, warn, "NS: multicast target address\n");
793                 return;
794         }
795 
796         /*
797          * RFC2461 7.1.1:
798          * DAD has to be destined for solicited node multicast address.
799          */
800         if (dad && !ipv6_addr_is_solict_mult(daddr)) {
801                 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
802                 return;
803         }
804 
805         if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
806                 ND_PRINTK(2, warn, "NS: invalid ND options\n");
807                 return;
808         }
809 
810         if (ndopts.nd_opts_src_lladdr) {
811                 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
812                 if (!lladdr) {
813                         ND_PRINTK(2, warn,
814                                   "NS: invalid link-layer address length\n");
815                         return;
816                 }
817 
818                 /* RFC2461 7.1.1:
819                  *      If the IP source address is the unspecified address,
820                  *      there MUST NOT be source link-layer address option
821                  *      in the message.
822                  */
823                 if (dad) {
824                         ND_PRINTK(2, warn,
825                                   "NS: bad DAD packet (link-layer address option)\n");
826                         return;
827                 }
828         }
829         if (ndopts.nd_opts_nonce && ndopts.nd_opts_nonce->nd_opt_len == 1)
830                 memcpy(&nonce, (u8 *)(ndopts.nd_opts_nonce + 1), 6);
831 
832         inc = ipv6_addr_is_multicast(daddr);
833 
834         ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
835         if (ifp) {
836 have_ifp:
837                 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
838                         if (dad) {
839                                 if (nonce != 0 && ifp->dad_nonce == nonce) {
840                                         u8 *np = (u8 *)&nonce;
841                                         /* Matching nonce if looped back */
842                                         ND_PRINTK(2, notice,
843                                                   "%s: IPv6 DAD loopback for address %pI6c nonce %pM ignored\n",
844                                                   ifp->idev->dev->name,
845                                                   &ifp->addr, np);
846                                         goto out;
847                                 }
848                                 /*
849                                  * We are colliding with another node
850                                  * who is doing DAD
851                                  * so fail our DAD process
852                                  */
853                                 addrconf_dad_failure(skb, ifp);
854                                 return;
855                         } else {
856                                 /*
857                                  * This is not a dad solicitation.
858                                  * If we are an optimistic node,
859                                  * we should respond.
860                                  * Otherwise, we should ignore it.
861                                  */
862                                 if (!(ifp->flags & IFA_F_OPTIMISTIC))
863                                         goto out;
864                         }
865                 }
866 
867                 idev = ifp->idev;
868         } else {
869                 struct net *net = dev_net(dev);
870 
871                 /* perhaps an address on the master device */
872                 if (netif_is_l3_slave(dev)) {
873                         struct net_device *mdev;
874 
875                         mdev = netdev_master_upper_dev_get_rcu(dev);
876                         if (mdev) {
877                                 ifp = ipv6_get_ifaddr(net, &msg->target, mdev, 1);
878                                 if (ifp)
879                                         goto have_ifp;
880                         }
881                 }
882 
883                 idev = in6_dev_get(dev);
884                 if (!idev) {
885                         /* XXX: count this drop? */
886                         return;
887                 }
888 
889                 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
890                     (idev->cnf.forwarding &&
891                      (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
892                      (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
893                         if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
894                             skb->pkt_type != PACKET_HOST &&
895                             inc &&
896                             NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
897                                 /*
898                                  * for anycast or proxy,
899                                  * sender should delay its response
900                                  * by a random time between 0 and
901                                  * MAX_ANYCAST_DELAY_TIME seconds.
902                                  * (RFC2461) -- yoshfuji
903                                  */
904                                 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
905                                 if (n)
906                                         pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
907                                 goto out;
908                         }
909                 } else
910                         goto out;
911         }
912 
913         if (is_router < 0)
914                 is_router = idev->cnf.forwarding;
915 
916         if (dad) {
917                 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &msg->target,
918                               !!is_router, false, (ifp != NULL), true);
919                 goto out;
920         }
921 
922         if (inc)
923                 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
924         else
925                 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
926 
927         /*
928          *      update / create cache entry
929          *      for the source address
930          */
931         neigh = __neigh_lookup(&nd_tbl, saddr, dev,
932                                !inc || lladdr || !dev->addr_len);
933         if (neigh)
934                 ndisc_update(dev, neigh, lladdr, NUD_STALE,
935                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
936                              NEIGH_UPDATE_F_OVERRIDE,
937                              NDISC_NEIGHBOUR_SOLICITATION, &ndopts);
938         if (neigh || !dev->header_ops) {
939                 ndisc_send_na(dev, saddr, &msg->target, !!is_router,
940                               true, (ifp != NULL && inc), inc);
941                 if (neigh)
942                         neigh_release(neigh);
943         }
944 
945 out:
946         if (ifp)
947                 in6_ifa_put(ifp);
948         else
949                 in6_dev_put(idev);
950 }
951 
952 static void ndisc_recv_na(struct sk_buff *skb)
953 {
954         struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
955         struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
956         const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
957         u8 *lladdr = NULL;
958         u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
959                                     offsetof(struct nd_msg, opt));
960         struct ndisc_options ndopts;
961         struct net_device *dev = skb->dev;
962         struct inet6_dev *idev = __in6_dev_get(dev);
963         struct inet6_ifaddr *ifp;
964         struct neighbour *neigh;
965 
966         if (skb->len < sizeof(struct nd_msg)) {
967                 ND_PRINTK(2, warn, "NA: packet too short\n");
968                 return;
969         }
970 
971         if (ipv6_addr_is_multicast(&msg->target)) {
972                 ND_PRINTK(2, warn, "NA: target address is multicast\n");
973                 return;
974         }
975 
976         if (ipv6_addr_is_multicast(daddr) &&
977             msg->icmph.icmp6_solicited) {
978                 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
979                 return;
980         }
981 
982         /* For some 802.11 wireless deployments (and possibly other networks),
983          * there will be a NA proxy and unsolicitd packets are attacks
984          * and thus should not be accepted.
985          */
986         if (!msg->icmph.icmp6_solicited && idev &&
987             idev->cnf.drop_unsolicited_na)
988                 return;
989 
990         if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
991                 ND_PRINTK(2, warn, "NS: invalid ND option\n");
992                 return;
993         }
994         if (ndopts.nd_opts_tgt_lladdr) {
995                 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
996                 if (!lladdr) {
997                         ND_PRINTK(2, warn,
998                                   "NA: invalid link-layer address length\n");
999                         return;
1000                 }
1001         }
1002         ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
1003         if (ifp) {
1004                 if (skb->pkt_type != PACKET_LOOPBACK
1005                     && (ifp->flags & IFA_F_TENTATIVE)) {
1006                                 addrconf_dad_failure(skb, ifp);
1007                                 return;
1008                 }
1009                 /* What should we make now? The advertisement
1010                    is invalid, but ndisc specs say nothing
1011                    about it. It could be misconfiguration, or
1012                    an smart proxy agent tries to help us :-)
1013 
1014                    We should not print the error if NA has been
1015                    received from loopback - it is just our own
1016                    unsolicited advertisement.
1017                  */
1018                 if (skb->pkt_type != PACKET_LOOPBACK)
1019                         ND_PRINTK(1, warn,
1020                                   "NA: %pM advertised our address %pI6c on %s!\n",
1021                                   eth_hdr(skb)->h_source, &ifp->addr, ifp->idev->dev->name);
1022                 in6_ifa_put(ifp);
1023                 return;
1024         }
1025         neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
1026 
1027         if (neigh) {
1028                 u8 old_flags = neigh->flags;
1029                 struct net *net = dev_net(dev);
1030 
1031                 if (neigh->nud_state & NUD_FAILED)
1032                         goto out;
1033 
1034                 /*
1035                  * Don't update the neighbor cache entry on a proxy NA from
1036                  * ourselves because either the proxied node is off link or it
1037                  * has already sent a NA to us.
1038                  */
1039                 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
1040                     net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
1041                     pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
1042                         /* XXX: idev->cnf.proxy_ndp */
1043                         goto out;
1044                 }
1045 
1046                 ndisc_update(dev, neigh, lladdr,
1047                              msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
1048                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
1049                              (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
1050                              NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1051                              (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0),
1052                              NDISC_NEIGHBOUR_ADVERTISEMENT, &ndopts);
1053 
1054                 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
1055                         /*
1056                          * Change: router to host
1057                          */
1058                         rt6_clean_tohost(dev_net(dev),  saddr);
1059                 }
1060 
1061 out:
1062                 neigh_release(neigh);
1063         }
1064 }
1065 
1066 static void ndisc_recv_rs(struct sk_buff *skb)
1067 {
1068         struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1069         unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1070         struct neighbour *neigh;
1071         struct inet6_dev *idev;
1072         const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1073         struct ndisc_options ndopts;
1074         u8 *lladdr = NULL;
1075 
1076         if (skb->len < sizeof(*rs_msg))
1077                 return;
1078 
1079         idev = __in6_dev_get(skb->dev);
1080         if (!idev) {
1081                 ND_PRINTK(1, err, "RS: can't find in6 device\n");
1082                 return;
1083         }
1084 
1085         /* Don't accept RS if we're not in router mode */
1086         if (!idev->cnf.forwarding)
1087                 goto out;
1088 
1089         /*
1090          * Don't update NCE if src = ::;
1091          * this implies that the source node has no ip address assigned yet.
1092          */
1093         if (ipv6_addr_any(saddr))
1094                 goto out;
1095 
1096         /* Parse ND options */
1097         if (!ndisc_parse_options(skb->dev, rs_msg->opt, ndoptlen, &ndopts)) {
1098                 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
1099                 goto out;
1100         }
1101 
1102         if (ndopts.nd_opts_src_lladdr) {
1103                 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1104                                              skb->dev);
1105                 if (!lladdr)
1106                         goto out;
1107         }
1108 
1109         neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1110         if (neigh) {
1111                 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1112                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
1113                              NEIGH_UPDATE_F_OVERRIDE|
1114                              NEIGH_UPDATE_F_OVERRIDE_ISROUTER,
1115                              NDISC_ROUTER_SOLICITATION, &ndopts);
1116                 neigh_release(neigh);
1117         }
1118 out:
1119         return;
1120 }
1121 
1122 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1123 {
1124         struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1125         struct sk_buff *skb;
1126         struct nlmsghdr *nlh;
1127         struct nduseroptmsg *ndmsg;
1128         struct net *net = dev_net(ra->dev);
1129         int err;
1130         int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1131                                     + (opt->nd_opt_len << 3));
1132         size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1133 
1134         skb = nlmsg_new(msg_size, GFP_ATOMIC);
1135         if (!skb) {
1136                 err = -ENOBUFS;
1137                 goto errout;
1138         }
1139 
1140         nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1141         if (!nlh) {
1142                 goto nla_put_failure;
1143         }
1144 
1145         ndmsg = nlmsg_data(nlh);
1146         ndmsg->nduseropt_family = AF_INET6;
1147         ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1148         ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1149         ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1150         ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1151 
1152         memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1153 
1154         if (nla_put_in6_addr(skb, NDUSEROPT_SRCADDR, &ipv6_hdr(ra)->saddr))
1155                 goto nla_put_failure;
1156         nlmsg_end(skb, nlh);
1157 
1158         rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1159         return;
1160 
1161 nla_put_failure:
1162         nlmsg_free(skb);
1163         err = -EMSGSIZE;
1164 errout:
1165         rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1166 }
1167 
1168 static void ndisc_router_discovery(struct sk_buff *skb)
1169 {
1170         struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1171         struct neighbour *neigh = NULL;
1172         struct inet6_dev *in6_dev;
1173         struct fib6_info *rt = NULL;
1174         struct net *net;
1175         int lifetime;
1176         struct ndisc_options ndopts;
1177         int optlen;
1178         unsigned int pref = 0;
1179         __u32 old_if_flags;
1180         bool send_ifinfo_notify = false;
1181 
1182         __u8 *opt = (__u8 *)(ra_msg + 1);
1183 
1184         optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1185                 sizeof(struct ra_msg);
1186 
1187         ND_PRINTK(2, info,
1188                   "RA: %s, dev: %s\n",
1189                   __func__, skb->dev->name);
1190         if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1191                 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1192                 return;
1193         }
1194         if (optlen < 0) {
1195                 ND_PRINTK(2, warn, "RA: packet too short\n");
1196                 return;
1197         }
1198 
1199 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1200         if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1201                 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1202                 return;
1203         }
1204 #endif
1205 
1206         /*
1207          *      set the RA_RECV flag in the interface
1208          */
1209 
1210         in6_dev = __in6_dev_get(skb->dev);
1211         if (!in6_dev) {
1212                 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1213                           skb->dev->name);
1214                 return;
1215         }
1216 
1217         if (!ndisc_parse_options(skb->dev, opt, optlen, &ndopts)) {
1218                 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1219                 return;
1220         }
1221 
1222         if (!ipv6_accept_ra(in6_dev)) {
1223                 ND_PRINTK(2, info,
1224                           "RA: %s, did not accept ra for dev: %s\n",
1225                           __func__, skb->dev->name);
1226                 goto skip_linkparms;
1227         }
1228 
1229 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1230         /* skip link-specific parameters from interior routers */
1231         if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1232                 ND_PRINTK(2, info,
1233                           "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1234                           __func__, skb->dev->name);
1235                 goto skip_linkparms;
1236         }
1237 #endif
1238 
1239         if (in6_dev->if_flags & IF_RS_SENT) {
1240                 /*
1241                  *      flag that an RA was received after an RS was sent
1242                  *      out on this interface.
1243                  */
1244                 in6_dev->if_flags |= IF_RA_RCVD;
1245         }
1246 
1247         /*
1248          * Remember the managed/otherconf flags from most recently
1249          * received RA message (RFC 2462) -- yoshfuji
1250          */
1251         old_if_flags = in6_dev->if_flags;
1252         in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1253                                 IF_RA_OTHERCONF)) |
1254                                 (ra_msg->icmph.icmp6_addrconf_managed ?
1255                                         IF_RA_MANAGED : 0) |
1256                                 (ra_msg->icmph.icmp6_addrconf_other ?
1257                                         IF_RA_OTHERCONF : 0);
1258 
1259         if (old_if_flags != in6_dev->if_flags)
1260                 send_ifinfo_notify = true;
1261 
1262         if (!in6_dev->cnf.accept_ra_defrtr) {
1263                 ND_PRINTK(2, info,
1264                           "RA: %s, defrtr is false for dev: %s\n",
1265                           __func__, skb->dev->name);
1266                 goto skip_defrtr;
1267         }
1268 
1269         /* Do not accept RA with source-addr found on local machine unless
1270          * accept_ra_from_local is set to true.
1271          */
1272         net = dev_net(in6_dev->dev);
1273         if (!in6_dev->cnf.accept_ra_from_local &&
1274             ipv6_chk_addr(net, &ipv6_hdr(skb)->saddr, in6_dev->dev, 0)) {
1275                 ND_PRINTK(2, info,
1276                           "RA from local address detected on dev: %s: default router ignored\n",
1277                           skb->dev->name);
1278                 goto skip_defrtr;
1279         }
1280 
1281         lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1282 
1283 #ifdef CONFIG_IPV6_ROUTER_PREF
1284         pref = ra_msg->icmph.icmp6_router_pref;
1285         /* 10b is handled as if it were 00b (medium) */
1286         if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1287             !in6_dev->cnf.accept_ra_rtr_pref)
1288                 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1289 #endif
1290         /* routes added from RAs do not use nexthop objects */
1291         rt = rt6_get_dflt_router(net, &ipv6_hdr(skb)->saddr, skb->dev);
1292         if (rt) {
1293                 neigh = ip6_neigh_lookup(&rt->fib6_nh->fib_nh_gw6,
1294                                          rt->fib6_nh->fib_nh_dev, NULL,
1295                                           &ipv6_hdr(skb)->saddr);
1296                 if (!neigh) {
1297                         ND_PRINTK(0, err,
1298                                   "RA: %s got default router without neighbour\n",
1299                                   __func__);
1300                         fib6_info_release(rt);
1301                         return;
1302                 }
1303         }
1304         if (rt && lifetime == 0) {
1305                 ip6_del_rt(net, rt);
1306                 rt = NULL;
1307         }
1308 
1309         ND_PRINTK(3, info, "RA: rt: %p  lifetime: %d, for dev: %s\n",
1310                   rt, lifetime, skb->dev->name);
1311         if (!rt && lifetime) {
1312                 ND_PRINTK(3, info, "RA: adding default router\n");
1313 
1314                 rt = rt6_add_dflt_router(net, &ipv6_hdr(skb)->saddr,
1315                                          skb->dev, pref);
1316                 if (!rt) {
1317                         ND_PRINTK(0, err,
1318                                   "RA: %s failed to add default route\n",
1319                                   __func__);
1320                         return;
1321                 }
1322 
1323                 neigh = ip6_neigh_lookup(&rt->fib6_nh->fib_nh_gw6,
1324                                          rt->fib6_nh->fib_nh_dev, NULL,
1325                                           &ipv6_hdr(skb)->saddr);
1326                 if (!neigh) {
1327                         ND_PRINTK(0, err,
1328                                   "RA: %s got default router without neighbour\n",
1329                                   __func__);
1330                         fib6_info_release(rt);
1331                         return;
1332                 }
1333                 neigh->flags |= NTF_ROUTER;
1334         } else if (rt) {
1335                 rt->fib6_flags = (rt->fib6_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1336         }
1337 
1338         if (rt)
1339                 fib6_set_expires(rt, jiffies + (HZ * lifetime));
1340         if (in6_dev->cnf.accept_ra_min_hop_limit < 256 &&
1341             ra_msg->icmph.icmp6_hop_limit) {
1342                 if (in6_dev->cnf.accept_ra_min_hop_limit <= ra_msg->icmph.icmp6_hop_limit) {
1343                         in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1344                         fib6_metric_set(rt, RTAX_HOPLIMIT,
1345                                         ra_msg->icmph.icmp6_hop_limit);
1346                 } else {
1347                         ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than minimum\n");
1348                 }
1349         }
1350 
1351 skip_defrtr:
1352 
1353         /*
1354          *      Update Reachable Time and Retrans Timer
1355          */
1356 
1357         if (in6_dev->nd_parms) {
1358                 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1359 
1360                 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1361                         rtime = (rtime*HZ)/1000;
1362                         if (rtime < HZ/100)
1363                                 rtime = HZ/100;
1364                         NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1365                         in6_dev->tstamp = jiffies;
1366                         send_ifinfo_notify = true;
1367                 }
1368 
1369                 rtime = ntohl(ra_msg->reachable_time);
1370                 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1371                         rtime = (rtime*HZ)/1000;
1372 
1373                         if (rtime < HZ/10)
1374                                 rtime = HZ/10;
1375 
1376                         if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1377                                 NEIGH_VAR_SET(in6_dev->nd_parms,
1378                                               BASE_REACHABLE_TIME, rtime);
1379                                 NEIGH_VAR_SET(in6_dev->nd_parms,
1380                                               GC_STALETIME, 3 * rtime);
1381                                 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1382                                 in6_dev->tstamp = jiffies;
1383                                 send_ifinfo_notify = true;
1384                         }
1385                 }
1386         }
1387 
1388         /*
1389          *      Send a notify if RA changed managed/otherconf flags or timer settings
1390          */
1391         if (send_ifinfo_notify)
1392                 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1393 
1394 skip_linkparms:
1395 
1396         /*
1397          *      Process options.
1398          */
1399 
1400         if (!neigh)
1401                 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1402                                        skb->dev, 1);
1403         if (neigh) {
1404                 u8 *lladdr = NULL;
1405                 if (ndopts.nd_opts_src_lladdr) {
1406                         lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1407                                                      skb->dev);
1408                         if (!lladdr) {
1409                                 ND_PRINTK(2, warn,
1410                                           "RA: invalid link-layer address length\n");
1411                                 goto out;
1412                         }
1413                 }
1414                 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1415                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
1416                              NEIGH_UPDATE_F_OVERRIDE|
1417                              NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1418                              NEIGH_UPDATE_F_ISROUTER,
1419                              NDISC_ROUTER_ADVERTISEMENT, &ndopts);
1420         }
1421 
1422         if (!ipv6_accept_ra(in6_dev)) {
1423                 ND_PRINTK(2, info,
1424                           "RA: %s, accept_ra is false for dev: %s\n",
1425                           __func__, skb->dev->name);
1426                 goto out;
1427         }
1428 
1429 #ifdef CONFIG_IPV6_ROUTE_INFO
1430         if (!in6_dev->cnf.accept_ra_from_local &&
1431             ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1432                           in6_dev->dev, 0)) {
1433                 ND_PRINTK(2, info,
1434                           "RA from local address detected on dev: %s: router info ignored.\n",
1435                           skb->dev->name);
1436                 goto skip_routeinfo;
1437         }
1438 
1439         if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1440                 struct nd_opt_hdr *p;
1441                 for (p = ndopts.nd_opts_ri;
1442                      p;
1443                      p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1444                         struct route_info *ri = (struct route_info *)p;
1445 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1446                         if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1447                             ri->prefix_len == 0)
1448                                 continue;
1449 #endif
1450                         if (ri->prefix_len == 0 &&
1451                             !in6_dev->cnf.accept_ra_defrtr)
1452                                 continue;
1453                         if (ri->prefix_len < in6_dev->cnf.accept_ra_rt_info_min_plen)
1454                                 continue;
1455                         if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1456                                 continue;
1457                         rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1458                                       &ipv6_hdr(skb)->saddr);
1459                 }
1460         }
1461 
1462 skip_routeinfo:
1463 #endif
1464 
1465 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1466         /* skip link-specific ndopts from interior routers */
1467         if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1468                 ND_PRINTK(2, info,
1469                           "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1470                           __func__, skb->dev->name);
1471                 goto out;
1472         }
1473 #endif
1474 
1475         if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1476                 struct nd_opt_hdr *p;
1477                 for (p = ndopts.nd_opts_pi;
1478                      p;
1479                      p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1480                         addrconf_prefix_rcv(skb->dev, (u8 *)p,
1481                                             (p->nd_opt_len) << 3,
1482                                             ndopts.nd_opts_src_lladdr != NULL);
1483                 }
1484         }
1485 
1486         if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1487                 __be32 n;
1488                 u32 mtu;
1489 
1490                 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1491                 mtu = ntohl(n);
1492 
1493                 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1494                         ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1495                 } else if (in6_dev->cnf.mtu6 != mtu) {
1496                         in6_dev->cnf.mtu6 = mtu;
1497                         fib6_metric_set(rt, RTAX_MTU, mtu);
1498                         rt6_mtu_change(skb->dev, mtu);
1499                 }
1500         }
1501 
1502         if (ndopts.nd_useropts) {
1503                 struct nd_opt_hdr *p;
1504                 for (p = ndopts.nd_useropts;
1505                      p;
1506                      p = ndisc_next_useropt(skb->dev, p,
1507                                             ndopts.nd_useropts_end)) {
1508                         ndisc_ra_useropt(skb, p);
1509                 }
1510         }
1511 
1512         if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1513                 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1514         }
1515 out:
1516         fib6_info_release(rt);
1517         if (neigh)
1518                 neigh_release(neigh);
1519 }
1520 
1521 static void ndisc_redirect_rcv(struct sk_buff *skb)
1522 {
1523         u8 *hdr;
1524         struct ndisc_options ndopts;
1525         struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1526         u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1527                                     offsetof(struct rd_msg, opt));
1528 
1529 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1530         switch (skb->ndisc_nodetype) {
1531         case NDISC_NODETYPE_HOST:
1532         case NDISC_NODETYPE_NODEFAULT:
1533                 ND_PRINTK(2, warn,
1534                           "Redirect: from host or unauthorized router\n");
1535                 return;
1536         }
1537 #endif
1538 
1539         if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1540                 ND_PRINTK(2, warn,
1541                           "Redirect: source address is not link-local\n");
1542                 return;
1543         }
1544 
1545         if (!ndisc_parse_options(skb->dev, msg->opt, ndoptlen, &ndopts))
1546                 return;
1547 
1548         if (!ndopts.nd_opts_rh) {
1549                 ip6_redirect_no_header(skb, dev_net(skb->dev),
1550                                         skb->dev->ifindex);
1551                 return;
1552         }
1553 
1554         hdr = (u8 *)ndopts.nd_opts_rh;
1555         hdr += 8;
1556         if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1557                 return;
1558 
1559         icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1560 }
1561 
1562 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1563                                            struct sk_buff *orig_skb,
1564                                            int rd_len)
1565 {
1566         u8 *opt = skb_put(skb, rd_len);
1567 
1568         memset(opt, 0, 8);
1569         *(opt++) = ND_OPT_REDIRECT_HDR;
1570         *(opt++) = (rd_len >> 3);
1571         opt += 6;
1572 
1573         skb_copy_bits(orig_skb, skb_network_offset(orig_skb), opt,
1574                       rd_len - 8);
1575 }
1576 
1577 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1578 {
1579         struct net_device *dev = skb->dev;
1580         struct net *net = dev_net(dev);
1581         struct sock *sk = net->ipv6.ndisc_sk;
1582         int optlen = 0;
1583         struct inet_peer *peer;
1584         struct sk_buff *buff;
1585         struct rd_msg *msg;
1586         struct in6_addr saddr_buf;
1587         struct rt6_info *rt;
1588         struct dst_entry *dst;
1589         struct flowi6 fl6;
1590         int rd_len;
1591         u8 ha_buf[MAX_ADDR_LEN], *ha = NULL,
1592            ops_data_buf[NDISC_OPS_REDIRECT_DATA_SPACE], *ops_data = NULL;
1593         bool ret;
1594 
1595         if (netif_is_l3_master(skb->dev)) {
1596                 dev = __dev_get_by_index(dev_net(skb->dev), IPCB(skb)->iif);
1597                 if (!dev)
1598                         return;
1599         }
1600 
1601         if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1602                 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1603                           dev->name);
1604                 return;
1605         }
1606 
1607         if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1608             ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1609                 ND_PRINTK(2, warn,
1610                           "Redirect: target address is not link-local unicast\n");
1611                 return;
1612         }
1613 
1614         icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1615                          &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1616 
1617         dst = ip6_route_output(net, NULL, &fl6);
1618         if (dst->error) {
1619                 dst_release(dst);
1620                 return;
1621         }
1622         dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1623         if (IS_ERR(dst))
1624                 return;
1625 
1626         rt = (struct rt6_info *) dst;
1627 
1628         if (rt->rt6i_flags & RTF_GATEWAY) {
1629                 ND_PRINTK(2, warn,
1630                           "Redirect: destination is not a neighbour\n");
1631                 goto release;
1632         }
1633         peer = inet_getpeer_v6(net->ipv6.peers, &ipv6_hdr(skb)->saddr, 1);
1634         ret = inet_peer_xrlim_allow(peer, 1*HZ);
1635         if (peer)
1636                 inet_putpeer(peer);
1637         if (!ret)
1638                 goto release;
1639 
1640         if (dev->addr_len) {
1641                 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1642                 if (!neigh) {
1643                         ND_PRINTK(2, warn,
1644                                   "Redirect: no neigh for target address\n");
1645                         goto release;
1646                 }
1647 
1648                 read_lock_bh(&neigh->lock);
1649                 if (neigh->nud_state & NUD_VALID) {
1650                         memcpy(ha_buf, neigh->ha, dev->addr_len);
1651                         read_unlock_bh(&neigh->lock);
1652                         ha = ha_buf;
1653                         optlen += ndisc_redirect_opt_addr_space(dev, neigh,
1654                                                                 ops_data_buf,
1655                                                                 &ops_data);
1656                 } else
1657                         read_unlock_bh(&neigh->lock);
1658 
1659                 neigh_release(neigh);
1660         }
1661 
1662         rd_len = min_t(unsigned int,
1663                        IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1664                        skb->len + 8);
1665         rd_len &= ~0x7;
1666         optlen += rd_len;
1667 
1668         buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1669         if (!buff)
1670                 goto release;
1671 
1672         msg = skb_put(buff, sizeof(*msg));
1673         *msg = (struct rd_msg) {
1674                 .icmph = {
1675                         .icmp6_type = NDISC_REDIRECT,
1676                 },
1677                 .target = *target,
1678                 .dest = ipv6_hdr(skb)->daddr,
1679         };
1680 
1681         /*
1682          *      include target_address option
1683          */
1684 
1685         if (ha)
1686                 ndisc_fill_redirect_addr_option(buff, ha, ops_data);
1687 
1688         /*
1689          *      build redirect option and copy skb over to the new packet.
1690          */
1691 
1692         if (rd_len)
1693                 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1694 
1695         skb_dst_set(buff, dst);
1696         ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1697         return;
1698 
1699 release:
1700         dst_release(dst);
1701 }
1702 
1703 static void pndisc_redo(struct sk_buff *skb)
1704 {
1705         ndisc_recv_ns(skb);
1706         kfree_skb(skb);
1707 }
1708 
1709 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1710 {
1711         struct inet6_dev *idev = __in6_dev_get(skb->dev);
1712 
1713         if (!idev)
1714                 return true;
1715         if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1716             idev->cnf.suppress_frag_ndisc) {
1717                 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1718                 return true;
1719         }
1720         return false;
1721 }
1722 
1723 int ndisc_rcv(struct sk_buff *skb)
1724 {
1725         struct nd_msg *msg;
1726 
1727         if (ndisc_suppress_frag_ndisc(skb))
1728                 return 0;
1729 
1730         if (skb_linearize(skb))
1731                 return 0;
1732 
1733         msg = (struct nd_msg *)skb_transport_header(skb);
1734 
1735         __skb_push(skb, skb->data - skb_transport_header(skb));
1736 
1737         if (ipv6_hdr(skb)->hop_limit != 255) {
1738                 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1739                           ipv6_hdr(skb)->hop_limit);
1740                 return 0;
1741         }
1742 
1743         if (msg->icmph.icmp6_code != 0) {
1744                 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1745                           msg->icmph.icmp6_code);
1746                 return 0;
1747         }
1748 
1749         switch (msg->icmph.icmp6_type) {
1750         case NDISC_NEIGHBOUR_SOLICITATION:
1751                 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1752                 ndisc_recv_ns(skb);
1753                 break;
1754 
1755         case NDISC_NEIGHBOUR_ADVERTISEMENT:
1756                 ndisc_recv_na(skb);
1757                 break;
1758 
1759         case NDISC_ROUTER_SOLICITATION:
1760                 ndisc_recv_rs(skb);
1761                 break;
1762 
1763         case NDISC_ROUTER_ADVERTISEMENT:
1764                 ndisc_router_discovery(skb);
1765                 break;
1766 
1767         case NDISC_REDIRECT:
1768                 ndisc_redirect_rcv(skb);
1769                 break;
1770         }
1771 
1772         return 0;
1773 }
1774 
1775 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1776 {
1777         struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1778         struct netdev_notifier_change_info *change_info;
1779         struct net *net = dev_net(dev);
1780         struct inet6_dev *idev;
1781 
1782         switch (event) {
1783         case NETDEV_CHANGEADDR:
1784                 neigh_changeaddr(&nd_tbl, dev);
1785                 fib6_run_gc(0, net, false);
1786                 fallthrough;
1787         case NETDEV_UP:
1788                 idev = in6_dev_get(dev);
1789                 if (!idev)
1790                         break;
1791                 if (idev->cnf.ndisc_notify ||
1792                     net->ipv6.devconf_all->ndisc_notify)
1793                         ndisc_send_unsol_na(dev);
1794                 in6_dev_put(idev);
1795                 break;
1796         case NETDEV_CHANGE:
1797                 change_info = ptr;
1798                 if (change_info->flags_changed & IFF_NOARP)
1799                         neigh_changeaddr(&nd_tbl, dev);
1800                 if (!netif_carrier_ok(dev))
1801                         neigh_carrier_down(&nd_tbl, dev);
1802                 break;
1803         case NETDEV_DOWN:
1804                 neigh_ifdown(&nd_tbl, dev);
1805                 fib6_run_gc(0, net, false);
1806                 break;
1807         case NETDEV_NOTIFY_PEERS:
1808                 ndisc_send_unsol_na(dev);
1809                 break;
1810         default:
1811                 break;
1812         }
1813 
1814         return NOTIFY_DONE;
1815 }
1816 
1817 static struct notifier_block ndisc_netdev_notifier = {
1818         .notifier_call = ndisc_netdev_event,
1819         .priority = ADDRCONF_NOTIFY_PRIORITY - 5,
1820 };
1821 
1822 #ifdef CONFIG_SYSCTL
1823 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1824                                          const char *func, const char *dev_name)
1825 {
1826         static char warncomm[TASK_COMM_LEN];
1827         static int warned;
1828         if (strcmp(warncomm, current->comm) && warned < 5) {
1829                 strcpy(warncomm, current->comm);
1830                 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1831                         warncomm, func,
1832                         dev_name, ctl->procname,
1833                         dev_name, ctl->procname);
1834                 warned++;
1835         }
1836 }
1837 
1838 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1839 {
1840         struct net_device *dev = ctl->extra1;
1841         struct inet6_dev *idev;
1842         int ret;
1843 
1844         if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1845             (strcmp(ctl->procname, "base_reachable_time") == 0))
1846                 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1847 
1848         if (strcmp(ctl->procname, "retrans_time") == 0)
1849                 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1850 
1851         else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1852                 ret = neigh_proc_dointvec_jiffies(ctl, write,
1853                                                   buffer, lenp, ppos);
1854 
1855         else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1856                  (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1857                 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1858                                                      buffer, lenp, ppos);
1859         else
1860                 ret = -1;
1861 
1862         if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1863                 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1864                         idev->nd_parms->reachable_time =
1865                                         neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1866                 idev->tstamp = jiffies;
1867                 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1868                 in6_dev_put(idev);
1869         }
1870         return ret;
1871 }
1872 
1873 
1874 #endif
1875 
1876 static int __net_init ndisc_net_init(struct net *net)
1877 {
1878         struct ipv6_pinfo *np;
1879         struct sock *sk;
1880         int err;
1881 
1882         err = inet_ctl_sock_create(&sk, PF_INET6,
1883                                    SOCK_RAW, IPPROTO_ICMPV6, net);
1884         if (err < 0) {
1885                 ND_PRINTK(0, err,
1886                           "NDISC: Failed to initialize the control socket (err %d)\n",
1887                           err);
1888                 return err;
1889         }
1890 
1891         net->ipv6.ndisc_sk = sk;
1892 
1893         np = inet6_sk(sk);
1894         np->hop_limit = 255;
1895         /* Do not loopback ndisc messages */
1896         np->mc_loop = 0;
1897 
1898         return 0;
1899 }
1900 
1901 static void __net_exit ndisc_net_exit(struct net *net)
1902 {
1903         inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1904 }
1905 
1906 static struct pernet_operations ndisc_net_ops = {
1907         .init = ndisc_net_init,
1908         .exit = ndisc_net_exit,
1909 };
1910 
1911 int __init ndisc_init(void)
1912 {
1913         int err;
1914 
1915         err = register_pernet_subsys(&ndisc_net_ops);
1916         if (err)
1917                 return err;
1918         /*
1919          * Initialize the neighbour table
1920          */
1921         neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1922 
1923 #ifdef CONFIG_SYSCTL
1924         err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1925                                     ndisc_ifinfo_sysctl_change);
1926         if (err)
1927                 goto out_unregister_pernet;
1928 out:
1929 #endif
1930         return err;
1931 
1932 #ifdef CONFIG_SYSCTL
1933 out_unregister_pernet:
1934         unregister_pernet_subsys(&ndisc_net_ops);
1935         goto out;
1936 #endif
1937 }
1938 
1939 int __init ndisc_late_init(void)
1940 {
1941         return register_netdevice_notifier(&ndisc_netdev_notifier);
1942 }
1943 
1944 void ndisc_late_cleanup(void)
1945 {
1946         unregister_netdevice_notifier(&ndisc_netdev_notifier);
1947 }
1948 
1949 void ndisc_cleanup(void)
1950 {
1951 #ifdef CONFIG_SYSCTL
1952         neigh_sysctl_unregister(&nd_tbl.parms);
1953 #endif
1954         neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1955         unregister_pernet_subsys(&ndisc_net_ops);
1956 }
1957 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp