~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/ipv6/ndisc.c

Version: ~ [ linux-4.15-rc3 ] ~ [ linux-4.14.5 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.68 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.105 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.47 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.87 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.51 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-3.9.11 ] ~ [ linux-3.8.13 ] ~ [ linux-3.7.10 ] ~ [ linux-3.6.11 ] ~ [ linux-3.5.7 ] ~ [ linux-3.4.113 ] ~ [ linux-3.3.8 ] ~ [ linux-3.2.96 ] ~ [ linux-3.1.10 ] ~ [ linux-3.0.101 ] ~ [ linux-2.6.39.4 ] ~ [ linux-2.6.38.8 ] ~ [ linux-2.6.37.6 ] ~ [ linux-2.6.36.4 ] ~ [ linux-2.6.35.14 ] ~ [ linux-2.6.34.15 ] ~ [ linux-2.6.33.20 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.27.62 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /*
  2  *      Neighbour Discovery for IPv6
  3  *      Linux INET6 implementation
  4  *
  5  *      Authors:
  6  *      Pedro Roque             <roque@di.fc.ul.pt>
  7  *      Mike Shaver             <shaver@ingenia.com>
  8  *
  9  *      This program is free software; you can redistribute it and/or
 10  *      modify it under the terms of the GNU General Public License
 11  *      as published by the Free Software Foundation; either version
 12  *      2 of the License, or (at your option) any later version.
 13  */
 14 
 15 /*
 16  *      Changes:
 17  *
 18  *      Alexey I. Froloff               :       RFC6106 (DNSSL) support
 19  *      Pierre Ynard                    :       export userland ND options
 20  *                                              through netlink (RDNSS support)
 21  *      Lars Fenneberg                  :       fixed MTU setting on receipt
 22  *                                              of an RA.
 23  *      Janos Farkas                    :       kmalloc failure checks
 24  *      Alexey Kuznetsov                :       state machine reworked
 25  *                                              and moved to net/core.
 26  *      Pekka Savola                    :       RFC2461 validation
 27  *      YOSHIFUJI Hideaki @USAGI        :       Verify ND options properly
 28  */
 29 
 30 #define pr_fmt(fmt) "ICMPv6: " fmt
 31 
 32 #include <linux/module.h>
 33 #include <linux/errno.h>
 34 #include <linux/types.h>
 35 #include <linux/socket.h>
 36 #include <linux/sockios.h>
 37 #include <linux/sched.h>
 38 #include <linux/net.h>
 39 #include <linux/in6.h>
 40 #include <linux/route.h>
 41 #include <linux/init.h>
 42 #include <linux/rcupdate.h>
 43 #include <linux/slab.h>
 44 #ifdef CONFIG_SYSCTL
 45 #include <linux/sysctl.h>
 46 #endif
 47 
 48 #include <linux/if_addr.h>
 49 #include <linux/if_ether.h>
 50 #include <linux/if_arp.h>
 51 #include <linux/ipv6.h>
 52 #include <linux/icmpv6.h>
 53 #include <linux/jhash.h>
 54 
 55 #include <net/sock.h>
 56 #include <net/snmp.h>
 57 
 58 #include <net/ipv6.h>
 59 #include <net/protocol.h>
 60 #include <net/ndisc.h>
 61 #include <net/ip6_route.h>
 62 #include <net/addrconf.h>
 63 #include <net/icmp.h>
 64 
 65 #include <net/netlink.h>
 66 #include <linux/rtnetlink.h>
 67 
 68 #include <net/flow.h>
 69 #include <net/ip6_checksum.h>
 70 #include <net/inet_common.h>
 71 #include <linux/proc_fs.h>
 72 
 73 #include <linux/netfilter.h>
 74 #include <linux/netfilter_ipv6.h>
 75 
 76 static u32 ndisc_hash(const void *pkey,
 77                       const struct net_device *dev,
 78                       __u32 *hash_rnd);
 79 static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey);
 80 static int ndisc_constructor(struct neighbour *neigh);
 81 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
 82 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
 83 static int pndisc_constructor(struct pneigh_entry *n);
 84 static void pndisc_destructor(struct pneigh_entry *n);
 85 static void pndisc_redo(struct sk_buff *skb);
 86 
 87 static const struct neigh_ops ndisc_generic_ops = {
 88         .family =               AF_INET6,
 89         .solicit =              ndisc_solicit,
 90         .error_report =         ndisc_error_report,
 91         .output =               neigh_resolve_output,
 92         .connected_output =     neigh_connected_output,
 93 };
 94 
 95 static const struct neigh_ops ndisc_hh_ops = {
 96         .family =               AF_INET6,
 97         .solicit =              ndisc_solicit,
 98         .error_report =         ndisc_error_report,
 99         .output =               neigh_resolve_output,
100         .connected_output =     neigh_resolve_output,
101 };
102 
103 
104 static const struct neigh_ops ndisc_direct_ops = {
105         .family =               AF_INET6,
106         .output =               neigh_direct_output,
107         .connected_output =     neigh_direct_output,
108 };
109 
110 struct neigh_table nd_tbl = {
111         .family =       AF_INET6,
112         .key_len =      sizeof(struct in6_addr),
113         .protocol =     cpu_to_be16(ETH_P_IPV6),
114         .hash =         ndisc_hash,
115         .key_eq =       ndisc_key_eq,
116         .constructor =  ndisc_constructor,
117         .pconstructor = pndisc_constructor,
118         .pdestructor =  pndisc_destructor,
119         .proxy_redo =   pndisc_redo,
120         .id =           "ndisc_cache",
121         .parms = {
122                 .tbl                    = &nd_tbl,
123                 .reachable_time         = ND_REACHABLE_TIME,
124                 .data = {
125                         [NEIGH_VAR_MCAST_PROBES] = 3,
126                         [NEIGH_VAR_UCAST_PROBES] = 3,
127                         [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
128                         [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
129                         [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
130                         [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
131                         [NEIGH_VAR_QUEUE_LEN_BYTES] = SK_WMEM_MAX,
132                         [NEIGH_VAR_PROXY_QLEN] = 64,
133                         [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
134                         [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
135                 },
136         },
137         .gc_interval =    30 * HZ,
138         .gc_thresh1 =    128,
139         .gc_thresh2 =    512,
140         .gc_thresh3 =   1024,
141 };
142 EXPORT_SYMBOL_GPL(nd_tbl);
143 
144 void __ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data,
145                               int data_len, int pad)
146 {
147         int space = __ndisc_opt_addr_space(data_len, pad);
148         u8 *opt = skb_put(skb, space);
149 
150         opt[0] = type;
151         opt[1] = space>>3;
152 
153         memset(opt + 2, 0, pad);
154         opt   += pad;
155         space -= pad;
156 
157         memcpy(opt+2, data, data_len);
158         data_len += 2;
159         opt += data_len;
160         space -= data_len;
161         if (space > 0)
162                 memset(opt, 0, space);
163 }
164 EXPORT_SYMBOL_GPL(__ndisc_fill_addr_option);
165 
166 static inline void ndisc_fill_addr_option(struct sk_buff *skb, int type,
167                                           void *data, u8 icmp6_type)
168 {
169         __ndisc_fill_addr_option(skb, type, data, skb->dev->addr_len,
170                                  ndisc_addr_option_pad(skb->dev->type));
171         ndisc_ops_fill_addr_option(skb->dev, skb, icmp6_type);
172 }
173 
174 static inline void ndisc_fill_redirect_addr_option(struct sk_buff *skb,
175                                                    void *ha,
176                                                    const u8 *ops_data)
177 {
178         ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR, ha, NDISC_REDIRECT);
179         ndisc_ops_fill_redirect_addr_option(skb->dev, skb, ops_data);
180 }
181 
182 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
183                                             struct nd_opt_hdr *end)
184 {
185         int type;
186         if (!cur || !end || cur >= end)
187                 return NULL;
188         type = cur->nd_opt_type;
189         do {
190                 cur = ((void *)cur) + (cur->nd_opt_len << 3);
191         } while (cur < end && cur->nd_opt_type != type);
192         return cur <= end && cur->nd_opt_type == type ? cur : NULL;
193 }
194 
195 static inline int ndisc_is_useropt(const struct net_device *dev,
196                                    struct nd_opt_hdr *opt)
197 {
198         return opt->nd_opt_type == ND_OPT_RDNSS ||
199                 opt->nd_opt_type == ND_OPT_DNSSL ||
200                 ndisc_ops_is_useropt(dev, opt->nd_opt_type);
201 }
202 
203 static struct nd_opt_hdr *ndisc_next_useropt(const struct net_device *dev,
204                                              struct nd_opt_hdr *cur,
205                                              struct nd_opt_hdr *end)
206 {
207         if (!cur || !end || cur >= end)
208                 return NULL;
209         do {
210                 cur = ((void *)cur) + (cur->nd_opt_len << 3);
211         } while (cur < end && !ndisc_is_useropt(dev, cur));
212         return cur <= end && ndisc_is_useropt(dev, cur) ? cur : NULL;
213 }
214 
215 struct ndisc_options *ndisc_parse_options(const struct net_device *dev,
216                                           u8 *opt, int opt_len,
217                                           struct ndisc_options *ndopts)
218 {
219         struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
220 
221         if (!nd_opt || opt_len < 0 || !ndopts)
222                 return NULL;
223         memset(ndopts, 0, sizeof(*ndopts));
224         while (opt_len) {
225                 int l;
226                 if (opt_len < sizeof(struct nd_opt_hdr))
227                         return NULL;
228                 l = nd_opt->nd_opt_len << 3;
229                 if (opt_len < l || l == 0)
230                         return NULL;
231                 if (ndisc_ops_parse_options(dev, nd_opt, ndopts))
232                         goto next_opt;
233                 switch (nd_opt->nd_opt_type) {
234                 case ND_OPT_SOURCE_LL_ADDR:
235                 case ND_OPT_TARGET_LL_ADDR:
236                 case ND_OPT_MTU:
237                 case ND_OPT_NONCE:
238                 case ND_OPT_REDIRECT_HDR:
239                         if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
240                                 ND_PRINTK(2, warn,
241                                           "%s: duplicated ND6 option found: type=%d\n",
242                                           __func__, nd_opt->nd_opt_type);
243                         } else {
244                                 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
245                         }
246                         break;
247                 case ND_OPT_PREFIX_INFO:
248                         ndopts->nd_opts_pi_end = nd_opt;
249                         if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
250                                 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
251                         break;
252 #ifdef CONFIG_IPV6_ROUTE_INFO
253                 case ND_OPT_ROUTE_INFO:
254                         ndopts->nd_opts_ri_end = nd_opt;
255                         if (!ndopts->nd_opts_ri)
256                                 ndopts->nd_opts_ri = nd_opt;
257                         break;
258 #endif
259                 default:
260                         if (ndisc_is_useropt(dev, nd_opt)) {
261                                 ndopts->nd_useropts_end = nd_opt;
262                                 if (!ndopts->nd_useropts)
263                                         ndopts->nd_useropts = nd_opt;
264                         } else {
265                                 /*
266                                  * Unknown options must be silently ignored,
267                                  * to accommodate future extension to the
268                                  * protocol.
269                                  */
270                                 ND_PRINTK(2, notice,
271                                           "%s: ignored unsupported option; type=%d, len=%d\n",
272                                           __func__,
273                                           nd_opt->nd_opt_type,
274                                           nd_opt->nd_opt_len);
275                         }
276                 }
277 next_opt:
278                 opt_len -= l;
279                 nd_opt = ((void *)nd_opt) + l;
280         }
281         return ndopts;
282 }
283 
284 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
285 {
286         switch (dev->type) {
287         case ARPHRD_ETHER:
288         case ARPHRD_IEEE802:    /* Not sure. Check it later. --ANK */
289         case ARPHRD_FDDI:
290                 ipv6_eth_mc_map(addr, buf);
291                 return 0;
292         case ARPHRD_ARCNET:
293                 ipv6_arcnet_mc_map(addr, buf);
294                 return 0;
295         case ARPHRD_INFINIBAND:
296                 ipv6_ib_mc_map(addr, dev->broadcast, buf);
297                 return 0;
298         case ARPHRD_IPGRE:
299                 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
300         default:
301                 if (dir) {
302                         memcpy(buf, dev->broadcast, dev->addr_len);
303                         return 0;
304                 }
305         }
306         return -EINVAL;
307 }
308 EXPORT_SYMBOL(ndisc_mc_map);
309 
310 static u32 ndisc_hash(const void *pkey,
311                       const struct net_device *dev,
312                       __u32 *hash_rnd)
313 {
314         return ndisc_hashfn(pkey, dev, hash_rnd);
315 }
316 
317 static bool ndisc_key_eq(const struct neighbour *n, const void *pkey)
318 {
319         return neigh_key_eq128(n, pkey);
320 }
321 
322 static int ndisc_constructor(struct neighbour *neigh)
323 {
324         struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
325         struct net_device *dev = neigh->dev;
326         struct inet6_dev *in6_dev;
327         struct neigh_parms *parms;
328         bool is_multicast = ipv6_addr_is_multicast(addr);
329 
330         in6_dev = in6_dev_get(dev);
331         if (!in6_dev) {
332                 return -EINVAL;
333         }
334 
335         parms = in6_dev->nd_parms;
336         __neigh_parms_put(neigh->parms);
337         neigh->parms = neigh_parms_clone(parms);
338 
339         neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
340         if (!dev->header_ops) {
341                 neigh->nud_state = NUD_NOARP;
342                 neigh->ops = &ndisc_direct_ops;
343                 neigh->output = neigh_direct_output;
344         } else {
345                 if (is_multicast) {
346                         neigh->nud_state = NUD_NOARP;
347                         ndisc_mc_map(addr, neigh->ha, dev, 1);
348                 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
349                         neigh->nud_state = NUD_NOARP;
350                         memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
351                         if (dev->flags&IFF_LOOPBACK)
352                                 neigh->type = RTN_LOCAL;
353                 } else if (dev->flags&IFF_POINTOPOINT) {
354                         neigh->nud_state = NUD_NOARP;
355                         memcpy(neigh->ha, dev->broadcast, dev->addr_len);
356                 }
357                 if (dev->header_ops->cache)
358                         neigh->ops = &ndisc_hh_ops;
359                 else
360                         neigh->ops = &ndisc_generic_ops;
361                 if (neigh->nud_state&NUD_VALID)
362                         neigh->output = neigh->ops->connected_output;
363                 else
364                         neigh->output = neigh->ops->output;
365         }
366         in6_dev_put(in6_dev);
367         return 0;
368 }
369 
370 static int pndisc_constructor(struct pneigh_entry *n)
371 {
372         struct in6_addr *addr = (struct in6_addr *)&n->key;
373         struct in6_addr maddr;
374         struct net_device *dev = n->dev;
375 
376         if (!dev || !__in6_dev_get(dev))
377                 return -EINVAL;
378         addrconf_addr_solict_mult(addr, &maddr);
379         ipv6_dev_mc_inc(dev, &maddr);
380         return 0;
381 }
382 
383 static void pndisc_destructor(struct pneigh_entry *n)
384 {
385         struct in6_addr *addr = (struct in6_addr *)&n->key;
386         struct in6_addr maddr;
387         struct net_device *dev = n->dev;
388 
389         if (!dev || !__in6_dev_get(dev))
390                 return;
391         addrconf_addr_solict_mult(addr, &maddr);
392         ipv6_dev_mc_dec(dev, &maddr);
393 }
394 
395 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
396                                        int len)
397 {
398         int hlen = LL_RESERVED_SPACE(dev);
399         int tlen = dev->needed_tailroom;
400         struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
401         struct sk_buff *skb;
402 
403         skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
404         if (!skb) {
405                 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
406                           __func__);
407                 return NULL;
408         }
409 
410         skb->protocol = htons(ETH_P_IPV6);
411         skb->dev = dev;
412 
413         skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
414         skb_reset_transport_header(skb);
415 
416         /* Manually assign socket ownership as we avoid calling
417          * sock_alloc_send_pskb() to bypass wmem buffer limits
418          */
419         skb_set_owner_w(skb, sk);
420 
421         return skb;
422 }
423 
424 static void ip6_nd_hdr(struct sk_buff *skb,
425                        const struct in6_addr *saddr,
426                        const struct in6_addr *daddr,
427                        int hop_limit, int len)
428 {
429         struct ipv6hdr *hdr;
430         struct inet6_dev *idev;
431         unsigned tclass;
432 
433         rcu_read_lock();
434         idev = __in6_dev_get(skb->dev);
435         tclass = idev ? idev->cnf.ndisc_tclass : 0;
436         rcu_read_unlock();
437 
438         skb_push(skb, sizeof(*hdr));
439         skb_reset_network_header(skb);
440         hdr = ipv6_hdr(skb);
441 
442         ip6_flow_hdr(hdr, tclass, 0);
443 
444         hdr->payload_len = htons(len);
445         hdr->nexthdr = IPPROTO_ICMPV6;
446         hdr->hop_limit = hop_limit;
447 
448         hdr->saddr = *saddr;
449         hdr->daddr = *daddr;
450 }
451 
452 static void ndisc_send_skb(struct sk_buff *skb,
453                            const struct in6_addr *daddr,
454                            const struct in6_addr *saddr)
455 {
456         struct dst_entry *dst = skb_dst(skb);
457         struct net *net = dev_net(skb->dev);
458         struct sock *sk = net->ipv6.ndisc_sk;
459         struct inet6_dev *idev;
460         int err;
461         struct icmp6hdr *icmp6h = icmp6_hdr(skb);
462         u8 type;
463 
464         type = icmp6h->icmp6_type;
465 
466         if (!dst) {
467                 struct flowi6 fl6;
468                 int oif = skb->dev->ifindex;
469 
470                 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, oif);
471                 dst = icmp6_dst_alloc(skb->dev, &fl6);
472                 if (IS_ERR(dst)) {
473                         kfree_skb(skb);
474                         return;
475                 }
476 
477                 skb_dst_set(skb, dst);
478         }
479 
480         icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
481                                               IPPROTO_ICMPV6,
482                                               csum_partial(icmp6h,
483                                                            skb->len, 0));
484 
485         ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
486 
487         rcu_read_lock();
488         idev = __in6_dev_get(dst->dev);
489         IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
490 
491         err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
492                       net, sk, skb, NULL, dst->dev,
493                       dst_output);
494         if (!err) {
495                 ICMP6MSGOUT_INC_STATS(net, idev, type);
496                 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
497         }
498 
499         rcu_read_unlock();
500 }
501 
502 void ndisc_send_na(struct net_device *dev, const struct in6_addr *daddr,
503                    const struct in6_addr *solicited_addr,
504                    bool router, bool solicited, bool override, bool inc_opt)
505 {
506         struct sk_buff *skb;
507         struct in6_addr tmpaddr;
508         struct inet6_ifaddr *ifp;
509         const struct in6_addr *src_addr;
510         struct nd_msg *msg;
511         int optlen = 0;
512 
513         /* for anycast or proxy, solicited_addr != src_addr */
514         ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
515         if (ifp) {
516                 src_addr = solicited_addr;
517                 if (ifp->flags & IFA_F_OPTIMISTIC)
518                         override = false;
519                 inc_opt |= ifp->idev->cnf.force_tllao;
520                 in6_ifa_put(ifp);
521         } else {
522                 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
523                                        inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
524                                        &tmpaddr))
525                         return;
526                 src_addr = &tmpaddr;
527         }
528 
529         if (!dev->addr_len)
530                 inc_opt = 0;
531         if (inc_opt)
532                 optlen += ndisc_opt_addr_space(dev,
533                                                NDISC_NEIGHBOUR_ADVERTISEMENT);
534 
535         skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
536         if (!skb)
537                 return;
538 
539         msg = skb_put(skb, sizeof(*msg));
540         *msg = (struct nd_msg) {
541                 .icmph = {
542                         .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
543                         .icmp6_router = router,
544                         .icmp6_solicited = solicited,
545                         .icmp6_override = override,
546                 },
547                 .target = *solicited_addr,
548         };
549 
550         if (inc_opt)
551                 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
552                                        dev->dev_addr,
553                                        NDISC_NEIGHBOUR_ADVERTISEMENT);
554 
555         ndisc_send_skb(skb, daddr, src_addr);
556 }
557 
558 static void ndisc_send_unsol_na(struct net_device *dev)
559 {
560         struct inet6_dev *idev;
561         struct inet6_ifaddr *ifa;
562 
563         idev = in6_dev_get(dev);
564         if (!idev)
565                 return;
566 
567         read_lock_bh(&idev->lock);
568         list_for_each_entry(ifa, &idev->addr_list, if_list) {
569                 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &ifa->addr,
570                               /*router=*/ !!idev->cnf.forwarding,
571                               /*solicited=*/ false, /*override=*/ true,
572                               /*inc_opt=*/ true);
573         }
574         read_unlock_bh(&idev->lock);
575 
576         in6_dev_put(idev);
577 }
578 
579 void ndisc_send_ns(struct net_device *dev, const struct in6_addr *solicit,
580                    const struct in6_addr *daddr, const struct in6_addr *saddr,
581                    u64 nonce)
582 {
583         struct sk_buff *skb;
584         struct in6_addr addr_buf;
585         int inc_opt = dev->addr_len;
586         int optlen = 0;
587         struct nd_msg *msg;
588 
589         if (!saddr) {
590                 if (ipv6_get_lladdr(dev, &addr_buf,
591                                    (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
592                         return;
593                 saddr = &addr_buf;
594         }
595 
596         if (ipv6_addr_any(saddr))
597                 inc_opt = false;
598         if (inc_opt)
599                 optlen += ndisc_opt_addr_space(dev,
600                                                NDISC_NEIGHBOUR_SOLICITATION);
601         if (nonce != 0)
602                 optlen += 8;
603 
604         skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
605         if (!skb)
606                 return;
607 
608         msg = skb_put(skb, sizeof(*msg));
609         *msg = (struct nd_msg) {
610                 .icmph = {
611                         .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
612                 },
613                 .target = *solicit,
614         };
615 
616         if (inc_opt)
617                 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
618                                        dev->dev_addr,
619                                        NDISC_NEIGHBOUR_SOLICITATION);
620         if (nonce != 0) {
621                 u8 *opt = skb_put(skb, 8);
622 
623                 opt[0] = ND_OPT_NONCE;
624                 opt[1] = 8 >> 3;
625                 memcpy(opt + 2, &nonce, 6);
626         }
627 
628         ndisc_send_skb(skb, daddr, saddr);
629 }
630 
631 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
632                    const struct in6_addr *daddr)
633 {
634         struct sk_buff *skb;
635         struct rs_msg *msg;
636         int send_sllao = dev->addr_len;
637         int optlen = 0;
638 
639 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
640         /*
641          * According to section 2.2 of RFC 4429, we must not
642          * send router solicitations with a sllao from
643          * optimistic addresses, but we may send the solicitation
644          * if we don't include the sllao.  So here we check
645          * if our address is optimistic, and if so, we
646          * suppress the inclusion of the sllao.
647          */
648         if (send_sllao) {
649                 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
650                                                            dev, 1);
651                 if (ifp) {
652                         if (ifp->flags & IFA_F_OPTIMISTIC)  {
653                                 send_sllao = 0;
654                         }
655                         in6_ifa_put(ifp);
656                 } else {
657                         send_sllao = 0;
658                 }
659         }
660 #endif
661         if (send_sllao)
662                 optlen += ndisc_opt_addr_space(dev, NDISC_ROUTER_SOLICITATION);
663 
664         skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
665         if (!skb)
666                 return;
667 
668         msg = skb_put(skb, sizeof(*msg));
669         *msg = (struct rs_msg) {
670                 .icmph = {
671                         .icmp6_type = NDISC_ROUTER_SOLICITATION,
672                 },
673         };
674 
675         if (send_sllao)
676                 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
677                                        dev->dev_addr,
678                                        NDISC_ROUTER_SOLICITATION);
679 
680         ndisc_send_skb(skb, daddr, saddr);
681 }
682 
683 
684 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
685 {
686         /*
687          *      "The sender MUST return an ICMP
688          *       destination unreachable"
689          */
690         dst_link_failure(skb);
691         kfree_skb(skb);
692 }
693 
694 /* Called with locked neigh: either read or both */
695 
696 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
697 {
698         struct in6_addr *saddr = NULL;
699         struct in6_addr mcaddr;
700         struct net_device *dev = neigh->dev;
701         struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
702         int probes = atomic_read(&neigh->probes);
703 
704         if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
705                                            dev, 1,
706                                            IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
707                 saddr = &ipv6_hdr(skb)->saddr;
708         probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
709         if (probes < 0) {
710                 if (!(neigh->nud_state & NUD_VALID)) {
711                         ND_PRINTK(1, dbg,
712                                   "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
713                                   __func__, target);
714                 }
715                 ndisc_send_ns(dev, target, target, saddr, 0);
716         } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
717                 neigh_app_ns(neigh);
718         } else {
719                 addrconf_addr_solict_mult(target, &mcaddr);
720                 ndisc_send_ns(dev, target, &mcaddr, saddr, 0);
721         }
722 }
723 
724 static int pndisc_is_router(const void *pkey,
725                             struct net_device *dev)
726 {
727         struct pneigh_entry *n;
728         int ret = -1;
729 
730         read_lock_bh(&nd_tbl.lock);
731         n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
732         if (n)
733                 ret = !!(n->flags & NTF_ROUTER);
734         read_unlock_bh(&nd_tbl.lock);
735 
736         return ret;
737 }
738 
739 void ndisc_update(const struct net_device *dev, struct neighbour *neigh,
740                   const u8 *lladdr, u8 new, u32 flags, u8 icmp6_type,
741                   struct ndisc_options *ndopts)
742 {
743         neigh_update(neigh, lladdr, new, flags, 0);
744         /* report ndisc ops about neighbour update */
745         ndisc_ops_update(dev, neigh, flags, icmp6_type, ndopts);
746 }
747 
748 static void ndisc_recv_ns(struct sk_buff *skb)
749 {
750         struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
751         const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
752         const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
753         u8 *lladdr = NULL;
754         u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
755                                     offsetof(struct nd_msg, opt));
756         struct ndisc_options ndopts;
757         struct net_device *dev = skb->dev;
758         struct inet6_ifaddr *ifp;
759         struct inet6_dev *idev = NULL;
760         struct neighbour *neigh;
761         int dad = ipv6_addr_any(saddr);
762         bool inc;
763         int is_router = -1;
764         u64 nonce = 0;
765 
766         if (skb->len < sizeof(struct nd_msg)) {
767                 ND_PRINTK(2, warn, "NS: packet too short\n");
768                 return;
769         }
770 
771         if (ipv6_addr_is_multicast(&msg->target)) {
772                 ND_PRINTK(2, warn, "NS: multicast target address\n");
773                 return;
774         }
775 
776         /*
777          * RFC2461 7.1.1:
778          * DAD has to be destined for solicited node multicast address.
779          */
780         if (dad && !ipv6_addr_is_solict_mult(daddr)) {
781                 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
782                 return;
783         }
784 
785         if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
786                 ND_PRINTK(2, warn, "NS: invalid ND options\n");
787                 return;
788         }
789 
790         if (ndopts.nd_opts_src_lladdr) {
791                 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
792                 if (!lladdr) {
793                         ND_PRINTK(2, warn,
794                                   "NS: invalid link-layer address length\n");
795                         return;
796                 }
797 
798                 /* RFC2461 7.1.1:
799                  *      If the IP source address is the unspecified address,
800                  *      there MUST NOT be source link-layer address option
801                  *      in the message.
802                  */
803                 if (dad) {
804                         ND_PRINTK(2, warn,
805                                   "NS: bad DAD packet (link-layer address option)\n");
806                         return;
807                 }
808         }
809         if (ndopts.nd_opts_nonce)
810                 memcpy(&nonce, (u8 *)(ndopts.nd_opts_nonce + 1), 6);
811 
812         inc = ipv6_addr_is_multicast(daddr);
813 
814         ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
815         if (ifp) {
816 have_ifp:
817                 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
818                         if (dad) {
819                                 if (nonce != 0 && ifp->dad_nonce == nonce) {
820                                         u8 *np = (u8 *)&nonce;
821                                         /* Matching nonce if looped back */
822                                         ND_PRINTK(2, notice,
823                                                   "%s: IPv6 DAD loopback for address %pI6c nonce %pM ignored\n",
824                                                   ifp->idev->dev->name,
825                                                   &ifp->addr, np);
826                                         goto out;
827                                 }
828                                 /*
829                                  * We are colliding with another node
830                                  * who is doing DAD
831                                  * so fail our DAD process
832                                  */
833                                 addrconf_dad_failure(skb, ifp);
834                                 return;
835                         } else {
836                                 /*
837                                  * This is not a dad solicitation.
838                                  * If we are an optimistic node,
839                                  * we should respond.
840                                  * Otherwise, we should ignore it.
841                                  */
842                                 if (!(ifp->flags & IFA_F_OPTIMISTIC))
843                                         goto out;
844                         }
845                 }
846 
847                 idev = ifp->idev;
848         } else {
849                 struct net *net = dev_net(dev);
850 
851                 /* perhaps an address on the master device */
852                 if (netif_is_l3_slave(dev)) {
853                         struct net_device *mdev;
854 
855                         mdev = netdev_master_upper_dev_get_rcu(dev);
856                         if (mdev) {
857                                 ifp = ipv6_get_ifaddr(net, &msg->target, mdev, 1);
858                                 if (ifp)
859                                         goto have_ifp;
860                         }
861                 }
862 
863                 idev = in6_dev_get(dev);
864                 if (!idev) {
865                         /* XXX: count this drop? */
866                         return;
867                 }
868 
869                 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
870                     (idev->cnf.forwarding &&
871                      (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
872                      (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
873                         if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
874                             skb->pkt_type != PACKET_HOST &&
875                             inc &&
876                             NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
877                                 /*
878                                  * for anycast or proxy,
879                                  * sender should delay its response
880                                  * by a random time between 0 and
881                                  * MAX_ANYCAST_DELAY_TIME seconds.
882                                  * (RFC2461) -- yoshfuji
883                                  */
884                                 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
885                                 if (n)
886                                         pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
887                                 goto out;
888                         }
889                 } else
890                         goto out;
891         }
892 
893         if (is_router < 0)
894                 is_router = idev->cnf.forwarding;
895 
896         if (dad) {
897                 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &msg->target,
898                               !!is_router, false, (ifp != NULL), true);
899                 goto out;
900         }
901 
902         if (inc)
903                 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
904         else
905                 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
906 
907         /*
908          *      update / create cache entry
909          *      for the source address
910          */
911         neigh = __neigh_lookup(&nd_tbl, saddr, dev,
912                                !inc || lladdr || !dev->addr_len);
913         if (neigh)
914                 ndisc_update(dev, neigh, lladdr, NUD_STALE,
915                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
916                              NEIGH_UPDATE_F_OVERRIDE,
917                              NDISC_NEIGHBOUR_SOLICITATION, &ndopts);
918         if (neigh || !dev->header_ops) {
919                 ndisc_send_na(dev, saddr, &msg->target, !!is_router,
920                               true, (ifp != NULL && inc), inc);
921                 if (neigh)
922                         neigh_release(neigh);
923         }
924 
925 out:
926         if (ifp)
927                 in6_ifa_put(ifp);
928         else
929                 in6_dev_put(idev);
930 }
931 
932 static void ndisc_recv_na(struct sk_buff *skb)
933 {
934         struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
935         struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
936         const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
937         u8 *lladdr = NULL;
938         u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
939                                     offsetof(struct nd_msg, opt));
940         struct ndisc_options ndopts;
941         struct net_device *dev = skb->dev;
942         struct inet6_dev *idev = __in6_dev_get(dev);
943         struct inet6_ifaddr *ifp;
944         struct neighbour *neigh;
945 
946         if (skb->len < sizeof(struct nd_msg)) {
947                 ND_PRINTK(2, warn, "NA: packet too short\n");
948                 return;
949         }
950 
951         if (ipv6_addr_is_multicast(&msg->target)) {
952                 ND_PRINTK(2, warn, "NA: target address is multicast\n");
953                 return;
954         }
955 
956         if (ipv6_addr_is_multicast(daddr) &&
957             msg->icmph.icmp6_solicited) {
958                 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
959                 return;
960         }
961 
962         /* For some 802.11 wireless deployments (and possibly other networks),
963          * there will be a NA proxy and unsolicitd packets are attacks
964          * and thus should not be accepted.
965          */
966         if (!msg->icmph.icmp6_solicited && idev &&
967             idev->cnf.drop_unsolicited_na)
968                 return;
969 
970         if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
971                 ND_PRINTK(2, warn, "NS: invalid ND option\n");
972                 return;
973         }
974         if (ndopts.nd_opts_tgt_lladdr) {
975                 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
976                 if (!lladdr) {
977                         ND_PRINTK(2, warn,
978                                   "NA: invalid link-layer address length\n");
979                         return;
980                 }
981         }
982         ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
983         if (ifp) {
984                 if (skb->pkt_type != PACKET_LOOPBACK
985                     && (ifp->flags & IFA_F_TENTATIVE)) {
986                                 addrconf_dad_failure(skb, ifp);
987                                 return;
988                 }
989                 /* What should we make now? The advertisement
990                    is invalid, but ndisc specs say nothing
991                    about it. It could be misconfiguration, or
992                    an smart proxy agent tries to help us :-)
993 
994                    We should not print the error if NA has been
995                    received from loopback - it is just our own
996                    unsolicited advertisement.
997                  */
998                 if (skb->pkt_type != PACKET_LOOPBACK)
999                         ND_PRINTK(1, warn,
1000                                   "NA: %pM advertised our address %pI6c on %s!\n",
1001                                   eth_hdr(skb)->h_source, &ifp->addr, ifp->idev->dev->name);
1002                 in6_ifa_put(ifp);
1003                 return;
1004         }
1005         neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
1006 
1007         if (neigh) {
1008                 u8 old_flags = neigh->flags;
1009                 struct net *net = dev_net(dev);
1010 
1011                 if (neigh->nud_state & NUD_FAILED)
1012                         goto out;
1013 
1014                 /*
1015                  * Don't update the neighbor cache entry on a proxy NA from
1016                  * ourselves because either the proxied node is off link or it
1017                  * has already sent a NA to us.
1018                  */
1019                 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
1020                     net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
1021                     pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
1022                         /* XXX: idev->cnf.proxy_ndp */
1023                         goto out;
1024                 }
1025 
1026                 ndisc_update(dev, neigh, lladdr,
1027                              msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
1028                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
1029                              (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
1030                              NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1031                              (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0),
1032                              NDISC_NEIGHBOUR_ADVERTISEMENT, &ndopts);
1033 
1034                 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
1035                         /*
1036                          * Change: router to host
1037                          */
1038                         rt6_clean_tohost(dev_net(dev),  saddr);
1039                 }
1040 
1041 out:
1042                 neigh_release(neigh);
1043         }
1044 }
1045 
1046 static void ndisc_recv_rs(struct sk_buff *skb)
1047 {
1048         struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1049         unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1050         struct neighbour *neigh;
1051         struct inet6_dev *idev;
1052         const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1053         struct ndisc_options ndopts;
1054         u8 *lladdr = NULL;
1055 
1056         if (skb->len < sizeof(*rs_msg))
1057                 return;
1058 
1059         idev = __in6_dev_get(skb->dev);
1060         if (!idev) {
1061                 ND_PRINTK(1, err, "RS: can't find in6 device\n");
1062                 return;
1063         }
1064 
1065         /* Don't accept RS if we're not in router mode */
1066         if (!idev->cnf.forwarding)
1067                 goto out;
1068 
1069         /*
1070          * Don't update NCE if src = ::;
1071          * this implies that the source node has no ip address assigned yet.
1072          */
1073         if (ipv6_addr_any(saddr))
1074                 goto out;
1075 
1076         /* Parse ND options */
1077         if (!ndisc_parse_options(skb->dev, rs_msg->opt, ndoptlen, &ndopts)) {
1078                 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
1079                 goto out;
1080         }
1081 
1082         if (ndopts.nd_opts_src_lladdr) {
1083                 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1084                                              skb->dev);
1085                 if (!lladdr)
1086                         goto out;
1087         }
1088 
1089         neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1090         if (neigh) {
1091                 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1092                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
1093                              NEIGH_UPDATE_F_OVERRIDE|
1094                              NEIGH_UPDATE_F_OVERRIDE_ISROUTER,
1095                              NDISC_ROUTER_SOLICITATION, &ndopts);
1096                 neigh_release(neigh);
1097         }
1098 out:
1099         return;
1100 }
1101 
1102 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1103 {
1104         struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1105         struct sk_buff *skb;
1106         struct nlmsghdr *nlh;
1107         struct nduseroptmsg *ndmsg;
1108         struct net *net = dev_net(ra->dev);
1109         int err;
1110         int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1111                                     + (opt->nd_opt_len << 3));
1112         size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1113 
1114         skb = nlmsg_new(msg_size, GFP_ATOMIC);
1115         if (!skb) {
1116                 err = -ENOBUFS;
1117                 goto errout;
1118         }
1119 
1120         nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1121         if (!nlh) {
1122                 goto nla_put_failure;
1123         }
1124 
1125         ndmsg = nlmsg_data(nlh);
1126         ndmsg->nduseropt_family = AF_INET6;
1127         ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1128         ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1129         ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1130         ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1131 
1132         memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1133 
1134         if (nla_put_in6_addr(skb, NDUSEROPT_SRCADDR, &ipv6_hdr(ra)->saddr))
1135                 goto nla_put_failure;
1136         nlmsg_end(skb, nlh);
1137 
1138         rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1139         return;
1140 
1141 nla_put_failure:
1142         nlmsg_free(skb);
1143         err = -EMSGSIZE;
1144 errout:
1145         rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1146 }
1147 
1148 static void ndisc_router_discovery(struct sk_buff *skb)
1149 {
1150         struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1151         struct neighbour *neigh = NULL;
1152         struct inet6_dev *in6_dev;
1153         struct rt6_info *rt = NULL;
1154         int lifetime;
1155         struct ndisc_options ndopts;
1156         int optlen;
1157         unsigned int pref = 0;
1158         __u32 old_if_flags;
1159         bool send_ifinfo_notify = false;
1160 
1161         __u8 *opt = (__u8 *)(ra_msg + 1);
1162 
1163         optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1164                 sizeof(struct ra_msg);
1165 
1166         ND_PRINTK(2, info,
1167                   "RA: %s, dev: %s\n",
1168                   __func__, skb->dev->name);
1169         if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1170                 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1171                 return;
1172         }
1173         if (optlen < 0) {
1174                 ND_PRINTK(2, warn, "RA: packet too short\n");
1175                 return;
1176         }
1177 
1178 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1179         if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1180                 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1181                 return;
1182         }
1183 #endif
1184 
1185         /*
1186          *      set the RA_RECV flag in the interface
1187          */
1188 
1189         in6_dev = __in6_dev_get(skb->dev);
1190         if (!in6_dev) {
1191                 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1192                           skb->dev->name);
1193                 return;
1194         }
1195 
1196         if (!ndisc_parse_options(skb->dev, opt, optlen, &ndopts)) {
1197                 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1198                 return;
1199         }
1200 
1201         if (!ipv6_accept_ra(in6_dev)) {
1202                 ND_PRINTK(2, info,
1203                           "RA: %s, did not accept ra for dev: %s\n",
1204                           __func__, skb->dev->name);
1205                 goto skip_linkparms;
1206         }
1207 
1208 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1209         /* skip link-specific parameters from interior routers */
1210         if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1211                 ND_PRINTK(2, info,
1212                           "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1213                           __func__, skb->dev->name);
1214                 goto skip_linkparms;
1215         }
1216 #endif
1217 
1218         if (in6_dev->if_flags & IF_RS_SENT) {
1219                 /*
1220                  *      flag that an RA was received after an RS was sent
1221                  *      out on this interface.
1222                  */
1223                 in6_dev->if_flags |= IF_RA_RCVD;
1224         }
1225 
1226         /*
1227          * Remember the managed/otherconf flags from most recently
1228          * received RA message (RFC 2462) -- yoshfuji
1229          */
1230         old_if_flags = in6_dev->if_flags;
1231         in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1232                                 IF_RA_OTHERCONF)) |
1233                                 (ra_msg->icmph.icmp6_addrconf_managed ?
1234                                         IF_RA_MANAGED : 0) |
1235                                 (ra_msg->icmph.icmp6_addrconf_other ?
1236                                         IF_RA_OTHERCONF : 0);
1237 
1238         if (old_if_flags != in6_dev->if_flags)
1239                 send_ifinfo_notify = true;
1240 
1241         if (!in6_dev->cnf.accept_ra_defrtr) {
1242                 ND_PRINTK(2, info,
1243                           "RA: %s, defrtr is false for dev: %s\n",
1244                           __func__, skb->dev->name);
1245                 goto skip_defrtr;
1246         }
1247 
1248         /* Do not accept RA with source-addr found on local machine unless
1249          * accept_ra_from_local is set to true.
1250          */
1251         if (!in6_dev->cnf.accept_ra_from_local &&
1252             ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1253                           in6_dev->dev, 0)) {
1254                 ND_PRINTK(2, info,
1255                           "RA from local address detected on dev: %s: default router ignored\n",
1256                           skb->dev->name);
1257                 goto skip_defrtr;
1258         }
1259 
1260         lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1261 
1262 #ifdef CONFIG_IPV6_ROUTER_PREF
1263         pref = ra_msg->icmph.icmp6_router_pref;
1264         /* 10b is handled as if it were 00b (medium) */
1265         if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1266             !in6_dev->cnf.accept_ra_rtr_pref)
1267                 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1268 #endif
1269 
1270         rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1271 
1272         if (rt) {
1273                 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1274                 if (!neigh) {
1275                         ND_PRINTK(0, err,
1276                                   "RA: %s got default router without neighbour\n",
1277                                   __func__);
1278                         ip6_rt_put(rt);
1279                         return;
1280                 }
1281         }
1282         if (rt && lifetime == 0) {
1283                 ip6_del_rt(rt);
1284                 rt = NULL;
1285         }
1286 
1287         ND_PRINTK(3, info, "RA: rt: %p  lifetime: %d, for dev: %s\n",
1288                   rt, lifetime, skb->dev->name);
1289         if (!rt && lifetime) {
1290                 ND_PRINTK(3, info, "RA: adding default router\n");
1291 
1292                 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1293                 if (!rt) {
1294                         ND_PRINTK(0, err,
1295                                   "RA: %s failed to add default route\n",
1296                                   __func__);
1297                         return;
1298                 }
1299 
1300                 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1301                 if (!neigh) {
1302                         ND_PRINTK(0, err,
1303                                   "RA: %s got default router without neighbour\n",
1304                                   __func__);
1305                         ip6_rt_put(rt);
1306                         return;
1307                 }
1308                 neigh->flags |= NTF_ROUTER;
1309         } else if (rt) {
1310                 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1311         }
1312 
1313         if (rt)
1314                 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1315         if (in6_dev->cnf.accept_ra_min_hop_limit < 256 &&
1316             ra_msg->icmph.icmp6_hop_limit) {
1317                 if (in6_dev->cnf.accept_ra_min_hop_limit <= ra_msg->icmph.icmp6_hop_limit) {
1318                         in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1319                         if (rt)
1320                                 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1321                                                ra_msg->icmph.icmp6_hop_limit);
1322                 } else {
1323                         ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than minimum\n");
1324                 }
1325         }
1326 
1327 skip_defrtr:
1328 
1329         /*
1330          *      Update Reachable Time and Retrans Timer
1331          */
1332 
1333         if (in6_dev->nd_parms) {
1334                 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1335 
1336                 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1337                         rtime = (rtime*HZ)/1000;
1338                         if (rtime < HZ/10)
1339                                 rtime = HZ/10;
1340                         NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1341                         in6_dev->tstamp = jiffies;
1342                         send_ifinfo_notify = true;
1343                 }
1344 
1345                 rtime = ntohl(ra_msg->reachable_time);
1346                 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1347                         rtime = (rtime*HZ)/1000;
1348 
1349                         if (rtime < HZ/10)
1350                                 rtime = HZ/10;
1351 
1352                         if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1353                                 NEIGH_VAR_SET(in6_dev->nd_parms,
1354                                               BASE_REACHABLE_TIME, rtime);
1355                                 NEIGH_VAR_SET(in6_dev->nd_parms,
1356                                               GC_STALETIME, 3 * rtime);
1357                                 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1358                                 in6_dev->tstamp = jiffies;
1359                                 send_ifinfo_notify = true;
1360                         }
1361                 }
1362         }
1363 
1364         /*
1365          *      Send a notify if RA changed managed/otherconf flags or timer settings
1366          */
1367         if (send_ifinfo_notify)
1368                 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1369 
1370 skip_linkparms:
1371 
1372         /*
1373          *      Process options.
1374          */
1375 
1376         if (!neigh)
1377                 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1378                                        skb->dev, 1);
1379         if (neigh) {
1380                 u8 *lladdr = NULL;
1381                 if (ndopts.nd_opts_src_lladdr) {
1382                         lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1383                                                      skb->dev);
1384                         if (!lladdr) {
1385                                 ND_PRINTK(2, warn,
1386                                           "RA: invalid link-layer address length\n");
1387                                 goto out;
1388                         }
1389                 }
1390                 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1391                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
1392                              NEIGH_UPDATE_F_OVERRIDE|
1393                              NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1394                              NEIGH_UPDATE_F_ISROUTER,
1395                              NDISC_ROUTER_ADVERTISEMENT, &ndopts);
1396         }
1397 
1398         if (!ipv6_accept_ra(in6_dev)) {
1399                 ND_PRINTK(2, info,
1400                           "RA: %s, accept_ra is false for dev: %s\n",
1401                           __func__, skb->dev->name);
1402                 goto out;
1403         }
1404 
1405 #ifdef CONFIG_IPV6_ROUTE_INFO
1406         if (!in6_dev->cnf.accept_ra_from_local &&
1407             ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1408                           in6_dev->dev, 0)) {
1409                 ND_PRINTK(2, info,
1410                           "RA from local address detected on dev: %s: router info ignored.\n",
1411                           skb->dev->name);
1412                 goto skip_routeinfo;
1413         }
1414 
1415         if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1416                 struct nd_opt_hdr *p;
1417                 for (p = ndopts.nd_opts_ri;
1418                      p;
1419                      p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1420                         struct route_info *ri = (struct route_info *)p;
1421 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1422                         if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1423                             ri->prefix_len == 0)
1424                                 continue;
1425 #endif
1426                         if (ri->prefix_len == 0 &&
1427                             !in6_dev->cnf.accept_ra_defrtr)
1428                                 continue;
1429                         if (ri->prefix_len < in6_dev->cnf.accept_ra_rt_info_min_plen)
1430                                 continue;
1431                         if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1432                                 continue;
1433                         rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1434                                       &ipv6_hdr(skb)->saddr);
1435                 }
1436         }
1437 
1438 skip_routeinfo:
1439 #endif
1440 
1441 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1442         /* skip link-specific ndopts from interior routers */
1443         if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1444                 ND_PRINTK(2, info,
1445                           "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1446                           __func__, skb->dev->name);
1447                 goto out;
1448         }
1449 #endif
1450 
1451         if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1452                 struct nd_opt_hdr *p;
1453                 for (p = ndopts.nd_opts_pi;
1454                      p;
1455                      p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1456                         addrconf_prefix_rcv(skb->dev, (u8 *)p,
1457                                             (p->nd_opt_len) << 3,
1458                                             ndopts.nd_opts_src_lladdr != NULL);
1459                 }
1460         }
1461 
1462         if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1463                 __be32 n;
1464                 u32 mtu;
1465 
1466                 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1467                 mtu = ntohl(n);
1468 
1469                 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1470                         ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1471                 } else if (in6_dev->cnf.mtu6 != mtu) {
1472                         in6_dev->cnf.mtu6 = mtu;
1473 
1474                         if (rt)
1475                                 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1476 
1477                         rt6_mtu_change(skb->dev, mtu);
1478                 }
1479         }
1480 
1481         if (ndopts.nd_useropts) {
1482                 struct nd_opt_hdr *p;
1483                 for (p = ndopts.nd_useropts;
1484                      p;
1485                      p = ndisc_next_useropt(skb->dev, p,
1486                                             ndopts.nd_useropts_end)) {
1487                         ndisc_ra_useropt(skb, p);
1488                 }
1489         }
1490 
1491         if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1492                 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1493         }
1494 out:
1495         ip6_rt_put(rt);
1496         if (neigh)
1497                 neigh_release(neigh);
1498 }
1499 
1500 static void ndisc_redirect_rcv(struct sk_buff *skb)
1501 {
1502         u8 *hdr;
1503         struct ndisc_options ndopts;
1504         struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1505         u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1506                                     offsetof(struct rd_msg, opt));
1507 
1508 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1509         switch (skb->ndisc_nodetype) {
1510         case NDISC_NODETYPE_HOST:
1511         case NDISC_NODETYPE_NODEFAULT:
1512                 ND_PRINTK(2, warn,
1513                           "Redirect: from host or unauthorized router\n");
1514                 return;
1515         }
1516 #endif
1517 
1518         if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1519                 ND_PRINTK(2, warn,
1520                           "Redirect: source address is not link-local\n");
1521                 return;
1522         }
1523 
1524         if (!ndisc_parse_options(skb->dev, msg->opt, ndoptlen, &ndopts))
1525                 return;
1526 
1527         if (!ndopts.nd_opts_rh) {
1528                 ip6_redirect_no_header(skb, dev_net(skb->dev),
1529                                         skb->dev->ifindex, 0);
1530                 return;
1531         }
1532 
1533         hdr = (u8 *)ndopts.nd_opts_rh;
1534         hdr += 8;
1535         if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1536                 return;
1537 
1538         icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1539 }
1540 
1541 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1542                                            struct sk_buff *orig_skb,
1543                                            int rd_len)
1544 {
1545         u8 *opt = skb_put(skb, rd_len);
1546 
1547         memset(opt, 0, 8);
1548         *(opt++) = ND_OPT_REDIRECT_HDR;
1549         *(opt++) = (rd_len >> 3);
1550         opt += 6;
1551 
1552         memcpy(opt, ipv6_hdr(orig_skb), rd_len - 8);
1553 }
1554 
1555 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1556 {
1557         struct net_device *dev = skb->dev;
1558         struct net *net = dev_net(dev);
1559         struct sock *sk = net->ipv6.ndisc_sk;
1560         int optlen = 0;
1561         struct inet_peer *peer;
1562         struct sk_buff *buff;
1563         struct rd_msg *msg;
1564         struct in6_addr saddr_buf;
1565         struct rt6_info *rt;
1566         struct dst_entry *dst;
1567         struct flowi6 fl6;
1568         int rd_len;
1569         u8 ha_buf[MAX_ADDR_LEN], *ha = NULL,
1570            ops_data_buf[NDISC_OPS_REDIRECT_DATA_SPACE], *ops_data = NULL;
1571         bool ret;
1572 
1573         if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1574                 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1575                           dev->name);
1576                 return;
1577         }
1578 
1579         if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1580             ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1581                 ND_PRINTK(2, warn,
1582                           "Redirect: target address is not link-local unicast\n");
1583                 return;
1584         }
1585 
1586         icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1587                          &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1588 
1589         dst = ip6_route_output(net, NULL, &fl6);
1590         if (dst->error) {
1591                 dst_release(dst);
1592                 return;
1593         }
1594         dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1595         if (IS_ERR(dst))
1596                 return;
1597 
1598         rt = (struct rt6_info *) dst;
1599 
1600         if (rt->rt6i_flags & RTF_GATEWAY) {
1601                 ND_PRINTK(2, warn,
1602                           "Redirect: destination is not a neighbour\n");
1603                 goto release;
1604         }
1605         peer = inet_getpeer_v6(net->ipv6.peers, &ipv6_hdr(skb)->saddr, 1);
1606         ret = inet_peer_xrlim_allow(peer, 1*HZ);
1607         if (peer)
1608                 inet_putpeer(peer);
1609         if (!ret)
1610                 goto release;
1611 
1612         if (dev->addr_len) {
1613                 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1614                 if (!neigh) {
1615                         ND_PRINTK(2, warn,
1616                                   "Redirect: no neigh for target address\n");
1617                         goto release;
1618                 }
1619 
1620                 read_lock_bh(&neigh->lock);
1621                 if (neigh->nud_state & NUD_VALID) {
1622                         memcpy(ha_buf, neigh->ha, dev->addr_len);
1623                         read_unlock_bh(&neigh->lock);
1624                         ha = ha_buf;
1625                         optlen += ndisc_redirect_opt_addr_space(dev, neigh,
1626                                                                 ops_data_buf,
1627                                                                 &ops_data);
1628                 } else
1629                         read_unlock_bh(&neigh->lock);
1630 
1631                 neigh_release(neigh);
1632         }
1633 
1634         rd_len = min_t(unsigned int,
1635                        IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1636                        skb->len + 8);
1637         rd_len &= ~0x7;
1638         optlen += rd_len;
1639 
1640         buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1641         if (!buff)
1642                 goto release;
1643 
1644         msg = skb_put(buff, sizeof(*msg));
1645         *msg = (struct rd_msg) {
1646                 .icmph = {
1647                         .icmp6_type = NDISC_REDIRECT,
1648                 },
1649                 .target = *target,
1650                 .dest = ipv6_hdr(skb)->daddr,
1651         };
1652 
1653         /*
1654          *      include target_address option
1655          */
1656 
1657         if (ha)
1658                 ndisc_fill_redirect_addr_option(buff, ha, ops_data);
1659 
1660         /*
1661          *      build redirect option and copy skb over to the new packet.
1662          */
1663 
1664         if (rd_len)
1665                 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1666 
1667         skb_dst_set(buff, dst);
1668         ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1669         return;
1670 
1671 release:
1672         dst_release(dst);
1673 }
1674 
1675 static void pndisc_redo(struct sk_buff *skb)
1676 {
1677         ndisc_recv_ns(skb);
1678         kfree_skb(skb);
1679 }
1680 
1681 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1682 {
1683         struct inet6_dev *idev = __in6_dev_get(skb->dev);
1684 
1685         if (!idev)
1686                 return true;
1687         if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1688             idev->cnf.suppress_frag_ndisc) {
1689                 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1690                 return true;
1691         }
1692         return false;
1693 }
1694 
1695 int ndisc_rcv(struct sk_buff *skb)
1696 {
1697         struct nd_msg *msg;
1698 
1699         if (ndisc_suppress_frag_ndisc(skb))
1700                 return 0;
1701 
1702         if (skb_linearize(skb))
1703                 return 0;
1704 
1705         msg = (struct nd_msg *)skb_transport_header(skb);
1706 
1707         __skb_push(skb, skb->data - skb_transport_header(skb));
1708 
1709         if (ipv6_hdr(skb)->hop_limit != 255) {
1710                 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1711                           ipv6_hdr(skb)->hop_limit);
1712                 return 0;
1713         }
1714 
1715         if (msg->icmph.icmp6_code != 0) {
1716                 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1717                           msg->icmph.icmp6_code);
1718                 return 0;
1719         }
1720 
1721         memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1722 
1723         switch (msg->icmph.icmp6_type) {
1724         case NDISC_NEIGHBOUR_SOLICITATION:
1725                 ndisc_recv_ns(skb);
1726                 break;
1727 
1728         case NDISC_NEIGHBOUR_ADVERTISEMENT:
1729                 ndisc_recv_na(skb);
1730                 break;
1731 
1732         case NDISC_ROUTER_SOLICITATION:
1733                 ndisc_recv_rs(skb);
1734                 break;
1735 
1736         case NDISC_ROUTER_ADVERTISEMENT:
1737                 ndisc_router_discovery(skb);
1738                 break;
1739 
1740         case NDISC_REDIRECT:
1741                 ndisc_redirect_rcv(skb);
1742                 break;
1743         }
1744 
1745         return 0;
1746 }
1747 
1748 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1749 {
1750         struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1751         struct netdev_notifier_change_info *change_info;
1752         struct net *net = dev_net(dev);
1753         struct inet6_dev *idev;
1754 
1755         switch (event) {
1756         case NETDEV_CHANGEADDR:
1757                 neigh_changeaddr(&nd_tbl, dev);
1758                 fib6_run_gc(0, net, false);
1759                 /* fallthrough */
1760         case NETDEV_UP:
1761                 idev = in6_dev_get(dev);
1762                 if (!idev)
1763                         break;
1764                 if (idev->cnf.ndisc_notify ||
1765                     net->ipv6.devconf_all->ndisc_notify)
1766                         ndisc_send_unsol_na(dev);
1767                 in6_dev_put(idev);
1768                 break;
1769         case NETDEV_CHANGE:
1770                 change_info = ptr;
1771                 if (change_info->flags_changed & IFF_NOARP)
1772                         neigh_changeaddr(&nd_tbl, dev);
1773                 break;
1774         case NETDEV_DOWN:
1775                 neigh_ifdown(&nd_tbl, dev);
1776                 fib6_run_gc(0, net, false);
1777                 break;
1778         case NETDEV_NOTIFY_PEERS:
1779                 ndisc_send_unsol_na(dev);
1780                 break;
1781         default:
1782                 break;
1783         }
1784 
1785         return NOTIFY_DONE;
1786 }
1787 
1788 static struct notifier_block ndisc_netdev_notifier = {
1789         .notifier_call = ndisc_netdev_event,
1790         .priority = ADDRCONF_NOTIFY_PRIORITY - 5,
1791 };
1792 
1793 #ifdef CONFIG_SYSCTL
1794 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1795                                          const char *func, const char *dev_name)
1796 {
1797         static char warncomm[TASK_COMM_LEN];
1798         static int warned;
1799         if (strcmp(warncomm, current->comm) && warned < 5) {
1800                 strcpy(warncomm, current->comm);
1801                 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1802                         warncomm, func,
1803                         dev_name, ctl->procname,
1804                         dev_name, ctl->procname);
1805                 warned++;
1806         }
1807 }
1808 
1809 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1810 {
1811         struct net_device *dev = ctl->extra1;
1812         struct inet6_dev *idev;
1813         int ret;
1814 
1815         if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1816             (strcmp(ctl->procname, "base_reachable_time") == 0))
1817                 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1818 
1819         if (strcmp(ctl->procname, "retrans_time") == 0)
1820                 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1821 
1822         else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1823                 ret = neigh_proc_dointvec_jiffies(ctl, write,
1824                                                   buffer, lenp, ppos);
1825 
1826         else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1827                  (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1828                 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1829                                                      buffer, lenp, ppos);
1830         else
1831                 ret = -1;
1832 
1833         if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1834                 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1835                         idev->nd_parms->reachable_time =
1836                                         neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1837                 idev->tstamp = jiffies;
1838                 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1839                 in6_dev_put(idev);
1840         }
1841         return ret;
1842 }
1843 
1844 
1845 #endif
1846 
1847 static int __net_init ndisc_net_init(struct net *net)
1848 {
1849         struct ipv6_pinfo *np;
1850         struct sock *sk;
1851         int err;
1852 
1853         err = inet_ctl_sock_create(&sk, PF_INET6,
1854                                    SOCK_RAW, IPPROTO_ICMPV6, net);
1855         if (err < 0) {
1856                 ND_PRINTK(0, err,
1857                           "NDISC: Failed to initialize the control socket (err %d)\n",
1858                           err);
1859                 return err;
1860         }
1861 
1862         net->ipv6.ndisc_sk = sk;
1863 
1864         np = inet6_sk(sk);
1865         np->hop_limit = 255;
1866         /* Do not loopback ndisc messages */
1867         np->mc_loop = 0;
1868 
1869         return 0;
1870 }
1871 
1872 static void __net_exit ndisc_net_exit(struct net *net)
1873 {
1874         inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1875 }
1876 
1877 static struct pernet_operations ndisc_net_ops = {
1878         .init = ndisc_net_init,
1879         .exit = ndisc_net_exit,
1880 };
1881 
1882 int __init ndisc_init(void)
1883 {
1884         int err;
1885 
1886         err = register_pernet_subsys(&ndisc_net_ops);
1887         if (err)
1888                 return err;
1889         /*
1890          * Initialize the neighbour table
1891          */
1892         neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1893 
1894 #ifdef CONFIG_SYSCTL
1895         err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1896                                     ndisc_ifinfo_sysctl_change);
1897         if (err)
1898                 goto out_unregister_pernet;
1899 out:
1900 #endif
1901         return err;
1902 
1903 #ifdef CONFIG_SYSCTL
1904 out_unregister_pernet:
1905         unregister_pernet_subsys(&ndisc_net_ops);
1906         goto out;
1907 #endif
1908 }
1909 
1910 int __init ndisc_late_init(void)
1911 {
1912         return register_netdevice_notifier(&ndisc_netdev_notifier);
1913 }
1914 
1915 void ndisc_late_cleanup(void)
1916 {
1917         unregister_netdevice_notifier(&ndisc_netdev_notifier);
1918 }
1919 
1920 void ndisc_cleanup(void)
1921 {
1922 #ifdef CONFIG_SYSCTL
1923         neigh_sysctl_unregister(&nd_tbl.parms);
1924 #endif
1925         neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1926         unregister_pernet_subsys(&ndisc_net_ops);
1927 }
1928 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp