Gitiles
Code Review Sign In
192.168.1.100 / T103 / 1f884588077ad3476b9c91cbb0ee9ee0332bbb68 / . / src / kernel / linux / v4.14 / net / ipv6 / ndisc.c
blob: 2241c5f523943f14212f89609c7194f1a5275430 [file] [log] [blame]
rjw1f884582022-01-06 17:20:42 +0800[diff] [blame^]1/*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15/*
16 * Changes:
17 *
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
22 * of an RA.
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
28 */
29
30#define pr_fmt(fmt) "ICMPv6: " fmt
31
32#include <linux/module.h>
33#include <linux/errno.h>
34#include <linux/types.h>
35#include <linux/socket.h>
36#include <linux/sockios.h>
37#include <linux/sched.h>
38#include <linux/net.h>
39#include <linux/in6.h>
40#include <linux/route.h>
41#include <linux/init.h>
42#include <linux/rcupdate.h>
43#include <linux/slab.h>
44#ifdef CONFIG_SYSCTL
45#include <linux/sysctl.h>
46#endif
47
48#include <linux/if_addr.h>
49#include <linux/if_arp.h>
50#include <linux/ipv6.h>
51#include <linux/icmpv6.h>
52#include <linux/jhash.h>
53
54#include <net/sock.h>
55#include <net/snmp.h>
56
57#include <net/ipv6.h>
58#include <net/protocol.h>
59#include <net/ndisc.h>
60#include <net/ip6_route.h>
61#include <net/addrconf.h>
62#include <net/icmp.h>
63
64#include <net/netlink.h>
65#include <linux/rtnetlink.h>
66
67#include <net/flow.h>
68#include <net/ip6_checksum.h>
69#include <net/inet_common.h>
70#include <linux/proc_fs.h>
71
72#include <linux/netfilter.h>
73#include <linux/netfilter_ipv6.h>
74
75static u32 ndisc_hash(const void *pkey,
76 const struct net_device *dev,
77 __u32 *hash_rnd);
78static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey);
79static int ndisc_constructor(struct neighbour *neigh);
80static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
81static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
82static int pndisc_constructor(struct pneigh_entry *n);
83static void pndisc_destructor(struct pneigh_entry *n);
84static void pndisc_redo(struct sk_buff *skb);
85
86static const struct neigh_ops ndisc_generic_ops = {
87 .family = AF_INET6,
88 .solicit = ndisc_solicit,
89 .error_report = ndisc_error_report,
90 .output = neigh_resolve_output,
91 .connected_output = neigh_connected_output,
92};
93
94static const struct neigh_ops ndisc_hh_ops = {
95 .family = AF_INET6,
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_resolve_output,
100};
101
102
103static const struct neigh_ops ndisc_direct_ops = {
104 .family = AF_INET6,
105 .output = neigh_direct_output,
106 .connected_output = neigh_direct_output,
107};
108
109struct neigh_table nd_tbl = {
110 .family = AF_INET6,
111 .key_len = sizeof(struct in6_addr),
112 .protocol = cpu_to_be16(ETH_P_IPV6),
113 .hash = ndisc_hash,
114 .key_eq = ndisc_key_eq,
115 .constructor = ndisc_constructor,
116 .pconstructor = pndisc_constructor,
117 .pdestructor = pndisc_destructor,
118 .proxy_redo = pndisc_redo,
119 .id = "ndisc_cache",
120 .parms = {
121 .tbl = &nd_tbl,
122 .reachable_time = ND_REACHABLE_TIME,
123 .data = {
124 [NEIGH_VAR_MCAST_PROBES] = 3,
125 [NEIGH_VAR_UCAST_PROBES] = 3,
126 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
127 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
128 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
129 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
130 [NEIGH_VAR_QUEUE_LEN_BYTES] = SK_WMEM_MAX,
131 [NEIGH_VAR_PROXY_QLEN] = 64,
132 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
133 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
134 },
135 },
136 .gc_interval = 30 * HZ,
137 .gc_thresh1 = 128,
138 .gc_thresh2 = 512,
139 .gc_thresh3 = 1024,
140};
141EXPORT_SYMBOL_GPL(nd_tbl);
142
143void __ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data,
144 int data_len, int pad)
145{
146 int space = __ndisc_opt_addr_space(data_len, pad);
147 u8 *opt = skb_put(skb, space);
148
149 opt[0] = type;
150 opt[1] = space>>3;
151
152 memset(opt + 2, 0, pad);
153 opt += pad;
154 space -= pad;
155
156 memcpy(opt+2, data, data_len);
157 data_len += 2;
158 opt += data_len;
159 space -= data_len;
160 if (space > 0)
161 memset(opt, 0, space);
162}
163EXPORT_SYMBOL_GPL(__ndisc_fill_addr_option);
164
165static inline void ndisc_fill_addr_option(struct sk_buff *skb, int type,
166 void *data, u8 icmp6_type)
167{
168 __ndisc_fill_addr_option(skb, type, data, skb->dev->addr_len,
169 ndisc_addr_option_pad(skb->dev->type));
170 ndisc_ops_fill_addr_option(skb->dev, skb, icmp6_type);
171}
172
173static inline void ndisc_fill_redirect_addr_option(struct sk_buff *skb,
174 void *ha,
175 const u8 *ops_data)
176{
177 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR, ha, NDISC_REDIRECT);
178 ndisc_ops_fill_redirect_addr_option(skb->dev, skb, ops_data);
179}
180
181static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
182 struct nd_opt_hdr *end)
183{
184 int type;
185 if (!cur || !end || cur >= end)
186 return NULL;
187 type = cur->nd_opt_type;
188 do {
189 cur = ((void *)cur) + (cur->nd_opt_len << 3);
190 } while (cur < end && cur->nd_opt_type != type);
191 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
192}
193
194static inline int ndisc_is_useropt(const struct net_device *dev,
195 struct nd_opt_hdr *opt)
196{
197 return opt->nd_opt_type == ND_OPT_RDNSS ||
198 opt->nd_opt_type == ND_OPT_DNSSL ||
199 opt->nd_opt_type == ND_OPT_CAPTIVE_PORTAL ||
200 opt->nd_opt_type == ND_OPT_PREF64 ||
201 ndisc_ops_is_useropt(dev, opt->nd_opt_type);
202}
203
204static struct nd_opt_hdr *ndisc_next_useropt(const struct net_device *dev,
205 struct nd_opt_hdr *cur,
206 struct nd_opt_hdr *end)
207{
208 if (!cur || !end || cur >= end)
209 return NULL;
210 do {
211 cur = ((void *)cur) + (cur->nd_opt_len << 3);
212 } while (cur < end && !ndisc_is_useropt(dev, cur));
213 return cur <= end && ndisc_is_useropt(dev, cur) ? cur : NULL;
214}
215
216struct ndisc_options *ndisc_parse_options(const struct net_device *dev,
217 u8 *opt, int opt_len,
218 struct ndisc_options *ndopts)
219{
220 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
221
222 if (!nd_opt || opt_len < 0 || !ndopts)
223 return NULL;
224 memset(ndopts, 0, sizeof(*ndopts));
225 while (opt_len) {
226 int l;
227 if (opt_len < sizeof(struct nd_opt_hdr))
228 return NULL;
229 l = nd_opt->nd_opt_len << 3;
230 if (opt_len < l || l == 0)
231 return NULL;
232 if (ndisc_ops_parse_options(dev, nd_opt, ndopts))
233 goto next_opt;
234 switch (nd_opt->nd_opt_type) {
235 case ND_OPT_SOURCE_LL_ADDR:
236 case ND_OPT_TARGET_LL_ADDR:
237 case ND_OPT_MTU:
238 case ND_OPT_NONCE:
239 case ND_OPT_REDIRECT_HDR:
240 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
241 ND_PRINTK(2, warn,
242 "%s: duplicated ND6 option found: type=%d\n",
243 __func__, nd_opt->nd_opt_type);
244 } else {
245 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
246 }
247 break;
248 case ND_OPT_PREFIX_INFO:
249 ndopts->nd_opts_pi_end = nd_opt;
250 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
251 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
252 break;
253#ifdef CONFIG_IPV6_ROUTE_INFO
254 case ND_OPT_ROUTE_INFO:
255 ndopts->nd_opts_ri_end = nd_opt;
256 if (!ndopts->nd_opts_ri)
257 ndopts->nd_opts_ri = nd_opt;
258 break;
259#endif
260 default:
261 if (ndisc_is_useropt(dev, nd_opt)) {
262 ndopts->nd_useropts_end = nd_opt;
263 if (!ndopts->nd_useropts)
264 ndopts->nd_useropts = nd_opt;
265 } else {
266 /*
267 * Unknown options must be silently ignored,
268 * to accommodate future extension to the
269 * protocol.
270 */
271 ND_PRINTK(2, notice,
272 "%s: ignored unsupported option; type=%d, len=%d\n",
273 __func__,
274 nd_opt->nd_opt_type,
275 nd_opt->nd_opt_len);
276 }
277 }
278next_opt:
279 opt_len -= l;
280 nd_opt = ((void *)nd_opt) + l;
281 }
282 return ndopts;
283}
284
285int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
286{
287 switch (dev->type) {
288 case ARPHRD_ETHER:
289 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
290 case ARPHRD_FDDI:
291 ipv6_eth_mc_map(addr, buf);
292 return 0;
293 case ARPHRD_ARCNET:
294 ipv6_arcnet_mc_map(addr, buf);
295 return 0;
296 case ARPHRD_INFINIBAND:
297 ipv6_ib_mc_map(addr, dev->broadcast, buf);
298 return 0;
299 case ARPHRD_IPGRE:
300 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
301 default:
302 if (dir) {
303 memcpy(buf, dev->broadcast, dev->addr_len);
304 return 0;
305 }
306 }
307 return -EINVAL;
308}
309EXPORT_SYMBOL(ndisc_mc_map);
310
311static u32 ndisc_hash(const void *pkey,
312 const struct net_device *dev,
313 __u32 *hash_rnd)
314{
315 return ndisc_hashfn(pkey, dev, hash_rnd);
316}
317
318static bool ndisc_key_eq(const struct neighbour *n, const void *pkey)
319{
320 return neigh_key_eq128(n, pkey);
321}
322
323static int ndisc_constructor(struct neighbour *neigh)
324{
325 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
326 struct net_device *dev = neigh->dev;
327 struct inet6_dev *in6_dev;
328 struct neigh_parms *parms;
329 bool is_multicast = ipv6_addr_is_multicast(addr);
330
331 in6_dev = in6_dev_get(dev);
332 if (!in6_dev) {
333 return -EINVAL;
334 }
335
336 parms = in6_dev->nd_parms;
337 __neigh_parms_put(neigh->parms);
338 neigh->parms = neigh_parms_clone(parms);
339
340 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
341 if (!dev->header_ops) {
342 neigh->nud_state = NUD_NOARP;
343 neigh->ops = &ndisc_direct_ops;
344 neigh->output = neigh_direct_output;
345 } else {
346 if (is_multicast) {
347 neigh->nud_state = NUD_NOARP;
348 ndisc_mc_map(addr, neigh->ha, dev, 1);
349 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
350 neigh->nud_state = NUD_NOARP;
351 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
352 if (dev->flags&IFF_LOOPBACK)
353 neigh->type = RTN_LOCAL;
354 } else if (dev->flags&IFF_POINTOPOINT) {
355 neigh->nud_state = NUD_NOARP;
356 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
357 }
358 if (dev->header_ops->cache)
359 neigh->ops = &ndisc_hh_ops;
360 else
361 neigh->ops = &ndisc_generic_ops;
362 if (neigh->nud_state&NUD_VALID)
363 neigh->output = neigh->ops->connected_output;
364 else
365 neigh->output = neigh->ops->output;
366 }
367 in6_dev_put(in6_dev);
368 return 0;
369}
370
371static int pndisc_constructor(struct pneigh_entry *n)
372{
373 struct in6_addr *addr = (struct in6_addr *)&n->key;
374 struct in6_addr maddr;
375 struct net_device *dev = n->dev;
376
377 if (!dev || !__in6_dev_get(dev))
378 return -EINVAL;
379 addrconf_addr_solict_mult(addr, &maddr);
380 ipv6_dev_mc_inc(dev, &maddr);
381 return 0;
382}
383
384static void pndisc_destructor(struct pneigh_entry *n)
385{
386 struct in6_addr *addr = (struct in6_addr *)&n->key;
387 struct in6_addr maddr;
388 struct net_device *dev = n->dev;
389
390 if (!dev || !__in6_dev_get(dev))
391 return;
392 addrconf_addr_solict_mult(addr, &maddr);
393 ipv6_dev_mc_dec(dev, &maddr);
394}
395
396static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
397 int len)
398{
399 int hlen = LL_RESERVED_SPACE(dev);
400 int tlen = dev->needed_tailroom;
401 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
402 struct sk_buff *skb;
403
404 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
405 if (!skb) {
406 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
407 __func__);
408 return NULL;
409 }
410
411 skb->protocol = htons(ETH_P_IPV6);
412 skb->dev = dev;
413
414 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
415 skb_reset_transport_header(skb);
416
417 /* Manually assign socket ownership as we avoid calling
418 * sock_alloc_send_pskb() to bypass wmem buffer limits
419 */
420 skb_set_owner_w(skb, sk);
421
422 return skb;
423}
424
425static void ip6_nd_hdr(struct sk_buff *skb,
426 const struct in6_addr *saddr,
427 const struct in6_addr *daddr,
428 int hop_limit, int len)
429{
430 struct ipv6hdr *hdr;
431
432 skb_push(skb, sizeof(*hdr));
433 skb_reset_network_header(skb);
434 hdr = ipv6_hdr(skb);
435
436 ip6_flow_hdr(hdr, 0, 0);
437
438 hdr->payload_len = htons(len);
439 hdr->nexthdr = IPPROTO_ICMPV6;
440 hdr->hop_limit = hop_limit;
441
442 hdr->saddr = *saddr;
443 hdr->daddr = *daddr;
444}
445
446static void ndisc_send_skb(struct sk_buff *skb,
447 const struct in6_addr *daddr,
448 const struct in6_addr *saddr)
449{
450 struct dst_entry *dst = skb_dst(skb);
451 struct net *net = dev_net(skb->dev);
452 struct sock *sk = net->ipv6.ndisc_sk;
453 struct inet6_dev *idev;
454 int err;
455 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
456 u8 type;
457
458 type = icmp6h->icmp6_type;
459
460 if (!dst) {
461 struct flowi6 fl6;
462 int oif = skb->dev->ifindex;
463
464 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, oif);
465 dst = icmp6_dst_alloc(skb->dev, &fl6);
466 if (IS_ERR(dst)) {
467 kfree_skb(skb);
468 return;
469 }
470
471 skb_dst_set(skb, dst);
472 }
473
474 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
475 IPPROTO_ICMPV6,
476 csum_partial(icmp6h,
477 skb->len, 0));
478
479 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
480
481 rcu_read_lock();
482 idev = __in6_dev_get(dst->dev);
483 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
484
485 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
486 net, sk, skb, NULL, dst->dev,
487 dst_output);
488 if (!err) {
489 ICMP6MSGOUT_INC_STATS(net, idev, type);
490 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
491 }
492
493 rcu_read_unlock();
494}
495
496void ndisc_send_na(struct net_device *dev, const struct in6_addr *daddr,
497 const struct in6_addr *solicited_addr,
498 bool router, bool solicited, bool override, bool inc_opt)
499{
500 struct sk_buff *skb;
501 struct in6_addr tmpaddr;
502 struct inet6_ifaddr *ifp;
503 const struct in6_addr *src_addr;
504 struct nd_msg *msg;
505 int optlen = 0;
506
507 /* for anycast or proxy, solicited_addr != src_addr */
508 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
509 if (ifp) {
510 src_addr = solicited_addr;
511 if (ifp->flags & IFA_F_OPTIMISTIC)
512 override = false;
513 inc_opt |= ifp->idev->cnf.force_tllao;
514 in6_ifa_put(ifp);
515 } else {
516 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
517 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
518 &tmpaddr))
519 return;
520 src_addr = &tmpaddr;
521 }
522
523 if (!dev->addr_len)
524 inc_opt = 0;
525 if (inc_opt)
526 optlen += ndisc_opt_addr_space(dev,
527 NDISC_NEIGHBOUR_ADVERTISEMENT);
528
529 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
530 if (!skb)
531 return;
532
533 msg = skb_put(skb, sizeof(*msg));
534 *msg = (struct nd_msg) {
535 .icmph = {
536 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
537 .icmp6_router = router,
538 .icmp6_solicited = solicited,
539 .icmp6_override = override,
540 },
541 .target = *solicited_addr,
542 };
543
544 if (inc_opt)
545 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
546 dev->dev_addr,
547 NDISC_NEIGHBOUR_ADVERTISEMENT);
548
549 ndisc_send_skb(skb, daddr, src_addr);
550}
551
552static void ndisc_send_unsol_na(struct net_device *dev)
553{
554 struct inet6_dev *idev;
555 struct inet6_ifaddr *ifa;
556
557 idev = in6_dev_get(dev);
558 if (!idev)
559 return;
560
561 read_lock_bh(&idev->lock);
562 list_for_each_entry(ifa, &idev->addr_list, if_list) {
563 /* skip tentative addresses until dad completes */
564 if (ifa->flags & IFA_F_TENTATIVE &&
565 !(ifa->flags & IFA_F_OPTIMISTIC))
566 continue;
567
568 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &ifa->addr,
569 /*router=*/ !!idev->cnf.forwarding,
570 /*solicited=*/ false, /*override=*/ true,
571 /*inc_opt=*/ true);
572 }
573 read_unlock_bh(&idev->lock);
574
575 in6_dev_put(idev);
576}
577
578void ndisc_send_ns(struct net_device *dev, const struct in6_addr *solicit,
579 const struct in6_addr *daddr, const struct in6_addr *saddr,
580 u64 nonce)
581{
582 struct sk_buff *skb;
583 struct in6_addr addr_buf;
584 int inc_opt = dev->addr_len;
585 int optlen = 0;
586 struct nd_msg *msg;
587
588 if (!saddr) {
589 if (ipv6_get_lladdr(dev, &addr_buf,
590 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
591 return;
592 saddr = &addr_buf;
593 }
594
595 if (ipv6_addr_any(saddr))
596 inc_opt = false;
597 if (inc_opt)
598 optlen += ndisc_opt_addr_space(dev,
599 NDISC_NEIGHBOUR_SOLICITATION);
600 if (nonce != 0)
601 optlen += 8;
602
603 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
604 if (!skb)
605 return;
606
607 msg = skb_put(skb, sizeof(*msg));
608 *msg = (struct nd_msg) {
609 .icmph = {
610 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
611 },
612 .target = *solicit,
613 };
614
615 if (inc_opt)
616 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
617 dev->dev_addr,
618 NDISC_NEIGHBOUR_SOLICITATION);
619 if (nonce != 0) {
620 u8 *opt = skb_put(skb, 8);
621
622 opt[0] = ND_OPT_NONCE;
623 opt[1] = 8 >> 3;
624 memcpy(opt + 2, &nonce, 6);
625 }
626
627 ndisc_send_skb(skb, daddr, saddr);
628}
629
630void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
631 const struct in6_addr *daddr)
632{
633 struct sk_buff *skb;
634 struct rs_msg *msg;
635 int send_sllao = dev->addr_len;
636 int optlen = 0;
637
638#ifdef CONFIG_IPV6_OPTIMISTIC_DAD
639 /*
640 * According to section 2.2 of RFC 4429, we must not
641 * send router solicitations with a sllao from
642 * optimistic addresses, but we may send the solicitation
643 * if we don't include the sllao. So here we check
644 * if our address is optimistic, and if so, we
645 * suppress the inclusion of the sllao.
646 */
647 if (send_sllao) {
648 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
649 dev, 1);
650 if (ifp) {
651 if (ifp->flags & IFA_F_OPTIMISTIC) {
652 send_sllao = 0;
653 }
654 in6_ifa_put(ifp);
655 } else {
656 send_sllao = 0;
657 }
658 }
659#endif
660 if (send_sllao)
661 optlen += ndisc_opt_addr_space(dev, NDISC_ROUTER_SOLICITATION);
662
663 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
664 if (!skb)
665 return;
666
667 msg = skb_put(skb, sizeof(*msg));
668 *msg = (struct rs_msg) {
669 .icmph = {
670 .icmp6_type = NDISC_ROUTER_SOLICITATION,
671 },
672 };
673
674 if (send_sllao)
675 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
676 dev->dev_addr,
677 NDISC_ROUTER_SOLICITATION);
678
679 ndisc_send_skb(skb, daddr, saddr);
680}
681
682
683static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
684{
685 /*
686 * "The sender MUST return an ICMP
687 * destination unreachable"
688 */
689 dst_link_failure(skb);
690 kfree_skb(skb);
691}
692
693/* Called with locked neigh: either read or both */
694
695static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
696{
697 struct in6_addr *saddr = NULL;
698 struct in6_addr mcaddr;
699 struct net_device *dev = neigh->dev;
700 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
701 int probes = atomic_read(&neigh->probes);
702
703 if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
704 dev, 1,
705 IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
706 saddr = &ipv6_hdr(skb)->saddr;
707 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
708 if (probes < 0) {
709 if (!(neigh->nud_state & NUD_VALID)) {
710 ND_PRINTK(1, dbg,
711 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
712 __func__, target);
713 }
714 ndisc_send_ns(dev, target, target, saddr, 0);
715 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
716 neigh_app_ns(neigh);
717 } else {
718 addrconf_addr_solict_mult(target, &mcaddr);
719 ndisc_send_ns(dev, target, &mcaddr, saddr, 0);
720 }
721}
722
723static int pndisc_is_router(const void *pkey,
724 struct net_device *dev)
725{
726 struct pneigh_entry *n;
727 int ret = -1;
728
729 read_lock_bh(&nd_tbl.lock);
730 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
731 if (n)
732 ret = !!(n->flags & NTF_ROUTER);
733 read_unlock_bh(&nd_tbl.lock);
734
735 return ret;
736}
737
738void ndisc_update(const struct net_device *dev, struct neighbour *neigh,
739 const u8 *lladdr, u8 new, u32 flags, u8 icmp6_type,
740 struct ndisc_options *ndopts)
741{
742 neigh_update(neigh, lladdr, new, flags, 0);
743 /* report ndisc ops about neighbour update */
744 ndisc_ops_update(dev, neigh, flags, icmp6_type, ndopts);
745}
746
747static void ndisc_recv_ns(struct sk_buff *skb)
748{
749 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
750 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
751 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
752 u8 *lladdr = NULL;
753 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
754 offsetof(struct nd_msg, opt));
755 struct ndisc_options ndopts;
756 struct net_device *dev = skb->dev;
757 struct inet6_ifaddr *ifp;
758 struct inet6_dev *idev = NULL;
759 struct neighbour *neigh;
760 int dad = ipv6_addr_any(saddr);
761 bool inc;
762 int is_router = -1;
763 u64 nonce = 0;
764
765 if (skb->len < sizeof(struct nd_msg)) {
766 ND_PRINTK(2, warn, "NS: packet too short\n");
767 return;
768 }
769
770 if (ipv6_addr_is_multicast(&msg->target)) {
771 ND_PRINTK(2, warn, "NS: multicast target address\n");
772 return;
773 }
774
775 /*
776 * RFC2461 7.1.1:
777 * DAD has to be destined for solicited node multicast address.
778 */
779 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
780 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
781 return;
782 }
783
784 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
785 ND_PRINTK(2, warn, "NS: invalid ND options\n");
786 return;
787 }
788
789 if (ndopts.nd_opts_src_lladdr) {
790 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
791 if (!lladdr) {
792 ND_PRINTK(2, warn,
793 "NS: invalid link-layer address length\n");
794 return;
795 }
796
797 /* RFC2461 7.1.1:
798 * If the IP source address is the unspecified address,
799 * there MUST NOT be source link-layer address option
800 * in the message.
801 */
802 if (dad) {
803 ND_PRINTK(2, warn,
804 "NS: bad DAD packet (link-layer address option)\n");
805 return;
806 }
807 }
808 if (ndopts.nd_opts_nonce && ndopts.nd_opts_nonce->nd_opt_len == 1)
809 memcpy(&nonce, (u8 *)(ndopts.nd_opts_nonce + 1), 6);
810
811 inc = ipv6_addr_is_multicast(daddr);
812
813 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
814 if (ifp) {
815have_ifp:
816 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
817 if (dad) {
818 if (nonce != 0 && ifp->dad_nonce == nonce) {
819 u8 *np = (u8 *)&nonce;
820 /* Matching nonce if looped back */
821 ND_PRINTK(2, notice,
822 "%s: IPv6 DAD loopback for address %pI6c nonce %pM ignored\n",
823 ifp->idev->dev->name,
824 &ifp->addr, np);
825 goto out;
826 }
827 /*
828 * We are colliding with another node
829 * who is doing DAD
830 * so fail our DAD process
831 */
832 addrconf_dad_failure(ifp);
833 return;
834 } else {
835 /*
836 * This is not a dad solicitation.
837 * If we are an optimistic node,
838 * we should respond.
839 * Otherwise, we should ignore it.
840 */
841 if (!(ifp->flags & IFA_F_OPTIMISTIC))
842 goto out;
843 }
844 }
845
846 idev = ifp->idev;
847 } else {
848 struct net *net = dev_net(dev);
849
850 /* perhaps an address on the master device */
851 if (netif_is_l3_slave(dev)) {
852 struct net_device *mdev;
853
854 mdev = netdev_master_upper_dev_get_rcu(dev);
855 if (mdev) {
856 ifp = ipv6_get_ifaddr(net, &msg->target, mdev, 1);
857 if (ifp)
858 goto have_ifp;
859 }
860 }
861
862 idev = in6_dev_get(dev);
863 if (!idev) {
864 /* XXX: count this drop? */
865 return;
866 }
867
868 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
869 (idev->cnf.forwarding &&
870 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
871 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
872 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
873 skb->pkt_type != PACKET_HOST &&
874 inc &&
875 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
876 /*
877 * for anycast or proxy,
878 * sender should delay its response
879 * by a random time between 0 and
880 * MAX_ANYCAST_DELAY_TIME seconds.
881 * (RFC2461) -- yoshfuji
882 */
883 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
884 if (n)
885 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
886 goto out;
887 }
888 } else
889 goto out;
890 }
891
892 if (is_router < 0)
893 is_router = idev->cnf.forwarding;
894
895 if (dad) {
896 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &msg->target,
897 !!is_router, false, (ifp != NULL), true);
898 goto out;
899 }
900
901 if (inc)
902 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
903 else
904 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
905
906 /*
907 * update / create cache entry
908 * for the source address
909 */
910 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
911 !inc || lladdr || !dev->addr_len);
912 if (neigh)
913 ndisc_update(dev, neigh, lladdr, NUD_STALE,
914 NEIGH_UPDATE_F_WEAK_OVERRIDE|
915 NEIGH_UPDATE_F_OVERRIDE,
916 NDISC_NEIGHBOUR_SOLICITATION, &ndopts);
917 if (neigh || !dev->header_ops) {
918 ndisc_send_na(dev, saddr, &msg->target, !!is_router,
919 true, (ifp != NULL && inc), inc);
920 if (neigh)
921 neigh_release(neigh);
922 }
923
924out:
925 if (ifp)
926 in6_ifa_put(ifp);
927 else
928 in6_dev_put(idev);
929}
930
931static void ndisc_recv_na(struct sk_buff *skb)
932{
933 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
934 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
935 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
936 u8 *lladdr = NULL;
937 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
938 offsetof(struct nd_msg, opt));
939 struct ndisc_options ndopts;
940 struct net_device *dev = skb->dev;
941 struct inet6_dev *idev = __in6_dev_get(dev);
942 struct inet6_ifaddr *ifp;
943 struct neighbour *neigh;
944
945 if (skb->len < sizeof(struct nd_msg)) {
946 ND_PRINTK(2, warn, "NA: packet too short\n");
947 return;
948 }
949
950 if (ipv6_addr_is_multicast(&msg->target)) {
951 ND_PRINTK(2, warn, "NA: target address is multicast\n");
952 return;
953 }
954
955 if (ipv6_addr_is_multicast(daddr) &&
956 msg->icmph.icmp6_solicited) {
957 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
958 return;
959 }
960
961 /* For some 802.11 wireless deployments (and possibly other networks),
962 * there will be a NA proxy and unsolicitd packets are attacks
963 * and thus should not be accepted.
964 */
965 if (!msg->icmph.icmp6_solicited && idev &&
966 idev->cnf.drop_unsolicited_na)
967 return;
968
969 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
970 ND_PRINTK(2, warn, "NS: invalid ND option\n");
971 return;
972 }
973 if (ndopts.nd_opts_tgt_lladdr) {
974 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
975 if (!lladdr) {
976 ND_PRINTK(2, warn,
977 "NA: invalid link-layer address length\n");
978 return;
979 }
980 }
981 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
982 if (ifp) {
983 if (skb->pkt_type != PACKET_LOOPBACK
984 && (ifp->flags & IFA_F_TENTATIVE)) {
985 addrconf_dad_failure(ifp);
986 return;
987 }
988 /* What should we make now? The advertisement
989 is invalid, but ndisc specs say nothing
990 about it. It could be misconfiguration, or
991 an smart proxy agent tries to help us :-)
992
993 We should not print the error if NA has been
994 received from loopback - it is just our own
995 unsolicited advertisement.
996 */
997 if (skb->pkt_type != PACKET_LOOPBACK)
998 ND_PRINTK(1, warn,
999 "NA: someone advertises our address %pI6 on %s!\n",
1000 &ifp->addr, ifp->idev->dev->name);
1001 in6_ifa_put(ifp);
1002 return;
1003 }
1004 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
1005
1006 if (neigh) {
1007 u8 old_flags = neigh->flags;
1008 struct net *net = dev_net(dev);
1009
1010 if (neigh->nud_state & NUD_FAILED)
1011 goto out;
1012
1013 /*
1014 * Don't update the neighbor cache entry on a proxy NA from
1015 * ourselves because either the proxied node is off link or it
1016 * has already sent a NA to us.
1017 */
1018 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
1019 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
1020 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
1021 /* XXX: idev->cnf.proxy_ndp */
1022 goto out;
1023 }
1024
1025 ndisc_update(dev, neigh, lladdr,
1026 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
1027 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1028 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
1029 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1030 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0),
1031 NDISC_NEIGHBOUR_ADVERTISEMENT, &ndopts);
1032
1033 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
1034 /*
1035 * Change: router to host
1036 */
1037 rt6_clean_tohost(dev_net(dev), saddr);
1038 }
1039
1040out:
1041 neigh_release(neigh);
1042 }
1043}
1044
1045static void ndisc_recv_rs(struct sk_buff *skb)
1046{
1047 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1048 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1049 struct neighbour *neigh;
1050 struct inet6_dev *idev;
1051 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1052 struct ndisc_options ndopts;
1053 u8 *lladdr = NULL;
1054
1055 if (skb->len < sizeof(*rs_msg))
1056 return;
1057
1058 idev = __in6_dev_get(skb->dev);
1059 if (!idev) {
1060 ND_PRINTK(1, err, "RS: can't find in6 device\n");
1061 return;
1062 }
1063
1064 /* Don't accept RS if we're not in router mode */
1065 if (!idev->cnf.forwarding)
1066 goto out;
1067
1068 /*
1069 * Don't update NCE if src = ::;
1070 * this implies that the source node has no ip address assigned yet.
1071 */
1072 if (ipv6_addr_any(saddr))
1073 goto out;
1074
1075 /* Parse ND options */
1076 if (!ndisc_parse_options(skb->dev, rs_msg->opt, ndoptlen, &ndopts)) {
1077 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
1078 goto out;
1079 }
1080
1081 if (ndopts.nd_opts_src_lladdr) {
1082 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1083 skb->dev);
1084 if (!lladdr)
1085 goto out;
1086 }
1087
1088 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1089 if (neigh) {
1090 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1091 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1092 NEIGH_UPDATE_F_OVERRIDE|
1093 NEIGH_UPDATE_F_OVERRIDE_ISROUTER,
1094 NDISC_ROUTER_SOLICITATION, &ndopts);
1095 neigh_release(neigh);
1096 }
1097out:
1098 return;
1099}
1100
1101static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1102{
1103 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1104 struct sk_buff *skb;
1105 struct nlmsghdr *nlh;
1106 struct nduseroptmsg *ndmsg;
1107 struct net *net = dev_net(ra->dev);
1108 int err;
1109 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1110 + (opt->nd_opt_len << 3));
1111 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1112
1113 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1114 if (!skb) {
1115 err = -ENOBUFS;
1116 goto errout;
1117 }
1118
1119 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1120 if (!nlh) {
1121 goto nla_put_failure;
1122 }
1123
1124 ndmsg = nlmsg_data(nlh);
1125 ndmsg->nduseropt_family = AF_INET6;
1126 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1127 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1128 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1129 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1130
1131 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1132
1133 if (nla_put_in6_addr(skb, NDUSEROPT_SRCADDR, &ipv6_hdr(ra)->saddr))
1134 goto nla_put_failure;
1135 nlmsg_end(skb, nlh);
1136
1137 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1138 return;
1139
1140nla_put_failure:
1141 nlmsg_free(skb);
1142 err = -EMSGSIZE;
1143errout:
1144 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1145}
1146
1147static void ndisc_router_discovery(struct sk_buff *skb)
1148{
1149 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1150 struct neighbour *neigh = NULL;
1151 struct inet6_dev *in6_dev;
1152 struct rt6_info *rt = NULL;
1153 int lifetime;
1154 struct ndisc_options ndopts;
1155 int optlen;
1156 unsigned int pref = 0;
1157 __u32 old_if_flags;
1158 bool send_ifinfo_notify = false;
1159
1160 __u8 *opt = (__u8 *)(ra_msg + 1);
1161
1162 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1163 sizeof(struct ra_msg);
1164
1165 ND_PRINTK(2, info,
1166 "RA: %s, dev: %s\n",
1167 __func__, skb->dev->name);
1168 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1169 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1170 return;
1171 }
1172 if (optlen < 0) {
1173 ND_PRINTK(2, warn, "RA: packet too short\n");
1174 return;
1175 }
1176
1177#ifdef CONFIG_IPV6_NDISC_NODETYPE
1178 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1179 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1180 return;
1181 }
1182#endif
1183
1184 /*
1185 * set the RA_RECV flag in the interface
1186 */
1187
1188 in6_dev = __in6_dev_get(skb->dev);
1189 if (!in6_dev) {
1190 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1191 skb->dev->name);
1192 return;
1193 }
1194
1195 if (!ndisc_parse_options(skb->dev, opt, optlen, &ndopts)) {
1196 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1197 return;
1198 }
1199
1200 if (!ipv6_accept_ra(in6_dev)) {
1201 ND_PRINTK(2, info,
1202 "RA: %s, did not accept ra for dev: %s\n",
1203 __func__, skb->dev->name);
1204 goto skip_linkparms;
1205 }
1206
1207#ifdef CONFIG_IPV6_NDISC_NODETYPE
1208 /* skip link-specific parameters from interior routers */
1209 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1210 ND_PRINTK(2, info,
1211 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1212 __func__, skb->dev->name);
1213 goto skip_linkparms;
1214 }
1215#endif
1216
1217 if (in6_dev->if_flags & IF_RS_SENT) {
1218 /*
1219 * flag that an RA was received after an RS was sent
1220 * out on this interface.
1221 */
1222 in6_dev->if_flags |= IF_RA_RCVD;
1223 }
1224
1225 /*
1226 * Remember the managed/otherconf flags from most recently
1227 * received RA message (RFC 2462) -- yoshfuji
1228 */
1229 old_if_flags = in6_dev->if_flags;
1230 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1231 IF_RA_OTHERCONF)) |
1232 (ra_msg->icmph.icmp6_addrconf_managed ?
1233 IF_RA_MANAGED : 0) |
1234 (ra_msg->icmph.icmp6_addrconf_other ?
1235 IF_RA_OTHERCONF : 0);
1236
1237 if (old_if_flags != in6_dev->if_flags)
1238 send_ifinfo_notify = true;
1239
1240 if (!in6_dev->cnf.accept_ra_defrtr) {
1241 ND_PRINTK(2, info,
1242 "RA: %s, defrtr is false for dev: %s\n",
1243 __func__, skb->dev->name);
1244 goto skip_defrtr;
1245 }
1246
1247 /* Do not accept RA with source-addr found on local machine unless
1248 * accept_ra_from_local is set to true.
1249 */
1250 if (!in6_dev->cnf.accept_ra_from_local &&
1251 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1252 in6_dev->dev, 0)) {
1253 ND_PRINTK(2, info,
1254 "RA from local address detected on dev: %s: default router ignored\n",
1255 skb->dev->name);
1256 goto skip_defrtr;
1257 }
1258
1259 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1260
1261#ifdef CONFIG_IPV6_ROUTER_PREF
1262 pref = ra_msg->icmph.icmp6_router_pref;
1263 /* 10b is handled as if it were 00b (medium) */
1264 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1265 !in6_dev->cnf.accept_ra_rtr_pref)
1266 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1267#endif
1268
1269 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1270
1271 if (rt) {
1272 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1273 if (!neigh) {
1274 ND_PRINTK(0, err,
1275 "RA: %s got default router without neighbour\n",
1276 __func__);
1277 ip6_rt_put(rt);
1278 return;
1279 }
1280 }
1281 if (rt && lifetime == 0) {
1282 ip6_del_rt(rt);
1283 rt = NULL;
1284 }
1285
1286 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1287 rt, lifetime, skb->dev->name);
1288 if (!rt && lifetime) {
1289 ND_PRINTK(3, info, "RA: adding default router\n");
1290
1291 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1292 if (!rt) {
1293 ND_PRINTK(0, err,
1294 "RA: %s failed to add default route\n",
1295 __func__);
1296 return;
1297 }
1298
1299 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1300 if (!neigh) {
1301 ND_PRINTK(0, err,
1302 "RA: %s got default router without neighbour\n",
1303 __func__);
1304 ip6_rt_put(rt);
1305 return;
1306 }
1307 neigh->flags |= NTF_ROUTER;
1308 } else if (rt) {
1309 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1310 }
1311
1312 if (rt)
1313 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1314 if (in6_dev->cnf.accept_ra_min_hop_limit < 256 &&
1315 ra_msg->icmph.icmp6_hop_limit) {
1316 if (in6_dev->cnf.accept_ra_min_hop_limit <= ra_msg->icmph.icmp6_hop_limit) {
1317 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1318 if (rt)
1319 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1320 ra_msg->icmph.icmp6_hop_limit);
1321 } else {
1322 ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than minimum\n");
1323 }
1324 }
1325
1326skip_defrtr:
1327
1328 /*
1329 * Update Reachable Time and Retrans Timer
1330 */
1331
1332 if (in6_dev->nd_parms) {
1333 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1334
1335 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1336 rtime = (rtime*HZ)/1000;
1337 if (rtime < HZ/10)
1338 rtime = HZ/10;
1339 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1340 in6_dev->tstamp = jiffies;
1341 send_ifinfo_notify = true;
1342 }
1343
1344 rtime = ntohl(ra_msg->reachable_time);
1345 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1346 rtime = (rtime*HZ)/1000;
1347
1348 if (rtime < HZ/10)
1349 rtime = HZ/10;
1350
1351 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1352 NEIGH_VAR_SET(in6_dev->nd_parms,
1353 BASE_REACHABLE_TIME, rtime);
1354 NEIGH_VAR_SET(in6_dev->nd_parms,
1355 GC_STALETIME, 3 * rtime);
1356 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1357 in6_dev->tstamp = jiffies;
1358 send_ifinfo_notify = true;
1359 }
1360 }
1361 }
1362
1363 /*
1364 * Send a notify if RA changed managed/otherconf flags or timer settings
1365 */
1366 if (send_ifinfo_notify)
1367 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1368
1369skip_linkparms:
1370
1371 /*
1372 * Process options.
1373 */
1374
1375 if (!neigh)
1376 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1377 skb->dev, 1);
1378 if (neigh) {
1379 u8 *lladdr = NULL;
1380 if (ndopts.nd_opts_src_lladdr) {
1381 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1382 skb->dev);
1383 if (!lladdr) {
1384 ND_PRINTK(2, warn,
1385 "RA: invalid link-layer address length\n");
1386 goto out;
1387 }
1388 }
1389 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1390 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1391 NEIGH_UPDATE_F_OVERRIDE|
1392 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1393 NEIGH_UPDATE_F_ISROUTER,
1394 NDISC_ROUTER_ADVERTISEMENT, &ndopts);
1395 }
1396
1397 if (!ipv6_accept_ra(in6_dev)) {
1398 ND_PRINTK(2, info,
1399 "RA: %s, accept_ra is false for dev: %s\n",
1400 __func__, skb->dev->name);
1401 goto out;
1402 }
1403
1404#ifdef CONFIG_IPV6_ROUTE_INFO
1405 if (!in6_dev->cnf.accept_ra_from_local &&
1406 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1407 in6_dev->dev, 0)) {
1408 ND_PRINTK(2, info,
1409 "RA from local address detected on dev: %s: router info ignored.\n",
1410 skb->dev->name);
1411 goto skip_routeinfo;
1412 }
1413
1414 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1415 struct nd_opt_hdr *p;
1416 for (p = ndopts.nd_opts_ri;
1417 p;
1418 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1419 struct route_info *ri = (struct route_info *)p;
1420#ifdef CONFIG_IPV6_NDISC_NODETYPE
1421 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1422 ri->prefix_len == 0)
1423 continue;
1424#endif
1425 if (ri->prefix_len == 0 &&
1426 !in6_dev->cnf.accept_ra_defrtr)
1427 continue;
1428 if (ri->prefix_len < in6_dev->cnf.accept_ra_rt_info_min_plen)
1429 continue;
1430 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1431 continue;
1432 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1433 &ipv6_hdr(skb)->saddr);
1434 }
1435 }
1436
1437skip_routeinfo:
1438#endif
1439
1440#ifdef CONFIG_IPV6_NDISC_NODETYPE
1441 /* skip link-specific ndopts from interior routers */
1442 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1443 ND_PRINTK(2, info,
1444 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1445 __func__, skb->dev->name);
1446 goto out;
1447 }
1448#endif
1449
1450 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1451 struct nd_opt_hdr *p;
1452 for (p = ndopts.nd_opts_pi;
1453 p;
1454 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1455 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1456 (p->nd_opt_len) << 3,
1457 ndopts.nd_opts_src_lladdr != NULL);
1458 }
1459 }
1460
1461 if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1462 __be32 n;
1463 u32 mtu;
1464
1465 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1466 mtu = ntohl(n);
1467
1468 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1469 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1470 } else if (in6_dev->cnf.mtu6 != mtu) {
1471 in6_dev->cnf.mtu6 = mtu;
1472
1473 if (rt)
1474 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1475
1476 rt6_mtu_change(skb->dev, mtu);
1477 }
1478 }
1479
1480 if (ndopts.nd_useropts) {
1481 struct nd_opt_hdr *p;
1482 for (p = ndopts.nd_useropts;
1483 p;
1484 p = ndisc_next_useropt(skb->dev, p,
1485 ndopts.nd_useropts_end)) {
1486 ndisc_ra_useropt(skb, p);
1487 }
1488 }
1489
1490 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1491 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1492 }
1493out:
1494 ip6_rt_put(rt);
1495 if (neigh)
1496 neigh_release(neigh);
1497}
1498
1499static void ndisc_redirect_rcv(struct sk_buff *skb)
1500{
1501 u8 *hdr;
1502 struct ndisc_options ndopts;
1503 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1504 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1505 offsetof(struct rd_msg, opt));
1506
1507#ifdef CONFIG_IPV6_NDISC_NODETYPE
1508 switch (skb->ndisc_nodetype) {
1509 case NDISC_NODETYPE_HOST:
1510 case NDISC_NODETYPE_NODEFAULT:
1511 ND_PRINTK(2, warn,
1512 "Redirect: from host or unauthorized router\n");
1513 return;
1514 }
1515#endif
1516
1517 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1518 ND_PRINTK(2, warn,
1519 "Redirect: source address is not link-local\n");
1520 return;
1521 }
1522
1523 if (!ndisc_parse_options(skb->dev, msg->opt, ndoptlen, &ndopts))
1524 return;
1525
1526 if (!ndopts.nd_opts_rh) {
1527 ip6_redirect_no_header(skb, dev_net(skb->dev),
1528 skb->dev->ifindex, 0);
1529 return;
1530 }
1531
1532 hdr = (u8 *)ndopts.nd_opts_rh;
1533 hdr += 8;
1534 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1535 return;
1536
1537 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1538}
1539
1540static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1541 struct sk_buff *orig_skb,
1542 int rd_len)
1543{
1544 u8 *opt = skb_put(skb, rd_len);
1545
1546 memset(opt, 0, 8);
1547 *(opt++) = ND_OPT_REDIRECT_HDR;
1548 *(opt++) = (rd_len >> 3);
1549 opt += 6;
1550
1551 skb_copy_bits(orig_skb, skb_network_offset(orig_skb), opt,
1552 rd_len - 8);
1553}
1554
1555void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1556{
1557 struct net_device *dev = skb->dev;
1558 struct net *net = dev_net(dev);
1559 struct sock *sk = net->ipv6.ndisc_sk;
1560 int optlen = 0;
1561 struct inet_peer *peer;
1562 struct sk_buff *buff;
1563 struct rd_msg *msg;
1564 struct in6_addr saddr_buf;
1565 struct rt6_info *rt;
1566 struct dst_entry *dst;
1567 struct flowi6 fl6;
1568 int rd_len;
1569 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL,
1570 ops_data_buf[NDISC_OPS_REDIRECT_DATA_SPACE], *ops_data = NULL;
1571 bool ret;
1572
1573 if (netif_is_l3_master(skb->dev)) {
1574 dev = __dev_get_by_index(dev_net(skb->dev), IPCB(skb)->iif);
1575 if (!dev)
1576 return;
1577 }
1578
1579 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1580 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1581 dev->name);
1582 return;
1583 }
1584
1585 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1586 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1587 ND_PRINTK(2, warn,
1588 "Redirect: target address is not link-local unicast\n");
1589 return;
1590 }
1591
1592 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1593 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1594
1595 dst = ip6_route_output(net, NULL, &fl6);
1596 if (dst->error) {
1597 dst_release(dst);
1598 return;
1599 }
1600 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1601 if (IS_ERR(dst))
1602 return;
1603
1604 rt = (struct rt6_info *) dst;
1605
1606 if (rt->rt6i_flags & RTF_GATEWAY) {
1607 ND_PRINTK(2, warn,
1608 "Redirect: destination is not a neighbour\n");
1609 goto release;
1610 }
1611 peer = inet_getpeer_v6(net->ipv6.peers, &ipv6_hdr(skb)->saddr, 1);
1612 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1613 if (peer)
1614 inet_putpeer(peer);
1615 if (!ret)
1616 goto release;
1617
1618 if (dev->addr_len) {
1619 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1620 if (!neigh) {
1621 ND_PRINTK(2, warn,
1622 "Redirect: no neigh for target address\n");
1623 goto release;
1624 }
1625
1626 read_lock_bh(&neigh->lock);
1627 if (neigh->nud_state & NUD_VALID) {
1628 memcpy(ha_buf, neigh->ha, dev->addr_len);
1629 read_unlock_bh(&neigh->lock);
1630 ha = ha_buf;
1631 optlen += ndisc_redirect_opt_addr_space(dev, neigh,
1632 ops_data_buf,
1633 &ops_data);
1634 } else
1635 read_unlock_bh(&neigh->lock);
1636
1637 neigh_release(neigh);
1638 }
1639
1640 rd_len = min_t(unsigned int,
1641 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1642 skb->len + 8);
1643 rd_len &= ~0x7;
1644 optlen += rd_len;
1645
1646 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1647 if (!buff)
1648 goto release;
1649
1650 msg = skb_put(buff, sizeof(*msg));
1651 *msg = (struct rd_msg) {
1652 .icmph = {
1653 .icmp6_type = NDISC_REDIRECT,
1654 },
1655 .target = *target,
1656 .dest = ipv6_hdr(skb)->daddr,
1657 };
1658
1659 /*
1660 * include target_address option
1661 */
1662
1663 if (ha)
1664 ndisc_fill_redirect_addr_option(buff, ha, ops_data);
1665
1666 /*
1667 * build redirect option and copy skb over to the new packet.
1668 */
1669
1670 if (rd_len)
1671 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1672
1673 skb_dst_set(buff, dst);
1674 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1675 return;
1676
1677release:
1678 dst_release(dst);
1679}
1680
1681static void pndisc_redo(struct sk_buff *skb)
1682{
1683 ndisc_recv_ns(skb);
1684 kfree_skb(skb);
1685}
1686
1687static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1688{
1689 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1690
1691 if (!idev)
1692 return true;
1693 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1694 idev->cnf.suppress_frag_ndisc) {
1695 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1696 return true;
1697 }
1698 return false;
1699}
1700
1701int ndisc_rcv(struct sk_buff *skb)
1702{
1703 struct nd_msg *msg;
1704
1705 if (ndisc_suppress_frag_ndisc(skb))
1706 return 0;
1707
1708 if (skb_linearize(skb))
1709 return 0;
1710
1711 msg = (struct nd_msg *)skb_transport_header(skb);
1712
1713 __skb_push(skb, skb->data - skb_transport_header(skb));
1714
1715 if (ipv6_hdr(skb)->hop_limit != 255) {
1716 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1717 ipv6_hdr(skb)->hop_limit);
1718 return 0;
1719 }
1720
1721 if (msg->icmph.icmp6_code != 0) {
1722 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1723 msg->icmph.icmp6_code);
1724 return 0;
1725 }
1726
1727 switch (msg->icmph.icmp6_type) {
1728 case NDISC_NEIGHBOUR_SOLICITATION:
1729 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1730 ndisc_recv_ns(skb);
1731 break;
1732
1733 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1734 ndisc_recv_na(skb);
1735 break;
1736
1737 case NDISC_ROUTER_SOLICITATION:
1738 ndisc_recv_rs(skb);
1739 break;
1740
1741 case NDISC_ROUTER_ADVERTISEMENT:
1742 ndisc_router_discovery(skb);
1743 break;
1744
1745 case NDISC_REDIRECT:
1746 ndisc_redirect_rcv(skb);
1747 break;
1748 }
1749
1750 return 0;
1751}
1752
1753static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1754{
1755 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1756 struct netdev_notifier_change_info *change_info;
1757 struct net *net = dev_net(dev);
1758 struct inet6_dev *idev;
1759
1760 switch (event) {
1761 case NETDEV_CHANGEADDR:
1762 neigh_changeaddr(&nd_tbl, dev);
1763 fib6_run_gc(0, net, false);
1764 /* fallthrough */
1765 case NETDEV_UP:
1766 idev = in6_dev_get(dev);
1767 if (!idev)
1768 break;
1769 if (idev->cnf.ndisc_notify ||
1770 net->ipv6.devconf_all->ndisc_notify)
1771 ndisc_send_unsol_na(dev);
1772 in6_dev_put(idev);
1773 break;
1774 case NETDEV_CHANGE:
1775 change_info = ptr;
1776 if (change_info->flags_changed & IFF_NOARP)
1777 neigh_changeaddr(&nd_tbl, dev);
1778 break;
1779 case NETDEV_DOWN:
1780 neigh_ifdown(&nd_tbl, dev);
1781 fib6_run_gc(0, net, false);
1782 break;
1783 case NETDEV_NOTIFY_PEERS:
1784 ndisc_send_unsol_na(dev);
1785 break;
1786 default:
1787 break;
1788 }
1789
1790 return NOTIFY_DONE;
1791}
1792
1793static struct notifier_block ndisc_netdev_notifier = {
1794 .notifier_call = ndisc_netdev_event,
1795 .priority = ADDRCONF_NOTIFY_PRIORITY - 5,
1796};
1797
1798#ifdef CONFIG_SYSCTL
1799static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1800 const char *func, const char *dev_name)
1801{
1802 static char warncomm[TASK_COMM_LEN];
1803 static int warned;
1804 if (strcmp(warncomm, current->comm) && warned < 5) {
1805 strcpy(warncomm, current->comm);
1806 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1807 warncomm, func,
1808 dev_name, ctl->procname,
1809 dev_name, ctl->procname);
1810 warned++;
1811 }
1812}
1813
1814int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1815{
1816 struct net_device *dev = ctl->extra1;
1817 struct inet6_dev *idev;
1818 int ret;
1819
1820 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1821 (strcmp(ctl->procname, "base_reachable_time") == 0))
1822 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1823
1824 if (strcmp(ctl->procname, "retrans_time") == 0)
1825 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1826
1827 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1828 ret = neigh_proc_dointvec_jiffies(ctl, write,
1829 buffer, lenp, ppos);
1830
1831 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1832 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1833 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1834 buffer, lenp, ppos);
1835 else
1836 ret = -1;
1837
1838 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1839 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1840 idev->nd_parms->reachable_time =
1841 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1842 idev->tstamp = jiffies;
1843 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1844 in6_dev_put(idev);
1845 }
1846 return ret;
1847}
1848
1849
1850#endif
1851
1852static int __net_init ndisc_net_init(struct net *net)
1853{
1854 struct ipv6_pinfo *np;
1855 struct sock *sk;
1856 int err;
1857
1858 err = inet_ctl_sock_create(&sk, PF_INET6,
1859 SOCK_RAW, IPPROTO_ICMPV6, net);
1860 if (err < 0) {
1861 ND_PRINTK(0, err,
1862 "NDISC: Failed to initialize the control socket (err %d)\n",
1863 err);
1864 return err;
1865 }
1866
1867 net->ipv6.ndisc_sk = sk;
1868
1869 np = inet6_sk(sk);
1870 np->hop_limit = 255;
1871 /* Do not loopback ndisc messages */
1872 np->mc_loop = 0;
1873
1874 return 0;
1875}
1876
1877static void __net_exit ndisc_net_exit(struct net *net)
1878{
1879 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1880}
1881
1882static struct pernet_operations ndisc_net_ops = {
1883 .init = ndisc_net_init,
1884 .exit = ndisc_net_exit,
1885};
1886
1887int __init ndisc_init(void)
1888{
1889 int err;
1890
1891 err = register_pernet_subsys(&ndisc_net_ops);
1892 if (err)
1893 return err;
1894 /*
1895 * Initialize the neighbour table
1896 */
1897 neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1898
1899#ifdef CONFIG_SYSCTL
1900 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1901 ndisc_ifinfo_sysctl_change);
1902 if (err)
1903 goto out_unregister_pernet;
1904out:
1905#endif
1906 return err;
1907
1908#ifdef CONFIG_SYSCTL
1909out_unregister_pernet:
1910 unregister_pernet_subsys(&ndisc_net_ops);
1911 goto out;
1912#endif
1913}
1914
1915int __init ndisc_late_init(void)
1916{
1917 return register_netdevice_notifier(&ndisc_netdev_notifier);
1918}
1919
1920void ndisc_late_cleanup(void)
1921{
1922 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1923}
1924
1925void ndisc_cleanup(void)
1926{
1927#ifdef CONFIG_SYSCTL
1928 neigh_sysctl_unregister(&nd_tbl.parms);
1929#endif
1930 neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1931 unregister_pernet_subsys(&ndisc_net_ops);
1932}