Gitiles
Code Review Sign In
192.168.1.100 / T108 / 50f43abd51b98a89a2ec2d51cd2725a28869fae6 / . / marvell / linux / net / ipv6 / ndisc.c
blob: aa4fbcae0b7ac54d733cbc2929727328b444028e [file] [log] [blame]
b.liue9582032025-04-17 19:18:16 +0800[diff] [blame]1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * Neighbour Discovery for IPv6
4 * Linux INET6 implementation
5 *
6 * Authors:
7 * Pedro Roque <roque@di.fc.ul.pt>
8 * Mike Shaver <shaver@ingenia.com>
9 */
10
11/*
12 * Changes:
13 *
14 * Alexey I. Froloff : RFC6106 (DNSSL) support
15 * Pierre Ynard : export userland ND options
16 * through netlink (RDNSS support)
17 * Lars Fenneberg : fixed MTU setting on receipt
18 * of an RA.
19 * Janos Farkas : kmalloc failure checks
20 * Alexey Kuznetsov : state machine reworked
21 * and moved to net/core.
22 * Pekka Savola : RFC2461 validation
23 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
24 */
25
26#define pr_fmt(fmt) "ICMPv6: " fmt
27
28#include <linux/module.h>
29#include <linux/errno.h>
30#include <linux/types.h>
31#include <linux/socket.h>
32#include <linux/sockios.h>
33#include <linux/sched.h>
34#include <linux/net.h>
35#include <linux/in6.h>
36#include <linux/route.h>
37#include <linux/init.h>
38#include <linux/rcupdate.h>
39#include <linux/slab.h>
40#ifdef CONFIG_SYSCTL
41#include <linux/sysctl.h>
42#endif
43
44#include <linux/if_addr.h>
45#include <linux/if_ether.h>
46#include <linux/if_arp.h>
47#include <linux/ipv6.h>
48#include <linux/icmpv6.h>
49#include <linux/jhash.h>
50
51#include <net/sock.h>
52#include <net/snmp.h>
53
54#include <net/ipv6.h>
55#include <net/protocol.h>
56#include <net/ndisc.h>
57#include <net/ip6_route.h>
58#include <net/addrconf.h>
59#include <net/icmp.h>
60
61#include <net/netlink.h>
62#include <linux/rtnetlink.h>
63
64#include <net/flow.h>
65#include <net/ip6_checksum.h>
66#include <net/inet_common.h>
67#include <linux/proc_fs.h>
68
69#include <linux/netfilter.h>
70#include <linux/netfilter_ipv6.h>
71
72static u32 ndisc_hash(const void *pkey,
73 const struct net_device *dev,
74 __u32 *hash_rnd);
75static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey);
76static bool ndisc_allow_add(const struct net_device *dev,
77 struct netlink_ext_ack *extack);
78static int ndisc_constructor(struct neighbour *neigh);
79static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
80static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
81static int pndisc_constructor(struct pneigh_entry *n);
82static void pndisc_destructor(struct pneigh_entry *n);
83static void pndisc_redo(struct sk_buff *skb);
84static int ndisc_is_multicast(const void *pkey);
85
86static const struct neigh_ops ndisc_generic_ops = {
87 .family = AF_INET6,
88 .solicit = ndisc_solicit,
89 .error_report = ndisc_error_report,
90 .output = neigh_resolve_output,
91 .connected_output = neigh_connected_output,
92};
93
94static const struct neigh_ops ndisc_hh_ops = {
95 .family = AF_INET6,
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_resolve_output,
100};
101
102
103static const struct neigh_ops ndisc_direct_ops = {
104 .family = AF_INET6,
105 .output = neigh_direct_output,
106 .connected_output = neigh_direct_output,
107};
108
109struct neigh_table nd_tbl = {
110 .family = AF_INET6,
111 .key_len = sizeof(struct in6_addr),
112 .protocol = cpu_to_be16(ETH_P_IPV6),
113 .hash = ndisc_hash,
114 .key_eq = ndisc_key_eq,
115 .constructor = ndisc_constructor,
116 .pconstructor = pndisc_constructor,
117 .pdestructor = pndisc_destructor,
118 .proxy_redo = pndisc_redo,
119 .is_multicast = ndisc_is_multicast,
120 .allow_add = ndisc_allow_add,
121 .id = "ndisc_cache",
122 .parms = {
123 .tbl = &nd_tbl,
124 .reachable_time = ND_REACHABLE_TIME,
125 .data = {
126 [NEIGH_VAR_MCAST_PROBES] = 3,
127 [NEIGH_VAR_UCAST_PROBES] = 3,
128 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
129 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
130 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
131 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
132 [NEIGH_VAR_QUEUE_LEN_BYTES] = SK_WMEM_MAX,
133 [NEIGH_VAR_PROXY_QLEN] = 64,
134 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
135 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
136 },
137 },
138 .gc_interval = 30 * HZ,
139 .gc_thresh1 = 128,
140 .gc_thresh2 = 512,
141 .gc_thresh3 = 1024,
142};
143EXPORT_SYMBOL_GPL(nd_tbl);
144
145void __ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data,
146 int data_len, int pad)
147{
148 int space = __ndisc_opt_addr_space(data_len, pad);
149 u8 *opt = skb_put(skb, space);
150
151 opt[0] = type;
152 opt[1] = space>>3;
153
154 memset(opt + 2, 0, pad);
155 opt += pad;
156 space -= pad;
157
158 memcpy(opt+2, data, data_len);
159 data_len += 2;
160 opt += data_len;
161 space -= data_len;
162 if (space > 0)
163 memset(opt, 0, space);
164}
165EXPORT_SYMBOL_GPL(__ndisc_fill_addr_option);
166
167static inline void ndisc_fill_addr_option(struct sk_buff *skb, int type,
168 void *data, u8 icmp6_type)
169{
170 __ndisc_fill_addr_option(skb, type, data, skb->dev->addr_len,
171 ndisc_addr_option_pad(skb->dev->type));
172 ndisc_ops_fill_addr_option(skb->dev, skb, icmp6_type);
173}
174
175static inline void ndisc_fill_redirect_addr_option(struct sk_buff *skb,
176 void *ha,
177 const u8 *ops_data)
178{
179 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR, ha, NDISC_REDIRECT);
180 ndisc_ops_fill_redirect_addr_option(skb->dev, skb, ops_data);
181}
182
183static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
184 struct nd_opt_hdr *end)
185{
186 int type;
187 if (!cur || !end || cur >= end)
188 return NULL;
189 type = cur->nd_opt_type;
190 do {
191 cur = ((void *)cur) + (cur->nd_opt_len << 3);
192 } while (cur < end && cur->nd_opt_type != type);
193 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
194}
195
196static inline int ndisc_is_useropt(const struct net_device *dev,
197 struct nd_opt_hdr *opt)
198{
199 return opt->nd_opt_type == ND_OPT_PREFIX_INFO ||
200 opt->nd_opt_type == ND_OPT_RDNSS ||
201 opt->nd_opt_type == ND_OPT_DNSSL ||
202 opt->nd_opt_type == ND_OPT_CAPTIVE_PORTAL ||
203 opt->nd_opt_type == ND_OPT_PREF64 ||
204 ndisc_ops_is_useropt(dev, opt->nd_opt_type);
205}
206
207static struct nd_opt_hdr *ndisc_next_useropt(const struct net_device *dev,
208 struct nd_opt_hdr *cur,
209 struct nd_opt_hdr *end)
210{
211 if (!cur || !end || cur >= end)
212 return NULL;
213 do {
214 cur = ((void *)cur) + (cur->nd_opt_len << 3);
215 } while (cur < end && !ndisc_is_useropt(dev, cur));
216 return cur <= end && ndisc_is_useropt(dev, cur) ? cur : NULL;
217}
218
219struct ndisc_options *ndisc_parse_options(const struct net_device *dev,
220 u8 *opt, int opt_len,
221 struct ndisc_options *ndopts)
222{
223 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
224
225 if (!nd_opt || opt_len < 0 || !ndopts)
226 return NULL;
227 memset(ndopts, 0, sizeof(*ndopts));
228 while (opt_len) {
229 bool unknown = false;
230 int l;
231 if (opt_len < sizeof(struct nd_opt_hdr))
232 return NULL;
233 l = nd_opt->nd_opt_len << 3;
234 if (opt_len < l || l == 0)
235 return NULL;
236 if (ndisc_ops_parse_options(dev, nd_opt, ndopts))
237 goto next_opt;
238 switch (nd_opt->nd_opt_type) {
239 case ND_OPT_SOURCE_LL_ADDR:
240 case ND_OPT_TARGET_LL_ADDR:
241 case ND_OPT_MTU:
242 case ND_OPT_NONCE:
243 case ND_OPT_REDIRECT_HDR:
244 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
245 ND_PRINTK(2, warn,
246 "%s: duplicated ND6 option found: type=%d\n",
247 __func__, nd_opt->nd_opt_type);
248 } else {
249 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
250 }
251 break;
252 case ND_OPT_PREFIX_INFO:
253 ndopts->nd_opts_pi_end = nd_opt;
254 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
255 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
256 break;
257#ifdef CONFIG_IPV6_ROUTE_INFO
258 case ND_OPT_ROUTE_INFO:
259 ndopts->nd_opts_ri_end = nd_opt;
260 if (!ndopts->nd_opts_ri)
261 ndopts->nd_opts_ri = nd_opt;
262 break;
263#endif
264 default:
265 unknown = true;
266 }
267 if (ndisc_is_useropt(dev, nd_opt)) {
268 ndopts->nd_useropts_end = nd_opt;
269 if (!ndopts->nd_useropts)
270 ndopts->nd_useropts = nd_opt;
271 } else if (unknown) {
272 /*
273 * Unknown options must be silently ignored,
274 * to accommodate future extension to the
275 * protocol.
276 */
277 ND_PRINTK(2, notice,
278 "%s: ignored unsupported option; type=%d, len=%d\n",
279 __func__,
280 nd_opt->nd_opt_type,
281 nd_opt->nd_opt_len);
282 }
283next_opt:
284 opt_len -= l;
285 nd_opt = ((void *)nd_opt) + l;
286 }
287 return ndopts;
288}
289EXPORT_SYMBOL(ndisc_parse_options);
290
291int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
292{
293 switch (dev->type) {
294 case ARPHRD_ETHER:
295 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
296 case ARPHRD_FDDI:
297 ipv6_eth_mc_map(addr, buf);
298 return 0;
299 case ARPHRD_ARCNET:
300 ipv6_arcnet_mc_map(addr, buf);
301 return 0;
302 case ARPHRD_INFINIBAND:
303 ipv6_ib_mc_map(addr, dev->broadcast, buf);
304 return 0;
305 case ARPHRD_IPGRE:
306 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
307 default:
308 if (dir) {
309 memcpy(buf, dev->broadcast, dev->addr_len);
310 return 0;
311 }
312 }
313 return -EINVAL;
314}
315EXPORT_SYMBOL(ndisc_mc_map);
316
317static u32 ndisc_hash(const void *pkey,
318 const struct net_device *dev,
319 __u32 *hash_rnd)
320{
321 return ndisc_hashfn(pkey, dev, hash_rnd);
322}
323
324static bool ndisc_key_eq(const struct neighbour *n, const void *pkey)
325{
326 return neigh_key_eq128(n, pkey);
327}
328
329static int ndisc_constructor(struct neighbour *neigh)
330{
331 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
332 struct net_device *dev = neigh->dev;
333 struct inet6_dev *in6_dev;
334 struct neigh_parms *parms;
335 bool is_multicast = ipv6_addr_is_multicast(addr);
336
337 in6_dev = in6_dev_get(dev);
338 if (!in6_dev) {
339 return -EINVAL;
340 }
341
342 parms = in6_dev->nd_parms;
343 __neigh_parms_put(neigh->parms);
344 neigh->parms = neigh_parms_clone(parms);
345
346 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
347 if (!dev->header_ops) {
348 neigh->nud_state = NUD_NOARP;
349 neigh->ops = &ndisc_direct_ops;
350 neigh->output = neigh_direct_output;
351 } else {
352 if (is_multicast) {
353 neigh->nud_state = NUD_NOARP;
354 ndisc_mc_map(addr, neigh->ha, dev, 1);
355 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
356 neigh->nud_state = NUD_NOARP;
357 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
358 if (dev->flags&IFF_LOOPBACK)
359 neigh->type = RTN_LOCAL;
360 } else if (dev->flags&IFF_POINTOPOINT) {
361 neigh->nud_state = NUD_NOARP;
362 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
363 }
364 if (dev->header_ops->cache)
365 neigh->ops = &ndisc_hh_ops;
366 else
367 neigh->ops = &ndisc_generic_ops;
368 if (neigh->nud_state&NUD_VALID)
369 neigh->output = neigh->ops->connected_output;
370 else
371 neigh->output = neigh->ops->output;
372 }
373 in6_dev_put(in6_dev);
374 return 0;
375}
376
377static int pndisc_constructor(struct pneigh_entry *n)
378{
379 struct in6_addr *addr = (struct in6_addr *)&n->key;
380 struct in6_addr maddr;
381 struct net_device *dev = n->dev;
382
383 if (!dev || !__in6_dev_get(dev))
384 return -EINVAL;
385 addrconf_addr_solict_mult(addr, &maddr);
386 ipv6_dev_mc_inc(dev, &maddr);
387 return 0;
388}
389
390static void pndisc_destructor(struct pneigh_entry *n)
391{
392 struct in6_addr *addr = (struct in6_addr *)&n->key;
393 struct in6_addr maddr;
394 struct net_device *dev = n->dev;
395
396 if (!dev || !__in6_dev_get(dev))
397 return;
398 addrconf_addr_solict_mult(addr, &maddr);
399 ipv6_dev_mc_dec(dev, &maddr);
400}
401
402/* called with rtnl held */
403static bool ndisc_allow_add(const struct net_device *dev,
404 struct netlink_ext_ack *extack)
405{
406 struct inet6_dev *idev = __in6_dev_get(dev);
407
408 if (!idev || idev->cnf.disable_ipv6) {
409 NL_SET_ERR_MSG(extack, "IPv6 is disabled on this device");
410 return false;
411 }
412
413 return true;
414}
415
416static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
417 int len)
418{
419 int hlen = LL_RESERVED_SPACE(dev);
420 int tlen = dev->needed_tailroom;
421 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
422 struct sk_buff *skb;
423
424 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
425 if (!skb) {
426 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
427 __func__);
428 return NULL;
429 }
430
431 skb->protocol = htons(ETH_P_IPV6);
432 skb->dev = dev;
433
434 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
435 skb_reset_transport_header(skb);
436
437 /* Manually assign socket ownership as we avoid calling
438 * sock_alloc_send_pskb() to bypass wmem buffer limits
439 */
440 skb_set_owner_w(skb, sk);
441
442 return skb;
443}
444
445static void ip6_nd_hdr(struct sk_buff *skb,
446 const struct in6_addr *saddr,
447 const struct in6_addr *daddr,
448 int hop_limit, int len)
449{
450 struct ipv6hdr *hdr;
451 struct inet6_dev *idev;
452 unsigned tclass;
453
454 rcu_read_lock();
455 idev = __in6_dev_get(skb->dev);
456 tclass = idev ? idev->cnf.ndisc_tclass : 0;
457 rcu_read_unlock();
458
459 skb_push(skb, sizeof(*hdr));
460 skb_reset_network_header(skb);
461 hdr = ipv6_hdr(skb);
462
463 ip6_flow_hdr(hdr, tclass, 0);
464
465 hdr->payload_len = htons(len);
466 hdr->nexthdr = IPPROTO_ICMPV6;
467 hdr->hop_limit = hop_limit;
468
469 hdr->saddr = *saddr;
470 hdr->daddr = *daddr;
471}
472
473static void ndisc_send_skb(struct sk_buff *skb,
474 const struct in6_addr *daddr,
475 const struct in6_addr *saddr)
476{
477 struct dst_entry *dst = skb_dst(skb);
478 struct net *net = dev_net(skb->dev);
479 struct sock *sk = net->ipv6.ndisc_sk;
480 struct inet6_dev *idev;
481 int err;
482 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
483 u8 type;
484
485 type = icmp6h->icmp6_type;
486
487 if (!dst) {
488 struct flowi6 fl6;
489 int oif = skb->dev->ifindex;
490
491 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, oif);
492 dst = icmp6_dst_alloc(skb->dev, &fl6);
493 if (IS_ERR(dst)) {
494 kfree_skb(skb);
495 return;
496 }
497
498 skb_dst_set(skb, dst);
499 }
500
501 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
502 IPPROTO_ICMPV6,
503 csum_partial(icmp6h,
504 skb->len, 0));
505
506 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
507
508 rcu_read_lock();
509 idev = __in6_dev_get(dst->dev);
510 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
511
512 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
513 net, sk, skb, NULL, dst->dev,
514 dst_output);
515 if (!err) {
516 ICMP6MSGOUT_INC_STATS(net, idev, type);
517 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
518 }
519
520 rcu_read_unlock();
521}
522
523void ndisc_send_na(struct net_device *dev, const struct in6_addr *daddr,
524 const struct in6_addr *solicited_addr,
525 bool router, bool solicited, bool override, bool inc_opt)
526{
527 struct sk_buff *skb;
528 struct in6_addr tmpaddr;
529 struct inet6_ifaddr *ifp;
530 const struct in6_addr *src_addr;
531 struct nd_msg *msg;
532 int optlen = 0;
533
534 /* for anycast or proxy, solicited_addr != src_addr */
535 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
536 if (ifp) {
537 src_addr = solicited_addr;
538 if (ifp->flags & IFA_F_OPTIMISTIC)
539 override = false;
540 inc_opt |= ifp->idev->cnf.force_tllao;
541 in6_ifa_put(ifp);
542 } else {
543 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
544 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
545 &tmpaddr))
546 return;
547 src_addr = &tmpaddr;
548 }
549
550 if (!dev->addr_len)
551 inc_opt = false;
552 if (inc_opt)
553 optlen += ndisc_opt_addr_space(dev,
554 NDISC_NEIGHBOUR_ADVERTISEMENT);
555
556 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
557 if (!skb)
558 return;
559
560 msg = skb_put(skb, sizeof(*msg));
561 *msg = (struct nd_msg) {
562 .icmph = {
563 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
564 .icmp6_router = router,
565 .icmp6_solicited = solicited,
566 .icmp6_override = override,
567 },
568 .target = *solicited_addr,
569 };
570
571 if (inc_opt)
572 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
573 dev->dev_addr,
574 NDISC_NEIGHBOUR_ADVERTISEMENT);
575
576 ndisc_send_skb(skb, daddr, src_addr);
577}
578
579static void ndisc_send_unsol_na(struct net_device *dev)
580{
581 struct inet6_dev *idev;
582 struct inet6_ifaddr *ifa;
583
584 idev = in6_dev_get(dev);
585 if (!idev)
586 return;
587
588 read_lock_bh(&idev->lock);
589 list_for_each_entry(ifa, &idev->addr_list, if_list) {
590 /* skip tentative addresses until dad completes */
591 if (ifa->flags & IFA_F_TENTATIVE &&
592 !(ifa->flags & IFA_F_OPTIMISTIC))
593 continue;
594
595 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &ifa->addr,
596 /*router=*/ !!idev->cnf.forwarding,
597 /*solicited=*/ false, /*override=*/ true,
598 /*inc_opt=*/ true);
599 }
600 read_unlock_bh(&idev->lock);
601
602 in6_dev_put(idev);
603}
604
605void ndisc_send_ns(struct net_device *dev, const struct in6_addr *solicit,
606 const struct in6_addr *daddr, const struct in6_addr *saddr,
607 u64 nonce)
608{
609 struct sk_buff *skb;
610 struct in6_addr addr_buf;
611 int inc_opt = dev->addr_len;
612 int optlen = 0;
613 struct nd_msg *msg;
614
615 if (!saddr) {
616 if (ipv6_get_lladdr(dev, &addr_buf,
617 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
618 return;
619 saddr = &addr_buf;
620 }
621
622 if (ipv6_addr_any(saddr))
623 inc_opt = false;
624 if (inc_opt)
625 optlen += ndisc_opt_addr_space(dev,
626 NDISC_NEIGHBOUR_SOLICITATION);
627 if (nonce != 0)
628 optlen += 8;
629
630 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
631 if (!skb)
632 return;
633
634 msg = skb_put(skb, sizeof(*msg));
635 *msg = (struct nd_msg) {
636 .icmph = {
637 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
638 },
639 .target = *solicit,
640 };
641
642 if (inc_opt)
643 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
644 dev->dev_addr,
645 NDISC_NEIGHBOUR_SOLICITATION);
646 if (nonce != 0) {
647 u8 *opt = skb_put(skb, 8);
648
649 opt[0] = ND_OPT_NONCE;
650 opt[1] = 8 >> 3;
651 memcpy(opt + 2, &nonce, 6);
652 }
653
654 ndisc_send_skb(skb, daddr, saddr);
655}
656
657void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
658 const struct in6_addr *daddr)
659{
660 struct sk_buff *skb;
661 struct rs_msg *msg;
662 int send_sllao = dev->addr_len;
663 int optlen = 0;
664
665#ifdef CONFIG_IPV6_OPTIMISTIC_DAD
666 /*
667 * According to section 2.2 of RFC 4429, we must not
668 * send router solicitations with a sllao from
669 * optimistic addresses, but we may send the solicitation
670 * if we don't include the sllao. So here we check
671 * if our address is optimistic, and if so, we
672 * suppress the inclusion of the sllao.
673 */
674 if (send_sllao) {
675 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
676 dev, 1);
677 if (ifp) {
678 if (ifp->flags & IFA_F_OPTIMISTIC) {
679 send_sllao = 0;
680 }
681 in6_ifa_put(ifp);
682 } else {
683 send_sllao = 0;
684 }
685 }
686#endif
687 if (send_sllao)
688 optlen += ndisc_opt_addr_space(dev, NDISC_ROUTER_SOLICITATION);
689
690 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
691 if (!skb)
692 return;
693
694 msg = skb_put(skb, sizeof(*msg));
695 *msg = (struct rs_msg) {
696 .icmph = {
697 .icmp6_type = NDISC_ROUTER_SOLICITATION,
698 },
699 };
700
701 if (send_sllao)
702 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
703 dev->dev_addr,
704 NDISC_ROUTER_SOLICITATION);
705
706 ndisc_send_skb(skb, daddr, saddr);
707}
708EXPORT_SYMBOL(ndisc_send_rs);
709
710
711static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
712{
713 /*
714 * "The sender MUST return an ICMP
715 * destination unreachable"
716 */
717 dst_link_failure(skb);
718 kfree_skb(skb);
719}
720
721/* Called with locked neigh: either read or both */
722
723static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
724{
725 struct in6_addr *saddr = NULL;
726 struct in6_addr mcaddr;
727 struct net_device *dev = neigh->dev;
728 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
729 int probes = atomic_read(&neigh->probes);
730
731 if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
732 dev, false, 1,
733 IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
734 saddr = &ipv6_hdr(skb)->saddr;
735 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
736 if (probes < 0) {
737 if (!(neigh->nud_state & NUD_VALID)) {
738 ND_PRINTK(1, dbg,
739 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
740 __func__, target);
741 }
742 ndisc_send_ns(dev, target, target, saddr, 0);
743 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
744 neigh_app_ns(neigh);
745 } else {
746 addrconf_addr_solict_mult(target, &mcaddr);
747 ndisc_send_ns(dev, target, &mcaddr, saddr, 0);
748 }
749}
750
751static int pndisc_is_router(const void *pkey,
752 struct net_device *dev)
753{
754 struct pneigh_entry *n;
755 int ret = -1;
756
757 read_lock_bh(&nd_tbl.lock);
758 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
759 if (n)
760 ret = !!(n->flags & NTF_ROUTER);
761 read_unlock_bh(&nd_tbl.lock);
762
763 return ret;
764}
765
766void ndisc_update(const struct net_device *dev, struct neighbour *neigh,
767 const u8 *lladdr, u8 new, u32 flags, u8 icmp6_type,
768 struct ndisc_options *ndopts)
769{
770 neigh_update(neigh, lladdr, new, flags, 0);
771 /* report ndisc ops about neighbour update */
772 ndisc_ops_update(dev, neigh, flags, icmp6_type, ndopts);
773}
774
775static void ndisc_recv_ns(struct sk_buff *skb)
776{
777 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
778 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
779 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
780 u8 *lladdr = NULL;
781 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
782 offsetof(struct nd_msg, opt));
783 struct ndisc_options ndopts;
784 struct net_device *dev = skb->dev;
785 struct inet6_ifaddr *ifp;
786 struct inet6_dev *idev = NULL;
787 struct neighbour *neigh;
788 int dad = ipv6_addr_any(saddr);
789 bool inc;
790 int is_router = -1;
791 u64 nonce = 0;
792
793 if (skb->len < sizeof(struct nd_msg)) {
794 ND_PRINTK(2, warn, "NS: packet too short\n");
795 return;
796 }
797
798 if (ipv6_addr_is_multicast(&msg->target)) {
799 ND_PRINTK(2, warn, "NS: multicast target address\n");
800 return;
801 }
802
803 /*
804 * RFC2461 7.1.1:
805 * DAD has to be destined for solicited node multicast address.
806 */
807 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
808 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
809 return;
810 }
811
812 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
813 ND_PRINTK(2, warn, "NS: invalid ND options\n");
814 return;
815 }
816
817 if (ndopts.nd_opts_src_lladdr) {
818 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
819 if (!lladdr) {
820 ND_PRINTK(2, warn,
821 "NS: invalid link-layer address length\n");
822 return;
823 }
824
825 /* RFC2461 7.1.1:
826 * If the IP source address is the unspecified address,
827 * there MUST NOT be source link-layer address option
828 * in the message.
829 */
830 if (dad) {
831 ND_PRINTK(2, warn,
832 "NS: bad DAD packet (link-layer address option)\n");
833 return;
834 }
835 }
836 if (ndopts.nd_opts_nonce && ndopts.nd_opts_nonce->nd_opt_len == 1)
837 memcpy(&nonce, (u8 *)(ndopts.nd_opts_nonce + 1), 6);
838
839 inc = ipv6_addr_is_multicast(daddr);
840
841 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
842 if (ifp) {
843have_ifp:
844 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
845 if (dad) {
846 if (nonce != 0 && ifp->dad_nonce == nonce) {
847 u8 *np = (u8 *)&nonce;
848 /* Matching nonce if looped back */
849 ND_PRINTK(2, notice,
850 "%s: IPv6 DAD loopback for address %pI6c nonce %pM ignored\n",
851 ifp->idev->dev->name,
852 &ifp->addr, np);
853 goto out;
854 }
855 /*
856 * We are colliding with another node
857 * who is doing DAD
858 * so fail our DAD process
859 */
860 addrconf_dad_failure(skb, ifp);
861 return;
862 } else {
863 /*
864 * This is not a dad solicitation.
865 * If we are an optimistic node,
866 * we should respond.
867 * Otherwise, we should ignore it.
868 */
869 if (!(ifp->flags & IFA_F_OPTIMISTIC))
870 goto out;
871 }
872 }
873
874 idev = ifp->idev;
875 } else {
876 struct net *net = dev_net(dev);
877
878 /* perhaps an address on the master device */
879 if (netif_is_l3_slave(dev)) {
880 struct net_device *mdev;
881
882 mdev = netdev_master_upper_dev_get_rcu(dev);
883 if (mdev) {
884 ifp = ipv6_get_ifaddr(net, &msg->target, mdev, 1);
885 if (ifp)
886 goto have_ifp;
887 }
888 }
889
890 idev = in6_dev_get(dev);
891 if (!idev) {
892 /* XXX: count this drop? */
893 return;
894 }
895
896 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
897 (idev->cnf.forwarding &&
898 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
899 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
900 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
901 skb->pkt_type != PACKET_HOST &&
902 inc &&
903 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
904 /*
905 * for anycast or proxy,
906 * sender should delay its response
907 * by a random time between 0 and
908 * MAX_ANYCAST_DELAY_TIME seconds.
909 * (RFC2461) -- yoshfuji
910 */
911 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
912 if (n)
913 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
914 goto out;
915 }
916 } else
917 goto out;
918 }
919
920 if (is_router < 0)
921 is_router = idev->cnf.forwarding;
922
923 if (dad) {
924 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &msg->target,
925 !!is_router, false, (ifp != NULL), true);
926 goto out;
927 }
928
929 if (inc)
930 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
931 else
932 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
933
934 /*
935 * update / create cache entry
936 * for the source address
937 */
938 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
939 !inc || lladdr || !dev->addr_len);
940 if (neigh)
941 ndisc_update(dev, neigh, lladdr, NUD_STALE,
942 NEIGH_UPDATE_F_WEAK_OVERRIDE|
943 NEIGH_UPDATE_F_OVERRIDE,
944 NDISC_NEIGHBOUR_SOLICITATION, &ndopts);
945 if (neigh || !dev->header_ops) {
946 ndisc_send_na(dev, saddr, &msg->target, !!is_router,
947 true, (ifp != NULL && inc), inc);
948 if (neigh)
949 neigh_release(neigh);
950 }
951
952out:
953 if (ifp)
954 in6_ifa_put(ifp);
955 else
956 in6_dev_put(idev);
957}
958
959static void ndisc_recv_na(struct sk_buff *skb)
960{
961 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
962 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
963 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
964 u8 *lladdr = NULL;
965 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
966 offsetof(struct nd_msg, opt));
967 struct ndisc_options ndopts;
968 struct net_device *dev = skb->dev;
969 struct inet6_dev *idev = __in6_dev_get(dev);
970 struct inet6_ifaddr *ifp;
971 struct neighbour *neigh;
972
973 if (skb->len < sizeof(struct nd_msg)) {
974 ND_PRINTK(2, warn, "NA: packet too short\n");
975 return;
976 }
977
978 if (ipv6_addr_is_multicast(&msg->target)) {
979 ND_PRINTK(2, warn, "NA: target address is multicast\n");
980 return;
981 }
982
983 if (ipv6_addr_is_multicast(daddr) &&
984 msg->icmph.icmp6_solicited) {
985 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
986 return;
987 }
988
989 /* For some 802.11 wireless deployments (and possibly other networks),
990 * there will be a NA proxy and unsolicitd packets are attacks
991 * and thus should not be accepted.
992 */
993 if (!msg->icmph.icmp6_solicited && idev &&
994 idev->cnf.drop_unsolicited_na)
995 return;
996
997 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
998 ND_PRINTK(2, warn, "NS: invalid ND option\n");
999 return;
1000 }
1001 if (ndopts.nd_opts_tgt_lladdr) {
1002 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
1003 if (!lladdr) {
1004 ND_PRINTK(2, warn,
1005 "NA: invalid link-layer address length\n");
1006 return;
1007 }
1008 }
1009 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
1010 if (ifp) {
1011 if (skb->pkt_type != PACKET_LOOPBACK
1012 && (ifp->flags & IFA_F_TENTATIVE)) {
1013 addrconf_dad_failure(skb, ifp);
1014 return;
1015 }
1016 /* What should we make now? The advertisement
1017 is invalid, but ndisc specs say nothing
1018 about it. It could be misconfiguration, or
1019 an smart proxy agent tries to help us :-)
1020
1021 We should not print the error if NA has been
1022 received from loopback - it is just our own
1023 unsolicited advertisement.
1024 */
1025 if (skb->pkt_type != PACKET_LOOPBACK)
1026 ND_PRINTK(1, warn,
1027 "NA: %pM advertised our address %pI6c on %s!\n",
1028 eth_hdr(skb)->h_source, &ifp->addr, ifp->idev->dev->name);
1029 in6_ifa_put(ifp);
1030 return;
1031 }
1032 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
1033
1034 if (neigh) {
1035 u8 old_flags = neigh->flags;
1036 struct net *net = dev_net(dev);
1037
1038 if (neigh->nud_state & NUD_FAILED)
1039 goto out;
1040
1041 /*
1042 * Don't update the neighbor cache entry on a proxy NA from
1043 * ourselves because either the proxied node is off link or it
1044 * has already sent a NA to us.
1045 */
1046 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
1047 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
1048 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
1049 /* XXX: idev->cnf.proxy_ndp */
1050 goto out;
1051 }
1052
1053 ndisc_update(dev, neigh, lladdr,
1054 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
1055 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1056 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
1057 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1058 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0),
1059 NDISC_NEIGHBOUR_ADVERTISEMENT, &ndopts);
1060
1061 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
1062 /*
1063 * Change: router to host
1064 */
1065 rt6_clean_tohost(dev_net(dev), saddr);
1066 }
1067
1068out:
1069 neigh_release(neigh);
1070 }
1071}
1072
1073static void ndisc_recv_rs(struct sk_buff *skb)
1074{
1075 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1076 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1077 struct neighbour *neigh;
1078 struct inet6_dev *idev;
1079 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1080 struct ndisc_options ndopts;
1081 u8 *lladdr = NULL;
1082
1083 if (skb->len < sizeof(*rs_msg))
1084 return;
1085
1086 idev = __in6_dev_get(skb->dev);
1087 if (!idev) {
1088 ND_PRINTK(1, err, "RS: can't find in6 device\n");
1089 return;
1090 }
1091
1092 /* Don't accept RS if we're not in router mode */
1093 if (!idev->cnf.forwarding)
1094 goto out;
1095
1096 /*
1097 * Don't update NCE if src = ::;
1098 * this implies that the source node has no ip address assigned yet.
1099 */
1100 if (ipv6_addr_any(saddr))
1101 goto out;
1102
1103 /* Parse ND options */
1104 if (!ndisc_parse_options(skb->dev, rs_msg->opt, ndoptlen, &ndopts)) {
1105 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
1106 goto out;
1107 }
1108
1109 if (ndopts.nd_opts_src_lladdr) {
1110 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1111 skb->dev);
1112 if (!lladdr)
1113 goto out;
1114 }
1115
1116 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1117 if (neigh) {
1118 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1119 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1120 NEIGH_UPDATE_F_OVERRIDE|
1121 NEIGH_UPDATE_F_OVERRIDE_ISROUTER,
1122 NDISC_ROUTER_SOLICITATION, &ndopts);
1123 neigh_release(neigh);
1124 }
1125out:
1126 return;
1127}
1128
1129static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1130{
1131 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1132 struct sk_buff *skb;
1133 struct nlmsghdr *nlh;
1134 struct nduseroptmsg *ndmsg;
1135 struct net *net = dev_net(ra->dev);
1136 int err;
1137 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1138 + (opt->nd_opt_len << 3));
1139 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1140
1141 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1142 if (!skb) {
1143 err = -ENOBUFS;
1144 goto errout;
1145 }
1146
1147 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1148 if (!nlh) {
1149 goto nla_put_failure;
1150 }
1151
1152 ndmsg = nlmsg_data(nlh);
1153 ndmsg->nduseropt_family = AF_INET6;
1154 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1155 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1156 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1157 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1158
1159 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1160
1161 if (nla_put_in6_addr(skb, NDUSEROPT_SRCADDR, &ipv6_hdr(ra)->saddr))
1162 goto nla_put_failure;
1163 nlmsg_end(skb, nlh);
1164
1165 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1166 return;
1167
1168nla_put_failure:
1169 nlmsg_free(skb);
1170 err = -EMSGSIZE;
1171errout:
1172 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1173}
1174
1175static void ndisc_router_discovery(struct sk_buff *skb)
1176{
1177 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1178 struct neighbour *neigh = NULL;
1179 struct inet6_dev *in6_dev;
1180 struct fib6_info *rt = NULL;
1181 struct net *net;
1182 int lifetime;
1183 struct ndisc_options ndopts;
1184 int optlen;
1185 unsigned int pref = 0;
1186 __u32 old_if_flags;
1187 bool send_ifinfo_notify = false;
1188
1189 __u8 *opt = (__u8 *)(ra_msg + 1);
1190
1191 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1192 sizeof(struct ra_msg);
1193
1194 ND_PRINTK(2, info,
1195 "RA: %s, dev: %s\n",
1196 __func__, skb->dev->name);
1197 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1198 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1199 return;
1200 }
1201 if (optlen < 0) {
1202 ND_PRINTK(2, warn, "RA: packet too short\n");
1203 return;
1204 }
1205
1206#ifdef CONFIG_IPV6_NDISC_NODETYPE
1207 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1208 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1209 return;
1210 }
1211#endif
1212
1213 /*
1214 * set the RA_RECV flag in the interface
1215 */
1216
1217 in6_dev = __in6_dev_get(skb->dev);
1218 if (!in6_dev) {
1219 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1220 skb->dev->name);
1221 return;
1222 }
1223
1224 if (!ndisc_parse_options(skb->dev, opt, optlen, &ndopts)) {
1225 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1226 return;
1227 }
1228
1229 if (!ipv6_accept_ra(in6_dev)) {
1230 ND_PRINTK(2, info,
1231 "RA: %s, did not accept ra for dev: %s\n",
1232 __func__, skb->dev->name);
1233 goto skip_linkparms;
1234 }
1235
1236#ifdef CONFIG_IPV6_NDISC_NODETYPE
1237 /* skip link-specific parameters from interior routers */
1238 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1239 ND_PRINTK(2, info,
1240 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1241 __func__, skb->dev->name);
1242 goto skip_linkparms;
1243 }
1244#endif
1245
1246 if (in6_dev->if_flags & IF_RS_SENT) {
1247 /*
1248 * flag that an RA was received after an RS was sent
1249 * out on this interface.
1250 */
1251 in6_dev->if_flags |= IF_RA_RCVD;
1252 }
1253
1254 /*
1255 * Remember the managed/otherconf flags from most recently
1256 * received RA message (RFC 2462) -- yoshfuji
1257 */
1258 old_if_flags = in6_dev->if_flags;
1259 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1260 IF_RA_OTHERCONF)) |
1261 (ra_msg->icmph.icmp6_addrconf_managed ?
1262 IF_RA_MANAGED : 0) |
1263 (ra_msg->icmph.icmp6_addrconf_other ?
1264 IF_RA_OTHERCONF : 0);
1265
1266 if (old_if_flags != in6_dev->if_flags)
1267 send_ifinfo_notify = true;
1268
1269 if (!in6_dev->cnf.accept_ra_defrtr) {
1270 ND_PRINTK(2, info,
1271 "RA: %s, defrtr is false for dev: %s\n",
1272 __func__, skb->dev->name);
1273 goto skip_defrtr;
1274 }
1275
1276 /* Do not accept RA with source-addr found on local machine unless
1277 * accept_ra_from_local is set to true.
1278 */
1279 net = dev_net(in6_dev->dev);
1280 if (!in6_dev->cnf.accept_ra_from_local &&
1281 ipv6_chk_addr(net, &ipv6_hdr(skb)->saddr, in6_dev->dev, 0)) {
1282 ND_PRINTK(2, info,
1283 "RA from local address detected on dev: %s: default router ignored\n",
1284 skb->dev->name);
1285 goto skip_defrtr;
1286 }
1287
1288 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1289
1290#ifdef CONFIG_IPV6_ROUTER_PREF
1291 pref = ra_msg->icmph.icmp6_router_pref;
1292 /* 10b is handled as if it were 00b (medium) */
1293 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1294 !in6_dev->cnf.accept_ra_rtr_pref)
1295 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1296#endif
1297 /* routes added from RAs do not use nexthop objects */
1298 rt = rt6_get_dflt_router(net, &ipv6_hdr(skb)->saddr, skb->dev);
1299 if (rt) {
1300 neigh = ip6_neigh_lookup(&rt->fib6_nh->fib_nh_gw6,
1301 rt->fib6_nh->fib_nh_dev, NULL,
1302 &ipv6_hdr(skb)->saddr);
1303 if (!neigh) {
1304 ND_PRINTK(0, err,
1305 "RA: %s got default router without neighbour\n",
1306 __func__);
1307 fib6_info_release(rt);
1308 return;
1309 }
1310 }
1311 if (rt && lifetime == 0) {
1312 ip6_del_rt(net, rt);
1313 rt = NULL;
1314 }
1315
1316 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1317 rt, lifetime, skb->dev->name);
1318 if (!rt && lifetime) {
1319 ND_PRINTK(3, info, "RA: adding default router\n");
1320
1321 rt = rt6_add_dflt_router(net, &ipv6_hdr(skb)->saddr,
1322 skb->dev, pref);
1323 if (!rt) {
1324 ND_PRINTK(0, err,
1325 "RA: %s failed to add default route\n",
1326 __func__);
1327 return;
1328 }
1329
1330 if (likely(strncasecmp(skb->dev->name, "ccinet7", 7)))
1331 rt6_add_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1332
1333 neigh = ip6_neigh_lookup(&rt->fib6_nh->fib_nh_gw6,
1334 rt->fib6_nh->fib_nh_dev, NULL,
1335 &ipv6_hdr(skb)->saddr);
1336 if (!neigh) {
1337 ND_PRINTK(0, err,
1338 "RA: %s got default router without neighbour\n",
1339 __func__);
1340 fib6_info_release(rt);
1341 return;
1342 }
1343 neigh->flags |= NTF_ROUTER;
1344 } else if (rt) {
1345 rt->fib6_flags = (rt->fib6_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1346 }
1347
1348 if (rt)
1349 fib6_set_expires(rt, jiffies + (HZ * lifetime));
1350 if (in6_dev->cnf.accept_ra_min_hop_limit < 256 &&
1351 ra_msg->icmph.icmp6_hop_limit) {
1352 if (in6_dev->cnf.accept_ra_min_hop_limit <= ra_msg->icmph.icmp6_hop_limit) {
1353 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1354 fib6_metric_set(rt, RTAX_HOPLIMIT,
1355 ra_msg->icmph.icmp6_hop_limit);
1356 } else {
1357 ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than minimum\n");
1358 }
1359 }
1360
1361skip_defrtr:
1362
1363 /*
1364 * Update Reachable Time and Retrans Timer
1365 */
1366
1367 if (in6_dev->nd_parms) {
1368 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1369
1370 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1371 rtime = (rtime*HZ)/1000;
1372 if (rtime < HZ/10)
1373 rtime = HZ/10;
1374 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1375 in6_dev->tstamp = jiffies;
1376 send_ifinfo_notify = true;
1377 }
1378
1379 rtime = ntohl(ra_msg->reachable_time);
1380 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1381 rtime = (rtime*HZ)/1000;
1382
1383 if (rtime < HZ/10)
1384 rtime = HZ/10;
1385
1386 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1387 NEIGH_VAR_SET(in6_dev->nd_parms,
1388 BASE_REACHABLE_TIME, rtime);
1389 NEIGH_VAR_SET(in6_dev->nd_parms,
1390 GC_STALETIME, 3 * rtime);
1391 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1392 in6_dev->tstamp = jiffies;
1393 send_ifinfo_notify = true;
1394 }
1395 }
1396 }
1397
1398 /*
1399 * Send a notify if RA changed managed/otherconf flags or timer settings
1400 */
1401 if (send_ifinfo_notify)
1402 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1403
1404skip_linkparms:
1405
1406 /*
1407 * Process options.
1408 */
1409
1410 if (!neigh)
1411 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1412 skb->dev, 1);
1413 if (neigh) {
1414 u8 *lladdr = NULL;
1415 if (ndopts.nd_opts_src_lladdr) {
1416 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1417 skb->dev);
1418 if (!lladdr) {
1419 ND_PRINTK(2, warn,
1420 "RA: invalid link-layer address length\n");
1421 goto out;
1422 }
1423 }
1424 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1425 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1426 NEIGH_UPDATE_F_OVERRIDE|
1427 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1428 NEIGH_UPDATE_F_ISROUTER,
1429 NDISC_ROUTER_ADVERTISEMENT, &ndopts);
1430 }
1431
1432 if (!ipv6_accept_ra(in6_dev)) {
1433 ND_PRINTK(2, info,
1434 "RA: %s, accept_ra is false for dev: %s\n",
1435 __func__, skb->dev->name);
1436 goto out;
1437 }
1438
1439#ifdef CONFIG_IPV6_ROUTE_INFO
1440 if (!in6_dev->cnf.accept_ra_from_local &&
1441 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1442 in6_dev->dev, 0)) {
1443 ND_PRINTK(2, info,
1444 "RA from local address detected on dev: %s: router info ignored.\n",
1445 skb->dev->name);
1446 goto skip_routeinfo;
1447 }
1448
1449 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1450 struct nd_opt_hdr *p;
1451 for (p = ndopts.nd_opts_ri;
1452 p;
1453 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1454 struct route_info *ri = (struct route_info *)p;
1455#ifdef CONFIG_IPV6_NDISC_NODETYPE
1456 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1457 ri->prefix_len == 0)
1458 continue;
1459#endif
1460 if (ri->prefix_len == 0 &&
1461 !in6_dev->cnf.accept_ra_defrtr)
1462 continue;
1463 if (ri->prefix_len < in6_dev->cnf.accept_ra_rt_info_min_plen)
1464 continue;
1465 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1466 continue;
1467 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1468 &ipv6_hdr(skb)->saddr);
1469 }
1470 }
1471
1472skip_routeinfo:
1473#endif
1474
1475#ifdef CONFIG_IPV6_NDISC_NODETYPE
1476 /* skip link-specific ndopts from interior routers */
1477 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1478 ND_PRINTK(2, info,
1479 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1480 __func__, skb->dev->name);
1481 goto out;
1482 }
1483#endif
1484
1485 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1486 struct nd_opt_hdr *p;
1487 for (p = ndopts.nd_opts_pi;
1488 p;
1489 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1490 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1491 (p->nd_opt_len) << 3,
1492 ndopts.nd_opts_src_lladdr != NULL);
1493 }
1494 }
1495
1496 if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1497 __be32 n;
1498 u32 mtu;
1499
1500 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1501 mtu = ntohl(n);
1502
1503 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1504 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1505 } else if (in6_dev->cnf.mtu6 != mtu) {
1506 in6_dev->cnf.mtu6 = mtu;
1507 fib6_metric_set(rt, RTAX_MTU, mtu);
1508 rt6_mtu_change(skb->dev, mtu);
1509 }
1510 }
1511
1512 if (ndopts.nd_useropts) {
1513 struct nd_opt_hdr *p;
1514 for (p = ndopts.nd_useropts;
1515 p;
1516 p = ndisc_next_useropt(skb->dev, p,
1517 ndopts.nd_useropts_end)) {
1518 ndisc_ra_useropt(skb, p);
1519 }
1520 }
1521
1522 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1523 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1524 }
1525out:
1526 fib6_info_release(rt);
1527 if (neigh)
1528 neigh_release(neigh);
1529}
1530
1531static void ndisc_redirect_rcv(struct sk_buff *skb)
1532{
1533 u8 *hdr;
1534 struct ndisc_options ndopts;
1535 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1536 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1537 offsetof(struct rd_msg, opt));
1538
1539#ifdef CONFIG_IPV6_NDISC_NODETYPE
1540 switch (skb->ndisc_nodetype) {
1541 case NDISC_NODETYPE_HOST:
1542 case NDISC_NODETYPE_NODEFAULT:
1543 ND_PRINTK(2, warn,
1544 "Redirect: from host or unauthorized router\n");
1545 return;
1546 }
1547#endif
1548
1549 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1550 ND_PRINTK(2, warn,
1551 "Redirect: source address is not link-local\n");
1552 return;
1553 }
1554
1555 if (!ndisc_parse_options(skb->dev, msg->opt, ndoptlen, &ndopts))
1556 return;
1557
1558 if (!ndopts.nd_opts_rh) {
1559 ip6_redirect_no_header(skb, dev_net(skb->dev),
1560 skb->dev->ifindex);
1561 return;
1562 }
1563
1564 hdr = (u8 *)ndopts.nd_opts_rh;
1565 hdr += 8;
1566 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1567 return;
1568
1569 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1570}
1571
1572static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1573 struct sk_buff *orig_skb,
1574 int rd_len)
1575{
1576 u8 *opt = skb_put(skb, rd_len);
1577
1578 memset(opt, 0, 8);
1579 *(opt++) = ND_OPT_REDIRECT_HDR;
1580 *(opt++) = (rd_len >> 3);
1581 opt += 6;
1582
1583 skb_copy_bits(orig_skb, skb_network_offset(orig_skb), opt,
1584 rd_len - 8);
1585}
1586
1587void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1588{
1589 struct net_device *dev = skb->dev;
1590 struct net *net = dev_net(dev);
1591 struct sock *sk = net->ipv6.ndisc_sk;
1592 int optlen = 0;
1593 struct inet_peer *peer;
1594 struct sk_buff *buff;
1595 struct rd_msg *msg;
1596 struct in6_addr saddr_buf;
1597 struct rt6_info *rt;
1598 struct dst_entry *dst;
1599 struct flowi6 fl6;
1600 int rd_len;
1601 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL,
1602 ops_data_buf[NDISC_OPS_REDIRECT_DATA_SPACE], *ops_data = NULL;
1603 bool ret;
1604
1605 if (netif_is_l3_master(skb->dev)) {
1606 dev = __dev_get_by_index(dev_net(skb->dev), IPCB(skb)->iif);
1607 if (!dev)
1608 return;
1609 }
1610
1611 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1612 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1613 dev->name);
1614 return;
1615 }
1616
1617 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1618 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1619 ND_PRINTK(2, warn,
1620 "Redirect: target address is not link-local unicast\n");
1621 return;
1622 }
1623
1624 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1625 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1626
1627 dst = ip6_route_output(net, NULL, &fl6);
1628 if (dst->error) {
1629 dst_release(dst);
1630 return;
1631 }
1632 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1633 if (IS_ERR(dst))
1634 return;
1635
1636 rt = (struct rt6_info *) dst;
1637
1638 if (rt->rt6i_flags & RTF_GATEWAY) {
1639 ND_PRINTK(2, warn,
1640 "Redirect: destination is not a neighbour\n");
1641 goto release;
1642 }
1643 peer = inet_getpeer_v6(net->ipv6.peers, &ipv6_hdr(skb)->saddr, 1);
1644 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1645 if (peer)
1646 inet_putpeer(peer);
1647 if (!ret)
1648 goto release;
1649
1650 if (dev->addr_len) {
1651 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1652 if (!neigh) {
1653 ND_PRINTK(2, warn,
1654 "Redirect: no neigh for target address\n");
1655 goto release;
1656 }
1657
1658 read_lock_bh(&neigh->lock);
1659 if (neigh->nud_state & NUD_VALID) {
1660 memcpy(ha_buf, neigh->ha, dev->addr_len);
1661 read_unlock_bh(&neigh->lock);
1662 ha = ha_buf;
1663 optlen += ndisc_redirect_opt_addr_space(dev, neigh,
1664 ops_data_buf,
1665 &ops_data);
1666 } else
1667 read_unlock_bh(&neigh->lock);
1668
1669 neigh_release(neigh);
1670 }
1671
1672 rd_len = min_t(unsigned int,
1673 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1674 skb->len + 8);
1675 rd_len &= ~0x7;
1676 optlen += rd_len;
1677
1678 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1679 if (!buff)
1680 goto release;
1681
1682 msg = skb_put(buff, sizeof(*msg));
1683 *msg = (struct rd_msg) {
1684 .icmph = {
1685 .icmp6_type = NDISC_REDIRECT,
1686 },
1687 .target = *target,
1688 .dest = ipv6_hdr(skb)->daddr,
1689 };
1690
1691 /*
1692 * include target_address option
1693 */
1694
1695 if (ha)
1696 ndisc_fill_redirect_addr_option(buff, ha, ops_data);
1697
1698 /*
1699 * build redirect option and copy skb over to the new packet.
1700 */
1701
1702 if (rd_len)
1703 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1704
1705 skb_dst_set(buff, dst);
1706 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1707 return;
1708
1709release:
1710 dst_release(dst);
1711}
1712
1713static void pndisc_redo(struct sk_buff *skb)
1714{
1715 ndisc_recv_ns(skb);
1716 kfree_skb(skb);
1717}
1718
1719static int ndisc_is_multicast(const void *pkey)
1720{
1721 return ipv6_addr_is_multicast((struct in6_addr *)pkey);
1722}
1723
1724static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1725{
1726 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1727
1728 if (!idev)
1729 return true;
1730 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1731 idev->cnf.suppress_frag_ndisc) {
1732 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1733 return true;
1734 }
1735 return false;
1736}
1737
1738int ndisc_rcv(struct sk_buff *skb)
1739{
1740 struct nd_msg *msg;
1741
1742 if (ndisc_suppress_frag_ndisc(skb))
1743 return 0;
1744
1745 if (skb_linearize(skb))
1746 return 0;
1747
1748 msg = (struct nd_msg *)skb_transport_header(skb);
1749
1750 __skb_push(skb, skb->data - skb_transport_header(skb));
1751
1752 if (ipv6_hdr(skb)->hop_limit != 255) {
1753 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1754 ipv6_hdr(skb)->hop_limit);
1755 return 0;
1756 }
1757
1758 if (msg->icmph.icmp6_code != 0) {
1759 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1760 msg->icmph.icmp6_code);
1761 return 0;
1762 }
1763
1764 switch (msg->icmph.icmp6_type) {
1765 case NDISC_NEIGHBOUR_SOLICITATION:
1766 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1767 ndisc_recv_ns(skb);
1768 break;
1769
1770 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1771 ndisc_recv_na(skb);
1772 break;
1773
1774 case NDISC_ROUTER_SOLICITATION:
1775 ndisc_recv_rs(skb);
1776 break;
1777
1778 case NDISC_ROUTER_ADVERTISEMENT:
1779 ndisc_router_discovery(skb);
1780 break;
1781
1782 case NDISC_REDIRECT:
1783 ndisc_redirect_rcv(skb);
1784 break;
1785 }
1786
1787 return 0;
1788}
1789
1790static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1791{
1792 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1793 struct netdev_notifier_change_info *change_info;
1794 struct net *net = dev_net(dev);
1795 struct inet6_dev *idev;
1796
1797 switch (event) {
1798 case NETDEV_CHANGEADDR:
1799 neigh_changeaddr(&nd_tbl, dev);
1800 fib6_run_gc(0, net, false);
1801 /* fallthrough */
1802 case NETDEV_UP:
1803 idev = in6_dev_get(dev);
1804 if (!idev)
1805 break;
1806 if (idev->cnf.ndisc_notify ||
1807 net->ipv6.devconf_all->ndisc_notify)
1808 ndisc_send_unsol_na(dev);
1809 in6_dev_put(idev);
1810 break;
1811 case NETDEV_CHANGE:
1812 change_info = ptr;
1813 if (change_info->flags_changed & IFF_NOARP)
1814 neigh_changeaddr(&nd_tbl, dev);
1815 if (!netif_carrier_ok(dev))
1816 neigh_carrier_down(&nd_tbl, dev);
1817 break;
1818 case NETDEV_DOWN:
1819 neigh_ifdown(&nd_tbl, dev);
1820 fib6_run_gc(0, net, false);
1821 break;
1822 case NETDEV_NOTIFY_PEERS:
1823 ndisc_send_unsol_na(dev);
1824 break;
1825 default:
1826 break;
1827 }
1828
1829 return NOTIFY_DONE;
1830}
1831
1832static struct notifier_block ndisc_netdev_notifier = {
1833 .notifier_call = ndisc_netdev_event,
1834 .priority = ADDRCONF_NOTIFY_PRIORITY - 5,
1835};
1836
1837#ifdef CONFIG_SYSCTL
1838static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1839 const char *func, const char *dev_name)
1840{
1841 static char warncomm[TASK_COMM_LEN];
1842 static int warned;
1843 if (strcmp(warncomm, current->comm) && warned < 5) {
1844 strcpy(warncomm, current->comm);
1845 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1846 warncomm, func,
1847 dev_name, ctl->procname,
1848 dev_name, ctl->procname);
1849 warned++;
1850 }
1851}
1852
1853int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1854{
1855 struct net_device *dev = ctl->extra1;
1856 struct inet6_dev *idev;
1857 int ret;
1858
1859 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1860 (strcmp(ctl->procname, "base_reachable_time") == 0))
1861 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1862
1863 if (strcmp(ctl->procname, "retrans_time") == 0)
1864 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1865
1866 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1867 ret = neigh_proc_dointvec_jiffies(ctl, write,
1868 buffer, lenp, ppos);
1869
1870 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1871 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1872 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1873 buffer, lenp, ppos);
1874 else
1875 ret = -1;
1876
1877 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1878 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1879 idev->nd_parms->reachable_time =
1880 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1881 idev->tstamp = jiffies;
1882 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1883 in6_dev_put(idev);
1884 }
1885 return ret;
1886}
1887
1888
1889#endif
1890
1891static int __net_init ndisc_net_init(struct net *net)
1892{
1893 struct ipv6_pinfo *np;
1894 struct sock *sk;
1895 int err;
1896
1897 err = inet_ctl_sock_create(&sk, PF_INET6,
1898 SOCK_RAW, IPPROTO_ICMPV6, net);
1899 if (err < 0) {
1900 ND_PRINTK(0, err,
1901 "NDISC: Failed to initialize the control socket (err %d)\n",
1902 err);
1903 return err;
1904 }
1905
1906 net->ipv6.ndisc_sk = sk;
1907
1908 np = inet6_sk(sk);
1909 np->hop_limit = 255;
1910 /* Do not loopback ndisc messages */
1911 np->mc_loop = 0;
1912
1913 return 0;
1914}
1915
1916static void __net_exit ndisc_net_exit(struct net *net)
1917{
1918 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1919}
1920
1921static struct pernet_operations ndisc_net_ops = {
1922 .init = ndisc_net_init,
1923 .exit = ndisc_net_exit,
1924};
1925
1926int __init ndisc_init(void)
1927{
1928 int err;
1929
1930 err = register_pernet_subsys(&ndisc_net_ops);
1931 if (err)
1932 return err;
1933 /*
1934 * Initialize the neighbour table
1935 */
1936 neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1937
1938#ifdef CONFIG_SYSCTL
1939 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1940 ndisc_ifinfo_sysctl_change);
1941 if (err)
1942 goto out_unregister_pernet;
1943out:
1944#endif
1945 return err;
1946
1947#ifdef CONFIG_SYSCTL
1948out_unregister_pernet:
1949 unregister_pernet_subsys(&ndisc_net_ops);
1950 goto out;
1951#endif
1952}
1953
1954int __init ndisc_late_init(void)
1955{
1956 return register_netdevice_notifier(&ndisc_netdev_notifier);
1957}
1958
1959void ndisc_late_cleanup(void)
1960{
1961 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1962}
1963
1964void ndisc_cleanup(void)
1965{
1966#ifdef CONFIG_SYSCTL
1967 neigh_sysctl_unregister(&nd_tbl.parms);
1968#endif
1969 neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1970 unregister_pernet_subsys(&ndisc_net_ops);
1971}