Gitiles
Code Review Sign In
192.168.1.100 / T800 / e2381fbede2313f15e12a3dea9726ff3dc828f34 / . / src / kernel / linux / v4.19 / net / ipv6 / ndisc.c
blob: 987f8d19879084683e0ade58416a88fc6ed45066 [file] [log] [blame]
xjb04a4022021-11-25 15:01:52 +0800[diff] [blame]1/*
2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15/*
16 * Changes:
17 *
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
22 * of an RA.
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
28 */
29
30#define pr_fmt(fmt) "ICMPv6: " fmt
31
32#include <linux/module.h>
33#include <linux/errno.h>
34#include <linux/types.h>
35#include <linux/socket.h>
36#include <linux/sockios.h>
37#include <linux/sched.h>
38#include <linux/net.h>
39#include <linux/in6.h>
40#include <linux/route.h>
41#include <linux/init.h>
42#include <linux/rcupdate.h>
43#include <linux/slab.h>
44#ifdef CONFIG_SYSCTL
45#include <linux/sysctl.h>
46#endif
47
48#include <linux/if_addr.h>
49#include <linux/if_ether.h>
50#include <linux/if_arp.h>
51#include <linux/ipv6.h>
52#include <linux/icmpv6.h>
53#include <linux/jhash.h>
54
55#include <net/sock.h>
56#include <net/snmp.h>
57
58#include <net/ipv6.h>
59#include <net/protocol.h>
60#include <net/ndisc.h>
61#include <net/ip6_route.h>
62#include <net/addrconf.h>
63#include <net/icmp.h>
64
65#include <net/netlink.h>
66#include <linux/rtnetlink.h>
67
68#include <net/flow.h>
69#include <net/ip6_checksum.h>
70#include <net/inet_common.h>
71#include <linux/proc_fs.h>
72
73#include <linux/netfilter.h>
74#include <linux/netfilter_ipv6.h>
75
76static u32 ndisc_hash(const void *pkey,
77 const struct net_device *dev,
78 __u32 *hash_rnd);
79static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey);
80static int ndisc_constructor(struct neighbour *neigh);
81static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
82static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
83static int pndisc_constructor(struct pneigh_entry *n);
84static void pndisc_destructor(struct pneigh_entry *n);
85static void pndisc_redo(struct sk_buff *skb);
86
87static const struct neigh_ops ndisc_generic_ops = {
88 .family = AF_INET6,
89 .solicit = ndisc_solicit,
90 .error_report = ndisc_error_report,
91 .output = neigh_resolve_output,
92 .connected_output = neigh_connected_output,
93};
94
95static const struct neigh_ops ndisc_hh_ops = {
96 .family = AF_INET6,
97 .solicit = ndisc_solicit,
98 .error_report = ndisc_error_report,
99 .output = neigh_resolve_output,
100 .connected_output = neigh_resolve_output,
101};
102
103
104static const struct neigh_ops ndisc_direct_ops = {
105 .family = AF_INET6,
106 .output = neigh_direct_output,
107 .connected_output = neigh_direct_output,
108};
109
110struct neigh_table nd_tbl = {
111 .family = AF_INET6,
112 .key_len = sizeof(struct in6_addr),
113 .protocol = cpu_to_be16(ETH_P_IPV6),
114 .hash = ndisc_hash,
115 .key_eq = ndisc_key_eq,
116 .constructor = ndisc_constructor,
117 .pconstructor = pndisc_constructor,
118 .pdestructor = pndisc_destructor,
119 .proxy_redo = pndisc_redo,
120 .id = "ndisc_cache",
121 .parms = {
122 .tbl = &nd_tbl,
123 .reachable_time = ND_REACHABLE_TIME,
124 .data = {
125 [NEIGH_VAR_MCAST_PROBES] = 3,
126 [NEIGH_VAR_UCAST_PROBES] = 3,
127 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
128 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
129 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
130 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
131 [NEIGH_VAR_QUEUE_LEN_BYTES] = SK_WMEM_MAX,
132 [NEIGH_VAR_PROXY_QLEN] = 64,
133 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
134 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
135 },
136 },
137 .gc_interval = 30 * HZ,
138 .gc_thresh1 = 128,
139 .gc_thresh2 = 512,
140 .gc_thresh3 = 1024,
141};
142EXPORT_SYMBOL_GPL(nd_tbl);
143
144void __ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data,
145 int data_len, int pad)
146{
147 int space = __ndisc_opt_addr_space(data_len, pad);
148 u8 *opt = skb_put(skb, space);
149
150 opt[0] = type;
151 opt[1] = space>>3;
152
153 memset(opt + 2, 0, pad);
154 opt += pad;
155 space -= pad;
156
157 memcpy(opt+2, data, data_len);
158 data_len += 2;
159 opt += data_len;
160 space -= data_len;
161 if (space > 0)
162 memset(opt, 0, space);
163}
164EXPORT_SYMBOL_GPL(__ndisc_fill_addr_option);
165
166static inline void ndisc_fill_addr_option(struct sk_buff *skb, int type,
167 void *data, u8 icmp6_type)
168{
169 __ndisc_fill_addr_option(skb, type, data, skb->dev->addr_len,
170 ndisc_addr_option_pad(skb->dev->type));
171 ndisc_ops_fill_addr_option(skb->dev, skb, icmp6_type);
172}
173
174static inline void ndisc_fill_redirect_addr_option(struct sk_buff *skb,
175 void *ha,
176 const u8 *ops_data)
177{
178 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR, ha, NDISC_REDIRECT);
179 ndisc_ops_fill_redirect_addr_option(skb->dev, skb, ops_data);
180}
181
182static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
183 struct nd_opt_hdr *end)
184{
185 int type;
186 if (!cur || !end || cur >= end)
187 return NULL;
188 type = cur->nd_opt_type;
189 do {
190 cur = ((void *)cur) + (cur->nd_opt_len << 3);
191 } while (cur < end && cur->nd_opt_type != type);
192 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
193}
194
195static inline int ndisc_is_useropt(const struct net_device *dev,
196 struct nd_opt_hdr *opt)
197{
198 return opt->nd_opt_type == ND_OPT_RDNSS ||
199 opt->nd_opt_type == ND_OPT_DNSSL ||
200 opt->nd_opt_type == ND_OPT_CAPTIVE_PORTAL ||
201 ndisc_ops_is_useropt(dev, opt->nd_opt_type);
202}
203
204static struct nd_opt_hdr *ndisc_next_useropt(const struct net_device *dev,
205 struct nd_opt_hdr *cur,
206 struct nd_opt_hdr *end)
207{
208 if (!cur || !end || cur >= end)
209 return NULL;
210 do {
211 cur = ((void *)cur) + (cur->nd_opt_len << 3);
212 } while (cur < end && !ndisc_is_useropt(dev, cur));
213 return cur <= end && ndisc_is_useropt(dev, cur) ? cur : NULL;
214}
215
216struct ndisc_options *ndisc_parse_options(const struct net_device *dev,
217 u8 *opt, int opt_len,
218 struct ndisc_options *ndopts)
219{
220 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
221
222 if (!nd_opt || opt_len < 0 || !ndopts)
223 return NULL;
224 memset(ndopts, 0, sizeof(*ndopts));
225 while (opt_len) {
226 int l;
227 if (opt_len < sizeof(struct nd_opt_hdr))
228 return NULL;
229 l = nd_opt->nd_opt_len << 3;
230 if (opt_len < l || l == 0)
231 return NULL;
232 if (ndisc_ops_parse_options(dev, nd_opt, ndopts))
233 goto next_opt;
234 switch (nd_opt->nd_opt_type) {
235 case ND_OPT_SOURCE_LL_ADDR:
236 case ND_OPT_TARGET_LL_ADDR:
237 case ND_OPT_MTU:
238 case ND_OPT_NONCE:
239 case ND_OPT_REDIRECT_HDR:
240 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
241 ND_PRINTK(2, warn,
242 "%s: duplicated ND6 option found: type=%d\n",
243 __func__, nd_opt->nd_opt_type);
244 } else {
245 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
246 }
247 break;
248 case ND_OPT_PREFIX_INFO:
249 ndopts->nd_opts_pi_end = nd_opt;
250 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
251 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
252 break;
253#ifdef CONFIG_IPV6_ROUTE_INFO
254 case ND_OPT_ROUTE_INFO:
255 ndopts->nd_opts_ri_end = nd_opt;
256 if (!ndopts->nd_opts_ri)
257 ndopts->nd_opts_ri = nd_opt;
258 break;
259#endif
260 default:
261 if (ndisc_is_useropt(dev, nd_opt)) {
262 ndopts->nd_useropts_end = nd_opt;
263 if (!ndopts->nd_useropts)
264 ndopts->nd_useropts = nd_opt;
265 } else {
266 /*
267 * Unknown options must be silently ignored,
268 * to accommodate future extension to the
269 * protocol.
270 */
271 ND_PRINTK(2, notice,
272 "%s: ignored unsupported option; type=%d, len=%d\n",
273 __func__,
274 nd_opt->nd_opt_type,
275 nd_opt->nd_opt_len);
276 }
277 }
278next_opt:
279 opt_len -= l;
280 nd_opt = ((void *)nd_opt) + l;
281 }
282 return ndopts;
283}
284
285int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
286{
287 switch (dev->type) {
288 case ARPHRD_ETHER:
289 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
290 case ARPHRD_FDDI:
291 ipv6_eth_mc_map(addr, buf);
292 return 0;
293 case ARPHRD_ARCNET:
294 ipv6_arcnet_mc_map(addr, buf);
295 return 0;
296 case ARPHRD_INFINIBAND:
297 ipv6_ib_mc_map(addr, dev->broadcast, buf);
298 return 0;
299 case ARPHRD_IPGRE:
300 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
301 default:
302 if (dir) {
303 memcpy(buf, dev->broadcast, dev->addr_len);
304 return 0;
305 }
306 }
307 return -EINVAL;
308}
309EXPORT_SYMBOL(ndisc_mc_map);
310
311static u32 ndisc_hash(const void *pkey,
312 const struct net_device *dev,
313 __u32 *hash_rnd)
314{
315 return ndisc_hashfn(pkey, dev, hash_rnd);
316}
317
318static bool ndisc_key_eq(const struct neighbour *n, const void *pkey)
319{
320 return neigh_key_eq128(n, pkey);
321}
322
323static int ndisc_constructor(struct neighbour *neigh)
324{
325 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
326 struct net_device *dev = neigh->dev;
327 struct inet6_dev *in6_dev;
328 struct neigh_parms *parms;
329 bool is_multicast = ipv6_addr_is_multicast(addr);
330
331 in6_dev = in6_dev_get(dev);
332 if (!in6_dev) {
333 return -EINVAL;
334 }
335
336 parms = in6_dev->nd_parms;
337 __neigh_parms_put(neigh->parms);
338 neigh->parms = neigh_parms_clone(parms);
339
340 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
341 if (!dev->header_ops) {
342 neigh->nud_state = NUD_NOARP;
343 neigh->ops = &ndisc_direct_ops;
344 neigh->output = neigh_direct_output;
345 } else {
346 if (is_multicast) {
347 neigh->nud_state = NUD_NOARP;
348 ndisc_mc_map(addr, neigh->ha, dev, 1);
349 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
350 neigh->nud_state = NUD_NOARP;
351 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
352 if (dev->flags&IFF_LOOPBACK)
353 neigh->type = RTN_LOCAL;
354 } else if (dev->flags&IFF_POINTOPOINT) {
355 neigh->nud_state = NUD_NOARP;
356 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
357 }
358 if (dev->header_ops->cache)
359 neigh->ops = &ndisc_hh_ops;
360 else
361 neigh->ops = &ndisc_generic_ops;
362 if (neigh->nud_state&NUD_VALID)
363 neigh->output = neigh->ops->connected_output;
364 else
365 neigh->output = neigh->ops->output;
366 }
367 in6_dev_put(in6_dev);
368 return 0;
369}
370
371static int pndisc_constructor(struct pneigh_entry *n)
372{
373 struct in6_addr *addr = (struct in6_addr *)&n->key;
374 struct in6_addr maddr;
375 struct net_device *dev = n->dev;
376
377 if (!dev || !__in6_dev_get(dev))
378 return -EINVAL;
379 addrconf_addr_solict_mult(addr, &maddr);
380 ipv6_dev_mc_inc(dev, &maddr);
381 return 0;
382}
383
384static void pndisc_destructor(struct pneigh_entry *n)
385{
386 struct in6_addr *addr = (struct in6_addr *)&n->key;
387 struct in6_addr maddr;
388 struct net_device *dev = n->dev;
389
390 if (!dev || !__in6_dev_get(dev))
391 return;
392 addrconf_addr_solict_mult(addr, &maddr);
393 ipv6_dev_mc_dec(dev, &maddr);
394}
395
396static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
397 int len)
398{
399 int hlen = LL_RESERVED_SPACE(dev);
400 int tlen = dev->needed_tailroom;
401 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
402 struct sk_buff *skb;
403
404 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
405 if (!skb) {
406 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
407 __func__);
408 return NULL;
409 }
410
411 skb->protocol = htons(ETH_P_IPV6);
412 skb->dev = dev;
413
414 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
415 skb_reset_transport_header(skb);
416
417 /* Manually assign socket ownership as we avoid calling
418 * sock_alloc_send_pskb() to bypass wmem buffer limits
419 */
420 skb_set_owner_w(skb, sk);
421
422 return skb;
423}
424
425static void ip6_nd_hdr(struct sk_buff *skb,
426 const struct in6_addr *saddr,
427 const struct in6_addr *daddr,
428 int hop_limit, int len)
429{
430 struct ipv6hdr *hdr;
431 struct inet6_dev *idev;
432 unsigned tclass;
433
434 rcu_read_lock();
435 idev = __in6_dev_get(skb->dev);
436 tclass = idev ? idev->cnf.ndisc_tclass : 0;
437 rcu_read_unlock();
438
439 skb_push(skb, sizeof(*hdr));
440 skb_reset_network_header(skb);
441 hdr = ipv6_hdr(skb);
442
443 ip6_flow_hdr(hdr, tclass, 0);
444
445 hdr->payload_len = htons(len);
446 hdr->nexthdr = IPPROTO_ICMPV6;
447 hdr->hop_limit = hop_limit;
448
449 hdr->saddr = *saddr;
450 hdr->daddr = *daddr;
451}
452
453static void ndisc_send_skb(struct sk_buff *skb,
454 const struct in6_addr *daddr,
455 const struct in6_addr *saddr)
456{
457 struct dst_entry *dst = skb_dst(skb);
458 struct net *net = dev_net(skb->dev);
459 struct sock *sk = net->ipv6.ndisc_sk;
460 struct inet6_dev *idev;
461 int err;
462 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
463 u8 type;
464
465 type = icmp6h->icmp6_type;
466
467 if (!dst) {
468 struct flowi6 fl6;
469 int oif = skb->dev->ifindex;
470
471 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, oif);
472 dst = icmp6_dst_alloc(skb->dev, &fl6);
473 if (IS_ERR(dst)) {
474 kfree_skb(skb);
475 return;
476 }
477
478 skb_dst_set(skb, dst);
479 }
480
481 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
482 IPPROTO_ICMPV6,
483 csum_partial(icmp6h,
484 skb->len, 0));
485
486 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
487
488 rcu_read_lock();
489 idev = __in6_dev_get(dst->dev);
490 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
491
492 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
493 net, sk, skb, NULL, dst->dev,
494 dst_output);
495 if (!err) {
496 ICMP6MSGOUT_INC_STATS(net, idev, type);
497 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
498 }
499
500 rcu_read_unlock();
501}
502
503void ndisc_send_na(struct net_device *dev, const struct in6_addr *daddr,
504 const struct in6_addr *solicited_addr,
505 bool router, bool solicited, bool override, bool inc_opt)
506{
507 struct sk_buff *skb;
508 struct in6_addr tmpaddr;
509 struct inet6_ifaddr *ifp;
510 const struct in6_addr *src_addr;
511 struct nd_msg *msg;
512 int optlen = 0;
513
514 /* for anycast or proxy, solicited_addr != src_addr */
515 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
516 if (ifp) {
517 src_addr = solicited_addr;
518 if (ifp->flags & IFA_F_OPTIMISTIC)
519 override = false;
520 inc_opt |= ifp->idev->cnf.force_tllao;
521 in6_ifa_put(ifp);
522 } else {
523 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
524 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
525 &tmpaddr))
526 return;
527 src_addr = &tmpaddr;
528 }
529
530 if (!dev->addr_len)
531 inc_opt = false;
532 if (inc_opt)
533 optlen += ndisc_opt_addr_space(dev,
534 NDISC_NEIGHBOUR_ADVERTISEMENT);
535
536 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
537 if (!skb)
538 return;
539
540 msg = skb_put(skb, sizeof(*msg));
541 *msg = (struct nd_msg) {
542 .icmph = {
543 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
544 .icmp6_router = router,
545 .icmp6_solicited = solicited,
546 .icmp6_override = override,
547 },
548 .target = *solicited_addr,
549 };
550
551 if (inc_opt)
552 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
553 dev->dev_addr,
554 NDISC_NEIGHBOUR_ADVERTISEMENT);
555
556 ndisc_send_skb(skb, daddr, src_addr);
557}
558
559static void ndisc_send_unsol_na(struct net_device *dev)
560{
561 struct inet6_dev *idev;
562 struct inet6_ifaddr *ifa;
563
564 idev = in6_dev_get(dev);
565 if (!idev)
566 return;
567
568 read_lock_bh(&idev->lock);
569 list_for_each_entry(ifa, &idev->addr_list, if_list) {
570 /* skip tentative addresses until dad completes */
571 if (ifa->flags & IFA_F_TENTATIVE &&
572 !(ifa->flags & IFA_F_OPTIMISTIC))
573 continue;
574
575 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &ifa->addr,
576 /*router=*/ !!idev->cnf.forwarding,
577 /*solicited=*/ false, /*override=*/ true,
578 /*inc_opt=*/ true);
579 }
580 read_unlock_bh(&idev->lock);
581
582 in6_dev_put(idev);
583}
584
585void ndisc_send_ns(struct net_device *dev, const struct in6_addr *solicit,
586 const struct in6_addr *daddr, const struct in6_addr *saddr,
587 u64 nonce)
588{
589 struct sk_buff *skb;
590 struct in6_addr addr_buf;
591 int inc_opt = dev->addr_len;
592 int optlen = 0;
593 struct nd_msg *msg;
594
595 if (!saddr) {
596 if (ipv6_get_lladdr(dev, &addr_buf,
597 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
598 return;
599 saddr = &addr_buf;
600 }
601
602 if (ipv6_addr_any(saddr))
603 inc_opt = false;
604 if (inc_opt)
605 optlen += ndisc_opt_addr_space(dev,
606 NDISC_NEIGHBOUR_SOLICITATION);
607 if (nonce != 0)
608 optlen += 8;
609
610 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
611 if (!skb)
612 return;
613
614 msg = skb_put(skb, sizeof(*msg));
615 *msg = (struct nd_msg) {
616 .icmph = {
617 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
618 },
619 .target = *solicit,
620 };
621
622 if (inc_opt)
623 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
624 dev->dev_addr,
625 NDISC_NEIGHBOUR_SOLICITATION);
626 if (nonce != 0) {
627 u8 *opt = skb_put(skb, 8);
628
629 opt[0] = ND_OPT_NONCE;
630 opt[1] = 8 >> 3;
631 memcpy(opt + 2, &nonce, 6);
632 }
633
634 ndisc_send_skb(skb, daddr, saddr);
635}
636
637void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
638 const struct in6_addr *daddr)
639{
640 struct sk_buff *skb;
641 struct rs_msg *msg;
642 int send_sllao = dev->addr_len;
643 int optlen = 0;
644
645#ifdef CONFIG_IPV6_OPTIMISTIC_DAD
646 /*
647 * According to section 2.2 of RFC 4429, we must not
648 * send router solicitations with a sllao from
649 * optimistic addresses, but we may send the solicitation
650 * if we don't include the sllao. So here we check
651 * if our address is optimistic, and if so, we
652 * suppress the inclusion of the sllao.
653 */
654 if (send_sllao) {
655 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
656 dev, 1);
657 if (ifp) {
658 if (ifp->flags & IFA_F_OPTIMISTIC) {
659 send_sllao = 0;
660 }
661 in6_ifa_put(ifp);
662 } else {
663 send_sllao = 0;
664 }
665 }
666#endif
667 if (send_sllao)
668 optlen += ndisc_opt_addr_space(dev, NDISC_ROUTER_SOLICITATION);
669
670 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
671 if (!skb)
672 return;
673
674 msg = skb_put(skb, sizeof(*msg));
675 *msg = (struct rs_msg) {
676 .icmph = {
677 .icmp6_type = NDISC_ROUTER_SOLICITATION,
678 },
679 };
680
681 if (send_sllao)
682 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
683 dev->dev_addr,
684 NDISC_ROUTER_SOLICITATION);
685
686 ndisc_send_skb(skb, daddr, saddr);
687}
688
689
690static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
691{
692 /*
693 * "The sender MUST return an ICMP
694 * destination unreachable"
695 */
696 dst_link_failure(skb);
697 kfree_skb(skb);
698}
699
700/* Called with locked neigh: either read or both */
701
702static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
703{
704 struct in6_addr *saddr = NULL;
705 struct in6_addr mcaddr;
706 struct net_device *dev = neigh->dev;
707 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
708 int probes = atomic_read(&neigh->probes);
709
710 if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
711 dev, false, 1,
712 IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
713 saddr = &ipv6_hdr(skb)->saddr;
714 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
715 if (probes < 0) {
716 if (!(neigh->nud_state & NUD_VALID)) {
717 ND_PRINTK(1, dbg,
718 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
719 __func__, target);
720 }
721 ndisc_send_ns(dev, target, target, saddr, 0);
722 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
723 neigh_app_ns(neigh);
724 } else {
725 addrconf_addr_solict_mult(target, &mcaddr);
726 ndisc_send_ns(dev, target, &mcaddr, saddr, 0);
727 }
728}
729
730static int pndisc_is_router(const void *pkey,
731 struct net_device *dev)
732{
733 struct pneigh_entry *n;
734 int ret = -1;
735
736 read_lock_bh(&nd_tbl.lock);
737 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
738 if (n)
739 ret = !!(n->flags & NTF_ROUTER);
740 read_unlock_bh(&nd_tbl.lock);
741
742 return ret;
743}
744
745void ndisc_update(const struct net_device *dev, struct neighbour *neigh,
746 const u8 *lladdr, u8 new, u32 flags, u8 icmp6_type,
747 struct ndisc_options *ndopts)
748{
749 neigh_update(neigh, lladdr, new, flags, 0);
750 /* report ndisc ops about neighbour update */
751 ndisc_ops_update(dev, neigh, flags, icmp6_type, ndopts);
752}
753
754static void ndisc_recv_ns(struct sk_buff *skb)
755{
756 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
757 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
758 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
759 u8 *lladdr = NULL;
760 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
761 offsetof(struct nd_msg, opt));
762 struct ndisc_options ndopts;
763 struct net_device *dev = skb->dev;
764 struct inet6_ifaddr *ifp;
765 struct inet6_dev *idev = NULL;
766 struct neighbour *neigh;
767 int dad = ipv6_addr_any(saddr);
768 bool inc;
769 int is_router = -1;
770 u64 nonce = 0;
771
772 if (skb->len < sizeof(struct nd_msg)) {
773 ND_PRINTK(2, warn, "NS: packet too short\n");
774 return;
775 }
776
777 if (ipv6_addr_is_multicast(&msg->target)) {
778 ND_PRINTK(2, warn, "NS: multicast target address\n");
779 return;
780 }
781
782 /*
783 * RFC2461 7.1.1:
784 * DAD has to be destined for solicited node multicast address.
785 */
786 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
787 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
788 return;
789 }
790
791 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
792 ND_PRINTK(2, warn, "NS: invalid ND options\n");
793 return;
794 }
795
796 if (ndopts.nd_opts_src_lladdr) {
797 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
798 if (!lladdr) {
799 ND_PRINTK(2, warn,
800 "NS: invalid link-layer address length\n");
801 return;
802 }
803
804 /* RFC2461 7.1.1:
805 * If the IP source address is the unspecified address,
806 * there MUST NOT be source link-layer address option
807 * in the message.
808 */
809 if (dad) {
810 ND_PRINTK(2, warn,
811 "NS: bad DAD packet (link-layer address option)\n");
812 return;
813 }
814 }
815 if (ndopts.nd_opts_nonce && ndopts.nd_opts_nonce->nd_opt_len == 1)
816 memcpy(&nonce, (u8 *)(ndopts.nd_opts_nonce + 1), 6);
817
818 inc = ipv6_addr_is_multicast(daddr);
819
820 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
821 if (ifp) {
822have_ifp:
823 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
824 if (dad) {
825 if (nonce != 0 && ifp->dad_nonce == nonce) {
826 u8 *np = (u8 *)&nonce;
827 /* Matching nonce if looped back */
828 ND_PRINTK(2, notice,
829 "%s: IPv6 DAD loopback for address %pI6c nonce %pM ignored\n",
830 ifp->idev->dev->name,
831 &ifp->addr, np);
832 goto out;
833 }
834 /*
835 * We are colliding with another node
836 * who is doing DAD
837 * so fail our DAD process
838 */
839 addrconf_dad_failure(skb, ifp);
840 return;
841 } else {
842 /*
843 * This is not a dad solicitation.
844 * If we are an optimistic node,
845 * we should respond.
846 * Otherwise, we should ignore it.
847 */
848 if (!(ifp->flags & IFA_F_OPTIMISTIC))
849 goto out;
850 }
851 }
852
853 idev = ifp->idev;
854 } else {
855 struct net *net = dev_net(dev);
856
857 /* perhaps an address on the master device */
858 if (netif_is_l3_slave(dev)) {
859 struct net_device *mdev;
860
861 mdev = netdev_master_upper_dev_get_rcu(dev);
862 if (mdev) {
863 ifp = ipv6_get_ifaddr(net, &msg->target, mdev, 1);
864 if (ifp)
865 goto have_ifp;
866 }
867 }
868
869 idev = in6_dev_get(dev);
870 if (!idev) {
871 /* XXX: count this drop? */
872 return;
873 }
874
875 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
876 (idev->cnf.forwarding &&
877 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
878 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
879 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
880 skb->pkt_type != PACKET_HOST &&
881 inc &&
882 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
883 /*
884 * for anycast or proxy,
885 * sender should delay its response
886 * by a random time between 0 and
887 * MAX_ANYCAST_DELAY_TIME seconds.
888 * (RFC2461) -- yoshfuji
889 */
890 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
891 if (n)
892 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
893 goto out;
894 }
895 } else
896 goto out;
897 }
898
899 if (is_router < 0)
900 is_router = idev->cnf.forwarding;
901
902 if (dad) {
903 ndisc_send_na(dev, &in6addr_linklocal_allnodes, &msg->target,
904 !!is_router, false, (ifp != NULL), true);
905 goto out;
906 }
907
908 if (inc)
909 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
910 else
911 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
912
913 /*
914 * update / create cache entry
915 * for the source address
916 */
917 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
918 !inc || lladdr || !dev->addr_len);
919 if (neigh)
920 ndisc_update(dev, neigh, lladdr, NUD_STALE,
921 NEIGH_UPDATE_F_WEAK_OVERRIDE|
922 NEIGH_UPDATE_F_OVERRIDE,
923 NDISC_NEIGHBOUR_SOLICITATION, &ndopts);
924 if (neigh || !dev->header_ops) {
925 ndisc_send_na(dev, saddr, &msg->target, !!is_router,
926 true, (ifp != NULL && inc), inc);
927 if (neigh)
928 neigh_release(neigh);
929 }
930
931out:
932 if (ifp)
933 in6_ifa_put(ifp);
934 else
935 in6_dev_put(idev);
936}
937
938static void ndisc_recv_na(struct sk_buff *skb)
939{
940 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
941 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
942 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
943 u8 *lladdr = NULL;
944 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
945 offsetof(struct nd_msg, opt));
946 struct ndisc_options ndopts;
947 struct net_device *dev = skb->dev;
948 struct inet6_dev *idev = __in6_dev_get(dev);
949 struct inet6_ifaddr *ifp;
950 struct neighbour *neigh;
951
952 if (skb->len < sizeof(struct nd_msg)) {
953 ND_PRINTK(2, warn, "NA: packet too short\n");
954 return;
955 }
956
957 if (ipv6_addr_is_multicast(&msg->target)) {
958 ND_PRINTK(2, warn, "NA: target address is multicast\n");
959 return;
960 }
961
962 if (ipv6_addr_is_multicast(daddr) &&
963 msg->icmph.icmp6_solicited) {
964 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
965 return;
966 }
967
968 /* For some 802.11 wireless deployments (and possibly other networks),
969 * there will be a NA proxy and unsolicitd packets are attacks
970 * and thus should not be accepted.
971 */
972 if (!msg->icmph.icmp6_solicited && idev &&
973 idev->cnf.drop_unsolicited_na)
974 return;
975
976 if (!ndisc_parse_options(dev, msg->opt, ndoptlen, &ndopts)) {
977 ND_PRINTK(2, warn, "NS: invalid ND option\n");
978 return;
979 }
980 if (ndopts.nd_opts_tgt_lladdr) {
981 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
982 if (!lladdr) {
983 ND_PRINTK(2, warn,
984 "NA: invalid link-layer address length\n");
985 return;
986 }
987 }
988 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
989 if (ifp) {
990 if (skb->pkt_type != PACKET_LOOPBACK
991 && (ifp->flags & IFA_F_TENTATIVE)) {
992 addrconf_dad_failure(skb, ifp);
993 return;
994 }
995 /* What should we make now? The advertisement
996 is invalid, but ndisc specs say nothing
997 about it. It could be misconfiguration, or
998 an smart proxy agent tries to help us :-)
999
1000 We should not print the error if NA has been
1001 received from loopback - it is just our own
1002 unsolicited advertisement.
1003 */
1004 if (skb->pkt_type != PACKET_LOOPBACK)
1005 ND_PRINTK(1, warn,
1006 "NA: %pM advertised our address %pI6c on %s!\n",
1007 eth_hdr(skb)->h_source, &ifp->addr, ifp->idev->dev->name);
1008 in6_ifa_put(ifp);
1009 return;
1010 }
1011 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
1012
1013 if (neigh) {
1014 u8 old_flags = neigh->flags;
1015 struct net *net = dev_net(dev);
1016
1017 if (neigh->nud_state & NUD_FAILED)
1018 goto out;
1019
1020 /*
1021 * Don't update the neighbor cache entry on a proxy NA from
1022 * ourselves because either the proxied node is off link or it
1023 * has already sent a NA to us.
1024 */
1025 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
1026 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
1027 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
1028 /* XXX: idev->cnf.proxy_ndp */
1029 goto out;
1030 }
1031
1032 ndisc_update(dev, neigh, lladdr,
1033 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
1034 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1035 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
1036 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1037 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0),
1038 NDISC_NEIGHBOUR_ADVERTISEMENT, &ndopts);
1039
1040 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
1041 /*
1042 * Change: router to host
1043 */
1044 rt6_clean_tohost(dev_net(dev), saddr);
1045 }
1046
1047out:
1048 neigh_release(neigh);
1049 }
1050}
1051
1052static void ndisc_recv_rs(struct sk_buff *skb)
1053{
1054 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1055 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1056 struct neighbour *neigh;
1057 struct inet6_dev *idev;
1058 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1059 struct ndisc_options ndopts;
1060 u8 *lladdr = NULL;
1061
1062 if (skb->len < sizeof(*rs_msg))
1063 return;
1064
1065 idev = __in6_dev_get(skb->dev);
1066 if (!idev) {
1067 ND_PRINTK(1, err, "RS: can't find in6 device\n");
1068 return;
1069 }
1070
1071 /* Don't accept RS if we're not in router mode */
1072 if (!idev->cnf.forwarding)
1073 goto out;
1074
1075 /*
1076 * Don't update NCE if src = ::;
1077 * this implies that the source node has no ip address assigned yet.
1078 */
1079 if (ipv6_addr_any(saddr))
1080 goto out;
1081
1082 /* Parse ND options */
1083 if (!ndisc_parse_options(skb->dev, rs_msg->opt, ndoptlen, &ndopts)) {
1084 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
1085 goto out;
1086 }
1087
1088 if (ndopts.nd_opts_src_lladdr) {
1089 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1090 skb->dev);
1091 if (!lladdr)
1092 goto out;
1093 }
1094
1095 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1096 if (neigh) {
1097 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1098 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1099 NEIGH_UPDATE_F_OVERRIDE|
1100 NEIGH_UPDATE_F_OVERRIDE_ISROUTER,
1101 NDISC_ROUTER_SOLICITATION, &ndopts);
1102 neigh_release(neigh);
1103 }
1104out:
1105 return;
1106}
1107
1108static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1109{
1110 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1111 struct sk_buff *skb;
1112 struct nlmsghdr *nlh;
1113 struct nduseroptmsg *ndmsg;
1114 struct net *net = dev_net(ra->dev);
1115 int err;
1116 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1117 + (opt->nd_opt_len << 3));
1118 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1119
1120 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1121 if (!skb) {
1122 err = -ENOBUFS;
1123 goto errout;
1124 }
1125
1126 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1127 if (!nlh) {
1128 goto nla_put_failure;
1129 }
1130
1131 ndmsg = nlmsg_data(nlh);
1132 ndmsg->nduseropt_family = AF_INET6;
1133 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1134 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1135 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1136 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1137
1138 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1139
1140 if (nla_put_in6_addr(skb, NDUSEROPT_SRCADDR, &ipv6_hdr(ra)->saddr))
1141 goto nla_put_failure;
1142 nlmsg_end(skb, nlh);
1143
1144 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1145 return;
1146
1147nla_put_failure:
1148 nlmsg_free(skb);
1149 err = -EMSGSIZE;
1150errout:
1151 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1152}
1153
1154static void ndisc_router_discovery(struct sk_buff *skb)
1155{
1156 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1157 struct neighbour *neigh = NULL;
1158 struct inet6_dev *in6_dev;
1159 struct fib6_info *rt = NULL;
1160 struct net *net;
1161 int lifetime;
1162 struct ndisc_options ndopts;
1163 int optlen;
1164 unsigned int pref = 0;
1165 __u32 old_if_flags;
1166 bool send_ifinfo_notify = false;
1167
1168 __u8 *opt = (__u8 *)(ra_msg + 1);
1169
1170 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1171 sizeof(struct ra_msg);
1172
1173 ND_PRINTK(2, info,
1174 "RA: %s, dev: %s\n",
1175 __func__, skb->dev->name);
1176 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1177 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1178 return;
1179 }
1180 if (optlen < 0) {
1181 ND_PRINTK(2, warn, "RA: packet too short\n");
1182 return;
1183 }
1184
1185#ifdef CONFIG_IPV6_NDISC_NODETYPE
1186 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1187 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1188 return;
1189 }
1190#endif
1191
1192 /*
1193 * set the RA_RECV flag in the interface
1194 */
1195
1196 in6_dev = __in6_dev_get(skb->dev);
1197 if (!in6_dev) {
1198 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1199 skb->dev->name);
1200 return;
1201 }
1202
1203 if (!ndisc_parse_options(skb->dev, opt, optlen, &ndopts)) {
1204 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1205 return;
1206 }
1207
1208 if (!ipv6_accept_ra(in6_dev)) {
1209 ND_PRINTK(2, info,
1210 "RA: %s, did not accept ra for dev: %s\n",
1211 __func__, skb->dev->name);
1212 goto skip_linkparms;
1213 }
1214
1215#ifdef CONFIG_IPV6_NDISC_NODETYPE
1216 /* skip link-specific parameters from interior routers */
1217 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1218 ND_PRINTK(2, info,
1219 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1220 __func__, skb->dev->name);
1221 goto skip_linkparms;
1222 }
1223#endif
1224
1225 if (in6_dev->if_flags & IF_RS_SENT) {
1226 /*
1227 * flag that an RA was received after an RS was sent
1228 * out on this interface.
1229 */
1230 in6_dev->if_flags |= IF_RA_RCVD;
1231 }
xj112b9672022-01-25 16:13:48 +0800[diff] [blame]1232 if ((sysctl_optr == MTK_IPV6_VZW_ALL ||
1233 sysctl_optr == MTK_IPV6_EX_RS_INTERVAL) &&
1234 (strncmp(in6_dev->dev->name, "ccmni", 2) == 0)) {
xjb04a4022021-11-25 15:01:52 +0800[diff] [blame]1235 /*add for VzW feature : remove IF_RS_VZW_SENT flag*/
1236 if (in6_dev->if_flags & IF_RS_VZW_SENT)
1237 in6_dev->if_flags &= ~IF_RS_VZW_SENT;
1238 }
1239
1240 /*
1241 * Remember the managed/otherconf flags from most recently
1242 * received RA message (RFC 2462) -- yoshfuji
1243 */
1244 old_if_flags = in6_dev->if_flags;
1245 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1246 IF_RA_OTHERCONF)) |
1247 (ra_msg->icmph.icmp6_addrconf_managed ?
1248 IF_RA_MANAGED : 0) |
1249 (ra_msg->icmph.icmp6_addrconf_other ?
1250 IF_RA_OTHERCONF : 0);
1251
1252 if (old_if_flags != in6_dev->if_flags)
1253 send_ifinfo_notify = true;
1254
1255 if (!in6_dev->cnf.accept_ra_defrtr) {
1256 ND_PRINTK(2, info,
1257 "RA: %s, defrtr is false for dev: %s\n",
1258 __func__, skb->dev->name);
1259 goto skip_defrtr;
1260 }
1261
1262 /* Do not accept RA with source-addr found on local machine unless
1263 * accept_ra_from_local is set to true.
1264 */
1265 net = dev_net(in6_dev->dev);
1266 if (!in6_dev->cnf.accept_ra_from_local &&
1267 ipv6_chk_addr(net, &ipv6_hdr(skb)->saddr, in6_dev->dev, 0)) {
1268 ND_PRINTK(2, info,
1269 "RA from local address detected on dev: %s: default router ignored\n",
1270 skb->dev->name);
1271 goto skip_defrtr;
1272 }
1273
1274 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1275
1276#ifdef CONFIG_IPV6_ROUTER_PREF
1277 pref = ra_msg->icmph.icmp6_router_pref;
1278 /* 10b is handled as if it were 00b (medium) */
1279 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1280 !in6_dev->cnf.accept_ra_rtr_pref)
1281 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1282#endif
1283
1284 rt = rt6_get_dflt_router(net, &ipv6_hdr(skb)->saddr, skb->dev);
1285
1286 if (rt) {
1287 neigh = ip6_neigh_lookup(&rt->fib6_nh.nh_gw,
1288 rt->fib6_nh.nh_dev, NULL,
1289 &ipv6_hdr(skb)->saddr);
1290 if (!neigh) {
1291 ND_PRINTK(0, err,
1292 "RA: %s got default router without neighbour\n",
1293 __func__);
1294 fib6_info_release(rt);
1295 return;
1296 }
1297 }
1298 if (rt && lifetime == 0) {
1299 ip6_del_rt(net, rt);
1300 rt = NULL;
1301 }
1302
1303 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1304 rt, lifetime, skb->dev->name);
1305 if (!rt && lifetime) {
1306 ND_PRINTK(3, info, "RA: adding default router\n");
1307
1308 rt = rt6_add_dflt_router(net, &ipv6_hdr(skb)->saddr,
1309 skb->dev, pref);
1310 if (!rt) {
1311 ND_PRINTK(0, err,
1312 "RA: %s failed to add default route\n",
1313 __func__);
1314 return;
1315 }
1316
1317 neigh = ip6_neigh_lookup(&rt->fib6_nh.nh_gw,
1318 rt->fib6_nh.nh_dev, NULL,
1319 &ipv6_hdr(skb)->saddr);
1320 if (!neigh) {
1321 ND_PRINTK(0, err,
1322 "RA: %s got default router without neighbour\n",
1323 __func__);
1324 fib6_info_release(rt);
1325 return;
1326 }
1327 neigh->flags |= NTF_ROUTER;
1328 } else if (rt) {
1329 rt->fib6_flags = (rt->fib6_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1330 }
1331
1332 if (rt)
1333 fib6_set_expires(rt, jiffies + (HZ * lifetime));
1334 if (in6_dev->cnf.accept_ra_min_hop_limit < 256 &&
1335 ra_msg->icmph.icmp6_hop_limit) {
1336 if (in6_dev->cnf.accept_ra_min_hop_limit <= ra_msg->icmph.icmp6_hop_limit) {
1337 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1338 fib6_metric_set(rt, RTAX_HOPLIMIT,
1339 ra_msg->icmph.icmp6_hop_limit);
1340 } else {
1341 ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than minimum\n");
1342 }
1343 }
1344
1345skip_defrtr:
1346
1347 /*
1348 * Update Reachable Time and Retrans Timer
1349 */
1350
1351 if (in6_dev->nd_parms) {
1352 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1353
1354 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1355 rtime = (rtime*HZ)/1000;
1356 if (rtime < HZ/10)
1357 rtime = HZ/10;
1358 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1359 in6_dev->tstamp = jiffies;
1360 send_ifinfo_notify = true;
1361 }
1362
1363 rtime = ntohl(ra_msg->reachable_time);
1364 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1365 rtime = (rtime*HZ)/1000;
1366
1367 if (rtime < HZ/10)
1368 rtime = HZ/10;
1369
1370 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1371 NEIGH_VAR_SET(in6_dev->nd_parms,
1372 BASE_REACHABLE_TIME, rtime);
1373 NEIGH_VAR_SET(in6_dev->nd_parms,
1374 GC_STALETIME, 3 * rtime);
1375 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1376 in6_dev->tstamp = jiffies;
1377 send_ifinfo_notify = true;
1378 }
1379 }
1380 }
1381
1382 /*
1383 * Send a notify if RA changed managed/otherconf flags or timer settings
1384 */
1385 if (send_ifinfo_notify)
1386 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1387
1388skip_linkparms:
1389
1390 /*
1391 * Process options.
1392 */
1393
1394 if (!neigh)
1395 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1396 skb->dev, 1);
1397 if (neigh) {
1398 u8 *lladdr = NULL;
1399 if (ndopts.nd_opts_src_lladdr) {
1400 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1401 skb->dev);
1402 if (!lladdr) {
1403 ND_PRINTK(2, warn,
1404 "RA: invalid link-layer address length\n");
1405 goto out;
1406 }
1407 }
1408 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
1409 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1410 NEIGH_UPDATE_F_OVERRIDE|
1411 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1412 NEIGH_UPDATE_F_ISROUTER,
1413 NDISC_ROUTER_ADVERTISEMENT, &ndopts);
1414 }
1415
1416 if (!ipv6_accept_ra(in6_dev)) {
1417 ND_PRINTK(2, info,
1418 "RA: %s, accept_ra is false for dev: %s\n",
1419 __func__, skb->dev->name);
1420 goto out;
1421 }
1422
1423#ifdef CONFIG_IPV6_ROUTE_INFO
1424 if (!in6_dev->cnf.accept_ra_from_local &&
1425 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1426 in6_dev->dev, 0)) {
1427 ND_PRINTK(2, info,
1428 "RA from local address detected on dev: %s: router info ignored.\n",
1429 skb->dev->name);
1430 goto skip_routeinfo;
1431 }
1432
1433 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1434 struct nd_opt_hdr *p;
1435 for (p = ndopts.nd_opts_ri;
1436 p;
1437 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1438 struct route_info *ri = (struct route_info *)p;
1439#ifdef CONFIG_IPV6_NDISC_NODETYPE
1440 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1441 ri->prefix_len == 0)
1442 continue;
1443#endif
1444 if (ri->prefix_len == 0 &&
1445 !in6_dev->cnf.accept_ra_defrtr)
1446 continue;
1447 if (ri->prefix_len < in6_dev->cnf.accept_ra_rt_info_min_plen)
1448 continue;
1449 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1450 continue;
1451 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1452 &ipv6_hdr(skb)->saddr);
1453 }
1454 }
1455
1456skip_routeinfo:
1457#endif
1458
1459#ifdef CONFIG_IPV6_NDISC_NODETYPE
1460 /* skip link-specific ndopts from interior routers */
1461 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1462 ND_PRINTK(2, info,
1463 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1464 __func__, skb->dev->name);
1465 goto out;
1466 }
1467#endif
1468
1469 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1470 struct nd_opt_hdr *p;
1471 for (p = ndopts.nd_opts_pi;
1472 p;
1473 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1474 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1475 (p->nd_opt_len) << 3,
1476 ndopts.nd_opts_src_lladdr != NULL);
1477 }
1478 }
1479
1480 if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1481 __be32 n;
1482 u32 mtu;
1483
1484 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1485 mtu = ntohl(n);
1486
1487 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1488 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1489 } else if (in6_dev->cnf.mtu6 != mtu) {
1490 in6_dev->cnf.mtu6 = mtu;
1491 fib6_metric_set(rt, RTAX_MTU, mtu);
1492 rt6_mtu_change(skb->dev, mtu);
1493 }
1494 }
1495
1496 if (ndopts.nd_useropts) {
1497 struct nd_opt_hdr *p;
1498 for (p = ndopts.nd_useropts;
1499 p;
1500 p = ndisc_next_useropt(skb->dev, p,
1501 ndopts.nd_useropts_end)) {
1502 ndisc_ra_useropt(skb, p);
1503 }
1504 }
1505
1506 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1507 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1508 }
1509out:
1510 fib6_info_release(rt);
1511 if (neigh)
1512 neigh_release(neigh);
1513}
1514
1515static void ndisc_redirect_rcv(struct sk_buff *skb)
1516{
1517 u8 *hdr;
1518 struct ndisc_options ndopts;
1519 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1520 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1521 offsetof(struct rd_msg, opt));
1522
1523#ifdef CONFIG_IPV6_NDISC_NODETYPE
1524 switch (skb->ndisc_nodetype) {
1525 case NDISC_NODETYPE_HOST:
1526 case NDISC_NODETYPE_NODEFAULT:
1527 ND_PRINTK(2, warn,
1528 "Redirect: from host or unauthorized router\n");
1529 return;
1530 }
1531#endif
1532
1533 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1534 ND_PRINTK(2, warn,
1535 "Redirect: source address is not link-local\n");
1536 return;
1537 }
1538
1539 if (!ndisc_parse_options(skb->dev, msg->opt, ndoptlen, &ndopts))
1540 return;
1541
1542 if (!ndopts.nd_opts_rh) {
1543 ip6_redirect_no_header(skb, dev_net(skb->dev),
1544 skb->dev->ifindex, 0);
1545 return;
1546 }
1547
1548 hdr = (u8 *)ndopts.nd_opts_rh;
1549 hdr += 8;
1550 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1551 return;
1552
1553 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1554}
1555
1556static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1557 struct sk_buff *orig_skb,
1558 int rd_len)
1559{
1560 u8 *opt = skb_put(skb, rd_len);
1561
1562 memset(opt, 0, 8);
1563 *(opt++) = ND_OPT_REDIRECT_HDR;
1564 *(opt++) = (rd_len >> 3);
1565 opt += 6;
1566
1567 skb_copy_bits(orig_skb, skb_network_offset(orig_skb), opt,
1568 rd_len - 8);
1569}
1570
1571void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1572{
1573 struct net_device *dev = skb->dev;
1574 struct net *net = dev_net(dev);
1575 struct sock *sk = net->ipv6.ndisc_sk;
1576 int optlen = 0;
1577 struct inet_peer *peer;
1578 struct sk_buff *buff;
1579 struct rd_msg *msg;
1580 struct in6_addr saddr_buf;
1581 struct rt6_info *rt;
1582 struct dst_entry *dst;
1583 struct flowi6 fl6;
1584 int rd_len;
1585 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL,
1586 ops_data_buf[NDISC_OPS_REDIRECT_DATA_SPACE], *ops_data = NULL;
1587 bool ret;
1588
1589 if (netif_is_l3_master(skb->dev)) {
1590 dev = __dev_get_by_index(dev_net(skb->dev), IPCB(skb)->iif);
1591 if (!dev)
1592 return;
1593 }
1594
1595 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1596 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1597 dev->name);
1598 return;
1599 }
1600
1601 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1602 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1603 ND_PRINTK(2, warn,
1604 "Redirect: target address is not link-local unicast\n");
1605 return;
1606 }
1607
1608 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1609 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1610
1611 dst = ip6_route_output(net, NULL, &fl6);
1612 if (dst->error) {
1613 dst_release(dst);
1614 return;
1615 }
1616 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1617 if (IS_ERR(dst))
1618 return;
1619
1620 rt = (struct rt6_info *) dst;
1621
1622 if (rt->rt6i_flags & RTF_GATEWAY) {
1623 ND_PRINTK(2, warn,
1624 "Redirect: destination is not a neighbour\n");
1625 goto release;
1626 }
1627 peer = inet_getpeer_v6(net->ipv6.peers, &ipv6_hdr(skb)->saddr, 1);
1628 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1629 if (peer)
1630 inet_putpeer(peer);
1631 if (!ret)
1632 goto release;
1633
1634 if (dev->addr_len) {
1635 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1636 if (!neigh) {
1637 ND_PRINTK(2, warn,
1638 "Redirect: no neigh for target address\n");
1639 goto release;
1640 }
1641
1642 read_lock_bh(&neigh->lock);
1643 if (neigh->nud_state & NUD_VALID) {
1644 memcpy(ha_buf, neigh->ha, dev->addr_len);
1645 read_unlock_bh(&neigh->lock);
1646 ha = ha_buf;
1647 optlen += ndisc_redirect_opt_addr_space(dev, neigh,
1648 ops_data_buf,
1649 &ops_data);
1650 } else
1651 read_unlock_bh(&neigh->lock);
1652
1653 neigh_release(neigh);
1654 }
1655
1656 rd_len = min_t(unsigned int,
1657 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1658 skb->len + 8);
1659 rd_len &= ~0x7;
1660 optlen += rd_len;
1661
1662 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1663 if (!buff)
1664 goto release;
1665
1666 msg = skb_put(buff, sizeof(*msg));
1667 *msg = (struct rd_msg) {
1668 .icmph = {
1669 .icmp6_type = NDISC_REDIRECT,
1670 },
1671 .target = *target,
1672 .dest = ipv6_hdr(skb)->daddr,
1673 };
1674
1675 /*
1676 * include target_address option
1677 */
1678
1679 if (ha)
1680 ndisc_fill_redirect_addr_option(buff, ha, ops_data);
1681
1682 /*
1683 * build redirect option and copy skb over to the new packet.
1684 */
1685
1686 if (rd_len)
1687 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1688
1689 skb_dst_set(buff, dst);
1690 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1691 return;
1692
1693release:
1694 dst_release(dst);
1695}
1696
1697static void pndisc_redo(struct sk_buff *skb)
1698{
1699 ndisc_recv_ns(skb);
1700 kfree_skb(skb);
1701}
1702
1703static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1704{
1705 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1706
1707 if (!idev)
1708 return true;
1709 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1710 idev->cnf.suppress_frag_ndisc) {
1711 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1712 return true;
1713 }
1714 return false;
1715}
1716
1717int ndisc_rcv(struct sk_buff *skb)
1718{
1719 struct nd_msg *msg;
1720
1721 if (ndisc_suppress_frag_ndisc(skb))
1722 return 0;
1723
1724 if (skb_linearize(skb))
1725 return 0;
1726
1727 msg = (struct nd_msg *)skb_transport_header(skb);
1728
1729 __skb_push(skb, skb->data - skb_transport_header(skb));
1730
1731 if (ipv6_hdr(skb)->hop_limit != 255) {
1732 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1733 ipv6_hdr(skb)->hop_limit);
1734 return 0;
1735 }
1736
1737 if (msg->icmph.icmp6_code != 0) {
1738 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1739 msg->icmph.icmp6_code);
1740 return 0;
1741 }
1742
1743 switch (msg->icmph.icmp6_type) {
1744 case NDISC_NEIGHBOUR_SOLICITATION:
1745 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1746 ndisc_recv_ns(skb);
1747 break;
1748
1749 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1750 ndisc_recv_na(skb);
1751 break;
1752
1753 case NDISC_ROUTER_SOLICITATION:
1754 ndisc_recv_rs(skb);
1755 break;
1756
1757 case NDISC_ROUTER_ADVERTISEMENT:
1758 ndisc_router_discovery(skb);
1759 break;
1760
1761 case NDISC_REDIRECT:
1762 ndisc_redirect_rcv(skb);
1763 break;
1764 }
1765
1766 return 0;
1767}
1768
1769static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1770{
1771 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1772 struct netdev_notifier_change_info *change_info;
1773 struct net *net = dev_net(dev);
1774 struct inet6_dev *idev;
1775
1776 switch (event) {
1777 case NETDEV_CHANGEADDR:
1778 neigh_changeaddr(&nd_tbl, dev);
1779 fib6_run_gc(0, net, false);
1780 /* fallthrough */
1781 case NETDEV_UP:
1782 idev = in6_dev_get(dev);
1783 if (!idev)
1784 break;
1785 if (idev->cnf.ndisc_notify ||
1786 net->ipv6.devconf_all->ndisc_notify)
1787 ndisc_send_unsol_na(dev);
1788 in6_dev_put(idev);
1789 break;
1790 case NETDEV_CHANGE:
1791 change_info = ptr;
1792 if (change_info->flags_changed & IFF_NOARP)
1793 neigh_changeaddr(&nd_tbl, dev);
1794 break;
1795 case NETDEV_DOWN:
1796 neigh_ifdown(&nd_tbl, dev);
1797 fib6_run_gc(0, net, false);
1798 break;
1799 case NETDEV_NOTIFY_PEERS:
1800 ndisc_send_unsol_na(dev);
1801 break;
1802 default:
1803 break;
1804 }
1805
1806 return NOTIFY_DONE;
1807}
1808
1809static struct notifier_block ndisc_netdev_notifier = {
1810 .notifier_call = ndisc_netdev_event,
1811 .priority = ADDRCONF_NOTIFY_PRIORITY - 5,
1812};
1813
1814#ifdef CONFIG_SYSCTL
1815static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1816 const char *func, const char *dev_name)
1817{
1818 static char warncomm[TASK_COMM_LEN];
1819 static int warned;
1820 if (strcmp(warncomm, current->comm) && warned < 5) {
1821 strcpy(warncomm, current->comm);
1822 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1823 warncomm, func,
1824 dev_name, ctl->procname,
1825 dev_name, ctl->procname);
1826 warned++;
1827 }
1828}
1829
1830int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1831{
1832 struct net_device *dev = ctl->extra1;
1833 struct inet6_dev *idev;
1834 int ret;
1835
1836 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1837 (strcmp(ctl->procname, "base_reachable_time") == 0))
1838 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1839
1840 if (strcmp(ctl->procname, "retrans_time") == 0)
1841 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1842
1843 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1844 ret = neigh_proc_dointvec_jiffies(ctl, write,
1845 buffer, lenp, ppos);
1846
1847 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1848 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1849 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1850 buffer, lenp, ppos);
1851 else
1852 ret = -1;
1853
1854 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1855 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1856 idev->nd_parms->reachable_time =
1857 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1858 idev->tstamp = jiffies;
1859 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1860 in6_dev_put(idev);
1861 }
1862 return ret;
1863}
1864
1865
1866#endif
1867
1868static int __net_init ndisc_net_init(struct net *net)
1869{
1870 struct ipv6_pinfo *np;
1871 struct sock *sk;
1872 int err;
1873
1874 err = inet_ctl_sock_create(&sk, PF_INET6,
1875 SOCK_RAW, IPPROTO_ICMPV6, net);
1876 if (err < 0) {
1877 ND_PRINTK(0, err,
1878 "NDISC: Failed to initialize the control socket (err %d)\n",
1879 err);
1880 return err;
1881 }
1882
1883 net->ipv6.ndisc_sk = sk;
1884
1885 np = inet6_sk(sk);
1886 np->hop_limit = 255;
1887 /* Do not loopback ndisc messages */
1888 np->mc_loop = 0;
1889
1890 return 0;
1891}
1892
1893static void __net_exit ndisc_net_exit(struct net *net)
1894{
1895 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1896}
1897
1898static struct pernet_operations ndisc_net_ops = {
1899 .init = ndisc_net_init,
1900 .exit = ndisc_net_exit,
1901};
1902
1903int __init ndisc_init(void)
1904{
1905 int err;
1906
1907 err = register_pernet_subsys(&ndisc_net_ops);
1908 if (err)
1909 return err;
1910 /*
1911 * Initialize the neighbour table
1912 */
1913 neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1914
1915#ifdef CONFIG_SYSCTL
1916 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1917 ndisc_ifinfo_sysctl_change);
1918 if (err)
1919 goto out_unregister_pernet;
1920out:
1921#endif
1922 return err;
1923
1924#ifdef CONFIG_SYSCTL
1925out_unregister_pernet:
1926 unregister_pernet_subsys(&ndisc_net_ops);
1927 goto out;
1928#endif
1929}
1930
1931int __init ndisc_late_init(void)
1932{
1933 return register_netdevice_notifier(&ndisc_netdev_notifier);
1934}
1935
1936void ndisc_late_cleanup(void)
1937{
1938 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1939}
1940
1941void ndisc_cleanup(void)
1942{
1943#ifdef CONFIG_SYSCTL
1944 neigh_sysctl_unregister(&nd_tbl.parms);
1945#endif
1946 neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1947 unregister_pernet_subsys(&ndisc_net_ops);
1948}