2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
30 #define pr_fmt(fmt) "ICMPv6: " fmt
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
45 #include <linux/sysctl.h>
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
75 /* Set to 3 to get tracing... */
78 #define ND_PRINTK(val, level, fmt, ...) \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
84 static u32 ndisc_hash(const void *pkey,
85 const struct net_device *dev,
87 static int ndisc_constructor(struct neighbour *neigh);
88 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
89 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
90 static int pndisc_constructor(struct pneigh_entry *n);
91 static void pndisc_destructor(struct pneigh_entry *n);
92 static void pndisc_redo(struct sk_buff *skb);
94 static const struct neigh_ops ndisc_generic_ops = {
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_connected_output,
102 static const struct neigh_ops ndisc_hh_ops = {
104 .solicit = ndisc_solicit,
105 .error_report = ndisc_error_report,
106 .output = neigh_resolve_output,
107 .connected_output = neigh_resolve_output,
111 static const struct neigh_ops ndisc_direct_ops = {
113 .output = neigh_direct_output,
114 .connected_output = neigh_direct_output,
117 struct neigh_table nd_tbl = {
119 .key_len = sizeof(struct in6_addr),
121 .constructor = ndisc_constructor,
122 .pconstructor = pndisc_constructor,
123 .pdestructor = pndisc_destructor,
124 .proxy_redo = pndisc_redo,
128 .reachable_time = ND_REACHABLE_TIME,
130 [NEIGH_VAR_MCAST_PROBES] = 3,
131 [NEIGH_VAR_UCAST_PROBES] = 3,
132 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
133 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
134 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
135 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
136 [NEIGH_VAR_QUEUE_LEN_BYTES] = 64 * 1024,
137 [NEIGH_VAR_PROXY_QLEN] = 64,
138 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
139 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
142 .gc_interval = 30 * HZ,
148 static void ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data)
150 int pad = ndisc_addr_option_pad(skb->dev->type);
151 int data_len = skb->dev->addr_len;
152 int space = ndisc_opt_addr_space(skb->dev);
153 u8 *opt = skb_put(skb, space);
158 memset(opt + 2, 0, pad);
162 memcpy(opt+2, data, data_len);
167 memset(opt, 0, space);
170 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
171 struct nd_opt_hdr *end)
174 if (!cur || !end || cur >= end)
176 type = cur->nd_opt_type;
178 cur = ((void *)cur) + (cur->nd_opt_len << 3);
179 } while (cur < end && cur->nd_opt_type != type);
180 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
183 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
185 return opt->nd_opt_type == ND_OPT_RDNSS ||
186 opt->nd_opt_type == ND_OPT_DNSSL;
189 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
190 struct nd_opt_hdr *end)
192 if (!cur || !end || cur >= end)
195 cur = ((void *)cur) + (cur->nd_opt_len << 3);
196 } while (cur < end && !ndisc_is_useropt(cur));
197 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
200 struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
201 struct ndisc_options *ndopts)
203 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
205 if (!nd_opt || opt_len < 0 || !ndopts)
207 memset(ndopts, 0, sizeof(*ndopts));
210 if (opt_len < sizeof(struct nd_opt_hdr))
212 l = nd_opt->nd_opt_len << 3;
213 if (opt_len < l || l == 0)
215 switch (nd_opt->nd_opt_type) {
216 case ND_OPT_SOURCE_LL_ADDR:
217 case ND_OPT_TARGET_LL_ADDR:
219 case ND_OPT_REDIRECT_HDR:
220 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
222 "%s: duplicated ND6 option found: type=%d\n",
223 __func__, nd_opt->nd_opt_type);
225 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
228 case ND_OPT_PREFIX_INFO:
229 ndopts->nd_opts_pi_end = nd_opt;
230 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
231 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
233 #ifdef CONFIG_IPV6_ROUTE_INFO
234 case ND_OPT_ROUTE_INFO:
235 ndopts->nd_opts_ri_end = nd_opt;
236 if (!ndopts->nd_opts_ri)
237 ndopts->nd_opts_ri = nd_opt;
241 if (ndisc_is_useropt(nd_opt)) {
242 ndopts->nd_useropts_end = nd_opt;
243 if (!ndopts->nd_useropts)
244 ndopts->nd_useropts = nd_opt;
247 * Unknown options must be silently ignored,
248 * to accommodate future extension to the
252 "%s: ignored unsupported option; type=%d, len=%d\n",
259 nd_opt = ((void *)nd_opt) + l;
264 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
268 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
270 ipv6_eth_mc_map(addr, buf);
273 ipv6_arcnet_mc_map(addr, buf);
275 case ARPHRD_INFINIBAND:
276 ipv6_ib_mc_map(addr, dev->broadcast, buf);
279 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
282 memcpy(buf, dev->broadcast, dev->addr_len);
288 EXPORT_SYMBOL(ndisc_mc_map);
290 static u32 ndisc_hash(const void *pkey,
291 const struct net_device *dev,
294 return ndisc_hashfn(pkey, dev, hash_rnd);
297 static int ndisc_constructor(struct neighbour *neigh)
299 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
300 struct net_device *dev = neigh->dev;
301 struct inet6_dev *in6_dev;
302 struct neigh_parms *parms;
303 bool is_multicast = ipv6_addr_is_multicast(addr);
305 in6_dev = in6_dev_get(dev);
306 if (in6_dev == NULL) {
310 parms = in6_dev->nd_parms;
311 __neigh_parms_put(neigh->parms);
312 neigh->parms = neigh_parms_clone(parms);
314 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
315 if (!dev->header_ops) {
316 neigh->nud_state = NUD_NOARP;
317 neigh->ops = &ndisc_direct_ops;
318 neigh->output = neigh_direct_output;
321 neigh->nud_state = NUD_NOARP;
322 ndisc_mc_map(addr, neigh->ha, dev, 1);
323 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
324 neigh->nud_state = NUD_NOARP;
325 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
326 if (dev->flags&IFF_LOOPBACK)
327 neigh->type = RTN_LOCAL;
328 } else if (dev->flags&IFF_POINTOPOINT) {
329 neigh->nud_state = NUD_NOARP;
330 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
332 if (dev->header_ops->cache)
333 neigh->ops = &ndisc_hh_ops;
335 neigh->ops = &ndisc_generic_ops;
336 if (neigh->nud_state&NUD_VALID)
337 neigh->output = neigh->ops->connected_output;
339 neigh->output = neigh->ops->output;
341 in6_dev_put(in6_dev);
345 static int pndisc_constructor(struct pneigh_entry *n)
347 struct in6_addr *addr = (struct in6_addr *)&n->key;
348 struct in6_addr maddr;
349 struct net_device *dev = n->dev;
351 if (dev == NULL || __in6_dev_get(dev) == NULL)
353 addrconf_addr_solict_mult(addr, &maddr);
354 ipv6_dev_mc_inc(dev, &maddr);
358 static void pndisc_destructor(struct pneigh_entry *n)
360 struct in6_addr *addr = (struct in6_addr *)&n->key;
361 struct in6_addr maddr;
362 struct net_device *dev = n->dev;
364 if (dev == NULL || __in6_dev_get(dev) == NULL)
366 addrconf_addr_solict_mult(addr, &maddr);
367 ipv6_dev_mc_dec(dev, &maddr);
370 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
373 int hlen = LL_RESERVED_SPACE(dev);
374 int tlen = dev->needed_tailroom;
375 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
378 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
380 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
385 skb->protocol = htons(ETH_P_IPV6);
388 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
389 skb_reset_transport_header(skb);
391 /* Manually assign socket ownership as we avoid calling
392 * sock_alloc_send_pskb() to bypass wmem buffer limits
394 skb_set_owner_w(skb, sk);
399 static void ip6_nd_hdr(struct sk_buff *skb,
400 const struct in6_addr *saddr,
401 const struct in6_addr *daddr,
402 int hop_limit, int len)
406 skb_push(skb, sizeof(*hdr));
407 skb_reset_network_header(skb);
410 ip6_flow_hdr(hdr, 0, 0);
412 hdr->payload_len = htons(len);
413 hdr->nexthdr = IPPROTO_ICMPV6;
414 hdr->hop_limit = hop_limit;
420 static void ndisc_send_skb(struct sk_buff *skb,
421 const struct in6_addr *daddr,
422 const struct in6_addr *saddr)
424 struct dst_entry *dst = skb_dst(skb);
425 struct net *net = dev_net(skb->dev);
426 struct sock *sk = net->ipv6.ndisc_sk;
427 struct inet6_dev *idev;
429 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
432 type = icmp6h->icmp6_type;
437 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, skb->dev->ifindex);
438 dst = icmp6_dst_alloc(skb->dev, &fl6);
444 skb_dst_set(skb, dst);
447 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
452 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
455 idev = __in6_dev_get(dst->dev);
456 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
458 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
461 ICMP6MSGOUT_INC_STATS(net, idev, type);
462 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
468 void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
469 const struct in6_addr *daddr,
470 const struct in6_addr *solicited_addr,
471 bool router, bool solicited, bool override, bool inc_opt)
474 struct in6_addr tmpaddr;
475 struct inet6_ifaddr *ifp;
476 const struct in6_addr *src_addr;
480 /* for anycast or proxy, solicited_addr != src_addr */
481 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
483 src_addr = solicited_addr;
484 if (ifp->flags & IFA_F_OPTIMISTIC)
486 inc_opt |= ifp->idev->cnf.force_tllao;
489 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
490 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
499 optlen += ndisc_opt_addr_space(dev);
501 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
505 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
506 *msg = (struct nd_msg) {
508 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
509 .icmp6_router = router,
510 .icmp6_solicited = solicited,
511 .icmp6_override = override,
513 .target = *solicited_addr,
517 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
521 ndisc_send_skb(skb, daddr, src_addr);
524 static void ndisc_send_unsol_na(struct net_device *dev)
526 struct inet6_dev *idev;
527 struct inet6_ifaddr *ifa;
529 idev = in6_dev_get(dev);
533 read_lock_bh(&idev->lock);
534 list_for_each_entry(ifa, &idev->addr_list, if_list) {
535 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &ifa->addr,
536 /*router=*/ !!idev->cnf.forwarding,
537 /*solicited=*/ false, /*override=*/ true,
540 read_unlock_bh(&idev->lock);
545 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
546 const struct in6_addr *solicit,
547 const struct in6_addr *daddr, const struct in6_addr *saddr)
550 struct in6_addr addr_buf;
551 int inc_opt = dev->addr_len;
556 if (ipv6_get_lladdr(dev, &addr_buf,
557 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
562 if (ipv6_addr_any(saddr))
565 optlen += ndisc_opt_addr_space(dev);
567 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
571 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
572 *msg = (struct nd_msg) {
574 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
580 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
583 ndisc_send_skb(skb, daddr, saddr);
586 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
587 const struct in6_addr *daddr)
591 int send_sllao = dev->addr_len;
594 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
596 * According to section 2.2 of RFC 4429, we must not
597 * send router solicitations with a sllao from
598 * optimistic addresses, but we may send the solicitation
599 * if we don't include the sllao. So here we check
600 * if our address is optimistic, and if so, we
601 * suppress the inclusion of the sllao.
604 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
607 if (ifp->flags & IFA_F_OPTIMISTIC) {
617 optlen += ndisc_opt_addr_space(dev);
619 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
623 msg = (struct rs_msg *)skb_put(skb, sizeof(*msg));
624 *msg = (struct rs_msg) {
626 .icmp6_type = NDISC_ROUTER_SOLICITATION,
631 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
634 ndisc_send_skb(skb, daddr, saddr);
638 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
641 * "The sender MUST return an ICMP
642 * destination unreachable"
644 dst_link_failure(skb);
648 /* Called with locked neigh: either read or both */
650 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
652 struct in6_addr *saddr = NULL;
653 struct in6_addr mcaddr;
654 struct net_device *dev = neigh->dev;
655 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
656 int probes = atomic_read(&neigh->probes);
658 if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
660 IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
661 saddr = &ipv6_hdr(skb)->saddr;
662 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
664 if (!(neigh->nud_state & NUD_VALID)) {
666 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
669 ndisc_send_ns(dev, neigh, target, target, saddr);
670 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
673 addrconf_addr_solict_mult(target, &mcaddr);
674 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
678 static int pndisc_is_router(const void *pkey,
679 struct net_device *dev)
681 struct pneigh_entry *n;
684 read_lock_bh(&nd_tbl.lock);
685 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
687 ret = !!(n->flags & NTF_ROUTER);
688 read_unlock_bh(&nd_tbl.lock);
693 static void ndisc_recv_ns(struct sk_buff *skb)
695 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
696 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
697 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
699 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
700 offsetof(struct nd_msg, opt));
701 struct ndisc_options ndopts;
702 struct net_device *dev = skb->dev;
703 struct inet6_ifaddr *ifp;
704 struct inet6_dev *idev = NULL;
705 struct neighbour *neigh;
706 int dad = ipv6_addr_any(saddr);
710 if (skb->len < sizeof(struct nd_msg)) {
711 ND_PRINTK(2, warn, "NS: packet too short\n");
715 if (ipv6_addr_is_multicast(&msg->target)) {
716 ND_PRINTK(2, warn, "NS: multicast target address\n");
722 * DAD has to be destined for solicited node multicast address.
724 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
725 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
729 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
730 ND_PRINTK(2, warn, "NS: invalid ND options\n");
734 if (ndopts.nd_opts_src_lladdr) {
735 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
738 "NS: invalid link-layer address length\n");
743 * If the IP source address is the unspecified address,
744 * there MUST NOT be source link-layer address option
749 "NS: bad DAD packet (link-layer address option)\n");
754 inc = ipv6_addr_is_multicast(daddr);
756 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
759 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
762 * We are colliding with another node
764 * so fail our DAD process
766 addrconf_dad_failure(ifp);
770 * This is not a dad solicitation.
771 * If we are an optimistic node,
773 * Otherwise, we should ignore it.
775 if (!(ifp->flags & IFA_F_OPTIMISTIC))
782 struct net *net = dev_net(dev);
784 idev = in6_dev_get(dev);
786 /* XXX: count this drop? */
790 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
791 (idev->cnf.forwarding &&
792 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
793 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
794 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
795 skb->pkt_type != PACKET_HOST &&
797 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
799 * for anycast or proxy,
800 * sender should delay its response
801 * by a random time between 0 and
802 * MAX_ANYCAST_DELAY_TIME seconds.
803 * (RFC2461) -- yoshfuji
805 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
807 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
815 is_router = idev->cnf.forwarding;
818 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
819 !!is_router, false, (ifp != NULL), true);
824 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
826 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
829 * update / create cache entry
830 * for the source address
832 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
833 !inc || lladdr || !dev->addr_len);
835 neigh_update(neigh, lladdr, NUD_STALE,
836 NEIGH_UPDATE_F_WEAK_OVERRIDE|
837 NEIGH_UPDATE_F_OVERRIDE);
838 if (neigh || !dev->header_ops) {
839 ndisc_send_na(dev, neigh, saddr, &msg->target,
841 true, (ifp != NULL && inc), inc);
843 neigh_release(neigh);
853 static void ndisc_recv_na(struct sk_buff *skb)
855 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
856 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
857 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
859 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
860 offsetof(struct nd_msg, opt));
861 struct ndisc_options ndopts;
862 struct net_device *dev = skb->dev;
863 struct inet6_ifaddr *ifp;
864 struct neighbour *neigh;
866 if (skb->len < sizeof(struct nd_msg)) {
867 ND_PRINTK(2, warn, "NA: packet too short\n");
871 if (ipv6_addr_is_multicast(&msg->target)) {
872 ND_PRINTK(2, warn, "NA: target address is multicast\n");
876 if (ipv6_addr_is_multicast(daddr) &&
877 msg->icmph.icmp6_solicited) {
878 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
882 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
883 ND_PRINTK(2, warn, "NS: invalid ND option\n");
886 if (ndopts.nd_opts_tgt_lladdr) {
887 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
890 "NA: invalid link-layer address length\n");
894 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
896 if (skb->pkt_type != PACKET_LOOPBACK
897 && (ifp->flags & IFA_F_TENTATIVE)) {
898 addrconf_dad_failure(ifp);
901 /* What should we make now? The advertisement
902 is invalid, but ndisc specs say nothing
903 about it. It could be misconfiguration, or
904 an smart proxy agent tries to help us :-)
906 We should not print the error if NA has been
907 received from loopback - it is just our own
908 unsolicited advertisement.
910 if (skb->pkt_type != PACKET_LOOPBACK)
912 "NA: someone advertises our address %pI6 on %s!\n",
913 &ifp->addr, ifp->idev->dev->name);
917 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
920 u8 old_flags = neigh->flags;
921 struct net *net = dev_net(dev);
923 if (neigh->nud_state & NUD_FAILED)
927 * Don't update the neighbor cache entry on a proxy NA from
928 * ourselves because either the proxied node is off link or it
929 * has already sent a NA to us.
931 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
932 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
933 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
934 /* XXX: idev->cnf.proxy_ndp */
938 neigh_update(neigh, lladdr,
939 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
940 NEIGH_UPDATE_F_WEAK_OVERRIDE|
941 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
942 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
943 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
945 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
947 * Change: router to host
949 rt6_clean_tohost(dev_net(dev), saddr);
953 neigh_release(neigh);
957 static void ndisc_recv_rs(struct sk_buff *skb)
959 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
960 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
961 struct neighbour *neigh;
962 struct inet6_dev *idev;
963 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
964 struct ndisc_options ndopts;
967 if (skb->len < sizeof(*rs_msg))
970 idev = __in6_dev_get(skb->dev);
972 ND_PRINTK(1, err, "RS: can't find in6 device\n");
976 /* Don't accept RS if we're not in router mode */
977 if (!idev->cnf.forwarding)
981 * Don't update NCE if src = ::;
982 * this implies that the source node has no ip address assigned yet.
984 if (ipv6_addr_any(saddr))
987 /* Parse ND options */
988 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
989 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
993 if (ndopts.nd_opts_src_lladdr) {
994 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1000 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1002 neigh_update(neigh, lladdr, NUD_STALE,
1003 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1004 NEIGH_UPDATE_F_OVERRIDE|
1005 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1006 neigh_release(neigh);
1012 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1014 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1015 struct sk_buff *skb;
1016 struct nlmsghdr *nlh;
1017 struct nduseroptmsg *ndmsg;
1018 struct net *net = dev_net(ra->dev);
1020 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1021 + (opt->nd_opt_len << 3));
1022 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1024 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1030 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1032 goto nla_put_failure;
1035 ndmsg = nlmsg_data(nlh);
1036 ndmsg->nduseropt_family = AF_INET6;
1037 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1038 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1039 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1040 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1042 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1044 if (nla_put(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1045 &ipv6_hdr(ra)->saddr))
1046 goto nla_put_failure;
1047 nlmsg_end(skb, nlh);
1049 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1056 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1059 static void ndisc_router_discovery(struct sk_buff *skb)
1061 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1062 struct neighbour *neigh = NULL;
1063 struct inet6_dev *in6_dev;
1064 struct rt6_info *rt = NULL;
1066 struct ndisc_options ndopts;
1068 unsigned int pref = 0;
1070 __u8 *opt = (__u8 *)(ra_msg + 1);
1072 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1073 sizeof(struct ra_msg);
1076 "RA: %s, dev: %s\n",
1077 __func__, skb->dev->name);
1078 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1079 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1083 ND_PRINTK(2, warn, "RA: packet too short\n");
1087 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1088 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1089 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1095 * set the RA_RECV flag in the interface
1098 in6_dev = __in6_dev_get(skb->dev);
1099 if (in6_dev == NULL) {
1100 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1105 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1106 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1110 if (!ipv6_accept_ra(in6_dev)) {
1112 "RA: %s, did not accept ra for dev: %s\n",
1113 __func__, skb->dev->name);
1114 goto skip_linkparms;
1117 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1118 /* skip link-specific parameters from interior routers */
1119 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1121 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1122 __func__, skb->dev->name);
1123 goto skip_linkparms;
1127 if (in6_dev->if_flags & IF_RS_SENT) {
1129 * flag that an RA was received after an RS was sent
1130 * out on this interface.
1132 in6_dev->if_flags |= IF_RA_RCVD;
1136 * Remember the managed/otherconf flags from most recently
1137 * received RA message (RFC 2462) -- yoshfuji
1139 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1141 (ra_msg->icmph.icmp6_addrconf_managed ?
1142 IF_RA_MANAGED : 0) |
1143 (ra_msg->icmph.icmp6_addrconf_other ?
1144 IF_RA_OTHERCONF : 0);
1146 if (!in6_dev->cnf.accept_ra_defrtr) {
1148 "RA: %s, defrtr is false for dev: %s\n",
1149 __func__, skb->dev->name);
1153 /* Do not accept RA with source-addr found on local machine unless
1154 * accept_ra_from_local is set to true.
1156 if (!in6_dev->cnf.accept_ra_from_local &&
1157 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1160 "RA from local address detected on dev: %s: default router ignored\n",
1165 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1167 #ifdef CONFIG_IPV6_ROUTER_PREF
1168 pref = ra_msg->icmph.icmp6_router_pref;
1169 /* 10b is handled as if it were 00b (medium) */
1170 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1171 !in6_dev->cnf.accept_ra_rtr_pref)
1172 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1175 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1178 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1181 "RA: %s got default router without neighbour\n",
1187 if (rt && lifetime == 0) {
1192 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1193 rt, lifetime, skb->dev->name);
1194 if (rt == NULL && lifetime) {
1195 ND_PRINTK(3, info, "RA: adding default router\n");
1197 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1200 "RA: %s failed to add default route\n",
1205 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1206 if (neigh == NULL) {
1208 "RA: %s got default router without neighbour\n",
1213 neigh->flags |= NTF_ROUTER;
1215 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1219 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1220 if (ra_msg->icmph.icmp6_hop_limit) {
1221 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1223 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1224 ra_msg->icmph.icmp6_hop_limit);
1230 * Update Reachable Time and Retrans Timer
1233 if (in6_dev->nd_parms) {
1234 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1236 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1237 rtime = (rtime*HZ)/1000;
1240 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1241 in6_dev->tstamp = jiffies;
1242 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1245 rtime = ntohl(ra_msg->reachable_time);
1246 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1247 rtime = (rtime*HZ)/1000;
1252 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1253 NEIGH_VAR_SET(in6_dev->nd_parms,
1254 BASE_REACHABLE_TIME, rtime);
1255 NEIGH_VAR_SET(in6_dev->nd_parms,
1256 GC_STALETIME, 3 * rtime);
1257 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1258 in6_dev->tstamp = jiffies;
1259 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1271 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1275 if (ndopts.nd_opts_src_lladdr) {
1276 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1280 "RA: invalid link-layer address length\n");
1284 neigh_update(neigh, lladdr, NUD_STALE,
1285 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1286 NEIGH_UPDATE_F_OVERRIDE|
1287 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1288 NEIGH_UPDATE_F_ISROUTER);
1291 if (!ipv6_accept_ra(in6_dev)) {
1293 "RA: %s, accept_ra is false for dev: %s\n",
1294 __func__, skb->dev->name);
1298 #ifdef CONFIG_IPV6_ROUTE_INFO
1299 if (!in6_dev->cnf.accept_ra_from_local &&
1300 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1303 "RA from local address detected on dev: %s: router info ignored.\n",
1305 goto skip_routeinfo;
1308 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1309 struct nd_opt_hdr *p;
1310 for (p = ndopts.nd_opts_ri;
1312 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1313 struct route_info *ri = (struct route_info *)p;
1314 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1315 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1316 ri->prefix_len == 0)
1319 if (ri->prefix_len == 0 &&
1320 !in6_dev->cnf.accept_ra_defrtr)
1322 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1324 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1325 &ipv6_hdr(skb)->saddr);
1332 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1333 /* skip link-specific ndopts from interior routers */
1334 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1336 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1337 __func__, skb->dev->name);
1342 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1343 struct nd_opt_hdr *p;
1344 for (p = ndopts.nd_opts_pi;
1346 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1347 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1348 (p->nd_opt_len) << 3,
1349 ndopts.nd_opts_src_lladdr != NULL);
1353 if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1357 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1360 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1361 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1362 } else if (in6_dev->cnf.mtu6 != mtu) {
1363 in6_dev->cnf.mtu6 = mtu;
1366 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1368 rt6_mtu_change(skb->dev, mtu);
1372 if (ndopts.nd_useropts) {
1373 struct nd_opt_hdr *p;
1374 for (p = ndopts.nd_useropts;
1376 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1377 ndisc_ra_useropt(skb, p);
1381 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1382 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1387 neigh_release(neigh);
1390 static void ndisc_redirect_rcv(struct sk_buff *skb)
1393 struct ndisc_options ndopts;
1394 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1395 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1396 offsetof(struct rd_msg, opt));
1398 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1399 switch (skb->ndisc_nodetype) {
1400 case NDISC_NODETYPE_HOST:
1401 case NDISC_NODETYPE_NODEFAULT:
1403 "Redirect: from host or unauthorized router\n");
1408 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1410 "Redirect: source address is not link-local\n");
1414 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts))
1417 if (!ndopts.nd_opts_rh) {
1418 ip6_redirect_no_header(skb, dev_net(skb->dev),
1419 skb->dev->ifindex, 0);
1423 hdr = (u8 *)ndopts.nd_opts_rh;
1425 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1428 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1431 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1432 struct sk_buff *orig_skb,
1435 u8 *opt = skb_put(skb, rd_len);
1438 *(opt++) = ND_OPT_REDIRECT_HDR;
1439 *(opt++) = (rd_len >> 3);
1442 memcpy(opt, ipv6_hdr(orig_skb), rd_len - 8);
1445 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1447 struct net_device *dev = skb->dev;
1448 struct net *net = dev_net(dev);
1449 struct sock *sk = net->ipv6.ndisc_sk;
1451 struct inet_peer *peer;
1452 struct sk_buff *buff;
1454 struct in6_addr saddr_buf;
1455 struct rt6_info *rt;
1456 struct dst_entry *dst;
1459 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1462 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1463 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1468 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1469 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1471 "Redirect: target address is not link-local unicast\n");
1475 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1476 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1478 dst = ip6_route_output(net, NULL, &fl6);
1483 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1487 rt = (struct rt6_info *) dst;
1489 if (rt->rt6i_flags & RTF_GATEWAY) {
1491 "Redirect: destination is not a neighbour\n");
1494 peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
1495 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1501 if (dev->addr_len) {
1502 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1505 "Redirect: no neigh for target address\n");
1509 read_lock_bh(&neigh->lock);
1510 if (neigh->nud_state & NUD_VALID) {
1511 memcpy(ha_buf, neigh->ha, dev->addr_len);
1512 read_unlock_bh(&neigh->lock);
1514 optlen += ndisc_opt_addr_space(dev);
1516 read_unlock_bh(&neigh->lock);
1518 neigh_release(neigh);
1521 rd_len = min_t(unsigned int,
1522 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1527 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1531 msg = (struct rd_msg *)skb_put(buff, sizeof(*msg));
1532 *msg = (struct rd_msg) {
1534 .icmp6_type = NDISC_REDIRECT,
1537 .dest = ipv6_hdr(skb)->daddr,
1541 * include target_address option
1545 ndisc_fill_addr_option(buff, ND_OPT_TARGET_LL_ADDR, ha);
1548 * build redirect option and copy skb over to the new packet.
1552 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1554 skb_dst_set(buff, dst);
1555 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1562 static void pndisc_redo(struct sk_buff *skb)
1568 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1570 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1574 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1575 idev->cnf.suppress_frag_ndisc) {
1576 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1582 int ndisc_rcv(struct sk_buff *skb)
1586 if (ndisc_suppress_frag_ndisc(skb))
1589 if (skb_linearize(skb))
1592 msg = (struct nd_msg *)skb_transport_header(skb);
1594 __skb_push(skb, skb->data - skb_transport_header(skb));
1596 if (ipv6_hdr(skb)->hop_limit != 255) {
1597 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1598 ipv6_hdr(skb)->hop_limit);
1602 if (msg->icmph.icmp6_code != 0) {
1603 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1604 msg->icmph.icmp6_code);
1608 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1610 switch (msg->icmph.icmp6_type) {
1611 case NDISC_NEIGHBOUR_SOLICITATION:
1615 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1619 case NDISC_ROUTER_SOLICITATION:
1623 case NDISC_ROUTER_ADVERTISEMENT:
1624 ndisc_router_discovery(skb);
1627 case NDISC_REDIRECT:
1628 ndisc_redirect_rcv(skb);
1635 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1637 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1638 struct net *net = dev_net(dev);
1639 struct inet6_dev *idev;
1642 case NETDEV_CHANGEADDR:
1643 neigh_changeaddr(&nd_tbl, dev);
1644 fib6_run_gc(0, net, false);
1645 idev = in6_dev_get(dev);
1648 if (idev->cnf.ndisc_notify)
1649 ndisc_send_unsol_na(dev);
1653 neigh_ifdown(&nd_tbl, dev);
1654 fib6_run_gc(0, net, false);
1656 case NETDEV_NOTIFY_PEERS:
1657 ndisc_send_unsol_na(dev);
1666 static struct notifier_block ndisc_netdev_notifier = {
1667 .notifier_call = ndisc_netdev_event,
1670 #ifdef CONFIG_SYSCTL
1671 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1672 const char *func, const char *dev_name)
1674 static char warncomm[TASK_COMM_LEN];
1676 if (strcmp(warncomm, current->comm) && warned < 5) {
1677 strcpy(warncomm, current->comm);
1678 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1680 dev_name, ctl->procname,
1681 dev_name, ctl->procname);
1686 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1688 struct net_device *dev = ctl->extra1;
1689 struct inet6_dev *idev;
1692 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1693 (strcmp(ctl->procname, "base_reachable_time") == 0))
1694 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1696 if (strcmp(ctl->procname, "retrans_time") == 0)
1697 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1699 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1700 ret = neigh_proc_dointvec_jiffies(ctl, write,
1701 buffer, lenp, ppos);
1703 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1704 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1705 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1706 buffer, lenp, ppos);
1710 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1711 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1712 idev->nd_parms->reachable_time =
1713 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1714 idev->tstamp = jiffies;
1715 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1724 static int __net_init ndisc_net_init(struct net *net)
1726 struct ipv6_pinfo *np;
1730 err = inet_ctl_sock_create(&sk, PF_INET6,
1731 SOCK_RAW, IPPROTO_ICMPV6, net);
1734 "NDISC: Failed to initialize the control socket (err %d)\n",
1739 net->ipv6.ndisc_sk = sk;
1742 np->hop_limit = 255;
1743 /* Do not loopback ndisc messages */
1749 static void __net_exit ndisc_net_exit(struct net *net)
1751 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1754 static struct pernet_operations ndisc_net_ops = {
1755 .init = ndisc_net_init,
1756 .exit = ndisc_net_exit,
1759 int __init ndisc_init(void)
1763 err = register_pernet_subsys(&ndisc_net_ops);
1767 * Initialize the neighbour table
1769 neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1771 #ifdef CONFIG_SYSCTL
1772 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1773 ndisc_ifinfo_sysctl_change);
1775 goto out_unregister_pernet;
1780 #ifdef CONFIG_SYSCTL
1781 out_unregister_pernet:
1782 unregister_pernet_subsys(&ndisc_net_ops);
1787 int __init ndisc_late_init(void)
1789 return register_netdevice_notifier(&ndisc_netdev_notifier);
1792 void ndisc_late_cleanup(void)
1794 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1797 void ndisc_cleanup(void)
1799 #ifdef CONFIG_SYSCTL
1800 neigh_sysctl_unregister(&nd_tbl.parms);
1802 neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1803 unregister_pernet_subsys(&ndisc_net_ops);
projects / linux-beck.git / blob