2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
30 #define pr_fmt(fmt) "ICMPv6: " fmt
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
45 #include <linux/sysctl.h>
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
75 /* Set to 3 to get tracing... */
78 #define ND_PRINTK(val, level, fmt, ...) \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
84 static u32 ndisc_hash(const void *pkey,
85 const struct net_device *dev,
87 static int ndisc_constructor(struct neighbour *neigh);
88 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
89 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
90 static int pndisc_constructor(struct pneigh_entry *n);
91 static void pndisc_destructor(struct pneigh_entry *n);
92 static void pndisc_redo(struct sk_buff *skb);
94 static const struct neigh_ops ndisc_generic_ops = {
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_connected_output,
102 static const struct neigh_ops ndisc_hh_ops = {
104 .solicit = ndisc_solicit,
105 .error_report = ndisc_error_report,
106 .output = neigh_resolve_output,
107 .connected_output = neigh_resolve_output,
111 static const struct neigh_ops ndisc_direct_ops = {
113 .output = neigh_direct_output,
114 .connected_output = neigh_direct_output,
117 struct neigh_table nd_tbl = {
119 .key_len = sizeof(struct in6_addr),
121 .constructor = ndisc_constructor,
122 .pconstructor = pndisc_constructor,
123 .pdestructor = pndisc_destructor,
124 .proxy_redo = pndisc_redo,
128 .reachable_time = ND_REACHABLE_TIME,
130 [NEIGH_VAR_MCAST_PROBES] = 3,
131 [NEIGH_VAR_UCAST_PROBES] = 3,
132 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
133 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
134 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
135 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
136 [NEIGH_VAR_QUEUE_LEN_BYTES] = 64 * 1024,
137 [NEIGH_VAR_PROXY_QLEN] = 64,
138 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
139 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
142 .gc_interval = 30 * HZ,
148 static void ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data)
150 int pad = ndisc_addr_option_pad(skb->dev->type);
151 int data_len = skb->dev->addr_len;
152 int space = ndisc_opt_addr_space(skb->dev);
153 u8 *opt = skb_put(skb, space);
158 memset(opt + 2, 0, pad);
162 memcpy(opt+2, data, data_len);
167 memset(opt, 0, space);
170 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
171 struct nd_opt_hdr *end)
174 if (!cur || !end || cur >= end)
176 type = cur->nd_opt_type;
178 cur = ((void *)cur) + (cur->nd_opt_len << 3);
179 } while (cur < end && cur->nd_opt_type != type);
180 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
183 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
185 return opt->nd_opt_type == ND_OPT_RDNSS ||
186 opt->nd_opt_type == ND_OPT_DNSSL;
189 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
190 struct nd_opt_hdr *end)
192 if (!cur || !end || cur >= end)
195 cur = ((void *)cur) + (cur->nd_opt_len << 3);
196 } while (cur < end && !ndisc_is_useropt(cur));
197 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
200 struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
201 struct ndisc_options *ndopts)
203 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
205 if (!nd_opt || opt_len < 0 || !ndopts)
207 memset(ndopts, 0, sizeof(*ndopts));
210 if (opt_len < sizeof(struct nd_opt_hdr))
212 l = nd_opt->nd_opt_len << 3;
213 if (opt_len < l || l == 0)
215 switch (nd_opt->nd_opt_type) {
216 case ND_OPT_SOURCE_LL_ADDR:
217 case ND_OPT_TARGET_LL_ADDR:
219 case ND_OPT_REDIRECT_HDR:
220 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
222 "%s: duplicated ND6 option found: type=%d\n",
223 __func__, nd_opt->nd_opt_type);
225 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
228 case ND_OPT_PREFIX_INFO:
229 ndopts->nd_opts_pi_end = nd_opt;
230 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
231 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
233 #ifdef CONFIG_IPV6_ROUTE_INFO
234 case ND_OPT_ROUTE_INFO:
235 ndopts->nd_opts_ri_end = nd_opt;
236 if (!ndopts->nd_opts_ri)
237 ndopts->nd_opts_ri = nd_opt;
241 if (ndisc_is_useropt(nd_opt)) {
242 ndopts->nd_useropts_end = nd_opt;
243 if (!ndopts->nd_useropts)
244 ndopts->nd_useropts = nd_opt;
247 * Unknown options must be silently ignored,
248 * to accommodate future extension to the
252 "%s: ignored unsupported option; type=%d, len=%d\n",
259 nd_opt = ((void *)nd_opt) + l;
264 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
268 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
270 ipv6_eth_mc_map(addr, buf);
273 ipv6_arcnet_mc_map(addr, buf);
275 case ARPHRD_INFINIBAND:
276 ipv6_ib_mc_map(addr, dev->broadcast, buf);
279 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
282 memcpy(buf, dev->broadcast, dev->addr_len);
288 EXPORT_SYMBOL(ndisc_mc_map);
290 static u32 ndisc_hash(const void *pkey,
291 const struct net_device *dev,
294 return ndisc_hashfn(pkey, dev, hash_rnd);
297 static int ndisc_constructor(struct neighbour *neigh)
299 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
300 struct net_device *dev = neigh->dev;
301 struct inet6_dev *in6_dev;
302 struct neigh_parms *parms;
303 bool is_multicast = ipv6_addr_is_multicast(addr);
305 in6_dev = in6_dev_get(dev);
306 if (in6_dev == NULL) {
310 parms = in6_dev->nd_parms;
311 __neigh_parms_put(neigh->parms);
312 neigh->parms = neigh_parms_clone(parms);
314 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
315 if (!dev->header_ops) {
316 neigh->nud_state = NUD_NOARP;
317 neigh->ops = &ndisc_direct_ops;
318 neigh->output = neigh_direct_output;
321 neigh->nud_state = NUD_NOARP;
322 ndisc_mc_map(addr, neigh->ha, dev, 1);
323 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
324 neigh->nud_state = NUD_NOARP;
325 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
326 if (dev->flags&IFF_LOOPBACK)
327 neigh->type = RTN_LOCAL;
328 } else if (dev->flags&IFF_POINTOPOINT) {
329 neigh->nud_state = NUD_NOARP;
330 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
332 if (dev->header_ops->cache)
333 neigh->ops = &ndisc_hh_ops;
335 neigh->ops = &ndisc_generic_ops;
336 if (neigh->nud_state&NUD_VALID)
337 neigh->output = neigh->ops->connected_output;
339 neigh->output = neigh->ops->output;
341 in6_dev_put(in6_dev);
345 static int pndisc_constructor(struct pneigh_entry *n)
347 struct in6_addr *addr = (struct in6_addr *)&n->key;
348 struct in6_addr maddr;
349 struct net_device *dev = n->dev;
351 if (dev == NULL || __in6_dev_get(dev) == NULL)
353 addrconf_addr_solict_mult(addr, &maddr);
354 ipv6_dev_mc_inc(dev, &maddr);
358 static void pndisc_destructor(struct pneigh_entry *n)
360 struct in6_addr *addr = (struct in6_addr *)&n->key;
361 struct in6_addr maddr;
362 struct net_device *dev = n->dev;
364 if (dev == NULL || __in6_dev_get(dev) == NULL)
366 addrconf_addr_solict_mult(addr, &maddr);
367 ipv6_dev_mc_dec(dev, &maddr);
370 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
373 int hlen = LL_RESERVED_SPACE(dev);
374 int tlen = dev->needed_tailroom;
375 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
378 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
380 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
385 skb->protocol = htons(ETH_P_IPV6);
388 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
389 skb_reset_transport_header(skb);
391 /* Manually assign socket ownership as we avoid calling
392 * sock_alloc_send_pskb() to bypass wmem buffer limits
394 skb_set_owner_w(skb, sk);
399 static void ip6_nd_hdr(struct sk_buff *skb,
400 const struct in6_addr *saddr,
401 const struct in6_addr *daddr,
402 int hop_limit, int len)
406 skb_push(skb, sizeof(*hdr));
407 skb_reset_network_header(skb);
410 ip6_flow_hdr(hdr, 0, 0);
412 hdr->payload_len = htons(len);
413 hdr->nexthdr = IPPROTO_ICMPV6;
414 hdr->hop_limit = hop_limit;
420 static void ndisc_send_skb(struct sk_buff *skb,
421 const struct in6_addr *daddr,
422 const struct in6_addr *saddr)
424 struct dst_entry *dst = skb_dst(skb);
425 struct net *net = dev_net(skb->dev);
426 struct sock *sk = net->ipv6.ndisc_sk;
427 struct inet6_dev *idev;
429 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
432 type = icmp6h->icmp6_type;
437 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, skb->dev->ifindex);
438 dst = icmp6_dst_alloc(skb->dev, &fl6);
444 skb_dst_set(skb, dst);
447 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
452 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
455 idev = __in6_dev_get(dst->dev);
456 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
458 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
461 ICMP6MSGOUT_INC_STATS(net, idev, type);
462 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
468 void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
469 const struct in6_addr *daddr,
470 const struct in6_addr *solicited_addr,
471 bool router, bool solicited, bool override, bool inc_opt)
474 struct in6_addr tmpaddr;
475 struct inet6_ifaddr *ifp;
476 const struct in6_addr *src_addr;
480 /* for anycast or proxy, solicited_addr != src_addr */
481 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
483 src_addr = solicited_addr;
484 if (ifp->flags & IFA_F_OPTIMISTIC)
486 inc_opt |= ifp->idev->cnf.force_tllao;
489 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
490 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
499 optlen += ndisc_opt_addr_space(dev);
501 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
505 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
506 *msg = (struct nd_msg) {
508 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
509 .icmp6_router = router,
510 .icmp6_solicited = solicited,
511 .icmp6_override = override,
513 .target = *solicited_addr,
517 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
521 ndisc_send_skb(skb, daddr, src_addr);
524 static void ndisc_send_unsol_na(struct net_device *dev)
526 struct inet6_dev *idev;
527 struct inet6_ifaddr *ifa;
529 idev = in6_dev_get(dev);
533 read_lock_bh(&idev->lock);
534 list_for_each_entry(ifa, &idev->addr_list, if_list) {
535 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &ifa->addr,
536 /*router=*/ !!idev->cnf.forwarding,
537 /*solicited=*/ false, /*override=*/ true,
540 read_unlock_bh(&idev->lock);
545 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
546 const struct in6_addr *solicit,
547 const struct in6_addr *daddr, const struct in6_addr *saddr)
550 struct in6_addr addr_buf;
551 int inc_opt = dev->addr_len;
556 if (ipv6_get_lladdr(dev, &addr_buf,
557 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
562 if (ipv6_addr_any(saddr))
565 optlen += ndisc_opt_addr_space(dev);
567 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
571 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
572 *msg = (struct nd_msg) {
574 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
580 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
583 ndisc_send_skb(skb, daddr, saddr);
586 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
587 const struct in6_addr *daddr)
591 int send_sllao = dev->addr_len;
594 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
596 * According to section 2.2 of RFC 4429, we must not
597 * send router solicitations with a sllao from
598 * optimistic addresses, but we may send the solicitation
599 * if we don't include the sllao. So here we check
600 * if our address is optimistic, and if so, we
601 * suppress the inclusion of the sllao.
604 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
607 if (ifp->flags & IFA_F_OPTIMISTIC) {
617 optlen += ndisc_opt_addr_space(dev);
619 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
623 msg = (struct rs_msg *)skb_put(skb, sizeof(*msg));
624 *msg = (struct rs_msg) {
626 .icmp6_type = NDISC_ROUTER_SOLICITATION,
631 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
634 ndisc_send_skb(skb, daddr, saddr);
638 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
641 * "The sender MUST return an ICMP
642 * destination unreachable"
644 dst_link_failure(skb);
648 /* Called with locked neigh: either read or both */
650 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
652 struct in6_addr *saddr = NULL;
653 struct in6_addr mcaddr;
654 struct net_device *dev = neigh->dev;
655 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
656 int probes = atomic_read(&neigh->probes);
658 if (skb && ipv6_chk_addr_and_flags(dev_net(dev), &ipv6_hdr(skb)->saddr,
660 IFA_F_TENTATIVE|IFA_F_OPTIMISTIC))
661 saddr = &ipv6_hdr(skb)->saddr;
662 probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES);
664 if (!(neigh->nud_state & NUD_VALID)) {
666 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
669 ndisc_send_ns(dev, neigh, target, target, saddr);
670 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
673 addrconf_addr_solict_mult(target, &mcaddr);
674 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
678 static int pndisc_is_router(const void *pkey,
679 struct net_device *dev)
681 struct pneigh_entry *n;
684 read_lock_bh(&nd_tbl.lock);
685 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
687 ret = !!(n->flags & NTF_ROUTER);
688 read_unlock_bh(&nd_tbl.lock);
693 static void ndisc_recv_ns(struct sk_buff *skb)
695 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
696 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
697 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
699 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
700 offsetof(struct nd_msg, opt));
701 struct ndisc_options ndopts;
702 struct net_device *dev = skb->dev;
703 struct inet6_ifaddr *ifp;
704 struct inet6_dev *idev = NULL;
705 struct neighbour *neigh;
706 int dad = ipv6_addr_any(saddr);
710 if (skb->len < sizeof(struct nd_msg)) {
711 ND_PRINTK(2, warn, "NS: packet too short\n");
715 if (ipv6_addr_is_multicast(&msg->target)) {
716 ND_PRINTK(2, warn, "NS: multicast target address\n");
722 * DAD has to be destined for solicited node multicast address.
724 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
725 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
729 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
730 ND_PRINTK(2, warn, "NS: invalid ND options\n");
734 if (ndopts.nd_opts_src_lladdr) {
735 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
738 "NS: invalid link-layer address length\n");
743 * If the IP source address is the unspecified address,
744 * there MUST NOT be source link-layer address option
749 "NS: bad DAD packet (link-layer address option)\n");
754 inc = ipv6_addr_is_multicast(daddr);
756 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
759 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
762 * We are colliding with another node
764 * so fail our DAD process
766 addrconf_dad_failure(ifp);
770 * This is not a dad solicitation.
771 * If we are an optimistic node,
773 * Otherwise, we should ignore it.
775 if (!(ifp->flags & IFA_F_OPTIMISTIC))
782 struct net *net = dev_net(dev);
784 idev = in6_dev_get(dev);
786 /* XXX: count this drop? */
790 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
791 (idev->cnf.forwarding &&
792 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
793 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
794 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
795 skb->pkt_type != PACKET_HOST &&
797 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
799 * for anycast or proxy,
800 * sender should delay its response
801 * by a random time between 0 and
802 * MAX_ANYCAST_DELAY_TIME seconds.
803 * (RFC2461) -- yoshfuji
805 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
807 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
815 is_router = idev->cnf.forwarding;
818 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
819 !!is_router, false, (ifp != NULL), true);
824 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
826 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
829 * update / create cache entry
830 * for the source address
832 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
833 !inc || lladdr || !dev->addr_len);
835 neigh_update(neigh, lladdr, NUD_STALE,
836 NEIGH_UPDATE_F_WEAK_OVERRIDE|
837 NEIGH_UPDATE_F_OVERRIDE);
838 if (neigh || !dev->header_ops) {
839 ndisc_send_na(dev, neigh, saddr, &msg->target,
841 true, (ifp != NULL && inc), inc);
843 neigh_release(neigh);
853 static void ndisc_recv_na(struct sk_buff *skb)
855 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
856 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
857 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
859 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
860 offsetof(struct nd_msg, opt));
861 struct ndisc_options ndopts;
862 struct net_device *dev = skb->dev;
863 struct inet6_ifaddr *ifp;
864 struct neighbour *neigh;
866 if (skb->len < sizeof(struct nd_msg)) {
867 ND_PRINTK(2, warn, "NA: packet too short\n");
871 if (ipv6_addr_is_multicast(&msg->target)) {
872 ND_PRINTK(2, warn, "NA: target address is multicast\n");
876 if (ipv6_addr_is_multicast(daddr) &&
877 msg->icmph.icmp6_solicited) {
878 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
882 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
883 ND_PRINTK(2, warn, "NS: invalid ND option\n");
886 if (ndopts.nd_opts_tgt_lladdr) {
887 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
890 "NA: invalid link-layer address length\n");
894 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
896 if (skb->pkt_type != PACKET_LOOPBACK
897 && (ifp->flags & IFA_F_TENTATIVE)) {
898 addrconf_dad_failure(ifp);
901 /* What should we make now? The advertisement
902 is invalid, but ndisc specs say nothing
903 about it. It could be misconfiguration, or
904 an smart proxy agent tries to help us :-)
906 We should not print the error if NA has been
907 received from loopback - it is just our own
908 unsolicited advertisement.
910 if (skb->pkt_type != PACKET_LOOPBACK)
912 "NA: someone advertises our address %pI6 on %s!\n",
913 &ifp->addr, ifp->idev->dev->name);
917 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
920 u8 old_flags = neigh->flags;
921 struct net *net = dev_net(dev);
923 if (neigh->nud_state & NUD_FAILED)
927 * Don't update the neighbor cache entry on a proxy NA from
928 * ourselves because either the proxied node is off link or it
929 * has already sent a NA to us.
931 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
932 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
933 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
934 /* XXX: idev->cnf.proxy_ndp */
938 neigh_update(neigh, lladdr,
939 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
940 NEIGH_UPDATE_F_WEAK_OVERRIDE|
941 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
942 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
943 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
945 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
947 * Change: router to host
949 rt6_clean_tohost(dev_net(dev), saddr);
953 neigh_release(neigh);
957 static void ndisc_recv_rs(struct sk_buff *skb)
959 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
960 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
961 struct neighbour *neigh;
962 struct inet6_dev *idev;
963 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
964 struct ndisc_options ndopts;
967 if (skb->len < sizeof(*rs_msg))
970 idev = __in6_dev_get(skb->dev);
972 ND_PRINTK(1, err, "RS: can't find in6 device\n");
976 /* Don't accept RS if we're not in router mode */
977 if (!idev->cnf.forwarding)
981 * Don't update NCE if src = ::;
982 * this implies that the source node has no ip address assigned yet.
984 if (ipv6_addr_any(saddr))
987 /* Parse ND options */
988 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
989 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
993 if (ndopts.nd_opts_src_lladdr) {
994 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1000 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1002 neigh_update(neigh, lladdr, NUD_STALE,
1003 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1004 NEIGH_UPDATE_F_OVERRIDE|
1005 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1006 neigh_release(neigh);
1012 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1014 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1015 struct sk_buff *skb;
1016 struct nlmsghdr *nlh;
1017 struct nduseroptmsg *ndmsg;
1018 struct net *net = dev_net(ra->dev);
1020 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1021 + (opt->nd_opt_len << 3));
1022 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1024 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1030 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1032 goto nla_put_failure;
1035 ndmsg = nlmsg_data(nlh);
1036 ndmsg->nduseropt_family = AF_INET6;
1037 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1038 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1039 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1040 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1042 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1044 if (nla_put(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1045 &ipv6_hdr(ra)->saddr))
1046 goto nla_put_failure;
1047 nlmsg_end(skb, nlh);
1049 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1056 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1059 static void ndisc_router_discovery(struct sk_buff *skb)
1061 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1062 struct neighbour *neigh = NULL;
1063 struct inet6_dev *in6_dev;
1064 struct rt6_info *rt = NULL;
1066 struct ndisc_options ndopts;
1068 unsigned int pref = 0;
1070 __u8 *opt = (__u8 *)(ra_msg + 1);
1072 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1073 sizeof(struct ra_msg);
1076 "RA: %s, dev: %s\n",
1077 __func__, skb->dev->name);
1078 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1079 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1083 ND_PRINTK(2, warn, "RA: packet too short\n");
1087 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1088 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1089 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1095 * set the RA_RECV flag in the interface
1098 in6_dev = __in6_dev_get(skb->dev);
1099 if (in6_dev == NULL) {
1100 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1105 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1106 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1110 if (!ipv6_accept_ra(in6_dev)) {
1112 "RA: %s, did not accept ra for dev: %s\n",
1113 __func__, skb->dev->name);
1114 goto skip_linkparms;
1117 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1118 /* skip link-specific parameters from interior routers */
1119 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1121 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1122 __func__, skb->dev->name);
1123 goto skip_linkparms;
1127 if (in6_dev->if_flags & IF_RS_SENT) {
1129 * flag that an RA was received after an RS was sent
1130 * out on this interface.
1132 in6_dev->if_flags |= IF_RA_RCVD;
1136 * Remember the managed/otherconf flags from most recently
1137 * received RA message (RFC 2462) -- yoshfuji
1139 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1141 (ra_msg->icmph.icmp6_addrconf_managed ?
1142 IF_RA_MANAGED : 0) |
1143 (ra_msg->icmph.icmp6_addrconf_other ?
1144 IF_RA_OTHERCONF : 0);
1146 if (!in6_dev->cnf.accept_ra_defrtr) {
1148 "RA: %s, defrtr is false for dev: %s\n",
1149 __func__, skb->dev->name);
1153 /* Do not accept RA with source-addr found on local machine unless
1154 * accept_ra_from_local is set to true.
1156 if (!in6_dev->cnf.accept_ra_from_local &&
1157 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1160 "RA from local address detected on dev: %s: default router ignored\n",
1165 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1167 #ifdef CONFIG_IPV6_ROUTER_PREF
1168 pref = ra_msg->icmph.icmp6_router_pref;
1169 /* 10b is handled as if it were 00b (medium) */
1170 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1171 !in6_dev->cnf.accept_ra_rtr_pref)
1172 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1175 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1178 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1181 "RA: %s got default router without neighbour\n",
1187 if (rt && lifetime == 0) {
1192 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1193 rt, lifetime, skb->dev->name);
1194 if (rt == NULL && lifetime) {
1195 ND_PRINTK(3, info, "RA: adding default router\n");
1197 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1200 "RA: %s failed to add default route\n",
1205 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1206 if (neigh == NULL) {
1208 "RA: %s got default router without neighbour\n",
1213 neigh->flags |= NTF_ROUTER;
1215 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1219 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1220 if (ra_msg->icmph.icmp6_hop_limit) {
1221 /* Only set hop_limit on the interface if it is higher than
1222 * the current hop_limit.
1224 if (in6_dev->cnf.hop_limit < ra_msg->icmph.icmp6_hop_limit) {
1225 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1227 ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than current\n");
1230 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1231 ra_msg->icmph.icmp6_hop_limit);
1237 * Update Reachable Time and Retrans Timer
1240 if (in6_dev->nd_parms) {
1241 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1243 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1244 rtime = (rtime*HZ)/1000;
1247 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1248 in6_dev->tstamp = jiffies;
1249 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1252 rtime = ntohl(ra_msg->reachable_time);
1253 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1254 rtime = (rtime*HZ)/1000;
1259 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1260 NEIGH_VAR_SET(in6_dev->nd_parms,
1261 BASE_REACHABLE_TIME, rtime);
1262 NEIGH_VAR_SET(in6_dev->nd_parms,
1263 GC_STALETIME, 3 * rtime);
1264 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1265 in6_dev->tstamp = jiffies;
1266 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1278 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1282 if (ndopts.nd_opts_src_lladdr) {
1283 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1287 "RA: invalid link-layer address length\n");
1291 neigh_update(neigh, lladdr, NUD_STALE,
1292 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1293 NEIGH_UPDATE_F_OVERRIDE|
1294 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1295 NEIGH_UPDATE_F_ISROUTER);
1298 if (!ipv6_accept_ra(in6_dev)) {
1300 "RA: %s, accept_ra is false for dev: %s\n",
1301 __func__, skb->dev->name);
1305 #ifdef CONFIG_IPV6_ROUTE_INFO
1306 if (!in6_dev->cnf.accept_ra_from_local &&
1307 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1310 "RA from local address detected on dev: %s: router info ignored.\n",
1312 goto skip_routeinfo;
1315 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1316 struct nd_opt_hdr *p;
1317 for (p = ndopts.nd_opts_ri;
1319 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1320 struct route_info *ri = (struct route_info *)p;
1321 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1322 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1323 ri->prefix_len == 0)
1326 if (ri->prefix_len == 0 &&
1327 !in6_dev->cnf.accept_ra_defrtr)
1329 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1331 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1332 &ipv6_hdr(skb)->saddr);
1339 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1340 /* skip link-specific ndopts from interior routers */
1341 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1343 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1344 __func__, skb->dev->name);
1349 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1350 struct nd_opt_hdr *p;
1351 for (p = ndopts.nd_opts_pi;
1353 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1354 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1355 (p->nd_opt_len) << 3,
1356 ndopts.nd_opts_src_lladdr != NULL);
1360 if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
1364 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1367 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1368 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1369 } else if (in6_dev->cnf.mtu6 != mtu) {
1370 in6_dev->cnf.mtu6 = mtu;
1373 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1375 rt6_mtu_change(skb->dev, mtu);
1379 if (ndopts.nd_useropts) {
1380 struct nd_opt_hdr *p;
1381 for (p = ndopts.nd_useropts;
1383 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1384 ndisc_ra_useropt(skb, p);
1388 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1389 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1394 neigh_release(neigh);
1397 static void ndisc_redirect_rcv(struct sk_buff *skb)
1400 struct ndisc_options ndopts;
1401 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1402 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1403 offsetof(struct rd_msg, opt));
1405 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1406 switch (skb->ndisc_nodetype) {
1407 case NDISC_NODETYPE_HOST:
1408 case NDISC_NODETYPE_NODEFAULT:
1410 "Redirect: from host or unauthorized router\n");
1415 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1417 "Redirect: source address is not link-local\n");
1421 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts))
1424 if (!ndopts.nd_opts_rh) {
1425 ip6_redirect_no_header(skb, dev_net(skb->dev),
1426 skb->dev->ifindex, 0);
1430 hdr = (u8 *)ndopts.nd_opts_rh;
1432 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1435 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1438 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1439 struct sk_buff *orig_skb,
1442 u8 *opt = skb_put(skb, rd_len);
1445 *(opt++) = ND_OPT_REDIRECT_HDR;
1446 *(opt++) = (rd_len >> 3);
1449 memcpy(opt, ipv6_hdr(orig_skb), rd_len - 8);
1452 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1454 struct net_device *dev = skb->dev;
1455 struct net *net = dev_net(dev);
1456 struct sock *sk = net->ipv6.ndisc_sk;
1458 struct inet_peer *peer;
1459 struct sk_buff *buff;
1461 struct in6_addr saddr_buf;
1462 struct rt6_info *rt;
1463 struct dst_entry *dst;
1466 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1469 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1470 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1475 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1476 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1478 "Redirect: target address is not link-local unicast\n");
1482 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1483 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1485 dst = ip6_route_output(net, NULL, &fl6);
1490 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1494 rt = (struct rt6_info *) dst;
1496 if (rt->rt6i_flags & RTF_GATEWAY) {
1498 "Redirect: destination is not a neighbour\n");
1501 peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
1502 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1508 if (dev->addr_len) {
1509 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1512 "Redirect: no neigh for target address\n");
1516 read_lock_bh(&neigh->lock);
1517 if (neigh->nud_state & NUD_VALID) {
1518 memcpy(ha_buf, neigh->ha, dev->addr_len);
1519 read_unlock_bh(&neigh->lock);
1521 optlen += ndisc_opt_addr_space(dev);
1523 read_unlock_bh(&neigh->lock);
1525 neigh_release(neigh);
1528 rd_len = min_t(unsigned int,
1529 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1534 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1538 msg = (struct rd_msg *)skb_put(buff, sizeof(*msg));
1539 *msg = (struct rd_msg) {
1541 .icmp6_type = NDISC_REDIRECT,
1544 .dest = ipv6_hdr(skb)->daddr,
1548 * include target_address option
1552 ndisc_fill_addr_option(buff, ND_OPT_TARGET_LL_ADDR, ha);
1555 * build redirect option and copy skb over to the new packet.
1559 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1561 skb_dst_set(buff, dst);
1562 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1569 static void pndisc_redo(struct sk_buff *skb)
1575 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1577 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1581 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1582 idev->cnf.suppress_frag_ndisc) {
1583 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1589 int ndisc_rcv(struct sk_buff *skb)
1593 if (ndisc_suppress_frag_ndisc(skb))
1596 if (skb_linearize(skb))
1599 msg = (struct nd_msg *)skb_transport_header(skb);
1601 __skb_push(skb, skb->data - skb_transport_header(skb));
1603 if (ipv6_hdr(skb)->hop_limit != 255) {
1604 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1605 ipv6_hdr(skb)->hop_limit);
1609 if (msg->icmph.icmp6_code != 0) {
1610 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1611 msg->icmph.icmp6_code);
1615 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1617 switch (msg->icmph.icmp6_type) {
1618 case NDISC_NEIGHBOUR_SOLICITATION:
1622 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1626 case NDISC_ROUTER_SOLICITATION:
1630 case NDISC_ROUTER_ADVERTISEMENT:
1631 ndisc_router_discovery(skb);
1634 case NDISC_REDIRECT:
1635 ndisc_redirect_rcv(skb);
1642 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1644 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1645 struct net *net = dev_net(dev);
1646 struct inet6_dev *idev;
1649 case NETDEV_CHANGEADDR:
1650 neigh_changeaddr(&nd_tbl, dev);
1651 fib6_run_gc(0, net, false);
1652 idev = in6_dev_get(dev);
1655 if (idev->cnf.ndisc_notify)
1656 ndisc_send_unsol_na(dev);
1660 neigh_ifdown(&nd_tbl, dev);
1661 fib6_run_gc(0, net, false);
1663 case NETDEV_NOTIFY_PEERS:
1664 ndisc_send_unsol_na(dev);
1673 static struct notifier_block ndisc_netdev_notifier = {
1674 .notifier_call = ndisc_netdev_event,
1677 #ifdef CONFIG_SYSCTL
1678 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1679 const char *func, const char *dev_name)
1681 static char warncomm[TASK_COMM_LEN];
1683 if (strcmp(warncomm, current->comm) && warned < 5) {
1684 strcpy(warncomm, current->comm);
1685 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1687 dev_name, ctl->procname,
1688 dev_name, ctl->procname);
1693 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1695 struct net_device *dev = ctl->extra1;
1696 struct inet6_dev *idev;
1699 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1700 (strcmp(ctl->procname, "base_reachable_time") == 0))
1701 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1703 if (strcmp(ctl->procname, "retrans_time") == 0)
1704 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1706 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1707 ret = neigh_proc_dointvec_jiffies(ctl, write,
1708 buffer, lenp, ppos);
1710 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1711 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1712 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1713 buffer, lenp, ppos);
1717 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1718 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1719 idev->nd_parms->reachable_time =
1720 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1721 idev->tstamp = jiffies;
1722 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1731 static int __net_init ndisc_net_init(struct net *net)
1733 struct ipv6_pinfo *np;
1737 err = inet_ctl_sock_create(&sk, PF_INET6,
1738 SOCK_RAW, IPPROTO_ICMPV6, net);
1741 "NDISC: Failed to initialize the control socket (err %d)\n",
1746 net->ipv6.ndisc_sk = sk;
1749 np->hop_limit = 255;
1750 /* Do not loopback ndisc messages */
1756 static void __net_exit ndisc_net_exit(struct net *net)
1758 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1761 static struct pernet_operations ndisc_net_ops = {
1762 .init = ndisc_net_init,
1763 .exit = ndisc_net_exit,
1766 int __init ndisc_init(void)
1770 err = register_pernet_subsys(&ndisc_net_ops);
1774 * Initialize the neighbour table
1776 neigh_table_init(NEIGH_ND_TABLE, &nd_tbl);
1778 #ifdef CONFIG_SYSCTL
1779 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1780 ndisc_ifinfo_sysctl_change);
1782 goto out_unregister_pernet;
1787 #ifdef CONFIG_SYSCTL
1788 out_unregister_pernet:
1789 unregister_pernet_subsys(&ndisc_net_ops);
1794 int __init ndisc_late_init(void)
1796 return register_netdevice_notifier(&ndisc_netdev_notifier);
1799 void ndisc_late_cleanup(void)
1801 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1804 void ndisc_cleanup(void)
1806 #ifdef CONFIG_SYSCTL
1807 neigh_sysctl_unregister(&nd_tbl.parms);
1809 neigh_table_clear(NEIGH_ND_TABLE, &nd_tbl);
1810 unregister_pernet_subsys(&ndisc_net_ops);
git.samba.org / sfrench / cifs-2.6.git / blob