2 * Neighbour Discovery for IPv6
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Mike Shaver <shaver@ingenia.com>
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
18 * Alexey I. Froloff : RFC6106 (DNSSL) support
19 * Pierre Ynard : export userland ND options
20 * through netlink (RDNSS support)
21 * Lars Fenneberg : fixed MTU setting on receipt
23 * Janos Farkas : kmalloc failure checks
24 * Alexey Kuznetsov : state machine reworked
25 * and moved to net/core.
26 * Pekka Savola : RFC2461 validation
27 * YOSHIFUJI Hideaki @USAGI : Verify ND options properly
30 #define pr_fmt(fmt) "ICMPv6: " fmt
32 #include <linux/module.h>
33 #include <linux/errno.h>
34 #include <linux/types.h>
35 #include <linux/socket.h>
36 #include <linux/sockios.h>
37 #include <linux/sched.h>
38 #include <linux/net.h>
39 #include <linux/in6.h>
40 #include <linux/route.h>
41 #include <linux/init.h>
42 #include <linux/rcupdate.h>
43 #include <linux/slab.h>
45 #include <linux/sysctl.h>
48 #include <linux/if_addr.h>
49 #include <linux/if_arp.h>
50 #include <linux/ipv6.h>
51 #include <linux/icmpv6.h>
52 #include <linux/jhash.h>
58 #include <net/protocol.h>
59 #include <net/ndisc.h>
60 #include <net/ip6_route.h>
61 #include <net/addrconf.h>
64 #include <net/netlink.h>
65 #include <linux/rtnetlink.h>
68 #include <net/ip6_checksum.h>
69 #include <net/inet_common.h>
70 #include <linux/proc_fs.h>
72 #include <linux/netfilter.h>
73 #include <linux/netfilter_ipv6.h>
75 /* Set to 3 to get tracing... */
78 #define ND_PRINTK(val, level, fmt, ...) \
80 if (val <= ND_DEBUG) \
81 net_##level##_ratelimited(fmt, ##__VA_ARGS__); \
84 static u32 ndisc_hash(const void *pkey,
85 const struct net_device *dev,
87 static int ndisc_constructor(struct neighbour *neigh);
88 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
89 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
90 static int pndisc_constructor(struct pneigh_entry *n);
91 static void pndisc_destructor(struct pneigh_entry *n);
92 static void pndisc_redo(struct sk_buff *skb);
94 static const struct neigh_ops ndisc_generic_ops = {
96 .solicit = ndisc_solicit,
97 .error_report = ndisc_error_report,
98 .output = neigh_resolve_output,
99 .connected_output = neigh_connected_output,
102 static const struct neigh_ops ndisc_hh_ops = {
104 .solicit = ndisc_solicit,
105 .error_report = ndisc_error_report,
106 .output = neigh_resolve_output,
107 .connected_output = neigh_resolve_output,
111 static const struct neigh_ops ndisc_direct_ops = {
113 .output = neigh_direct_output,
114 .connected_output = neigh_direct_output,
117 struct neigh_table nd_tbl = {
119 .key_len = sizeof(struct in6_addr),
121 .constructor = ndisc_constructor,
122 .pconstructor = pndisc_constructor,
123 .pdestructor = pndisc_destructor,
124 .proxy_redo = pndisc_redo,
128 .reachable_time = ND_REACHABLE_TIME,
130 [NEIGH_VAR_MCAST_PROBES] = 3,
131 [NEIGH_VAR_UCAST_PROBES] = 3,
132 [NEIGH_VAR_RETRANS_TIME] = ND_RETRANS_TIMER,
133 [NEIGH_VAR_BASE_REACHABLE_TIME] = ND_REACHABLE_TIME,
134 [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,
135 [NEIGH_VAR_GC_STALETIME] = 60 * HZ,
136 [NEIGH_VAR_QUEUE_LEN_BYTES] = 64 * 1024,
137 [NEIGH_VAR_PROXY_QLEN] = 64,
138 [NEIGH_VAR_ANYCAST_DELAY] = 1 * HZ,
139 [NEIGH_VAR_PROXY_DELAY] = (8 * HZ) / 10,
142 .gc_interval = 30 * HZ,
148 static void ndisc_fill_addr_option(struct sk_buff *skb, int type, void *data)
150 int pad = ndisc_addr_option_pad(skb->dev->type);
151 int data_len = skb->dev->addr_len;
152 int space = ndisc_opt_addr_space(skb->dev);
153 u8 *opt = skb_put(skb, space);
158 memset(opt + 2, 0, pad);
162 memcpy(opt+2, data, data_len);
165 if ((space -= data_len) > 0)
166 memset(opt, 0, space);
169 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
170 struct nd_opt_hdr *end)
173 if (!cur || !end || cur >= end)
175 type = cur->nd_opt_type;
177 cur = ((void *)cur) + (cur->nd_opt_len << 3);
178 } while (cur < end && cur->nd_opt_type != type);
179 return cur <= end && cur->nd_opt_type == type ? cur : NULL;
182 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
184 return opt->nd_opt_type == ND_OPT_RDNSS ||
185 opt->nd_opt_type == ND_OPT_DNSSL;
188 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
189 struct nd_opt_hdr *end)
191 if (!cur || !end || cur >= end)
194 cur = ((void *)cur) + (cur->nd_opt_len << 3);
195 } while (cur < end && !ndisc_is_useropt(cur));
196 return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
199 struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
200 struct ndisc_options *ndopts)
202 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
204 if (!nd_opt || opt_len < 0 || !ndopts)
206 memset(ndopts, 0, sizeof(*ndopts));
209 if (opt_len < sizeof(struct nd_opt_hdr))
211 l = nd_opt->nd_opt_len << 3;
212 if (opt_len < l || l == 0)
214 switch (nd_opt->nd_opt_type) {
215 case ND_OPT_SOURCE_LL_ADDR:
216 case ND_OPT_TARGET_LL_ADDR:
218 case ND_OPT_REDIRECT_HDR:
219 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
221 "%s: duplicated ND6 option found: type=%d\n",
222 __func__, nd_opt->nd_opt_type);
224 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
227 case ND_OPT_PREFIX_INFO:
228 ndopts->nd_opts_pi_end = nd_opt;
229 if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
230 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
232 #ifdef CONFIG_IPV6_ROUTE_INFO
233 case ND_OPT_ROUTE_INFO:
234 ndopts->nd_opts_ri_end = nd_opt;
235 if (!ndopts->nd_opts_ri)
236 ndopts->nd_opts_ri = nd_opt;
240 if (ndisc_is_useropt(nd_opt)) {
241 ndopts->nd_useropts_end = nd_opt;
242 if (!ndopts->nd_useropts)
243 ndopts->nd_useropts = nd_opt;
246 * Unknown options must be silently ignored,
247 * to accommodate future extension to the
251 "%s: ignored unsupported option; type=%d, len=%d\n",
258 nd_opt = ((void *)nd_opt) + l;
263 int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
267 case ARPHRD_IEEE802: /* Not sure. Check it later. --ANK */
269 ipv6_eth_mc_map(addr, buf);
272 ipv6_arcnet_mc_map(addr, buf);
274 case ARPHRD_INFINIBAND:
275 ipv6_ib_mc_map(addr, dev->broadcast, buf);
278 return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
281 memcpy(buf, dev->broadcast, dev->addr_len);
287 EXPORT_SYMBOL(ndisc_mc_map);
289 static u32 ndisc_hash(const void *pkey,
290 const struct net_device *dev,
293 return ndisc_hashfn(pkey, dev, hash_rnd);
296 static int ndisc_constructor(struct neighbour *neigh)
298 struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key;
299 struct net_device *dev = neigh->dev;
300 struct inet6_dev *in6_dev;
301 struct neigh_parms *parms;
302 bool is_multicast = ipv6_addr_is_multicast(addr);
304 in6_dev = in6_dev_get(dev);
305 if (in6_dev == NULL) {
309 parms = in6_dev->nd_parms;
310 __neigh_parms_put(neigh->parms);
311 neigh->parms = neigh_parms_clone(parms);
313 neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
314 if (!dev->header_ops) {
315 neigh->nud_state = NUD_NOARP;
316 neigh->ops = &ndisc_direct_ops;
317 neigh->output = neigh_direct_output;
320 neigh->nud_state = NUD_NOARP;
321 ndisc_mc_map(addr, neigh->ha, dev, 1);
322 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
323 neigh->nud_state = NUD_NOARP;
324 memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
325 if (dev->flags&IFF_LOOPBACK)
326 neigh->type = RTN_LOCAL;
327 } else if (dev->flags&IFF_POINTOPOINT) {
328 neigh->nud_state = NUD_NOARP;
329 memcpy(neigh->ha, dev->broadcast, dev->addr_len);
331 if (dev->header_ops->cache)
332 neigh->ops = &ndisc_hh_ops;
334 neigh->ops = &ndisc_generic_ops;
335 if (neigh->nud_state&NUD_VALID)
336 neigh->output = neigh->ops->connected_output;
338 neigh->output = neigh->ops->output;
340 in6_dev_put(in6_dev);
344 static int pndisc_constructor(struct pneigh_entry *n)
346 struct in6_addr *addr = (struct in6_addr *)&n->key;
347 struct in6_addr maddr;
348 struct net_device *dev = n->dev;
350 if (dev == NULL || __in6_dev_get(dev) == NULL)
352 addrconf_addr_solict_mult(addr, &maddr);
353 ipv6_dev_mc_inc(dev, &maddr);
357 static void pndisc_destructor(struct pneigh_entry *n)
359 struct in6_addr *addr = (struct in6_addr *)&n->key;
360 struct in6_addr maddr;
361 struct net_device *dev = n->dev;
363 if (dev == NULL || __in6_dev_get(dev) == NULL)
365 addrconf_addr_solict_mult(addr, &maddr);
366 ipv6_dev_mc_dec(dev, &maddr);
369 static struct sk_buff *ndisc_alloc_skb(struct net_device *dev,
372 int hlen = LL_RESERVED_SPACE(dev);
373 int tlen = dev->needed_tailroom;
374 struct sock *sk = dev_net(dev)->ipv6.ndisc_sk;
377 skb = alloc_skb(hlen + sizeof(struct ipv6hdr) + len + tlen, GFP_ATOMIC);
379 ND_PRINTK(0, err, "ndisc: %s failed to allocate an skb\n",
384 skb->protocol = htons(ETH_P_IPV6);
387 skb_reserve(skb, hlen + sizeof(struct ipv6hdr));
388 skb_reset_transport_header(skb);
390 /* Manually assign socket ownership as we avoid calling
391 * sock_alloc_send_pskb() to bypass wmem buffer limits
393 skb_set_owner_w(skb, sk);
398 static void ip6_nd_hdr(struct sk_buff *skb,
399 const struct in6_addr *saddr,
400 const struct in6_addr *daddr,
401 int hop_limit, int len)
405 skb_push(skb, sizeof(*hdr));
406 skb_reset_network_header(skb);
409 ip6_flow_hdr(hdr, 0, 0);
411 hdr->payload_len = htons(len);
412 hdr->nexthdr = IPPROTO_ICMPV6;
413 hdr->hop_limit = hop_limit;
419 static void ndisc_send_skb(struct sk_buff *skb,
420 const struct in6_addr *daddr,
421 const struct in6_addr *saddr)
423 struct dst_entry *dst = skb_dst(skb);
424 struct net *net = dev_net(skb->dev);
425 struct sock *sk = net->ipv6.ndisc_sk;
426 struct inet6_dev *idev;
428 struct icmp6hdr *icmp6h = icmp6_hdr(skb);
431 type = icmp6h->icmp6_type;
436 icmpv6_flow_init(sk, &fl6, type, saddr, daddr, skb->dev->ifindex);
437 dst = icmp6_dst_alloc(skb->dev, &fl6);
443 skb_dst_set(skb, dst);
446 icmp6h->icmp6_cksum = csum_ipv6_magic(saddr, daddr, skb->len,
451 ip6_nd_hdr(skb, saddr, daddr, inet6_sk(sk)->hop_limit, skb->len);
454 idev = __in6_dev_get(dst->dev);
455 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
457 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
460 ICMP6MSGOUT_INC_STATS(net, idev, type);
461 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
467 void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
468 const struct in6_addr *daddr,
469 const struct in6_addr *solicited_addr,
470 bool router, bool solicited, bool override, bool inc_opt)
473 struct in6_addr tmpaddr;
474 struct inet6_ifaddr *ifp;
475 const struct in6_addr *src_addr;
479 /* for anycast or proxy, solicited_addr != src_addr */
480 ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
482 src_addr = solicited_addr;
483 if (ifp->flags & IFA_F_OPTIMISTIC)
485 inc_opt |= ifp->idev->cnf.force_tllao;
488 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
489 inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
498 optlen += ndisc_opt_addr_space(dev);
500 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
504 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
505 *msg = (struct nd_msg) {
507 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
508 .icmp6_router = router,
509 .icmp6_solicited = solicited,
510 .icmp6_override = override,
512 .target = *solicited_addr,
516 ndisc_fill_addr_option(skb, ND_OPT_TARGET_LL_ADDR,
520 ndisc_send_skb(skb, daddr, src_addr);
523 static void ndisc_send_unsol_na(struct net_device *dev)
525 struct inet6_dev *idev;
526 struct inet6_ifaddr *ifa;
528 idev = in6_dev_get(dev);
532 read_lock_bh(&idev->lock);
533 list_for_each_entry(ifa, &idev->addr_list, if_list) {
534 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &ifa->addr,
535 /*router=*/ !!idev->cnf.forwarding,
536 /*solicited=*/ false, /*override=*/ true,
539 read_unlock_bh(&idev->lock);
544 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
545 const struct in6_addr *solicit,
546 const struct in6_addr *daddr, const struct in6_addr *saddr)
549 struct in6_addr addr_buf;
550 int inc_opt = dev->addr_len;
555 if (ipv6_get_lladdr(dev, &addr_buf,
556 (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
561 if (ipv6_addr_any(saddr))
564 optlen += ndisc_opt_addr_space(dev);
566 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
570 msg = (struct nd_msg *)skb_put(skb, sizeof(*msg));
571 *msg = (struct nd_msg) {
573 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
579 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
582 ndisc_send_skb(skb, daddr, saddr);
585 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
586 const struct in6_addr *daddr)
590 int send_sllao = dev->addr_len;
593 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
595 * According to section 2.2 of RFC 4429, we must not
596 * send router solicitations with a sllao from
597 * optimistic addresses, but we may send the solicitation
598 * if we don't include the sllao. So here we check
599 * if our address is optimistic, and if so, we
600 * suppress the inclusion of the sllao.
603 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
606 if (ifp->flags & IFA_F_OPTIMISTIC) {
616 optlen += ndisc_opt_addr_space(dev);
618 skb = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
622 msg = (struct rs_msg *)skb_put(skb, sizeof(*msg));
623 *msg = (struct rs_msg) {
625 .icmp6_type = NDISC_ROUTER_SOLICITATION,
630 ndisc_fill_addr_option(skb, ND_OPT_SOURCE_LL_ADDR,
633 ndisc_send_skb(skb, daddr, saddr);
637 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
640 * "The sender MUST return an ICMP
641 * destination unreachable"
643 dst_link_failure(skb);
647 /* Called with locked neigh: either read or both */
649 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
651 struct in6_addr *saddr = NULL;
652 struct in6_addr mcaddr;
653 struct net_device *dev = neigh->dev;
654 struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
655 int probes = atomic_read(&neigh->probes);
657 if (skb && ipv6_chk_addr(dev_net(dev), &ipv6_hdr(skb)->saddr, dev, 1))
658 saddr = &ipv6_hdr(skb)->saddr;
660 if ((probes -= NEIGH_VAR(neigh->parms, UCAST_PROBES)) < 0) {
661 if (!(neigh->nud_state & NUD_VALID)) {
663 "%s: trying to ucast probe in NUD_INVALID: %pI6\n",
666 ndisc_send_ns(dev, neigh, target, target, saddr);
667 } else if ((probes -= NEIGH_VAR(neigh->parms, APP_PROBES)) < 0) {
670 addrconf_addr_solict_mult(target, &mcaddr);
671 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
675 static int pndisc_is_router(const void *pkey,
676 struct net_device *dev)
678 struct pneigh_entry *n;
681 read_lock_bh(&nd_tbl.lock);
682 n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
684 ret = !!(n->flags & NTF_ROUTER);
685 read_unlock_bh(&nd_tbl.lock);
690 static void ndisc_recv_ns(struct sk_buff *skb)
692 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
693 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
694 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
696 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
697 offsetof(struct nd_msg, opt));
698 struct ndisc_options ndopts;
699 struct net_device *dev = skb->dev;
700 struct inet6_ifaddr *ifp;
701 struct inet6_dev *idev = NULL;
702 struct neighbour *neigh;
703 int dad = ipv6_addr_any(saddr);
707 if (skb->len < sizeof(struct nd_msg)) {
708 ND_PRINTK(2, warn, "NS: packet too short\n");
712 if (ipv6_addr_is_multicast(&msg->target)) {
713 ND_PRINTK(2, warn, "NS: multicast target address\n");
719 * DAD has to be destined for solicited node multicast address.
721 if (dad && !ipv6_addr_is_solict_mult(daddr)) {
722 ND_PRINTK(2, warn, "NS: bad DAD packet (wrong destination)\n");
726 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
727 ND_PRINTK(2, warn, "NS: invalid ND options\n");
731 if (ndopts.nd_opts_src_lladdr) {
732 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
735 "NS: invalid link-layer address length\n");
740 * If the IP source address is the unspecified address,
741 * there MUST NOT be source link-layer address option
746 "NS: bad DAD packet (link-layer address option)\n");
751 inc = ipv6_addr_is_multicast(daddr);
753 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
756 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
759 * We are colliding with another node
761 * so fail our DAD process
763 addrconf_dad_failure(ifp);
767 * This is not a dad solicitation.
768 * If we are an optimistic node,
770 * Otherwise, we should ignore it.
772 if (!(ifp->flags & IFA_F_OPTIMISTIC))
779 struct net *net = dev_net(dev);
781 idev = in6_dev_get(dev);
783 /* XXX: count this drop? */
787 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
788 (idev->cnf.forwarding &&
789 (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
790 (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
791 if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
792 skb->pkt_type != PACKET_HOST &&
794 NEIGH_VAR(idev->nd_parms, PROXY_DELAY) != 0) {
796 * for anycast or proxy,
797 * sender should delay its response
798 * by a random time between 0 and
799 * MAX_ANYCAST_DELAY_TIME seconds.
800 * (RFC2461) -- yoshfuji
802 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
804 pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
812 is_router = idev->cnf.forwarding;
815 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
816 !!is_router, false, (ifp != NULL), true);
821 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
823 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
826 * update / create cache entry
827 * for the source address
829 neigh = __neigh_lookup(&nd_tbl, saddr, dev,
830 !inc || lladdr || !dev->addr_len);
832 neigh_update(neigh, lladdr, NUD_STALE,
833 NEIGH_UPDATE_F_WEAK_OVERRIDE|
834 NEIGH_UPDATE_F_OVERRIDE);
835 if (neigh || !dev->header_ops) {
836 ndisc_send_na(dev, neigh, saddr, &msg->target,
838 true, (ifp != NULL && inc), inc);
840 neigh_release(neigh);
850 static void ndisc_recv_na(struct sk_buff *skb)
852 struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
853 struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
854 const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
856 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
857 offsetof(struct nd_msg, opt));
858 struct ndisc_options ndopts;
859 struct net_device *dev = skb->dev;
860 struct inet6_ifaddr *ifp;
861 struct neighbour *neigh;
863 if (skb->len < sizeof(struct nd_msg)) {
864 ND_PRINTK(2, warn, "NA: packet too short\n");
868 if (ipv6_addr_is_multicast(&msg->target)) {
869 ND_PRINTK(2, warn, "NA: target address is multicast\n");
873 if (ipv6_addr_is_multicast(daddr) &&
874 msg->icmph.icmp6_solicited) {
875 ND_PRINTK(2, warn, "NA: solicited NA is multicasted\n");
879 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
880 ND_PRINTK(2, warn, "NS: invalid ND option\n");
883 if (ndopts.nd_opts_tgt_lladdr) {
884 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
887 "NA: invalid link-layer address length\n");
891 ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
893 if (skb->pkt_type != PACKET_LOOPBACK
894 && (ifp->flags & IFA_F_TENTATIVE)) {
895 addrconf_dad_failure(ifp);
898 /* What should we make now? The advertisement
899 is invalid, but ndisc specs say nothing
900 about it. It could be misconfiguration, or
901 an smart proxy agent tries to help us :-)
903 We should not print the error if NA has been
904 received from loopback - it is just our own
905 unsolicited advertisement.
907 if (skb->pkt_type != PACKET_LOOPBACK)
909 "NA: someone advertises our address %pI6 on %s!\n",
910 &ifp->addr, ifp->idev->dev->name);
914 neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
917 u8 old_flags = neigh->flags;
918 struct net *net = dev_net(dev);
920 if (neigh->nud_state & NUD_FAILED)
924 * Don't update the neighbor cache entry on a proxy NA from
925 * ourselves because either the proxied node is off link or it
926 * has already sent a NA to us.
928 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
929 net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
930 pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
931 /* XXX: idev->cnf.proxy_ndp */
935 neigh_update(neigh, lladdr,
936 msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
937 NEIGH_UPDATE_F_WEAK_OVERRIDE|
938 (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
939 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
940 (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
942 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
944 * Change: router to host
946 rt6_clean_tohost(dev_net(dev), saddr);
950 neigh_release(neigh);
954 static void ndisc_recv_rs(struct sk_buff *skb)
956 struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
957 unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
958 struct neighbour *neigh;
959 struct inet6_dev *idev;
960 const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
961 struct ndisc_options ndopts;
964 if (skb->len < sizeof(*rs_msg))
967 idev = __in6_dev_get(skb->dev);
969 ND_PRINTK(1, err, "RS: can't find in6 device\n");
973 /* Don't accept RS if we're not in router mode */
974 if (!idev->cnf.forwarding)
978 * Don't update NCE if src = ::;
979 * this implies that the source node has no ip address assigned yet.
981 if (ipv6_addr_any(saddr))
984 /* Parse ND options */
985 if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
986 ND_PRINTK(2, notice, "NS: invalid ND option, ignored\n");
990 if (ndopts.nd_opts_src_lladdr) {
991 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
997 neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
999 neigh_update(neigh, lladdr, NUD_STALE,
1000 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1001 NEIGH_UPDATE_F_OVERRIDE|
1002 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1003 neigh_release(neigh);
1009 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1011 struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1012 struct sk_buff *skb;
1013 struct nlmsghdr *nlh;
1014 struct nduseroptmsg *ndmsg;
1015 struct net *net = dev_net(ra->dev);
1017 int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1018 + (opt->nd_opt_len << 3));
1019 size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1021 skb = nlmsg_new(msg_size, GFP_ATOMIC);
1027 nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1029 goto nla_put_failure;
1032 ndmsg = nlmsg_data(nlh);
1033 ndmsg->nduseropt_family = AF_INET6;
1034 ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1035 ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1036 ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1037 ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1039 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1041 if (nla_put(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1042 &ipv6_hdr(ra)->saddr))
1043 goto nla_put_failure;
1044 nlmsg_end(skb, nlh);
1046 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1053 rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1056 static void ndisc_router_discovery(struct sk_buff *skb)
1058 struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1059 struct neighbour *neigh = NULL;
1060 struct inet6_dev *in6_dev;
1061 struct rt6_info *rt = NULL;
1063 struct ndisc_options ndopts;
1065 unsigned int pref = 0;
1067 __u8 *opt = (__u8 *)(ra_msg + 1);
1069 optlen = (skb_tail_pointer(skb) - skb_transport_header(skb)) -
1070 sizeof(struct ra_msg);
1073 "RA: %s, dev: %s\n",
1074 __func__, skb->dev->name);
1075 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1076 ND_PRINTK(2, warn, "RA: source address is not link-local\n");
1080 ND_PRINTK(2, warn, "RA: packet too short\n");
1084 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1085 if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1086 ND_PRINTK(2, warn, "RA: from host or unauthorized router\n");
1092 * set the RA_RECV flag in the interface
1095 in6_dev = __in6_dev_get(skb->dev);
1096 if (in6_dev == NULL) {
1097 ND_PRINTK(0, err, "RA: can't find inet6 device for %s\n",
1102 if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1103 ND_PRINTK(2, warn, "RA: invalid ND options\n");
1107 if (!ipv6_accept_ra(in6_dev)) {
1109 "RA: %s, did not accept ra for dev: %s\n",
1110 __func__, skb->dev->name);
1111 goto skip_linkparms;
1114 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1115 /* skip link-specific parameters from interior routers */
1116 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1118 "RA: %s, nodetype is NODEFAULT, dev: %s\n",
1119 __func__, skb->dev->name);
1120 goto skip_linkparms;
1124 if (in6_dev->if_flags & IF_RS_SENT) {
1126 * flag that an RA was received after an RS was sent
1127 * out on this interface.
1129 in6_dev->if_flags |= IF_RA_RCVD;
1133 * Remember the managed/otherconf flags from most recently
1134 * received RA message (RFC 2462) -- yoshfuji
1136 in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1138 (ra_msg->icmph.icmp6_addrconf_managed ?
1139 IF_RA_MANAGED : 0) |
1140 (ra_msg->icmph.icmp6_addrconf_other ?
1141 IF_RA_OTHERCONF : 0);
1143 if (!in6_dev->cnf.accept_ra_defrtr) {
1145 "RA: %s, defrtr is false for dev: %s\n",
1146 __func__, skb->dev->name);
1150 /* Do not accept RA with source-addr found on local machine unless
1151 * accept_ra_from_local is set to true.
1153 if (!in6_dev->cnf.accept_ra_from_local &&
1154 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1157 "RA from local address detected on dev: %s: default router ignored\n",
1162 lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1164 #ifdef CONFIG_IPV6_ROUTER_PREF
1165 pref = ra_msg->icmph.icmp6_router_pref;
1166 /* 10b is handled as if it were 00b (medium) */
1167 if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1168 !in6_dev->cnf.accept_ra_rtr_pref)
1169 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1172 rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1175 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1178 "RA: %s got default router without neighbour\n",
1184 if (rt && lifetime == 0) {
1189 ND_PRINTK(3, info, "RA: rt: %p lifetime: %d, for dev: %s\n",
1190 rt, lifetime, skb->dev->name);
1191 if (rt == NULL && lifetime) {
1192 ND_PRINTK(3, info, "RA: adding default router\n");
1194 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1197 "RA: %s failed to add default route\n",
1202 neigh = dst_neigh_lookup(&rt->dst, &ipv6_hdr(skb)->saddr);
1203 if (neigh == NULL) {
1205 "RA: %s got default router without neighbour\n",
1210 neigh->flags |= NTF_ROUTER;
1212 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1216 rt6_set_expires(rt, jiffies + (HZ * lifetime));
1217 if (ra_msg->icmph.icmp6_hop_limit) {
1218 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1220 dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1221 ra_msg->icmph.icmp6_hop_limit);
1227 * Update Reachable Time and Retrans Timer
1230 if (in6_dev->nd_parms) {
1231 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1233 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1234 rtime = (rtime*HZ)/1000;
1237 NEIGH_VAR_SET(in6_dev->nd_parms, RETRANS_TIME, rtime);
1238 in6_dev->tstamp = jiffies;
1239 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1242 rtime = ntohl(ra_msg->reachable_time);
1243 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1244 rtime = (rtime*HZ)/1000;
1249 if (rtime != NEIGH_VAR(in6_dev->nd_parms, BASE_REACHABLE_TIME)) {
1250 NEIGH_VAR_SET(in6_dev->nd_parms,
1251 BASE_REACHABLE_TIME, rtime);
1252 NEIGH_VAR_SET(in6_dev->nd_parms,
1253 GC_STALETIME, 3 * rtime);
1254 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1255 in6_dev->tstamp = jiffies;
1256 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1268 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1272 if (ndopts.nd_opts_src_lladdr) {
1273 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1277 "RA: invalid link-layer address length\n");
1281 neigh_update(neigh, lladdr, NUD_STALE,
1282 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1283 NEIGH_UPDATE_F_OVERRIDE|
1284 NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1285 NEIGH_UPDATE_F_ISROUTER);
1288 if (!ipv6_accept_ra(in6_dev)) {
1290 "RA: %s, accept_ra is false for dev: %s\n",
1291 __func__, skb->dev->name);
1295 #ifdef CONFIG_IPV6_ROUTE_INFO
1296 if (!in6_dev->cnf.accept_ra_from_local &&
1297 ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
1300 "RA from local address detected on dev: %s: router info ignored.\n",
1302 goto skip_routeinfo;
1305 if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1306 struct nd_opt_hdr *p;
1307 for (p = ndopts.nd_opts_ri;
1309 p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1310 struct route_info *ri = (struct route_info *)p;
1311 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1312 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1313 ri->prefix_len == 0)
1316 if (ri->prefix_len == 0 &&
1317 !in6_dev->cnf.accept_ra_defrtr)
1319 if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1321 rt6_route_rcv(skb->dev, (u8 *)p, (p->nd_opt_len) << 3,
1322 &ipv6_hdr(skb)->saddr);
1329 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1330 /* skip link-specific ndopts from interior routers */
1331 if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
1333 "RA: %s, nodetype is NODEFAULT (interior routes), dev: %s\n",
1334 __func__, skb->dev->name);
1339 if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1340 struct nd_opt_hdr *p;
1341 for (p = ndopts.nd_opts_pi;
1343 p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1344 addrconf_prefix_rcv(skb->dev, (u8 *)p,
1345 (p->nd_opt_len) << 3,
1346 ndopts.nd_opts_src_lladdr != NULL);
1350 if (ndopts.nd_opts_mtu) {
1354 memcpy(&n, ((u8 *)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1357 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1358 ND_PRINTK(2, warn, "RA: invalid mtu: %d\n", mtu);
1359 } else if (in6_dev->cnf.mtu6 != mtu) {
1360 in6_dev->cnf.mtu6 = mtu;
1363 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1365 rt6_mtu_change(skb->dev, mtu);
1369 if (ndopts.nd_useropts) {
1370 struct nd_opt_hdr *p;
1371 for (p = ndopts.nd_useropts;
1373 p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1374 ndisc_ra_useropt(skb, p);
1378 if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1379 ND_PRINTK(2, warn, "RA: invalid RA options\n");
1384 neigh_release(neigh);
1387 static void ndisc_redirect_rcv(struct sk_buff *skb)
1390 struct ndisc_options ndopts;
1391 struct rd_msg *msg = (struct rd_msg *)skb_transport_header(skb);
1392 u32 ndoptlen = skb_tail_pointer(skb) - (skb_transport_header(skb) +
1393 offsetof(struct rd_msg, opt));
1395 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1396 switch (skb->ndisc_nodetype) {
1397 case NDISC_NODETYPE_HOST:
1398 case NDISC_NODETYPE_NODEFAULT:
1400 "Redirect: from host or unauthorized router\n");
1405 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1407 "Redirect: source address is not link-local\n");
1411 if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts))
1414 if (!ndopts.nd_opts_rh) {
1415 ip6_redirect_no_header(skb, dev_net(skb->dev),
1416 skb->dev->ifindex, 0);
1420 hdr = (u8 *)ndopts.nd_opts_rh;
1422 if (!pskb_pull(skb, hdr - skb_transport_header(skb)))
1425 icmpv6_notify(skb, NDISC_REDIRECT, 0, 0);
1428 static void ndisc_fill_redirect_hdr_option(struct sk_buff *skb,
1429 struct sk_buff *orig_skb,
1432 u8 *opt = skb_put(skb, rd_len);
1435 *(opt++) = ND_OPT_REDIRECT_HDR;
1436 *(opt++) = (rd_len >> 3);
1439 memcpy(opt, ipv6_hdr(orig_skb), rd_len - 8);
1442 void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target)
1444 struct net_device *dev = skb->dev;
1445 struct net *net = dev_net(dev);
1446 struct sock *sk = net->ipv6.ndisc_sk;
1448 struct inet_peer *peer;
1449 struct sk_buff *buff;
1451 struct in6_addr saddr_buf;
1452 struct rt6_info *rt;
1453 struct dst_entry *dst;
1456 u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1459 if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1460 ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
1465 if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1466 ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1468 "Redirect: target address is not link-local unicast\n");
1472 icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1473 &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1475 dst = ip6_route_output(net, NULL, &fl6);
1480 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1484 rt = (struct rt6_info *) dst;
1486 if (rt->rt6i_flags & RTF_GATEWAY) {
1488 "Redirect: destination is not a neighbour\n");
1491 peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
1492 ret = inet_peer_xrlim_allow(peer, 1*HZ);
1498 if (dev->addr_len) {
1499 struct neighbour *neigh = dst_neigh_lookup(skb_dst(skb), target);
1502 "Redirect: no neigh for target address\n");
1506 read_lock_bh(&neigh->lock);
1507 if (neigh->nud_state & NUD_VALID) {
1508 memcpy(ha_buf, neigh->ha, dev->addr_len);
1509 read_unlock_bh(&neigh->lock);
1511 optlen += ndisc_opt_addr_space(dev);
1513 read_unlock_bh(&neigh->lock);
1515 neigh_release(neigh);
1518 rd_len = min_t(unsigned int,
1519 IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(*msg) - optlen,
1524 buff = ndisc_alloc_skb(dev, sizeof(*msg) + optlen);
1528 msg = (struct rd_msg *)skb_put(buff, sizeof(*msg));
1529 *msg = (struct rd_msg) {
1531 .icmp6_type = NDISC_REDIRECT,
1534 .dest = ipv6_hdr(skb)->daddr,
1538 * include target_address option
1542 ndisc_fill_addr_option(buff, ND_OPT_TARGET_LL_ADDR, ha);
1545 * build redirect option and copy skb over to the new packet.
1549 ndisc_fill_redirect_hdr_option(buff, skb, rd_len);
1551 skb_dst_set(buff, dst);
1552 ndisc_send_skb(buff, &ipv6_hdr(skb)->saddr, &saddr_buf);
1559 static void pndisc_redo(struct sk_buff *skb)
1565 static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
1567 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1571 if (IP6CB(skb)->flags & IP6SKB_FRAGMENTED &&
1572 idev->cnf.suppress_frag_ndisc) {
1573 net_warn_ratelimited("Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.\n");
1579 int ndisc_rcv(struct sk_buff *skb)
1583 if (ndisc_suppress_frag_ndisc(skb))
1586 if (skb_linearize(skb))
1589 msg = (struct nd_msg *)skb_transport_header(skb);
1591 __skb_push(skb, skb->data - skb_transport_header(skb));
1593 if (ipv6_hdr(skb)->hop_limit != 255) {
1594 ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
1595 ipv6_hdr(skb)->hop_limit);
1599 if (msg->icmph.icmp6_code != 0) {
1600 ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
1601 msg->icmph.icmp6_code);
1605 memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1607 switch (msg->icmph.icmp6_type) {
1608 case NDISC_NEIGHBOUR_SOLICITATION:
1612 case NDISC_NEIGHBOUR_ADVERTISEMENT:
1616 case NDISC_ROUTER_SOLICITATION:
1620 case NDISC_ROUTER_ADVERTISEMENT:
1621 ndisc_router_discovery(skb);
1624 case NDISC_REDIRECT:
1625 ndisc_redirect_rcv(skb);
1632 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1634 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1635 struct net *net = dev_net(dev);
1636 struct inet6_dev *idev;
1639 case NETDEV_CHANGEADDR:
1640 neigh_changeaddr(&nd_tbl, dev);
1641 fib6_run_gc(0, net, false);
1642 idev = in6_dev_get(dev);
1645 if (idev->cnf.ndisc_notify)
1646 ndisc_send_unsol_na(dev);
1650 neigh_ifdown(&nd_tbl, dev);
1651 fib6_run_gc(0, net, false);
1653 case NETDEV_NOTIFY_PEERS:
1654 ndisc_send_unsol_na(dev);
1663 static struct notifier_block ndisc_netdev_notifier = {
1664 .notifier_call = ndisc_netdev_event,
1667 #ifdef CONFIG_SYSCTL
1668 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1669 const char *func, const char *dev_name)
1671 static char warncomm[TASK_COMM_LEN];
1673 if (strcmp(warncomm, current->comm) && warned < 5) {
1674 strcpy(warncomm, current->comm);
1675 pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n",
1677 dev_name, ctl->procname,
1678 dev_name, ctl->procname);
1683 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1685 struct net_device *dev = ctl->extra1;
1686 struct inet6_dev *idev;
1689 if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1690 (strcmp(ctl->procname, "base_reachable_time") == 0))
1691 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1693 if (strcmp(ctl->procname, "retrans_time") == 0)
1694 ret = neigh_proc_dointvec(ctl, write, buffer, lenp, ppos);
1696 else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1697 ret = neigh_proc_dointvec_jiffies(ctl, write,
1698 buffer, lenp, ppos);
1700 else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1701 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1702 ret = neigh_proc_dointvec_ms_jiffies(ctl, write,
1703 buffer, lenp, ppos);
1707 if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1708 if (ctl->data == &NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME))
1709 idev->nd_parms->reachable_time =
1710 neigh_rand_reach_time(NEIGH_VAR(idev->nd_parms, BASE_REACHABLE_TIME));
1711 idev->tstamp = jiffies;
1712 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1721 static int __net_init ndisc_net_init(struct net *net)
1723 struct ipv6_pinfo *np;
1727 err = inet_ctl_sock_create(&sk, PF_INET6,
1728 SOCK_RAW, IPPROTO_ICMPV6, net);
1731 "NDISC: Failed to initialize the control socket (err %d)\n",
1736 net->ipv6.ndisc_sk = sk;
1739 np->hop_limit = 255;
1740 /* Do not loopback ndisc messages */
1746 static void __net_exit ndisc_net_exit(struct net *net)
1748 inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1751 static struct pernet_operations ndisc_net_ops = {
1752 .init = ndisc_net_init,
1753 .exit = ndisc_net_exit,
1756 int __init ndisc_init(void)
1760 err = register_pernet_subsys(&ndisc_net_ops);
1764 * Initialize the neighbour table
1766 neigh_table_init(&nd_tbl);
1768 #ifdef CONFIG_SYSCTL
1769 err = neigh_sysctl_register(NULL, &nd_tbl.parms,
1770 ndisc_ifinfo_sysctl_change);
1772 goto out_unregister_pernet;
1777 #ifdef CONFIG_SYSCTL
1778 out_unregister_pernet:
1779 unregister_pernet_subsys(&ndisc_net_ops);
1784 int __init ndisc_late_init(void)
1786 return register_netdevice_notifier(&ndisc_netdev_notifier);
1789 void ndisc_late_cleanup(void)
1791 unregister_netdevice_notifier(&ndisc_netdev_notifier);
1794 void ndisc_cleanup(void)
1796 #ifdef CONFIG_SYSCTL
1797 neigh_sysctl_unregister(&nd_tbl.parms);
1799 neigh_table_clear(&nd_tbl);
1800 unregister_pernet_subsys(&ndisc_net_ops);
projects / firefly-linux-kernel-4.4.55.git / blob