LXR linux/net/ipv6/ndisc.c

   1/*
   2 *      Neighbour Discovery for IPv6
   3 *      Linux INET6 implementation
   4 *
   5 *      Authors:
   6 *      Pedro Roque             <roque@di.fc.ul.pt>
   7 *      Mike Shaver             <shaver@ingenia.com>
   8 *
   9 *      This program is free software; you can redistribute it and/or
  10 *      modify it under the terms of the GNU General Public License
  11 *      as published by the Free Software Foundation; either version
  12 *      2 of the License, or (at your option) any later version.
  13 */
  14
  15/*
  16 *      Changes:
  17 *
  18 *      Pierre Ynard                    :       export userland ND options
  19 *                                              through netlink (RDNSS support)
  20 *      Lars Fenneberg                  :       fixed MTU setting on receipt
  21 *                                              of an RA.
  22 *      Janos Farkas                    :       kmalloc failure checks
  23 *      Alexey Kuznetsov                :       state machine reworked
  24 *                                              and moved to net/core.
  25 *      Pekka Savola                    :       RFC2461 validation
  26 *      YOSHIFUJI Hideaki @USAGI        :       Verify ND options properly
  27 */
  28
  29/* Set to 3 to get tracing... */
  30#define ND_DEBUG 1
  31
  32#define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
  33#define ND_NOPRINTK(x...) do { ; } while(0)
  34#define ND_PRINTK0 ND_PRINTK
  35#define ND_PRINTK1 ND_NOPRINTK
  36#define ND_PRINTK2 ND_NOPRINTK
  37#define ND_PRINTK3 ND_NOPRINTK
  38#if ND_DEBUG >= 1
  39#undef ND_PRINTK1
  40#define ND_PRINTK1 ND_PRINTK
  41#endif
  42#if ND_DEBUG >= 2
  43#undef ND_PRINTK2
  44#define ND_PRINTK2 ND_PRINTK
  45#endif
  46#if ND_DEBUG >= 3
  47#undef ND_PRINTK3
  48#define ND_PRINTK3 ND_PRINTK
  49#endif
  50
  51#include <linux/module.h>
  52#include <linux/errno.h>
  53#include <linux/types.h>
  54#include <linux/socket.h>
  55#include <linux/sockios.h>
  56#include <linux/sched.h>
  57#include <linux/net.h>
  58#include <linux/in6.h>
  59#include <linux/route.h>
  60#include <linux/init.h>
  61#include <linux/rcupdate.h>
  62#include <linux/slab.h>
  63#ifdef CONFIG_SYSCTL
  64#include <linux/sysctl.h>
  65#endif
  66
  67#include <linux/if_addr.h>
  68#include <linux/if_arp.h>
  69#include <linux/ipv6.h>
  70#include <linux/icmpv6.h>
  71#include <linux/jhash.h>
  72
  73#include <net/sock.h>
  74#include <net/snmp.h>
  75
  76#include <net/ipv6.h>
  77#include <net/protocol.h>
  78#include <net/ndisc.h>
  79#include <net/ip6_route.h>
  80#include <net/addrconf.h>
  81#include <net/icmp.h>
  82
  83#include <net/netlink.h>
  84#include <linux/rtnetlink.h>
  85
  86#include <net/flow.h>
  87#include <net/ip6_checksum.h>
  88#include <net/inet_common.h>
  89#include <linux/proc_fs.h>
  90
  91#include <linux/netfilter.h>
  92#include <linux/netfilter_ipv6.h>
  93
  94static u32 ndisc_hash(const void *pkey,
  95                      const struct net_device *dev,
  96                      __u32 rnd);
  97static int ndisc_constructor(struct neighbour *neigh);
  98static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
  99static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
 100static int pndisc_constructor(struct pneigh_entry *n);
 101static void pndisc_destructor(struct pneigh_entry *n);
 102static void pndisc_redo(struct sk_buff *skb);
 103
 104static const struct neigh_ops ndisc_generic_ops = {
 105        .family =               AF_INET6,
 106        .solicit =              ndisc_solicit,
 107        .error_report =         ndisc_error_report,
 108        .output =               neigh_resolve_output,
 109        .connected_output =     neigh_connected_output,
 110        .hh_output =            dev_queue_xmit,
 111        .queue_xmit =           dev_queue_xmit,
 112};
 113
 114static const struct neigh_ops ndisc_hh_ops = {
 115        .family =               AF_INET6,
 116        .solicit =              ndisc_solicit,
 117        .error_report =         ndisc_error_report,
 118        .output =               neigh_resolve_output,
 119        .connected_output =     neigh_resolve_output,
 120        .hh_output =            dev_queue_xmit,
 121        .queue_xmit =           dev_queue_xmit,
 122};
 123
 124
 125static const struct neigh_ops ndisc_direct_ops = {
 126        .family =               AF_INET6,
 127        .output =               dev_queue_xmit,
 128        .connected_output =     dev_queue_xmit,
 129        .hh_output =            dev_queue_xmit,
 130        .queue_xmit =           dev_queue_xmit,
 131};
 132
 133struct neigh_table nd_tbl = {
 134        .family =       AF_INET6,
 135        .entry_size =   sizeof(struct neighbour) + sizeof(struct in6_addr),
 136        .key_len =      sizeof(struct in6_addr),
 137        .hash =         ndisc_hash,
 138        .constructor =  ndisc_constructor,
 139        .pconstructor = pndisc_constructor,
 140        .pdestructor =  pndisc_destructor,
 141        .proxy_redo =   pndisc_redo,
 142        .id =           "ndisc_cache",
 143        .parms = {
 144                .tbl                    = &nd_tbl,
 145                .base_reachable_time    = ND_REACHABLE_TIME,
 146                .retrans_time           = ND_RETRANS_TIMER,
 147                .gc_staletime           = 60 * HZ,
 148                .reachable_time         = ND_REACHABLE_TIME,
 149                .delay_probe_time       = 5 * HZ,
 150                .queue_len              = 3,
 151                .ucast_probes           = 3,
 152                .mcast_probes           = 3,
 153                .anycast_delay          = 1 * HZ,
 154                .proxy_delay            = (8 * HZ) / 10,
 155                .proxy_qlen             = 64,
 156        },
 157        .gc_interval =    30 * HZ,
 158        .gc_thresh1 =    128,
 159        .gc_thresh2 =    512,
 160        .gc_thresh3 =   1024,
 161};
 162
 163/* ND options */
 164struct ndisc_options {
 165        struct nd_opt_hdr *nd_opt_array[__ND_OPT_ARRAY_MAX];
 166#ifdef CONFIG_IPV6_ROUTE_INFO
 167        struct nd_opt_hdr *nd_opts_ri;
 168        struct nd_opt_hdr *nd_opts_ri_end;
 169#endif
 170        struct nd_opt_hdr *nd_useropts;
 171        struct nd_opt_hdr *nd_useropts_end;
 172};
 173
 174#define nd_opts_src_lladdr      nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
 175#define nd_opts_tgt_lladdr      nd_opt_array[ND_OPT_TARGET_LL_ADDR]
 176#define nd_opts_pi              nd_opt_array[ND_OPT_PREFIX_INFO]
 177#define nd_opts_pi_end          nd_opt_array[__ND_OPT_PREFIX_INFO_END]
 178#define nd_opts_rh              nd_opt_array[ND_OPT_REDIRECT_HDR]
 179#define nd_opts_mtu             nd_opt_array[ND_OPT_MTU]
 180
 181#define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
 182
 183/*
 184 * Return the padding between the option length and the start of the
 185 * link addr.  Currently only IP-over-InfiniBand needs this, although
 186 * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
 187 * also need a pad of 2.
 188 */
 189static int ndisc_addr_option_pad(unsigned short type)
 190{
 191        switch (type) {
 192        case ARPHRD_INFINIBAND: return 2;
 193        default:                return 0;
 194        }
 195}
 196
 197static inline int ndisc_opt_addr_space(struct net_device *dev)
 198{
 199        return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
 200}
 201
 202static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
 203                                  unsigned short addr_type)
 204{
 205        int space = NDISC_OPT_SPACE(data_len);
 206        int pad   = ndisc_addr_option_pad(addr_type);
 207
 208        opt[0] = type;
 209        opt[1] = space>>3;
 210
 211        memset(opt + 2, 0, pad);
 212        opt   += pad;
 213        space -= pad;
 214
 215        memcpy(opt+2, data, data_len);
 216        data_len += 2;
 217        opt += data_len;
 218        if ((space -= data_len) > 0)
 219                memset(opt, 0, space);
 220        return opt + space;
 221}
 222
 223static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
 224                                            struct nd_opt_hdr *end)
 225{
 226        int type;
 227        if (!cur || !end || cur >= end)
 228                return NULL;
 229        type = cur->nd_opt_type;
 230        do {
 231                cur = ((void *)cur) + (cur->nd_opt_len << 3);
 232        } while(cur < end && cur->nd_opt_type != type);
 233        return cur <= end && cur->nd_opt_type == type ? cur : NULL;
 234}
 235
 236static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
 237{
 238        return opt->nd_opt_type == ND_OPT_RDNSS;
 239}
 240
 241static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
 242                                             struct nd_opt_hdr *end)
 243{
 244        if (!cur || !end || cur >= end)
 245                return NULL;
 246        do {
 247                cur = ((void *)cur) + (cur->nd_opt_len << 3);
 248        } while(cur < end && !ndisc_is_useropt(cur));
 249        return cur <= end && ndisc_is_useropt(cur) ? cur : NULL;
 250}
 251
 252static struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
 253                                                 struct ndisc_options *ndopts)
 254{
 255        struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
 256
 257        if (!nd_opt || opt_len < 0 || !ndopts)
 258                return NULL;
 259        memset(ndopts, 0, sizeof(*ndopts));
 260        while (opt_len) {
 261                int l;
 262                if (opt_len < sizeof(struct nd_opt_hdr))
 263                        return NULL;
 264                l = nd_opt->nd_opt_len << 3;
 265                if (opt_len < l || l == 0)
 266                        return NULL;
 267                switch (nd_opt->nd_opt_type) {
 268                case ND_OPT_SOURCE_LL_ADDR:
 269                case ND_OPT_TARGET_LL_ADDR:
 270                case ND_OPT_MTU:
 271                case ND_OPT_REDIRECT_HDR:
 272                        if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
 273                                ND_PRINTK2(KERN_WARNING
 274                                           "%s(): duplicated ND6 option found: type=%d\n",
 275                                           __func__,
 276                                           nd_opt->nd_opt_type);
 277                        } else {
 278                                ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
 279                        }
 280                        break;
 281                case ND_OPT_PREFIX_INFO:
 282                        ndopts->nd_opts_pi_end = nd_opt;
 283                        if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
 284                                ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
 285                        break;
 286#ifdef CONFIG_IPV6_ROUTE_INFO
 287                case ND_OPT_ROUTE_INFO:
 288                        ndopts->nd_opts_ri_end = nd_opt;
 289                        if (!ndopts->nd_opts_ri)
 290                                ndopts->nd_opts_ri = nd_opt;
 291                        break;
 292#endif
 293                default:
 294                        if (ndisc_is_useropt(nd_opt)) {
 295                                ndopts->nd_useropts_end = nd_opt;
 296                                if (!ndopts->nd_useropts)
 297                                        ndopts->nd_useropts = nd_opt;
 298                        } else {
 299                                /*
 300                                 * Unknown options must be silently ignored,
 301                                 * to accommodate future extension to the
 302                                 * protocol.
 303                                 */
 304                                ND_PRINTK2(KERN_NOTICE
 305                                           "%s(): ignored unsupported option; type=%d, len=%d\n",
 306                                           __func__,
 307                                           nd_opt->nd_opt_type, nd_opt->nd_opt_len);
 308                        }
 309                }
 310                opt_len -= l;
 311                nd_opt = ((void *)nd_opt) + l;
 312        }
 313        return ndopts;
 314}
 315
 316static inline u8 *ndisc_opt_addr_data(struct nd_opt_hdr *p,
 317                                      struct net_device *dev)
 318{
 319        u8 *lladdr = (u8 *)(p + 1);
 320        int lladdrlen = p->nd_opt_len << 3;
 321        int prepad = ndisc_addr_option_pad(dev->type);
 322        if (lladdrlen != NDISC_OPT_SPACE(dev->addr_len + prepad))
 323                return NULL;
 324        return lladdr + prepad;
 325}
 326
 327int ndisc_mc_map(const struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
 328{
 329        switch (dev->type) {
 330        case ARPHRD_ETHER:
 331        case ARPHRD_IEEE802:    /* Not sure. Check it later. --ANK */
 332        case ARPHRD_FDDI:
 333                ipv6_eth_mc_map(addr, buf);
 334                return 0;
 335        case ARPHRD_IEEE802_TR:
 336                ipv6_tr_mc_map(addr,buf);
 337                return 0;
 338        case ARPHRD_ARCNET:
 339                ipv6_arcnet_mc_map(addr, buf);
 340                return 0;
 341        case ARPHRD_INFINIBAND:
 342                ipv6_ib_mc_map(addr, dev->broadcast, buf);
 343                return 0;
 344        case ARPHRD_IPGRE:
 345                return ipv6_ipgre_mc_map(addr, dev->broadcast, buf);
 346        default:
 347                if (dir) {
 348                        memcpy(buf, dev->broadcast, dev->addr_len);
 349                        return 0;
 350                }
 351        }
 352        return -EINVAL;
 353}
 354
 355EXPORT_SYMBOL(ndisc_mc_map);
 356
 357static u32 ndisc_hash(const void *pkey,
 358                      const struct net_device *dev,
 359                      __u32 hash_rnd)
 360{
 361        const u32 *p32 = pkey;
 362        u32 addr_hash, i;
 363
 364        addr_hash = 0;
 365        for (i = 0; i < (sizeof(struct in6_addr) / sizeof(u32)); i++)
 366                addr_hash ^= *p32++;
 367
 368        return jhash_2words(addr_hash, dev->ifindex, hash_rnd);
 369}
 370
 371static int ndisc_constructor(struct neighbour *neigh)
 372{
 373        struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
 374        struct net_device *dev = neigh->dev;
 375        struct inet6_dev *in6_dev;
 376        struct neigh_parms *parms;
 377        int is_multicast = ipv6_addr_is_multicast(addr);
 378
 379        rcu_read_lock();
 380        in6_dev = in6_dev_get(dev);
 381        if (in6_dev == NULL) {
 382                rcu_read_unlock();
 383                return -EINVAL;
 384        }
 385
 386        parms = in6_dev->nd_parms;
 387        __neigh_parms_put(neigh->parms);
 388        neigh->parms = neigh_parms_clone(parms);
 389        rcu_read_unlock();
 390
 391        neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
 392        if (!dev->header_ops) {
 393                neigh->nud_state = NUD_NOARP;
 394                neigh->ops = &ndisc_direct_ops;
 395                neigh->output = neigh->ops->queue_xmit;
 396        } else {
 397                if (is_multicast) {
 398                        neigh->nud_state = NUD_NOARP;
 399                        ndisc_mc_map(addr, neigh->ha, dev, 1);
 400                } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
 401                        neigh->nud_state = NUD_NOARP;
 402                        memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
 403                        if (dev->flags&IFF_LOOPBACK)
 404                                neigh->type = RTN_LOCAL;
 405                } else if (dev->flags&IFF_POINTOPOINT) {
 406                        neigh->nud_state = NUD_NOARP;
 407                        memcpy(neigh->ha, dev->broadcast, dev->addr_len);
 408                }
 409                if (dev->header_ops->cache)
 410                        neigh->ops = &ndisc_hh_ops;
 411                else
 412                        neigh->ops = &ndisc_generic_ops;
 413                if (neigh->nud_state&NUD_VALID)
 414                        neigh->output = neigh->ops->connected_output;
 415                else
 416                        neigh->output = neigh->ops->output;
 417        }
 418        in6_dev_put(in6_dev);
 419        return 0;
 420}
 421
 422static int pndisc_constructor(struct pneigh_entry *n)
 423{
 424        struct in6_addr *addr = (struct in6_addr*)&n->key;
 425        struct in6_addr maddr;
 426        struct net_device *dev = n->dev;
 427
 428        if (dev == NULL || __in6_dev_get(dev) == NULL)
 429                return -EINVAL;
 430        addrconf_addr_solict_mult(addr, &maddr);
 431        ipv6_dev_mc_inc(dev, &maddr);
 432        return 0;
 433}
 434
 435static void pndisc_destructor(struct pneigh_entry *n)
 436{
 437        struct in6_addr *addr = (struct in6_addr*)&n->key;
 438        struct in6_addr maddr;
 439        struct net_device *dev = n->dev;
 440
 441        if (dev == NULL || __in6_dev_get(dev) == NULL)
 442                return;
 443        addrconf_addr_solict_mult(addr, &maddr);
 444        ipv6_dev_mc_dec(dev, &maddr);
 445}
 446
 447struct sk_buff *ndisc_build_skb(struct net_device *dev,
 448                                const struct in6_addr *daddr,
 449                                const struct in6_addr *saddr,
 450                                struct icmp6hdr *icmp6h,
 451                                const struct in6_addr *target,
 452                                int llinfo)
 453{
 454        struct net *net = dev_net(dev);
 455        struct sock *sk = net->ipv6.ndisc_sk;
 456        struct sk_buff *skb;
 457        struct icmp6hdr *hdr;
 458        int len;
 459        int err;
 460        u8 *opt;
 461
 462        if (!dev->addr_len)
 463                llinfo = 0;
 464
 465        len = sizeof(struct icmp6hdr) + (target ? sizeof(*target) : 0);
 466        if (llinfo)
 467                len += ndisc_opt_addr_space(dev);
 468
 469        skb = sock_alloc_send_skb(sk,
 470                                  (MAX_HEADER + sizeof(struct ipv6hdr) +
 471                                   len + LL_ALLOCATED_SPACE(dev)),
 472                                  1, &err);
 473        if (!skb) {
 474                ND_PRINTK0(KERN_ERR
 475                           "ICMPv6 ND: %s() failed to allocate an skb, err=%d.\n",
 476                           __func__, err);
 477                return NULL;
 478        }
 479
 480        skb_reserve(skb, LL_RESERVED_SPACE(dev));
 481        ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
 482
 483        skb->transport_header = skb->tail;
 484        skb_put(skb, len);
 485
 486        hdr = (struct icmp6hdr *)skb_transport_header(skb);
 487        memcpy(hdr, icmp6h, sizeof(*hdr));
 488
 489        opt = skb_transport_header(skb) + sizeof(struct icmp6hdr);
 490        if (target) {
 491                ipv6_addr_copy((struct in6_addr *)opt, target);
 492                opt += sizeof(*target);
 493        }
 494
 495        if (llinfo)
 496                ndisc_fill_addr_option(opt, llinfo, dev->dev_addr,
 497                                       dev->addr_len, dev->type);
 498
 499        hdr->icmp6_cksum = csum_ipv6_magic(saddr, daddr, len,
 500                                           IPPROTO_ICMPV6,
 501                                           csum_partial(hdr,
 502                                                        len, 0));
 503
 504        return skb;
 505}
 506
 507EXPORT_SYMBOL(ndisc_build_skb);
 508
 509void ndisc_send_skb(struct sk_buff *skb,
 510                    struct net_device *dev,
 511                    struct neighbour *neigh,
 512                    const struct in6_addr *daddr,
 513                    const struct in6_addr *saddr,
 514                    struct icmp6hdr *icmp6h)
 515{
 516        struct flowi6 fl6;
 517        struct dst_entry *dst;
 518        struct net *net = dev_net(dev);
 519        struct sock *sk = net->ipv6.ndisc_sk;
 520        struct inet6_dev *idev;
 521        int err;
 522        u8 type;
 523
 524        type = icmp6h->icmp6_type;
 525
 526        icmpv6_flow_init(sk, &fl6, type, saddr, daddr, dev->ifindex);
 527
 528        dst = icmp6_dst_alloc(dev, neigh, daddr);
 529        if (!dst) {
 530                kfree_skb(skb);
 531                return;
 532        }
 533
 534        dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
 535        if (IS_ERR(dst)) {
 536                kfree_skb(skb);
 537                return;
 538        }
 539
 540        skb_dst_set(skb, dst);
 541
 542        idev = in6_dev_get(dst->dev);
 543        IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
 544
 545        err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
 546                      dst_output);
 547        if (!err) {
 548                ICMP6MSGOUT_INC_STATS(net, idev, type);
 549                ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
 550        }
 551
 552        if (likely(idev != NULL))
 553                in6_dev_put(idev);
 554}
 555
 556EXPORT_SYMBOL(ndisc_send_skb);
 557
 558/*
 559 *      Send a Neighbour Discover packet
 560 */
 561static void __ndisc_send(struct net_device *dev,
 562                         struct neighbour *neigh,
 563                         const struct in6_addr *daddr,
 564                         const struct in6_addr *saddr,
 565                         struct icmp6hdr *icmp6h, const struct in6_addr *target,
 566                         int llinfo)
 567{
 568        struct sk_buff *skb;
 569
 570        skb = ndisc_build_skb(dev, daddr, saddr, icmp6h, target, llinfo);
 571        if (!skb)
 572                return;
 573
 574        ndisc_send_skb(skb, dev, neigh, daddr, saddr, icmp6h);
 575}
 576
 577static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
 578                          const struct in6_addr *daddr,
 579                          const struct in6_addr *solicited_addr,
 580                          int router, int solicited, int override, int inc_opt)
 581{
 582        struct in6_addr tmpaddr;
 583        struct inet6_ifaddr *ifp;
 584        const struct in6_addr *src_addr;
 585        struct icmp6hdr icmp6h = {
 586                .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
 587        };
 588
 589        /* for anycast or proxy, solicited_addr != src_addr */
 590        ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
 591        if (ifp) {
 592                src_addr = solicited_addr;
 593                if (ifp->flags & IFA_F_OPTIMISTIC)
 594                        override = 0;
 595                inc_opt |= ifp->idev->cnf.force_tllao;
 596                in6_ifa_put(ifp);
 597        } else {
 598                if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
 599                                       inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
 600                                       &tmpaddr))
 601                        return;
 602                src_addr = &tmpaddr;
 603        }
 604
 605        icmp6h.icmp6_router = router;
 606        icmp6h.icmp6_solicited = solicited;
 607        icmp6h.icmp6_override = override;
 608
 609        __ndisc_send(dev, neigh, daddr, src_addr,
 610                     &icmp6h, solicited_addr,
 611                     inc_opt ? ND_OPT_TARGET_LL_ADDR : 0);
 612}
 613
 614static void ndisc_send_unsol_na(struct net_device *dev)
 615{
 616        struct inet6_dev *idev;
 617        struct inet6_ifaddr *ifa;
 618        struct in6_addr mcaddr;
 619
 620        idev = in6_dev_get(dev);
 621        if (!idev)
 622                return;
 623
 624        read_lock_bh(&idev->lock);
 625        list_for_each_entry(ifa, &idev->addr_list, if_list) {
 626                addrconf_addr_solict_mult(&ifa->addr, &mcaddr);
 627                ndisc_send_na(dev, NULL, &mcaddr, &ifa->addr,
 628                              /*router=*/ !!idev->cnf.forwarding,
 629                              /*solicited=*/ false, /*override=*/ true,
 630                              /*inc_opt=*/ true);
 631        }
 632        read_unlock_bh(&idev->lock);
 633
 634        in6_dev_put(idev);
 635}
 636
 637void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
 638                   const struct in6_addr *solicit,
 639                   const struct in6_addr *daddr, const struct in6_addr *saddr)
 640{
 641        struct in6_addr addr_buf;
 642        struct icmp6hdr icmp6h = {
 643                .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
 644        };
 645
 646        if (saddr == NULL) {
 647                if (ipv6_get_lladdr(dev, &addr_buf,
 648                                   (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
 649                        return;
 650                saddr = &addr_buf;
 651        }
 652
 653        __ndisc_send(dev, neigh, daddr, saddr,
 654                     &icmp6h, solicit,
 655                     !ipv6_addr_any(saddr) ? ND_OPT_SOURCE_LL_ADDR : 0);
 656}
 657
 658void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
 659                   const struct in6_addr *daddr)
 660{
 661        struct icmp6hdr icmp6h = {
 662                .icmp6_type = NDISC_ROUTER_SOLICITATION,
 663        };
 664        int send_sllao = dev->addr_len;
 665
 666#ifdef CONFIG_IPV6_OPTIMISTIC_DAD
 667        /*
 668         * According to section 2.2 of RFC 4429, we must not
 669         * send router solicitations with a sllao from
 670         * optimistic addresses, but we may send the solicitation
 671         * if we don't include the sllao.  So here we check
 672         * if our address is optimistic, and if so, we
 673         * suppress the inclusion of the sllao.
 674         */
 675        if (send_sllao) {
 676                struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
 677                                                           dev, 1);
 678                if (ifp) {
 679                        if (ifp->flags & IFA_F_OPTIMISTIC)  {
 680                                send_sllao = 0;
 681                        }
 682                        in6_ifa_put(ifp);
 683                } else {
 684                        send_sllao = 0;
 685                }
 686        }
 687#endif
 688        __ndisc_send(dev, NULL, daddr, saddr,
 689                     &icmp6h, NULL,
 690                     send_sllao ? ND_OPT_SOURCE_LL_ADDR : 0);
 691}
 692
 693
 694static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
 695{
 696        /*
 697         *      "The sender MUST return an ICMP
 698         *       destination unreachable"
 699         */
 700        dst_link_failure(skb);
 701        kfree_skb(skb);
 702}
 703
 704/* Called with locked neigh: either read or both */
 705
 706static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
 707{
 708        struct in6_addr *saddr = NULL;
 709        struct in6_addr mcaddr;
 710        struct net_device *dev = neigh->dev;
 711        struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
 712        int probes = atomic_read(&neigh->probes);
 713
 714        if (skb && ipv6_chk_addr(dev_net(dev), &ipv6_hdr(skb)->saddr, dev, 1))
 715                saddr = &ipv6_hdr(skb)->saddr;
 716
 717        if ((probes -= neigh->parms->ucast_probes) < 0) {
 718                if (!(neigh->nud_state & NUD_VALID)) {
 719                        ND_PRINTK1(KERN_DEBUG "%s(): trying to ucast probe in NUD_INVALID: %pI6\n",
 720                                   __func__, target);
 721                }
 722                ndisc_send_ns(dev, neigh, target, target, saddr);
 723        } else if ((probes -= neigh->parms->app_probes) < 0) {
 724#ifdef CONFIG_ARPD
 725                neigh_app_ns(neigh);
 726#endif
 727        } else {
 728                addrconf_addr_solict_mult(target, &mcaddr);
 729                ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
 730        }
 731}
 732
 733static int pndisc_is_router(const void *pkey,
 734                            struct net_device *dev)
 735{
 736        struct pneigh_entry *n;
 737        int ret = -1;
 738
 739        read_lock_bh(&nd_tbl.lock);
 740        n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
 741        if (n)
 742                ret = !!(n->flags & NTF_ROUTER);
 743        read_unlock_bh(&nd_tbl.lock);
 744
 745        return ret;
 746}
 747
 748static void ndisc_recv_ns(struct sk_buff *skb)
 749{
 750        struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
 751        const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
 752        const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
 753        u8 *lladdr = NULL;
 754        u32 ndoptlen = skb->tail - (skb->transport_header +
 755                                    offsetof(struct nd_msg, opt));
 756        struct ndisc_options ndopts;
 757        struct net_device *dev = skb->dev;
 758        struct inet6_ifaddr *ifp;
 759        struct inet6_dev *idev = NULL;
 760        struct neighbour *neigh;
 761        int dad = ipv6_addr_any(saddr);
 762        int inc;
 763        int is_router = -1;
 764
 765        if (ipv6_addr_is_multicast(&msg->target)) {
 766                ND_PRINTK2(KERN_WARNING
 767                           "ICMPv6 NS: multicast target address");
 768                return;
 769        }
 770
 771        /*
 772         * RFC2461 7.1.1:
 773         * DAD has to be destined for solicited node multicast address.
 774         */
 775        if (dad &&
 776            !(daddr->s6_addr32[0] == htonl(0xff020000) &&
 777              daddr->s6_addr32[1] == htonl(0x00000000) &&
 778              daddr->s6_addr32[2] == htonl(0x00000001) &&
 779              daddr->s6_addr [12] == 0xff )) {
 780                ND_PRINTK2(KERN_WARNING
 781                           "ICMPv6 NS: bad DAD packet (wrong destination)\n");
 782                return;
 783        }
 784
 785        if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
 786                ND_PRINTK2(KERN_WARNING
 787                           "ICMPv6 NS: invalid ND options\n");
 788                return;
 789        }
 790
 791        if (ndopts.nd_opts_src_lladdr) {
 792                lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
 793                if (!lladdr) {
 794                        ND_PRINTK2(KERN_WARNING
 795                                   "ICMPv6 NS: invalid link-layer address length\n");
 796                        return;
 797                }
 798
 799                /* RFC2461 7.1.1:
 800                 *      If the IP source address is the unspecified address,
 801                 *      there MUST NOT be source link-layer address option
 802                 *      in the message.
 803                 */
 804                if (dad) {
 805                        ND_PRINTK2(KERN_WARNING
 806                                   "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
 807                        return;
 808                }
 809        }
 810
 811        inc = ipv6_addr_is_multicast(daddr);
 812
 813        ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
 814        if (ifp) {
 815
 816                if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
 817                        if (dad) {
 818                                if (dev->type == ARPHRD_IEEE802_TR) {
 819                                        const unsigned char *sadr;
 820                                        sadr = skb_mac_header(skb);
 821                                        if (((sadr[8] ^ dev->dev_addr[0]) & 0x7f) == 0 &&
 822                                            sadr[9] == dev->dev_addr[1] &&
 823                                            sadr[10] == dev->dev_addr[2] &&
 824                                            sadr[11] == dev->dev_addr[3] &&
 825                                            sadr[12] == dev->dev_addr[4] &&
 826                                            sadr[13] == dev->dev_addr[5]) {
 827                                                /* looped-back to us */
 828                                                goto out;
 829                                        }
 830                                }
 831
 832                                /*
 833                                 * We are colliding with another node
 834                                 * who is doing DAD
 835                                 * so fail our DAD process
 836                                 */
 837                                addrconf_dad_failure(ifp);
 838                                return;
 839                        } else {
 840                                /*
 841                                 * This is not a dad solicitation.
 842                                 * If we are an optimistic node,
 843                                 * we should respond.
 844                                 * Otherwise, we should ignore it.
 845                                 */
 846                                if (!(ifp->flags & IFA_F_OPTIMISTIC))
 847                                        goto out;
 848                        }
 849                }
 850
 851                idev = ifp->idev;
 852        } else {
 853                struct net *net = dev_net(dev);
 854
 855                idev = in6_dev_get(dev);
 856                if (!idev) {
 857                        /* XXX: count this drop? */
 858                        return;
 859                }
 860
 861                if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
 862                    (idev->cnf.forwarding &&
 863                     (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
 864                     (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
 865                        if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
 866                            skb->pkt_type != PACKET_HOST &&
 867                            inc != 0 &&
 868                            idev->nd_parms->proxy_delay != 0) {
 869                                /*
 870                                 * for anycast or proxy,
 871                                 * sender should delay its response
 872                                 * by a random time between 0 and
 873                                 * MAX_ANYCAST_DELAY_TIME seconds.
 874                                 * (RFC2461) -- yoshfuji
 875                                 */
 876                                struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
 877                                if (n)
 878                                        pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
 879                                goto out;
 880                        }
 881                } else
 882                        goto out;
 883        }
 884
 885        if (is_router < 0)
 886                is_router = !!idev->cnf.forwarding;
 887
 888        if (dad) {
 889                ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
 890                              is_router, 0, (ifp != NULL), 1);
 891                goto out;
 892        }
 893
 894        if (inc)
 895                NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
 896        else
 897                NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
 898
 899        /*
 900         *      update / create cache entry
 901         *      for the source address
 902         */
 903        neigh = __neigh_lookup(&nd_tbl, saddr, dev,
 904                               !inc || lladdr || !dev->addr_len);
 905        if (neigh)
 906                neigh_update(neigh, lladdr, NUD_STALE,
 907                             NEIGH_UPDATE_F_WEAK_OVERRIDE|
 908                             NEIGH_UPDATE_F_OVERRIDE);
 909        if (neigh || !dev->header_ops) {
 910                ndisc_send_na(dev, neigh, saddr, &msg->target,
 911                              is_router,
 912                              1, (ifp != NULL && inc), inc);
 913                if (neigh)
 914                        neigh_release(neigh);
 915        }
 916
 917out:
 918        if (ifp)
 919                in6_ifa_put(ifp);
 920        else
 921                in6_dev_put(idev);
 922}
 923
 924static void ndisc_recv_na(struct sk_buff *skb)
 925{
 926        struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
 927        const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
 928        const struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
 929        u8 *lladdr = NULL;
 930        u32 ndoptlen = skb->tail - (skb->transport_header +
 931                                    offsetof(struct nd_msg, opt));
 932        struct ndisc_options ndopts;
 933        struct net_device *dev = skb->dev;
 934        struct inet6_ifaddr *ifp;
 935        struct neighbour *neigh;
 936
 937        if (skb->len < sizeof(struct nd_msg)) {
 938                ND_PRINTK2(KERN_WARNING
 939                           "ICMPv6 NA: packet too short\n");
 940                return;
 941        }
 942
 943        if (ipv6_addr_is_multicast(&msg->target)) {
 944                ND_PRINTK2(KERN_WARNING
 945                           "ICMPv6 NA: target address is multicast.\n");
 946                return;
 947        }
 948
 949        if (ipv6_addr_is_multicast(daddr) &&
 950            msg->icmph.icmp6_solicited) {
 951                ND_PRINTK2(KERN_WARNING
 952                           "ICMPv6 NA: solicited NA is multicasted.\n");
 953                return;
 954        }
 955
 956        if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
 957                ND_PRINTK2(KERN_WARNING
 958                           "ICMPv6 NS: invalid ND option\n");
 959                return;
 960        }
 961        if (ndopts.nd_opts_tgt_lladdr) {
 962                lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
 963                if (!lladdr) {
 964                        ND_PRINTK2(KERN_WARNING
 965                                   "ICMPv6 NA: invalid link-layer address length\n");
 966                        return;
 967                }
 968        }
 969        ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
 970        if (ifp) {
 971                if (skb->pkt_type != PACKET_LOOPBACK
 972                    && (ifp->flags & IFA_F_TENTATIVE)) {
 973                                addrconf_dad_failure(ifp);
 974                                return;
 975                }
 976                /* What should we make now? The advertisement
 977                   is invalid, but ndisc specs say nothing
 978                   about it. It could be misconfiguration, or
 979                   an smart proxy agent tries to help us :-)
 980
 981                   We should not print the error if NA has been
 982                   received from loopback - it is just our own
 983                   unsolicited advertisement.
 984                 */
 985                if (skb->pkt_type != PACKET_LOOPBACK)
 986                        ND_PRINTK1(KERN_WARNING
 987                           "ICMPv6 NA: someone advertises our address %pI6 on %s!\n",
 988                           &ifp->addr, ifp->idev->dev->name);
 989                in6_ifa_put(ifp);
 990                return;
 991        }
 992        neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
 993
 994        if (neigh) {
 995                u8 old_flags = neigh->flags;
 996                struct net *net = dev_net(dev);
 997
 998                if (neigh->nud_state & NUD_FAILED)
 999                        goto out;
1000

1001                /*
1002                 * Don't update the neighbor cache entry on a proxy NA from
1003                 * ourselves because either the proxied node is off link or it
1004                 * has already sent a NA to us.
1005                 */
1006                if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
1007                    net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
1008                    pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
1009                        /* XXX: idev->cnf.prixy_ndp */
1010                        goto out;
1011                }
1012
1013                neigh_update(neigh, lladdr,
1014                             msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
1015                             NEIGH_UPDATE_F_WEAK_OVERRIDE|
1016                             (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
1017                             NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1018                             (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
1019
1020                if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
1021                        /*
1022                         * Change: router to host
1023                         */
1024                        struct rt6_info *rt;
1025                        rt = rt6_get_dflt_router(saddr, dev);
1026                        if (rt)
1027                                ip6_del_rt(rt);
1028                }
1029
1030out:
1031                neigh_release(neigh);
1032        }
1033}
1034
1035static void ndisc_recv_rs(struct sk_buff *skb)
1036{
1037        struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1038        unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1039        struct neighbour *neigh;
1040        struct inet6_dev *idev;
1041        const struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1042        struct ndisc_options ndopts;
1043        u8 *lladdr = NULL;
1044
1045        if (skb->len < sizeof(*rs_msg))
1046                return;
1047
1048        idev = in6_dev_get(skb->dev);
1049        if (!idev) {
1050                if (net_ratelimit())
1051                        ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
1052                return;
1053        }
1054
1055        /* Don't accept RS if we're not in router mode */
1056        if (!idev->cnf.forwarding)
1057                goto out;
1058
1059        /*
1060         * Don't update NCE if src = ::;
1061         * this implies that the source node has no ip address assigned yet.
1062         */
1063        if (ipv6_addr_any(saddr))
1064                goto out;
1065
1066        /* Parse ND options */
1067        if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
1068                if (net_ratelimit())
1069                        ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
1070                goto out;
1071        }
1072
1073        if (ndopts.nd_opts_src_lladdr) {
1074                lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1075                                             skb->dev);
1076                if (!lladdr)
1077                        goto out;
1078        }
1079
1080        neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1081        if (neigh) {
1082                neigh_update(neigh, lladdr, NUD_STALE,
1083                             NEIGH_UPDATE_F_WEAK_OVERRIDE|
1084                             NEIGH_UPDATE_F_OVERRIDE|
1085                             NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1086                neigh_release(neigh);
1087        }
1088out:
1089        in6_dev_put(idev);
1090}
1091
1092static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1093{
1094        struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1095        struct sk_buff *skb;
1096        struct nlmsghdr *nlh;
1097        struct nduseroptmsg *ndmsg;
1098        struct net *net = dev_net(ra->dev);
1099        int err;
1100        int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1101                                    + (opt->nd_opt_len << 3));
1102        size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1103
1104        skb = nlmsg_new(msg_size, GFP_ATOMIC);
1105        if (skb == NULL) {
1106                err = -ENOBUFS;
1107                goto errout;
1108        }
1109
1110        nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1111        if (nlh == NULL) {
1112                goto nla_put_failure;
1113        }
1114
1115        ndmsg = nlmsg_data(nlh);
1116        ndmsg->nduseropt_family = AF_INET6;
1117        ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1118        ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1119        ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1120        ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1121
1122        memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1123
1124        NLA_PUT(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1125                &ipv6_hdr(ra)->saddr);
1126        nlmsg_end(skb, nlh);
1127
1128        rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1129        return;
1130
1131nla_put_failure:
1132        nlmsg_free(skb);
1133        err = -EMSGSIZE;
1134errout:
1135        rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1136}
1137
1138static inline int accept_ra(struct inet6_dev *in6_dev)
1139{
1140        /*
1141         * If forwarding is enabled, RA are not accepted unless the special
1142         * hybrid mode (accept_ra=2) is enabled.
1143         */
1144        if (in6_dev->cnf.forwarding && in6_dev->cnf.accept_ra < 2)
1145                return 0;
1146
1147        return in6_dev->cnf.accept_ra;
1148}
1149
1150static void ndisc_router_discovery(struct sk_buff *skb)
1151{
1152        struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1153        struct neighbour *neigh = NULL;
1154        struct inet6_dev *in6_dev;
1155        struct rt6_info *rt = NULL;
1156        int lifetime;
1157        struct ndisc_options ndopts;
1158        int optlen;
1159        unsigned int pref = 0;
1160
1161        __u8 * opt = (__u8 *)(ra_msg + 1);
1162
1163        optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg);
1164
1165        if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1166                ND_PRINTK2(KERN_WARNING
1167                           "ICMPv6 RA: source address is not link-local.\n");
1168                return;
1169        }
1170        if (optlen < 0) {
1171                ND_PRINTK2(KERN_WARNING
1172                           "ICMPv6 RA: packet too short\n");
1173                return;
1174        }
1175
1176#ifdef CONFIG_IPV6_NDISC_NODETYPE
1177        if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1178                ND_PRINTK2(KERN_WARNING
1179                           "ICMPv6 RA: from host or unauthorized router\n");
1180                return;
1181        }
1182#endif
1183
1184        /*
1185         *      set the RA_RECV flag in the interface
1186         */
1187
1188        in6_dev = in6_dev_get(skb->dev);
1189        if (in6_dev == NULL) {
1190                ND_PRINTK0(KERN_ERR
1191                           "ICMPv6 RA: can't find inet6 device for %s.\n",
1192                           skb->dev->name);
1193                return;
1194        }
1195
1196        if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1197                in6_dev_put(in6_dev);
1198                ND_PRINTK2(KERN_WARNING
1199                           "ICMP6 RA: invalid ND options\n");
1200                return;
1201        }
1202
1203        if (!accept_ra(in6_dev))
1204                goto skip_linkparms;
1205
1206#ifdef CONFIG_IPV6_NDISC_NODETYPE
1207        /* skip link-specific parameters from interior routers */
1208        if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1209                goto skip_linkparms;
1210#endif
1211
1212        if (in6_dev->if_flags & IF_RS_SENT) {
1213                /*
1214                 *      flag that an RA was received after an RS was sent
1215                 *      out on this interface.
1216                 */
1217                in6_dev->if_flags |= IF_RA_RCVD;
1218        }
1219
1220        /*
1221         * Remember the managed/otherconf flags from most recently
1222         * received RA message (RFC 2462) -- yoshfuji
1223         */
1224        in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1225                                IF_RA_OTHERCONF)) |
1226                                (ra_msg->icmph.icmp6_addrconf_managed ?
1227                                        IF_RA_MANAGED : 0) |
1228                                (ra_msg->icmph.icmp6_addrconf_other ?
1229                                        IF_RA_OTHERCONF : 0);
1230
1231        if (!in6_dev->cnf.accept_ra_defrtr)
1232                goto skip_defrtr;
1233
1234        lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1235
1236#ifdef CONFIG_IPV6_ROUTER_PREF
1237        pref = ra_msg->icmph.icmp6_router_pref;
1238        /* 10b is handled as if it were 00b (medium) */
1239        if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1240            !in6_dev->cnf.accept_ra_rtr_pref)
1241                pref = ICMPV6_ROUTER_PREF_MEDIUM;
1242#endif
1243
1244        rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1245
1246        if (rt)
1247                neigh = rt->rt6i_nexthop;
1248
1249        if (rt && lifetime == 0) {
1250                neigh_clone(neigh);
1251                ip6_del_rt(rt);
1252                rt = NULL;
1253        }
1254
1255        if (rt == NULL && lifetime) {
1256                ND_PRINTK3(KERN_DEBUG
1257                           "ICMPv6 RA: adding default router.\n");
1258
1259                rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1260                if (rt == NULL) {
1261                        ND_PRINTK0(KERN_ERR
1262                                   "ICMPv6 RA: %s() failed to add default route.\n",
1263                                   __func__);
1264                        in6_dev_put(in6_dev);
1265                        return;
1266                }
1267
1268                neigh = rt->rt6i_nexthop;
1269                if (neigh == NULL) {
1270                        ND_PRINTK0(KERN_ERR
1271                                   "ICMPv6 RA: %s() got default router without neighbour.\n",
1272                                   __func__);
1273                        dst_release(&rt->dst);
1274                        in6_dev_put(in6_dev);
1275                        return;
1276                }
1277                neigh->flags |= NTF_ROUTER;
1278        } else if (rt) {
1279                rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1280        }
1281
1282        if (rt)
1283                rt->rt6i_expires = jiffies + (HZ * lifetime);
1284
1285        if (ra_msg->icmph.icmp6_hop_limit) {
1286                in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1287                if (rt)
1288                        dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
1289                                       ra_msg->icmph.icmp6_hop_limit);
1290        }
1291
1292skip_defrtr:
1293
1294        /*
1295         *      Update Reachable Time and Retrans Timer
1296         */
1297
1298        if (in6_dev->nd_parms) {
1299                unsigned long rtime = ntohl(ra_msg->retrans_timer);
1300
1301                if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1302                        rtime = (rtime*HZ)/1000;
1303                        if (rtime < HZ/10)
1304                                rtime = HZ/10;
1305                        in6_dev->nd_parms->retrans_time = rtime;
1306                        in6_dev->tstamp = jiffies;
1307                        inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1308                }
1309
1310                rtime = ntohl(ra_msg->reachable_time);
1311                if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1312                        rtime = (rtime*HZ)/1000;
1313
1314                        if (rtime < HZ/10)
1315                                rtime = HZ/10;
1316
1317                        if (rtime != in6_dev->nd_parms->base_reachable_time) {
1318                                in6_dev->nd_parms->base_reachable_time = rtime;
1319                                in6_dev->nd_parms->gc_staletime = 3 * rtime;
1320                                in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1321                                in6_dev->tstamp = jiffies;
1322                                inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1323                        }
1324                }
1325        }
1326
1327skip_linkparms:
1328
1329        /*
1330         *      Process options.
1331         */
1332
1333        if (!neigh)
1334                neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1335                                       skb->dev, 1);
1336        if (neigh) {
1337                u8 *lladdr = NULL;
1338                if (ndopts.nd_opts_src_lladdr) {
1339                        lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1340                                                     skb->dev);
1341                        if (!lladdr) {
1342                                ND_PRINTK2(KERN_WARNING
1343                                           "ICMPv6 RA: invalid link-layer address length\n");
1344                                goto out;
1345                        }
1346                }
1347                neigh_update(neigh, lladdr, NUD_STALE,
1348                             NEIGH_UPDATE_F_WEAK_OVERRIDE|
1349                             NEIGH_UPDATE_F_OVERRIDE|
1350                             NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1351                             NEIGH_UPDATE_F_ISROUTER);
1352        }
1353
1354        if (!accept_ra(in6_dev))
1355                goto out;
1356
1357#ifdef CONFIG_IPV6_ROUTE_INFO
1358        if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1359                struct nd_opt_hdr *p;
1360                for (p = ndopts.nd_opts_ri;
1361                     p;
1362                     p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1363                        struct route_info *ri = (struct route_info *)p;
1364#ifdef CONFIG_IPV6_NDISC_NODETYPE
1365                        if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1366                            ri->prefix_len == 0)
1367                                continue;
1368#endif
1369                        if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1370                                continue;
1371                        rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1372                                      &ipv6_hdr(skb)->saddr);
1373                }
1374        }
1375#endif
1376
1377#ifdef CONFIG_IPV6_NDISC_NODETYPE
1378        /* skip link-specific ndopts from interior routers */
1379        if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1380                goto out;
1381#endif
1382
1383        if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1384                struct nd_opt_hdr *p;
1385                for (p = ndopts.nd_opts_pi;
1386                     p;
1387                     p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1388                        addrconf_prefix_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3);
1389                }
1390        }
1391
1392        if (ndopts.nd_opts_mtu) {
1393                __be32 n;
1394                u32 mtu;
1395
1396                memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1397                mtu = ntohl(n);
1398
1399                if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1400                        ND_PRINTK2(KERN_WARNING
1401                                   "ICMPv6 RA: invalid mtu: %d\n",
1402                                   mtu);
1403                } else if (in6_dev->cnf.mtu6 != mtu) {
1404                        in6_dev->cnf.mtu6 = mtu;
1405
1406                        if (rt)
1407                                dst_metric_set(&rt->dst, RTAX_MTU, mtu);
1408
1409                        rt6_mtu_change(skb->dev, mtu);
1410                }
1411        }
1412
1413        if (ndopts.nd_useropts) {
1414                struct nd_opt_hdr *p;
1415                for (p = ndopts.nd_useropts;
1416                     p;
1417                     p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1418                        ndisc_ra_useropt(skb, p);
1419                }
1420        }
1421
1422        if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1423                ND_PRINTK2(KERN_WARNING
1424                           "ICMPv6 RA: invalid RA options");
1425        }
1426out:
1427        if (rt)
1428                dst_release(&rt->dst);
1429        else if (neigh)
1430                neigh_release(neigh);
1431        in6_dev_put(in6_dev);
1432}
1433
1434static void ndisc_redirect_rcv(struct sk_buff *skb)
1435{
1436        struct inet6_dev *in6_dev;
1437        struct icmp6hdr *icmph;
1438        const struct in6_addr *dest;
1439        const struct in6_addr *target;  /* new first hop to destination */
1440        struct neighbour *neigh;
1441        int on_link = 0;
1442        struct ndisc_options ndopts;
1443        int optlen;
1444        u8 *lladdr = NULL;
1445
1446#ifdef CONFIG_IPV6_NDISC_NODETYPE
1447        switch (skb->ndisc_nodetype) {
1448        case NDISC_NODETYPE_HOST:
1449        case NDISC_NODETYPE_NODEFAULT:
1450                ND_PRINTK2(KERN_WARNING
1451                           "ICMPv6 Redirect: from host or unauthorized router\n");
1452                return;
1453        }
1454#endif
1455
1456        if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1457                ND_PRINTK2(KERN_WARNING
1458                           "ICMPv6 Redirect: source address is not link-local.\n");
1459                return;
1460        }
1461
1462        optlen = skb->tail - skb->transport_header;
1463        optlen -= sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1464
1465        if (optlen < 0) {
1466                ND_PRINTK2(KERN_WARNING
1467                           "ICMPv6 Redirect: packet too short\n");
1468                return;
1469        }
1470
1471        icmph = icmp6_hdr(skb);
1472        target = (const struct in6_addr *) (icmph + 1);
1473        dest = target + 1;
1474
1475        if (ipv6_addr_is_multicast(dest)) {
1476                ND_PRINTK2(KERN_WARNING
1477                           "ICMPv6 Redirect: destination address is multicast.\n");
1478                return;
1479        }
1480
1481        if (ipv6_addr_equal(dest, target)) {
1482                on_link = 1;
1483        } else if (ipv6_addr_type(target) !=
1484                   (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1485                ND_PRINTK2(KERN_WARNING
1486                           "ICMPv6 Redirect: target address is not link-local unicast.\n");
1487                return;
1488        }
1489
1490        in6_dev = in6_dev_get(skb->dev);
1491        if (!in6_dev)
1492                return;
1493        if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) {
1494                in6_dev_put(in6_dev);
1495                return;
1496        }
1497
1498        /* RFC2461 8.1:
1499         *      The IP source address of the Redirect MUST be the same as the current
1500         *      first-hop router for the specified ICMP Destination Address.
1501         */
1502
1503        if (!ndisc_parse_options((u8*)(dest + 1), optlen, &ndopts)) {
1504                ND_PRINTK2(KERN_WARNING
1505                           "ICMPv6 Redirect: invalid ND options\n");
1506                in6_dev_put(in6_dev);
1507                return;
1508        }
1509        if (ndopts.nd_opts_tgt_lladdr) {
1510                lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
1511                                             skb->dev);
1512                if (!lladdr) {
1513                        ND_PRINTK2(KERN_WARNING
1514                                   "ICMPv6 Redirect: invalid link-layer address length\n");
1515                        in6_dev_put(in6_dev);
1516                        return;
1517                }
1518        }
1519
1520        neigh = __neigh_lookup(&nd_tbl, target, skb->dev, 1);
1521        if (neigh) {
1522                rt6_redirect(dest, &ipv6_hdr(skb)->daddr,
1523                             &ipv6_hdr(skb)->saddr, neigh, lladdr,
1524                             on_link);
1525                neigh_release(neigh);
1526        }
1527        in6_dev_put(in6_dev);
1528}
1529
1530void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh,
1531                         const struct in6_addr *target)
1532{
1533        struct net_device *dev = skb->dev;
1534        struct net *net = dev_net(dev);
1535        struct sock *sk = net->ipv6.ndisc_sk;
1536        int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1537        struct sk_buff *buff;
1538        struct icmp6hdr *icmph;
1539        struct in6_addr saddr_buf;
1540        struct in6_addr *addrp;
1541        struct rt6_info *rt;
1542        struct dst_entry *dst;
1543        struct inet6_dev *idev;
1544        struct flowi6 fl6;
1545        u8 *opt;
1546        int rd_len;
1547        int err;
1548        u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1549
1550        if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1551                ND_PRINTK2(KERN_WARNING
1552                           "ICMPv6 Redirect: no link-local address on %s\n",
1553                           dev->name);
1554                return;
1555        }
1556
1557        if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1558            ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1559                ND_PRINTK2(KERN_WARNING
1560                        "ICMPv6 Redirect: target address is not link-local unicast.\n");
1561                return;
1562        }
1563
1564        icmpv6_flow_init(sk, &fl6, NDISC_REDIRECT,
1565                         &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1566
1567        dst = ip6_route_output(net, NULL, &fl6);
1568        if (dst == NULL)
1569                return;
1570
1571        dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), NULL, 0);
1572        if (IS_ERR(dst))
1573                return;
1574
1575        rt = (struct rt6_info *) dst;
1576
1577        if (rt->rt6i_flags & RTF_GATEWAY) {
1578                ND_PRINTK2(KERN_WARNING
1579                           "ICMPv6 Redirect: destination is not a neighbour.\n");
1580                goto release;
1581        }
1582        if (!rt->rt6i_peer)
1583                rt6_bind_peer(rt, 1);
1584        if (inet_peer_xrlim_allow(rt->rt6i_peer, 1*HZ))
1585                goto release;
1586
1587        if (dev->addr_len) {
1588                read_lock_bh(&neigh->lock);
1589                if (neigh->nud_state & NUD_VALID) {
1590                        memcpy(ha_buf, neigh->ha, dev->addr_len);
1591                        read_unlock_bh(&neigh->lock);
1592                        ha = ha_buf;
1593                        len += ndisc_opt_addr_space(dev);
1594                } else
1595                        read_unlock_bh(&neigh->lock);
1596        }
1597
1598        rd_len = min_t(unsigned int,
1599                     IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1600        rd_len &= ~0x7;
1601        len += rd_len;
1602
1603        buff = sock_alloc_send_skb(sk,
1604                                   (MAX_HEADER + sizeof(struct ipv6hdr) +
1605                                    len + LL_ALLOCATED_SPACE(dev)),
1606                                   1, &err);
1607        if (buff == NULL) {
1608                ND_PRINTK0(KERN_ERR
1609                           "ICMPv6 Redirect: %s() failed to allocate an skb, err=%d.\n",
1610                           __func__, err);
1611                goto release;
1612        }
1613
1614        skb_reserve(buff, LL_RESERVED_SPACE(dev));
1615        ip6_nd_hdr(sk, buff, dev, &saddr_buf, &ipv6_hdr(skb)->saddr,
1616                   IPPROTO_ICMPV6, len);
1617
1618        skb_set_transport_header(buff, skb_tail_pointer(buff) - buff->data);
1619        skb_put(buff, len);
1620        icmph = icmp6_hdr(buff);
1621
1622        memset(icmph, 0, sizeof(struct icmp6hdr));
1623        icmph->icmp6_type = NDISC_REDIRECT;
1624
1625        /*
1626         *      copy target and destination addresses
1627         */
1628
1629        addrp = (struct in6_addr *)(icmph + 1);
1630        ipv6_addr_copy(addrp, target);
1631        addrp++;
1632        ipv6_addr_copy(addrp, &ipv6_hdr(skb)->daddr);
1633
1634        opt = (u8*) (addrp + 1);
1635
1636        /*
1637         *      include target_address option
1638         */
1639
1640        if (ha)
1641                opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1642                                             dev->addr_len, dev->type);
1643
1644        /*
1645         *      build redirect option and copy skb over to the new packet.
1646         */
1647
1648        memset(opt, 0, 8);
1649        *(opt++) = ND_OPT_REDIRECT_HDR;
1650        *(opt++) = (rd_len >> 3);
1651        opt += 6;
1652
1653        memcpy(opt, ipv6_hdr(skb), rd_len - 8);
1654
1655        icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &ipv6_hdr(skb)->saddr,
1656                                             len, IPPROTO_ICMPV6,
1657                                             csum_partial(icmph, len, 0));
1658
1659        skb_dst_set(buff, dst);
1660        idev = in6_dev_get(dst->dev);
1661        IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
1662        err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, buff, NULL, dst->dev,
1663                      dst_output);
1664        if (!err) {
1665                ICMP6MSGOUT_INC_STATS(net, idev, NDISC_REDIRECT);
1666                ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1667        }
1668
1669        if (likely(idev != NULL))
1670                in6_dev_put(idev);
1671        return;
1672
1673release:
1674        dst_release(dst);
1675}
1676
1677static void pndisc_redo(struct sk_buff *skb)
1678{
1679        ndisc_recv_ns(skb);
1680        kfree_skb(skb);
1681}
1682
1683int ndisc_rcv(struct sk_buff *skb)
1684{
1685        struct nd_msg *msg;
1686
1687        if (!pskb_may_pull(skb, skb->len))
1688                return 0;
1689
1690        msg = (struct nd_msg *)skb_transport_header(skb);
1691
1692        __skb_push(skb, skb->data - skb_transport_header(skb));
1693
1694        if (ipv6_hdr(skb)->hop_limit != 255) {
1695                ND_PRINTK2(KERN_WARNING
1696                           "ICMPv6 NDISC: invalid hop-limit: %d\n",
1697                           ipv6_hdr(skb)->hop_limit);
1698                return 0;
1699        }
1700
1701        if (msg->icmph.icmp6_code != 0) {
1702                ND_PRINTK2(KERN_WARNING
1703                           "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1704                           msg->icmph.icmp6_code);
1705                return 0;
1706        }
1707
1708        memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1709
1710        switch (msg->icmph.icmp6_type) {
1711        case NDISC_NEIGHBOUR_SOLICITATION:
1712                ndisc_recv_ns(skb);
1713                break;
1714
1715        case NDISC_NEIGHBOUR_ADVERTISEMENT:
1716                ndisc_recv_na(skb);
1717                break;
1718
1719        case NDISC_ROUTER_SOLICITATION:
1720                ndisc_recv_rs(skb);
1721                break;
1722
1723        case NDISC_ROUTER_ADVERTISEMENT:
1724                ndisc_router_discovery(skb);
1725                break;
1726
1727        case NDISC_REDIRECT:
1728                ndisc_redirect_rcv(skb);
1729                break;
1730        }
1731
1732        return 0;
1733}
1734
1735static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1736{
1737        struct net_device *dev = ptr;
1738        struct net *net = dev_net(dev);
1739
1740        switch (event) {
1741        case NETDEV_CHANGEADDR:
1742                neigh_changeaddr(&nd_tbl, dev);
1743                fib6_run_gc(~0UL, net);
1744                break;
1745        case NETDEV_DOWN:
1746                neigh_ifdown(&nd_tbl, dev);
1747                fib6_run_gc(~0UL, net);
1748                break;
1749        case NETDEV_NOTIFY_PEERS:
1750                ndisc_send_unsol_na(dev);
1751                break;
1752        default:
1753                break;
1754        }
1755
1756        return NOTIFY_DONE;
1757}
1758
1759static struct notifier_block ndisc_netdev_notifier = {
1760        .notifier_call = ndisc_netdev_event,
1761};
1762
1763#ifdef CONFIG_SYSCTL
1764static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1765                                         const char *func, const char *dev_name)
1766{
1767        static char warncomm[TASK_COMM_LEN];
1768        static int warned;
1769        if (strcmp(warncomm, current->comm) && warned < 5) {
1770                strcpy(warncomm, current->comm);
1771                printk(KERN_WARNING
1772                        "process `%s' is using deprecated sysctl (%s) "
1773                        "net.ipv6.neigh.%s.%s; "
1774                        "Use net.ipv6.neigh.%s.%s_ms "
1775                        "instead.\n",
1776                        warncomm, func,
1777                        dev_name, ctl->procname,
1778                        dev_name, ctl->procname);
1779                warned++;
1780        }
1781}
1782
1783int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1784{
1785        struct net_device *dev = ctl->extra1;
1786        struct inet6_dev *idev;
1787        int ret;
1788
1789        if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1790            (strcmp(ctl->procname, "base_reachable_time") == 0))
1791                ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1792
1793        if (strcmp(ctl->procname, "retrans_time") == 0)
1794                ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1795
1796        else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1797                ret = proc_dointvec_jiffies(ctl, write,
1798                                            buffer, lenp, ppos);
1799
1800        else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1801                 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1802                ret = proc_dointvec_ms_jiffies(ctl, write,
1803                                               buffer, lenp, ppos);
1804        else
1805                ret = -1;
1806
1807        if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1808                if (ctl->data == &idev->nd_parms->base_reachable_time)
1809                        idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1810                idev->tstamp = jiffies;
1811                inet6_ifinfo_notify(RTM_NEWLINK, idev);
1812                in6_dev_put(idev);
1813        }
1814        return ret;
1815}
1816
1817
1818#endif
1819
1820static int __net_init ndisc_net_init(struct net *net)
1821{
1822        struct ipv6_pinfo *np;
1823        struct sock *sk;
1824        int err;
1825
1826        err = inet_ctl_sock_create(&sk, PF_INET6,
1827                                   SOCK_RAW, IPPROTO_ICMPV6, net);
1828        if (err < 0) {
1829                ND_PRINTK0(KERN_ERR
1830                           "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1831                           err);
1832                return err;
1833        }
1834
1835        net->ipv6.ndisc_sk = sk;
1836
1837        np = inet6_sk(sk);
1838        np->hop_limit = 255;
1839        /* Do not loopback ndisc messages */
1840        np->mc_loop = 0;
1841
1842        return 0;
1843}
1844
1845static void __net_exit ndisc_net_exit(struct net *net)
1846{
1847        inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1848}
1849
1850static struct pernet_operations ndisc_net_ops = {
1851        .init = ndisc_net_init,
1852        .exit = ndisc_net_exit,
1853};
1854
1855int __init ndisc_init(void)
1856{
1857        int err;
1858
1859        err = register_pernet_subsys(&ndisc_net_ops);
1860        if (err)
1861                return err;
1862        /*
1863         * Initialize the neighbour table
1864         */
1865        neigh_table_init(&nd_tbl);
1866
1867#ifdef CONFIG_SYSCTL
1868        err = neigh_sysctl_register(NULL, &nd_tbl.parms, "ipv6",
1869                                    &ndisc_ifinfo_sysctl_change);
1870        if (err)
1871                goto out_unregister_pernet;
1872#endif
1873        err = register_netdevice_notifier(&ndisc_netdev_notifier);
1874        if (err)
1875                goto out_unregister_sysctl;
1876out:
1877        return err;
1878
1879out_unregister_sysctl:
1880#ifdef CONFIG_SYSCTL
1881        neigh_sysctl_unregister(&nd_tbl.parms);
1882out_unregister_pernet:
1883#endif
1884        unregister_pernet_subsys(&ndisc_net_ops);
1885        goto out;
1886}
1887
1888void ndisc_cleanup(void)
1889{
1890        unregister_netdevice_notifier(&ndisc_netdev_notifier);
1891#ifdef CONFIG_SYSCTL
1892        neigh_sysctl_unregister(&nd_tbl.parms);
1893#endif
1894        neigh_table_clear(&nd_tbl);
1895        unregister_pernet_subsys(&ndisc_net_ops);
1896}
1897