]> bbs.cooldavid.org Git - net-next-2.6.git/blame - net/ipv6/icmp.c
git://bbs.cooldavid.org / net-next-2.6.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit...
[net-next-2.6.git] / net / ipv6 / icmp.c
CommitLineData
1da177e4
LT		 1/*
2 * Internet Control Message Protocol (ICMPv6)
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
1da177e4
LT		 8 * Based on net/ipv4/icmp.c
9 *
10 * RFC 1885
11 *
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version
15 * 2 of the License, or (at your option) any later version.
16 */
17
18/*
19 * Changes:
20 *
21 * Andi Kleen : exception handling
22 * Andi Kleen add rate limits. never reply to a icmp.
23 * add more length checks and other fixes.
24 * yoshfuji : ensure to sent parameter problem for
25 * fragments.
26 * YOSHIFUJI Hideaki @USAGI: added sysctl for icmp rate limit.
27 * Randy Dunlap and
28 * YOSHIFUJI Hideaki @USAGI: Per-interface statistics support
29 * Kazunori MIYAZAWA @USAGI: change output process to use ip6_append_data
30 */
31
32#include <linux/module.h>
33#include <linux/errno.h>
34#include <linux/types.h>
35#include <linux/socket.h>
36#include <linux/in.h>
37#include <linux/kernel.h>
1da177e4
LT		 38#include <linux/sockios.h>
39#include <linux/net.h>
40#include <linux/skbuff.h>
41#include <linux/init.h>
763ecff1 42#include <linux/netfilter.h>
5a0e3ad6 43#include <linux/slab.h>
1da177e4
LT		 44
45#ifdef CONFIG_SYSCTL
46#include <linux/sysctl.h>
47#endif
48
49#include <linux/inet.h>
50#include <linux/netdevice.h>
51#include <linux/icmpv6.h>
52
53#include <net/ip.h>
54#include <net/sock.h>
55
56#include <net/ipv6.h>
57#include <net/ip6_checksum.h>
58#include <net/protocol.h>
59#include <net/raw.h>
60#include <net/rawv6.h>
61#include <net/transp_v6.h>
62#include <net/ip6_route.h>
63#include <net/addrconf.h>
64#include <net/icmp.h>
8b7817f3 65#include <net/xfrm.h>
1ed8516f 66#include <net/inet_common.h>
1da177e4
LT		 67
68#include <asm/uaccess.h>
69#include <asm/system.h>
70
1da177e4
LT		 71/*
72 * The ICMP socket(s). This is the most convenient way to flow control
73 * our ICMP output as well as maintain a clean interface throughout
74 * all layers. All Socketless IP sends will soon be gone.
75 *
76 * On SMP we have one ICMP socket per-cpu.
77 */
98c6d1b2
DL		 78static inline struct sock *icmpv6_sk(struct net *net)
79{
80 return net->ipv6.icmp_sk[smp_processor_id()];
81}
1da177e4 82
e5bbef20 83static int icmpv6_rcv(struct sk_buff *skb);
1da177e4 84
41135cc8 85static const struct inet6_protocol icmpv6_protocol = {
1da177e4 86 .handler = icmpv6_rcv,
8b7817f3 87 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
1da177e4
LT		 88};
89
fdc0bde9 90static __inline__ struct sock *icmpv6_xmit_lock(struct net *net)
1da177e4 91{
fdc0bde9
DL		 92 struct sock *sk;
93
1da177e4
LT		 94 local_bh_disable();
95
fdc0bde9 96 sk = icmpv6_sk(net);
405666db 97 if (unlikely(!spin_trylock(&sk->sk_lock.slock))) {
1da177e4
LT		 98 /* This can happen if the output path (f.e. SIT or
99 * ip6ip6 tunnel) signals dst_link_failure() for an
100 * outgoing ICMP6 packet.
101 */
102 local_bh_enable();
fdc0bde9 103 return NULL;
1da177e4 104 }
fdc0bde9 105 return sk;
1da177e4
LT		 106}
107
405666db 108static __inline__ void icmpv6_xmit_unlock(struct sock *sk)
1da177e4 109{
405666db 110 spin_unlock_bh(&sk->sk_lock.slock);
1da177e4
LT		 111}
112
1ab1457c 113/*
1da177e4
LT		 114 * Slightly more convenient version of icmpv6_send.
115 */
d5fdd6ba 116void icmpv6_param_prob(struct sk_buff *skb, u8 code, int pos)
1da177e4 117{
3ffe533c 118 icmpv6_send(skb, ICMPV6_PARAMPROB, code, pos);
1da177e4
LT		 119 kfree_skb(skb);
120}
121
122/*
123 * Figure out, may we reply to this packet with icmp error.
124 *
125 * We do not reply, if:
126 * - it was icmp error message.
127 * - it is truncated, so that it is known, that protocol is ICMPV6
128 * (i.e. in the middle of some exthdr)
129 *
130 * --ANK (980726)
131 */
132
133static int is_ineligible(struct sk_buff *skb)
134{
0660e03f 135 int ptr = (u8 *)(ipv6_hdr(skb) + 1) - skb->data;
1da177e4 136 int len = skb->len - ptr;
0660e03f 137 __u8 nexthdr = ipv6_hdr(skb)->nexthdr;
1da177e4
LT		 138
139 if (len < 0)
140 return 1;
141
0d3d077c 142 ptr = ipv6_skip_exthdr(skb, ptr, &nexthdr);
1da177e4
LT		 143 if (ptr < 0)
144 return 0;
145 if (nexthdr == IPPROTO_ICMPV6) {
146 u8 _type, *tp;
147 tp = skb_header_pointer(skb,
148 ptr+offsetof(struct icmp6hdr, icmp6_type),
149 sizeof(_type), &_type);
150 if (tp == NULL ||
151 !(*tp & ICMPV6_INFOMSG_MASK))
152 return 1;
153 }
154 return 0;
155}
156
1ab1457c
YH		 157/*
158 * Check the ICMP output rate limit
1da177e4 159 */
d5fdd6ba 160static inline int icmpv6_xrlim_allow(struct sock *sk, u8 type,
1da177e4
LT		 161 struct flowi *fl)
162{
163 struct dst_entry *dst;
3b1e0a65 164 struct net *net = sock_net(sk);
1da177e4
LT		 165 int res = 0;
166
167 /* Informational messages are not limited. */
168 if (type & ICMPV6_INFOMSG_MASK)
169 return 1;
170
171 /* Do not limit pmtu discovery, it would break it. */
172 if (type == ICMPV6_PKT_TOOBIG)
173 return 1;
174
1ab1457c 175 /*
1da177e4
LT		 176 * Look up the output route.
177 * XXX: perhaps the expire for routing entries cloned by
178 * this lookup should be more aggressive (not longer than timeout).
179 */
9a43b709 180 dst = ip6_route_output(net, sk, fl);
1da177e4 181 if (dst->error) {
3bd653c8 182 IP6_INC_STATS(net, ip6_dst_idev(dst),
a11d206d 183 IPSTATS_MIB_OUTNOROUTES);
1da177e4
LT		 184 } else if (dst->dev && (dst->dev->flags&IFF_LOOPBACK)) {
185 res = 1;
186 } else {
187 struct rt6_info *rt = (struct rt6_info *)dst;
9a43b709 188 int tmo = net->ipv6.sysctl.icmpv6_time;
1da177e4
LT		 189
190 /* Give more bandwidth to wider prefixes. */
191 if (rt->rt6i_dst.plen < 128)
192 tmo >>= ((128 - rt->rt6i_dst.plen)>>5);
193
194 res = xrlim_allow(dst, tmo);
195 }
196 dst_release(dst);
197 return res;
198}
199
200/*
201 * an inline helper for the "simple" if statement below
202 * checks if parameter problem report is caused by an
1ab1457c 203 * unrecognized IPv6 option that has the Option Type
1da177e4
LT		 204 * highest-order two bits set to 10
205 */
206
207static __inline__ int opt_unrec(struct sk_buff *skb, __u32 offset)
208{
209 u8 _optval, *op;
210
bbe735e4 211 offset += skb_network_offset(skb);
1da177e4
LT		 212 op = skb_header_pointer(skb, offset, sizeof(_optval), &_optval);
213 if (op == NULL)
214 return 1;
215 return (*op & 0xC0) == 0x80;
216}
217
218static int icmpv6_push_pending_frames(struct sock *sk, struct flowi *fl, struct icmp6hdr *thdr, int len)
219{
220 struct sk_buff *skb;
221 struct icmp6hdr *icmp6h;
222 int err = 0;
223
224 if ((skb = skb_peek(&sk->sk_write_queue)) == NULL)
225 goto out;
226
cc70ab26 227 icmp6h = icmp6_hdr(skb);
1da177e4
LT		 228 memcpy(icmp6h, thdr, sizeof(struct icmp6hdr));
229 icmp6h->icmp6_cksum = 0;
230
231 if (skb_queue_len(&sk->sk_write_queue) == 1) {
07f0757a 232 skb->csum = csum_partial(icmp6h,
1da177e4
LT		 233 sizeof(struct icmp6hdr), skb->csum);
234 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl->fl6_src,
235 &fl->fl6_dst,
236 len, fl->proto,
237 skb->csum);
238 } else {
868c86bc 239 __wsum tmp_csum = 0;
1da177e4
LT		 240
241 skb_queue_walk(&sk->sk_write_queue, skb) {
242 tmp_csum = csum_add(tmp_csum, skb->csum);
243 }
244
07f0757a 245 tmp_csum = csum_partial(icmp6h,
1da177e4 246 sizeof(struct icmp6hdr), tmp_csum);
868c86bc
AV		 247 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl->fl6_src,
248 &fl->fl6_dst,
249 len, fl->proto,
250 tmp_csum);
1da177e4 251 }
1da177e4
LT		 252 ip6_push_pending_frames(sk);
253out:
254 return err;
255}
256
257struct icmpv6_msg {
258 struct sk_buff *skb;
259 int offset;
763ecff1 260 uint8_t type;
1da177e4
LT		 261};
262
263static int icmpv6_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb)
264{
265 struct icmpv6_msg *msg = (struct icmpv6_msg *) from;
266 struct sk_buff *org_skb = msg->skb;
5f92a738 267 __wsum csum = 0;
1da177e4
LT		 268
269 csum = skb_copy_and_csum_bits(org_skb, msg->offset + offset,
270 to, len, csum);
271 skb->csum = csum_block_add(skb->csum, csum, odd);
763ecff1
YK		 272 if (!(msg->type & ICMPV6_INFOMSG_MASK))
273 nf_ct_attach(skb, org_skb);
1da177e4
LT		 274 return 0;
275}
276
59fbb3a6 277#if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE)
79383236
MN		 278static void mip6_addr_swap(struct sk_buff *skb)
279{
0660e03f 280 struct ipv6hdr *iph = ipv6_hdr(skb);
79383236
MN		 281 struct inet6_skb_parm *opt = IP6CB(skb);
282 struct ipv6_destopt_hao *hao;
283 struct in6_addr tmp;
284 int off;
285
286 if (opt->dsthao) {
287 off = ipv6_find_tlv(skb, opt->dsthao, IPV6_TLV_HAO);
288 if (likely(off >= 0)) {
d56f90a7
ACM		 289 hao = (struct ipv6_destopt_hao *)
290 (skb_network_header(skb) + off);
79383236
MN		 291 ipv6_addr_copy(&tmp, &iph->saddr);
292 ipv6_addr_copy(&iph->saddr, &hao->addr);
293 ipv6_addr_copy(&hao->addr, &tmp);
294 }
295 }
296}
297#else
298static inline void mip6_addr_swap(struct sk_buff *skb) {}
299#endif
300
1da177e4
LT		 301/*
302 * Send an ICMP message in response to a packet in error
303 */
3ffe533c 304void icmpv6_send(struct sk_buff *skb, u8 type, u8 code, __u32 info)
1da177e4 305{
c346dca1 306 struct net *net = dev_net(skb->dev);
1da177e4 307 struct inet6_dev *idev = NULL;
0660e03f 308 struct ipv6hdr *hdr = ipv6_hdr(skb);
84427d53
YH		 309 struct sock *sk;
310 struct ipv6_pinfo *np;
1da177e4
LT		 311 struct in6_addr *saddr = NULL;
312 struct dst_entry *dst;
8b7817f3 313 struct dst_entry *dst2;
1da177e4
LT		 314 struct icmp6hdr tmp_hdr;
315 struct flowi fl;
8b7817f3 316 struct flowi fl2;
1da177e4
LT		 317 struct icmpv6_msg msg;
318 int iif = 0;
319 int addr_type = 0;
320 int len;
e651f03a 321 int hlimit;
1da177e4
LT		 322 int err = 0;
323
27a884dc
ACM		 324 if ((u8 *)hdr < skb->head ||
325 (skb->network_header + sizeof(*hdr)) > skb->tail)
1da177e4
LT		 326 return;
327
328 /*
1ab1457c 329 * Make sure we respect the rules
1da177e4
LT		 330 * i.e. RFC 1885 2.4(e)
331 * Rule (e.1) is enforced by not using icmpv6_send
332 * in any code that processes icmp errors.
333 */
334 addr_type = ipv6_addr_type(&hdr->daddr);
335
9a43b709 336 if (ipv6_chk_addr(net, &hdr->daddr, skb->dev, 0))
1da177e4
LT		 337 saddr = &hdr->daddr;
338
339 /*
340 * Dest addr check
341 */
342
343 if ((addr_type & IPV6_ADDR_MULTICAST || skb->pkt_type != PACKET_HOST)) {
344 if (type != ICMPV6_PKT_TOOBIG &&
1ab1457c
YH		 345 !(type == ICMPV6_PARAMPROB &&
346 code == ICMPV6_UNK_OPTION &&
1da177e4
LT		 347 (opt_unrec(skb, info))))
348 return;
349
350 saddr = NULL;
351 }
352
353 addr_type = ipv6_addr_type(&hdr->saddr);
354
355 /*
356 * Source addr check
357 */
358
359 if (addr_type & IPV6_ADDR_LINKLOCAL)
360 iif = skb->dev->ifindex;
361
362 /*
8de3351e
YH		 363 * Must not send error if the source does not uniquely
364 * identify a single node (RFC2463 Section 2.4).
365 * We check unspecified / multicast addresses here,
366 * and anycast addresses will be checked later.
1da177e4
LT		 367 */
368 if ((addr_type == IPV6_ADDR_ANY) || (addr_type & IPV6_ADDR_MULTICAST)) {
64ce2073 369 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6_send: addr_any/mcast source\n");
1da177e4
LT		 370 return;
371 }
372
1ab1457c 373 /*
1da177e4
LT		 374 * Never answer to a ICMP packet.
375 */
376 if (is_ineligible(skb)) {
64ce2073 377 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6_send: no reply to icmp error\n");
1da177e4
LT		 378 return;
379 }
380
79383236
MN		 381 mip6_addr_swap(skb);
382
1da177e4
LT		 383 memset(&fl, 0, sizeof(fl));
384 fl.proto = IPPROTO_ICMPV6;
385 ipv6_addr_copy(&fl.fl6_dst, &hdr->saddr);
386 if (saddr)
387 ipv6_addr_copy(&fl.fl6_src, saddr);
388 fl.oif = iif;
389 fl.fl_icmp_type = type;
390 fl.fl_icmp_code = code;
beb8d13b 391 security_skb_classify_flow(skb, &fl);
1da177e4 392
fdc0bde9
DL		 393 sk = icmpv6_xmit_lock(net);
394 if (sk == NULL)
405666db 395 return;
fdc0bde9 396 np = inet6_sk(sk);
405666db 397
1da177e4
LT		 398 if (!icmpv6_xrlim_allow(sk, type, &fl))
399 goto out;
400
401 tmp_hdr.icmp6_type = type;
402 tmp_hdr.icmp6_code = code;
403 tmp_hdr.icmp6_cksum = 0;
404 tmp_hdr.icmp6_pointer = htonl(info);
405
406 if (!fl.oif && ipv6_addr_is_multicast(&fl.fl6_dst))
407 fl.oif = np->mcast_oif;
408
409 err = ip6_dst_lookup(sk, &dst, &fl);
410 if (err)
411 goto out;
8de3351e
YH		 412
413 /*
414 * We won't send icmp if the destination is known
415 * anycast.
416 */
417 if (((struct rt6_info *)dst)->rt6i_flags & RTF_ANYCAST) {
418 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6_send: acast source\n");
419 goto out_dst_release;
420 }
421
8b7817f3
HX		 422 /* No need to clone since we're just using its address. */
423 dst2 = dst;
424
52479b62 425 err = xfrm_lookup(net, &dst, &fl, sk, 0);
8b7817f3
HX		 426 switch (err) {
427 case 0:
428 if (dst != dst2)
429 goto route_done;
430 break;
431 case -EPERM:
432 dst = NULL;
433 break;
434 default:
435 goto out;
436 }
437
438 if (xfrm_decode_session_reverse(skb, &fl2, AF_INET6))
af268182 439 goto relookup_failed;
8b7817f3 440
6c06a478 441 if (ip6_dst_lookup(sk, &dst2, &fl2))
af268182 442 goto relookup_failed;
1da177e4 443
6c06a478 444 err = xfrm_lookup(net, &dst2, &fl2, sk, XFRM_LOOKUP_ICMP);
af268182
HX		 445 switch (err) {
446 case 0:
447 dst_release(dst);
448 dst = dst2;
449 break;
450 case -EPERM:
451 goto out_dst_release;
452 default:
453relookup_failed:
8b7817f3
HX		 454 if (!dst)
455 goto out;
af268182 456 break;
8b7817f3
HX		 457 }
458
8b7817f3 459route_done:
1da177e4
LT		 460 if (ipv6_addr_is_multicast(&fl.fl6_dst))
461 hlimit = np->mcast_hops;
462 else
463 hlimit = np->hop_limit;
464 if (hlimit < 0)
6b75d090 465 hlimit = ip6_dst_hoplimit(dst);
1da177e4
LT		 466
467 msg.skb = skb;
bbe735e4 468 msg.offset = skb_network_offset(skb);
763ecff1 469 msg.type = type;
1da177e4
LT		 470
471 len = skb->len - msg.offset;
472 len = min_t(unsigned int, len, IPV6_MIN_MTU - sizeof(struct ipv6hdr) -sizeof(struct icmp6hdr));
473 if (len < 0) {
64ce2073 474 LIMIT_NETDEBUG(KERN_DEBUG "icmp: len problem\n");
1da177e4
LT		 475 goto out_dst_release;
476 }
477
478 idev = in6_dev_get(skb->dev);
479
480 err = ip6_append_data(sk, icmpv6_getfrag, &msg,
481 len + sizeof(struct icmp6hdr),
e651f03a
GR		 482 sizeof(struct icmp6hdr), hlimit,
483 np->tclass, NULL, &fl, (struct rt6_info*)dst,
1da177e4
LT		 484 MSG_DONTWAIT);
485 if (err) {
486 ip6_flush_pending_frames(sk);
487 goto out_put;
488 }
489 err = icmpv6_push_pending_frames(sk, &fl, &tmp_hdr, len + sizeof(struct icmp6hdr));
490
1da177e4
LT		 491out_put:
492 if (likely(idev != NULL))
493 in6_dev_put(idev);
494out_dst_release:
495 dst_release(dst);
496out:
405666db 497 icmpv6_xmit_unlock(sk);
1da177e4
LT		 498}
499
7159039a
YH		 500EXPORT_SYMBOL(icmpv6_send);
501
1da177e4
LT		 502static void icmpv6_echo_reply(struct sk_buff *skb)
503{
c346dca1 504 struct net *net = dev_net(skb->dev);
84427d53 505 struct sock *sk;
1da177e4 506 struct inet6_dev *idev;
84427d53 507 struct ipv6_pinfo *np;
1da177e4 508 struct in6_addr *saddr = NULL;
cc70ab26 509 struct icmp6hdr *icmph = icmp6_hdr(skb);
1da177e4
LT		 510 struct icmp6hdr tmp_hdr;
511 struct flowi fl;
512 struct icmpv6_msg msg;
513 struct dst_entry *dst;
514 int err = 0;
515 int hlimit;
516
0660e03f 517 saddr = &ipv6_hdr(skb)->daddr;
1da177e4
LT		 518
519 if (!ipv6_unicast_destination(skb))
520 saddr = NULL;
521
522 memcpy(&tmp_hdr, icmph, sizeof(tmp_hdr));
523 tmp_hdr.icmp6_type = ICMPV6_ECHO_REPLY;
524
525 memset(&fl, 0, sizeof(fl));
526 fl.proto = IPPROTO_ICMPV6;
0660e03f 527 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr);
1da177e4
LT		 528 if (saddr)
529 ipv6_addr_copy(&fl.fl6_src, saddr);
530 fl.oif = skb->dev->ifindex;
531 fl.fl_icmp_type = ICMPV6_ECHO_REPLY;
beb8d13b 532 security_skb_classify_flow(skb, &fl);
1da177e4 533
fdc0bde9
DL		 534 sk = icmpv6_xmit_lock(net);
535 if (sk == NULL)
405666db 536 return;
fdc0bde9 537 np = inet6_sk(sk);
405666db 538
1da177e4
LT		 539 if (!fl.oif && ipv6_addr_is_multicast(&fl.fl6_dst))
540 fl.oif = np->mcast_oif;
541
542 err = ip6_dst_lookup(sk, &dst, &fl);
543 if (err)
544 goto out;
52479b62 545 if ((err = xfrm_lookup(net, &dst, &fl, sk, 0)) < 0)
e104411b 546 goto out;
1da177e4
LT		 547
548 if (ipv6_addr_is_multicast(&fl.fl6_dst))
549 hlimit = np->mcast_hops;
550 else
551 hlimit = np->hop_limit;
552 if (hlimit < 0)
6b75d090 553 hlimit = ip6_dst_hoplimit(dst);
1da177e4
LT		 554
555 idev = in6_dev_get(skb->dev);
556
557 msg.skb = skb;
558 msg.offset = 0;
763ecff1 559 msg.type = ICMPV6_ECHO_REPLY;
1da177e4
LT		 560
561 err = ip6_append_data(sk, icmpv6_getfrag, &msg, skb->len + sizeof(struct icmp6hdr),
e651f03a 562 sizeof(struct icmp6hdr), hlimit, np->tclass, NULL, &fl,
1da177e4
LT		 563 (struct rt6_info*)dst, MSG_DONTWAIT);
564
565 if (err) {
566 ip6_flush_pending_frames(sk);
567 goto out_put;
568 }
569 err = icmpv6_push_pending_frames(sk, &fl, &tmp_hdr, skb->len + sizeof(struct icmp6hdr));
570
1ab1457c 571out_put:
1da177e4
LT		 572 if (likely(idev != NULL))
573 in6_dev_put(idev);
1da177e4 574 dst_release(dst);
1ab1457c 575out:
405666db 576 icmpv6_xmit_unlock(sk);
1da177e4
LT		 577}
578
d5fdd6ba 579static void icmpv6_notify(struct sk_buff *skb, u8 type, u8 code, __be32 info)
1da177e4 580{
41135cc8 581 const struct inet6_protocol *ipprot;
1da177e4
LT		 582 int inner_offset;
583 int hash;
584 u8 nexthdr;
585
586 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
587 return;
588
589 nexthdr = ((struct ipv6hdr *)skb->data)->nexthdr;
590 if (ipv6_ext_hdr(nexthdr)) {
591 /* now skip over extension headers */
0d3d077c 592 inner_offset = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr), &nexthdr);
1da177e4
LT		 593 if (inner_offset<0)
594 return;
595 } else {
596 inner_offset = sizeof(struct ipv6hdr);
597 }
598
599 /* Checkin header including 8 bytes of inner protocol header. */
600 if (!pskb_may_pull(skb, inner_offset+8))
601 return;
602
1da177e4
LT		 603 /* BUGGG_FUTURE: we should try to parse exthdrs in this packet.
604 Without this we will not able f.e. to make source routed
605 pmtu discovery.
606 Corresponding argument (opt) to notifiers is already added.
607 --ANK (980726)
608 */
609
610 hash = nexthdr & (MAX_INET_PROTOS - 1);
611
612 rcu_read_lock();
613 ipprot = rcu_dereference(inet6_protos[hash]);
614 if (ipprot && ipprot->err_handler)
615 ipprot->err_handler(skb, NULL, type, code, inner_offset, info);
616 rcu_read_unlock();
617
69d6da0b 618 raw6_icmp_error(skb, nexthdr, type, code, inner_offset, info);
1da177e4 619}
1ab1457c 620
1da177e4
LT		 621/*
622 * Handle icmp messages
623 */
624
e5bbef20 625static int icmpv6_rcv(struct sk_buff *skb)
1da177e4 626{
1da177e4
LT		 627 struct net_device *dev = skb->dev;
628 struct inet6_dev *idev = __in6_dev_get(dev);
629 struct in6_addr *saddr, *daddr;
630 struct ipv6hdr *orig_hdr;
631 struct icmp6hdr *hdr;
d5fdd6ba 632 u8 type;
1da177e4 633
aebcf82c 634 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
def8b4fa 635 struct sec_path *sp = skb_sec_path(skb);
8b7817f3
HX		 636 int nh;
637
def8b4fa 638 if (!(sp && sp->xvec[sp->len - 1]->props.flags &
aebcf82c
HX		 639 XFRM_STATE_ICMP))
640 goto drop_no_count;
641
8b7817f3
HX		 642 if (!pskb_may_pull(skb, sizeof(*hdr) + sizeof(*orig_hdr)))
643 goto drop_no_count;
644
645 nh = skb_network_offset(skb);
646 skb_set_network_header(skb, sizeof(*hdr));
647
648 if (!xfrm6_policy_check_reverse(NULL, XFRM_POLICY_IN, skb))
649 goto drop_no_count;
650
651 skb_set_network_header(skb, nh);
652 }
653
e41b5368 654 ICMP6_INC_STATS_BH(dev_net(dev), idev, ICMP6_MIB_INMSGS);
1da177e4 655
0660e03f
ACM		 656 saddr = &ipv6_hdr(skb)->saddr;
657 daddr = &ipv6_hdr(skb)->daddr;
1da177e4
LT		 658
659 /* Perform checksum. */
fb286bb2 660 switch (skb->ip_summed) {
84fa7933 661 case CHECKSUM_COMPLETE:
fb286bb2
HX		 662 if (!csum_ipv6_magic(saddr, daddr, skb->len, IPPROTO_ICMPV6,
663 skb->csum))
664 break;
665 /* fall through */
666 case CHECKSUM_NONE:
868c86bc
AV		 667 skb->csum = ~csum_unfold(csum_ipv6_magic(saddr, daddr, skb->len,
668 IPPROTO_ICMPV6, 0));
fb286bb2 669 if (__skb_checksum_complete(skb)) {
5b095d98 670 LIMIT_NETDEBUG(KERN_DEBUG "ICMPv6 checksum failed [%pI6 > %pI6]\n",
0c6ce78a 671 saddr, daddr);
1da177e4
LT		 672 goto discard_it;
673 }
674 }
675
8cf22943
HX		 676 if (!pskb_pull(skb, sizeof(*hdr)))
677 goto discard_it;
1da177e4 678
cc70ab26 679 hdr = icmp6_hdr(skb);
1da177e4
LT		 680
681 type = hdr->icmp6_type;
682
55d43808 683 ICMP6MSGIN_INC_STATS_BH(dev_net(dev), idev, type);
1da177e4
LT		 684
685 switch (type) {
686 case ICMPV6_ECHO_REQUEST:
687 icmpv6_echo_reply(skb);
688 break;
689
690 case ICMPV6_ECHO_REPLY:
691 /* we couldn't care less */
692 break;
693
694 case ICMPV6_PKT_TOOBIG:
695 /* BUGGG_FUTURE: if packet contains rthdr, we cannot update
696 standard destination cache. Seems, only "advanced"
697 destination cache will allow to solve this problem
698 --ANK (980726)
699 */
700 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
701 goto discard_it;
cc70ab26 702 hdr = icmp6_hdr(skb);
1da177e4
LT		 703 orig_hdr = (struct ipv6hdr *) (hdr + 1);
704 rt6_pmtu_discovery(&orig_hdr->daddr, &orig_hdr->saddr, dev,
705 ntohl(hdr->icmp6_mtu));
706
707 /*
708 * Drop through to notify
709 */
710
711 case ICMPV6_DEST_UNREACH:
712 case ICMPV6_TIME_EXCEED:
713 case ICMPV6_PARAMPROB:
714 icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu);
715 break;
716
717 case NDISC_ROUTER_SOLICITATION:
718 case NDISC_ROUTER_ADVERTISEMENT:
719 case NDISC_NEIGHBOUR_SOLICITATION:
720 case NDISC_NEIGHBOUR_ADVERTISEMENT:
721 case NDISC_REDIRECT:
722 ndisc_rcv(skb);
723 break;
724
725 case ICMPV6_MGM_QUERY:
726 igmp6_event_query(skb);
727 break;
728
729 case ICMPV6_MGM_REPORT:
730 igmp6_event_report(skb);
731 break;
732
733 case ICMPV6_MGM_REDUCTION:
734 case ICMPV6_NI_QUERY:
735 case ICMPV6_NI_REPLY:
736 case ICMPV6_MLD2_REPORT:
737 case ICMPV6_DHAAD_REQUEST:
738 case ICMPV6_DHAAD_REPLY:
739 case ICMPV6_MOBILE_PREFIX_SOL:
740 case ICMPV6_MOBILE_PREFIX_ADV:
741 break;
742
743 default:
64ce2073 744 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6: msg of unknown type\n");
1da177e4
LT		 745
746 /* informational */
747 if (type & ICMPV6_INFOMSG_MASK)
748 break;
749
1ab1457c
YH		 750 /*
751 * error of unknown type.
752 * must pass to upper level
1da177e4
LT		 753 */
754
755 icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu);
3ff50b79
SH		 756 }
757
1da177e4
LT		 758 kfree_skb(skb);
759 return 0;
760
761discard_it:
e41b5368 762 ICMP6_INC_STATS_BH(dev_net(dev), idev, ICMP6_MIB_INERRORS);
8b7817f3 763drop_no_count:
1da177e4
LT		 764 kfree_skb(skb);
765 return 0;
766}
767
95e41e93
YH		 768void icmpv6_flow_init(struct sock *sk, struct flowi *fl,
769 u8 type,
770 const struct in6_addr *saddr,
771 const struct in6_addr *daddr,
772 int oif)
773{
774 memset(fl, 0, sizeof(*fl));
775 ipv6_addr_copy(&fl->fl6_src, saddr);
776 ipv6_addr_copy(&fl->fl6_dst, daddr);
777 fl->proto = IPPROTO_ICMPV6;
778 fl->fl_icmp_type = type;
779 fl->fl_icmp_code = 0;
780 fl->oif = oif;
781 security_sk_classify_flow(sk, fl);
782}
783
640c41c7 784/*
b7e729c4 785 * Special lock-class for __icmpv6_sk:
640c41c7
IM		 786 */
787static struct lock_class_key icmpv6_socket_sk_dst_lock_key;
788
98c6d1b2 789static int __net_init icmpv6_sk_init(struct net *net)
1da177e4
LT		 790{
791 struct sock *sk;
792 int err, i, j;
793
98c6d1b2
DL		 794 net->ipv6.icmp_sk =
795 kzalloc(nr_cpu_ids * sizeof(struct sock *), GFP_KERNEL);
796 if (net->ipv6.icmp_sk == NULL)
79c91159
DL		 797 return -ENOMEM;
798
6f912042 799 for_each_possible_cpu(i) {
1ed8516f
DL		 800 err = inet_ctl_sock_create(&sk, PF_INET6,
801 SOCK_RAW, IPPROTO_ICMPV6, net);
1da177e4
LT		 802 if (err < 0) {
803 printk(KERN_ERR
804 "Failed to initialize the ICMP6 control socket "
805 "(err %d).\n",
806 err);
807 goto fail;
808 }
809
1ed8516f 810 net->ipv6.icmp_sk[i] = sk;
5c8cafd6 811
640c41c7
IM		 812 /*
813 * Split off their lock-class, because sk->sk_dst_lock
814 * gets used from softirqs, which is safe for
b7e729c4 815 * __icmpv6_sk (because those never get directly used
640c41c7
IM		 816 * via userspace syscalls), but unsafe for normal sockets.
817 */
818 lockdep_set_class(&sk->sk_dst_lock,
819 &icmpv6_socket_sk_dst_lock_key);
1da177e4
LT		 820
821 /* Enough space for 2 64K ICMP packets, including
822 * sk_buff struct overhead.
823 */
824 sk->sk_sndbuf =
825 (2 * ((64 * 1024) + sizeof(struct sk_buff)));
1da177e4 826 }
1da177e4
LT		 827 return 0;
828
829 fail:
5c8cafd6 830 for (j = 0; j < i; j++)
1ed8516f 831 inet_ctl_sock_destroy(net->ipv6.icmp_sk[j]);
98c6d1b2 832 kfree(net->ipv6.icmp_sk);
1da177e4
LT		 833 return err;
834}
835
98c6d1b2 836static void __net_exit icmpv6_sk_exit(struct net *net)
1da177e4
LT		 837{
838 int i;
839
6f912042 840 for_each_possible_cpu(i) {
1ed8516f 841 inet_ctl_sock_destroy(net->ipv6.icmp_sk[i]);
1da177e4 842 }
98c6d1b2
DL		 843 kfree(net->ipv6.icmp_sk);
844}
845
8ed7edce 846static struct pernet_operations icmpv6_sk_ops = {
98c6d1b2
DL		 847 .init = icmpv6_sk_init,
848 .exit = icmpv6_sk_exit,
849};
850
851int __init icmpv6_init(void)
852{
853 int err;
854
855 err = register_pernet_subsys(&icmpv6_sk_ops);
856 if (err < 0)
857 return err;
858
859 err = -EAGAIN;
860 if (inet6_add_protocol(&icmpv6_protocol, IPPROTO_ICMPV6) < 0)
861 goto fail;
862 return 0;
863
864fail:
865 printk(KERN_ERR "Failed to register ICMP6 protocol\n");
866 unregister_pernet_subsys(&icmpv6_sk_ops);
867 return err;
868}
869
8ed7edce 870void icmpv6_cleanup(void)
98c6d1b2
DL		 871{
872 unregister_pernet_subsys(&icmpv6_sk_ops);
1da177e4
LT		 873 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6);
874}
875
98c6d1b2 876
9b5b5cff 877static const struct icmp6_err {
1da177e4
LT		 878 int err;
879 int fatal;
880} tab_unreach[] = {
881 { /* NOROUTE */
882 .err = ENETUNREACH,
883 .fatal = 0,
884 },
885 { /* ADM_PROHIBITED */
886 .err = EACCES,
887 .fatal = 1,
888 },
889 { /* Was NOT_NEIGHBOUR, now reserved */
890 .err = EHOSTUNREACH,
891 .fatal = 0,
892 },
893 { /* ADDR_UNREACH */
894 .err = EHOSTUNREACH,
895 .fatal = 0,
896 },
897 { /* PORT_UNREACH */
898 .err = ECONNREFUSED,
899 .fatal = 1,
900 },
901};
902
d5fdd6ba 903int icmpv6_err_convert(u8 type, u8 code, int *err)
1da177e4
LT		 904{
905 int fatal = 0;
906
907 *err = EPROTO;
908
909 switch (type) {
910 case ICMPV6_DEST_UNREACH:
911 fatal = 1;
912 if (code <= ICMPV6_PORT_UNREACH) {
913 *err = tab_unreach[code].err;
914 fatal = tab_unreach[code].fatal;
915 }
916 break;
917
918 case ICMPV6_PKT_TOOBIG:
919 *err = EMSGSIZE;
920 break;
1ab1457c 921
1da177e4
LT		 922 case ICMPV6_PARAMPROB:
923 *err = EPROTO;
924 fatal = 1;
925 break;
926
927 case ICMPV6_TIME_EXCEED:
928 *err = EHOSTUNREACH;
929 break;
3ff50b79 930 }
1da177e4
LT		 931
932 return fatal;
933}
934
7159039a
YH		 935EXPORT_SYMBOL(icmpv6_err_convert);
936
1da177e4 937#ifdef CONFIG_SYSCTL
760f2d01 938ctl_table ipv6_icmp_table_template[] = {
1da177e4 939 {
1da177e4 940 .procname = "ratelimit",
41a76906 941 .data = &init_net.ipv6.sysctl.icmpv6_time,
1da177e4
LT		 942 .maxlen = sizeof(int),
943 .mode = 0644,
6d9f239a 944 .proc_handler = proc_dointvec_ms_jiffies,
1da177e4 945 },
f8572d8f 946 { },
1da177e4 947};
760f2d01 948
2c8c1e72 949struct ctl_table * __net_init ipv6_icmp_sysctl_init(struct net *net)
760f2d01
DL		 950{
951 struct ctl_table *table;
952
953 table = kmemdup(ipv6_icmp_table_template,
954 sizeof(ipv6_icmp_table_template),
955 GFP_KERNEL);
5ee09105
YH		 956
957 if (table)
958 table[0].data = &net->ipv6.sysctl.icmpv6_time;
959
760f2d01
DL		 960 return table;
961}
1da177e4
LT		 962#endif
963
Clone of davem's net-next-2.6 tree