1/* 2 * Internet Control Message Protocol (ICMPv6) 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * $Id: icmp.c,v 1.1.1.1 2007/08/03 18:53:52 Exp $ 9 * 10 * Based on net/ipv4/icmp.c 11 * 12 * RFC 1885 13 * 14 * This program is free software; you can redistribute it and/or 15 * modify it under the terms of the GNU General Public License 16 * as published by the Free Software Foundation; either version 17 * 2 of the License, or (at your option) any later version. 18 */ 19 20/* 21 * Changes: 22 * 23 * Andi Kleen : exception handling 24 * Andi Kleen add rate limits. never reply to a icmp. 25 * add more length checks and other fixes. 26 * yoshfuji : ensure to sent parameter problem for 27 * fragments. 28 * YOSHIFUJI Hideaki @USAGI: added sysctl for icmp rate limit. 29 * Randy Dunlap and 30 * YOSHIFUJI Hideaki @USAGI: Per-interface statistics support 31 * Kazunori MIYAZAWA @USAGI: change output process to use ip6_append_data 32 */ 33 34#include <linux/module.h> 35#include <linux/errno.h> 36#include <linux/types.h> 37#include <linux/socket.h> 38#include <linux/in.h> 39#include <linux/kernel.h> 40#include <linux/sockios.h> 41#include <linux/net.h> 42#include <linux/skbuff.h> 43#include <linux/init.h> 44#include <linux/netfilter.h> 45 46#ifdef CONFIG_SYSCTL 47#include <linux/sysctl.h> 48#endif 49 50#include <linux/inet.h> 51#include <linux/netdevice.h> 52#include <linux/icmpv6.h> 53 54#include <net/ip.h> 55#include <net/sock.h> 56 57#include <net/ipv6.h> 58#include <net/ip6_checksum.h> 59#include <net/protocol.h> 60#include <net/raw.h> 61#include <net/rawv6.h> 62#include <net/transp_v6.h> 63#include <net/ip6_route.h> 64#include <net/addrconf.h> 65#include <net/icmp.h> 66 67#include <asm/uaccess.h> 68#include <asm/system.h> 69 70DEFINE_SNMP_STAT(struct icmpv6_mib, icmpv6_statistics) __read_mostly; 71EXPORT_SYMBOL(icmpv6_statistics); 72 73/* 74 * The ICMP socket(s). This is the most convenient way to flow control 75 * our ICMP output as well as maintain a clean interface throughout 76 * all layers. All Socketless IP sends will soon be gone. 77 * 78 * On SMP we have one ICMP socket per-cpu. 79 */ 80static DEFINE_PER_CPU(struct socket *, __icmpv6_socket) = NULL; 81#define icmpv6_socket __get_cpu_var(__icmpv6_socket) 82 83static int icmpv6_rcv(struct sk_buff **pskb); 84 85static struct inet6_protocol icmpv6_protocol = { 86 .handler = icmpv6_rcv, 87 .flags = INET6_PROTO_FINAL, 88}; 89 90static __inline__ int icmpv6_xmit_lock(void) 91{ 92 local_bh_disable(); 93 94 if (unlikely(!spin_trylock(&icmpv6_socket->sk->sk_lock.slock))) { 95 /* This can happen if the output path (f.e. SIT or 96 * ip6ip6 tunnel) signals dst_link_failure() for an 97 * outgoing ICMP6 packet. 98 */ 99 local_bh_enable(); 100 return 1; 101 } 102 return 0; 103} 104 105static __inline__ void icmpv6_xmit_unlock(void) 106{ 107 spin_unlock_bh(&icmpv6_socket->sk->sk_lock.slock); 108} 109 110/* 111 * Slightly more convenient version of icmpv6_send. 112 */ 113void icmpv6_param_prob(struct sk_buff *skb, int code, int pos) 114{ 115 icmpv6_send(skb, ICMPV6_PARAMPROB, code, pos, skb->dev); 116 kfree_skb(skb); 117} 118 119/* 120 * Figure out, may we reply to this packet with icmp error. 121 * 122 * We do not reply, if: 123 * - it was icmp error message. 124 * - it is truncated, so that it is known, that protocol is ICMPV6 125 * (i.e. in the middle of some exthdr) 126 * 127 * --ANK (980726) 128 */ 129 130static int is_ineligible(struct sk_buff *skb) 131{ 132 int ptr = (u8 *)(ipv6_hdr(skb) + 1) - skb->data; 133 int len = skb->len - ptr; 134 __u8 nexthdr = ipv6_hdr(skb)->nexthdr; 135 136 if (len < 0) 137 return 1; 138 139 ptr = ipv6_skip_exthdr(skb, ptr, &nexthdr); 140 if (ptr < 0) 141 return 0; 142 if (nexthdr == IPPROTO_ICMPV6) { 143 u8 _type, *tp; 144 tp = skb_header_pointer(skb, 145 ptr+offsetof(struct icmp6hdr, icmp6_type), 146 sizeof(_type), &_type); 147 if (tp == NULL || 148 !(*tp & ICMPV6_INFOMSG_MASK)) 149 return 1; 150 } 151 return 0; 152} 153 154static int sysctl_icmpv6_time __read_mostly = 1*HZ; 155 156/* 157 * Check the ICMP output rate limit 158 */ 159static inline int icmpv6_xrlim_allow(struct sock *sk, int type, 160 struct flowi *fl) 161{ 162 struct dst_entry *dst; 163 int res = 0; 164 165 /* Informational messages are not limited. */ 166 if (type & ICMPV6_INFOMSG_MASK) 167 return 1; 168 169 /* Do not limit pmtu discovery, it would break it. */ 170 if (type == ICMPV6_PKT_TOOBIG) 171 return 1; 172 173 dst = ip6_route_output(sk, fl); 174 if (dst->error) { 175 IP6_INC_STATS(ip6_dst_idev(dst), 176 IPSTATS_MIB_OUTNOROUTES); 177 } else if (dst->dev && (dst->dev->flags&IFF_LOOPBACK)) { 178 res = 1; 179 } else { 180 struct rt6_info *rt = (struct rt6_info *)dst; 181 int tmo = sysctl_icmpv6_time; 182 183 /* Give more bandwidth to wider prefixes. */ 184 if (rt->rt6i_dst.plen < 128) 185 tmo >>= ((128 - rt->rt6i_dst.plen)>>5); 186 187 res = xrlim_allow(dst, tmo); 188 } 189 dst_release(dst); 190 return res; 191} 192 193/* 194 * an inline helper for the "simple" if statement below 195 * checks if parameter problem report is caused by an 196 * unrecognized IPv6 option that has the Option Type 197 * highest-order two bits set to 10 198 */ 199 200static __inline__ int opt_unrec(struct sk_buff *skb, __u32 offset) 201{ 202 u8 _optval, *op; 203 204 offset += skb_network_offset(skb); 205 op = skb_header_pointer(skb, offset, sizeof(_optval), &_optval); 206 if (op == NULL) 207 return 1; 208 return (*op & 0xC0) == 0x80; 209} 210 211static int icmpv6_push_pending_frames(struct sock *sk, struct flowi *fl, struct icmp6hdr *thdr, int len) 212{ 213 struct sk_buff *skb; 214 struct icmp6hdr *icmp6h; 215 int err = 0; 216 217 if ((skb = skb_peek(&sk->sk_write_queue)) == NULL) 218 goto out; 219 220 icmp6h = icmp6_hdr(skb); 221 memcpy(icmp6h, thdr, sizeof(struct icmp6hdr)); 222 icmp6h->icmp6_cksum = 0; 223 224 if (skb_queue_len(&sk->sk_write_queue) == 1) { 225 skb->csum = csum_partial((char *)icmp6h, 226 sizeof(struct icmp6hdr), skb->csum); 227 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl->fl6_src, 228 &fl->fl6_dst, 229 len, fl->proto, 230 skb->csum); 231 } else { 232 __wsum tmp_csum = 0; 233 234 skb_queue_walk(&sk->sk_write_queue, skb) { 235 tmp_csum = csum_add(tmp_csum, skb->csum); 236 } 237 238 tmp_csum = csum_partial((char *)icmp6h, 239 sizeof(struct icmp6hdr), tmp_csum); 240 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl->fl6_src, 241 &fl->fl6_dst, 242 len, fl->proto, 243 tmp_csum); 244 } 245 ip6_push_pending_frames(sk); 246out: 247 return err; 248} 249 250struct icmpv6_msg { 251 struct sk_buff *skb; 252 int offset; 253 uint8_t type; 254}; 255 256static int icmpv6_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb) 257{ 258 struct icmpv6_msg *msg = (struct icmpv6_msg *) from; 259 struct sk_buff *org_skb = msg->skb; 260 __wsum csum = 0; 261 262 csum = skb_copy_and_csum_bits(org_skb, msg->offset + offset, 263 to, len, csum); 264 skb->csum = csum_block_add(skb->csum, csum, odd); 265 if (!(msg->type & ICMPV6_INFOMSG_MASK)) 266 nf_ct_attach(skb, org_skb); 267 return 0; 268} 269 270#ifdef CONFIG_IPV6_MIP6 271static void mip6_addr_swap(struct sk_buff *skb) 272{ 273 struct ipv6hdr *iph = ipv6_hdr(skb); 274 struct inet6_skb_parm *opt = IP6CB(skb); 275 struct ipv6_destopt_hao *hao; 276 struct in6_addr tmp; 277 int off; 278 279 if (opt->dsthao) { 280 off = ipv6_find_tlv(skb, opt->dsthao, IPV6_TLV_HAO); 281 if (likely(off >= 0)) { 282 hao = (struct ipv6_destopt_hao *) 283 (skb_network_header(skb) + off); 284 ipv6_addr_copy(&tmp, &iph->saddr); 285 ipv6_addr_copy(&iph->saddr, &hao->addr); 286 ipv6_addr_copy(&hao->addr, &tmp); 287 } 288 } 289} 290#else 291static inline void mip6_addr_swap(struct sk_buff *skb) {} 292#endif 293 294/* 295 * Send an ICMP message in response to a packet in error 296 */ 297void icmpv6_send(struct sk_buff *skb, int type, int code, __u32 info, 298 struct net_device *dev) 299{ 300 struct inet6_dev *idev = NULL; 301 struct ipv6hdr *hdr = ipv6_hdr(skb); 302 struct sock *sk; 303 struct ipv6_pinfo *np; 304 struct in6_addr *saddr = NULL; 305 struct dst_entry *dst; 306 struct icmp6hdr tmp_hdr; 307 struct flowi fl; 308 struct icmpv6_msg msg; 309 int iif = 0; 310 int addr_type = 0; 311 int len; 312 int hlimit, tclass; 313 int err = 0; 314 315 if ((u8 *)hdr < skb->head || 316 (skb->network_header + sizeof(*hdr)) > skb->tail) 317 return; 318 319 /* 320 * Make sure we respect the rules 321 * i.e. RFC 1885 2.4(e) 322 * Rule (e.1) is enforced by not using icmpv6_send 323 * in any code that processes icmp errors. 324 */ 325 addr_type = ipv6_addr_type(&hdr->daddr); 326 327 if (ipv6_chk_addr(&hdr->daddr, skb->dev, 0)) 328 saddr = &hdr->daddr; 329 330 /* 331 * Dest addr check 332 */ 333 334 if ((addr_type & IPV6_ADDR_MULTICAST || skb->pkt_type != PACKET_HOST)) { 335 if (type != ICMPV6_PKT_TOOBIG && 336 !(type == ICMPV6_PARAMPROB && 337 code == ICMPV6_UNK_OPTION && 338 (opt_unrec(skb, info)))) 339 return; 340 341 saddr = NULL; 342 } 343 344 addr_type = ipv6_addr_type(&hdr->saddr); 345 346 /* 347 * Source addr check 348 */ 349 350 if (addr_type & IPV6_ADDR_LINKLOCAL) 351 iif = skb->dev->ifindex; 352 353 /* 354 * Must not send error if the source does not uniquely 355 * identify a single node (RFC2463 Section 2.4). 356 * We check unspecified / multicast addresses here, 357 * and anycast addresses will be checked later. 358 */ 359 if ((addr_type == IPV6_ADDR_ANY) || (addr_type & IPV6_ADDR_MULTICAST)) { 360 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6_send: addr_any/mcast source\n"); 361 return; 362 } 363 364 /* 365 * Never answer to a ICMP packet. 366 */ 367 if (is_ineligible(skb)) { 368 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6_send: no reply to icmp error\n"); 369 return; 370 } 371 372 mip6_addr_swap(skb); 373 374 memset(&fl, 0, sizeof(fl)); 375 fl.proto = IPPROTO_ICMPV6; 376 ipv6_addr_copy(&fl.fl6_dst, &hdr->saddr); 377 if (saddr) 378 ipv6_addr_copy(&fl.fl6_src, saddr); 379 fl.oif = iif; 380 fl.fl_icmp_type = type; 381 fl.fl_icmp_code = code; 382 security_skb_classify_flow(skb, &fl); 383 384 if (icmpv6_xmit_lock()) 385 return; 386 387 sk = icmpv6_socket->sk; 388 np = inet6_sk(sk); 389 390 if (!icmpv6_xrlim_allow(sk, type, &fl)) 391 goto out; 392 393 tmp_hdr.icmp6_type = type; 394 tmp_hdr.icmp6_code = code; 395 tmp_hdr.icmp6_cksum = 0; 396 tmp_hdr.icmp6_pointer = htonl(info); 397 398 if (!fl.oif && ipv6_addr_is_multicast(&fl.fl6_dst)) 399 fl.oif = np->mcast_oif; 400 401 err = ip6_dst_lookup(sk, &dst, &fl); 402 if (err) 403 goto out; 404 405 /* 406 * We won't send icmp if the destination is known 407 * anycast. 408 */ 409 if (((struct rt6_info *)dst)->rt6i_flags & RTF_ANYCAST) { 410 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6_send: acast source\n"); 411 goto out_dst_release; 412 } 413 414 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) 415 goto out; 416 417 if (ipv6_addr_is_multicast(&fl.fl6_dst)) 418 hlimit = np->mcast_hops; 419 else 420 hlimit = np->hop_limit; 421 if (hlimit < 0) 422 hlimit = dst_metric(dst, RTAX_HOPLIMIT); 423 if (hlimit < 0) 424 hlimit = ipv6_get_hoplimit(dst->dev); 425 426 tclass = np->tclass; 427 if (tclass < 0) 428 tclass = 0; 429 430 msg.skb = skb; 431 msg.offset = skb_network_offset(skb); 432 msg.type = type; 433 434 len = skb->len - msg.offset; 435 len = min_t(unsigned int, len, IPV6_MIN_MTU - sizeof(struct ipv6hdr) -sizeof(struct icmp6hdr)); 436 if (len < 0) { 437 LIMIT_NETDEBUG(KERN_DEBUG "icmp: len problem\n"); 438 goto out_dst_release; 439 } 440 441 idev = in6_dev_get(skb->dev); 442 443 err = ip6_append_data(sk, icmpv6_getfrag, &msg, 444 len + sizeof(struct icmp6hdr), 445 sizeof(struct icmp6hdr), 446 hlimit, tclass, NULL, &fl, (struct rt6_info*)dst, 447 MSG_DONTWAIT); 448 if (err) { 449 ip6_flush_pending_frames(sk); 450 goto out_put; 451 } 452 err = icmpv6_push_pending_frames(sk, &fl, &tmp_hdr, len + sizeof(struct icmp6hdr)); 453 454 if (type >= ICMPV6_DEST_UNREACH && type <= ICMPV6_PARAMPROB) 455 ICMP6_INC_STATS_OFFSET_BH(idev, ICMP6_MIB_OUTDESTUNREACHS, type - ICMPV6_DEST_UNREACH); 456 ICMP6_INC_STATS_BH(idev, ICMP6_MIB_OUTMSGS); 457 458out_put: 459 if (likely(idev != NULL)) 460 in6_dev_put(idev); 461out_dst_release: 462 dst_release(dst); 463out: 464 icmpv6_xmit_unlock(); 465} 466 467EXPORT_SYMBOL(icmpv6_send); 468 469static void icmpv6_echo_reply(struct sk_buff *skb) 470{ 471 struct sock *sk; 472 struct inet6_dev *idev; 473 struct ipv6_pinfo *np; 474 struct in6_addr *saddr = NULL; 475 struct icmp6hdr *icmph = icmp6_hdr(skb); 476 struct icmp6hdr tmp_hdr; 477 struct flowi fl; 478 struct icmpv6_msg msg; 479 struct dst_entry *dst; 480 int err = 0; 481 int hlimit; 482 int tclass; 483 484 saddr = &ipv6_hdr(skb)->daddr; 485 486 if (!ipv6_unicast_destination(skb)) 487 saddr = NULL; 488 489 memcpy(&tmp_hdr, icmph, sizeof(tmp_hdr)); 490 tmp_hdr.icmp6_type = ICMPV6_ECHO_REPLY; 491 492 memset(&fl, 0, sizeof(fl)); 493 fl.proto = IPPROTO_ICMPV6; 494 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr); 495 if (saddr) 496 ipv6_addr_copy(&fl.fl6_src, saddr); 497 fl.oif = skb->dev->ifindex; 498 fl.fl_icmp_type = ICMPV6_ECHO_REPLY; 499 security_skb_classify_flow(skb, &fl); 500 501 if (icmpv6_xmit_lock()) 502 return; 503 504 sk = icmpv6_socket->sk; 505 np = inet6_sk(sk); 506 507 if (!fl.oif && ipv6_addr_is_multicast(&fl.fl6_dst)) 508 fl.oif = np->mcast_oif; 509 510 err = ip6_dst_lookup(sk, &dst, &fl); 511 if (err) 512 goto out; 513 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) 514 goto out; 515 516#if 1 /* IPv6Ready- Test v6LC.5.1.2 Part F: Request sent to loopback address */ 517 if (saddr && (ipv6_addr_type(saddr) & IPV6_ADDR_LOOPBACK)) 518 { 519 if ((dst->dev->flags & IFF_LOOPBACK) == 0) 520 goto out; 521 } 522#endif 523 524 if (ipv6_addr_is_multicast(&fl.fl6_dst)) 525 hlimit = np->mcast_hops; 526 else 527 hlimit = np->hop_limit; 528 if (hlimit < 0) 529 hlimit = dst_metric(dst, RTAX_HOPLIMIT); 530 if (hlimit < 0) 531 hlimit = ipv6_get_hoplimit(dst->dev); 532 533 tclass = np->tclass; 534 if (tclass < 0) 535 tclass = 0; 536 537 idev = in6_dev_get(skb->dev); 538 539 msg.skb = skb; 540 msg.offset = 0; 541 msg.type = ICMPV6_ECHO_REPLY; 542 543 err = ip6_append_data(sk, icmpv6_getfrag, &msg, skb->len + sizeof(struct icmp6hdr), 544 sizeof(struct icmp6hdr), hlimit, tclass, NULL, &fl, 545 (struct rt6_info*)dst, MSG_DONTWAIT); 546 547 if (err) { 548 ip6_flush_pending_frames(sk); 549 goto out_put; 550 } 551 err = icmpv6_push_pending_frames(sk, &fl, &tmp_hdr, skb->len + sizeof(struct icmp6hdr)); 552 553 ICMP6_INC_STATS_BH(idev, ICMP6_MIB_OUTECHOREPLIES); 554 ICMP6_INC_STATS_BH(idev, ICMP6_MIB_OUTMSGS); 555 556out_put: 557 if (likely(idev != NULL)) 558 in6_dev_put(idev); 559 dst_release(dst); 560out: 561 icmpv6_xmit_unlock(); 562} 563 564static void icmpv6_notify(struct sk_buff *skb, int type, int code, __be32 info) 565{ 566 struct in6_addr *saddr, *daddr; 567 struct inet6_protocol *ipprot; 568 struct sock *sk; 569 int inner_offset; 570 int hash; 571 u8 nexthdr; 572 573 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr))) 574 return; 575 576 nexthdr = ((struct ipv6hdr *)skb->data)->nexthdr; 577 if (ipv6_ext_hdr(nexthdr)) { 578 /* now skip over extension headers */ 579 inner_offset = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr), &nexthdr); 580 if (inner_offset<0) 581 return; 582 } else { 583 inner_offset = sizeof(struct ipv6hdr); 584 } 585 586 /* Checkin header including 8 bytes of inner protocol header. */ 587 if (!pskb_may_pull(skb, inner_offset+8)) 588 return; 589 590 saddr = &ipv6_hdr(skb)->saddr; 591 daddr = &ipv6_hdr(skb)->daddr; 592 593 /* BUGGG_FUTURE: we should try to parse exthdrs in this packet. 594 Without this we will not able f.e. to make source routed 595 pmtu discovery. 596 Corresponding argument (opt) to notifiers is already added. 597 --ANK (980726) 598 */ 599 600 hash = nexthdr & (MAX_INET_PROTOS - 1); 601 602 rcu_read_lock(); 603 ipprot = rcu_dereference(inet6_protos[hash]); 604 if (ipprot && ipprot->err_handler) 605 ipprot->err_handler(skb, NULL, type, code, inner_offset, info); 606 rcu_read_unlock(); 607 608 read_lock(&raw_v6_lock); 609 if ((sk = sk_head(&raw_v6_htable[hash])) != NULL) { 610 while((sk = __raw_v6_lookup(sk, nexthdr, daddr, saddr, 611 IP6CB(skb)->iif))) { 612 rawv6_err(sk, skb, NULL, type, code, inner_offset, info); 613 sk = sk_next(sk); 614 } 615 } 616 read_unlock(&raw_v6_lock); 617} 618 619/* 620 * Handle icmp messages 621 */ 622 623static int icmpv6_rcv(struct sk_buff **pskb) 624{ 625 struct sk_buff *skb = *pskb; 626 struct net_device *dev = skb->dev; 627 struct inet6_dev *idev = __in6_dev_get(dev); 628 struct in6_addr *saddr, *daddr; 629 struct ipv6hdr *orig_hdr; 630 struct icmp6hdr *hdr; 631 int type; 632 633 ICMP6_INC_STATS_BH(idev, ICMP6_MIB_INMSGS); 634 635 saddr = &ipv6_hdr(skb)->saddr; 636 daddr = &ipv6_hdr(skb)->daddr; 637 638 /* Perform checksum. */ 639 switch (skb->ip_summed) { 640 case CHECKSUM_COMPLETE: 641 if (!csum_ipv6_magic(saddr, daddr, skb->len, IPPROTO_ICMPV6, 642 skb->csum)) 643 break; 644 /* fall through */ 645 case CHECKSUM_NONE: 646 skb->csum = ~csum_unfold(csum_ipv6_magic(saddr, daddr, skb->len, 647 IPPROTO_ICMPV6, 0)); 648 if (__skb_checksum_complete(skb)) { 649 LIMIT_NETDEBUG(KERN_DEBUG "ICMPv6 checksum failed [" NIP6_FMT " > " NIP6_FMT "]\n", 650 NIP6(*saddr), NIP6(*daddr)); 651 goto discard_it; 652 } 653 } 654 655 if (!pskb_pull(skb, sizeof(struct icmp6hdr))) 656 goto discard_it; 657 658 hdr = icmp6_hdr(skb); 659 660 type = hdr->icmp6_type; 661 662 if (type >= ICMPV6_DEST_UNREACH && type <= ICMPV6_PARAMPROB) 663 ICMP6_INC_STATS_OFFSET_BH(idev, ICMP6_MIB_INDESTUNREACHS, type - ICMPV6_DEST_UNREACH); 664 else if (type >= ICMPV6_ECHO_REQUEST && type <= NDISC_REDIRECT) 665 ICMP6_INC_STATS_OFFSET_BH(idev, ICMP6_MIB_INECHOS, type - ICMPV6_ECHO_REQUEST); 666 667 switch (type) { 668 case ICMPV6_ECHO_REQUEST: 669 icmpv6_echo_reply(skb); 670 break; 671 672 case ICMPV6_ECHO_REPLY: 673 /* we couldn't care less */ 674 break; 675 676 case ICMPV6_PKT_TOOBIG: 677 /* BUGGG_FUTURE: if packet contains rthdr, we cannot update 678 standard destination cache. Seems, only "advanced" 679 destination cache will allow to solve this problem 680 --ANK (980726) 681 */ 682 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr))) 683 goto discard_it; 684 hdr = icmp6_hdr(skb); 685 orig_hdr = (struct ipv6hdr *) (hdr + 1); 686 rt6_pmtu_discovery(&orig_hdr->daddr, &orig_hdr->saddr, dev, 687 ntohl(hdr->icmp6_mtu)); 688 689 /* 690 * Drop through to notify 691 */ 692 693 case ICMPV6_DEST_UNREACH: 694 case ICMPV6_TIME_EXCEED: 695 case ICMPV6_PARAMPROB: 696 icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu); 697 break; 698 699 case NDISC_ROUTER_SOLICITATION: 700 case NDISC_ROUTER_ADVERTISEMENT: 701 case NDISC_NEIGHBOUR_SOLICITATION: 702 case NDISC_NEIGHBOUR_ADVERTISEMENT: 703 case NDISC_REDIRECT: 704 ndisc_rcv(skb); 705 break; 706 707 case ICMPV6_MGM_QUERY: 708 igmp6_event_query(skb); 709 break; 710 711 case ICMPV6_MGM_REPORT: 712 igmp6_event_report(skb); 713 break; 714 715 case ICMPV6_MGM_REDUCTION: 716 case ICMPV6_NI_QUERY: 717 case ICMPV6_NI_REPLY: 718 case ICMPV6_MLD2_REPORT: 719 case ICMPV6_DHAAD_REQUEST: 720 case ICMPV6_DHAAD_REPLY: 721 case ICMPV6_MOBILE_PREFIX_SOL: 722 case ICMPV6_MOBILE_PREFIX_ADV: 723 break; 724 725 default: 726 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6: msg of unknown type\n"); 727 728 /* informational */ 729 if (type & ICMPV6_INFOMSG_MASK) 730 break; 731 732 /* 733 * error of unknown type. 734 * must pass to upper level 735 */ 736 737 icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu); 738 } 739 740 kfree_skb(skb); 741 return 0; 742 743discard_it: 744 ICMP6_INC_STATS_BH(idev, ICMP6_MIB_INERRORS); 745 kfree_skb(skb); 746 return 0; 747} 748 749/* 750 * Special lock-class for __icmpv6_socket: 751 */ 752static struct lock_class_key icmpv6_socket_sk_dst_lock_key; 753 754int __init icmpv6_init(struct net_proto_family *ops) 755{ 756 struct sock *sk; 757 int err, i, j; 758 759 for_each_possible_cpu(i) { 760 err = sock_create_kern(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6, 761 &per_cpu(__icmpv6_socket, i)); 762 if (err < 0) { 763 printk(KERN_ERR 764 "Failed to initialize the ICMP6 control socket " 765 "(err %d).\n", 766 err); 767 goto fail; 768 } 769 770 sk = per_cpu(__icmpv6_socket, i)->sk; 771 sk->sk_allocation = GFP_ATOMIC; 772 /* 773 * Split off their lock-class, because sk->sk_dst_lock 774 * gets used from softirqs, which is safe for 775 * __icmpv6_socket (because those never get directly used 776 * via userspace syscalls), but unsafe for normal sockets. 777 */ 778 lockdep_set_class(&sk->sk_dst_lock, 779 &icmpv6_socket_sk_dst_lock_key); 780 781 /* Enough space for 2 64K ICMP packets, including 782 * sk_buff struct overhead. 783 */ 784 sk->sk_sndbuf = 785 (2 * ((64 * 1024) + sizeof(struct sk_buff))); 786 787 sk->sk_prot->unhash(sk); 788 } 789 790 791 if (inet6_add_protocol(&icmpv6_protocol, IPPROTO_ICMPV6) < 0) { 792 printk(KERN_ERR "Failed to register ICMP6 protocol\n"); 793 err = -EAGAIN; 794 goto fail; 795 } 796 797 return 0; 798 799 fail: 800 for (j = 0; j < i; j++) { 801 if (!cpu_possible(j)) 802 continue; 803 sock_release(per_cpu(__icmpv6_socket, j)); 804 } 805 806 return err; 807} 808 809void icmpv6_cleanup(void) 810{ 811 int i; 812 813 for_each_possible_cpu(i) { 814 sock_release(per_cpu(__icmpv6_socket, i)); 815 } 816 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6); 817} 818 819static const struct icmp6_err { 820 int err; 821 int fatal; 822} tab_unreach[] = { 823 { /* NOROUTE */ 824 .err = ENETUNREACH, 825 .fatal = 0, 826 }, 827 { /* ADM_PROHIBITED */ 828 .err = EACCES, 829 .fatal = 1, 830 }, 831 { /* Was NOT_NEIGHBOUR, now reserved */ 832 .err = EHOSTUNREACH, 833 .fatal = 0, 834 }, 835 { /* ADDR_UNREACH */ 836 .err = EHOSTUNREACH, 837 .fatal = 0, 838 }, 839 { /* PORT_UNREACH */ 840 .err = ECONNREFUSED, 841 .fatal = 1, 842 }, 843}; 844 845int icmpv6_err_convert(int type, int code, int *err) 846{ 847 int fatal = 0; 848 849 *err = EPROTO; 850 851 switch (type) { 852 case ICMPV6_DEST_UNREACH: 853 fatal = 1; 854 if (code <= ICMPV6_PORT_UNREACH) { 855 *err = tab_unreach[code].err; 856 fatal = tab_unreach[code].fatal; 857 } 858 break; 859 860 case ICMPV6_PKT_TOOBIG: 861 *err = EMSGSIZE; 862 break; 863 864 case ICMPV6_PARAMPROB: 865 *err = EPROTO; 866 fatal = 1; 867 break; 868 869 case ICMPV6_TIME_EXCEED: 870 *err = EHOSTUNREACH; 871 break; 872 } 873 874 return fatal; 875} 876 877EXPORT_SYMBOL(icmpv6_err_convert); 878 879#ifdef CONFIG_SYSCTL 880ctl_table ipv6_icmp_table[] = { 881 { 882 .ctl_name = NET_IPV6_ICMP_RATELIMIT, 883 .procname = "ratelimit", 884 .data = &sysctl_icmpv6_time, 885 .maxlen = sizeof(int), 886 .mode = 0644, 887 .proc_handler = &proc_dointvec 888 }, 889 { .ctl_name = 0 }, 890}; 891#endif 892