1 /* 2 * Internet Control Message Protocol (ICMPv6) 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * $Id: icmp.c,v 1.38 2002/02/08 03:57:19 davem Exp $ 9 * 10 * Based on net/ipv4/icmp.c 11 * 12 * RFC 1885 13 * 14 * This program is free software; you can redistribute it and/or 15 * modify it under the terms of the GNU General Public License 16 * as published by the Free Software Foundation; either version 17 * 2 of the License, or (at your option) any later version. 18 */ 19 20 /* 21 * Changes: 22 * 23 * Andi Kleen : exception handling 24 * Andi Kleen add rate limits. never reply to a icmp. 25 * add more length checks and other fixes. 26 * yoshfuji : ensure to sent parameter problem for 27 * fragments. 28 * YOSHIFUJI Hideaki @USAGI: added sysctl for icmp rate limit. 29 * Randy Dunlap and 30 * YOSHIFUJI Hideaki @USAGI: Per-interface statistics support 31 * Kazunori MIYAZAWA @USAGI: change output process to use ip6_append_data 32 */ 33 34 #include <linux/module.h> 35 #include <linux/errno.h> 36 #include <linux/types.h> 37 #include <linux/socket.h> 38 #include <linux/in.h> 39 #include <linux/kernel.h> 40 #include <linux/sockios.h> 41 #include <linux/net.h> 42 #include <linux/skbuff.h> 43 #include <linux/init.h> 44 #include <linux/netfilter.h> 45 46 #ifdef CONFIG_SYSCTL 47 #include <linux/sysctl.h> 48 #endif 49 50 #include <linux/inet.h> 51 #include <linux/netdevice.h> 52 #include <linux/icmpv6.h> 53 54 #include <net/ip.h> 55 #include <net/sock.h> 56 57 #include <net/ipv6.h> 58 #include <net/ip6_checksum.h> 59 #include <net/protocol.h> 60 #include <net/raw.h> 61 #include <net/rawv6.h> 62 #include <net/transp_v6.h> 63 #include <net/ip6_route.h> 64 #include <net/addrconf.h> 65 #include <net/icmp.h> 66 #include <net/xfrm.h> 67 68 #include <asm/uaccess.h> 69 #include <asm/system.h> 70 71 DEFINE_SNMP_STAT(struct icmpv6_mib, icmpv6_statistics) __read_mostly; 72 EXPORT_SYMBOL(icmpv6_statistics); 73 DEFINE_SNMP_STAT(struct icmpv6msg_mib, icmpv6msg_statistics) __read_mostly; 74 EXPORT_SYMBOL(icmpv6msg_statistics); 75 76 /* 77 * The ICMP socket(s). This is the most convenient way to flow control 78 * our ICMP output as well as maintain a clean interface throughout 79 * all layers. All Socketless IP sends will soon be gone. 80 * 81 * On SMP we have one ICMP socket per-cpu. 82 */ 83 static inline struct sock *icmpv6_sk(struct net *net) 84 { 85 return net->ipv6.icmp_sk[smp_processor_id()]; 86 } 87 88 static int icmpv6_rcv(struct sk_buff *skb); 89 90 static struct inet6_protocol icmpv6_protocol = { 91 .handler = icmpv6_rcv, 92 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, 93 }; 94 95 static __inline__ int icmpv6_xmit_lock(struct sock *sk) 96 { 97 local_bh_disable(); 98 99 if (unlikely(!spin_trylock(&sk->sk_lock.slock))) { 100 /* This can happen if the output path (f.e. SIT or 101 * ip6ip6 tunnel) signals dst_link_failure() for an 102 * outgoing ICMP6 packet. 103 */ 104 local_bh_enable(); 105 return 1; 106 } 107 return 0; 108 } 109 110 static __inline__ void icmpv6_xmit_unlock(struct sock *sk) 111 { 112 spin_unlock_bh(&sk->sk_lock.slock); 113 } 114 115 /* 116 * Slightly more convenient version of icmpv6_send. 117 */ 118 void icmpv6_param_prob(struct sk_buff *skb, int code, int pos) 119 { 120 icmpv6_send(skb, ICMPV6_PARAMPROB, code, pos, skb->dev); 121 kfree_skb(skb); 122 } 123 124 /* 125 * Figure out, may we reply to this packet with icmp error. 126 * 127 * We do not reply, if: 128 * - it was icmp error message. 129 * - it is truncated, so that it is known, that protocol is ICMPV6 130 * (i.e. in the middle of some exthdr) 131 * 132 * --ANK (980726) 133 */ 134 135 static int is_ineligible(struct sk_buff *skb) 136 { 137 int ptr = (u8 *)(ipv6_hdr(skb) + 1) - skb->data; 138 int len = skb->len - ptr; 139 __u8 nexthdr = ipv6_hdr(skb)->nexthdr; 140 141 if (len < 0) 142 return 1; 143 144 ptr = ipv6_skip_exthdr(skb, ptr, &nexthdr); 145 if (ptr < 0) 146 return 0; 147 if (nexthdr == IPPROTO_ICMPV6) { 148 u8 _type, *tp; 149 tp = skb_header_pointer(skb, 150 ptr+offsetof(struct icmp6hdr, icmp6_type), 151 sizeof(_type), &_type); 152 if (tp == NULL || 153 !(*tp & ICMPV6_INFOMSG_MASK)) 154 return 1; 155 } 156 return 0; 157 } 158 159 /* 160 * Check the ICMP output rate limit 161 */ 162 static inline int icmpv6_xrlim_allow(struct sock *sk, int type, 163 struct flowi *fl) 164 { 165 struct dst_entry *dst; 166 int res = 0; 167 168 /* Informational messages are not limited. */ 169 if (type & ICMPV6_INFOMSG_MASK) 170 return 1; 171 172 /* Do not limit pmtu discovery, it would break it. */ 173 if (type == ICMPV6_PKT_TOOBIG) 174 return 1; 175 176 /* 177 * Look up the output route. 178 * XXX: perhaps the expire for routing entries cloned by 179 * this lookup should be more aggressive (not longer than timeout). 180 */ 181 dst = ip6_route_output(sk, fl); 182 if (dst->error) { 183 IP6_INC_STATS(ip6_dst_idev(dst), 184 IPSTATS_MIB_OUTNOROUTES); 185 } else if (dst->dev && (dst->dev->flags&IFF_LOOPBACK)) { 186 res = 1; 187 } else { 188 struct rt6_info *rt = (struct rt6_info *)dst; 189 int tmo = init_net.ipv6.sysctl.icmpv6_time; 190 191 /* Give more bandwidth to wider prefixes. */ 192 if (rt->rt6i_dst.plen < 128) 193 tmo >>= ((128 - rt->rt6i_dst.plen)>>5); 194 195 res = xrlim_allow(dst, tmo); 196 } 197 dst_release(dst); 198 return res; 199 } 200 201 /* 202 * an inline helper for the "simple" if statement below 203 * checks if parameter problem report is caused by an 204 * unrecognized IPv6 option that has the Option Type 205 * highest-order two bits set to 10 206 */ 207 208 static __inline__ int opt_unrec(struct sk_buff *skb, __u32 offset) 209 { 210 u8 _optval, *op; 211 212 offset += skb_network_offset(skb); 213 op = skb_header_pointer(skb, offset, sizeof(_optval), &_optval); 214 if (op == NULL) 215 return 1; 216 return (*op & 0xC0) == 0x80; 217 } 218 219 static int icmpv6_push_pending_frames(struct sock *sk, struct flowi *fl, struct icmp6hdr *thdr, int len) 220 { 221 struct sk_buff *skb; 222 struct icmp6hdr *icmp6h; 223 int err = 0; 224 225 if ((skb = skb_peek(&sk->sk_write_queue)) == NULL) 226 goto out; 227 228 icmp6h = icmp6_hdr(skb); 229 memcpy(icmp6h, thdr, sizeof(struct icmp6hdr)); 230 icmp6h->icmp6_cksum = 0; 231 232 if (skb_queue_len(&sk->sk_write_queue) == 1) { 233 skb->csum = csum_partial((char *)icmp6h, 234 sizeof(struct icmp6hdr), skb->csum); 235 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl->fl6_src, 236 &fl->fl6_dst, 237 len, fl->proto, 238 skb->csum); 239 } else { 240 __wsum tmp_csum = 0; 241 242 skb_queue_walk(&sk->sk_write_queue, skb) { 243 tmp_csum = csum_add(tmp_csum, skb->csum); 244 } 245 246 tmp_csum = csum_partial((char *)icmp6h, 247 sizeof(struct icmp6hdr), tmp_csum); 248 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl->fl6_src, 249 &fl->fl6_dst, 250 len, fl->proto, 251 tmp_csum); 252 } 253 ip6_push_pending_frames(sk); 254 out: 255 return err; 256 } 257 258 struct icmpv6_msg { 259 struct sk_buff *skb; 260 int offset; 261 uint8_t type; 262 }; 263 264 static int icmpv6_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb) 265 { 266 struct icmpv6_msg *msg = (struct icmpv6_msg *) from; 267 struct sk_buff *org_skb = msg->skb; 268 __wsum csum = 0; 269 270 csum = skb_copy_and_csum_bits(org_skb, msg->offset + offset, 271 to, len, csum); 272 skb->csum = csum_block_add(skb->csum, csum, odd); 273 if (!(msg->type & ICMPV6_INFOMSG_MASK)) 274 nf_ct_attach(skb, org_skb); 275 return 0; 276 } 277 278 #if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE) 279 static void mip6_addr_swap(struct sk_buff *skb) 280 { 281 struct ipv6hdr *iph = ipv6_hdr(skb); 282 struct inet6_skb_parm *opt = IP6CB(skb); 283 struct ipv6_destopt_hao *hao; 284 struct in6_addr tmp; 285 int off; 286 287 if (opt->dsthao) { 288 off = ipv6_find_tlv(skb, opt->dsthao, IPV6_TLV_HAO); 289 if (likely(off >= 0)) { 290 hao = (struct ipv6_destopt_hao *) 291 (skb_network_header(skb) + off); 292 ipv6_addr_copy(&tmp, &iph->saddr); 293 ipv6_addr_copy(&iph->saddr, &hao->addr); 294 ipv6_addr_copy(&hao->addr, &tmp); 295 } 296 } 297 } 298 #else 299 static inline void mip6_addr_swap(struct sk_buff *skb) {} 300 #endif 301 302 /* 303 * Send an ICMP message in response to a packet in error 304 */ 305 void icmpv6_send(struct sk_buff *skb, int type, int code, __u32 info, 306 struct net_device *dev) 307 { 308 struct inet6_dev *idev = NULL; 309 struct ipv6hdr *hdr = ipv6_hdr(skb); 310 struct sock *sk; 311 struct ipv6_pinfo *np; 312 struct in6_addr *saddr = NULL; 313 struct dst_entry *dst; 314 struct dst_entry *dst2; 315 struct icmp6hdr tmp_hdr; 316 struct flowi fl; 317 struct flowi fl2; 318 struct icmpv6_msg msg; 319 int iif = 0; 320 int addr_type = 0; 321 int len; 322 int hlimit, tclass; 323 int err = 0; 324 325 if ((u8 *)hdr < skb->head || 326 (skb->network_header + sizeof(*hdr)) > skb->tail) 327 return; 328 329 /* 330 * Make sure we respect the rules 331 * i.e. RFC 1885 2.4(e) 332 * Rule (e.1) is enforced by not using icmpv6_send 333 * in any code that processes icmp errors. 334 */ 335 addr_type = ipv6_addr_type(&hdr->daddr); 336 337 if (ipv6_chk_addr(&init_net, &hdr->daddr, skb->dev, 0)) 338 saddr = &hdr->daddr; 339 340 /* 341 * Dest addr check 342 */ 343 344 if ((addr_type & IPV6_ADDR_MULTICAST || skb->pkt_type != PACKET_HOST)) { 345 if (type != ICMPV6_PKT_TOOBIG && 346 !(type == ICMPV6_PARAMPROB && 347 code == ICMPV6_UNK_OPTION && 348 (opt_unrec(skb, info)))) 349 return; 350 351 saddr = NULL; 352 } 353 354 addr_type = ipv6_addr_type(&hdr->saddr); 355 356 /* 357 * Source addr check 358 */ 359 360 if (addr_type & IPV6_ADDR_LINKLOCAL) 361 iif = skb->dev->ifindex; 362 363 /* 364 * Must not send error if the source does not uniquely 365 * identify a single node (RFC2463 Section 2.4). 366 * We check unspecified / multicast addresses here, 367 * and anycast addresses will be checked later. 368 */ 369 if ((addr_type == IPV6_ADDR_ANY) || (addr_type & IPV6_ADDR_MULTICAST)) { 370 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6_send: addr_any/mcast source\n"); 371 return; 372 } 373 374 /* 375 * Never answer to a ICMP packet. 376 */ 377 if (is_ineligible(skb)) { 378 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6_send: no reply to icmp error\n"); 379 return; 380 } 381 382 mip6_addr_swap(skb); 383 384 memset(&fl, 0, sizeof(fl)); 385 fl.proto = IPPROTO_ICMPV6; 386 ipv6_addr_copy(&fl.fl6_dst, &hdr->saddr); 387 if (saddr) 388 ipv6_addr_copy(&fl.fl6_src, saddr); 389 fl.oif = iif; 390 fl.fl_icmp_type = type; 391 fl.fl_icmp_code = code; 392 security_skb_classify_flow(skb, &fl); 393 394 sk = icmpv6_sk(&init_net); 395 np = inet6_sk(sk); 396 397 if (icmpv6_xmit_lock(sk)) 398 return; 399 400 if (!icmpv6_xrlim_allow(sk, type, &fl)) 401 goto out; 402 403 tmp_hdr.icmp6_type = type; 404 tmp_hdr.icmp6_code = code; 405 tmp_hdr.icmp6_cksum = 0; 406 tmp_hdr.icmp6_pointer = htonl(info); 407 408 if (!fl.oif && ipv6_addr_is_multicast(&fl.fl6_dst)) 409 fl.oif = np->mcast_oif; 410 411 err = ip6_dst_lookup(sk, &dst, &fl); 412 if (err) 413 goto out; 414 415 /* 416 * We won't send icmp if the destination is known 417 * anycast. 418 */ 419 if (((struct rt6_info *)dst)->rt6i_flags & RTF_ANYCAST) { 420 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6_send: acast source\n"); 421 goto out_dst_release; 422 } 423 424 /* No need to clone since we're just using its address. */ 425 dst2 = dst; 426 427 err = xfrm_lookup(&dst, &fl, sk, 0); 428 switch (err) { 429 case 0: 430 if (dst != dst2) 431 goto route_done; 432 break; 433 case -EPERM: 434 dst = NULL; 435 break; 436 default: 437 goto out; 438 } 439 440 if (xfrm_decode_session_reverse(skb, &fl2, AF_INET6)) 441 goto out; 442 443 if (ip6_dst_lookup(sk, &dst2, &fl)) 444 goto out; 445 446 err = xfrm_lookup(&dst2, &fl, sk, XFRM_LOOKUP_ICMP); 447 if (err == -ENOENT) { 448 if (!dst) 449 goto out; 450 goto route_done; 451 } 452 453 dst_release(dst); 454 dst = dst2; 455 456 if (err) 457 goto out; 458 459 route_done: 460 if (ipv6_addr_is_multicast(&fl.fl6_dst)) 461 hlimit = np->mcast_hops; 462 else 463 hlimit = np->hop_limit; 464 if (hlimit < 0) 465 hlimit = dst_metric(dst, RTAX_HOPLIMIT); 466 if (hlimit < 0) 467 hlimit = ipv6_get_hoplimit(dst->dev); 468 469 tclass = np->tclass; 470 if (tclass < 0) 471 tclass = 0; 472 473 msg.skb = skb; 474 msg.offset = skb_network_offset(skb); 475 msg.type = type; 476 477 len = skb->len - msg.offset; 478 len = min_t(unsigned int, len, IPV6_MIN_MTU - sizeof(struct ipv6hdr) -sizeof(struct icmp6hdr)); 479 if (len < 0) { 480 LIMIT_NETDEBUG(KERN_DEBUG "icmp: len problem\n"); 481 goto out_dst_release; 482 } 483 484 idev = in6_dev_get(skb->dev); 485 486 err = ip6_append_data(sk, icmpv6_getfrag, &msg, 487 len + sizeof(struct icmp6hdr), 488 sizeof(struct icmp6hdr), 489 hlimit, tclass, NULL, &fl, (struct rt6_info*)dst, 490 MSG_DONTWAIT); 491 if (err) { 492 ip6_flush_pending_frames(sk); 493 goto out_put; 494 } 495 err = icmpv6_push_pending_frames(sk, &fl, &tmp_hdr, len + sizeof(struct icmp6hdr)); 496 497 out_put: 498 if (likely(idev != NULL)) 499 in6_dev_put(idev); 500 out_dst_release: 501 dst_release(dst); 502 out: 503 icmpv6_xmit_unlock(sk); 504 } 505 506 EXPORT_SYMBOL(icmpv6_send); 507 508 static void icmpv6_echo_reply(struct sk_buff *skb) 509 { 510 struct sock *sk; 511 struct inet6_dev *idev; 512 struct ipv6_pinfo *np; 513 struct in6_addr *saddr = NULL; 514 struct icmp6hdr *icmph = icmp6_hdr(skb); 515 struct icmp6hdr tmp_hdr; 516 struct flowi fl; 517 struct icmpv6_msg msg; 518 struct dst_entry *dst; 519 int err = 0; 520 int hlimit; 521 int tclass; 522 523 saddr = &ipv6_hdr(skb)->daddr; 524 525 if (!ipv6_unicast_destination(skb)) 526 saddr = NULL; 527 528 memcpy(&tmp_hdr, icmph, sizeof(tmp_hdr)); 529 tmp_hdr.icmp6_type = ICMPV6_ECHO_REPLY; 530 531 memset(&fl, 0, sizeof(fl)); 532 fl.proto = IPPROTO_ICMPV6; 533 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr); 534 if (saddr) 535 ipv6_addr_copy(&fl.fl6_src, saddr); 536 fl.oif = skb->dev->ifindex; 537 fl.fl_icmp_type = ICMPV6_ECHO_REPLY; 538 security_skb_classify_flow(skb, &fl); 539 540 sk = icmpv6_sk(&init_net); 541 np = inet6_sk(sk); 542 543 if (icmpv6_xmit_lock(sk)) 544 return; 545 546 if (!fl.oif && ipv6_addr_is_multicast(&fl.fl6_dst)) 547 fl.oif = np->mcast_oif; 548 549 err = ip6_dst_lookup(sk, &dst, &fl); 550 if (err) 551 goto out; 552 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) 553 goto out; 554 555 if (ipv6_addr_is_multicast(&fl.fl6_dst)) 556 hlimit = np->mcast_hops; 557 else 558 hlimit = np->hop_limit; 559 if (hlimit < 0) 560 hlimit = dst_metric(dst, RTAX_HOPLIMIT); 561 if (hlimit < 0) 562 hlimit = ipv6_get_hoplimit(dst->dev); 563 564 tclass = np->tclass; 565 if (tclass < 0) 566 tclass = 0; 567 568 idev = in6_dev_get(skb->dev); 569 570 msg.skb = skb; 571 msg.offset = 0; 572 msg.type = ICMPV6_ECHO_REPLY; 573 574 err = ip6_append_data(sk, icmpv6_getfrag, &msg, skb->len + sizeof(struct icmp6hdr), 575 sizeof(struct icmp6hdr), hlimit, tclass, NULL, &fl, 576 (struct rt6_info*)dst, MSG_DONTWAIT); 577 578 if (err) { 579 ip6_flush_pending_frames(sk); 580 goto out_put; 581 } 582 err = icmpv6_push_pending_frames(sk, &fl, &tmp_hdr, skb->len + sizeof(struct icmp6hdr)); 583 584 out_put: 585 if (likely(idev != NULL)) 586 in6_dev_put(idev); 587 dst_release(dst); 588 out: 589 icmpv6_xmit_unlock(sk); 590 } 591 592 static void icmpv6_notify(struct sk_buff *skb, int type, int code, __be32 info) 593 { 594 struct inet6_protocol *ipprot; 595 int inner_offset; 596 int hash; 597 u8 nexthdr; 598 599 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr))) 600 return; 601 602 nexthdr = ((struct ipv6hdr *)skb->data)->nexthdr; 603 if (ipv6_ext_hdr(nexthdr)) { 604 /* now skip over extension headers */ 605 inner_offset = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr), &nexthdr); 606 if (inner_offset<0) 607 return; 608 } else { 609 inner_offset = sizeof(struct ipv6hdr); 610 } 611 612 /* Checkin header including 8 bytes of inner protocol header. */ 613 if (!pskb_may_pull(skb, inner_offset+8)) 614 return; 615 616 /* BUGGG_FUTURE: we should try to parse exthdrs in this packet. 617 Without this we will not able f.e. to make source routed 618 pmtu discovery. 619 Corresponding argument (opt) to notifiers is already added. 620 --ANK (980726) 621 */ 622 623 hash = nexthdr & (MAX_INET_PROTOS - 1); 624 625 rcu_read_lock(); 626 ipprot = rcu_dereference(inet6_protos[hash]); 627 if (ipprot && ipprot->err_handler) 628 ipprot->err_handler(skb, NULL, type, code, inner_offset, info); 629 rcu_read_unlock(); 630 631 raw6_icmp_error(skb, nexthdr, type, code, inner_offset, info); 632 } 633 634 /* 635 * Handle icmp messages 636 */ 637 638 static int icmpv6_rcv(struct sk_buff *skb) 639 { 640 struct net_device *dev = skb->dev; 641 struct inet6_dev *idev = __in6_dev_get(dev); 642 struct in6_addr *saddr, *daddr; 643 struct ipv6hdr *orig_hdr; 644 struct icmp6hdr *hdr; 645 int type; 646 647 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) { 648 int nh; 649 650 if (!(skb->sp && skb->sp->xvec[skb->sp->len - 1]->props.flags & 651 XFRM_STATE_ICMP)) 652 goto drop_no_count; 653 654 if (!pskb_may_pull(skb, sizeof(*hdr) + sizeof(*orig_hdr))) 655 goto drop_no_count; 656 657 nh = skb_network_offset(skb); 658 skb_set_network_header(skb, sizeof(*hdr)); 659 660 if (!xfrm6_policy_check_reverse(NULL, XFRM_POLICY_IN, skb)) 661 goto drop_no_count; 662 663 skb_set_network_header(skb, nh); 664 } 665 666 ICMP6_INC_STATS_BH(idev, ICMP6_MIB_INMSGS); 667 668 saddr = &ipv6_hdr(skb)->saddr; 669 daddr = &ipv6_hdr(skb)->daddr; 670 671 /* Perform checksum. */ 672 switch (skb->ip_summed) { 673 case CHECKSUM_COMPLETE: 674 if (!csum_ipv6_magic(saddr, daddr, skb->len, IPPROTO_ICMPV6, 675 skb->csum)) 676 break; 677 /* fall through */ 678 case CHECKSUM_NONE: 679 skb->csum = ~csum_unfold(csum_ipv6_magic(saddr, daddr, skb->len, 680 IPPROTO_ICMPV6, 0)); 681 if (__skb_checksum_complete(skb)) { 682 LIMIT_NETDEBUG(KERN_DEBUG "ICMPv6 checksum failed [" NIP6_FMT " > " NIP6_FMT "]\n", 683 NIP6(*saddr), NIP6(*daddr)); 684 goto discard_it; 685 } 686 } 687 688 if (!pskb_pull(skb, sizeof(*hdr))) 689 goto discard_it; 690 691 hdr = icmp6_hdr(skb); 692 693 type = hdr->icmp6_type; 694 695 ICMP6MSGIN_INC_STATS_BH(idev, type); 696 697 switch (type) { 698 case ICMPV6_ECHO_REQUEST: 699 icmpv6_echo_reply(skb); 700 break; 701 702 case ICMPV6_ECHO_REPLY: 703 /* we couldn't care less */ 704 break; 705 706 case ICMPV6_PKT_TOOBIG: 707 /* BUGGG_FUTURE: if packet contains rthdr, we cannot update 708 standard destination cache. Seems, only "advanced" 709 destination cache will allow to solve this problem 710 --ANK (980726) 711 */ 712 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr))) 713 goto discard_it; 714 hdr = icmp6_hdr(skb); 715 orig_hdr = (struct ipv6hdr *) (hdr + 1); 716 rt6_pmtu_discovery(&orig_hdr->daddr, &orig_hdr->saddr, dev, 717 ntohl(hdr->icmp6_mtu)); 718 719 /* 720 * Drop through to notify 721 */ 722 723 case ICMPV6_DEST_UNREACH: 724 case ICMPV6_TIME_EXCEED: 725 case ICMPV6_PARAMPROB: 726 icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu); 727 break; 728 729 case NDISC_ROUTER_SOLICITATION: 730 case NDISC_ROUTER_ADVERTISEMENT: 731 case NDISC_NEIGHBOUR_SOLICITATION: 732 case NDISC_NEIGHBOUR_ADVERTISEMENT: 733 case NDISC_REDIRECT: 734 ndisc_rcv(skb); 735 break; 736 737 case ICMPV6_MGM_QUERY: 738 igmp6_event_query(skb); 739 break; 740 741 case ICMPV6_MGM_REPORT: 742 igmp6_event_report(skb); 743 break; 744 745 case ICMPV6_MGM_REDUCTION: 746 case ICMPV6_NI_QUERY: 747 case ICMPV6_NI_REPLY: 748 case ICMPV6_MLD2_REPORT: 749 case ICMPV6_DHAAD_REQUEST: 750 case ICMPV6_DHAAD_REPLY: 751 case ICMPV6_MOBILE_PREFIX_SOL: 752 case ICMPV6_MOBILE_PREFIX_ADV: 753 break; 754 755 default: 756 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6: msg of unknown type\n"); 757 758 /* informational */ 759 if (type & ICMPV6_INFOMSG_MASK) 760 break; 761 762 /* 763 * error of unknown type. 764 * must pass to upper level 765 */ 766 767 icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu); 768 } 769 770 kfree_skb(skb); 771 return 0; 772 773 discard_it: 774 ICMP6_INC_STATS_BH(idev, ICMP6_MIB_INERRORS); 775 drop_no_count: 776 kfree_skb(skb); 777 return 0; 778 } 779 780 /* 781 * Special lock-class for __icmpv6_sk: 782 */ 783 static struct lock_class_key icmpv6_socket_sk_dst_lock_key; 784 785 static int __net_init icmpv6_sk_init(struct net *net) 786 { 787 struct sock *sk; 788 int err, i, j; 789 790 net->ipv6.icmp_sk = 791 kzalloc(nr_cpu_ids * sizeof(struct sock *), GFP_KERNEL); 792 if (net->ipv6.icmp_sk == NULL) 793 return -ENOMEM; 794 795 for_each_possible_cpu(i) { 796 struct socket *sock; 797 err = sock_create_kern(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6, 798 &sock); 799 if (err < 0) { 800 printk(KERN_ERR 801 "Failed to initialize the ICMP6 control socket " 802 "(err %d).\n", 803 err); 804 goto fail; 805 } 806 807 net->ipv6.icmp_sk[i] = sk = sock->sk; 808 sk_change_net(sk, net); 809 810 sk->sk_allocation = GFP_ATOMIC; 811 /* 812 * Split off their lock-class, because sk->sk_dst_lock 813 * gets used from softirqs, which is safe for 814 * __icmpv6_sk (because those never get directly used 815 * via userspace syscalls), but unsafe for normal sockets. 816 */ 817 lockdep_set_class(&sk->sk_dst_lock, 818 &icmpv6_socket_sk_dst_lock_key); 819 820 /* Enough space for 2 64K ICMP packets, including 821 * sk_buff struct overhead. 822 */ 823 sk->sk_sndbuf = 824 (2 * ((64 * 1024) + sizeof(struct sk_buff))); 825 826 sk->sk_prot->unhash(sk); 827 } 828 return 0; 829 830 fail: 831 for (j = 0; j < i; j++) 832 sk_release_kernel(net->ipv6.icmp_sk[j]); 833 kfree(net->ipv6.icmp_sk); 834 return err; 835 } 836 837 static void __net_exit icmpv6_sk_exit(struct net *net) 838 { 839 int i; 840 841 for_each_possible_cpu(i) { 842 sk_release_kernel(net->ipv6.icmp_sk[i]); 843 } 844 kfree(net->ipv6.icmp_sk); 845 } 846 847 static struct pernet_operations __net_initdata icmpv6_sk_ops = { 848 .init = icmpv6_sk_init, 849 .exit = icmpv6_sk_exit, 850 }; 851 852 int __init icmpv6_init(void) 853 { 854 int err; 855 856 err = register_pernet_subsys(&icmpv6_sk_ops); 857 if (err < 0) 858 return err; 859 860 err = -EAGAIN; 861 if (inet6_add_protocol(&icmpv6_protocol, IPPROTO_ICMPV6) < 0) 862 goto fail; 863 return 0; 864 865 fail: 866 printk(KERN_ERR "Failed to register ICMP6 protocol\n"); 867 unregister_pernet_subsys(&icmpv6_sk_ops); 868 return err; 869 } 870 871 void __exit icmpv6_cleanup(void) 872 { 873 unregister_pernet_subsys(&icmpv6_sk_ops); 874 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6); 875 } 876 877 878 static const struct icmp6_err { 879 int err; 880 int fatal; 881 } tab_unreach[] = { 882 { /* NOROUTE */ 883 .err = ENETUNREACH, 884 .fatal = 0, 885 }, 886 { /* ADM_PROHIBITED */ 887 .err = EACCES, 888 .fatal = 1, 889 }, 890 { /* Was NOT_NEIGHBOUR, now reserved */ 891 .err = EHOSTUNREACH, 892 .fatal = 0, 893 }, 894 { /* ADDR_UNREACH */ 895 .err = EHOSTUNREACH, 896 .fatal = 0, 897 }, 898 { /* PORT_UNREACH */ 899 .err = ECONNREFUSED, 900 .fatal = 1, 901 }, 902 }; 903 904 int icmpv6_err_convert(int type, int code, int *err) 905 { 906 int fatal = 0; 907 908 *err = EPROTO; 909 910 switch (type) { 911 case ICMPV6_DEST_UNREACH: 912 fatal = 1; 913 if (code <= ICMPV6_PORT_UNREACH) { 914 *err = tab_unreach[code].err; 915 fatal = tab_unreach[code].fatal; 916 } 917 break; 918 919 case ICMPV6_PKT_TOOBIG: 920 *err = EMSGSIZE; 921 break; 922 923 case ICMPV6_PARAMPROB: 924 *err = EPROTO; 925 fatal = 1; 926 break; 927 928 case ICMPV6_TIME_EXCEED: 929 *err = EHOSTUNREACH; 930 break; 931 } 932 933 return fatal; 934 } 935 936 EXPORT_SYMBOL(icmpv6_err_convert); 937 938 #ifdef CONFIG_SYSCTL 939 ctl_table ipv6_icmp_table_template[] = { 940 { 941 .ctl_name = NET_IPV6_ICMP_RATELIMIT, 942 .procname = "ratelimit", 943 .data = &init_net.ipv6.sysctl.icmpv6_time, 944 .maxlen = sizeof(int), 945 .mode = 0644, 946 .proc_handler = &proc_dointvec 947 }, 948 { .ctl_name = 0 }, 949 }; 950 951 struct ctl_table *ipv6_icmp_sysctl_init(struct net *net) 952 { 953 struct ctl_table *table; 954 955 table = kmemdup(ipv6_icmp_table_template, 956 sizeof(ipv6_icmp_table_template), 957 GFP_KERNEL); 958 return table; 959 } 960 #endif 961 962