1 /* 2 * Internet Control Message Protocol (ICMPv6) 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * $Id: icmp.c,v 1.38 2002/02/08 03:57:19 davem Exp $ 9 * 10 * Based on net/ipv4/icmp.c 11 * 12 * RFC 1885 13 * 14 * This program is free software; you can redistribute it and/or 15 * modify it under the terms of the GNU General Public License 16 * as published by the Free Software Foundation; either version 17 * 2 of the License, or (at your option) any later version. 18 */ 19 20 /* 21 * Changes: 22 * 23 * Andi Kleen : exception handling 24 * Andi Kleen add rate limits. never reply to a icmp. 25 * add more length checks and other fixes. 26 * yoshfuji : ensure to sent parameter problem for 27 * fragments. 28 * YOSHIFUJI Hideaki @USAGI: added sysctl for icmp rate limit. 29 * Randy Dunlap and 30 * YOSHIFUJI Hideaki @USAGI: Per-interface statistics support 31 * Kazunori MIYAZAWA @USAGI: change output process to use ip6_append_data 32 */ 33 34 #include <linux/module.h> 35 #include <linux/errno.h> 36 #include <linux/types.h> 37 #include <linux/socket.h> 38 #include <linux/in.h> 39 #include <linux/kernel.h> 40 #include <linux/sockios.h> 41 #include <linux/net.h> 42 #include <linux/skbuff.h> 43 #include <linux/init.h> 44 #include <linux/netfilter.h> 45 46 #ifdef CONFIG_SYSCTL 47 #include <linux/sysctl.h> 48 #endif 49 50 #include <linux/inet.h> 51 #include <linux/netdevice.h> 52 #include <linux/icmpv6.h> 53 54 #include <net/ip.h> 55 #include <net/sock.h> 56 57 #include <net/ipv6.h> 58 #include <net/ip6_checksum.h> 59 #include <net/protocol.h> 60 #include <net/raw.h> 61 #include <net/rawv6.h> 62 #include <net/transp_v6.h> 63 #include <net/ip6_route.h> 64 #include <net/addrconf.h> 65 #include <net/icmp.h> 66 #include <net/xfrm.h> 67 68 #include <asm/uaccess.h> 69 #include <asm/system.h> 70 71 DEFINE_SNMP_STAT(struct icmpv6_mib, icmpv6_statistics) __read_mostly; 72 EXPORT_SYMBOL(icmpv6_statistics); 73 DEFINE_SNMP_STAT(struct icmpv6msg_mib, icmpv6msg_statistics) __read_mostly; 74 EXPORT_SYMBOL(icmpv6msg_statistics); 75 76 /* 77 * The ICMP socket(s). This is the most convenient way to flow control 78 * our ICMP output as well as maintain a clean interface throughout 79 * all layers. All Socketless IP sends will soon be gone. 80 * 81 * On SMP we have one ICMP socket per-cpu. 82 */ 83 static DEFINE_PER_CPU(struct socket *, __icmpv6_socket) = NULL; 84 #define icmpv6_socket __get_cpu_var(__icmpv6_socket) 85 86 static int icmpv6_rcv(struct sk_buff *skb); 87 88 static struct inet6_protocol icmpv6_protocol = { 89 .handler = icmpv6_rcv, 90 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, 91 }; 92 93 static __inline__ int icmpv6_xmit_lock(void) 94 { 95 local_bh_disable(); 96 97 if (unlikely(!spin_trylock(&icmpv6_socket->sk->sk_lock.slock))) { 98 /* This can happen if the output path (f.e. SIT or 99 * ip6ip6 tunnel) signals dst_link_failure() for an 100 * outgoing ICMP6 packet. 101 */ 102 local_bh_enable(); 103 return 1; 104 } 105 return 0; 106 } 107 108 static __inline__ void icmpv6_xmit_unlock(void) 109 { 110 spin_unlock_bh(&icmpv6_socket->sk->sk_lock.slock); 111 } 112 113 /* 114 * Slightly more convenient version of icmpv6_send. 115 */ 116 void icmpv6_param_prob(struct sk_buff *skb, int code, int pos) 117 { 118 icmpv6_send(skb, ICMPV6_PARAMPROB, code, pos, skb->dev); 119 kfree_skb(skb); 120 } 121 122 /* 123 * Figure out, may we reply to this packet with icmp error. 124 * 125 * We do not reply, if: 126 * - it was icmp error message. 127 * - it is truncated, so that it is known, that protocol is ICMPV6 128 * (i.e. in the middle of some exthdr) 129 * 130 * --ANK (980726) 131 */ 132 133 static int is_ineligible(struct sk_buff *skb) 134 { 135 int ptr = (u8 *)(ipv6_hdr(skb) + 1) - skb->data; 136 int len = skb->len - ptr; 137 __u8 nexthdr = ipv6_hdr(skb)->nexthdr; 138 139 if (len < 0) 140 return 1; 141 142 ptr = ipv6_skip_exthdr(skb, ptr, &nexthdr); 143 if (ptr < 0) 144 return 0; 145 if (nexthdr == IPPROTO_ICMPV6) { 146 u8 _type, *tp; 147 tp = skb_header_pointer(skb, 148 ptr+offsetof(struct icmp6hdr, icmp6_type), 149 sizeof(_type), &_type); 150 if (tp == NULL || 151 !(*tp & ICMPV6_INFOMSG_MASK)) 152 return 1; 153 } 154 return 0; 155 } 156 157 /* 158 * Check the ICMP output rate limit 159 */ 160 static inline int icmpv6_xrlim_allow(struct sock *sk, int type, 161 struct flowi *fl) 162 { 163 struct dst_entry *dst; 164 int res = 0; 165 166 /* Informational messages are not limited. */ 167 if (type & ICMPV6_INFOMSG_MASK) 168 return 1; 169 170 /* Do not limit pmtu discovery, it would break it. */ 171 if (type == ICMPV6_PKT_TOOBIG) 172 return 1; 173 174 /* 175 * Look up the output route. 176 * XXX: perhaps the expire for routing entries cloned by 177 * this lookup should be more aggressive (not longer than timeout). 178 */ 179 dst = ip6_route_output(sk, fl); 180 if (dst->error) { 181 IP6_INC_STATS(ip6_dst_idev(dst), 182 IPSTATS_MIB_OUTNOROUTES); 183 } else if (dst->dev && (dst->dev->flags&IFF_LOOPBACK)) { 184 res = 1; 185 } else { 186 struct rt6_info *rt = (struct rt6_info *)dst; 187 int tmo = init_net.ipv6.sysctl.icmpv6_time; 188 189 /* Give more bandwidth to wider prefixes. */ 190 if (rt->rt6i_dst.plen < 128) 191 tmo >>= ((128 - rt->rt6i_dst.plen)>>5); 192 193 res = xrlim_allow(dst, tmo); 194 } 195 dst_release(dst); 196 return res; 197 } 198 199 /* 200 * an inline helper for the "simple" if statement below 201 * checks if parameter problem report is caused by an 202 * unrecognized IPv6 option that has the Option Type 203 * highest-order two bits set to 10 204 */ 205 206 static __inline__ int opt_unrec(struct sk_buff *skb, __u32 offset) 207 { 208 u8 _optval, *op; 209 210 offset += skb_network_offset(skb); 211 op = skb_header_pointer(skb, offset, sizeof(_optval), &_optval); 212 if (op == NULL) 213 return 1; 214 return (*op & 0xC0) == 0x80; 215 } 216 217 static int icmpv6_push_pending_frames(struct sock *sk, struct flowi *fl, struct icmp6hdr *thdr, int len) 218 { 219 struct sk_buff *skb; 220 struct icmp6hdr *icmp6h; 221 int err = 0; 222 223 if ((skb = skb_peek(&sk->sk_write_queue)) == NULL) 224 goto out; 225 226 icmp6h = icmp6_hdr(skb); 227 memcpy(icmp6h, thdr, sizeof(struct icmp6hdr)); 228 icmp6h->icmp6_cksum = 0; 229 230 if (skb_queue_len(&sk->sk_write_queue) == 1) { 231 skb->csum = csum_partial((char *)icmp6h, 232 sizeof(struct icmp6hdr), skb->csum); 233 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl->fl6_src, 234 &fl->fl6_dst, 235 len, fl->proto, 236 skb->csum); 237 } else { 238 __wsum tmp_csum = 0; 239 240 skb_queue_walk(&sk->sk_write_queue, skb) { 241 tmp_csum = csum_add(tmp_csum, skb->csum); 242 } 243 244 tmp_csum = csum_partial((char *)icmp6h, 245 sizeof(struct icmp6hdr), tmp_csum); 246 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl->fl6_src, 247 &fl->fl6_dst, 248 len, fl->proto, 249 tmp_csum); 250 } 251 ip6_push_pending_frames(sk); 252 out: 253 return err; 254 } 255 256 struct icmpv6_msg { 257 struct sk_buff *skb; 258 int offset; 259 uint8_t type; 260 }; 261 262 static int icmpv6_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb) 263 { 264 struct icmpv6_msg *msg = (struct icmpv6_msg *) from; 265 struct sk_buff *org_skb = msg->skb; 266 __wsum csum = 0; 267 268 csum = skb_copy_and_csum_bits(org_skb, msg->offset + offset, 269 to, len, csum); 270 skb->csum = csum_block_add(skb->csum, csum, odd); 271 if (!(msg->type & ICMPV6_INFOMSG_MASK)) 272 nf_ct_attach(skb, org_skb); 273 return 0; 274 } 275 276 #if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE) 277 static void mip6_addr_swap(struct sk_buff *skb) 278 { 279 struct ipv6hdr *iph = ipv6_hdr(skb); 280 struct inet6_skb_parm *opt = IP6CB(skb); 281 struct ipv6_destopt_hao *hao; 282 struct in6_addr tmp; 283 int off; 284 285 if (opt->dsthao) { 286 off = ipv6_find_tlv(skb, opt->dsthao, IPV6_TLV_HAO); 287 if (likely(off >= 0)) { 288 hao = (struct ipv6_destopt_hao *) 289 (skb_network_header(skb) + off); 290 ipv6_addr_copy(&tmp, &iph->saddr); 291 ipv6_addr_copy(&iph->saddr, &hao->addr); 292 ipv6_addr_copy(&hao->addr, &tmp); 293 } 294 } 295 } 296 #else 297 static inline void mip6_addr_swap(struct sk_buff *skb) {} 298 #endif 299 300 /* 301 * Send an ICMP message in response to a packet in error 302 */ 303 void icmpv6_send(struct sk_buff *skb, int type, int code, __u32 info, 304 struct net_device *dev) 305 { 306 struct inet6_dev *idev = NULL; 307 struct ipv6hdr *hdr = ipv6_hdr(skb); 308 struct sock *sk; 309 struct ipv6_pinfo *np; 310 struct in6_addr *saddr = NULL; 311 struct dst_entry *dst; 312 struct dst_entry *dst2; 313 struct icmp6hdr tmp_hdr; 314 struct flowi fl; 315 struct flowi fl2; 316 struct icmpv6_msg msg; 317 int iif = 0; 318 int addr_type = 0; 319 int len; 320 int hlimit, tclass; 321 int err = 0; 322 323 if ((u8 *)hdr < skb->head || 324 (skb->network_header + sizeof(*hdr)) > skb->tail) 325 return; 326 327 /* 328 * Make sure we respect the rules 329 * i.e. RFC 1885 2.4(e) 330 * Rule (e.1) is enforced by not using icmpv6_send 331 * in any code that processes icmp errors. 332 */ 333 addr_type = ipv6_addr_type(&hdr->daddr); 334 335 if (ipv6_chk_addr(&init_net, &hdr->daddr, skb->dev, 0)) 336 saddr = &hdr->daddr; 337 338 /* 339 * Dest addr check 340 */ 341 342 if ((addr_type & IPV6_ADDR_MULTICAST || skb->pkt_type != PACKET_HOST)) { 343 if (type != ICMPV6_PKT_TOOBIG && 344 !(type == ICMPV6_PARAMPROB && 345 code == ICMPV6_UNK_OPTION && 346 (opt_unrec(skb, info)))) 347 return; 348 349 saddr = NULL; 350 } 351 352 addr_type = ipv6_addr_type(&hdr->saddr); 353 354 /* 355 * Source addr check 356 */ 357 358 if (addr_type & IPV6_ADDR_LINKLOCAL) 359 iif = skb->dev->ifindex; 360 361 /* 362 * Must not send error if the source does not uniquely 363 * identify a single node (RFC2463 Section 2.4). 364 * We check unspecified / multicast addresses here, 365 * and anycast addresses will be checked later. 366 */ 367 if ((addr_type == IPV6_ADDR_ANY) || (addr_type & IPV6_ADDR_MULTICAST)) { 368 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6_send: addr_any/mcast source\n"); 369 return; 370 } 371 372 /* 373 * Never answer to a ICMP packet. 374 */ 375 if (is_ineligible(skb)) { 376 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6_send: no reply to icmp error\n"); 377 return; 378 } 379 380 mip6_addr_swap(skb); 381 382 memset(&fl, 0, sizeof(fl)); 383 fl.proto = IPPROTO_ICMPV6; 384 ipv6_addr_copy(&fl.fl6_dst, &hdr->saddr); 385 if (saddr) 386 ipv6_addr_copy(&fl.fl6_src, saddr); 387 fl.oif = iif; 388 fl.fl_icmp_type = type; 389 fl.fl_icmp_code = code; 390 security_skb_classify_flow(skb, &fl); 391 392 if (icmpv6_xmit_lock()) 393 return; 394 395 sk = icmpv6_socket->sk; 396 np = inet6_sk(sk); 397 398 if (!icmpv6_xrlim_allow(sk, type, &fl)) 399 goto out; 400 401 tmp_hdr.icmp6_type = type; 402 tmp_hdr.icmp6_code = code; 403 tmp_hdr.icmp6_cksum = 0; 404 tmp_hdr.icmp6_pointer = htonl(info); 405 406 if (!fl.oif && ipv6_addr_is_multicast(&fl.fl6_dst)) 407 fl.oif = np->mcast_oif; 408 409 err = ip6_dst_lookup(sk, &dst, &fl); 410 if (err) 411 goto out; 412 413 /* 414 * We won't send icmp if the destination is known 415 * anycast. 416 */ 417 if (((struct rt6_info *)dst)->rt6i_flags & RTF_ANYCAST) { 418 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6_send: acast source\n"); 419 goto out_dst_release; 420 } 421 422 /* No need to clone since we're just using its address. */ 423 dst2 = dst; 424 425 err = xfrm_lookup(&dst, &fl, sk, 0); 426 switch (err) { 427 case 0: 428 if (dst != dst2) 429 goto route_done; 430 break; 431 case -EPERM: 432 dst = NULL; 433 break; 434 default: 435 goto out; 436 } 437 438 if (xfrm_decode_session_reverse(skb, &fl2, AF_INET6)) 439 goto relookup_failed; 440 441 if (ip6_dst_lookup(sk, &dst2, &fl)) 442 goto relookup_failed; 443 444 err = xfrm_lookup(&dst2, &fl, sk, XFRM_LOOKUP_ICMP); 445 switch (err) { 446 case 0: 447 dst_release(dst); 448 dst = dst2; 449 break; 450 case -EPERM: 451 goto out_dst_release; 452 default: 453 relookup_failed: 454 if (!dst) 455 goto out; 456 break; 457 } 458 459 route_done: 460 if (ipv6_addr_is_multicast(&fl.fl6_dst)) 461 hlimit = np->mcast_hops; 462 else 463 hlimit = np->hop_limit; 464 if (hlimit < 0) 465 hlimit = dst_metric(dst, RTAX_HOPLIMIT); 466 if (hlimit < 0) 467 hlimit = ipv6_get_hoplimit(dst->dev); 468 469 tclass = np->tclass; 470 if (tclass < 0) 471 tclass = 0; 472 473 msg.skb = skb; 474 msg.offset = skb_network_offset(skb); 475 msg.type = type; 476 477 len = skb->len - msg.offset; 478 len = min_t(unsigned int, len, IPV6_MIN_MTU - sizeof(struct ipv6hdr) -sizeof(struct icmp6hdr)); 479 if (len < 0) { 480 LIMIT_NETDEBUG(KERN_DEBUG "icmp: len problem\n"); 481 goto out_dst_release; 482 } 483 484 idev = in6_dev_get(skb->dev); 485 486 err = ip6_append_data(sk, icmpv6_getfrag, &msg, 487 len + sizeof(struct icmp6hdr), 488 sizeof(struct icmp6hdr), 489 hlimit, tclass, NULL, &fl, (struct rt6_info*)dst, 490 MSG_DONTWAIT); 491 if (err) { 492 ip6_flush_pending_frames(sk); 493 goto out_put; 494 } 495 err = icmpv6_push_pending_frames(sk, &fl, &tmp_hdr, len + sizeof(struct icmp6hdr)); 496 497 out_put: 498 if (likely(idev != NULL)) 499 in6_dev_put(idev); 500 out_dst_release: 501 dst_release(dst); 502 out: 503 icmpv6_xmit_unlock(); 504 } 505 506 EXPORT_SYMBOL(icmpv6_send); 507 508 static void icmpv6_echo_reply(struct sk_buff *skb) 509 { 510 struct sock *sk; 511 struct inet6_dev *idev; 512 struct ipv6_pinfo *np; 513 struct in6_addr *saddr = NULL; 514 struct icmp6hdr *icmph = icmp6_hdr(skb); 515 struct icmp6hdr tmp_hdr; 516 struct flowi fl; 517 struct icmpv6_msg msg; 518 struct dst_entry *dst; 519 int err = 0; 520 int hlimit; 521 int tclass; 522 523 saddr = &ipv6_hdr(skb)->daddr; 524 525 if (!ipv6_unicast_destination(skb)) 526 saddr = NULL; 527 528 memcpy(&tmp_hdr, icmph, sizeof(tmp_hdr)); 529 tmp_hdr.icmp6_type = ICMPV6_ECHO_REPLY; 530 531 memset(&fl, 0, sizeof(fl)); 532 fl.proto = IPPROTO_ICMPV6; 533 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr); 534 if (saddr) 535 ipv6_addr_copy(&fl.fl6_src, saddr); 536 fl.oif = skb->dev->ifindex; 537 fl.fl_icmp_type = ICMPV6_ECHO_REPLY; 538 security_skb_classify_flow(skb, &fl); 539 540 if (icmpv6_xmit_lock()) 541 return; 542 543 sk = icmpv6_socket->sk; 544 np = inet6_sk(sk); 545 546 if (!fl.oif && ipv6_addr_is_multicast(&fl.fl6_dst)) 547 fl.oif = np->mcast_oif; 548 549 err = ip6_dst_lookup(sk, &dst, &fl); 550 if (err) 551 goto out; 552 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) 553 goto out; 554 555 if (ipv6_addr_is_multicast(&fl.fl6_dst)) 556 hlimit = np->mcast_hops; 557 else 558 hlimit = np->hop_limit; 559 if (hlimit < 0) 560 hlimit = dst_metric(dst, RTAX_HOPLIMIT); 561 if (hlimit < 0) 562 hlimit = ipv6_get_hoplimit(dst->dev); 563 564 tclass = np->tclass; 565 if (tclass < 0) 566 tclass = 0; 567 568 idev = in6_dev_get(skb->dev); 569 570 msg.skb = skb; 571 msg.offset = 0; 572 msg.type = ICMPV6_ECHO_REPLY; 573 574 err = ip6_append_data(sk, icmpv6_getfrag, &msg, skb->len + sizeof(struct icmp6hdr), 575 sizeof(struct icmp6hdr), hlimit, tclass, NULL, &fl, 576 (struct rt6_info*)dst, MSG_DONTWAIT); 577 578 if (err) { 579 ip6_flush_pending_frames(sk); 580 goto out_put; 581 } 582 err = icmpv6_push_pending_frames(sk, &fl, &tmp_hdr, skb->len + sizeof(struct icmp6hdr)); 583 584 out_put: 585 if (likely(idev != NULL)) 586 in6_dev_put(idev); 587 dst_release(dst); 588 out: 589 icmpv6_xmit_unlock(); 590 } 591 592 static void icmpv6_notify(struct sk_buff *skb, int type, int code, __be32 info) 593 { 594 struct inet6_protocol *ipprot; 595 int inner_offset; 596 int hash; 597 u8 nexthdr; 598 599 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr))) 600 return; 601 602 nexthdr = ((struct ipv6hdr *)skb->data)->nexthdr; 603 if (ipv6_ext_hdr(nexthdr)) { 604 /* now skip over extension headers */ 605 inner_offset = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr), &nexthdr); 606 if (inner_offset<0) 607 return; 608 } else { 609 inner_offset = sizeof(struct ipv6hdr); 610 } 611 612 /* Checkin header including 8 bytes of inner protocol header. */ 613 if (!pskb_may_pull(skb, inner_offset+8)) 614 return; 615 616 /* BUGGG_FUTURE: we should try to parse exthdrs in this packet. 617 Without this we will not able f.e. to make source routed 618 pmtu discovery. 619 Corresponding argument (opt) to notifiers is already added. 620 --ANK (980726) 621 */ 622 623 hash = nexthdr & (MAX_INET_PROTOS - 1); 624 625 rcu_read_lock(); 626 ipprot = rcu_dereference(inet6_protos[hash]); 627 if (ipprot && ipprot->err_handler) 628 ipprot->err_handler(skb, NULL, type, code, inner_offset, info); 629 rcu_read_unlock(); 630 631 raw6_icmp_error(skb, nexthdr, type, code, inner_offset, info); 632 } 633 634 /* 635 * Handle icmp messages 636 */ 637 638 static int icmpv6_rcv(struct sk_buff *skb) 639 { 640 struct net_device *dev = skb->dev; 641 struct inet6_dev *idev = __in6_dev_get(dev); 642 struct in6_addr *saddr, *daddr; 643 struct ipv6hdr *orig_hdr; 644 struct icmp6hdr *hdr; 645 int type; 646 647 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) { 648 int nh; 649 650 if (!(skb->sp && skb->sp->xvec[skb->sp->len - 1]->props.flags & 651 XFRM_STATE_ICMP)) 652 goto drop_no_count; 653 654 if (!pskb_may_pull(skb, sizeof(*hdr) + sizeof(*orig_hdr))) 655 goto drop_no_count; 656 657 nh = skb_network_offset(skb); 658 skb_set_network_header(skb, sizeof(*hdr)); 659 660 if (!xfrm6_policy_check_reverse(NULL, XFRM_POLICY_IN, skb)) 661 goto drop_no_count; 662 663 skb_set_network_header(skb, nh); 664 } 665 666 ICMP6_INC_STATS_BH(idev, ICMP6_MIB_INMSGS); 667 668 saddr = &ipv6_hdr(skb)->saddr; 669 daddr = &ipv6_hdr(skb)->daddr; 670 671 /* Perform checksum. */ 672 switch (skb->ip_summed) { 673 case CHECKSUM_COMPLETE: 674 if (!csum_ipv6_magic(saddr, daddr, skb->len, IPPROTO_ICMPV6, 675 skb->csum)) 676 break; 677 /* fall through */ 678 case CHECKSUM_NONE: 679 skb->csum = ~csum_unfold(csum_ipv6_magic(saddr, daddr, skb->len, 680 IPPROTO_ICMPV6, 0)); 681 if (__skb_checksum_complete(skb)) { 682 LIMIT_NETDEBUG(KERN_DEBUG "ICMPv6 checksum failed [" NIP6_FMT " > " NIP6_FMT "]\n", 683 NIP6(*saddr), NIP6(*daddr)); 684 goto discard_it; 685 } 686 } 687 688 if (!pskb_pull(skb, sizeof(*hdr))) 689 goto discard_it; 690 691 hdr = icmp6_hdr(skb); 692 693 type = hdr->icmp6_type; 694 695 ICMP6MSGIN_INC_STATS_BH(idev, type); 696 697 switch (type) { 698 case ICMPV6_ECHO_REQUEST: 699 icmpv6_echo_reply(skb); 700 break; 701 702 case ICMPV6_ECHO_REPLY: 703 /* we couldn't care less */ 704 break; 705 706 case ICMPV6_PKT_TOOBIG: 707 /* BUGGG_FUTURE: if packet contains rthdr, we cannot update 708 standard destination cache. Seems, only "advanced" 709 destination cache will allow to solve this problem 710 --ANK (980726) 711 */ 712 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr))) 713 goto discard_it; 714 hdr = icmp6_hdr(skb); 715 orig_hdr = (struct ipv6hdr *) (hdr + 1); 716 rt6_pmtu_discovery(&orig_hdr->daddr, &orig_hdr->saddr, dev, 717 ntohl(hdr->icmp6_mtu)); 718 719 /* 720 * Drop through to notify 721 */ 722 723 case ICMPV6_DEST_UNREACH: 724 case ICMPV6_TIME_EXCEED: 725 case ICMPV6_PARAMPROB: 726 icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu); 727 break; 728 729 case NDISC_ROUTER_SOLICITATION: 730 case NDISC_ROUTER_ADVERTISEMENT: 731 case NDISC_NEIGHBOUR_SOLICITATION: 732 case NDISC_NEIGHBOUR_ADVERTISEMENT: 733 case NDISC_REDIRECT: 734 ndisc_rcv(skb); 735 break; 736 737 case ICMPV6_MGM_QUERY: 738 igmp6_event_query(skb); 739 break; 740 741 case ICMPV6_MGM_REPORT: 742 igmp6_event_report(skb); 743 break; 744 745 case ICMPV6_MGM_REDUCTION: 746 case ICMPV6_NI_QUERY: 747 case ICMPV6_NI_REPLY: 748 case ICMPV6_MLD2_REPORT: 749 case ICMPV6_DHAAD_REQUEST: 750 case ICMPV6_DHAAD_REPLY: 751 case ICMPV6_MOBILE_PREFIX_SOL: 752 case ICMPV6_MOBILE_PREFIX_ADV: 753 break; 754 755 default: 756 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6: msg of unknown type\n"); 757 758 /* informational */ 759 if (type & ICMPV6_INFOMSG_MASK) 760 break; 761 762 /* 763 * error of unknown type. 764 * must pass to upper level 765 */ 766 767 icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu); 768 } 769 770 kfree_skb(skb); 771 return 0; 772 773 discard_it: 774 ICMP6_INC_STATS_BH(idev, ICMP6_MIB_INERRORS); 775 drop_no_count: 776 kfree_skb(skb); 777 return 0; 778 } 779 780 /* 781 * Special lock-class for __icmpv6_socket: 782 */ 783 static struct lock_class_key icmpv6_socket_sk_dst_lock_key; 784 785 int __init icmpv6_init(struct net_proto_family *ops) 786 { 787 struct sock *sk; 788 int err, i, j; 789 790 for_each_possible_cpu(i) { 791 err = sock_create_kern(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6, 792 &per_cpu(__icmpv6_socket, i)); 793 if (err < 0) { 794 printk(KERN_ERR 795 "Failed to initialize the ICMP6 control socket " 796 "(err %d).\n", 797 err); 798 goto fail; 799 } 800 801 sk = per_cpu(__icmpv6_socket, i)->sk; 802 sk->sk_allocation = GFP_ATOMIC; 803 /* 804 * Split off their lock-class, because sk->sk_dst_lock 805 * gets used from softirqs, which is safe for 806 * __icmpv6_socket (because those never get directly used 807 * via userspace syscalls), but unsafe for normal sockets. 808 */ 809 lockdep_set_class(&sk->sk_dst_lock, 810 &icmpv6_socket_sk_dst_lock_key); 811 812 /* Enough space for 2 64K ICMP packets, including 813 * sk_buff struct overhead. 814 */ 815 sk->sk_sndbuf = 816 (2 * ((64 * 1024) + sizeof(struct sk_buff))); 817 818 sk->sk_prot->unhash(sk); 819 } 820 821 822 if (inet6_add_protocol(&icmpv6_protocol, IPPROTO_ICMPV6) < 0) { 823 printk(KERN_ERR "Failed to register ICMP6 protocol\n"); 824 err = -EAGAIN; 825 goto fail; 826 } 827 828 return 0; 829 830 fail: 831 for (j = 0; j < i; j++) { 832 if (!cpu_possible(j)) 833 continue; 834 sock_release(per_cpu(__icmpv6_socket, j)); 835 } 836 837 return err; 838 } 839 840 void icmpv6_cleanup(void) 841 { 842 int i; 843 844 for_each_possible_cpu(i) { 845 sock_release(per_cpu(__icmpv6_socket, i)); 846 } 847 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6); 848 } 849 850 static const struct icmp6_err { 851 int err; 852 int fatal; 853 } tab_unreach[] = { 854 { /* NOROUTE */ 855 .err = ENETUNREACH, 856 .fatal = 0, 857 }, 858 { /* ADM_PROHIBITED */ 859 .err = EACCES, 860 .fatal = 1, 861 }, 862 { /* Was NOT_NEIGHBOUR, now reserved */ 863 .err = EHOSTUNREACH, 864 .fatal = 0, 865 }, 866 { /* ADDR_UNREACH */ 867 .err = EHOSTUNREACH, 868 .fatal = 0, 869 }, 870 { /* PORT_UNREACH */ 871 .err = ECONNREFUSED, 872 .fatal = 1, 873 }, 874 }; 875 876 int icmpv6_err_convert(int type, int code, int *err) 877 { 878 int fatal = 0; 879 880 *err = EPROTO; 881 882 switch (type) { 883 case ICMPV6_DEST_UNREACH: 884 fatal = 1; 885 if (code <= ICMPV6_PORT_UNREACH) { 886 *err = tab_unreach[code].err; 887 fatal = tab_unreach[code].fatal; 888 } 889 break; 890 891 case ICMPV6_PKT_TOOBIG: 892 *err = EMSGSIZE; 893 break; 894 895 case ICMPV6_PARAMPROB: 896 *err = EPROTO; 897 fatal = 1; 898 break; 899 900 case ICMPV6_TIME_EXCEED: 901 *err = EHOSTUNREACH; 902 break; 903 } 904 905 return fatal; 906 } 907 908 EXPORT_SYMBOL(icmpv6_err_convert); 909 910 #ifdef CONFIG_SYSCTL 911 ctl_table ipv6_icmp_table_template[] = { 912 { 913 .ctl_name = NET_IPV6_ICMP_RATELIMIT, 914 .procname = "ratelimit", 915 .data = &init_net.ipv6.sysctl.icmpv6_time, 916 .maxlen = sizeof(int), 917 .mode = 0644, 918 .proc_handler = &proc_dointvec 919 }, 920 { .ctl_name = 0 }, 921 }; 922 923 struct ctl_table *ipv6_icmp_sysctl_init(struct net *net) 924 { 925 struct ctl_table *table; 926 927 table = kmemdup(ipv6_icmp_table_template, 928 sizeof(ipv6_icmp_table_template), 929 GFP_KERNEL); 930 return table; 931 } 932 #endif 933 934