11da177e4SLinus Torvalds /* 21da177e4SLinus Torvalds * IPv6 input 31da177e4SLinus Torvalds * Linux INET6 implementation 41da177e4SLinus Torvalds * 51da177e4SLinus Torvalds * Authors: 61da177e4SLinus Torvalds * Pedro Roque <roque@di.fc.ul.pt> 71da177e4SLinus Torvalds * Ian P. Morris <I.P.Morris@soton.ac.uk> 81da177e4SLinus Torvalds * 91da177e4SLinus Torvalds * $Id: ip6_input.c,v 1.19 2000/12/13 18:31:50 davem Exp $ 101da177e4SLinus Torvalds * 111da177e4SLinus Torvalds * Based in linux/net/ipv4/ip_input.c 121da177e4SLinus Torvalds * 131da177e4SLinus Torvalds * This program is free software; you can redistribute it and/or 141da177e4SLinus Torvalds * modify it under the terms of the GNU General Public License 151da177e4SLinus Torvalds * as published by the Free Software Foundation; either version 161da177e4SLinus Torvalds * 2 of the License, or (at your option) any later version. 171da177e4SLinus Torvalds */ 181da177e4SLinus Torvalds /* Changes 191da177e4SLinus Torvalds * 201da177e4SLinus Torvalds * Mitsuru KANDA @USAGI and 211da177e4SLinus Torvalds * YOSHIFUJI Hideaki @USAGI: Remove ipv6_parse_exthdrs(). 221da177e4SLinus Torvalds */ 231da177e4SLinus Torvalds 241da177e4SLinus Torvalds #include <linux/errno.h> 251da177e4SLinus Torvalds #include <linux/types.h> 261da177e4SLinus Torvalds #include <linux/socket.h> 271da177e4SLinus Torvalds #include <linux/sockios.h> 281da177e4SLinus Torvalds #include <linux/sched.h> 291da177e4SLinus Torvalds #include <linux/net.h> 301da177e4SLinus Torvalds #include <linux/netdevice.h> 311da177e4SLinus Torvalds #include <linux/in6.h> 321da177e4SLinus Torvalds #include <linux/icmpv6.h> 331da177e4SLinus Torvalds 341da177e4SLinus Torvalds #include <linux/netfilter.h> 351da177e4SLinus Torvalds #include <linux/netfilter_ipv6.h> 361da177e4SLinus Torvalds 371da177e4SLinus Torvalds #include <net/sock.h> 381da177e4SLinus Torvalds #include <net/snmp.h> 391da177e4SLinus Torvalds 401da177e4SLinus Torvalds #include <net/ipv6.h> 411da177e4SLinus Torvalds #include <net/protocol.h> 421da177e4SLinus Torvalds #include <net/transp_v6.h> 431da177e4SLinus Torvalds #include <net/rawv6.h> 441da177e4SLinus Torvalds #include <net/ndisc.h> 451da177e4SLinus Torvalds #include <net/ip6_route.h> 461da177e4SLinus Torvalds #include <net/addrconf.h> 471da177e4SLinus Torvalds #include <net/xfrm.h> 481da177e4SLinus Torvalds 491da177e4SLinus Torvalds 501da177e4SLinus Torvalds 51b05e1066SPatrick McHardy inline int ip6_rcv_finish( struct sk_buff *skb) 521da177e4SLinus Torvalds { 531da177e4SLinus Torvalds if (skb->dst == NULL) 541da177e4SLinus Torvalds ip6_route_input(skb); 551da177e4SLinus Torvalds 561da177e4SLinus Torvalds return dst_input(skb); 571da177e4SLinus Torvalds } 581da177e4SLinus Torvalds 59f2ccd8faSDavid S. Miller int ipv6_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev) 601da177e4SLinus Torvalds { 611da177e4SLinus Torvalds struct ipv6hdr *hdr; 621da177e4SLinus Torvalds u32 pkt_len; 631da177e4SLinus Torvalds 641da177e4SLinus Torvalds if (skb->pkt_type == PACKET_OTHERHOST) 651da177e4SLinus Torvalds goto drop; 661da177e4SLinus Torvalds 671da177e4SLinus Torvalds IP6_INC_STATS_BH(IPSTATS_MIB_INRECEIVES); 681da177e4SLinus Torvalds 691da177e4SLinus Torvalds if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL) { 701da177e4SLinus Torvalds IP6_INC_STATS_BH(IPSTATS_MIB_INDISCARDS); 711da177e4SLinus Torvalds goto out; 721da177e4SLinus Torvalds } 731da177e4SLinus Torvalds 746b7fdc3aSGuillaume Chazarain memset(IP6CB(skb), 0, sizeof(struct inet6_skb_parm)); 756b7fdc3aSGuillaume Chazarain 761da177e4SLinus Torvalds /* 771da177e4SLinus Torvalds * Store incoming device index. When the packet will 781da177e4SLinus Torvalds * be queued, we cannot refer to skb->dev anymore. 791da177e4SLinus Torvalds * 801da177e4SLinus Torvalds * BTW, when we send a packet for our own local address on a 811da177e4SLinus Torvalds * non-loopback interface (e.g. ethX), it is being delivered 821da177e4SLinus Torvalds * via the loopback interface (lo) here; skb->dev = &loopback_dev. 831da177e4SLinus Torvalds * It, however, should be considered as if it is being 841da177e4SLinus Torvalds * arrived via the sending interface (ethX), because of the 851da177e4SLinus Torvalds * nature of scoping architecture. --yoshfuji 861da177e4SLinus Torvalds */ 871da177e4SLinus Torvalds IP6CB(skb)->iif = skb->dst ? ((struct rt6_info *)skb->dst)->rt6i_idev->dev->ifindex : dev->ifindex; 881da177e4SLinus Torvalds 892889139aSHerbert Xu if (unlikely(!pskb_may_pull(skb, sizeof(*hdr)))) 901da177e4SLinus Torvalds goto err; 911da177e4SLinus Torvalds 921da177e4SLinus Torvalds hdr = skb->nh.ipv6h; 931da177e4SLinus Torvalds 941da177e4SLinus Torvalds if (hdr->version != 6) 951da177e4SLinus Torvalds goto err; 961da177e4SLinus Torvalds 97951dbc8aSPatrick McHardy skb->h.raw = (u8 *)(hdr + 1); 98951dbc8aSPatrick McHardy IP6CB(skb)->nhoff = offsetof(struct ipv6hdr, nexthdr); 99951dbc8aSPatrick McHardy 1001da177e4SLinus Torvalds pkt_len = ntohs(hdr->payload_len); 1011da177e4SLinus Torvalds 1021da177e4SLinus Torvalds /* pkt_len may be zero if Jumbo payload option is present */ 1031da177e4SLinus Torvalds if (pkt_len || hdr->nexthdr != NEXTHDR_HOP) { 1041da177e4SLinus Torvalds if (pkt_len + sizeof(struct ipv6hdr) > skb->len) 1051da177e4SLinus Torvalds goto truncated; 1061da177e4SLinus Torvalds if (pskb_trim_rcsum(skb, pkt_len + sizeof(struct ipv6hdr))) { 1071da177e4SLinus Torvalds IP6_INC_STATS_BH(IPSTATS_MIB_INHDRERRORS); 1081da177e4SLinus Torvalds goto drop; 1091da177e4SLinus Torvalds } 1101da177e4SLinus Torvalds hdr = skb->nh.ipv6h; 1111da177e4SLinus Torvalds } 1121da177e4SLinus Torvalds 1131da177e4SLinus Torvalds if (hdr->nexthdr == NEXTHDR_HOP) { 114b809739aSYOSHIFUJI Hideaki if (ipv6_parse_hopopts(skb) < 0) { 1151da177e4SLinus Torvalds IP6_INC_STATS_BH(IPSTATS_MIB_INHDRERRORS); 1161da177e4SLinus Torvalds return 0; 1171da177e4SLinus Torvalds } 1181da177e4SLinus Torvalds } 1191da177e4SLinus Torvalds 1201da177e4SLinus Torvalds return NF_HOOK(PF_INET6,NF_IP6_PRE_ROUTING, skb, dev, NULL, ip6_rcv_finish); 1211da177e4SLinus Torvalds truncated: 1221da177e4SLinus Torvalds IP6_INC_STATS_BH(IPSTATS_MIB_INTRUNCATEDPKTS); 1231da177e4SLinus Torvalds err: 1241da177e4SLinus Torvalds IP6_INC_STATS_BH(IPSTATS_MIB_INHDRERRORS); 1251da177e4SLinus Torvalds drop: 1261da177e4SLinus Torvalds kfree_skb(skb); 1271da177e4SLinus Torvalds out: 1281da177e4SLinus Torvalds return 0; 1291da177e4SLinus Torvalds } 1301da177e4SLinus Torvalds 1311da177e4SLinus Torvalds /* 1321da177e4SLinus Torvalds * Deliver the packet to the host 1331da177e4SLinus Torvalds */ 1341da177e4SLinus Torvalds 1351da177e4SLinus Torvalds 1361da177e4SLinus Torvalds static inline int ip6_input_finish(struct sk_buff *skb) 1371da177e4SLinus Torvalds { 1381da177e4SLinus Torvalds struct inet6_protocol *ipprot; 1391da177e4SLinus Torvalds struct sock *raw_sk; 1401da177e4SLinus Torvalds unsigned int nhoff; 1411da177e4SLinus Torvalds int nexthdr; 1421da177e4SLinus Torvalds u8 hash; 1431da177e4SLinus Torvalds 1441da177e4SLinus Torvalds /* 1451da177e4SLinus Torvalds * Parse extension headers 1461da177e4SLinus Torvalds */ 1471da177e4SLinus Torvalds 1481da177e4SLinus Torvalds rcu_read_lock(); 1491da177e4SLinus Torvalds resubmit: 1501da177e4SLinus Torvalds if (!pskb_pull(skb, skb->h.raw - skb->data)) 1511da177e4SLinus Torvalds goto discard; 152951dbc8aSPatrick McHardy nhoff = IP6CB(skb)->nhoff; 1531da177e4SLinus Torvalds nexthdr = skb->nh.raw[nhoff]; 1541da177e4SLinus Torvalds 1551da177e4SLinus Torvalds raw_sk = sk_head(&raw_v6_htable[nexthdr & (MAX_INET_PROTOS - 1)]); 156d13964f4SPatrick McHardy if (raw_sk && !ipv6_raw_deliver(skb, nexthdr)) 157d13964f4SPatrick McHardy raw_sk = NULL; 1581da177e4SLinus Torvalds 1591da177e4SLinus Torvalds hash = nexthdr & (MAX_INET_PROTOS - 1); 1601da177e4SLinus Torvalds if ((ipprot = rcu_dereference(inet6_protos[hash])) != NULL) { 1611da177e4SLinus Torvalds int ret; 1621da177e4SLinus Torvalds 1631da177e4SLinus Torvalds if (ipprot->flags & INET6_PROTO_FINAL) { 1641da177e4SLinus Torvalds struct ipv6hdr *hdr; 1651da177e4SLinus Torvalds 1669fb9cbb1SYasuyuki Kozakai /* Free reference early: we don't need it any more, 1679fb9cbb1SYasuyuki Kozakai and it may hold ip_conntrack module loaded 1689fb9cbb1SYasuyuki Kozakai indefinitely. */ 1699fb9cbb1SYasuyuki Kozakai nf_reset(skb); 1709fb9cbb1SYasuyuki Kozakai 1711da177e4SLinus Torvalds skb_postpull_rcsum(skb, skb->nh.raw, 1721da177e4SLinus Torvalds skb->h.raw - skb->nh.raw); 1731da177e4SLinus Torvalds hdr = skb->nh.ipv6h; 1741da177e4SLinus Torvalds if (ipv6_addr_is_multicast(&hdr->daddr) && 1751da177e4SLinus Torvalds !ipv6_chk_mcast_addr(skb->dev, &hdr->daddr, 1761da177e4SLinus Torvalds &hdr->saddr) && 1771da177e4SLinus Torvalds !ipv6_is_mld(skb, nexthdr)) 1781da177e4SLinus Torvalds goto discard; 1791da177e4SLinus Torvalds } 1801da177e4SLinus Torvalds if (!(ipprot->flags & INET6_PROTO_NOPOLICY) && 1811da177e4SLinus Torvalds !xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) 1821da177e4SLinus Torvalds goto discard; 1831da177e4SLinus Torvalds 184951dbc8aSPatrick McHardy ret = ipprot->handler(&skb); 1851da177e4SLinus Torvalds if (ret > 0) 1861da177e4SLinus Torvalds goto resubmit; 1871da177e4SLinus Torvalds else if (ret == 0) 1881da177e4SLinus Torvalds IP6_INC_STATS_BH(IPSTATS_MIB_INDELIVERS); 1891da177e4SLinus Torvalds } else { 1901da177e4SLinus Torvalds if (!raw_sk) { 1911da177e4SLinus Torvalds if (xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) { 1921da177e4SLinus Torvalds IP6_INC_STATS_BH(IPSTATS_MIB_INUNKNOWNPROTOS); 193fad87acaSPatrick McHardy icmpv6_send(skb, ICMPV6_PARAMPROB, 194fad87acaSPatrick McHardy ICMPV6_UNK_NEXTHDR, nhoff, 195fad87acaSPatrick McHardy skb->dev); 1961da177e4SLinus Torvalds } 197fad87acaSPatrick McHardy } else 1981da177e4SLinus Torvalds IP6_INC_STATS_BH(IPSTATS_MIB_INDELIVERS); 1991da177e4SLinus Torvalds kfree_skb(skb); 2001da177e4SLinus Torvalds } 2011da177e4SLinus Torvalds rcu_read_unlock(); 2021da177e4SLinus Torvalds return 0; 2031da177e4SLinus Torvalds 2041da177e4SLinus Torvalds discard: 2051da177e4SLinus Torvalds IP6_INC_STATS_BH(IPSTATS_MIB_INDISCARDS); 2061da177e4SLinus Torvalds rcu_read_unlock(); 2071da177e4SLinus Torvalds kfree_skb(skb); 2081da177e4SLinus Torvalds return 0; 2091da177e4SLinus Torvalds } 2101da177e4SLinus Torvalds 2111da177e4SLinus Torvalds 2121da177e4SLinus Torvalds int ip6_input(struct sk_buff *skb) 2131da177e4SLinus Torvalds { 2141da177e4SLinus Torvalds return NF_HOOK(PF_INET6,NF_IP6_LOCAL_IN, skb, skb->dev, NULL, ip6_input_finish); 2151da177e4SLinus Torvalds } 2161da177e4SLinus Torvalds 2171da177e4SLinus Torvalds int ip6_mc_input(struct sk_buff *skb) 2181da177e4SLinus Torvalds { 2191da177e4SLinus Torvalds struct ipv6hdr *hdr; 2201da177e4SLinus Torvalds int deliver; 2211da177e4SLinus Torvalds 2221da177e4SLinus Torvalds IP6_INC_STATS_BH(IPSTATS_MIB_INMCASTPKTS); 2231da177e4SLinus Torvalds 2241da177e4SLinus Torvalds hdr = skb->nh.ipv6h; 2251da177e4SLinus Torvalds deliver = likely(!(skb->dev->flags & (IFF_PROMISC|IFF_ALLMULTI))) || 2261da177e4SLinus Torvalds ipv6_chk_mcast_addr(skb->dev, &hdr->daddr, NULL); 2271da177e4SLinus Torvalds 2281da177e4SLinus Torvalds /* 2291da177e4SLinus Torvalds * IPv6 multicast router mode isnt currently supported. 2301da177e4SLinus Torvalds */ 2311da177e4SLinus Torvalds #if 0 2321da177e4SLinus Torvalds if (ipv6_config.multicast_route) { 2331da177e4SLinus Torvalds int addr_type; 2341da177e4SLinus Torvalds 2351da177e4SLinus Torvalds addr_type = ipv6_addr_type(&hdr->daddr); 2361da177e4SLinus Torvalds 2371da177e4SLinus Torvalds if (!(addr_type & (IPV6_ADDR_LOOPBACK | IPV6_ADDR_LINKLOCAL))) { 2381da177e4SLinus Torvalds struct sk_buff *skb2; 2391da177e4SLinus Torvalds struct dst_entry *dst; 2401da177e4SLinus Torvalds 2411da177e4SLinus Torvalds dst = skb->dst; 2421da177e4SLinus Torvalds 2431da177e4SLinus Torvalds if (deliver) { 2441da177e4SLinus Torvalds skb2 = skb_clone(skb, GFP_ATOMIC); 2451da177e4SLinus Torvalds dst_output(skb2); 2461da177e4SLinus Torvalds } else { 2471da177e4SLinus Torvalds dst_output(skb); 2481da177e4SLinus Torvalds return 0; 2491da177e4SLinus Torvalds } 2501da177e4SLinus Torvalds } 2511da177e4SLinus Torvalds } 2521da177e4SLinus Torvalds #endif 2531da177e4SLinus Torvalds 2541da177e4SLinus Torvalds if (likely(deliver)) { 2551da177e4SLinus Torvalds ip6_input(skb); 2561da177e4SLinus Torvalds return 0; 2571da177e4SLinus Torvalds } 2581da177e4SLinus Torvalds /* discard */ 2591da177e4SLinus Torvalds kfree_skb(skb); 2601da177e4SLinus Torvalds 2611da177e4SLinus Torvalds return 0; 2621da177e4SLinus Torvalds } 263