xref: /openbmc/linux/net/ipv6/ndisc.c (revision a1e58bbd)
1 /*
2  *	Neighbour Discovery for IPv6
3  *	Linux INET6 implementation
4  *
5  *	Authors:
6  *	Pedro Roque		<roque@di.fc.ul.pt>
7  *	Mike Shaver		<shaver@ingenia.com>
8  *
9  *	This program is free software; you can redistribute it and/or
10  *      modify it under the terms of the GNU General Public License
11  *      as published by the Free Software Foundation; either version
12  *      2 of the License, or (at your option) any later version.
13  */
14 
15 /*
16  *	Changes:
17  *
18  *	Pierre Ynard			:	export userland ND options
19  *						through netlink (RDNSS support)
20  *	Lars Fenneberg			:	fixed MTU setting on receipt
21  *						of an RA.
22  *	Janos Farkas			:	kmalloc failure checks
23  *	Alexey Kuznetsov		:	state machine reworked
24  *						and moved to net/core.
25  *	Pekka Savola			:	RFC2461 validation
26  *	YOSHIFUJI Hideaki @USAGI	:	Verify ND options properly
27  */
28 
29 /* Set to 3 to get tracing... */
30 #define ND_DEBUG 1
31 
32 #define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
33 #define ND_NOPRINTK(x...) do { ; } while(0)
34 #define ND_PRINTK0 ND_PRINTK
35 #define ND_PRINTK1 ND_NOPRINTK
36 #define ND_PRINTK2 ND_NOPRINTK
37 #define ND_PRINTK3 ND_NOPRINTK
38 #if ND_DEBUG >= 1
39 #undef ND_PRINTK1
40 #define ND_PRINTK1 ND_PRINTK
41 #endif
42 #if ND_DEBUG >= 2
43 #undef ND_PRINTK2
44 #define ND_PRINTK2 ND_PRINTK
45 #endif
46 #if ND_DEBUG >= 3
47 #undef ND_PRINTK3
48 #define ND_PRINTK3 ND_PRINTK
49 #endif
50 
51 #include <linux/module.h>
52 #include <linux/errno.h>
53 #include <linux/types.h>
54 #include <linux/socket.h>
55 #include <linux/sockios.h>
56 #include <linux/sched.h>
57 #include <linux/net.h>
58 #include <linux/in6.h>
59 #include <linux/route.h>
60 #include <linux/init.h>
61 #include <linux/rcupdate.h>
62 #ifdef CONFIG_SYSCTL
63 #include <linux/sysctl.h>
64 #endif
65 
66 #include <linux/if_addr.h>
67 #include <linux/if_arp.h>
68 #include <linux/ipv6.h>
69 #include <linux/icmpv6.h>
70 #include <linux/jhash.h>
71 
72 #include <net/sock.h>
73 #include <net/snmp.h>
74 
75 #include <net/ipv6.h>
76 #include <net/protocol.h>
77 #include <net/ndisc.h>
78 #include <net/ip6_route.h>
79 #include <net/addrconf.h>
80 #include <net/icmp.h>
81 
82 #include <net/netlink.h>
83 #include <linux/rtnetlink.h>
84 
85 #include <net/flow.h>
86 #include <net/ip6_checksum.h>
87 #include <linux/proc_fs.h>
88 
89 #include <linux/netfilter.h>
90 #include <linux/netfilter_ipv6.h>
91 
92 static struct socket *ndisc_socket;
93 
94 static u32 ndisc_hash(const void *pkey, const struct net_device *dev);
95 static int ndisc_constructor(struct neighbour *neigh);
96 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
97 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
98 static int pndisc_constructor(struct pneigh_entry *n);
99 static void pndisc_destructor(struct pneigh_entry *n);
100 static void pndisc_redo(struct sk_buff *skb);
101 
102 static struct neigh_ops ndisc_generic_ops = {
103 	.family =		AF_INET6,
104 	.solicit =		ndisc_solicit,
105 	.error_report =		ndisc_error_report,
106 	.output =		neigh_resolve_output,
107 	.connected_output =	neigh_connected_output,
108 	.hh_output =		dev_queue_xmit,
109 	.queue_xmit =		dev_queue_xmit,
110 };
111 
112 static struct neigh_ops ndisc_hh_ops = {
113 	.family =		AF_INET6,
114 	.solicit =		ndisc_solicit,
115 	.error_report =		ndisc_error_report,
116 	.output =		neigh_resolve_output,
117 	.connected_output =	neigh_resolve_output,
118 	.hh_output =		dev_queue_xmit,
119 	.queue_xmit =		dev_queue_xmit,
120 };
121 
122 
123 static struct neigh_ops ndisc_direct_ops = {
124 	.family =		AF_INET6,
125 	.output =		dev_queue_xmit,
126 	.connected_output =	dev_queue_xmit,
127 	.hh_output =		dev_queue_xmit,
128 	.queue_xmit =		dev_queue_xmit,
129 };
130 
131 struct neigh_table nd_tbl = {
132 	.family =	AF_INET6,
133 	.entry_size =	sizeof(struct neighbour) + sizeof(struct in6_addr),
134 	.key_len =	sizeof(struct in6_addr),
135 	.hash =		ndisc_hash,
136 	.constructor =	ndisc_constructor,
137 	.pconstructor =	pndisc_constructor,
138 	.pdestructor =	pndisc_destructor,
139 	.proxy_redo =	pndisc_redo,
140 	.id =		"ndisc_cache",
141 	.parms = {
142 		.tbl =			&nd_tbl,
143 		.base_reachable_time =	30 * HZ,
144 		.retrans_time =	 1 * HZ,
145 		.gc_staletime =	60 * HZ,
146 		.reachable_time =		30 * HZ,
147 		.delay_probe_time =	 5 * HZ,
148 		.queue_len =		 3,
149 		.ucast_probes =	 3,
150 		.mcast_probes =	 3,
151 		.anycast_delay =	 1 * HZ,
152 		.proxy_delay =		(8 * HZ) / 10,
153 		.proxy_qlen =		64,
154 	},
155 	.gc_interval =	  30 * HZ,
156 	.gc_thresh1 =	 128,
157 	.gc_thresh2 =	 512,
158 	.gc_thresh3 =	1024,
159 };
160 
161 /* ND options */
162 struct ndisc_options {
163 	struct nd_opt_hdr *nd_opt_array[__ND_OPT_ARRAY_MAX];
164 #ifdef CONFIG_IPV6_ROUTE_INFO
165 	struct nd_opt_hdr *nd_opts_ri;
166 	struct nd_opt_hdr *nd_opts_ri_end;
167 #endif
168 	struct nd_opt_hdr *nd_useropts;
169 	struct nd_opt_hdr *nd_useropts_end;
170 };
171 
172 #define nd_opts_src_lladdr	nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
173 #define nd_opts_tgt_lladdr	nd_opt_array[ND_OPT_TARGET_LL_ADDR]
174 #define nd_opts_pi		nd_opt_array[ND_OPT_PREFIX_INFO]
175 #define nd_opts_pi_end		nd_opt_array[__ND_OPT_PREFIX_INFO_END]
176 #define nd_opts_rh		nd_opt_array[ND_OPT_REDIRECT_HDR]
177 #define nd_opts_mtu		nd_opt_array[ND_OPT_MTU]
178 
179 #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
180 
181 /*
182  * Return the padding between the option length and the start of the
183  * link addr.  Currently only IP-over-InfiniBand needs this, although
184  * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
185  * also need a pad of 2.
186  */
187 static int ndisc_addr_option_pad(unsigned short type)
188 {
189 	switch (type) {
190 	case ARPHRD_INFINIBAND: return 2;
191 	default:                return 0;
192 	}
193 }
194 
195 static inline int ndisc_opt_addr_space(struct net_device *dev)
196 {
197 	return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
198 }
199 
200 static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
201 				  unsigned short addr_type)
202 {
203 	int space = NDISC_OPT_SPACE(data_len);
204 	int pad   = ndisc_addr_option_pad(addr_type);
205 
206 	opt[0] = type;
207 	opt[1] = space>>3;
208 
209 	memset(opt + 2, 0, pad);
210 	opt   += pad;
211 	space -= pad;
212 
213 	memcpy(opt+2, data, data_len);
214 	data_len += 2;
215 	opt += data_len;
216 	if ((space -= data_len) > 0)
217 		memset(opt, 0, space);
218 	return opt + space;
219 }
220 
221 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
222 					    struct nd_opt_hdr *end)
223 {
224 	int type;
225 	if (!cur || !end || cur >= end)
226 		return NULL;
227 	type = cur->nd_opt_type;
228 	do {
229 		cur = ((void *)cur) + (cur->nd_opt_len << 3);
230 	} while(cur < end && cur->nd_opt_type != type);
231 	return (cur <= end && cur->nd_opt_type == type ? cur : NULL);
232 }
233 
234 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
235 {
236 	return (opt->nd_opt_type == ND_OPT_RDNSS);
237 }
238 
239 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
240 					     struct nd_opt_hdr *end)
241 {
242 	if (!cur || !end || cur >= end)
243 		return NULL;
244 	do {
245 		cur = ((void *)cur) + (cur->nd_opt_len << 3);
246 	} while(cur < end && !ndisc_is_useropt(cur));
247 	return (cur <= end && ndisc_is_useropt(cur) ? cur : NULL);
248 }
249 
250 static struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
251 						 struct ndisc_options *ndopts)
252 {
253 	struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
254 
255 	if (!nd_opt || opt_len < 0 || !ndopts)
256 		return NULL;
257 	memset(ndopts, 0, sizeof(*ndopts));
258 	while (opt_len) {
259 		int l;
260 		if (opt_len < sizeof(struct nd_opt_hdr))
261 			return NULL;
262 		l = nd_opt->nd_opt_len << 3;
263 		if (opt_len < l || l == 0)
264 			return NULL;
265 		switch (nd_opt->nd_opt_type) {
266 		case ND_OPT_SOURCE_LL_ADDR:
267 		case ND_OPT_TARGET_LL_ADDR:
268 		case ND_OPT_MTU:
269 		case ND_OPT_REDIRECT_HDR:
270 			if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
271 				ND_PRINTK2(KERN_WARNING
272 					   "%s(): duplicated ND6 option found: type=%d\n",
273 					   __FUNCTION__,
274 					   nd_opt->nd_opt_type);
275 			} else {
276 				ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
277 			}
278 			break;
279 		case ND_OPT_PREFIX_INFO:
280 			ndopts->nd_opts_pi_end = nd_opt;
281 			if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
282 				ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
283 			break;
284 #ifdef CONFIG_IPV6_ROUTE_INFO
285 		case ND_OPT_ROUTE_INFO:
286 			ndopts->nd_opts_ri_end = nd_opt;
287 			if (!ndopts->nd_opts_ri)
288 				ndopts->nd_opts_ri = nd_opt;
289 			break;
290 #endif
291 		default:
292 			if (ndisc_is_useropt(nd_opt)) {
293 				ndopts->nd_useropts_end = nd_opt;
294 				if (!ndopts->nd_useropts)
295 					ndopts->nd_useropts = nd_opt;
296 			} else {
297 				/*
298 				 * Unknown options must be silently ignored,
299 				 * to accommodate future extension to the
300 				 * protocol.
301 				 */
302 				ND_PRINTK2(KERN_NOTICE
303 					   "%s(): ignored unsupported option; type=%d, len=%d\n",
304 					   __FUNCTION__,
305 					   nd_opt->nd_opt_type, nd_opt->nd_opt_len);
306 			}
307 		}
308 		opt_len -= l;
309 		nd_opt = ((void *)nd_opt) + l;
310 	}
311 	return ndopts;
312 }
313 
314 static inline u8 *ndisc_opt_addr_data(struct nd_opt_hdr *p,
315 				      struct net_device *dev)
316 {
317 	u8 *lladdr = (u8 *)(p + 1);
318 	int lladdrlen = p->nd_opt_len << 3;
319 	int prepad = ndisc_addr_option_pad(dev->type);
320 	if (lladdrlen != NDISC_OPT_SPACE(dev->addr_len + prepad))
321 		return NULL;
322 	return (lladdr + prepad);
323 }
324 
325 int ndisc_mc_map(struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
326 {
327 	switch (dev->type) {
328 	case ARPHRD_ETHER:
329 	case ARPHRD_IEEE802:	/* Not sure. Check it later. --ANK */
330 	case ARPHRD_FDDI:
331 		ipv6_eth_mc_map(addr, buf);
332 		return 0;
333 	case ARPHRD_IEEE802_TR:
334 		ipv6_tr_mc_map(addr,buf);
335 		return 0;
336 	case ARPHRD_ARCNET:
337 		ipv6_arcnet_mc_map(addr, buf);
338 		return 0;
339 	case ARPHRD_INFINIBAND:
340 		ipv6_ib_mc_map(addr, dev->broadcast, buf);
341 		return 0;
342 	default:
343 		if (dir) {
344 			memcpy(buf, dev->broadcast, dev->addr_len);
345 			return 0;
346 		}
347 	}
348 	return -EINVAL;
349 }
350 
351 EXPORT_SYMBOL(ndisc_mc_map);
352 
353 static u32 ndisc_hash(const void *pkey, const struct net_device *dev)
354 {
355 	const u32 *p32 = pkey;
356 	u32 addr_hash, i;
357 
358 	addr_hash = 0;
359 	for (i = 0; i < (sizeof(struct in6_addr) / sizeof(u32)); i++)
360 		addr_hash ^= *p32++;
361 
362 	return jhash_2words(addr_hash, dev->ifindex, nd_tbl.hash_rnd);
363 }
364 
365 static int ndisc_constructor(struct neighbour *neigh)
366 {
367 	struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
368 	struct net_device *dev = neigh->dev;
369 	struct inet6_dev *in6_dev;
370 	struct neigh_parms *parms;
371 	int is_multicast = ipv6_addr_is_multicast(addr);
372 
373 	rcu_read_lock();
374 	in6_dev = in6_dev_get(dev);
375 	if (in6_dev == NULL) {
376 		rcu_read_unlock();
377 		return -EINVAL;
378 	}
379 
380 	parms = in6_dev->nd_parms;
381 	__neigh_parms_put(neigh->parms);
382 	neigh->parms = neigh_parms_clone(parms);
383 	rcu_read_unlock();
384 
385 	neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
386 	if (!dev->header_ops) {
387 		neigh->nud_state = NUD_NOARP;
388 		neigh->ops = &ndisc_direct_ops;
389 		neigh->output = neigh->ops->queue_xmit;
390 	} else {
391 		if (is_multicast) {
392 			neigh->nud_state = NUD_NOARP;
393 			ndisc_mc_map(addr, neigh->ha, dev, 1);
394 		} else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
395 			neigh->nud_state = NUD_NOARP;
396 			memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
397 			if (dev->flags&IFF_LOOPBACK)
398 				neigh->type = RTN_LOCAL;
399 		} else if (dev->flags&IFF_POINTOPOINT) {
400 			neigh->nud_state = NUD_NOARP;
401 			memcpy(neigh->ha, dev->broadcast, dev->addr_len);
402 		}
403 		if (dev->header_ops->cache)
404 			neigh->ops = &ndisc_hh_ops;
405 		else
406 			neigh->ops = &ndisc_generic_ops;
407 		if (neigh->nud_state&NUD_VALID)
408 			neigh->output = neigh->ops->connected_output;
409 		else
410 			neigh->output = neigh->ops->output;
411 	}
412 	in6_dev_put(in6_dev);
413 	return 0;
414 }
415 
416 static int pndisc_constructor(struct pneigh_entry *n)
417 {
418 	struct in6_addr *addr = (struct in6_addr*)&n->key;
419 	struct in6_addr maddr;
420 	struct net_device *dev = n->dev;
421 
422 	if (dev == NULL || __in6_dev_get(dev) == NULL)
423 		return -EINVAL;
424 	addrconf_addr_solict_mult(addr, &maddr);
425 	ipv6_dev_mc_inc(dev, &maddr);
426 	return 0;
427 }
428 
429 static void pndisc_destructor(struct pneigh_entry *n)
430 {
431 	struct in6_addr *addr = (struct in6_addr*)&n->key;
432 	struct in6_addr maddr;
433 	struct net_device *dev = n->dev;
434 
435 	if (dev == NULL || __in6_dev_get(dev) == NULL)
436 		return;
437 	addrconf_addr_solict_mult(addr, &maddr);
438 	ipv6_dev_mc_dec(dev, &maddr);
439 }
440 
441 /*
442  *	Send a Neighbour Advertisement
443  */
444 
445 static inline void ndisc_flow_init(struct flowi *fl, u8 type,
446 			    struct in6_addr *saddr, struct in6_addr *daddr,
447 			    int oif)
448 {
449 	memset(fl, 0, sizeof(*fl));
450 	ipv6_addr_copy(&fl->fl6_src, saddr);
451 	ipv6_addr_copy(&fl->fl6_dst, daddr);
452 	fl->proto	 	= IPPROTO_ICMPV6;
453 	fl->fl_icmp_type	= type;
454 	fl->fl_icmp_code	= 0;
455 	fl->oif			= oif;
456 	security_sk_classify_flow(ndisc_socket->sk, fl);
457 }
458 
459 static void __ndisc_send(struct net_device *dev,
460 			 struct neighbour *neigh,
461 			 struct in6_addr *daddr, struct in6_addr *saddr,
462 			 struct icmp6hdr *icmp6h, struct in6_addr *target,
463 			 int llinfo)
464 {
465 	struct flowi fl;
466 	struct dst_entry *dst;
467 	struct sock *sk = ndisc_socket->sk;
468 	struct sk_buff *skb;
469 	struct icmp6hdr *hdr;
470 	struct inet6_dev *idev;
471 	int len;
472 	int err;
473 	u8 *opt, type;
474 
475 	type = icmp6h->icmp6_type;
476 
477 	ndisc_flow_init(&fl, type, saddr, daddr,
478 			dev->ifindex);
479 
480 	dst = ndisc_dst_alloc(dev, neigh, daddr, ip6_output);
481 	if (!dst)
482 		return;
483 
484 	err = xfrm_lookup(&dst, &fl, NULL, 0);
485 	if (err < 0)
486 		return;
487 
488 	if (!dev->addr_len)
489 		llinfo = 0;
490 
491 	len = sizeof(struct icmp6hdr) + (target ? sizeof(*target) : 0);
492 	if (llinfo)
493 		len += ndisc_opt_addr_space(dev);
494 
495 	skb = sock_alloc_send_skb(sk,
496 				  (MAX_HEADER + sizeof(struct ipv6hdr) +
497 				   len + LL_RESERVED_SPACE(dev)),
498 				  1, &err);
499 	if (!skb) {
500 		ND_PRINTK0(KERN_ERR
501 			   "ICMPv6 ND: %s() failed to allocate an skb.\n",
502 			   __FUNCTION__);
503 		dst_release(dst);
504 		return;
505 	}
506 
507 	skb_reserve(skb, LL_RESERVED_SPACE(dev));
508 	ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
509 
510 	skb->transport_header = skb->tail;
511 	skb_put(skb, len);
512 
513 	hdr = (struct icmp6hdr *)skb_transport_header(skb);
514 	memcpy(hdr, icmp6h, sizeof(*hdr));
515 
516 	opt = skb_transport_header(skb) + sizeof(struct icmp6hdr);
517 	if (target) {
518 		ipv6_addr_copy((struct in6_addr *)opt, target);
519 		opt += sizeof(*target);
520 	}
521 
522 	if (llinfo)
523 		ndisc_fill_addr_option(opt, llinfo, dev->dev_addr,
524 				       dev->addr_len, dev->type);
525 
526 	hdr->icmp6_cksum = csum_ipv6_magic(saddr, daddr, len,
527 					   IPPROTO_ICMPV6,
528 					   csum_partial((__u8 *) hdr,
529 							len, 0));
530 
531 	skb->dst = dst;
532 
533 	idev = in6_dev_get(dst->dev);
534 	IP6_INC_STATS(idev, IPSTATS_MIB_OUTREQUESTS);
535 
536 	err = NF_HOOK(PF_INET6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
537 		      dst_output);
538 	if (!err) {
539 		ICMP6MSGOUT_INC_STATS(idev, type);
540 		ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
541 	}
542 
543 	if (likely(idev != NULL))
544 		in6_dev_put(idev);
545 }
546 
547 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
548 		   struct in6_addr *daddr, struct in6_addr *solicited_addr,
549 		   int router, int solicited, int override, int inc_opt)
550 {
551 	struct in6_addr tmpaddr;
552 	struct inet6_ifaddr *ifp;
553 	struct in6_addr *src_addr;
554 	struct icmp6hdr icmp6h = {
555 		.icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
556 	};
557 
558 	/* for anycast or proxy, solicited_addr != src_addr */
559 	ifp = ipv6_get_ifaddr(&init_net, solicited_addr, dev, 1);
560 	if (ifp) {
561 		src_addr = solicited_addr;
562 		if (ifp->flags & IFA_F_OPTIMISTIC)
563 			override = 0;
564 		in6_ifa_put(ifp);
565 	} else {
566 		if (ipv6_dev_get_saddr(dev, daddr, &tmpaddr))
567 			return;
568 		src_addr = &tmpaddr;
569 	}
570 
571 	icmp6h.icmp6_router = router;
572 	icmp6h.icmp6_solicited = solicited;
573 	icmp6h.icmp6_override = override;
574 
575 	__ndisc_send(dev, neigh, daddr, src_addr,
576 		     &icmp6h, solicited_addr,
577 		     inc_opt ? ND_OPT_TARGET_LL_ADDR : 0);
578 }
579 
580 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
581 		   struct in6_addr *solicit,
582 		   struct in6_addr *daddr, struct in6_addr *saddr)
583 {
584 	struct in6_addr addr_buf;
585 	struct icmp6hdr icmp6h = {
586 		.icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
587 	};
588 
589 	if (saddr == NULL) {
590 		if (ipv6_get_lladdr(dev, &addr_buf,
591 				   (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
592 			return;
593 		saddr = &addr_buf;
594 	}
595 
596 	__ndisc_send(dev, neigh, daddr, saddr,
597 		     &icmp6h, solicit,
598 		     !ipv6_addr_any(saddr) ? ND_OPT_SOURCE_LL_ADDR : 0);
599 }
600 
601 void ndisc_send_rs(struct net_device *dev, struct in6_addr *saddr,
602 		   struct in6_addr *daddr)
603 {
604 	struct icmp6hdr icmp6h = {
605 		.icmp6_type = NDISC_ROUTER_SOLICITATION,
606 	};
607 	int send_sllao = dev->addr_len;
608 
609 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
610 	/*
611 	 * According to section 2.2 of RFC 4429, we must not
612 	 * send router solicitations with a sllao from
613 	 * optimistic addresses, but we may send the solicitation
614 	 * if we don't include the sllao.  So here we check
615 	 * if our address is optimistic, and if so, we
616 	 * suppress the inclusion of the sllao.
617 	 */
618 	if (send_sllao) {
619 		struct inet6_ifaddr *ifp = ipv6_get_ifaddr(&init_net, saddr,
620 							   dev, 1);
621 		if (ifp) {
622 			if (ifp->flags & IFA_F_OPTIMISTIC)  {
623 				send_sllao = 0;
624 			}
625 			in6_ifa_put(ifp);
626 		} else {
627 			send_sllao = 0;
628 		}
629 	}
630 #endif
631 	__ndisc_send(dev, NULL, daddr, saddr,
632 		     &icmp6h, NULL,
633 		     send_sllao ? ND_OPT_SOURCE_LL_ADDR : 0);
634 }
635 
636 
637 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
638 {
639 	/*
640 	 *	"The sender MUST return an ICMP
641 	 *	 destination unreachable"
642 	 */
643 	dst_link_failure(skb);
644 	kfree_skb(skb);
645 }
646 
647 /* Called with locked neigh: either read or both */
648 
649 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
650 {
651 	struct in6_addr *saddr = NULL;
652 	struct in6_addr mcaddr;
653 	struct net_device *dev = neigh->dev;
654 	struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
655 	int probes = atomic_read(&neigh->probes);
656 
657 	if (skb && ipv6_chk_addr(&init_net, &ipv6_hdr(skb)->saddr, dev, 1))
658 		saddr = &ipv6_hdr(skb)->saddr;
659 
660 	if ((probes -= neigh->parms->ucast_probes) < 0) {
661 		if (!(neigh->nud_state & NUD_VALID)) {
662 			ND_PRINTK1(KERN_DEBUG
663 				   "%s(): trying to ucast probe in NUD_INVALID: "
664 				   NIP6_FMT "\n",
665 				   __FUNCTION__,
666 				   NIP6(*target));
667 		}
668 		ndisc_send_ns(dev, neigh, target, target, saddr);
669 	} else if ((probes -= neigh->parms->app_probes) < 0) {
670 #ifdef CONFIG_ARPD
671 		neigh_app_ns(neigh);
672 #endif
673 	} else {
674 		addrconf_addr_solict_mult(target, &mcaddr);
675 		ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
676 	}
677 }
678 
679 static struct pneigh_entry *pndisc_check_router(struct net_device *dev,
680 		struct in6_addr *addr, int *is_router)
681 {
682 	struct pneigh_entry *n;
683 
684 	read_lock_bh(&nd_tbl.lock);
685 	n = __pneigh_lookup(&nd_tbl, &init_net, addr, dev);
686 	if (n != NULL)
687 		*is_router = (n->flags & NTF_ROUTER);
688 	read_unlock_bh(&nd_tbl.lock);
689 
690 	return n;
691 }
692 
693 static void ndisc_recv_ns(struct sk_buff *skb)
694 {
695 	struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
696 	struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
697 	struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
698 	u8 *lladdr = NULL;
699 	u32 ndoptlen = skb->tail - (skb->transport_header +
700 				    offsetof(struct nd_msg, opt));
701 	struct ndisc_options ndopts;
702 	struct net_device *dev = skb->dev;
703 	struct inet6_ifaddr *ifp;
704 	struct inet6_dev *idev = NULL;
705 	struct neighbour *neigh;
706 	struct pneigh_entry *pneigh = NULL;
707 	int dad = ipv6_addr_any(saddr);
708 	int inc;
709 	int is_router = 0;
710 
711 	if (ipv6_addr_is_multicast(&msg->target)) {
712 		ND_PRINTK2(KERN_WARNING
713 			   "ICMPv6 NS: multicast target address");
714 		return;
715 	}
716 
717 	/*
718 	 * RFC2461 7.1.1:
719 	 * DAD has to be destined for solicited node multicast address.
720 	 */
721 	if (dad &&
722 	    !(daddr->s6_addr32[0] == htonl(0xff020000) &&
723 	      daddr->s6_addr32[1] == htonl(0x00000000) &&
724 	      daddr->s6_addr32[2] == htonl(0x00000001) &&
725 	      daddr->s6_addr [12] == 0xff )) {
726 		ND_PRINTK2(KERN_WARNING
727 			   "ICMPv6 NS: bad DAD packet (wrong destination)\n");
728 		return;
729 	}
730 
731 	if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
732 		ND_PRINTK2(KERN_WARNING
733 			   "ICMPv6 NS: invalid ND options\n");
734 		return;
735 	}
736 
737 	if (ndopts.nd_opts_src_lladdr) {
738 		lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
739 		if (!lladdr) {
740 			ND_PRINTK2(KERN_WARNING
741 				   "ICMPv6 NS: invalid link-layer address length\n");
742 			return;
743 		}
744 
745 		/* RFC2461 7.1.1:
746 		 *	If the IP source address is the unspecified address,
747 		 *	there MUST NOT be source link-layer address option
748 		 *	in the message.
749 		 */
750 		if (dad) {
751 			ND_PRINTK2(KERN_WARNING
752 				   "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
753 			return;
754 		}
755 	}
756 
757 	inc = ipv6_addr_is_multicast(daddr);
758 
759 	if ((ifp = ipv6_get_ifaddr(&init_net, &msg->target, dev, 1)) != NULL) {
760 
761 		if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
762 			if (dad) {
763 				if (dev->type == ARPHRD_IEEE802_TR) {
764 					const unsigned char *sadr;
765 					sadr = skb_mac_header(skb);
766 					if (((sadr[8] ^ dev->dev_addr[0]) & 0x7f) == 0 &&
767 					    sadr[9] == dev->dev_addr[1] &&
768 					    sadr[10] == dev->dev_addr[2] &&
769 					    sadr[11] == dev->dev_addr[3] &&
770 					    sadr[12] == dev->dev_addr[4] &&
771 					    sadr[13] == dev->dev_addr[5]) {
772 						/* looped-back to us */
773 						goto out;
774 					}
775 				}
776 
777 				/*
778 				 * We are colliding with another node
779 				 * who is doing DAD
780 				 * so fail our DAD process
781 				 */
782 				addrconf_dad_failure(ifp);
783 				return;
784 			} else {
785 				/*
786 				 * This is not a dad solicitation.
787 				 * If we are an optimistic node,
788 				 * we should respond.
789 				 * Otherwise, we should ignore it.
790 				 */
791 				if (!(ifp->flags & IFA_F_OPTIMISTIC))
792 					goto out;
793 			}
794 		}
795 
796 		idev = ifp->idev;
797 	} else {
798 		idev = in6_dev_get(dev);
799 		if (!idev) {
800 			/* XXX: count this drop? */
801 			return;
802 		}
803 
804 		if (ipv6_chk_acast_addr(dev, &msg->target) ||
805 		    (idev->cnf.forwarding &&
806 		     (ipv6_devconf.proxy_ndp || idev->cnf.proxy_ndp) &&
807 		     (pneigh = pndisc_check_router(dev, &msg->target,
808 						  &is_router)) != NULL)) {
809 			if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
810 			    skb->pkt_type != PACKET_HOST &&
811 			    inc != 0 &&
812 			    idev->nd_parms->proxy_delay != 0) {
813 				/*
814 				 * for anycast or proxy,
815 				 * sender should delay its response
816 				 * by a random time between 0 and
817 				 * MAX_ANYCAST_DELAY_TIME seconds.
818 				 * (RFC2461) -- yoshfuji
819 				 */
820 				struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
821 				if (n)
822 					pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
823 				goto out;
824 			}
825 		} else
826 			goto out;
827 	}
828 
829 	is_router = !!(pneigh ? is_router : idev->cnf.forwarding);
830 
831 	if (dad) {
832 		struct in6_addr maddr;
833 
834 		ipv6_addr_all_nodes(&maddr);
835 		ndisc_send_na(dev, NULL, &maddr, &msg->target,
836 			      is_router, 0, (ifp != NULL), 1);
837 		goto out;
838 	}
839 
840 	if (inc)
841 		NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
842 	else
843 		NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
844 
845 	/*
846 	 *	update / create cache entry
847 	 *	for the source address
848 	 */
849 	neigh = __neigh_lookup(&nd_tbl, saddr, dev,
850 			       !inc || lladdr || !dev->addr_len);
851 	if (neigh)
852 		neigh_update(neigh, lladdr, NUD_STALE,
853 			     NEIGH_UPDATE_F_WEAK_OVERRIDE|
854 			     NEIGH_UPDATE_F_OVERRIDE);
855 	if (neigh || !dev->header_ops) {
856 		ndisc_send_na(dev, neigh, saddr, &msg->target,
857 			      is_router,
858 			      1, (ifp != NULL && inc), inc);
859 		if (neigh)
860 			neigh_release(neigh);
861 	}
862 
863 out:
864 	if (ifp)
865 		in6_ifa_put(ifp);
866 	else
867 		in6_dev_put(idev);
868 
869 	return;
870 }
871 
872 static void ndisc_recv_na(struct sk_buff *skb)
873 {
874 	struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
875 	struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
876 	struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
877 	u8 *lladdr = NULL;
878 	u32 ndoptlen = skb->tail - (skb->transport_header +
879 				    offsetof(struct nd_msg, opt));
880 	struct ndisc_options ndopts;
881 	struct net_device *dev = skb->dev;
882 	struct inet6_ifaddr *ifp;
883 	struct neighbour *neigh;
884 
885 	if (skb->len < sizeof(struct nd_msg)) {
886 		ND_PRINTK2(KERN_WARNING
887 			   "ICMPv6 NA: packet too short\n");
888 		return;
889 	}
890 
891 	if (ipv6_addr_is_multicast(&msg->target)) {
892 		ND_PRINTK2(KERN_WARNING
893 			   "ICMPv6 NA: target address is multicast.\n");
894 		return;
895 	}
896 
897 	if (ipv6_addr_is_multicast(daddr) &&
898 	    msg->icmph.icmp6_solicited) {
899 		ND_PRINTK2(KERN_WARNING
900 			   "ICMPv6 NA: solicited NA is multicasted.\n");
901 		return;
902 	}
903 
904 	if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
905 		ND_PRINTK2(KERN_WARNING
906 			   "ICMPv6 NS: invalid ND option\n");
907 		return;
908 	}
909 	if (ndopts.nd_opts_tgt_lladdr) {
910 		lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
911 		if (!lladdr) {
912 			ND_PRINTK2(KERN_WARNING
913 				   "ICMPv6 NA: invalid link-layer address length\n");
914 			return;
915 		}
916 	}
917 	if ((ifp = ipv6_get_ifaddr(&init_net, &msg->target, dev, 1))) {
918 		if (ifp->flags & IFA_F_TENTATIVE) {
919 			addrconf_dad_failure(ifp);
920 			return;
921 		}
922 		/* What should we make now? The advertisement
923 		   is invalid, but ndisc specs say nothing
924 		   about it. It could be misconfiguration, or
925 		   an smart proxy agent tries to help us :-)
926 		 */
927 		ND_PRINTK1(KERN_WARNING
928 			   "ICMPv6 NA: someone advertises our address on %s!\n",
929 			   ifp->idev->dev->name);
930 		in6_ifa_put(ifp);
931 		return;
932 	}
933 	neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
934 
935 	if (neigh) {
936 		u8 old_flags = neigh->flags;
937 
938 		if (neigh->nud_state & NUD_FAILED)
939 			goto out;
940 
941 		/*
942 		 * Don't update the neighbor cache entry on a proxy NA from
943 		 * ourselves because either the proxied node is off link or it
944 		 * has already sent a NA to us.
945 		 */
946 		if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
947 		    ipv6_devconf.forwarding && ipv6_devconf.proxy_ndp &&
948 		    pneigh_lookup(&nd_tbl, &init_net, &msg->target, dev, 0)) {
949 			/* XXX: idev->cnf.prixy_ndp */
950 			goto out;
951 		}
952 
953 		neigh_update(neigh, lladdr,
954 			     msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
955 			     NEIGH_UPDATE_F_WEAK_OVERRIDE|
956 			     (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
957 			     NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
958 			     (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
959 
960 		if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
961 			/*
962 			 * Change: router to host
963 			 */
964 			struct rt6_info *rt;
965 			rt = rt6_get_dflt_router(saddr, dev);
966 			if (rt)
967 				ip6_del_rt(rt);
968 		}
969 
970 out:
971 		neigh_release(neigh);
972 	}
973 }
974 
975 static void ndisc_recv_rs(struct sk_buff *skb)
976 {
977 	struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
978 	unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
979 	struct neighbour *neigh;
980 	struct inet6_dev *idev;
981 	struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
982 	struct ndisc_options ndopts;
983 	u8 *lladdr = NULL;
984 
985 	if (skb->len < sizeof(*rs_msg))
986 		return;
987 
988 	idev = in6_dev_get(skb->dev);
989 	if (!idev) {
990 		if (net_ratelimit())
991 			ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
992 		return;
993 	}
994 
995 	/* Don't accept RS if we're not in router mode */
996 	if (!idev->cnf.forwarding)
997 		goto out;
998 
999 	/*
1000 	 * Don't update NCE if src = ::;
1001 	 * this implies that the source node has no ip address assigned yet.
1002 	 */
1003 	if (ipv6_addr_any(saddr))
1004 		goto out;
1005 
1006 	/* Parse ND options */
1007 	if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
1008 		if (net_ratelimit())
1009 			ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
1010 		goto out;
1011 	}
1012 
1013 	if (ndopts.nd_opts_src_lladdr) {
1014 		lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1015 					     skb->dev);
1016 		if (!lladdr)
1017 			goto out;
1018 	}
1019 
1020 	neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1021 	if (neigh) {
1022 		neigh_update(neigh, lladdr, NUD_STALE,
1023 			     NEIGH_UPDATE_F_WEAK_OVERRIDE|
1024 			     NEIGH_UPDATE_F_OVERRIDE|
1025 			     NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1026 		neigh_release(neigh);
1027 	}
1028 out:
1029 	in6_dev_put(idev);
1030 }
1031 
1032 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1033 {
1034 	struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1035 	struct sk_buff *skb;
1036 	struct nlmsghdr *nlh;
1037 	struct nduseroptmsg *ndmsg;
1038 	int err;
1039 	int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1040 				    + (opt->nd_opt_len << 3));
1041 	size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1042 
1043 	skb = nlmsg_new(msg_size, GFP_ATOMIC);
1044 	if (skb == NULL) {
1045 		err = -ENOBUFS;
1046 		goto errout;
1047 	}
1048 
1049 	nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1050 	if (nlh == NULL) {
1051 		goto nla_put_failure;
1052 	}
1053 
1054 	ndmsg = nlmsg_data(nlh);
1055 	ndmsg->nduseropt_family = AF_INET6;
1056 	ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1057 	ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1058 	ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1059 	ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1060 
1061 	memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1062 
1063 	NLA_PUT(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1064 		&ipv6_hdr(ra)->saddr);
1065 	nlmsg_end(skb, nlh);
1066 
1067 	err = rtnl_notify(skb, &init_net, 0, RTNLGRP_ND_USEROPT, NULL,
1068 			  GFP_ATOMIC);
1069 	if (err < 0)
1070 		goto errout;
1071 
1072 	return;
1073 
1074 nla_put_failure:
1075 	nlmsg_free(skb);
1076 	err = -EMSGSIZE;
1077 errout:
1078 	rtnl_set_sk_err(&init_net, RTNLGRP_ND_USEROPT, err);
1079 }
1080 
1081 static void ndisc_router_discovery(struct sk_buff *skb)
1082 {
1083 	struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1084 	struct neighbour *neigh = NULL;
1085 	struct inet6_dev *in6_dev;
1086 	struct rt6_info *rt = NULL;
1087 	int lifetime;
1088 	struct ndisc_options ndopts;
1089 	int optlen;
1090 	unsigned int pref = 0;
1091 
1092 	__u8 * opt = (__u8 *)(ra_msg + 1);
1093 
1094 	optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg);
1095 
1096 	if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1097 		ND_PRINTK2(KERN_WARNING
1098 			   "ICMPv6 RA: source address is not link-local.\n");
1099 		return;
1100 	}
1101 	if (optlen < 0) {
1102 		ND_PRINTK2(KERN_WARNING
1103 			   "ICMPv6 RA: packet too short\n");
1104 		return;
1105 	}
1106 
1107 	/*
1108 	 *	set the RA_RECV flag in the interface
1109 	 */
1110 
1111 	in6_dev = in6_dev_get(skb->dev);
1112 	if (in6_dev == NULL) {
1113 		ND_PRINTK0(KERN_ERR
1114 			   "ICMPv6 RA: can't find inet6 device for %s.\n",
1115 			   skb->dev->name);
1116 		return;
1117 	}
1118 	if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_ra) {
1119 		in6_dev_put(in6_dev);
1120 		return;
1121 	}
1122 
1123 	if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1124 		in6_dev_put(in6_dev);
1125 		ND_PRINTK2(KERN_WARNING
1126 			   "ICMP6 RA: invalid ND options\n");
1127 		return;
1128 	}
1129 
1130 	if (in6_dev->if_flags & IF_RS_SENT) {
1131 		/*
1132 		 *	flag that an RA was received after an RS was sent
1133 		 *	out on this interface.
1134 		 */
1135 		in6_dev->if_flags |= IF_RA_RCVD;
1136 	}
1137 
1138 	/*
1139 	 * Remember the managed/otherconf flags from most recently
1140 	 * received RA message (RFC 2462) -- yoshfuji
1141 	 */
1142 	in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1143 				IF_RA_OTHERCONF)) |
1144 				(ra_msg->icmph.icmp6_addrconf_managed ?
1145 					IF_RA_MANAGED : 0) |
1146 				(ra_msg->icmph.icmp6_addrconf_other ?
1147 					IF_RA_OTHERCONF : 0);
1148 
1149 	if (!in6_dev->cnf.accept_ra_defrtr)
1150 		goto skip_defrtr;
1151 
1152 	lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1153 
1154 #ifdef CONFIG_IPV6_ROUTER_PREF
1155 	pref = ra_msg->icmph.icmp6_router_pref;
1156 	/* 10b is handled as if it were 00b (medium) */
1157 	if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1158 	    !in6_dev->cnf.accept_ra_rtr_pref)
1159 		pref = ICMPV6_ROUTER_PREF_MEDIUM;
1160 #endif
1161 
1162 	rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1163 
1164 	if (rt)
1165 		neigh = rt->rt6i_nexthop;
1166 
1167 	if (rt && lifetime == 0) {
1168 		neigh_clone(neigh);
1169 		ip6_del_rt(rt);
1170 		rt = NULL;
1171 	}
1172 
1173 	if (rt == NULL && lifetime) {
1174 		ND_PRINTK3(KERN_DEBUG
1175 			   "ICMPv6 RA: adding default router.\n");
1176 
1177 		rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1178 		if (rt == NULL) {
1179 			ND_PRINTK0(KERN_ERR
1180 				   "ICMPv6 RA: %s() failed to add default route.\n",
1181 				   __FUNCTION__);
1182 			in6_dev_put(in6_dev);
1183 			return;
1184 		}
1185 
1186 		neigh = rt->rt6i_nexthop;
1187 		if (neigh == NULL) {
1188 			ND_PRINTK0(KERN_ERR
1189 				   "ICMPv6 RA: %s() got default router without neighbour.\n",
1190 				   __FUNCTION__);
1191 			dst_release(&rt->u.dst);
1192 			in6_dev_put(in6_dev);
1193 			return;
1194 		}
1195 		neigh->flags |= NTF_ROUTER;
1196 	} else if (rt) {
1197 		rt->rt6i_flags |= (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1198 	}
1199 
1200 	if (rt)
1201 		rt->rt6i_expires = jiffies + (HZ * lifetime);
1202 
1203 	if (ra_msg->icmph.icmp6_hop_limit) {
1204 		in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1205 		if (rt)
1206 			rt->u.dst.metrics[RTAX_HOPLIMIT-1] = ra_msg->icmph.icmp6_hop_limit;
1207 	}
1208 
1209 skip_defrtr:
1210 
1211 	/*
1212 	 *	Update Reachable Time and Retrans Timer
1213 	 */
1214 
1215 	if (in6_dev->nd_parms) {
1216 		unsigned long rtime = ntohl(ra_msg->retrans_timer);
1217 
1218 		if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1219 			rtime = (rtime*HZ)/1000;
1220 			if (rtime < HZ/10)
1221 				rtime = HZ/10;
1222 			in6_dev->nd_parms->retrans_time = rtime;
1223 			in6_dev->tstamp = jiffies;
1224 			inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1225 		}
1226 
1227 		rtime = ntohl(ra_msg->reachable_time);
1228 		if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1229 			rtime = (rtime*HZ)/1000;
1230 
1231 			if (rtime < HZ/10)
1232 				rtime = HZ/10;
1233 
1234 			if (rtime != in6_dev->nd_parms->base_reachable_time) {
1235 				in6_dev->nd_parms->base_reachable_time = rtime;
1236 				in6_dev->nd_parms->gc_staletime = 3 * rtime;
1237 				in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1238 				in6_dev->tstamp = jiffies;
1239 				inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1240 			}
1241 		}
1242 	}
1243 
1244 	/*
1245 	 *	Process options.
1246 	 */
1247 
1248 	if (!neigh)
1249 		neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1250 				       skb->dev, 1);
1251 	if (neigh) {
1252 		u8 *lladdr = NULL;
1253 		if (ndopts.nd_opts_src_lladdr) {
1254 			lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1255 						     skb->dev);
1256 			if (!lladdr) {
1257 				ND_PRINTK2(KERN_WARNING
1258 					   "ICMPv6 RA: invalid link-layer address length\n");
1259 				goto out;
1260 			}
1261 		}
1262 		neigh_update(neigh, lladdr, NUD_STALE,
1263 			     NEIGH_UPDATE_F_WEAK_OVERRIDE|
1264 			     NEIGH_UPDATE_F_OVERRIDE|
1265 			     NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1266 			     NEIGH_UPDATE_F_ISROUTER);
1267 	}
1268 
1269 #ifdef CONFIG_IPV6_ROUTE_INFO
1270 	if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1271 		struct nd_opt_hdr *p;
1272 		for (p = ndopts.nd_opts_ri;
1273 		     p;
1274 		     p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1275 			if (((struct route_info *)p)->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1276 				continue;
1277 			rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1278 				      &ipv6_hdr(skb)->saddr);
1279 		}
1280 	}
1281 #endif
1282 
1283 	if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1284 		struct nd_opt_hdr *p;
1285 		for (p = ndopts.nd_opts_pi;
1286 		     p;
1287 		     p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1288 			addrconf_prefix_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3);
1289 		}
1290 	}
1291 
1292 	if (ndopts.nd_opts_mtu) {
1293 		__be32 n;
1294 		u32 mtu;
1295 
1296 		memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1297 		mtu = ntohl(n);
1298 
1299 		if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1300 			ND_PRINTK2(KERN_WARNING
1301 				   "ICMPv6 RA: invalid mtu: %d\n",
1302 				   mtu);
1303 		} else if (in6_dev->cnf.mtu6 != mtu) {
1304 			in6_dev->cnf.mtu6 = mtu;
1305 
1306 			if (rt)
1307 				rt->u.dst.metrics[RTAX_MTU-1] = mtu;
1308 
1309 			rt6_mtu_change(skb->dev, mtu);
1310 		}
1311 	}
1312 
1313 	if (ndopts.nd_useropts) {
1314 		struct nd_opt_hdr *p;
1315 		for (p = ndopts.nd_useropts;
1316 		     p;
1317 		     p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1318 			ndisc_ra_useropt(skb, p);
1319 		}
1320 	}
1321 
1322 	if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1323 		ND_PRINTK2(KERN_WARNING
1324 			   "ICMPv6 RA: invalid RA options");
1325 	}
1326 out:
1327 	if (rt)
1328 		dst_release(&rt->u.dst);
1329 	else if (neigh)
1330 		neigh_release(neigh);
1331 	in6_dev_put(in6_dev);
1332 }
1333 
1334 static void ndisc_redirect_rcv(struct sk_buff *skb)
1335 {
1336 	struct inet6_dev *in6_dev;
1337 	struct icmp6hdr *icmph;
1338 	struct in6_addr *dest;
1339 	struct in6_addr *target;	/* new first hop to destination */
1340 	struct neighbour *neigh;
1341 	int on_link = 0;
1342 	struct ndisc_options ndopts;
1343 	int optlen;
1344 	u8 *lladdr = NULL;
1345 
1346 	if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1347 		ND_PRINTK2(KERN_WARNING
1348 			   "ICMPv6 Redirect: source address is not link-local.\n");
1349 		return;
1350 	}
1351 
1352 	optlen = skb->tail - skb->transport_header;
1353 	optlen -= sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1354 
1355 	if (optlen < 0) {
1356 		ND_PRINTK2(KERN_WARNING
1357 			   "ICMPv6 Redirect: packet too short\n");
1358 		return;
1359 	}
1360 
1361 	icmph = icmp6_hdr(skb);
1362 	target = (struct in6_addr *) (icmph + 1);
1363 	dest = target + 1;
1364 
1365 	if (ipv6_addr_is_multicast(dest)) {
1366 		ND_PRINTK2(KERN_WARNING
1367 			   "ICMPv6 Redirect: destination address is multicast.\n");
1368 		return;
1369 	}
1370 
1371 	if (ipv6_addr_equal(dest, target)) {
1372 		on_link = 1;
1373 	} else if (ipv6_addr_type(target) !=
1374 		   (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1375 		ND_PRINTK2(KERN_WARNING
1376 			   "ICMPv6 Redirect: target address is not link-local unicast.\n");
1377 		return;
1378 	}
1379 
1380 	in6_dev = in6_dev_get(skb->dev);
1381 	if (!in6_dev)
1382 		return;
1383 	if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) {
1384 		in6_dev_put(in6_dev);
1385 		return;
1386 	}
1387 
1388 	/* RFC2461 8.1:
1389 	 *	The IP source address of the Redirect MUST be the same as the current
1390 	 *	first-hop router for the specified ICMP Destination Address.
1391 	 */
1392 
1393 	if (!ndisc_parse_options((u8*)(dest + 1), optlen, &ndopts)) {
1394 		ND_PRINTK2(KERN_WARNING
1395 			   "ICMPv6 Redirect: invalid ND options\n");
1396 		in6_dev_put(in6_dev);
1397 		return;
1398 	}
1399 	if (ndopts.nd_opts_tgt_lladdr) {
1400 		lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
1401 					     skb->dev);
1402 		if (!lladdr) {
1403 			ND_PRINTK2(KERN_WARNING
1404 				   "ICMPv6 Redirect: invalid link-layer address length\n");
1405 			in6_dev_put(in6_dev);
1406 			return;
1407 		}
1408 	}
1409 
1410 	neigh = __neigh_lookup(&nd_tbl, target, skb->dev, 1);
1411 	if (neigh) {
1412 		rt6_redirect(dest, &ipv6_hdr(skb)->daddr,
1413 			     &ipv6_hdr(skb)->saddr, neigh, lladdr,
1414 			     on_link);
1415 		neigh_release(neigh);
1416 	}
1417 	in6_dev_put(in6_dev);
1418 }
1419 
1420 void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh,
1421 			 struct in6_addr *target)
1422 {
1423 	struct sock *sk = ndisc_socket->sk;
1424 	int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1425 	struct sk_buff *buff;
1426 	struct icmp6hdr *icmph;
1427 	struct in6_addr saddr_buf;
1428 	struct in6_addr *addrp;
1429 	struct net_device *dev;
1430 	struct rt6_info *rt;
1431 	struct dst_entry *dst;
1432 	struct inet6_dev *idev;
1433 	struct flowi fl;
1434 	u8 *opt;
1435 	int rd_len;
1436 	int err;
1437 	u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1438 
1439 	dev = skb->dev;
1440 
1441 	if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1442 		ND_PRINTK2(KERN_WARNING
1443 			   "ICMPv6 Redirect: no link-local address on %s\n",
1444 			   dev->name);
1445 		return;
1446 	}
1447 
1448 	if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1449 	    ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1450 		ND_PRINTK2(KERN_WARNING
1451 			"ICMPv6 Redirect: target address is not link-local unicast.\n");
1452 		return;
1453 	}
1454 
1455 	ndisc_flow_init(&fl, NDISC_REDIRECT, &saddr_buf, &ipv6_hdr(skb)->saddr,
1456 			dev->ifindex);
1457 
1458 	dst = ip6_route_output(NULL, &fl);
1459 	if (dst == NULL)
1460 		return;
1461 
1462 	err = xfrm_lookup(&dst, &fl, NULL, 0);
1463 	if (err)
1464 		return;
1465 
1466 	rt = (struct rt6_info *) dst;
1467 
1468 	if (rt->rt6i_flags & RTF_GATEWAY) {
1469 		ND_PRINTK2(KERN_WARNING
1470 			   "ICMPv6 Redirect: destination is not a neighbour.\n");
1471 		dst_release(dst);
1472 		return;
1473 	}
1474 	if (!xrlim_allow(dst, 1*HZ)) {
1475 		dst_release(dst);
1476 		return;
1477 	}
1478 
1479 	if (dev->addr_len) {
1480 		read_lock_bh(&neigh->lock);
1481 		if (neigh->nud_state & NUD_VALID) {
1482 			memcpy(ha_buf, neigh->ha, dev->addr_len);
1483 			read_unlock_bh(&neigh->lock);
1484 			ha = ha_buf;
1485 			len += ndisc_opt_addr_space(dev);
1486 		} else
1487 			read_unlock_bh(&neigh->lock);
1488 	}
1489 
1490 	rd_len = min_t(unsigned int,
1491 		     IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1492 	rd_len &= ~0x7;
1493 	len += rd_len;
1494 
1495 	buff = sock_alloc_send_skb(sk,
1496 				   (MAX_HEADER + sizeof(struct ipv6hdr) +
1497 				    len + LL_RESERVED_SPACE(dev)),
1498 				   1, &err);
1499 	if (buff == NULL) {
1500 		ND_PRINTK0(KERN_ERR
1501 			   "ICMPv6 Redirect: %s() failed to allocate an skb.\n",
1502 			   __FUNCTION__);
1503 		dst_release(dst);
1504 		return;
1505 	}
1506 
1507 
1508 	skb_reserve(buff, LL_RESERVED_SPACE(dev));
1509 	ip6_nd_hdr(sk, buff, dev, &saddr_buf, &ipv6_hdr(skb)->saddr,
1510 		   IPPROTO_ICMPV6, len);
1511 
1512 	skb_set_transport_header(buff, skb_tail_pointer(buff) - buff->data);
1513 	skb_put(buff, len);
1514 	icmph = icmp6_hdr(buff);
1515 
1516 	memset(icmph, 0, sizeof(struct icmp6hdr));
1517 	icmph->icmp6_type = NDISC_REDIRECT;
1518 
1519 	/*
1520 	 *	copy target and destination addresses
1521 	 */
1522 
1523 	addrp = (struct in6_addr *)(icmph + 1);
1524 	ipv6_addr_copy(addrp, target);
1525 	addrp++;
1526 	ipv6_addr_copy(addrp, &ipv6_hdr(skb)->daddr);
1527 
1528 	opt = (u8*) (addrp + 1);
1529 
1530 	/*
1531 	 *	include target_address option
1532 	 */
1533 
1534 	if (ha)
1535 		opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1536 					     dev->addr_len, dev->type);
1537 
1538 	/*
1539 	 *	build redirect option and copy skb over to the new packet.
1540 	 */
1541 
1542 	memset(opt, 0, 8);
1543 	*(opt++) = ND_OPT_REDIRECT_HDR;
1544 	*(opt++) = (rd_len >> 3);
1545 	opt += 6;
1546 
1547 	memcpy(opt, ipv6_hdr(skb), rd_len - 8);
1548 
1549 	icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &ipv6_hdr(skb)->saddr,
1550 					     len, IPPROTO_ICMPV6,
1551 					     csum_partial((u8 *) icmph, len, 0));
1552 
1553 	buff->dst = dst;
1554 	idev = in6_dev_get(dst->dev);
1555 	IP6_INC_STATS(idev, IPSTATS_MIB_OUTREQUESTS);
1556 	err = NF_HOOK(PF_INET6, NF_INET_LOCAL_OUT, buff, NULL, dst->dev,
1557 		      dst_output);
1558 	if (!err) {
1559 		ICMP6MSGOUT_INC_STATS(idev, NDISC_REDIRECT);
1560 		ICMP6_INC_STATS(idev, ICMP6_MIB_OUTMSGS);
1561 	}
1562 
1563 	if (likely(idev != NULL))
1564 		in6_dev_put(idev);
1565 }
1566 
1567 static void pndisc_redo(struct sk_buff *skb)
1568 {
1569 	ndisc_recv_ns(skb);
1570 	kfree_skb(skb);
1571 }
1572 
1573 int ndisc_rcv(struct sk_buff *skb)
1574 {
1575 	struct nd_msg *msg;
1576 
1577 	if (!pskb_may_pull(skb, skb->len))
1578 		return 0;
1579 
1580 	msg = (struct nd_msg *)skb_transport_header(skb);
1581 
1582 	__skb_push(skb, skb->data - skb_transport_header(skb));
1583 
1584 	if (ipv6_hdr(skb)->hop_limit != 255) {
1585 		ND_PRINTK2(KERN_WARNING
1586 			   "ICMPv6 NDISC: invalid hop-limit: %d\n",
1587 			   ipv6_hdr(skb)->hop_limit);
1588 		return 0;
1589 	}
1590 
1591 	if (msg->icmph.icmp6_code != 0) {
1592 		ND_PRINTK2(KERN_WARNING
1593 			   "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1594 			   msg->icmph.icmp6_code);
1595 		return 0;
1596 	}
1597 
1598 	memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1599 
1600 	switch (msg->icmph.icmp6_type) {
1601 	case NDISC_NEIGHBOUR_SOLICITATION:
1602 		ndisc_recv_ns(skb);
1603 		break;
1604 
1605 	case NDISC_NEIGHBOUR_ADVERTISEMENT:
1606 		ndisc_recv_na(skb);
1607 		break;
1608 
1609 	case NDISC_ROUTER_SOLICITATION:
1610 		ndisc_recv_rs(skb);
1611 		break;
1612 
1613 	case NDISC_ROUTER_ADVERTISEMENT:
1614 		ndisc_router_discovery(skb);
1615 		break;
1616 
1617 	case NDISC_REDIRECT:
1618 		ndisc_redirect_rcv(skb);
1619 		break;
1620 	}
1621 
1622 	return 0;
1623 }
1624 
1625 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1626 {
1627 	struct net_device *dev = ptr;
1628 
1629 	if (dev->nd_net != &init_net)
1630 		return NOTIFY_DONE;
1631 
1632 	switch (event) {
1633 	case NETDEV_CHANGEADDR:
1634 		neigh_changeaddr(&nd_tbl, dev);
1635 		fib6_run_gc(~0UL);
1636 		break;
1637 	case NETDEV_DOWN:
1638 		neigh_ifdown(&nd_tbl, dev);
1639 		fib6_run_gc(~0UL);
1640 		break;
1641 	default:
1642 		break;
1643 	}
1644 
1645 	return NOTIFY_DONE;
1646 }
1647 
1648 static struct notifier_block ndisc_netdev_notifier = {
1649 	.notifier_call = ndisc_netdev_event,
1650 };
1651 
1652 #ifdef CONFIG_SYSCTL
1653 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1654 					 const char *func, const char *dev_name)
1655 {
1656 	static char warncomm[TASK_COMM_LEN];
1657 	static int warned;
1658 	if (strcmp(warncomm, current->comm) && warned < 5) {
1659 		strcpy(warncomm, current->comm);
1660 		printk(KERN_WARNING
1661 			"process `%s' is using deprecated sysctl (%s) "
1662 			"net.ipv6.neigh.%s.%s; "
1663 			"Use net.ipv6.neigh.%s.%s_ms "
1664 			"instead.\n",
1665 			warncomm, func,
1666 			dev_name, ctl->procname,
1667 			dev_name, ctl->procname);
1668 		warned++;
1669 	}
1670 }
1671 
1672 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, struct file * filp, void __user *buffer, size_t *lenp, loff_t *ppos)
1673 {
1674 	struct net_device *dev = ctl->extra1;
1675 	struct inet6_dev *idev;
1676 	int ret;
1677 
1678 	if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1679 	    (strcmp(ctl->procname, "base_reachable_time") == 0))
1680 		ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1681 
1682 	if (strcmp(ctl->procname, "retrans_time") == 0)
1683 		ret = proc_dointvec(ctl, write, filp, buffer, lenp, ppos);
1684 
1685 	else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1686 		ret = proc_dointvec_jiffies(ctl, write,
1687 					    filp, buffer, lenp, ppos);
1688 
1689 	else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1690 		 (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1691 		ret = proc_dointvec_ms_jiffies(ctl, write,
1692 					       filp, buffer, lenp, ppos);
1693 	else
1694 		ret = -1;
1695 
1696 	if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1697 		if (ctl->data == &idev->nd_parms->base_reachable_time)
1698 			idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1699 		idev->tstamp = jiffies;
1700 		inet6_ifinfo_notify(RTM_NEWLINK, idev);
1701 		in6_dev_put(idev);
1702 	}
1703 	return ret;
1704 }
1705 
1706 static int ndisc_ifinfo_sysctl_strategy(ctl_table *ctl, int __user *name,
1707 					int nlen, void __user *oldval,
1708 					size_t __user *oldlenp,
1709 					void __user *newval, size_t newlen)
1710 {
1711 	struct net_device *dev = ctl->extra1;
1712 	struct inet6_dev *idev;
1713 	int ret;
1714 
1715 	if (ctl->ctl_name == NET_NEIGH_RETRANS_TIME ||
1716 	    ctl->ctl_name == NET_NEIGH_REACHABLE_TIME)
1717 		ndisc_warn_deprecated_sysctl(ctl, "procfs", dev ? dev->name : "default");
1718 
1719 	switch (ctl->ctl_name) {
1720 	case NET_NEIGH_REACHABLE_TIME:
1721 		ret = sysctl_jiffies(ctl, name, nlen,
1722 				     oldval, oldlenp, newval, newlen);
1723 		break;
1724 	case NET_NEIGH_RETRANS_TIME_MS:
1725 	case NET_NEIGH_REACHABLE_TIME_MS:
1726 		 ret = sysctl_ms_jiffies(ctl, name, nlen,
1727 					 oldval, oldlenp, newval, newlen);
1728 		 break;
1729 	default:
1730 		ret = 0;
1731 	}
1732 
1733 	if (newval && newlen && ret > 0 &&
1734 	    dev && (idev = in6_dev_get(dev)) != NULL) {
1735 		if (ctl->ctl_name == NET_NEIGH_REACHABLE_TIME ||
1736 		    ctl->ctl_name == NET_NEIGH_REACHABLE_TIME_MS)
1737 			idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1738 		idev->tstamp = jiffies;
1739 		inet6_ifinfo_notify(RTM_NEWLINK, idev);
1740 		in6_dev_put(idev);
1741 	}
1742 
1743 	return ret;
1744 }
1745 
1746 #endif
1747 
1748 int __init ndisc_init(struct net_proto_family *ops)
1749 {
1750 	struct ipv6_pinfo *np;
1751 	struct sock *sk;
1752 	int err;
1753 
1754 	err = sock_create_kern(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6, &ndisc_socket);
1755 	if (err < 0) {
1756 		ND_PRINTK0(KERN_ERR
1757 			   "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1758 			   err);
1759 		ndisc_socket = NULL; /* For safety. */
1760 		return err;
1761 	}
1762 
1763 	sk = ndisc_socket->sk;
1764 	np = inet6_sk(sk);
1765 	sk->sk_allocation = GFP_ATOMIC;
1766 	np->hop_limit = 255;
1767 	/* Do not loopback ndisc messages */
1768 	np->mc_loop = 0;
1769 	sk->sk_prot->unhash(sk);
1770 
1771 	/*
1772 	 * Initialize the neighbour table
1773 	 */
1774 
1775 	neigh_table_init(&nd_tbl);
1776 
1777 #ifdef CONFIG_SYSCTL
1778 	neigh_sysctl_register(NULL, &nd_tbl.parms, NET_IPV6, NET_IPV6_NEIGH,
1779 			      "ipv6",
1780 			      &ndisc_ifinfo_sysctl_change,
1781 			      &ndisc_ifinfo_sysctl_strategy);
1782 #endif
1783 
1784 	register_netdevice_notifier(&ndisc_netdev_notifier);
1785 	return 0;
1786 }
1787 
1788 void ndisc_cleanup(void)
1789 {
1790 	unregister_netdevice_notifier(&ndisc_netdev_notifier);
1791 #ifdef CONFIG_SYSCTL
1792 	neigh_sysctl_unregister(&nd_tbl.parms);
1793 #endif
1794 	neigh_table_clear(&nd_tbl);
1795 	sock_release(ndisc_socket);
1796 	ndisc_socket = NULL; /* For safety. */
1797 }
1798