1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * Internet Control Message Protocol (ICMPv6)
4 * Linux INET6 implementation
7 * Pedro Roque <roque@di.fc.ul.pt>
9 * Based on net/ipv4/icmp.c
17 * Andi Kleen : exception handling
18 * Andi Kleen add rate limits. never reply to a icmp.
19 * add more length checks and other fixes.
20 * yoshfuji : ensure to sent parameter problem for
22 * YOSHIFUJI Hideaki @USAGI: added sysctl for icmp rate limit.
24 * YOSHIFUJI Hideaki @USAGI: Per-interface statistics support
25 * Kazunori MIYAZAWA @USAGI: change output process to use ip6_append_data
28 #define pr_fmt(fmt) "IPv6: " fmt
30 #include <linux/module.h>
31 #include <linux/errno.h>
32 #include <linux/types.h>
33 #include <linux/socket.h>
35 #include <linux/kernel.h>
36 #include <linux/sockios.h>
37 #include <linux/net.h>
38 #include <linux/skbuff.h>
39 #include <linux/init.h>
40 #include <linux/netfilter.h>
41 #include <linux/slab.h>
44 #include <linux/sysctl.h>
47 #include <linux/inet.h>
48 #include <linux/netdevice.h>
49 #include <linux/icmpv6.h>
55 #include <net/ip6_checksum.h>
57 #include <net/protocol.h>
59 #include <net/rawv6.h>
61 #include <net/transp_v6.h>
62 #include <net/ip6_route.h>
63 #include <net/addrconf.h>
66 #include <net/inet_common.h>
67 #include <net/dsfield.h>
68 #include <net/l3mdev.h>
70 #include <linux/uaccess.h>
72 static DEFINE_PER_CPU(struct sock *, ipv6_icmp_sk);
74 static int icmpv6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
75 u8 type, u8 code, int offset, __be32 info)
77 /* icmpv6_notify checks 8 bytes can be pulled, icmp6hdr is 8 bytes */
78 struct icmp6hdr *icmp6 = (struct icmp6hdr *) (skb->data + offset);
79 struct net *net = dev_net(skb->dev);
81 if (type == ICMPV6_PKT_TOOBIG)
82 ip6_update_pmtu(skb, net, info, skb->dev->ifindex, 0, sock_net_uid(net, NULL));
83 else if (type == NDISC_REDIRECT)
84 ip6_redirect(skb, net, skb->dev->ifindex, 0,
85 sock_net_uid(net, NULL));
87 if (!(type & ICMPV6_INFOMSG_MASK))
88 if (icmp6->icmp6_type == ICMPV6_ECHO_REQUEST)
89 ping_err(skb, offset, ntohl(info));
94 static int icmpv6_rcv(struct sk_buff *skb);
96 static const struct inet6_protocol icmpv6_protocol = {
97 .handler = icmpv6_rcv,
98 .err_handler = icmpv6_err,
99 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
102 /* Called with BH disabled */
103 static struct sock *icmpv6_xmit_lock(struct net *net)
107 sk = this_cpu_read(ipv6_icmp_sk);
108 if (unlikely(!spin_trylock(&sk->sk_lock.slock))) {
109 /* This can happen if the output path (f.e. SIT or
110 * ip6ip6 tunnel) signals dst_link_failure() for an
111 * outgoing ICMP6 packet.
115 sock_net_set(sk, net);
119 static void icmpv6_xmit_unlock(struct sock *sk)
121 sock_net_set(sk, &init_net);
122 spin_unlock(&sk->sk_lock.slock);
126 * Figure out, may we reply to this packet with icmp error.
128 * We do not reply, if:
129 * - it was icmp error message.
130 * - it is truncated, so that it is known, that protocol is ICMPV6
131 * (i.e. in the middle of some exthdr)
136 static bool is_ineligible(const struct sk_buff *skb)
138 int ptr = (u8 *)(ipv6_hdr(skb) + 1) - skb->data;
139 int len = skb->len - ptr;
140 __u8 nexthdr = ipv6_hdr(skb)->nexthdr;
146 ptr = ipv6_skip_exthdr(skb, ptr, &nexthdr, &frag_off);
149 if (nexthdr == IPPROTO_ICMPV6) {
151 tp = skb_header_pointer(skb,
152 ptr+offsetof(struct icmp6hdr, icmp6_type),
153 sizeof(_type), &_type);
155 /* Based on RFC 8200, Section 4.5 Fragment Header, return
156 * false if this is a fragment packet with no icmp header info.
158 if (!tp && frag_off != 0)
160 else if (!tp || !(*tp & ICMPV6_INFOMSG_MASK))
166 static bool icmpv6_mask_allow(struct net *net, int type)
168 if (type > ICMPV6_MSG_MAX)
171 /* Limit if icmp type is set in ratemask. */
172 if (!test_bit(type, net->ipv6.sysctl.icmpv6_ratemask))
178 static bool icmpv6_global_allow(struct net *net, int type)
180 if (icmpv6_mask_allow(net, type))
183 if (icmp_global_allow())
186 __ICMP_INC_STATS(net, ICMP_MIB_RATELIMITGLOBAL);
191 * Check the ICMP output rate limit
193 static bool icmpv6_xrlim_allow(struct sock *sk, u8 type,
196 struct net *net = sock_net(sk);
197 struct dst_entry *dst;
200 if (icmpv6_mask_allow(net, type))
204 * Look up the output route.
205 * XXX: perhaps the expire for routing entries cloned by
206 * this lookup should be more aggressive (not longer than timeout).
208 dst = ip6_route_output(net, sk, fl6);
210 IP6_INC_STATS(net, ip6_dst_idev(dst),
211 IPSTATS_MIB_OUTNOROUTES);
212 } else if (dst->dev && (dst->dev->flags&IFF_LOOPBACK)) {
215 struct rt6_info *rt = (struct rt6_info *)dst;
216 int tmo = net->ipv6.sysctl.icmpv6_time;
217 struct inet_peer *peer;
219 /* Give more bandwidth to wider prefixes. */
220 if (rt->rt6i_dst.plen < 128)
221 tmo >>= ((128 - rt->rt6i_dst.plen)>>5);
223 peer = inet_getpeer_v6(net->ipv6.peers, &fl6->daddr, 1);
224 res = inet_peer_xrlim_allow(peer, tmo);
229 __ICMP6_INC_STATS(net, ip6_dst_idev(dst),
230 ICMP6_MIB_RATELIMITHOST);
235 static bool icmpv6_rt_has_prefsrc(struct sock *sk, u8 type,
238 struct net *net = sock_net(sk);
239 struct dst_entry *dst;
242 dst = ip6_route_output(net, sk, fl6);
244 struct rt6_info *rt = (struct rt6_info *)dst;
245 struct in6_addr prefsrc;
247 rt6_get_prefsrc(rt, &prefsrc);
248 res = !ipv6_addr_any(&prefsrc);
255 * an inline helper for the "simple" if statement below
256 * checks if parameter problem report is caused by an
257 * unrecognized IPv6 option that has the Option Type
258 * highest-order two bits set to 10
261 static bool opt_unrec(struct sk_buff *skb, __u32 offset)
265 offset += skb_network_offset(skb);
266 op = skb_header_pointer(skb, offset, sizeof(_optval), &_optval);
269 return (*op & 0xC0) == 0x80;
272 void icmpv6_push_pending_frames(struct sock *sk, struct flowi6 *fl6,
273 struct icmp6hdr *thdr, int len)
276 struct icmp6hdr *icmp6h;
278 skb = skb_peek(&sk->sk_write_queue);
282 icmp6h = icmp6_hdr(skb);
283 memcpy(icmp6h, thdr, sizeof(struct icmp6hdr));
284 icmp6h->icmp6_cksum = 0;
286 if (skb_queue_len(&sk->sk_write_queue) == 1) {
287 skb->csum = csum_partial(icmp6h,
288 sizeof(struct icmp6hdr), skb->csum);
289 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl6->saddr,
291 len, fl6->flowi6_proto,
296 skb_queue_walk(&sk->sk_write_queue, skb) {
297 tmp_csum = csum_add(tmp_csum, skb->csum);
300 tmp_csum = csum_partial(icmp6h,
301 sizeof(struct icmp6hdr), tmp_csum);
302 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl6->saddr,
304 len, fl6->flowi6_proto,
307 ip6_push_pending_frames(sk);
316 static int icmpv6_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb)
318 struct icmpv6_msg *msg = (struct icmpv6_msg *) from;
319 struct sk_buff *org_skb = msg->skb;
322 csum = skb_copy_and_csum_bits(org_skb, msg->offset + offset,
324 skb->csum = csum_block_add(skb->csum, csum, odd);
325 if (!(msg->type & ICMPV6_INFOMSG_MASK))
326 nf_ct_attach(skb, org_skb);
330 #if IS_ENABLED(CONFIG_IPV6_MIP6)
331 static void mip6_addr_swap(struct sk_buff *skb, const struct inet6_skb_parm *opt)
333 struct ipv6hdr *iph = ipv6_hdr(skb);
334 struct ipv6_destopt_hao *hao;
338 off = ipv6_find_tlv(skb, opt->dsthao, IPV6_TLV_HAO);
339 if (likely(off >= 0)) {
340 hao = (struct ipv6_destopt_hao *)
341 (skb_network_header(skb) + off);
342 swap(iph->saddr, hao->addr);
347 static inline void mip6_addr_swap(struct sk_buff *skb, const struct inet6_skb_parm *opt) {}
350 static struct dst_entry *icmpv6_route_lookup(struct net *net,
355 struct dst_entry *dst, *dst2;
359 err = ip6_dst_lookup(net, sk, &dst, fl6);
364 * We won't send icmp if the destination is known
365 * anycast unless we need to treat anycast as unicast.
367 if (!READ_ONCE(net->ipv6.sysctl.icmpv6_error_anycast_as_unicast) &&
368 ipv6_anycast_destination(dst, &fl6->daddr)) {
369 net_dbg_ratelimited("icmp6_send: acast source\n");
371 return ERR_PTR(-EINVAL);
374 /* No need to clone since we're just using its address. */
377 dst = xfrm_lookup(net, dst, flowi6_to_flowi(fl6), sk, 0);
382 if (PTR_ERR(dst) == -EPERM)
388 err = xfrm_decode_session_reverse(net, skb, flowi6_to_flowi(&fl2), AF_INET6);
390 goto relookup_failed;
392 err = ip6_dst_lookup(net, sk, &dst2, &fl2);
394 goto relookup_failed;
396 dst2 = xfrm_lookup(net, dst2, flowi6_to_flowi(&fl2), sk, XFRM_LOOKUP_ICMP);
406 goto relookup_failed;
415 static struct net_device *icmp6_dev(const struct sk_buff *skb)
417 struct net_device *dev = skb->dev;
419 /* for local traffic to local address, skb dev is the loopback
420 * device. Check if there is a dst attached to the skb and if so
421 * get the real device index. Same is needed for replies to a link
422 * local address on a device enslaved to an L3 master device
424 if (unlikely(dev->ifindex == LOOPBACK_IFINDEX || netif_is_l3_master(skb->dev))) {
425 const struct rt6_info *rt6 = skb_rt6_info(skb);
427 /* The destination could be an external IP in Ext Hdr (SRv6, RPL, etc.),
428 * and ip6_null_entry could be set to skb if no route is found.
430 if (rt6 && rt6->rt6i_idev)
431 dev = rt6->rt6i_idev->dev;
437 static int icmp6_iif(const struct sk_buff *skb)
439 return icmp6_dev(skb)->ifindex;
443 * Send an ICMP message in response to a packet in error
445 void icmp6_send(struct sk_buff *skb, u8 type, u8 code, __u32 info,
446 const struct in6_addr *force_saddr,
447 const struct inet6_skb_parm *parm)
449 struct inet6_dev *idev = NULL;
450 struct ipv6hdr *hdr = ipv6_hdr(skb);
453 struct ipv6_pinfo *np;
454 const struct in6_addr *saddr = NULL;
455 struct dst_entry *dst;
456 struct icmp6hdr tmp_hdr;
458 struct icmpv6_msg msg;
459 struct ipcm6_cookie ipc6;
465 if ((u8 *)hdr < skb->head ||
466 (skb_network_header(skb) + sizeof(*hdr)) > skb_tail_pointer(skb))
471 net = dev_net(skb->dev);
472 mark = IP6_REPLY_MARK(net, skb->mark);
474 * Make sure we respect the rules
475 * i.e. RFC 1885 2.4(e)
476 * Rule (e.1) is enforced by not using icmp6_send
477 * in any code that processes icmp errors.
479 addr_type = ipv6_addr_type(&hdr->daddr);
481 if (ipv6_chk_addr(net, &hdr->daddr, skb->dev, 0) ||
482 ipv6_chk_acast_addr_src(net, skb->dev, &hdr->daddr))
489 if (addr_type & IPV6_ADDR_MULTICAST || skb->pkt_type != PACKET_HOST) {
490 if (type != ICMPV6_PKT_TOOBIG &&
491 !(type == ICMPV6_PARAMPROB &&
492 code == ICMPV6_UNK_OPTION &&
493 (opt_unrec(skb, info))))
499 addr_type = ipv6_addr_type(&hdr->saddr);
505 if (__ipv6_addr_needs_scope_id(addr_type)) {
506 iif = icmp6_iif(skb);
509 * The source device is used for looking up which routing table
510 * to use for sending an ICMP error.
512 iif = l3mdev_master_ifindex(skb->dev);
516 * Must not send error if the source does not uniquely
517 * identify a single node (RFC2463 Section 2.4).
518 * We check unspecified / multicast addresses here,
519 * and anycast addresses will be checked later.
521 if ((addr_type == IPV6_ADDR_ANY) || (addr_type & IPV6_ADDR_MULTICAST)) {
522 net_dbg_ratelimited("icmp6_send: addr_any/mcast source [%pI6c > %pI6c]\n",
523 &hdr->saddr, &hdr->daddr);
528 * Never answer to a ICMP packet.
530 if (is_ineligible(skb)) {
531 net_dbg_ratelimited("icmp6_send: no reply to icmp error [%pI6c > %pI6c]\n",
532 &hdr->saddr, &hdr->daddr);
536 /* Needed by both icmp_global_allow and icmpv6_xmit_lock */
539 /* Check global sysctl_icmp_msgs_per_sec ratelimit */
540 if (!(skb->dev->flags & IFF_LOOPBACK) && !icmpv6_global_allow(net, type))
543 mip6_addr_swap(skb, parm);
545 sk = icmpv6_xmit_lock(net);
549 memset(&fl6, 0, sizeof(fl6));
550 fl6.flowi6_proto = IPPROTO_ICMPV6;
551 fl6.daddr = hdr->saddr;
556 } else if (!icmpv6_rt_has_prefsrc(sk, type, &fl6)) {
557 /* select a more meaningful saddr from input if */
558 struct net_device *in_netdev;
560 in_netdev = dev_get_by_index(net, parm->iif);
562 ipv6_dev_get_saddr(net, in_netdev, &fl6.daddr,
563 inet6_sk(sk)->srcprefs,
568 fl6.flowi6_mark = mark;
569 fl6.flowi6_oif = iif;
570 fl6.fl6_icmp_type = type;
571 fl6.fl6_icmp_code = code;
572 fl6.flowi6_uid = sock_net_uid(net, NULL);
573 fl6.mp_hash = rt6_multipath_hash(net, &fl6, skb, NULL);
574 security_skb_classify_flow(skb, flowi6_to_flowi_common(&fl6));
578 if (!icmpv6_xrlim_allow(sk, type, &fl6))
581 tmp_hdr.icmp6_type = type;
582 tmp_hdr.icmp6_code = code;
583 tmp_hdr.icmp6_cksum = 0;
584 tmp_hdr.icmp6_pointer = htonl(info);
586 if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr))
587 fl6.flowi6_oif = READ_ONCE(np->mcast_oif);
588 else if (!fl6.flowi6_oif)
589 fl6.flowi6_oif = READ_ONCE(np->ucast_oif);
591 ipcm6_init_sk(&ipc6, sk);
592 ipc6.sockc.mark = mark;
593 fl6.flowlabel = ip6_make_flowinfo(ipc6.tclass, fl6.flowlabel);
595 dst = icmpv6_route_lookup(net, skb, sk, &fl6);
599 ipc6.hlimit = ip6_sk_dst_hoplimit(np, &fl6, dst);
602 msg.offset = skb_network_offset(skb);
605 len = skb->len - msg.offset;
606 len = min_t(unsigned int, len, IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(struct icmp6hdr));
608 net_dbg_ratelimited("icmp: len problem [%pI6c > %pI6c]\n",
609 &hdr->saddr, &hdr->daddr);
610 goto out_dst_release;
614 idev = __in6_dev_get(skb->dev);
616 if (ip6_append_data(sk, icmpv6_getfrag, &msg,
617 len + sizeof(struct icmp6hdr),
618 sizeof(struct icmp6hdr),
619 &ipc6, &fl6, (struct rt6_info *)dst,
621 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTERRORS);
622 ip6_flush_pending_frames(sk);
624 icmpv6_push_pending_frames(sk, &fl6, &tmp_hdr,
625 len + sizeof(struct icmp6hdr));
631 icmpv6_xmit_unlock(sk);
635 EXPORT_SYMBOL(icmp6_send);
637 /* Slightly more convenient version of icmp6_send with drop reasons.
639 void icmpv6_param_prob_reason(struct sk_buff *skb, u8 code, int pos,
640 enum skb_drop_reason reason)
642 icmp6_send(skb, ICMPV6_PARAMPROB, code, pos, NULL, IP6CB(skb));
643 kfree_skb_reason(skb, reason);
646 /* Generate icmpv6 with type/code ICMPV6_DEST_UNREACH/ICMPV6_ADDR_UNREACH
647 * if sufficient data bytes are available
648 * @nhs is the size of the tunnel header(s) :
649 * Either an IPv4 header for SIT encap
650 * an IPv4 header + GRE header for GRE encap
652 int ip6_err_gen_icmpv6_unreach(struct sk_buff *skb, int nhs, int type,
653 unsigned int data_len)
655 struct in6_addr temp_saddr;
657 struct sk_buff *skb2;
660 if (!pskb_may_pull(skb, nhs + sizeof(struct ipv6hdr) + 8))
663 /* RFC 4884 (partial) support for ICMP extensions */
664 if (data_len < 128 || (data_len & 7) || skb->len < data_len)
667 skb2 = data_len ? skb_copy(skb, GFP_ATOMIC) : skb_clone(skb, GFP_ATOMIC);
674 skb_reset_network_header(skb2);
676 rt = rt6_lookup(dev_net(skb->dev), &ipv6_hdr(skb2)->saddr, NULL, 0,
679 if (rt && rt->dst.dev)
680 skb2->dev = rt->dst.dev;
682 ipv6_addr_set_v4mapped(ip_hdr(skb)->saddr, &temp_saddr);
685 /* RFC 4884 (partial) support :
686 * insert 0 padding at the end, before the extensions
688 __skb_push(skb2, nhs);
689 skb_reset_network_header(skb2);
690 memmove(skb2->data, skb2->data + nhs, data_len - nhs);
691 memset(skb2->data + data_len - nhs, 0, nhs);
692 /* RFC 4884 4.5 : Length is measured in 64-bit words,
693 * and stored in reserved[0]
695 info = (data_len/8) << 24;
697 if (type == ICMP_TIME_EXCEEDED)
698 icmp6_send(skb2, ICMPV6_TIME_EXCEED, ICMPV6_EXC_HOPLIMIT,
699 info, &temp_saddr, IP6CB(skb2));
701 icmp6_send(skb2, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH,
702 info, &temp_saddr, IP6CB(skb2));
710 EXPORT_SYMBOL(ip6_err_gen_icmpv6_unreach);
712 static enum skb_drop_reason icmpv6_echo_reply(struct sk_buff *skb)
714 struct net *net = dev_net(skb->dev);
716 struct inet6_dev *idev;
717 struct ipv6_pinfo *np;
718 const struct in6_addr *saddr = NULL;
719 struct icmp6hdr *icmph = icmp6_hdr(skb);
720 struct icmp6hdr tmp_hdr;
722 struct icmpv6_msg msg;
723 struct dst_entry *dst;
724 struct ipcm6_cookie ipc6;
725 u32 mark = IP6_REPLY_MARK(net, skb->mark);
730 if (ipv6_addr_is_multicast(&ipv6_hdr(skb)->daddr) &&
731 net->ipv6.sysctl.icmpv6_echo_ignore_multicast)
734 saddr = &ipv6_hdr(skb)->daddr;
736 acast = ipv6_anycast_destination(skb_dst(skb), saddr);
737 if (acast && net->ipv6.sysctl.icmpv6_echo_ignore_anycast)
740 if (!ipv6_unicast_destination(skb) &&
741 !(net->ipv6.sysctl.anycast_src_echo_reply && acast))
744 if (icmph->icmp6_type == ICMPV6_EXT_ECHO_REQUEST)
745 type = ICMPV6_EXT_ECHO_REPLY;
747 type = ICMPV6_ECHO_REPLY;
749 memcpy(&tmp_hdr, icmph, sizeof(tmp_hdr));
750 tmp_hdr.icmp6_type = type;
752 memset(&fl6, 0, sizeof(fl6));
753 if (net->ipv6.sysctl.flowlabel_reflect & FLOWLABEL_REFLECT_ICMPV6_ECHO_REPLIES)
754 fl6.flowlabel = ip6_flowlabel(ipv6_hdr(skb));
756 fl6.flowi6_proto = IPPROTO_ICMPV6;
757 fl6.daddr = ipv6_hdr(skb)->saddr;
760 fl6.flowi6_oif = icmp6_iif(skb);
761 fl6.fl6_icmp_type = type;
762 fl6.flowi6_mark = mark;
763 fl6.flowi6_uid = sock_net_uid(net, NULL);
764 security_skb_classify_flow(skb, flowi6_to_flowi_common(&fl6));
767 sk = icmpv6_xmit_lock(net);
772 if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr))
773 fl6.flowi6_oif = READ_ONCE(np->mcast_oif);
774 else if (!fl6.flowi6_oif)
775 fl6.flowi6_oif = READ_ONCE(np->ucast_oif);
777 if (ip6_dst_lookup(net, sk, &dst, &fl6))
779 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), sk, 0);
783 /* Check the ratelimit */
784 if ((!(skb->dev->flags & IFF_LOOPBACK) && !icmpv6_global_allow(net, ICMPV6_ECHO_REPLY)) ||
785 !icmpv6_xrlim_allow(sk, ICMPV6_ECHO_REPLY, &fl6))
786 goto out_dst_release;
788 idev = __in6_dev_get(skb->dev);
794 ipcm6_init_sk(&ipc6, sk);
795 ipc6.hlimit = ip6_sk_dst_hoplimit(np, &fl6, dst);
796 ipc6.tclass = ipv6_get_dsfield(ipv6_hdr(skb));
797 ipc6.sockc.mark = mark;
799 if (icmph->icmp6_type == ICMPV6_EXT_ECHO_REQUEST)
800 if (!icmp_build_probe(skb, (struct icmphdr *)&tmp_hdr))
801 goto out_dst_release;
803 if (ip6_append_data(sk, icmpv6_getfrag, &msg,
804 skb->len + sizeof(struct icmp6hdr),
805 sizeof(struct icmp6hdr), &ipc6, &fl6,
806 (struct rt6_info *)dst, MSG_DONTWAIT)) {
807 __ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTERRORS);
808 ip6_flush_pending_frames(sk);
810 icmpv6_push_pending_frames(sk, &fl6, &tmp_hdr,
811 skb->len + sizeof(struct icmp6hdr));
812 reason = SKB_CONSUMED;
817 icmpv6_xmit_unlock(sk);
823 enum skb_drop_reason icmpv6_notify(struct sk_buff *skb, u8 type,
824 u8 code, __be32 info)
826 struct inet6_skb_parm *opt = IP6CB(skb);
827 struct net *net = dev_net(skb->dev);
828 const struct inet6_protocol *ipprot;
829 enum skb_drop_reason reason;
834 reason = pskb_may_pull_reason(skb, sizeof(struct ipv6hdr));
835 if (reason != SKB_NOT_DROPPED_YET)
838 seg6_icmp_srh(skb, opt);
840 nexthdr = ((struct ipv6hdr *)skb->data)->nexthdr;
841 if (ipv6_ext_hdr(nexthdr)) {
842 /* now skip over extension headers */
843 inner_offset = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr),
844 &nexthdr, &frag_off);
845 if (inner_offset < 0) {
846 SKB_DR_SET(reason, IPV6_BAD_EXTHDR);
850 inner_offset = sizeof(struct ipv6hdr);
853 /* Checkin header including 8 bytes of inner protocol header. */
854 reason = pskb_may_pull_reason(skb, inner_offset + 8);
855 if (reason != SKB_NOT_DROPPED_YET)
858 /* BUGGG_FUTURE: we should try to parse exthdrs in this packet.
859 Without this we will not able f.e. to make source routed
861 Corresponding argument (opt) to notifiers is already added.
865 ipprot = rcu_dereference(inet6_protos[nexthdr]);
866 if (ipprot && ipprot->err_handler)
867 ipprot->err_handler(skb, opt, type, code, inner_offset, info);
869 raw6_icmp_error(skb, nexthdr, type, code, inner_offset, info);
873 __ICMP6_INC_STATS(net, __in6_dev_get(skb->dev), ICMP6_MIB_INERRORS);
878 * Handle icmp messages
881 static int icmpv6_rcv(struct sk_buff *skb)
883 enum skb_drop_reason reason = SKB_DROP_REASON_NOT_SPECIFIED;
884 struct net *net = dev_net(skb->dev);
885 struct net_device *dev = icmp6_dev(skb);
886 struct inet6_dev *idev = __in6_dev_get(dev);
887 const struct in6_addr *saddr, *daddr;
888 struct icmp6hdr *hdr;
891 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
892 struct sec_path *sp = skb_sec_path(skb);
895 if (!(sp && sp->xvec[sp->len - 1]->props.flags &
897 reason = SKB_DROP_REASON_XFRM_POLICY;
901 if (!pskb_may_pull(skb, sizeof(*hdr) + sizeof(struct ipv6hdr)))
904 nh = skb_network_offset(skb);
905 skb_set_network_header(skb, sizeof(*hdr));
907 if (!xfrm6_policy_check_reverse(NULL, XFRM_POLICY_IN,
909 reason = SKB_DROP_REASON_XFRM_POLICY;
913 skb_set_network_header(skb, nh);
916 __ICMP6_INC_STATS(dev_net(dev), idev, ICMP6_MIB_INMSGS);
918 saddr = &ipv6_hdr(skb)->saddr;
919 daddr = &ipv6_hdr(skb)->daddr;
921 if (skb_checksum_validate(skb, IPPROTO_ICMPV6, ip6_compute_pseudo)) {
922 net_dbg_ratelimited("ICMPv6 checksum failed [%pI6c > %pI6c]\n",
927 if (!pskb_pull(skb, sizeof(*hdr)))
930 hdr = icmp6_hdr(skb);
932 type = hdr->icmp6_type;
934 ICMP6MSGIN_INC_STATS(dev_net(dev), idev, type);
937 case ICMPV6_ECHO_REQUEST:
938 if (!net->ipv6.sysctl.icmpv6_echo_ignore_all)
939 reason = icmpv6_echo_reply(skb);
941 case ICMPV6_EXT_ECHO_REQUEST:
942 if (!net->ipv6.sysctl.icmpv6_echo_ignore_all &&
943 READ_ONCE(net->ipv4.sysctl_icmp_echo_enable_probe))
944 reason = icmpv6_echo_reply(skb);
947 case ICMPV6_ECHO_REPLY:
948 reason = ping_rcv(skb);
951 case ICMPV6_EXT_ECHO_REPLY:
952 reason = ping_rcv(skb);
955 case ICMPV6_PKT_TOOBIG:
956 /* BUGGG_FUTURE: if packet contains rthdr, we cannot update
957 standard destination cache. Seems, only "advanced"
958 destination cache will allow to solve this problem
961 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
963 hdr = icmp6_hdr(skb);
967 case ICMPV6_DEST_UNREACH:
968 case ICMPV6_TIME_EXCEED:
969 case ICMPV6_PARAMPROB:
970 reason = icmpv6_notify(skb, type, hdr->icmp6_code,
974 case NDISC_ROUTER_SOLICITATION:
975 case NDISC_ROUTER_ADVERTISEMENT:
976 case NDISC_NEIGHBOUR_SOLICITATION:
977 case NDISC_NEIGHBOUR_ADVERTISEMENT:
979 reason = ndisc_rcv(skb);
982 case ICMPV6_MGM_QUERY:
983 igmp6_event_query(skb);
986 case ICMPV6_MGM_REPORT:
987 igmp6_event_report(skb);
990 case ICMPV6_MGM_REDUCTION:
991 case ICMPV6_NI_QUERY:
992 case ICMPV6_NI_REPLY:
993 case ICMPV6_MLD2_REPORT:
994 case ICMPV6_DHAAD_REQUEST:
995 case ICMPV6_DHAAD_REPLY:
996 case ICMPV6_MOBILE_PREFIX_SOL:
997 case ICMPV6_MOBILE_PREFIX_ADV:
1002 if (type & ICMPV6_INFOMSG_MASK)
1005 net_dbg_ratelimited("icmpv6: msg of unknown type [%pI6c > %pI6c]\n",
1009 * error of unknown type.
1010 * must pass to upper level
1013 reason = icmpv6_notify(skb, type, hdr->icmp6_code,
1017 /* until the v6 path can be better sorted assume failure and
1018 * preserve the status quo behaviour for the rest of the paths to here
1021 kfree_skb_reason(skb, reason);
1028 reason = SKB_DROP_REASON_ICMP_CSUM;
1029 __ICMP6_INC_STATS(dev_net(dev), idev, ICMP6_MIB_CSUMERRORS);
1031 __ICMP6_INC_STATS(dev_net(dev), idev, ICMP6_MIB_INERRORS);
1033 kfree_skb_reason(skb, reason);
1037 void icmpv6_flow_init(const struct sock *sk, struct flowi6 *fl6, u8 type,
1038 const struct in6_addr *saddr,
1039 const struct in6_addr *daddr, int oif)
1041 memset(fl6, 0, sizeof(*fl6));
1042 fl6->saddr = *saddr;
1043 fl6->daddr = *daddr;
1044 fl6->flowi6_proto = IPPROTO_ICMPV6;
1045 fl6->fl6_icmp_type = type;
1046 fl6->fl6_icmp_code = 0;
1047 fl6->flowi6_oif = oif;
1048 security_sk_classify_flow(sk, flowi6_to_flowi_common(fl6));
1051 int __init icmpv6_init(void)
1056 for_each_possible_cpu(i) {
1057 err = inet_ctl_sock_create(&sk, PF_INET6,
1058 SOCK_RAW, IPPROTO_ICMPV6, &init_net);
1060 pr_err("Failed to initialize the ICMP6 control socket (err %d)\n",
1065 per_cpu(ipv6_icmp_sk, i) = sk;
1067 /* Enough space for 2 64K ICMP packets, including
1068 * sk_buff struct overhead.
1070 sk->sk_sndbuf = 2 * SKB_TRUESIZE(64 * 1024);
1074 if (inet6_add_protocol(&icmpv6_protocol, IPPROTO_ICMPV6) < 0)
1077 err = inet6_register_icmp_sender(icmp6_send);
1079 goto sender_reg_err;
1083 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6);
1085 pr_err("Failed to register ICMP6 protocol\n");
1089 void icmpv6_cleanup(void)
1091 inet6_unregister_icmp_sender(icmp6_send);
1092 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6);
1096 static const struct icmp6_err {
1104 { /* ADM_PROHIBITED */
1108 { /* Was NOT_NEIGHBOUR, now reserved */
1109 .err = EHOSTUNREACH,
1112 { /* ADDR_UNREACH */
1113 .err = EHOSTUNREACH,
1116 { /* PORT_UNREACH */
1117 .err = ECONNREFUSED,
1124 { /* REJECT_ROUTE */
1130 int icmpv6_err_convert(u8 type, u8 code, int *err)
1137 case ICMPV6_DEST_UNREACH:
1139 if (code < ARRAY_SIZE(tab_unreach)) {
1140 *err = tab_unreach[code].err;
1141 fatal = tab_unreach[code].fatal;
1145 case ICMPV6_PKT_TOOBIG:
1149 case ICMPV6_PARAMPROB:
1154 case ICMPV6_TIME_EXCEED:
1155 *err = EHOSTUNREACH;
1161 EXPORT_SYMBOL(icmpv6_err_convert);
1163 #ifdef CONFIG_SYSCTL
1164 static struct ctl_table ipv6_icmp_table_template[] = {
1166 .procname = "ratelimit",
1167 .data = &init_net.ipv6.sysctl.icmpv6_time,
1168 .maxlen = sizeof(int),
1170 .proc_handler = proc_dointvec_ms_jiffies,
1173 .procname = "echo_ignore_all",
1174 .data = &init_net.ipv6.sysctl.icmpv6_echo_ignore_all,
1175 .maxlen = sizeof(u8),
1177 .proc_handler = proc_dou8vec_minmax,
1180 .procname = "echo_ignore_multicast",
1181 .data = &init_net.ipv6.sysctl.icmpv6_echo_ignore_multicast,
1182 .maxlen = sizeof(u8),
1184 .proc_handler = proc_dou8vec_minmax,
1187 .procname = "echo_ignore_anycast",
1188 .data = &init_net.ipv6.sysctl.icmpv6_echo_ignore_anycast,
1189 .maxlen = sizeof(u8),
1191 .proc_handler = proc_dou8vec_minmax,
1194 .procname = "ratemask",
1195 .data = &init_net.ipv6.sysctl.icmpv6_ratemask_ptr,
1196 .maxlen = ICMPV6_MSG_MAX + 1,
1198 .proc_handler = proc_do_large_bitmap,
1201 .procname = "error_anycast_as_unicast",
1202 .data = &init_net.ipv6.sysctl.icmpv6_error_anycast_as_unicast,
1203 .maxlen = sizeof(u8),
1205 .proc_handler = proc_dou8vec_minmax,
1206 .extra1 = SYSCTL_ZERO,
1207 .extra2 = SYSCTL_ONE,
1212 struct ctl_table * __net_init ipv6_icmp_sysctl_init(struct net *net)
1214 struct ctl_table *table;
1216 table = kmemdup(ipv6_icmp_table_template,
1217 sizeof(ipv6_icmp_table_template),
1221 table[0].data = &net->ipv6.sysctl.icmpv6_time;
1222 table[1].data = &net->ipv6.sysctl.icmpv6_echo_ignore_all;
1223 table[2].data = &net->ipv6.sysctl.icmpv6_echo_ignore_multicast;
1224 table[3].data = &net->ipv6.sysctl.icmpv6_echo_ignore_anycast;
1225 table[4].data = &net->ipv6.sysctl.icmpv6_ratemask_ptr;
1226 table[5].data = &net->ipv6.sysctl.icmpv6_error_anycast_as_unicast;
1231 size_t ipv6_icmp_sysctl_table_size(void)
1233 return ARRAY_SIZE(ipv6_icmp_table_template);
projects / linux-2.6-microblaze.git / blob