1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * Internet Control Message Protocol (ICMPv6)
4 * Linux INET6 implementation
7 * Pedro Roque <roque@di.fc.ul.pt>
9 * Based on net/ipv4/icmp.c
17 * Andi Kleen : exception handling
18 * Andi Kleen add rate limits. never reply to a icmp.
19 * add more length checks and other fixes.
20 * yoshfuji : ensure to sent parameter problem for
22 * YOSHIFUJI Hideaki @USAGI: added sysctl for icmp rate limit.
24 * YOSHIFUJI Hideaki @USAGI: Per-interface statistics support
25 * Kazunori MIYAZAWA @USAGI: change output process to use ip6_append_data
28 #define pr_fmt(fmt) "IPv6: " fmt
30 #include <linux/module.h>
31 #include <linux/errno.h>
32 #include <linux/types.h>
33 #include <linux/socket.h>
35 #include <linux/kernel.h>
36 #include <linux/sockios.h>
37 #include <linux/net.h>
38 #include <linux/skbuff.h>
39 #include <linux/init.h>
40 #include <linux/netfilter.h>
41 #include <linux/slab.h>
44 #include <linux/sysctl.h>
47 #include <linux/inet.h>
48 #include <linux/netdevice.h>
49 #include <linux/icmpv6.h>
55 #include <net/ip6_checksum.h>
57 #include <net/protocol.h>
59 #include <net/rawv6.h>
61 #include <net/transp_v6.h>
62 #include <net/ip6_route.h>
63 #include <net/addrconf.h>
66 #include <net/inet_common.h>
67 #include <net/dsfield.h>
68 #include <net/l3mdev.h>
70 #include <linux/uaccess.h>
72 static DEFINE_PER_CPU(struct sock *, ipv6_icmp_sk);
74 static int icmpv6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
75 u8 type, u8 code, int offset, __be32 info)
77 /* icmpv6_notify checks 8 bytes can be pulled, icmp6hdr is 8 bytes */
78 struct icmp6hdr *icmp6 = (struct icmp6hdr *) (skb->data + offset);
79 struct net *net = dev_net(skb->dev);
81 if (type == ICMPV6_PKT_TOOBIG)
82 ip6_update_pmtu(skb, net, info, skb->dev->ifindex, 0, sock_net_uid(net, NULL));
83 else if (type == NDISC_REDIRECT)
84 ip6_redirect(skb, net, skb->dev->ifindex, 0,
85 sock_net_uid(net, NULL));
87 if (!(type & ICMPV6_INFOMSG_MASK))
88 if (icmp6->icmp6_type == ICMPV6_ECHO_REQUEST)
89 ping_err(skb, offset, ntohl(info));
94 static int icmpv6_rcv(struct sk_buff *skb);
96 static const struct inet6_protocol icmpv6_protocol = {
97 .handler = icmpv6_rcv,
98 .err_handler = icmpv6_err,
99 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
102 /* Called with BH disabled */
103 static struct sock *icmpv6_xmit_lock(struct net *net)
107 sk = this_cpu_read(ipv6_icmp_sk);
108 if (unlikely(!spin_trylock(&sk->sk_lock.slock))) {
109 /* This can happen if the output path (f.e. SIT or
110 * ip6ip6 tunnel) signals dst_link_failure() for an
111 * outgoing ICMP6 packet.
115 sock_net_set(sk, net);
119 static void icmpv6_xmit_unlock(struct sock *sk)
121 sock_net_set(sk, &init_net);
122 spin_unlock(&sk->sk_lock.slock);
126 * Figure out, may we reply to this packet with icmp error.
128 * We do not reply, if:
129 * - it was icmp error message.
130 * - it is truncated, so that it is known, that protocol is ICMPV6
131 * (i.e. in the middle of some exthdr)
136 static bool is_ineligible(const struct sk_buff *skb)
138 int ptr = (u8 *)(ipv6_hdr(skb) + 1) - skb->data;
139 int len = skb->len - ptr;
140 __u8 nexthdr = ipv6_hdr(skb)->nexthdr;
146 ptr = ipv6_skip_exthdr(skb, ptr, &nexthdr, &frag_off);
149 if (nexthdr == IPPROTO_ICMPV6) {
151 tp = skb_header_pointer(skb,
152 ptr+offsetof(struct icmp6hdr, icmp6_type),
153 sizeof(_type), &_type);
155 /* Based on RFC 8200, Section 4.5 Fragment Header, return
156 * false if this is a fragment packet with no icmp header info.
158 if (!tp && frag_off != 0)
160 else if (!tp || !(*tp & ICMPV6_INFOMSG_MASK))
166 static bool icmpv6_mask_allow(struct net *net, int type)
168 if (type > ICMPV6_MSG_MAX)
171 /* Limit if icmp type is set in ratemask. */
172 if (!test_bit(type, net->ipv6.sysctl.icmpv6_ratemask))
178 static bool icmpv6_global_allow(struct net *net, int type)
180 if (icmpv6_mask_allow(net, type))
183 if (icmp_global_allow())
186 __ICMP_INC_STATS(net, ICMP_MIB_RATELIMITGLOBAL);
191 * Check the ICMP output rate limit
193 static bool icmpv6_xrlim_allow(struct sock *sk, u8 type,
196 struct net *net = sock_net(sk);
197 struct dst_entry *dst;
200 if (icmpv6_mask_allow(net, type))
204 * Look up the output route.
205 * XXX: perhaps the expire for routing entries cloned by
206 * this lookup should be more aggressive (not longer than timeout).
208 dst = ip6_route_output(net, sk, fl6);
210 IP6_INC_STATS(net, ip6_dst_idev(dst),
211 IPSTATS_MIB_OUTNOROUTES);
212 } else if (dst->dev && (dst->dev->flags&IFF_LOOPBACK)) {
215 struct rt6_info *rt = (struct rt6_info *)dst;
216 int tmo = net->ipv6.sysctl.icmpv6_time;
217 struct inet_peer *peer;
219 /* Give more bandwidth to wider prefixes. */
220 if (rt->rt6i_dst.plen < 128)
221 tmo >>= ((128 - rt->rt6i_dst.plen)>>5);
223 peer = inet_getpeer_v6(net->ipv6.peers, &fl6->daddr, 1);
224 res = inet_peer_xrlim_allow(peer, tmo);
229 __ICMP6_INC_STATS(net, ip6_dst_idev(dst),
230 ICMP6_MIB_RATELIMITHOST);
235 static bool icmpv6_rt_has_prefsrc(struct sock *sk, u8 type,
238 struct net *net = sock_net(sk);
239 struct dst_entry *dst;
242 dst = ip6_route_output(net, sk, fl6);
244 struct rt6_info *rt = (struct rt6_info *)dst;
245 struct in6_addr prefsrc;
247 rt6_get_prefsrc(rt, &prefsrc);
248 res = !ipv6_addr_any(&prefsrc);
255 * an inline helper for the "simple" if statement below
256 * checks if parameter problem report is caused by an
257 * unrecognized IPv6 option that has the Option Type
258 * highest-order two bits set to 10
261 static bool opt_unrec(struct sk_buff *skb, __u32 offset)
265 offset += skb_network_offset(skb);
266 op = skb_header_pointer(skb, offset, sizeof(_optval), &_optval);
269 return (*op & 0xC0) == 0x80;
272 void icmpv6_push_pending_frames(struct sock *sk, struct flowi6 *fl6,
273 struct icmp6hdr *thdr, int len)
276 struct icmp6hdr *icmp6h;
278 skb = skb_peek(&sk->sk_write_queue);
282 icmp6h = icmp6_hdr(skb);
283 memcpy(icmp6h, thdr, sizeof(struct icmp6hdr));
284 icmp6h->icmp6_cksum = 0;
286 if (skb_queue_len(&sk->sk_write_queue) == 1) {
287 skb->csum = csum_partial(icmp6h,
288 sizeof(struct icmp6hdr), skb->csum);
289 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl6->saddr,
291 len, fl6->flowi6_proto,
296 skb_queue_walk(&sk->sk_write_queue, skb) {
297 tmp_csum = csum_add(tmp_csum, skb->csum);
300 tmp_csum = csum_partial(icmp6h,
301 sizeof(struct icmp6hdr), tmp_csum);
302 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl6->saddr,
304 len, fl6->flowi6_proto,
307 ip6_push_pending_frames(sk);
316 static int icmpv6_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb)
318 struct icmpv6_msg *msg = (struct icmpv6_msg *) from;
319 struct sk_buff *org_skb = msg->skb;
322 csum = skb_copy_and_csum_bits(org_skb, msg->offset + offset,
324 skb->csum = csum_block_add(skb->csum, csum, odd);
325 if (!(msg->type & ICMPV6_INFOMSG_MASK))
326 nf_ct_attach(skb, org_skb);
330 #if IS_ENABLED(CONFIG_IPV6_MIP6)
331 static void mip6_addr_swap(struct sk_buff *skb, const struct inet6_skb_parm *opt)
333 struct ipv6hdr *iph = ipv6_hdr(skb);
334 struct ipv6_destopt_hao *hao;
338 off = ipv6_find_tlv(skb, opt->dsthao, IPV6_TLV_HAO);
339 if (likely(off >= 0)) {
340 hao = (struct ipv6_destopt_hao *)
341 (skb_network_header(skb) + off);
342 swap(iph->saddr, hao->addr);
347 static inline void mip6_addr_swap(struct sk_buff *skb, const struct inet6_skb_parm *opt) {}
350 static struct dst_entry *icmpv6_route_lookup(struct net *net,
355 struct dst_entry *dst, *dst2;
359 err = ip6_dst_lookup(net, sk, &dst, fl6);
364 * We won't send icmp if the destination is known
365 * anycast unless we need to treat anycast as unicast.
367 if (!READ_ONCE(net->ipv6.sysctl.icmpv6_error_anycast_as_unicast) &&
368 ipv6_anycast_destination(dst, &fl6->daddr)) {
369 net_dbg_ratelimited("icmp6_send: acast source\n");
371 return ERR_PTR(-EINVAL);
374 /* No need to clone since we're just using its address. */
377 dst = xfrm_lookup(net, dst, flowi6_to_flowi(fl6), sk, 0);
382 if (PTR_ERR(dst) == -EPERM)
388 err = xfrm_decode_session_reverse(skb, flowi6_to_flowi(&fl2), AF_INET6);
390 goto relookup_failed;
392 err = ip6_dst_lookup(net, sk, &dst2, &fl2);
394 goto relookup_failed;
396 dst2 = xfrm_lookup(net, dst2, flowi6_to_flowi(&fl2), sk, XFRM_LOOKUP_ICMP);
406 goto relookup_failed;
415 static struct net_device *icmp6_dev(const struct sk_buff *skb)
417 struct net_device *dev = skb->dev;
419 /* for local traffic to local address, skb dev is the loopback
420 * device. Check if there is a dst attached to the skb and if so
421 * get the real device index. Same is needed for replies to a link
422 * local address on a device enslaved to an L3 master device
424 if (unlikely(dev->ifindex == LOOPBACK_IFINDEX || netif_is_l3_master(skb->dev))) {
425 const struct rt6_info *rt6 = skb_rt6_info(skb);
428 dev = rt6->rt6i_idev->dev;
434 static int icmp6_iif(const struct sk_buff *skb)
436 return icmp6_dev(skb)->ifindex;
440 * Send an ICMP message in response to a packet in error
442 void icmp6_send(struct sk_buff *skb, u8 type, u8 code, __u32 info,
443 const struct in6_addr *force_saddr,
444 const struct inet6_skb_parm *parm)
446 struct inet6_dev *idev = NULL;
447 struct ipv6hdr *hdr = ipv6_hdr(skb);
450 struct ipv6_pinfo *np;
451 const struct in6_addr *saddr = NULL;
452 struct dst_entry *dst;
453 struct icmp6hdr tmp_hdr;
455 struct icmpv6_msg msg;
456 struct ipcm6_cookie ipc6;
462 if ((u8 *)hdr < skb->head ||
463 (skb_network_header(skb) + sizeof(*hdr)) > skb_tail_pointer(skb))
468 net = dev_net(skb->dev);
469 mark = IP6_REPLY_MARK(net, skb->mark);
471 * Make sure we respect the rules
472 * i.e. RFC 1885 2.4(e)
473 * Rule (e.1) is enforced by not using icmp6_send
474 * in any code that processes icmp errors.
476 addr_type = ipv6_addr_type(&hdr->daddr);
478 if (ipv6_chk_addr(net, &hdr->daddr, skb->dev, 0) ||
479 ipv6_chk_acast_addr_src(net, skb->dev, &hdr->daddr))
486 if (addr_type & IPV6_ADDR_MULTICAST || skb->pkt_type != PACKET_HOST) {
487 if (type != ICMPV6_PKT_TOOBIG &&
488 !(type == ICMPV6_PARAMPROB &&
489 code == ICMPV6_UNK_OPTION &&
490 (opt_unrec(skb, info))))
496 addr_type = ipv6_addr_type(&hdr->saddr);
502 if (__ipv6_addr_needs_scope_id(addr_type)) {
503 iif = icmp6_iif(skb);
506 * The source device is used for looking up which routing table
507 * to use for sending an ICMP error.
509 iif = l3mdev_master_ifindex(skb->dev);
513 * Must not send error if the source does not uniquely
514 * identify a single node (RFC2463 Section 2.4).
515 * We check unspecified / multicast addresses here,
516 * and anycast addresses will be checked later.
518 if ((addr_type == IPV6_ADDR_ANY) || (addr_type & IPV6_ADDR_MULTICAST)) {
519 net_dbg_ratelimited("icmp6_send: addr_any/mcast source [%pI6c > %pI6c]\n",
520 &hdr->saddr, &hdr->daddr);
525 * Never answer to a ICMP packet.
527 if (is_ineligible(skb)) {
528 net_dbg_ratelimited("icmp6_send: no reply to icmp error [%pI6c > %pI6c]\n",
529 &hdr->saddr, &hdr->daddr);
533 /* Needed by both icmp_global_allow and icmpv6_xmit_lock */
536 /* Check global sysctl_icmp_msgs_per_sec ratelimit */
537 if (!(skb->dev->flags & IFF_LOOPBACK) && !icmpv6_global_allow(net, type))
540 mip6_addr_swap(skb, parm);
542 sk = icmpv6_xmit_lock(net);
546 memset(&fl6, 0, sizeof(fl6));
547 fl6.flowi6_proto = IPPROTO_ICMPV6;
548 fl6.daddr = hdr->saddr;
553 } else if (!icmpv6_rt_has_prefsrc(sk, type, &fl6)) {
554 /* select a more meaningful saddr from input if */
555 struct net_device *in_netdev;
557 in_netdev = dev_get_by_index(net, parm->iif);
559 ipv6_dev_get_saddr(net, in_netdev, &fl6.daddr,
560 inet6_sk(sk)->srcprefs,
565 fl6.flowi6_mark = mark;
566 fl6.flowi6_oif = iif;
567 fl6.fl6_icmp_type = type;
568 fl6.fl6_icmp_code = code;
569 fl6.flowi6_uid = sock_net_uid(net, NULL);
570 fl6.mp_hash = rt6_multipath_hash(net, &fl6, skb, NULL);
571 security_skb_classify_flow(skb, flowi6_to_flowi_common(&fl6));
575 if (!icmpv6_xrlim_allow(sk, type, &fl6))
578 tmp_hdr.icmp6_type = type;
579 tmp_hdr.icmp6_code = code;
580 tmp_hdr.icmp6_cksum = 0;
581 tmp_hdr.icmp6_pointer = htonl(info);
583 if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr))
584 fl6.flowi6_oif = np->mcast_oif;
585 else if (!fl6.flowi6_oif)
586 fl6.flowi6_oif = np->ucast_oif;
588 ipcm6_init_sk(&ipc6, np);
589 ipc6.sockc.mark = mark;
590 fl6.flowlabel = ip6_make_flowinfo(ipc6.tclass, fl6.flowlabel);
592 dst = icmpv6_route_lookup(net, skb, sk, &fl6);
596 ipc6.hlimit = ip6_sk_dst_hoplimit(np, &fl6, dst);
599 msg.offset = skb_network_offset(skb);
602 len = skb->len - msg.offset;
603 len = min_t(unsigned int, len, IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(struct icmp6hdr));
605 net_dbg_ratelimited("icmp: len problem [%pI6c > %pI6c]\n",
606 &hdr->saddr, &hdr->daddr);
607 goto out_dst_release;
611 idev = __in6_dev_get(skb->dev);
613 if (ip6_append_data(sk, icmpv6_getfrag, &msg,
614 len + sizeof(struct icmp6hdr),
615 sizeof(struct icmp6hdr),
616 &ipc6, &fl6, (struct rt6_info *)dst,
618 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTERRORS);
619 ip6_flush_pending_frames(sk);
621 icmpv6_push_pending_frames(sk, &fl6, &tmp_hdr,
622 len + sizeof(struct icmp6hdr));
628 icmpv6_xmit_unlock(sk);
632 EXPORT_SYMBOL(icmp6_send);
634 /* Slightly more convenient version of icmp6_send with drop reasons.
636 void icmpv6_param_prob_reason(struct sk_buff *skb, u8 code, int pos,
637 enum skb_drop_reason reason)
639 icmp6_send(skb, ICMPV6_PARAMPROB, code, pos, NULL, IP6CB(skb));
640 kfree_skb_reason(skb, reason);
643 /* Generate icmpv6 with type/code ICMPV6_DEST_UNREACH/ICMPV6_ADDR_UNREACH
644 * if sufficient data bytes are available
645 * @nhs is the size of the tunnel header(s) :
646 * Either an IPv4 header for SIT encap
647 * an IPv4 header + GRE header for GRE encap
649 int ip6_err_gen_icmpv6_unreach(struct sk_buff *skb, int nhs, int type,
650 unsigned int data_len)
652 struct in6_addr temp_saddr;
654 struct sk_buff *skb2;
657 if (!pskb_may_pull(skb, nhs + sizeof(struct ipv6hdr) + 8))
660 /* RFC 4884 (partial) support for ICMP extensions */
661 if (data_len < 128 || (data_len & 7) || skb->len < data_len)
664 skb2 = data_len ? skb_copy(skb, GFP_ATOMIC) : skb_clone(skb, GFP_ATOMIC);
671 skb_reset_network_header(skb2);
673 rt = rt6_lookup(dev_net(skb->dev), &ipv6_hdr(skb2)->saddr, NULL, 0,
676 if (rt && rt->dst.dev)
677 skb2->dev = rt->dst.dev;
679 ipv6_addr_set_v4mapped(ip_hdr(skb)->saddr, &temp_saddr);
682 /* RFC 4884 (partial) support :
683 * insert 0 padding at the end, before the extensions
685 __skb_push(skb2, nhs);
686 skb_reset_network_header(skb2);
687 memmove(skb2->data, skb2->data + nhs, data_len - nhs);
688 memset(skb2->data + data_len - nhs, 0, nhs);
689 /* RFC 4884 4.5 : Length is measured in 64-bit words,
690 * and stored in reserved[0]
692 info = (data_len/8) << 24;
694 if (type == ICMP_TIME_EXCEEDED)
695 icmp6_send(skb2, ICMPV6_TIME_EXCEED, ICMPV6_EXC_HOPLIMIT,
696 info, &temp_saddr, IP6CB(skb2));
698 icmp6_send(skb2, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH,
699 info, &temp_saddr, IP6CB(skb2));
707 EXPORT_SYMBOL(ip6_err_gen_icmpv6_unreach);
709 static enum skb_drop_reason icmpv6_echo_reply(struct sk_buff *skb)
711 struct net *net = dev_net(skb->dev);
713 struct inet6_dev *idev;
714 struct ipv6_pinfo *np;
715 const struct in6_addr *saddr = NULL;
716 struct icmp6hdr *icmph = icmp6_hdr(skb);
717 struct icmp6hdr tmp_hdr;
719 struct icmpv6_msg msg;
720 struct dst_entry *dst;
721 struct ipcm6_cookie ipc6;
722 u32 mark = IP6_REPLY_MARK(net, skb->mark);
727 if (ipv6_addr_is_multicast(&ipv6_hdr(skb)->daddr) &&
728 net->ipv6.sysctl.icmpv6_echo_ignore_multicast)
731 saddr = &ipv6_hdr(skb)->daddr;
733 acast = ipv6_anycast_destination(skb_dst(skb), saddr);
734 if (acast && net->ipv6.sysctl.icmpv6_echo_ignore_anycast)
737 if (!ipv6_unicast_destination(skb) &&
738 !(net->ipv6.sysctl.anycast_src_echo_reply && acast))
741 if (icmph->icmp6_type == ICMPV6_EXT_ECHO_REQUEST)
742 type = ICMPV6_EXT_ECHO_REPLY;
744 type = ICMPV6_ECHO_REPLY;
746 memcpy(&tmp_hdr, icmph, sizeof(tmp_hdr));
747 tmp_hdr.icmp6_type = type;
749 memset(&fl6, 0, sizeof(fl6));
750 if (net->ipv6.sysctl.flowlabel_reflect & FLOWLABEL_REFLECT_ICMPV6_ECHO_REPLIES)
751 fl6.flowlabel = ip6_flowlabel(ipv6_hdr(skb));
753 fl6.flowi6_proto = IPPROTO_ICMPV6;
754 fl6.daddr = ipv6_hdr(skb)->saddr;
757 fl6.flowi6_oif = icmp6_iif(skb);
758 fl6.fl6_icmp_type = type;
759 fl6.flowi6_mark = mark;
760 fl6.flowi6_uid = sock_net_uid(net, NULL);
761 security_skb_classify_flow(skb, flowi6_to_flowi_common(&fl6));
764 sk = icmpv6_xmit_lock(net);
769 if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr))
770 fl6.flowi6_oif = np->mcast_oif;
771 else if (!fl6.flowi6_oif)
772 fl6.flowi6_oif = np->ucast_oif;
774 if (ip6_dst_lookup(net, sk, &dst, &fl6))
776 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), sk, 0);
780 /* Check the ratelimit */
781 if ((!(skb->dev->flags & IFF_LOOPBACK) && !icmpv6_global_allow(net, ICMPV6_ECHO_REPLY)) ||
782 !icmpv6_xrlim_allow(sk, ICMPV6_ECHO_REPLY, &fl6))
783 goto out_dst_release;
785 idev = __in6_dev_get(skb->dev);
791 ipcm6_init_sk(&ipc6, np);
792 ipc6.hlimit = ip6_sk_dst_hoplimit(np, &fl6, dst);
793 ipc6.tclass = ipv6_get_dsfield(ipv6_hdr(skb));
794 ipc6.sockc.mark = mark;
796 if (icmph->icmp6_type == ICMPV6_EXT_ECHO_REQUEST)
797 if (!icmp_build_probe(skb, (struct icmphdr *)&tmp_hdr))
798 goto out_dst_release;
800 if (ip6_append_data(sk, icmpv6_getfrag, &msg,
801 skb->len + sizeof(struct icmp6hdr),
802 sizeof(struct icmp6hdr), &ipc6, &fl6,
803 (struct rt6_info *)dst, MSG_DONTWAIT)) {
804 __ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTERRORS);
805 ip6_flush_pending_frames(sk);
807 icmpv6_push_pending_frames(sk, &fl6, &tmp_hdr,
808 skb->len + sizeof(struct icmp6hdr));
809 reason = SKB_CONSUMED;
814 icmpv6_xmit_unlock(sk);
820 enum skb_drop_reason icmpv6_notify(struct sk_buff *skb, u8 type,
821 u8 code, __be32 info)
823 struct inet6_skb_parm *opt = IP6CB(skb);
824 struct net *net = dev_net(skb->dev);
825 const struct inet6_protocol *ipprot;
826 enum skb_drop_reason reason;
831 reason = pskb_may_pull_reason(skb, sizeof(struct ipv6hdr));
832 if (reason != SKB_NOT_DROPPED_YET)
835 seg6_icmp_srh(skb, opt);
837 nexthdr = ((struct ipv6hdr *)skb->data)->nexthdr;
838 if (ipv6_ext_hdr(nexthdr)) {
839 /* now skip over extension headers */
840 inner_offset = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr),
841 &nexthdr, &frag_off);
842 if (inner_offset < 0) {
843 SKB_DR_SET(reason, IPV6_BAD_EXTHDR);
847 inner_offset = sizeof(struct ipv6hdr);
850 /* Checkin header including 8 bytes of inner protocol header. */
851 reason = pskb_may_pull_reason(skb, inner_offset + 8);
852 if (reason != SKB_NOT_DROPPED_YET)
855 /* BUGGG_FUTURE: we should try to parse exthdrs in this packet.
856 Without this we will not able f.e. to make source routed
858 Corresponding argument (opt) to notifiers is already added.
862 ipprot = rcu_dereference(inet6_protos[nexthdr]);
863 if (ipprot && ipprot->err_handler)
864 ipprot->err_handler(skb, opt, type, code, inner_offset, info);
866 raw6_icmp_error(skb, nexthdr, type, code, inner_offset, info);
870 __ICMP6_INC_STATS(net, __in6_dev_get(skb->dev), ICMP6_MIB_INERRORS);
875 * Handle icmp messages
878 static int icmpv6_rcv(struct sk_buff *skb)
880 enum skb_drop_reason reason = SKB_DROP_REASON_NOT_SPECIFIED;
881 struct net *net = dev_net(skb->dev);
882 struct net_device *dev = icmp6_dev(skb);
883 struct inet6_dev *idev = __in6_dev_get(dev);
884 const struct in6_addr *saddr, *daddr;
885 struct icmp6hdr *hdr;
888 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
889 struct sec_path *sp = skb_sec_path(skb);
892 if (!(sp && sp->xvec[sp->len - 1]->props.flags &
894 reason = SKB_DROP_REASON_XFRM_POLICY;
898 if (!pskb_may_pull(skb, sizeof(*hdr) + sizeof(struct ipv6hdr)))
901 nh = skb_network_offset(skb);
902 skb_set_network_header(skb, sizeof(*hdr));
904 if (!xfrm6_policy_check_reverse(NULL, XFRM_POLICY_IN,
906 reason = SKB_DROP_REASON_XFRM_POLICY;
910 skb_set_network_header(skb, nh);
913 __ICMP6_INC_STATS(dev_net(dev), idev, ICMP6_MIB_INMSGS);
915 saddr = &ipv6_hdr(skb)->saddr;
916 daddr = &ipv6_hdr(skb)->daddr;
918 if (skb_checksum_validate(skb, IPPROTO_ICMPV6, ip6_compute_pseudo)) {
919 net_dbg_ratelimited("ICMPv6 checksum failed [%pI6c > %pI6c]\n",
924 if (!pskb_pull(skb, sizeof(*hdr)))
927 hdr = icmp6_hdr(skb);
929 type = hdr->icmp6_type;
931 ICMP6MSGIN_INC_STATS(dev_net(dev), idev, type);
934 case ICMPV6_ECHO_REQUEST:
935 if (!net->ipv6.sysctl.icmpv6_echo_ignore_all)
936 reason = icmpv6_echo_reply(skb);
938 case ICMPV6_EXT_ECHO_REQUEST:
939 if (!net->ipv6.sysctl.icmpv6_echo_ignore_all &&
940 READ_ONCE(net->ipv4.sysctl_icmp_echo_enable_probe))
941 reason = icmpv6_echo_reply(skb);
944 case ICMPV6_ECHO_REPLY:
945 reason = ping_rcv(skb);
948 case ICMPV6_EXT_ECHO_REPLY:
949 reason = ping_rcv(skb);
952 case ICMPV6_PKT_TOOBIG:
953 /* BUGGG_FUTURE: if packet contains rthdr, we cannot update
954 standard destination cache. Seems, only "advanced"
955 destination cache will allow to solve this problem
958 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
960 hdr = icmp6_hdr(skb);
964 case ICMPV6_DEST_UNREACH:
965 case ICMPV6_TIME_EXCEED:
966 case ICMPV6_PARAMPROB:
967 reason = icmpv6_notify(skb, type, hdr->icmp6_code,
971 case NDISC_ROUTER_SOLICITATION:
972 case NDISC_ROUTER_ADVERTISEMENT:
973 case NDISC_NEIGHBOUR_SOLICITATION:
974 case NDISC_NEIGHBOUR_ADVERTISEMENT:
976 reason = ndisc_rcv(skb);
979 case ICMPV6_MGM_QUERY:
980 igmp6_event_query(skb);
983 case ICMPV6_MGM_REPORT:
984 igmp6_event_report(skb);
987 case ICMPV6_MGM_REDUCTION:
988 case ICMPV6_NI_QUERY:
989 case ICMPV6_NI_REPLY:
990 case ICMPV6_MLD2_REPORT:
991 case ICMPV6_DHAAD_REQUEST:
992 case ICMPV6_DHAAD_REPLY:
993 case ICMPV6_MOBILE_PREFIX_SOL:
994 case ICMPV6_MOBILE_PREFIX_ADV:
999 if (type & ICMPV6_INFOMSG_MASK)
1002 net_dbg_ratelimited("icmpv6: msg of unknown type [%pI6c > %pI6c]\n",
1006 * error of unknown type.
1007 * must pass to upper level
1010 reason = icmpv6_notify(skb, type, hdr->icmp6_code,
1014 /* until the v6 path can be better sorted assume failure and
1015 * preserve the status quo behaviour for the rest of the paths to here
1018 kfree_skb_reason(skb, reason);
1025 reason = SKB_DROP_REASON_ICMP_CSUM;
1026 __ICMP6_INC_STATS(dev_net(dev), idev, ICMP6_MIB_CSUMERRORS);
1028 __ICMP6_INC_STATS(dev_net(dev), idev, ICMP6_MIB_INERRORS);
1030 kfree_skb_reason(skb, reason);
1034 void icmpv6_flow_init(struct sock *sk, struct flowi6 *fl6,
1036 const struct in6_addr *saddr,
1037 const struct in6_addr *daddr,
1040 memset(fl6, 0, sizeof(*fl6));
1041 fl6->saddr = *saddr;
1042 fl6->daddr = *daddr;
1043 fl6->flowi6_proto = IPPROTO_ICMPV6;
1044 fl6->fl6_icmp_type = type;
1045 fl6->fl6_icmp_code = 0;
1046 fl6->flowi6_oif = oif;
1047 security_sk_classify_flow(sk, flowi6_to_flowi_common(fl6));
1050 int __init icmpv6_init(void)
1055 for_each_possible_cpu(i) {
1056 err = inet_ctl_sock_create(&sk, PF_INET6,
1057 SOCK_RAW, IPPROTO_ICMPV6, &init_net);
1059 pr_err("Failed to initialize the ICMP6 control socket (err %d)\n",
1064 per_cpu(ipv6_icmp_sk, i) = sk;
1066 /* Enough space for 2 64K ICMP packets, including
1067 * sk_buff struct overhead.
1069 sk->sk_sndbuf = 2 * SKB_TRUESIZE(64 * 1024);
1073 if (inet6_add_protocol(&icmpv6_protocol, IPPROTO_ICMPV6) < 0)
1076 err = inet6_register_icmp_sender(icmp6_send);
1078 goto sender_reg_err;
1082 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6);
1084 pr_err("Failed to register ICMP6 protocol\n");
1088 void icmpv6_cleanup(void)
1090 inet6_unregister_icmp_sender(icmp6_send);
1091 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6);
1095 static const struct icmp6_err {
1103 { /* ADM_PROHIBITED */
1107 { /* Was NOT_NEIGHBOUR, now reserved */
1108 .err = EHOSTUNREACH,
1111 { /* ADDR_UNREACH */
1112 .err = EHOSTUNREACH,
1115 { /* PORT_UNREACH */
1116 .err = ECONNREFUSED,
1123 { /* REJECT_ROUTE */
1129 int icmpv6_err_convert(u8 type, u8 code, int *err)
1136 case ICMPV6_DEST_UNREACH:
1138 if (code < ARRAY_SIZE(tab_unreach)) {
1139 *err = tab_unreach[code].err;
1140 fatal = tab_unreach[code].fatal;
1144 case ICMPV6_PKT_TOOBIG:
1148 case ICMPV6_PARAMPROB:
1153 case ICMPV6_TIME_EXCEED:
1154 *err = EHOSTUNREACH;
1160 EXPORT_SYMBOL(icmpv6_err_convert);
1162 #ifdef CONFIG_SYSCTL
1163 static struct ctl_table ipv6_icmp_table_template[] = {
1165 .procname = "ratelimit",
1166 .data = &init_net.ipv6.sysctl.icmpv6_time,
1167 .maxlen = sizeof(int),
1169 .proc_handler = proc_dointvec_ms_jiffies,
1172 .procname = "echo_ignore_all",
1173 .data = &init_net.ipv6.sysctl.icmpv6_echo_ignore_all,
1174 .maxlen = sizeof(u8),
1176 .proc_handler = proc_dou8vec_minmax,
1179 .procname = "echo_ignore_multicast",
1180 .data = &init_net.ipv6.sysctl.icmpv6_echo_ignore_multicast,
1181 .maxlen = sizeof(u8),
1183 .proc_handler = proc_dou8vec_minmax,
1186 .procname = "echo_ignore_anycast",
1187 .data = &init_net.ipv6.sysctl.icmpv6_echo_ignore_anycast,
1188 .maxlen = sizeof(u8),
1190 .proc_handler = proc_dou8vec_minmax,
1193 .procname = "ratemask",
1194 .data = &init_net.ipv6.sysctl.icmpv6_ratemask_ptr,
1195 .maxlen = ICMPV6_MSG_MAX + 1,
1197 .proc_handler = proc_do_large_bitmap,
1200 .procname = "error_anycast_as_unicast",
1201 .data = &init_net.ipv6.sysctl.icmpv6_error_anycast_as_unicast,
1202 .maxlen = sizeof(u8),
1204 .proc_handler = proc_dou8vec_minmax,
1205 .extra1 = SYSCTL_ZERO,
1206 .extra2 = SYSCTL_ONE,
1211 struct ctl_table * __net_init ipv6_icmp_sysctl_init(struct net *net)
1213 struct ctl_table *table;
1215 table = kmemdup(ipv6_icmp_table_template,
1216 sizeof(ipv6_icmp_table_template),
1220 table[0].data = &net->ipv6.sysctl.icmpv6_time;
1221 table[1].data = &net->ipv6.sysctl.icmpv6_echo_ignore_all;
1222 table[2].data = &net->ipv6.sysctl.icmpv6_echo_ignore_multicast;
1223 table[3].data = &net->ipv6.sysctl.icmpv6_echo_ignore_anycast;
1224 table[4].data = &net->ipv6.sysctl.icmpv6_ratemask_ptr;
1225 table[5].data = &net->ipv6.sysctl.icmpv6_error_anycast_as_unicast;
projects / platform / kernel / linux-starfive.git / blob