^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) // SPDX-License-Identifier: GPL-2.0-or-later
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) * Internet Control Message Protocol (ICMPv6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) * Linux INET6 implementation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) * Authors:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) * Pedro Roque <roque@di.fc.ul.pt>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) * Based on net/ipv4/icmp.c
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) * RFC 1885
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) * Changes:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) * Andi Kleen : exception handling
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) * Andi Kleen add rate limits. never reply to a icmp.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) * add more length checks and other fixes.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) * yoshfuji : ensure to sent parameter problem for
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) * fragments.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) * YOSHIFUJI Hideaki @USAGI: added sysctl for icmp rate limit.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) * Randy Dunlap and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) * YOSHIFUJI Hideaki @USAGI: Per-interface statistics support
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) * Kazunori MIYAZAWA @USAGI: change output process to use ip6_append_data
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) #define pr_fmt(fmt) "IPv6: " fmt
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) #include <linux/module.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) #include <linux/errno.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) #include <linux/types.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) #include <linux/socket.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) #include <linux/in.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) #include <linux/kernel.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) #include <linux/sockios.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) #include <linux/net.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) #include <linux/skbuff.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) #include <linux/init.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) #include <linux/netfilter.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) #include <linux/slab.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) #ifdef CONFIG_SYSCTL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) #include <linux/sysctl.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) #include <linux/inet.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) #include <linux/netdevice.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) #include <linux/icmpv6.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) #include <net/ip.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) #include <net/sock.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) #include <net/ipv6.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) #include <net/ip6_checksum.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) #include <net/ping.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) #include <net/protocol.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) #include <net/raw.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) #include <net/rawv6.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) #include <net/transp_v6.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) #include <net/ip6_route.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) #include <net/addrconf.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) #include <net/icmp.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) #include <net/xfrm.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) #include <net/inet_common.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) #include <net/dsfield.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) #include <net/l3mdev.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) #include <linux/uaccess.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) * The ICMP socket(s). This is the most convenient way to flow control
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) * our ICMP output as well as maintain a clean interface throughout
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) * all layers. All Socketless IP sends will soon be gone.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) * On SMP we have one ICMP socket per-cpu.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) static struct sock *icmpv6_sk(struct net *net)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) return this_cpu_read(*net->ipv6.icmp_sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) static int icmpv6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) u8 type, u8 code, int offset, __be32 info)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) /* icmpv6_notify checks 8 bytes can be pulled, icmp6hdr is 8 bytes */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) struct icmp6hdr *icmp6 = (struct icmp6hdr *) (skb->data + offset);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) struct net *net = dev_net(skb->dev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) if (type == ICMPV6_PKT_TOOBIG)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91) ip6_update_pmtu(skb, net, info, skb->dev->ifindex, 0, sock_net_uid(net, NULL));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92) else if (type == NDISC_REDIRECT)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93) ip6_redirect(skb, net, skb->dev->ifindex, 0,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) sock_net_uid(net, NULL));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96) if (!(type & ICMPV6_INFOMSG_MASK))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97) if (icmp6->icmp6_type == ICMPV6_ECHO_REQUEST)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) ping_err(skb, offset, ntohl(info));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) static int icmpv6_rcv(struct sk_buff *skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) static const struct inet6_protocol icmpv6_protocol = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) .handler = icmpv6_rcv,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) .err_handler = icmpv6_err,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) /* Called with BH disabled */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) static __inline__ struct sock *icmpv6_xmit_lock(struct net *net)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) struct sock *sk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) sk = icmpv6_sk(net);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) if (unlikely(!spin_trylock(&sk->sk_lock.slock))) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) /* This can happen if the output path (f.e. SIT or
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) * ip6ip6 tunnel) signals dst_link_failure() for an
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) * outgoing ICMP6 packet.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) return NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) return sk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) static __inline__ void icmpv6_xmit_unlock(struct sock *sk)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) spin_unlock(&sk->sk_lock.slock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) * Figure out, may we reply to this packet with icmp error.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) * We do not reply, if:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) * - it was icmp error message.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) * - it is truncated, so that it is known, that protocol is ICMPV6
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) * (i.e. in the middle of some exthdr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) * --ANK (980726)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) static bool is_ineligible(const struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) int ptr = (u8 *)(ipv6_hdr(skb) + 1) - skb->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) int len = skb->len - ptr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) __u8 nexthdr = ipv6_hdr(skb)->nexthdr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) __be16 frag_off;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) if (len < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) ptr = ipv6_skip_exthdr(skb, ptr, &nexthdr, &frag_off);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) if (ptr < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) if (nexthdr == IPPROTO_ICMPV6) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) u8 _type, *tp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) tp = skb_header_pointer(skb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) ptr+offsetof(struct icmp6hdr, icmp6_type),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) sizeof(_type), &_type);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) /* Based on RFC 8200, Section 4.5 Fragment Header, return
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) * false if this is a fragment packet with no icmp header info.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) if (!tp && frag_off != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) else if (!tp || !(*tp & ICMPV6_INFOMSG_MASK))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) static bool icmpv6_mask_allow(struct net *net, int type)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) if (type > ICMPV6_MSG_MAX)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) /* Limit if icmp type is set in ratemask. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) if (!test_bit(type, net->ipv6.sysctl.icmpv6_ratemask))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) static bool icmpv6_global_allow(struct net *net, int type)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) if (icmpv6_mask_allow(net, type))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) if (icmp_global_allow())
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) * Check the ICMP output rate limit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199) static bool icmpv6_xrlim_allow(struct sock *sk, u8 type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) struct flowi6 *fl6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202) struct net *net = sock_net(sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203) struct dst_entry *dst;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) bool res = false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) if (icmpv6_mask_allow(net, type))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210) * Look up the output route.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211) * XXX: perhaps the expire for routing entries cloned by
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) * this lookup should be more aggressive (not longer than timeout).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214) dst = ip6_route_output(net, sk, fl6);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) if (dst->error) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) IP6_INC_STATS(net, ip6_dst_idev(dst),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) IPSTATS_MIB_OUTNOROUTES);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218) } else if (dst->dev && (dst->dev->flags&IFF_LOOPBACK)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) res = true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) struct rt6_info *rt = (struct rt6_info *)dst;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222) int tmo = net->ipv6.sysctl.icmpv6_time;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) struct inet_peer *peer;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) /* Give more bandwidth to wider prefixes. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) if (rt->rt6i_dst.plen < 128)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227) tmo >>= ((128 - rt->rt6i_dst.plen)>>5);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229) peer = inet_getpeer_v6(net->ipv6.peers, &fl6->daddr, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230) res = inet_peer_xrlim_allow(peer, tmo);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231) if (peer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232) inet_putpeer(peer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234) dst_release(dst);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) return res;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238) static bool icmpv6_rt_has_prefsrc(struct sock *sk, u8 type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239) struct flowi6 *fl6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) struct net *net = sock_net(sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242) struct dst_entry *dst;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243) bool res = false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 244)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 245) dst = ip6_route_output(net, sk, fl6);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 246) if (!dst->error) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 247) struct rt6_info *rt = (struct rt6_info *)dst;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 248) struct in6_addr prefsrc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 249)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 250) rt6_get_prefsrc(rt, &prefsrc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 251) res = !ipv6_addr_any(&prefsrc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 252) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 253) dst_release(dst);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 254) return res;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 255) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 256)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 257) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 258) * an inline helper for the "simple" if statement below
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 259) * checks if parameter problem report is caused by an
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 260) * unrecognized IPv6 option that has the Option Type
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 261) * highest-order two bits set to 10
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 262) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 263)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 264) static bool opt_unrec(struct sk_buff *skb, __u32 offset)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 265) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 266) u8 _optval, *op;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 267)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 268) offset += skb_network_offset(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 269) op = skb_header_pointer(skb, offset, sizeof(_optval), &_optval);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 270) if (!op)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 271) return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 272) return (*op & 0xC0) == 0x80;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 273) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 274)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 275) void icmpv6_push_pending_frames(struct sock *sk, struct flowi6 *fl6,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 276) struct icmp6hdr *thdr, int len)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 277) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 278) struct sk_buff *skb;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 279) struct icmp6hdr *icmp6h;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 280)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 281) skb = skb_peek(&sk->sk_write_queue);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 282) if (!skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 283) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 284)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 285) icmp6h = icmp6_hdr(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 286) memcpy(icmp6h, thdr, sizeof(struct icmp6hdr));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 287) icmp6h->icmp6_cksum = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 288)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 289) if (skb_queue_len(&sk->sk_write_queue) == 1) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 290) skb->csum = csum_partial(icmp6h,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 291) sizeof(struct icmp6hdr), skb->csum);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 292) icmp6h->icmp6_cksum = csum_ipv6_magic(&fl6->saddr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 293) &fl6->daddr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 294) len, fl6->flowi6_proto,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 295) skb->csum);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 296) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 297) __wsum tmp_csum = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 298)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 299) skb_queue_walk(&sk->sk_write_queue, skb) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 300) tmp_csum = csum_add(tmp_csum, skb->csum);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 301) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 302)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 303) tmp_csum = csum_partial(icmp6h,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 304) sizeof(struct icmp6hdr), tmp_csum);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 305) icmp6h->icmp6_cksum = csum_ipv6_magic(&fl6->saddr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 306) &fl6->daddr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 307) len, fl6->flowi6_proto,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 308) tmp_csum);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 309) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 310) ip6_push_pending_frames(sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 311) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 312)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 313) struct icmpv6_msg {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 314) struct sk_buff *skb;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 315) int offset;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 316) uint8_t type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 317) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 318)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 319) static int icmpv6_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 320) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 321) struct icmpv6_msg *msg = (struct icmpv6_msg *) from;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 322) struct sk_buff *org_skb = msg->skb;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 323) __wsum csum;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 324)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 325) csum = skb_copy_and_csum_bits(org_skb, msg->offset + offset,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 326) to, len);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 327) skb->csum = csum_block_add(skb->csum, csum, odd);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 328) if (!(msg->type & ICMPV6_INFOMSG_MASK))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 329) nf_ct_attach(skb, org_skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 330) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 331) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 332)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 333) #if IS_ENABLED(CONFIG_IPV6_MIP6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 334) static void mip6_addr_swap(struct sk_buff *skb, const struct inet6_skb_parm *opt)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 335) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 336) struct ipv6hdr *iph = ipv6_hdr(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 337) struct ipv6_destopt_hao *hao;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 338) struct in6_addr tmp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 339) int off;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 340)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 341) if (opt->dsthao) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 342) off = ipv6_find_tlv(skb, opt->dsthao, IPV6_TLV_HAO);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 343) if (likely(off >= 0)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 344) hao = (struct ipv6_destopt_hao *)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 345) (skb_network_header(skb) + off);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 346) tmp = iph->saddr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 347) iph->saddr = hao->addr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 348) hao->addr = tmp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 349) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 350) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 351) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 352) #else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 353) static inline void mip6_addr_swap(struct sk_buff *skb, const struct inet6_skb_parm *opt) {}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 354) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 355)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 356) static struct dst_entry *icmpv6_route_lookup(struct net *net,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 357) struct sk_buff *skb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 358) struct sock *sk,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 359) struct flowi6 *fl6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 360) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 361) struct dst_entry *dst, *dst2;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 362) struct flowi6 fl2;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 363) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 364)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 365) err = ip6_dst_lookup(net, sk, &dst, fl6);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 366) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 367) return ERR_PTR(err);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 368)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 369) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 370) * We won't send icmp if the destination is known
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 371) * anycast.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 372) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 373) if (ipv6_anycast_destination(dst, &fl6->daddr)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 374) net_dbg_ratelimited("icmp6_send: acast source\n");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 375) dst_release(dst);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 376) return ERR_PTR(-EINVAL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 377) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 378)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 379) /* No need to clone since we're just using its address. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 380) dst2 = dst;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 381)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 382) dst = xfrm_lookup(net, dst, flowi6_to_flowi(fl6), sk, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 383) if (!IS_ERR(dst)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 384) if (dst != dst2)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 385) return dst;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 386) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 387) if (PTR_ERR(dst) == -EPERM)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 388) dst = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 389) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 390) return dst;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 391) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 392)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 393) err = xfrm_decode_session_reverse(skb, flowi6_to_flowi(&fl2), AF_INET6);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 394) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 395) goto relookup_failed;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 396)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 397) err = ip6_dst_lookup(net, sk, &dst2, &fl2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 398) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 399) goto relookup_failed;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 400)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 401) dst2 = xfrm_lookup(net, dst2, flowi6_to_flowi(&fl2), sk, XFRM_LOOKUP_ICMP);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 402) if (!IS_ERR(dst2)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 403) dst_release(dst);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 404) dst = dst2;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 405) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 406) err = PTR_ERR(dst2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 407) if (err == -EPERM) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 408) dst_release(dst);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 409) return dst2;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 410) } else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 411) goto relookup_failed;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 412) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 413)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 414) relookup_failed:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 415) if (dst)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 416) return dst;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 417) return ERR_PTR(err);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 418) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 419)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 420) static struct net_device *icmp6_dev(const struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 421) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 422) struct net_device *dev = skb->dev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 423)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 424) /* for local traffic to local address, skb dev is the loopback
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 425) * device. Check if there is a dst attached to the skb and if so
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 426) * get the real device index. Same is needed for replies to a link
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 427) * local address on a device enslaved to an L3 master device
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 428) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 429) if (unlikely(dev->ifindex == LOOPBACK_IFINDEX || netif_is_l3_master(skb->dev))) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 430) const struct rt6_info *rt6 = skb_rt6_info(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 431)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 432) if (rt6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 433) dev = rt6->rt6i_idev->dev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 434) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 435)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 436) return dev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 437) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 438)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 439) static int icmp6_iif(const struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 440) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 441) return icmp6_dev(skb)->ifindex;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 442) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 443)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 444) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 445) * Send an ICMP message in response to a packet in error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 446) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 447) void icmp6_send(struct sk_buff *skb, u8 type, u8 code, __u32 info,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 448) const struct in6_addr *force_saddr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 449) const struct inet6_skb_parm *parm)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 450) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 451) struct inet6_dev *idev = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 452) struct ipv6hdr *hdr = ipv6_hdr(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 453) struct sock *sk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 454) struct net *net;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 455) struct ipv6_pinfo *np;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 456) const struct in6_addr *saddr = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 457) struct dst_entry *dst;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 458) struct icmp6hdr tmp_hdr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 459) struct flowi6 fl6;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 460) struct icmpv6_msg msg;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 461) struct ipcm6_cookie ipc6;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 462) int iif = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 463) int addr_type = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 464) int len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 465) u32 mark;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 466)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 467) if ((u8 *)hdr < skb->head ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 468) (skb_network_header(skb) + sizeof(*hdr)) > skb_tail_pointer(skb))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 469) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 470)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 471) if (!skb->dev)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 472) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 473) net = dev_net(skb->dev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 474) mark = IP6_REPLY_MARK(net, skb->mark);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 475) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 476) * Make sure we respect the rules
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 477) * i.e. RFC 1885 2.4(e)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 478) * Rule (e.1) is enforced by not using icmp6_send
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 479) * in any code that processes icmp errors.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 480) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 481) addr_type = ipv6_addr_type(&hdr->daddr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 482)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 483) if (ipv6_chk_addr(net, &hdr->daddr, skb->dev, 0) ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 484) ipv6_chk_acast_addr_src(net, skb->dev, &hdr->daddr))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 485) saddr = &hdr->daddr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 486)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 487) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 488) * Dest addr check
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 489) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 490)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 491) if (addr_type & IPV6_ADDR_MULTICAST || skb->pkt_type != PACKET_HOST) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 492) if (type != ICMPV6_PKT_TOOBIG &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 493) !(type == ICMPV6_PARAMPROB &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 494) code == ICMPV6_UNK_OPTION &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 495) (opt_unrec(skb, info))))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 496) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 497)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 498) saddr = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 499) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 500)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 501) addr_type = ipv6_addr_type(&hdr->saddr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 502)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 503) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 504) * Source addr check
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 505) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 506)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 507) if (__ipv6_addr_needs_scope_id(addr_type)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 508) iif = icmp6_iif(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 509) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 510) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 511) * The source device is used for looking up which routing table
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 512) * to use for sending an ICMP error.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 513) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 514) iif = l3mdev_master_ifindex(skb->dev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 515) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 516)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 517) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 518) * Must not send error if the source does not uniquely
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 519) * identify a single node (RFC2463 Section 2.4).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 520) * We check unspecified / multicast addresses here,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 521) * and anycast addresses will be checked later.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 522) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 523) if ((addr_type == IPV6_ADDR_ANY) || (addr_type & IPV6_ADDR_MULTICAST)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 524) net_dbg_ratelimited("icmp6_send: addr_any/mcast source [%pI6c > %pI6c]\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 525) &hdr->saddr, &hdr->daddr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 526) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 527) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 528)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 529) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 530) * Never answer to a ICMP packet.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 531) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 532) if (is_ineligible(skb)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 533) net_dbg_ratelimited("icmp6_send: no reply to icmp error [%pI6c > %pI6c]\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 534) &hdr->saddr, &hdr->daddr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 535) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 536) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 537)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 538) /* Needed by both icmp_global_allow and icmpv6_xmit_lock */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 539) local_bh_disable();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 540)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 541) /* Check global sysctl_icmp_msgs_per_sec ratelimit */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 542) if (!(skb->dev->flags & IFF_LOOPBACK) && !icmpv6_global_allow(net, type))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 543) goto out_bh_enable;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 544)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 545) mip6_addr_swap(skb, parm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 546)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 547) sk = icmpv6_xmit_lock(net);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 548) if (!sk)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 549) goto out_bh_enable;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 550)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 551) memset(&fl6, 0, sizeof(fl6));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 552) fl6.flowi6_proto = IPPROTO_ICMPV6;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 553) fl6.daddr = hdr->saddr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 554) if (force_saddr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 555) saddr = force_saddr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 556) if (saddr) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 557) fl6.saddr = *saddr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 558) } else if (!icmpv6_rt_has_prefsrc(sk, type, &fl6)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 559) /* select a more meaningful saddr from input if */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 560) struct net_device *in_netdev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 561)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 562) in_netdev = dev_get_by_index(net, parm->iif);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 563) if (in_netdev) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 564) ipv6_dev_get_saddr(net, in_netdev, &fl6.daddr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 565) inet6_sk(sk)->srcprefs,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 566) &fl6.saddr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 567) dev_put(in_netdev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 568) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 569) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 570) fl6.flowi6_mark = mark;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 571) fl6.flowi6_oif = iif;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 572) fl6.fl6_icmp_type = type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 573) fl6.fl6_icmp_code = code;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 574) fl6.flowi6_uid = sock_net_uid(net, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 575) fl6.mp_hash = rt6_multipath_hash(net, &fl6, skb, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 576) security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 577)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 578) np = inet6_sk(sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 579)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 580) if (!icmpv6_xrlim_allow(sk, type, &fl6))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 581) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 582)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 583) tmp_hdr.icmp6_type = type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 584) tmp_hdr.icmp6_code = code;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 585) tmp_hdr.icmp6_cksum = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 586) tmp_hdr.icmp6_pointer = htonl(info);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 587)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 588) if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 589) fl6.flowi6_oif = np->mcast_oif;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 590) else if (!fl6.flowi6_oif)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 591) fl6.flowi6_oif = np->ucast_oif;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 592)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 593) ipcm6_init_sk(&ipc6, np);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 594) ipc6.sockc.mark = mark;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 595) fl6.flowlabel = ip6_make_flowinfo(ipc6.tclass, fl6.flowlabel);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 596)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 597) dst = icmpv6_route_lookup(net, skb, sk, &fl6);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 598) if (IS_ERR(dst))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 599) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 600)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 601) ipc6.hlimit = ip6_sk_dst_hoplimit(np, &fl6, dst);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 602)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 603) msg.skb = skb;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 604) msg.offset = skb_network_offset(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 605) msg.type = type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 606)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 607) len = skb->len - msg.offset;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 608) len = min_t(unsigned int, len, IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(struct icmp6hdr));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 609) if (len < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 610) net_dbg_ratelimited("icmp: len problem [%pI6c > %pI6c]\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 611) &hdr->saddr, &hdr->daddr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 612) goto out_dst_release;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 613) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 614)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 615) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 616) idev = __in6_dev_get(skb->dev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 617)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 618) if (ip6_append_data(sk, icmpv6_getfrag, &msg,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 619) len + sizeof(struct icmp6hdr),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 620) sizeof(struct icmp6hdr),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 621) &ipc6, &fl6, (struct rt6_info *)dst,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 622) MSG_DONTWAIT)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 623) ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTERRORS);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 624) ip6_flush_pending_frames(sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 625) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 626) icmpv6_push_pending_frames(sk, &fl6, &tmp_hdr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 627) len + sizeof(struct icmp6hdr));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 628) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 629) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 630) out_dst_release:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 631) dst_release(dst);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 632) out:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 633) icmpv6_xmit_unlock(sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 634) out_bh_enable:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 635) local_bh_enable();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 636) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 637) EXPORT_SYMBOL(icmp6_send);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 638)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 639) /* Slightly more convenient version of icmp6_send.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 640) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 641) void icmpv6_param_prob(struct sk_buff *skb, u8 code, int pos)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 642) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 643) icmp6_send(skb, ICMPV6_PARAMPROB, code, pos, NULL, IP6CB(skb));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 644) kfree_skb(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 645) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 646)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 647) /* Generate icmpv6 with type/code ICMPV6_DEST_UNREACH/ICMPV6_ADDR_UNREACH
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 648) * if sufficient data bytes are available
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 649) * @nhs is the size of the tunnel header(s) :
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 650) * Either an IPv4 header for SIT encap
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 651) * an IPv4 header + GRE header for GRE encap
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 652) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 653) int ip6_err_gen_icmpv6_unreach(struct sk_buff *skb, int nhs, int type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 654) unsigned int data_len)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 655) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 656) struct in6_addr temp_saddr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 657) struct rt6_info *rt;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 658) struct sk_buff *skb2;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 659) u32 info = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 660)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 661) if (!pskb_may_pull(skb, nhs + sizeof(struct ipv6hdr) + 8))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 662) return 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 663)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 664) /* RFC 4884 (partial) support for ICMP extensions */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 665) if (data_len < 128 || (data_len & 7) || skb->len < data_len)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 666) data_len = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 667)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 668) skb2 = data_len ? skb_copy(skb, GFP_ATOMIC) : skb_clone(skb, GFP_ATOMIC);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 669)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 670) if (!skb2)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 671) return 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 672)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 673) skb_dst_drop(skb2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 674) skb_pull(skb2, nhs);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 675) skb_reset_network_header(skb2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 676)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 677) rt = rt6_lookup(dev_net(skb->dev), &ipv6_hdr(skb2)->saddr, NULL, 0,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 678) skb, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 679)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 680) if (rt && rt->dst.dev)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 681) skb2->dev = rt->dst.dev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 682)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 683) ipv6_addr_set_v4mapped(ip_hdr(skb)->saddr, &temp_saddr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 684)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 685) if (data_len) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 686) /* RFC 4884 (partial) support :
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 687) * insert 0 padding at the end, before the extensions
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 688) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 689) __skb_push(skb2, nhs);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 690) skb_reset_network_header(skb2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 691) memmove(skb2->data, skb2->data + nhs, data_len - nhs);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 692) memset(skb2->data + data_len - nhs, 0, nhs);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 693) /* RFC 4884 4.5 : Length is measured in 64-bit words,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 694) * and stored in reserved[0]
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 695) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 696) info = (data_len/8) << 24;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 697) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 698) if (type == ICMP_TIME_EXCEEDED)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 699) icmp6_send(skb2, ICMPV6_TIME_EXCEED, ICMPV6_EXC_HOPLIMIT,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 700) info, &temp_saddr, IP6CB(skb2));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 701) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 702) icmp6_send(skb2, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 703) info, &temp_saddr, IP6CB(skb2));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 704) if (rt)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 705) ip6_rt_put(rt);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 706)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 707) kfree_skb(skb2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 708)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 709) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 710) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 711) EXPORT_SYMBOL(ip6_err_gen_icmpv6_unreach);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 712)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 713) static void icmpv6_echo_reply(struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 714) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 715) struct net *net = dev_net(skb->dev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 716) struct sock *sk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 717) struct inet6_dev *idev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 718) struct ipv6_pinfo *np;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 719) const struct in6_addr *saddr = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 720) struct icmp6hdr *icmph = icmp6_hdr(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 721) struct icmp6hdr tmp_hdr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 722) struct flowi6 fl6;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 723) struct icmpv6_msg msg;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 724) struct dst_entry *dst;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 725) struct ipcm6_cookie ipc6;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 726) u32 mark = IP6_REPLY_MARK(net, skb->mark);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 727) bool acast;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 728)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 729) if (ipv6_addr_is_multicast(&ipv6_hdr(skb)->daddr) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 730) net->ipv6.sysctl.icmpv6_echo_ignore_multicast)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 731) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 732)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 733) saddr = &ipv6_hdr(skb)->daddr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 734)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 735) acast = ipv6_anycast_destination(skb_dst(skb), saddr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 736) if (acast && net->ipv6.sysctl.icmpv6_echo_ignore_anycast)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 737) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 738)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 739) if (!ipv6_unicast_destination(skb) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 740) !(net->ipv6.sysctl.anycast_src_echo_reply && acast))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 741) saddr = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 742)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 743) memcpy(&tmp_hdr, icmph, sizeof(tmp_hdr));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 744) tmp_hdr.icmp6_type = ICMPV6_ECHO_REPLY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 745)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 746) memset(&fl6, 0, sizeof(fl6));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 747) if (net->ipv6.sysctl.flowlabel_reflect & FLOWLABEL_REFLECT_ICMPV6_ECHO_REPLIES)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 748) fl6.flowlabel = ip6_flowlabel(ipv6_hdr(skb));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 749)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 750) fl6.flowi6_proto = IPPROTO_ICMPV6;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 751) fl6.daddr = ipv6_hdr(skb)->saddr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 752) if (saddr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 753) fl6.saddr = *saddr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 754) fl6.flowi6_oif = icmp6_iif(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 755) fl6.fl6_icmp_type = ICMPV6_ECHO_REPLY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 756) fl6.flowi6_mark = mark;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 757) fl6.flowi6_uid = sock_net_uid(net, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 758) security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 759)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 760) local_bh_disable();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 761) sk = icmpv6_xmit_lock(net);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 762) if (!sk)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 763) goto out_bh_enable;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 764) np = inet6_sk(sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 765)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 766) if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 767) fl6.flowi6_oif = np->mcast_oif;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 768) else if (!fl6.flowi6_oif)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 769) fl6.flowi6_oif = np->ucast_oif;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 770)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 771) if (ip6_dst_lookup(net, sk, &dst, &fl6))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 772) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 773) dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), sk, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 774) if (IS_ERR(dst))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 775) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 776)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 777) /* Check the ratelimit */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 778) if ((!(skb->dev->flags & IFF_LOOPBACK) && !icmpv6_global_allow(net, ICMPV6_ECHO_REPLY)) ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 779) !icmpv6_xrlim_allow(sk, ICMPV6_ECHO_REPLY, &fl6))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 780) goto out_dst_release;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 781)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 782) idev = __in6_dev_get(skb->dev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 783)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 784) msg.skb = skb;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 785) msg.offset = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 786) msg.type = ICMPV6_ECHO_REPLY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 787)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 788) ipcm6_init_sk(&ipc6, np);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 789) ipc6.hlimit = ip6_sk_dst_hoplimit(np, &fl6, dst);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 790) ipc6.tclass = ipv6_get_dsfield(ipv6_hdr(skb));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 791) ipc6.sockc.mark = mark;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 792)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 793) if (ip6_append_data(sk, icmpv6_getfrag, &msg,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 794) skb->len + sizeof(struct icmp6hdr),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 795) sizeof(struct icmp6hdr), &ipc6, &fl6,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 796) (struct rt6_info *)dst, MSG_DONTWAIT)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 797) __ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTERRORS);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 798) ip6_flush_pending_frames(sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 799) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 800) icmpv6_push_pending_frames(sk, &fl6, &tmp_hdr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 801) skb->len + sizeof(struct icmp6hdr));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 802) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 803) out_dst_release:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 804) dst_release(dst);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 805) out:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 806) icmpv6_xmit_unlock(sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 807) out_bh_enable:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 808) local_bh_enable();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 809) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 810)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 811) void icmpv6_notify(struct sk_buff *skb, u8 type, u8 code, __be32 info)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 812) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 813) const struct inet6_protocol *ipprot;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 814) int inner_offset;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 815) __be16 frag_off;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 816) u8 nexthdr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 817) struct net *net = dev_net(skb->dev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 818)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 819) if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 820) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 821)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 822) nexthdr = ((struct ipv6hdr *)skb->data)->nexthdr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 823) if (ipv6_ext_hdr(nexthdr)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 824) /* now skip over extension headers */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 825) inner_offset = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 826) &nexthdr, &frag_off);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 827) if (inner_offset < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 828) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 829) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 830) inner_offset = sizeof(struct ipv6hdr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 831) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 832)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 833) /* Checkin header including 8 bytes of inner protocol header. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 834) if (!pskb_may_pull(skb, inner_offset+8))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 835) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 836)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 837) /* BUGGG_FUTURE: we should try to parse exthdrs in this packet.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 838) Without this we will not able f.e. to make source routed
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 839) pmtu discovery.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 840) Corresponding argument (opt) to notifiers is already added.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 841) --ANK (980726)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 842) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 843)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 844) ipprot = rcu_dereference(inet6_protos[nexthdr]);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 845) if (ipprot && ipprot->err_handler)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 846) ipprot->err_handler(skb, NULL, type, code, inner_offset, info);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 847)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 848) raw6_icmp_error(skb, nexthdr, type, code, inner_offset, info);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 849) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 850)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 851) out:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 852) __ICMP6_INC_STATS(net, __in6_dev_get(skb->dev), ICMP6_MIB_INERRORS);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 853) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 854)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 855) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 856) * Handle icmp messages
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 857) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 858)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 859) static int icmpv6_rcv(struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 860) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 861) struct net *net = dev_net(skb->dev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 862) struct net_device *dev = icmp6_dev(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 863) struct inet6_dev *idev = __in6_dev_get(dev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 864) const struct in6_addr *saddr, *daddr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 865) struct icmp6hdr *hdr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 866) u8 type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 867) bool success = false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 868)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 869) if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 870) struct sec_path *sp = skb_sec_path(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 871) int nh;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 872)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 873) if (!(sp && sp->xvec[sp->len - 1]->props.flags &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 874) XFRM_STATE_ICMP))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 875) goto drop_no_count;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 876)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 877) if (!pskb_may_pull(skb, sizeof(*hdr) + sizeof(struct ipv6hdr)))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 878) goto drop_no_count;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 879)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 880) nh = skb_network_offset(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 881) skb_set_network_header(skb, sizeof(*hdr));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 882)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 883) if (!xfrm6_policy_check_reverse(NULL, XFRM_POLICY_IN, skb))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 884) goto drop_no_count;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 885)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 886) skb_set_network_header(skb, nh);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 887) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 888)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 889) __ICMP6_INC_STATS(dev_net(dev), idev, ICMP6_MIB_INMSGS);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 890)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 891) saddr = &ipv6_hdr(skb)->saddr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 892) daddr = &ipv6_hdr(skb)->daddr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 893)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 894) if (skb_checksum_validate(skb, IPPROTO_ICMPV6, ip6_compute_pseudo)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 895) net_dbg_ratelimited("ICMPv6 checksum failed [%pI6c > %pI6c]\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 896) saddr, daddr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 897) goto csum_error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 898) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 899)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 900) if (!pskb_pull(skb, sizeof(*hdr)))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 901) goto discard_it;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 902)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 903) hdr = icmp6_hdr(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 904)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 905) type = hdr->icmp6_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 906)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 907) ICMP6MSGIN_INC_STATS(dev_net(dev), idev, type);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 908)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 909) switch (type) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 910) case ICMPV6_ECHO_REQUEST:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 911) if (!net->ipv6.sysctl.icmpv6_echo_ignore_all)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 912) icmpv6_echo_reply(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 913) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 914)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 915) case ICMPV6_ECHO_REPLY:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 916) success = ping_rcv(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 917) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 918)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 919) case ICMPV6_PKT_TOOBIG:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 920) /* BUGGG_FUTURE: if packet contains rthdr, we cannot update
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 921) standard destination cache. Seems, only "advanced"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 922) destination cache will allow to solve this problem
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 923) --ANK (980726)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 924) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 925) if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 926) goto discard_it;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 927) hdr = icmp6_hdr(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 928)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 929) /* to notify */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 930) fallthrough;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 931) case ICMPV6_DEST_UNREACH:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 932) case ICMPV6_TIME_EXCEED:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 933) case ICMPV6_PARAMPROB:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 934) icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 935) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 936)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 937) case NDISC_ROUTER_SOLICITATION:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 938) case NDISC_ROUTER_ADVERTISEMENT:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 939) case NDISC_NEIGHBOUR_SOLICITATION:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 940) case NDISC_NEIGHBOUR_ADVERTISEMENT:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 941) case NDISC_REDIRECT:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 942) ndisc_rcv(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 943) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 944)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 945) case ICMPV6_MGM_QUERY:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 946) igmp6_event_query(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 947) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 948)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 949) case ICMPV6_MGM_REPORT:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 950) igmp6_event_report(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 951) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 952)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 953) case ICMPV6_MGM_REDUCTION:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 954) case ICMPV6_NI_QUERY:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 955) case ICMPV6_NI_REPLY:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 956) case ICMPV6_MLD2_REPORT:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 957) case ICMPV6_DHAAD_REQUEST:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 958) case ICMPV6_DHAAD_REPLY:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 959) case ICMPV6_MOBILE_PREFIX_SOL:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 960) case ICMPV6_MOBILE_PREFIX_ADV:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 961) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 962)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 963) default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 964) /* informational */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 965) if (type & ICMPV6_INFOMSG_MASK)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 966) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 967)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 968) net_dbg_ratelimited("icmpv6: msg of unknown type [%pI6c > %pI6c]\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 969) saddr, daddr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 970)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 971) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 972) * error of unknown type.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 973) * must pass to upper level
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 974) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 975)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 976) icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 977) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 978)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 979) /* until the v6 path can be better sorted assume failure and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 980) * preserve the status quo behaviour for the rest of the paths to here
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 981) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 982) if (success)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 983) consume_skb(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 984) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 985) kfree_skb(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 986)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 987) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 988)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 989) csum_error:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 990) __ICMP6_INC_STATS(dev_net(dev), idev, ICMP6_MIB_CSUMERRORS);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 991) discard_it:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 992) __ICMP6_INC_STATS(dev_net(dev), idev, ICMP6_MIB_INERRORS);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 993) drop_no_count:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 994) kfree_skb(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 995) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 996) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 997)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 998) void icmpv6_flow_init(struct sock *sk, struct flowi6 *fl6,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 999) u8 type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1000) const struct in6_addr *saddr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1001) const struct in6_addr *daddr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1002) int oif)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1003) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1004) memset(fl6, 0, sizeof(*fl6));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1005) fl6->saddr = *saddr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1006) fl6->daddr = *daddr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1007) fl6->flowi6_proto = IPPROTO_ICMPV6;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1008) fl6->fl6_icmp_type = type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1009) fl6->fl6_icmp_code = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1010) fl6->flowi6_oif = oif;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1011) security_sk_classify_flow(sk, flowi6_to_flowi(fl6));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1012) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1013)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1014) static void __net_exit icmpv6_sk_exit(struct net *net)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1015) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1016) int i;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1017)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1018) for_each_possible_cpu(i)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1019) inet_ctl_sock_destroy(*per_cpu_ptr(net->ipv6.icmp_sk, i));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1020) free_percpu(net->ipv6.icmp_sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1021) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1022)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1023) static int __net_init icmpv6_sk_init(struct net *net)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1024) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1025) struct sock *sk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1026) int err, i;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1027)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1028) net->ipv6.icmp_sk = alloc_percpu(struct sock *);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1029) if (!net->ipv6.icmp_sk)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1030) return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1031)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1032) for_each_possible_cpu(i) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1033) err = inet_ctl_sock_create(&sk, PF_INET6,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1034) SOCK_RAW, IPPROTO_ICMPV6, net);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1035) if (err < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1036) pr_err("Failed to initialize the ICMP6 control socket (err %d)\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1037) err);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1038) goto fail;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1039) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1040)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1041) *per_cpu_ptr(net->ipv6.icmp_sk, i) = sk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1042)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1043) /* Enough space for 2 64K ICMP packets, including
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1044) * sk_buff struct overhead.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1045) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1046) sk->sk_sndbuf = 2 * SKB_TRUESIZE(64 * 1024);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1047) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1048) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1049)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1050) fail:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1051) icmpv6_sk_exit(net);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1052) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1053) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1054)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1055) static struct pernet_operations icmpv6_sk_ops = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1056) .init = icmpv6_sk_init,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1057) .exit = icmpv6_sk_exit,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1058) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1059)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1060) int __init icmpv6_init(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1061) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1062) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1063)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1064) err = register_pernet_subsys(&icmpv6_sk_ops);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1065) if (err < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1066) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1067)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1068) err = -EAGAIN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1069) if (inet6_add_protocol(&icmpv6_protocol, IPPROTO_ICMPV6) < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1070) goto fail;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1071)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1072) err = inet6_register_icmp_sender(icmp6_send);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1073) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1074) goto sender_reg_err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1075) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1076)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1077) sender_reg_err:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1078) inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1079) fail:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1080) pr_err("Failed to register ICMP6 protocol\n");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1081) unregister_pernet_subsys(&icmpv6_sk_ops);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1082) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1083) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1084)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1085) void icmpv6_cleanup(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1086) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1087) inet6_unregister_icmp_sender(icmp6_send);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1088) unregister_pernet_subsys(&icmpv6_sk_ops);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1089) inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1090) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1091)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1092)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1093) static const struct icmp6_err {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1094) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1095) int fatal;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1096) } tab_unreach[] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1097) { /* NOROUTE */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1098) .err = ENETUNREACH,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1099) .fatal = 0,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1100) },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1101) { /* ADM_PROHIBITED */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1102) .err = EACCES,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1103) .fatal = 1,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1104) },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1105) { /* Was NOT_NEIGHBOUR, now reserved */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1106) .err = EHOSTUNREACH,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1107) .fatal = 0,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1108) },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1109) { /* ADDR_UNREACH */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1110) .err = EHOSTUNREACH,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1111) .fatal = 0,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1112) },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1113) { /* PORT_UNREACH */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1114) .err = ECONNREFUSED,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1115) .fatal = 1,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1116) },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1117) { /* POLICY_FAIL */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1118) .err = EACCES,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1119) .fatal = 1,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1120) },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1121) { /* REJECT_ROUTE */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1122) .err = EACCES,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1123) .fatal = 1,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1124) },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1125) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1126)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1127) int icmpv6_err_convert(u8 type, u8 code, int *err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1128) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1129) int fatal = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1130)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1131) *err = EPROTO;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1132)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1133) switch (type) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1134) case ICMPV6_DEST_UNREACH:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1135) fatal = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1136) if (code < ARRAY_SIZE(tab_unreach)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1137) *err = tab_unreach[code].err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1138) fatal = tab_unreach[code].fatal;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1139) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1140) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1141)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1142) case ICMPV6_PKT_TOOBIG:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1143) *err = EMSGSIZE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1144) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1145)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1146) case ICMPV6_PARAMPROB:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1147) *err = EPROTO;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1148) fatal = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1149) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1150)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1151) case ICMPV6_TIME_EXCEED:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1152) *err = EHOSTUNREACH;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1153) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1154) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1155)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1156) return fatal;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1157) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1158) EXPORT_SYMBOL(icmpv6_err_convert);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1159)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1160) #ifdef CONFIG_SYSCTL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1161) static struct ctl_table ipv6_icmp_table_template[] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1162) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1163) .procname = "ratelimit",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1164) .data = &init_net.ipv6.sysctl.icmpv6_time,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1165) .maxlen = sizeof(int),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1166) .mode = 0644,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1167) .proc_handler = proc_dointvec_ms_jiffies,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1168) },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1169) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1170) .procname = "echo_ignore_all",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1171) .data = &init_net.ipv6.sysctl.icmpv6_echo_ignore_all,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1172) .maxlen = sizeof(int),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1173) .mode = 0644,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1174) .proc_handler = proc_dointvec,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1175) },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1176) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1177) .procname = "echo_ignore_multicast",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1178) .data = &init_net.ipv6.sysctl.icmpv6_echo_ignore_multicast,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1179) .maxlen = sizeof(int),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1180) .mode = 0644,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1181) .proc_handler = proc_dointvec,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1182) },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1183) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1184) .procname = "echo_ignore_anycast",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1185) .data = &init_net.ipv6.sysctl.icmpv6_echo_ignore_anycast,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1186) .maxlen = sizeof(int),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1187) .mode = 0644,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1188) .proc_handler = proc_dointvec,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1189) },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1190) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1191) .procname = "ratemask",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1192) .data = &init_net.ipv6.sysctl.icmpv6_ratemask_ptr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1193) .maxlen = ICMPV6_MSG_MAX + 1,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1194) .mode = 0644,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1195) .proc_handler = proc_do_large_bitmap,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1196) },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1197) { },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1198) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1199)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1200) struct ctl_table * __net_init ipv6_icmp_sysctl_init(struct net *net)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1201) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1202) struct ctl_table *table;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1203)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1204) table = kmemdup(ipv6_icmp_table_template,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1205) sizeof(ipv6_icmp_table_template),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1206) GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1207)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1208) if (table) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1209) table[0].data = &net->ipv6.sysctl.icmpv6_time;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1210) table[1].data = &net->ipv6.sysctl.icmpv6_echo_ignore_all;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1211) table[2].data = &net->ipv6.sysctl.icmpv6_echo_ignore_multicast;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1212) table[3].data = &net->ipv6.sysctl.icmpv6_echo_ignore_anycast;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1213) table[4].data = &net->ipv6.sysctl.icmpv6_ratemask_ptr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1214) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1215) return table;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1216) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1217) #endif
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags