tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom
kernel / net / ipv6 / icmp.c
at v6.19 1456 lines 36 kB view raw
1// SPDX-License-Identifier: GPL-2.0-or-later 2/* 3 * Internet Control Message Protocol (ICMPv6) 4 * Linux INET6 implementation 5 * 6 * Authors: 7 * Pedro Roque <roque@di.fc.ul.pt> 8 * 9 * Based on net/ipv4/icmp.c 10 * 11 * RFC 1885 12 */ 13 14/* 15 * Changes: 16 * 17 * Andi Kleen : exception handling 18 * Andi Kleen add rate limits. never reply to a icmp. 19 * add more length checks and other fixes. 20 * yoshfuji : ensure to sent parameter problem for 21 * fragments. 22 * YOSHIFUJI Hideaki @USAGI: added sysctl for icmp rate limit. 23 * Randy Dunlap and 24 * YOSHIFUJI Hideaki @USAGI: Per-interface statistics support 25 * Kazunori MIYAZAWA @USAGI: change output process to use ip6_append_data 26 */ 27 28#define pr_fmt(fmt) "IPv6: " fmt 29 30#include <linux/module.h> 31#include <linux/errno.h> 32#include <linux/types.h> 33#include <linux/socket.h> 34#include <linux/in.h> 35#include <linux/kernel.h> 36#include <linux/sockios.h> 37#include <linux/net.h> 38#include <linux/skbuff.h> 39#include <linux/init.h> 40#include <linux/netfilter.h> 41#include <linux/slab.h> 42 43#ifdef CONFIG_SYSCTL 44#include <linux/sysctl.h> 45#endif 46 47#include <linux/inet.h> 48#include <linux/netdevice.h> 49#include <linux/icmpv6.h> 50 51#include <net/ip.h> 52#include <net/sock.h> 53 54#include <net/ipv6.h> 55#include <net/ip6_checksum.h> 56#include <net/ping.h> 57#include <net/protocol.h> 58#include <net/raw.h> 59#include <net/rawv6.h> 60#include <net/seg6.h> 61#include <net/transp_v6.h> 62#include <net/ip6_route.h> 63#include <net/addrconf.h> 64#include <net/icmp.h> 65#include <net/xfrm.h> 66#include <net/inet_common.h> 67#include <net/dsfield.h> 68#include <net/l3mdev.h> 69 70#include <linux/uaccess.h> 71 72static DEFINE_PER_CPU(struct sock *, ipv6_icmp_sk); 73 74static int icmpv6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, 75 u8 type, u8 code, int offset, __be32 info) 76{ 77 /* icmpv6_notify checks 8 bytes can be pulled, icmp6hdr is 8 bytes */ 78 struct icmp6hdr *icmp6 = (struct icmp6hdr *) (skb->data + offset); 79 struct net *net = dev_net_rcu(skb->dev); 80 81 if (type == ICMPV6_PKT_TOOBIG) 82 ip6_update_pmtu(skb, net, info, skb->dev->ifindex, 0, sock_net_uid(net, NULL)); 83 else if (type == NDISC_REDIRECT) 84 ip6_redirect(skb, net, skb->dev->ifindex, 0, 85 sock_net_uid(net, NULL)); 86 87 if (!(type & ICMPV6_INFOMSG_MASK)) 88 if (icmp6->icmp6_type == ICMPV6_ECHO_REQUEST) 89 ping_err(skb, offset, ntohl(info)); 90 91 return 0; 92} 93 94static int icmpv6_rcv(struct sk_buff *skb); 95 96static const struct inet6_protocol icmpv6_protocol = { 97 .handler = icmpv6_rcv, 98 .err_handler = icmpv6_err, 99 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, 100}; 101 102/* Called with BH disabled */ 103static struct sock *icmpv6_xmit_lock(struct net *net) 104{ 105 struct sock *sk; 106 107 sk = this_cpu_read(ipv6_icmp_sk); 108 if (unlikely(!spin_trylock(&sk->sk_lock.slock))) { 109 /* This can happen if the output path (f.e. SIT or 110 * ip6ip6 tunnel) signals dst_link_failure() for an 111 * outgoing ICMP6 packet. 112 */ 113 return NULL; 114 } 115 sock_net_set(sk, net); 116 return sk; 117} 118 119static void icmpv6_xmit_unlock(struct sock *sk) 120{ 121 sock_net_set(sk, &init_net); 122 spin_unlock(&sk->sk_lock.slock); 123} 124 125/* 126 * Figure out, may we reply to this packet with icmp error. 127 * 128 * We do not reply, if: 129 * - it was icmp error message. 130 * - it is truncated, so that it is known, that protocol is ICMPV6 131 * (i.e. in the middle of some exthdr) 132 * 133 * --ANK (980726) 134 */ 135 136static bool is_ineligible(const struct sk_buff *skb) 137{ 138 int ptr = (u8 *)(ipv6_hdr(skb) + 1) - skb->data; 139 int len = skb->len - ptr; 140 __u8 nexthdr = ipv6_hdr(skb)->nexthdr; 141 __be16 frag_off; 142 143 if (len < 0) 144 return true; 145 146 ptr = ipv6_skip_exthdr(skb, ptr, &nexthdr, &frag_off); 147 if (ptr < 0) 148 return false; 149 if (nexthdr == IPPROTO_ICMPV6) { 150 u8 _type, *tp; 151 tp = skb_header_pointer(skb, 152 ptr+offsetof(struct icmp6hdr, icmp6_type), 153 sizeof(_type), &_type); 154 155 /* Based on RFC 8200, Section 4.5 Fragment Header, return 156 * false if this is a fragment packet with no icmp header info. 157 */ 158 if (!tp && frag_off != 0) 159 return false; 160 else if (!tp || !(*tp & ICMPV6_INFOMSG_MASK)) 161 return true; 162 } 163 return false; 164} 165 166static bool icmpv6_mask_allow(struct net *net, int type) 167{ 168 if (type > ICMPV6_MSG_MAX) 169 return true; 170 171 /* Limit if icmp type is set in ratemask. */ 172 if (!test_bit(type, net->ipv6.sysctl.icmpv6_ratemask)) 173 return true; 174 175 return false; 176} 177 178static bool icmpv6_global_allow(struct net *net, int type, 179 bool *apply_ratelimit) 180{ 181 if (icmpv6_mask_allow(net, type)) 182 return true; 183 184 if (icmp_global_allow(net)) { 185 *apply_ratelimit = true; 186 return true; 187 } 188 __ICMP_INC_STATS(net, ICMP_MIB_RATELIMITGLOBAL); 189 return false; 190} 191 192/* 193 * Check the ICMP output rate limit 194 */ 195static bool icmpv6_xrlim_allow(struct sock *sk, u8 type, 196 struct flowi6 *fl6, bool apply_ratelimit) 197{ 198 struct net *net = sock_net(sk); 199 struct net_device *dev; 200 struct dst_entry *dst; 201 bool res = false; 202 203 if (!apply_ratelimit) 204 return true; 205 206 /* 207 * Look up the output route. 208 * XXX: perhaps the expire for routing entries cloned by 209 * this lookup should be more aggressive (not longer than timeout). 210 */ 211 dst = ip6_route_output(net, sk, fl6); 212 rcu_read_lock(); 213 dev = dst_dev_rcu(dst); 214 if (dst->error) { 215 IP6_INC_STATS(net, ip6_dst_idev(dst), 216 IPSTATS_MIB_OUTNOROUTES); 217 } else if (dev && (dev->flags & IFF_LOOPBACK)) { 218 res = true; 219 } else { 220 struct rt6_info *rt = dst_rt6_info(dst); 221 int tmo = net->ipv6.sysctl.icmpv6_time; 222 struct inet_peer *peer; 223 224 /* Give more bandwidth to wider prefixes. */ 225 if (rt->rt6i_dst.plen < 128) 226 tmo >>= ((128 - rt->rt6i_dst.plen)>>5); 227 228 peer = inet_getpeer_v6(net->ipv6.peers, &fl6->daddr); 229 res = inet_peer_xrlim_allow(peer, tmo); 230 } 231 rcu_read_unlock(); 232 if (!res) 233 __ICMP6_INC_STATS(net, NULL, ICMP6_MIB_RATELIMITHOST); 234 else 235 icmp_global_consume(net); 236 dst_release(dst); 237 return res; 238} 239 240static bool icmpv6_rt_has_prefsrc(struct sock *sk, u8 type, 241 struct flowi6 *fl6) 242{ 243 struct net *net = sock_net(sk); 244 struct dst_entry *dst; 245 bool res = false; 246 247 dst = ip6_route_output(net, sk, fl6); 248 if (!dst->error) { 249 struct rt6_info *rt = dst_rt6_info(dst); 250 struct in6_addr prefsrc; 251 252 rt6_get_prefsrc(rt, &prefsrc); 253 res = !ipv6_addr_any(&prefsrc); 254 } 255 dst_release(dst); 256 return res; 257} 258 259/* 260 * an inline helper for the "simple" if statement below 261 * checks if parameter problem report is caused by an 262 * unrecognized IPv6 option that has the Option Type 263 * highest-order two bits set to 10 264 */ 265 266static bool opt_unrec(struct sk_buff *skb, __u32 offset) 267{ 268 u8 _optval, *op; 269 270 offset += skb_network_offset(skb); 271 op = skb_header_pointer(skb, offset, sizeof(_optval), &_optval); 272 if (!op) 273 return true; 274 return (*op & 0xC0) == 0x80; 275} 276 277void icmpv6_push_pending_frames(struct sock *sk, struct flowi6 *fl6, 278 struct icmp6hdr *thdr, int len) 279{ 280 struct sk_buff *skb; 281 struct icmp6hdr *icmp6h; 282 283 skb = skb_peek(&sk->sk_write_queue); 284 if (!skb) 285 return; 286 287 icmp6h = icmp6_hdr(skb); 288 memcpy(icmp6h, thdr, sizeof(struct icmp6hdr)); 289 icmp6h->icmp6_cksum = 0; 290 291 if (skb_queue_len(&sk->sk_write_queue) == 1) { 292 skb->csum = csum_partial(icmp6h, 293 sizeof(struct icmp6hdr), skb->csum); 294 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl6->saddr, 295 &fl6->daddr, 296 len, fl6->flowi6_proto, 297 skb->csum); 298 } else { 299 __wsum tmp_csum = 0; 300 301 skb_queue_walk(&sk->sk_write_queue, skb) { 302 tmp_csum = csum_add(tmp_csum, skb->csum); 303 } 304 305 tmp_csum = csum_partial(icmp6h, 306 sizeof(struct icmp6hdr), tmp_csum); 307 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl6->saddr, 308 &fl6->daddr, 309 len, fl6->flowi6_proto, 310 tmp_csum); 311 } 312 ip6_push_pending_frames(sk); 313} 314 315struct icmpv6_msg { 316 struct sk_buff *skb; 317 int offset; 318 uint8_t type; 319}; 320 321static int icmpv6_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb) 322{ 323 struct icmpv6_msg *msg = (struct icmpv6_msg *) from; 324 struct sk_buff *org_skb = msg->skb; 325 __wsum csum; 326 327 csum = skb_copy_and_csum_bits(org_skb, msg->offset + offset, 328 to, len); 329 skb->csum = csum_block_add(skb->csum, csum, odd); 330 if (!(msg->type & ICMPV6_INFOMSG_MASK)) 331 nf_ct_attach(skb, org_skb); 332 return 0; 333} 334 335#if IS_ENABLED(CONFIG_IPV6_MIP6) 336static void mip6_addr_swap(struct sk_buff *skb, const struct inet6_skb_parm *opt) 337{ 338 struct ipv6hdr *iph = ipv6_hdr(skb); 339 struct ipv6_destopt_hao *hao; 340 int off; 341 342 if (opt->dsthao) { 343 off = ipv6_find_tlv(skb, opt->dsthao, IPV6_TLV_HAO); 344 if (likely(off >= 0)) { 345 hao = (struct ipv6_destopt_hao *) 346 (skb_network_header(skb) + off); 347 swap(iph->saddr, hao->addr); 348 } 349 } 350} 351#else 352static inline void mip6_addr_swap(struct sk_buff *skb, const struct inet6_skb_parm *opt) {} 353#endif 354 355static struct dst_entry *icmpv6_route_lookup(struct net *net, 356 struct sk_buff *skb, 357 struct sock *sk, 358 struct flowi6 *fl6) 359{ 360 struct dst_entry *dst, *dst2; 361 struct flowi6 fl2; 362 int err; 363 364 err = ip6_dst_lookup(net, sk, &dst, fl6); 365 if (err) 366 return ERR_PTR(err); 367 368 /* 369 * We won't send icmp if the destination is known 370 * anycast unless we need to treat anycast as unicast. 371 */ 372 if (!READ_ONCE(net->ipv6.sysctl.icmpv6_error_anycast_as_unicast) && 373 ipv6_anycast_destination(dst, &fl6->daddr)) { 374 net_dbg_ratelimited("icmp6_send: acast source\n"); 375 dst_release(dst); 376 return ERR_PTR(-EINVAL); 377 } 378 379 /* No need to clone since we're just using its address. */ 380 dst2 = dst; 381 382 dst = xfrm_lookup(net, dst, flowi6_to_flowi(fl6), sk, 0); 383 if (!IS_ERR(dst)) { 384 if (dst != dst2) 385 return dst; 386 } else { 387 if (PTR_ERR(dst) == -EPERM) 388 dst = NULL; 389 else 390 return dst; 391 } 392 393 err = xfrm_decode_session_reverse(net, skb, flowi6_to_flowi(&fl2), AF_INET6); 394 if (err) 395 goto relookup_failed; 396 397 err = ip6_dst_lookup(net, sk, &dst2, &fl2); 398 if (err) 399 goto relookup_failed; 400 401 dst2 = xfrm_lookup(net, dst2, flowi6_to_flowi(&fl2), sk, XFRM_LOOKUP_ICMP); 402 if (!IS_ERR(dst2)) { 403 dst_release(dst); 404 dst = dst2; 405 } else { 406 err = PTR_ERR(dst2); 407 if (err == -EPERM) { 408 dst_release(dst); 409 return dst2; 410 } else 411 goto relookup_failed; 412 } 413 414relookup_failed: 415 if (dst) 416 return dst; 417 return ERR_PTR(err); 418} 419 420static struct net_device *icmp6_dev(const struct sk_buff *skb) 421{ 422 struct net_device *dev = skb->dev; 423 424 /* for local traffic to local address, skb dev is the loopback 425 * device. Check if there is a dst attached to the skb and if so 426 * get the real device index. Same is needed for replies to a link 427 * local address on a device enslaved to an L3 master device 428 */ 429 if (unlikely(dev->ifindex == LOOPBACK_IFINDEX || netif_is_l3_master(skb->dev))) { 430 const struct rt6_info *rt6 = skb_rt6_info(skb); 431 432 /* The destination could be an external IP in Ext Hdr (SRv6, RPL, etc.), 433 * and ip6_null_entry could be set to skb if no route is found. 434 */ 435 if (rt6 && rt6->rt6i_idev) 436 dev = rt6->rt6i_idev->dev; 437 } 438 439 return dev; 440} 441 442static int icmp6_iif(const struct sk_buff *skb) 443{ 444 return icmp6_dev(skb)->ifindex; 445} 446 447struct icmp6_ext_iio_addr6_subobj { 448 __be16 afi; 449 __be16 reserved; 450 struct in6_addr addr6; 451}; 452 453static unsigned int icmp6_ext_iio_len(void) 454{ 455 return sizeof(struct icmp_extobj_hdr) + 456 /* ifIndex */ 457 sizeof(__be32) + 458 /* Interface Address Sub-Object */ 459 sizeof(struct icmp6_ext_iio_addr6_subobj) + 460 /* Interface Name Sub-Object. Length must be a multiple of 4 461 * bytes. 462 */ 463 ALIGN(sizeof(struct icmp_ext_iio_name_subobj), 4) + 464 /* MTU */ 465 sizeof(__be32); 466} 467 468static unsigned int icmp6_ext_max_len(u8 ext_objs) 469{ 470 unsigned int ext_max_len; 471 472 ext_max_len = sizeof(struct icmp_ext_hdr); 473 474 if (ext_objs & BIT(ICMP_ERR_EXT_IIO_IIF)) 475 ext_max_len += icmp6_ext_iio_len(); 476 477 return ext_max_len; 478} 479 480static struct in6_addr *icmp6_ext_iio_addr6_find(const struct net_device *dev) 481{ 482 struct inet6_dev *in6_dev; 483 struct inet6_ifaddr *ifa; 484 485 in6_dev = __in6_dev_get(dev); 486 if (!in6_dev) 487 return NULL; 488 489 /* It is unclear from RFC 5837 which IP address should be chosen, but 490 * it makes sense to choose a global unicast address. 491 */ 492 list_for_each_entry_rcu(ifa, &in6_dev->addr_list, if_list) { 493 if (ifa->flags & (IFA_F_TENTATIVE | IFA_F_DADFAILED)) 494 continue; 495 if (ipv6_addr_type(&ifa->addr) != IPV6_ADDR_UNICAST || 496 ipv6_addr_src_scope(&ifa->addr) != IPV6_ADDR_SCOPE_GLOBAL) 497 continue; 498 return &ifa->addr; 499 } 500 501 return NULL; 502} 503 504static void icmp6_ext_iio_iif_append(struct net *net, struct sk_buff *skb, 505 int iif) 506{ 507 struct icmp_ext_iio_name_subobj *name_subobj; 508 struct icmp_extobj_hdr *objh; 509 struct net_device *dev; 510 struct in6_addr *addr6; 511 __be32 data; 512 513 if (!iif) 514 return; 515 516 /* Add the fields in the order specified by RFC 5837. */ 517 objh = skb_put(skb, sizeof(*objh)); 518 objh->class_num = ICMP_EXT_OBJ_CLASS_IIO; 519 objh->class_type = ICMP_EXT_CTYPE_IIO_ROLE(ICMP_EXT_CTYPE_IIO_ROLE_IIF); 520 521 data = htonl(iif); 522 skb_put_data(skb, &data, sizeof(__be32)); 523 objh->class_type |= ICMP_EXT_CTYPE_IIO_IFINDEX; 524 525 rcu_read_lock(); 526 527 dev = dev_get_by_index_rcu(net, iif); 528 if (!dev) 529 goto out; 530 531 addr6 = icmp6_ext_iio_addr6_find(dev); 532 if (addr6) { 533 struct icmp6_ext_iio_addr6_subobj *addr6_subobj; 534 535 addr6_subobj = skb_put_zero(skb, sizeof(*addr6_subobj)); 536 addr6_subobj->afi = htons(ICMP_AFI_IP6); 537 addr6_subobj->addr6 = *addr6; 538 objh->class_type |= ICMP_EXT_CTYPE_IIO_IPADDR; 539 } 540 541 name_subobj = skb_put_zero(skb, ALIGN(sizeof(*name_subobj), 4)); 542 name_subobj->len = ALIGN(sizeof(*name_subobj), 4); 543 netdev_copy_name(dev, name_subobj->name); 544 objh->class_type |= ICMP_EXT_CTYPE_IIO_NAME; 545 546 data = htonl(READ_ONCE(dev->mtu)); 547 skb_put_data(skb, &data, sizeof(__be32)); 548 objh->class_type |= ICMP_EXT_CTYPE_IIO_MTU; 549 550out: 551 rcu_read_unlock(); 552 objh->length = htons(skb_tail_pointer(skb) - (unsigned char *)objh); 553} 554 555static void icmp6_ext_objs_append(struct net *net, struct sk_buff *skb, 556 u8 ext_objs, int iif) 557{ 558 if (ext_objs & BIT(ICMP_ERR_EXT_IIO_IIF)) 559 icmp6_ext_iio_iif_append(net, skb, iif); 560} 561 562static struct sk_buff * 563icmp6_ext_append(struct net *net, struct sk_buff *skb_in, 564 struct icmp6hdr *icmp6h, unsigned int room, int iif) 565{ 566 unsigned int payload_len, ext_max_len, ext_len; 567 struct icmp_ext_hdr *ext_hdr; 568 struct sk_buff *skb; 569 u8 ext_objs; 570 int nhoff; 571 572 switch (icmp6h->icmp6_type) { 573 case ICMPV6_DEST_UNREACH: 574 case ICMPV6_TIME_EXCEED: 575 break; 576 default: 577 return NULL; 578 } 579 580 /* Do not overwrite existing extensions. This can happen when we 581 * receive an ICMPv4 message with extensions from a tunnel and 582 * translate it to an ICMPv6 message towards an IPv6 host in the 583 * overlay network. 584 */ 585 if (icmp6h->icmp6_datagram_len) 586 return NULL; 587 588 ext_objs = READ_ONCE(net->ipv6.sysctl.icmpv6_errors_extension_mask); 589 if (!ext_objs) 590 return NULL; 591 592 ext_max_len = icmp6_ext_max_len(ext_objs); 593 if (ICMP_EXT_ORIG_DGRAM_MIN_LEN + ext_max_len > room) 594 return NULL; 595 596 skb = skb_clone(skb_in, GFP_ATOMIC); 597 if (!skb) 598 return NULL; 599 600 nhoff = skb_network_offset(skb); 601 payload_len = min(skb->len - nhoff, ICMP_EXT_ORIG_DGRAM_MIN_LEN); 602 603 if (!pskb_network_may_pull(skb, payload_len)) 604 goto free_skb; 605 606 if (pskb_trim(skb, nhoff + ICMP_EXT_ORIG_DGRAM_MIN_LEN) || 607 __skb_put_padto(skb, nhoff + ICMP_EXT_ORIG_DGRAM_MIN_LEN, false)) 608 goto free_skb; 609 610 if (pskb_expand_head(skb, 0, ext_max_len, GFP_ATOMIC)) 611 goto free_skb; 612 613 ext_hdr = skb_put_zero(skb, sizeof(*ext_hdr)); 614 ext_hdr->version = ICMP_EXT_VERSION_2; 615 616 icmp6_ext_objs_append(net, skb, ext_objs, iif); 617 618 /* Do not send an empty extension structure. */ 619 ext_len = skb_tail_pointer(skb) - (unsigned char *)ext_hdr; 620 if (ext_len == sizeof(*ext_hdr)) 621 goto free_skb; 622 623 ext_hdr->checksum = ip_compute_csum(ext_hdr, ext_len); 624 /* The length of the original datagram in 64-bit words (RFC 4884). */ 625 icmp6h->icmp6_datagram_len = ICMP_EXT_ORIG_DGRAM_MIN_LEN / sizeof(u64); 626 627 return skb; 628 629free_skb: 630 consume_skb(skb); 631 return NULL; 632} 633 634/* 635 * Send an ICMP message in response to a packet in error 636 */ 637void icmp6_send(struct sk_buff *skb, u8 type, u8 code, __u32 info, 638 const struct in6_addr *force_saddr, 639 const struct inet6_skb_parm *parm) 640{ 641 struct inet6_dev *idev = NULL; 642 struct ipv6hdr *hdr = ipv6_hdr(skb); 643 struct sock *sk; 644 struct net *net; 645 struct ipv6_pinfo *np; 646 const struct in6_addr *saddr = NULL; 647 bool apply_ratelimit = false; 648 struct sk_buff *ext_skb; 649 struct dst_entry *dst; 650 unsigned int room; 651 struct icmp6hdr tmp_hdr; 652 struct flowi6 fl6; 653 struct icmpv6_msg msg; 654 struct ipcm6_cookie ipc6; 655 int iif = 0; 656 int addr_type = 0; 657 int len; 658 u32 mark; 659 660 if ((u8 *)hdr < skb->head || 661 (skb_network_header(skb) + sizeof(*hdr)) > skb_tail_pointer(skb)) 662 return; 663 664 if (!skb->dev) 665 return; 666 667 rcu_read_lock(); 668 669 net = dev_net_rcu(skb->dev); 670 mark = IP6_REPLY_MARK(net, skb->mark); 671 /* 672 * Make sure we respect the rules 673 * i.e. RFC 1885 2.4(e) 674 * Rule (e.1) is enforced by not using icmp6_send 675 * in any code that processes icmp errors. 676 */ 677 addr_type = ipv6_addr_type(&hdr->daddr); 678 679 if (ipv6_chk_addr(net, &hdr->daddr, skb->dev, 0) || 680 ipv6_chk_acast_addr_src(net, skb->dev, &hdr->daddr)) 681 saddr = &hdr->daddr; 682 683 /* 684 * Dest addr check 685 */ 686 687 if (addr_type & IPV6_ADDR_MULTICAST || skb->pkt_type != PACKET_HOST) { 688 if (type != ICMPV6_PKT_TOOBIG && 689 !(type == ICMPV6_PARAMPROB && 690 code == ICMPV6_UNK_OPTION && 691 (opt_unrec(skb, info)))) 692 goto out; 693 694 saddr = NULL; 695 } 696 697 addr_type = ipv6_addr_type(&hdr->saddr); 698 699 /* 700 * Source addr check 701 */ 702 703 if (__ipv6_addr_needs_scope_id(addr_type)) { 704 iif = icmp6_iif(skb); 705 } else { 706 /* 707 * The source device is used for looking up which routing table 708 * to use for sending an ICMP error. 709 */ 710 iif = l3mdev_master_ifindex(skb->dev); 711 } 712 713 /* 714 * Must not send error if the source does not uniquely 715 * identify a single node (RFC2463 Section 2.4). 716 * We check unspecified / multicast addresses here, 717 * and anycast addresses will be checked later. 718 */ 719 if ((addr_type == IPV6_ADDR_ANY) || (addr_type & IPV6_ADDR_MULTICAST)) { 720 net_dbg_ratelimited("icmp6_send: addr_any/mcast source [%pI6c > %pI6c]\n", 721 &hdr->saddr, &hdr->daddr); 722 goto out; 723 } 724 725 /* 726 * Never answer to a ICMP packet. 727 */ 728 if (is_ineligible(skb)) { 729 net_dbg_ratelimited("icmp6_send: no reply to icmp error [%pI6c > %pI6c]\n", 730 &hdr->saddr, &hdr->daddr); 731 goto out; 732 } 733 734 /* Needed by both icmpv6_global_allow and icmpv6_xmit_lock */ 735 local_bh_disable(); 736 737 /* Check global sysctl_icmp_msgs_per_sec ratelimit */ 738 if (!(skb->dev->flags & IFF_LOOPBACK) && 739 !icmpv6_global_allow(net, type, &apply_ratelimit)) 740 goto out_bh_enable; 741 742 mip6_addr_swap(skb, parm); 743 744 sk = icmpv6_xmit_lock(net); 745 if (!sk) 746 goto out_bh_enable; 747 748 memset(&fl6, 0, sizeof(fl6)); 749 fl6.flowi6_proto = IPPROTO_ICMPV6; 750 fl6.daddr = hdr->saddr; 751 if (force_saddr) 752 saddr = force_saddr; 753 if (saddr) { 754 fl6.saddr = *saddr; 755 } else if (!icmpv6_rt_has_prefsrc(sk, type, &fl6)) { 756 /* select a more meaningful saddr from input if */ 757 struct net_device *in_netdev; 758 759 in_netdev = dev_get_by_index(net, parm->iif); 760 if (in_netdev) { 761 ipv6_dev_get_saddr(net, in_netdev, &fl6.daddr, 762 inet6_sk(sk)->srcprefs, 763 &fl6.saddr); 764 dev_put(in_netdev); 765 } 766 } 767 fl6.flowi6_mark = mark; 768 fl6.flowi6_oif = iif; 769 fl6.fl6_icmp_type = type; 770 fl6.fl6_icmp_code = code; 771 fl6.flowi6_uid = sock_net_uid(net, NULL); 772 fl6.mp_hash = rt6_multipath_hash(net, &fl6, skb, NULL); 773 security_skb_classify_flow(skb, flowi6_to_flowi_common(&fl6)); 774 775 np = inet6_sk(sk); 776 777 if (!icmpv6_xrlim_allow(sk, type, &fl6, apply_ratelimit)) 778 goto out_unlock; 779 780 tmp_hdr.icmp6_type = type; 781 tmp_hdr.icmp6_code = code; 782 tmp_hdr.icmp6_cksum = 0; 783 tmp_hdr.icmp6_pointer = htonl(info); 784 785 if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr)) 786 fl6.flowi6_oif = READ_ONCE(np->mcast_oif); 787 else if (!fl6.flowi6_oif) 788 fl6.flowi6_oif = READ_ONCE(np->ucast_oif); 789 790 ipcm6_init_sk(&ipc6, sk); 791 ipc6.sockc.mark = mark; 792 fl6.flowlabel = ip6_make_flowinfo(ipc6.tclass, fl6.flowlabel); 793 794 dst = icmpv6_route_lookup(net, skb, sk, &fl6); 795 if (IS_ERR(dst)) 796 goto out_unlock; 797 798 ipc6.hlimit = ip6_sk_dst_hoplimit(np, &fl6, dst); 799 800 msg.skb = skb; 801 msg.offset = skb_network_offset(skb); 802 msg.type = type; 803 804 room = IPV6_MIN_MTU - sizeof(struct ipv6hdr) - sizeof(struct icmp6hdr); 805 ext_skb = icmp6_ext_append(net, skb, &tmp_hdr, room, parm->iif); 806 if (ext_skb) 807 msg.skb = ext_skb; 808 809 len = msg.skb->len - msg.offset; 810 len = min_t(unsigned int, len, room); 811 if (len < 0) { 812 net_dbg_ratelimited("icmp: len problem [%pI6c > %pI6c]\n", 813 &hdr->saddr, &hdr->daddr); 814 goto out_dst_release; 815 } 816 817 idev = __in6_dev_get(skb->dev); 818 819 if (ip6_append_data(sk, icmpv6_getfrag, &msg, 820 len + sizeof(struct icmp6hdr), 821 sizeof(struct icmp6hdr), 822 &ipc6, &fl6, dst_rt6_info(dst), 823 MSG_DONTWAIT)) { 824 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTERRORS); 825 ip6_flush_pending_frames(sk); 826 } else { 827 icmpv6_push_pending_frames(sk, &fl6, &tmp_hdr, 828 len + sizeof(struct icmp6hdr)); 829 } 830 831out_dst_release: 832 if (ext_skb) 833 consume_skb(ext_skb); 834 dst_release(dst); 835out_unlock: 836 icmpv6_xmit_unlock(sk); 837out_bh_enable: 838 local_bh_enable(); 839out: 840 rcu_read_unlock(); 841} 842EXPORT_SYMBOL(icmp6_send); 843 844/* Slightly more convenient version of icmp6_send with drop reasons. 845 */ 846void icmpv6_param_prob_reason(struct sk_buff *skb, u8 code, int pos, 847 enum skb_drop_reason reason) 848{ 849 icmp6_send(skb, ICMPV6_PARAMPROB, code, pos, NULL, IP6CB(skb)); 850 kfree_skb_reason(skb, reason); 851} 852 853/* Generate icmpv6 with type/code ICMPV6_DEST_UNREACH/ICMPV6_ADDR_UNREACH 854 * if sufficient data bytes are available 855 * @nhs is the size of the tunnel header(s) : 856 * Either an IPv4 header for SIT encap 857 * an IPv4 header + GRE header for GRE encap 858 */ 859int ip6_err_gen_icmpv6_unreach(struct sk_buff *skb, int nhs, int type, 860 unsigned int data_len) 861{ 862 struct in6_addr temp_saddr; 863 struct rt6_info *rt; 864 struct sk_buff *skb2; 865 u32 info = 0; 866 867 if (!pskb_may_pull(skb, nhs + sizeof(struct ipv6hdr) + 8)) 868 return 1; 869 870 /* RFC 4884 (partial) support for ICMP extensions */ 871 if (data_len < 128 || (data_len & 7) || skb->len < data_len) 872 data_len = 0; 873 874 skb2 = data_len ? skb_copy(skb, GFP_ATOMIC) : skb_clone(skb, GFP_ATOMIC); 875 876 if (!skb2) 877 return 1; 878 879 skb_dst_drop(skb2); 880 skb_pull(skb2, nhs); 881 skb_reset_network_header(skb2); 882 883 rt = rt6_lookup(dev_net_rcu(skb->dev), &ipv6_hdr(skb2)->saddr, 884 NULL, 0, skb, 0); 885 886 if (rt && rt->dst.dev) 887 skb2->dev = rt->dst.dev; 888 889 ipv6_addr_set_v4mapped(ip_hdr(skb)->saddr, &temp_saddr); 890 891 if (data_len) { 892 /* RFC 4884 (partial) support : 893 * insert 0 padding at the end, before the extensions 894 */ 895 __skb_push(skb2, nhs); 896 skb_reset_network_header(skb2); 897 memmove(skb2->data, skb2->data + nhs, data_len - nhs); 898 memset(skb2->data + data_len - nhs, 0, nhs); 899 /* RFC 4884 4.5 : Length is measured in 64-bit words, 900 * and stored in reserved[0] 901 */ 902 info = (data_len/8) << 24; 903 } 904 if (type == ICMP_TIME_EXCEEDED) 905 icmp6_send(skb2, ICMPV6_TIME_EXCEED, ICMPV6_EXC_HOPLIMIT, 906 info, &temp_saddr, IP6CB(skb2)); 907 else 908 icmp6_send(skb2, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 909 info, &temp_saddr, IP6CB(skb2)); 910 if (rt) 911 ip6_rt_put(rt); 912 913 kfree_skb(skb2); 914 915 return 0; 916} 917EXPORT_SYMBOL(ip6_err_gen_icmpv6_unreach); 918 919static enum skb_drop_reason icmpv6_echo_reply(struct sk_buff *skb) 920{ 921 struct net *net = dev_net_rcu(skb->dev); 922 struct sock *sk; 923 struct inet6_dev *idev; 924 struct ipv6_pinfo *np; 925 const struct in6_addr *saddr = NULL; 926 struct icmp6hdr *icmph = icmp6_hdr(skb); 927 bool apply_ratelimit = false; 928 struct icmp6hdr tmp_hdr; 929 struct flowi6 fl6; 930 struct icmpv6_msg msg; 931 struct dst_entry *dst; 932 struct ipcm6_cookie ipc6; 933 u32 mark = IP6_REPLY_MARK(net, skb->mark); 934 SKB_DR(reason); 935 bool acast; 936 u8 type; 937 938 if (ipv6_addr_is_multicast(&ipv6_hdr(skb)->daddr) && 939 net->ipv6.sysctl.icmpv6_echo_ignore_multicast) 940 return reason; 941 942 saddr = &ipv6_hdr(skb)->daddr; 943 944 acast = ipv6_anycast_destination(skb_dst(skb), saddr); 945 if (acast && net->ipv6.sysctl.icmpv6_echo_ignore_anycast) 946 return reason; 947 948 if (!ipv6_unicast_destination(skb) && 949 !(net->ipv6.sysctl.anycast_src_echo_reply && acast)) 950 saddr = NULL; 951 952 if (icmph->icmp6_type == ICMPV6_EXT_ECHO_REQUEST) 953 type = ICMPV6_EXT_ECHO_REPLY; 954 else 955 type = ICMPV6_ECHO_REPLY; 956 957 memcpy(&tmp_hdr, icmph, sizeof(tmp_hdr)); 958 tmp_hdr.icmp6_type = type; 959 960 memset(&fl6, 0, sizeof(fl6)); 961 if (net->ipv6.sysctl.flowlabel_reflect & FLOWLABEL_REFLECT_ICMPV6_ECHO_REPLIES) 962 fl6.flowlabel = ip6_flowlabel(ipv6_hdr(skb)); 963 964 fl6.flowi6_proto = IPPROTO_ICMPV6; 965 fl6.daddr = ipv6_hdr(skb)->saddr; 966 if (saddr) 967 fl6.saddr = *saddr; 968 fl6.flowi6_oif = ipv6_addr_loopback(&fl6.daddr) ? 969 skb->dev->ifindex : 970 icmp6_iif(skb); 971 fl6.fl6_icmp_type = type; 972 fl6.flowi6_mark = mark; 973 fl6.flowi6_uid = sock_net_uid(net, NULL); 974 security_skb_classify_flow(skb, flowi6_to_flowi_common(&fl6)); 975 976 local_bh_disable(); 977 sk = icmpv6_xmit_lock(net); 978 if (!sk) 979 goto out_bh_enable; 980 np = inet6_sk(sk); 981 982 if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr)) 983 fl6.flowi6_oif = READ_ONCE(np->mcast_oif); 984 else if (!fl6.flowi6_oif) 985 fl6.flowi6_oif = READ_ONCE(np->ucast_oif); 986 987 if (ip6_dst_lookup(net, sk, &dst, &fl6)) 988 goto out; 989 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), sk, 0); 990 if (IS_ERR(dst)) 991 goto out; 992 993 /* Check the ratelimit */ 994 if ((!(skb->dev->flags & IFF_LOOPBACK) && 995 !icmpv6_global_allow(net, ICMPV6_ECHO_REPLY, &apply_ratelimit)) || 996 !icmpv6_xrlim_allow(sk, ICMPV6_ECHO_REPLY, &fl6, apply_ratelimit)) 997 goto out_dst_release; 998 999 idev = __in6_dev_get(skb->dev); 1000 1001 msg.skb = skb; 1002 msg.offset = 0; 1003 msg.type = type; 1004 1005 ipcm6_init_sk(&ipc6, sk); 1006 ipc6.hlimit = ip6_sk_dst_hoplimit(np, &fl6, dst); 1007 ipc6.tclass = ipv6_get_dsfield(ipv6_hdr(skb)); 1008 ipc6.sockc.mark = mark; 1009 1010 if (icmph->icmp6_type == ICMPV6_EXT_ECHO_REQUEST) 1011 if (!icmp_build_probe(skb, (struct icmphdr *)&tmp_hdr)) 1012 goto out_dst_release; 1013 1014 if (ip6_append_data(sk, icmpv6_getfrag, &msg, 1015 skb->len + sizeof(struct icmp6hdr), 1016 sizeof(struct icmp6hdr), &ipc6, &fl6, 1017 dst_rt6_info(dst), MSG_DONTWAIT)) { 1018 __ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTERRORS); 1019 ip6_flush_pending_frames(sk); 1020 } else { 1021 icmpv6_push_pending_frames(sk, &fl6, &tmp_hdr, 1022 skb->len + sizeof(struct icmp6hdr)); 1023 reason = SKB_CONSUMED; 1024 } 1025out_dst_release: 1026 dst_release(dst); 1027out: 1028 icmpv6_xmit_unlock(sk); 1029out_bh_enable: 1030 local_bh_enable(); 1031 return reason; 1032} 1033 1034enum skb_drop_reason icmpv6_notify(struct sk_buff *skb, u8 type, 1035 u8 code, __be32 info) 1036{ 1037 struct inet6_skb_parm *opt = IP6CB(skb); 1038 struct net *net = dev_net_rcu(skb->dev); 1039 const struct inet6_protocol *ipprot; 1040 enum skb_drop_reason reason; 1041 int inner_offset; 1042 __be16 frag_off; 1043 u8 nexthdr; 1044 1045 reason = pskb_may_pull_reason(skb, sizeof(struct ipv6hdr)); 1046 if (reason != SKB_NOT_DROPPED_YET) 1047 goto out; 1048 1049 seg6_icmp_srh(skb, opt); 1050 1051 nexthdr = ((struct ipv6hdr *)skb->data)->nexthdr; 1052 if (ipv6_ext_hdr(nexthdr)) { 1053 /* now skip over extension headers */ 1054 inner_offset = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr), 1055 &nexthdr, &frag_off); 1056 if (inner_offset < 0) { 1057 SKB_DR_SET(reason, IPV6_BAD_EXTHDR); 1058 goto out; 1059 } 1060 } else { 1061 inner_offset = sizeof(struct ipv6hdr); 1062 } 1063 1064 /* Checkin header including 8 bytes of inner protocol header. */ 1065 reason = pskb_may_pull_reason(skb, inner_offset + 8); 1066 if (reason != SKB_NOT_DROPPED_YET) 1067 goto out; 1068 1069 /* BUGGG_FUTURE: we should try to parse exthdrs in this packet. 1070 Without this we will not able f.e. to make source routed 1071 pmtu discovery. 1072 Corresponding argument (opt) to notifiers is already added. 1073 --ANK (980726) 1074 */ 1075 1076 ipprot = rcu_dereference(inet6_protos[nexthdr]); 1077 if (ipprot && ipprot->err_handler) 1078 ipprot->err_handler(skb, opt, type, code, inner_offset, info); 1079 1080 raw6_icmp_error(skb, nexthdr, type, code, inner_offset, info); 1081 return SKB_CONSUMED; 1082 1083out: 1084 __ICMP6_INC_STATS(net, __in6_dev_get(skb->dev), ICMP6_MIB_INERRORS); 1085 return reason; 1086} 1087 1088/* 1089 * Handle icmp messages 1090 */ 1091 1092static int icmpv6_rcv(struct sk_buff *skb) 1093{ 1094 enum skb_drop_reason reason = SKB_DROP_REASON_NOT_SPECIFIED; 1095 struct net *net = dev_net_rcu(skb->dev); 1096 struct net_device *dev = icmp6_dev(skb); 1097 struct inet6_dev *idev = __in6_dev_get(dev); 1098 const struct in6_addr *saddr, *daddr; 1099 struct icmp6hdr *hdr; 1100 u8 type; 1101 1102 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) { 1103 struct sec_path *sp = skb_sec_path(skb); 1104 int nh; 1105 1106 if (!(sp && sp->xvec[sp->len - 1]->props.flags & 1107 XFRM_STATE_ICMP)) { 1108 reason = SKB_DROP_REASON_XFRM_POLICY; 1109 goto drop_no_count; 1110 } 1111 1112 if (!pskb_may_pull(skb, sizeof(*hdr) + sizeof(struct ipv6hdr))) 1113 goto drop_no_count; 1114 1115 nh = skb_network_offset(skb); 1116 skb_set_network_header(skb, sizeof(*hdr)); 1117 1118 if (!xfrm6_policy_check_reverse(NULL, XFRM_POLICY_IN, 1119 skb)) { 1120 reason = SKB_DROP_REASON_XFRM_POLICY; 1121 goto drop_no_count; 1122 } 1123 1124 skb_set_network_header(skb, nh); 1125 } 1126 1127 __ICMP6_INC_STATS(dev_net_rcu(dev), idev, ICMP6_MIB_INMSGS); 1128 1129 saddr = &ipv6_hdr(skb)->saddr; 1130 daddr = &ipv6_hdr(skb)->daddr; 1131 1132 if (skb_checksum_validate(skb, IPPROTO_ICMPV6, ip6_compute_pseudo)) { 1133 net_dbg_ratelimited("ICMPv6 checksum failed [%pI6c > %pI6c]\n", 1134 saddr, daddr); 1135 goto csum_error; 1136 } 1137 1138 if (!pskb_pull(skb, sizeof(*hdr))) 1139 goto discard_it; 1140 1141 hdr = icmp6_hdr(skb); 1142 1143 type = hdr->icmp6_type; 1144 1145 ICMP6MSGIN_INC_STATS(dev_net_rcu(dev), idev, type); 1146 1147 switch (type) { 1148 case ICMPV6_ECHO_REQUEST: 1149 if (!net->ipv6.sysctl.icmpv6_echo_ignore_all) 1150 reason = icmpv6_echo_reply(skb); 1151 break; 1152 case ICMPV6_EXT_ECHO_REQUEST: 1153 if (!net->ipv6.sysctl.icmpv6_echo_ignore_all && 1154 READ_ONCE(net->ipv4.sysctl_icmp_echo_enable_probe)) 1155 reason = icmpv6_echo_reply(skb); 1156 break; 1157 1158 case ICMPV6_ECHO_REPLY: 1159 case ICMPV6_EXT_ECHO_REPLY: 1160 ping_rcv(skb); 1161 return 0; 1162 1163 case ICMPV6_PKT_TOOBIG: 1164 /* BUGGG_FUTURE: if packet contains rthdr, we cannot update 1165 standard destination cache. Seems, only "advanced" 1166 destination cache will allow to solve this problem 1167 --ANK (980726) 1168 */ 1169 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr))) 1170 goto discard_it; 1171 hdr = icmp6_hdr(skb); 1172 1173 /* to notify */ 1174 fallthrough; 1175 case ICMPV6_DEST_UNREACH: 1176 case ICMPV6_TIME_EXCEED: 1177 case ICMPV6_PARAMPROB: 1178 reason = icmpv6_notify(skb, type, hdr->icmp6_code, 1179 hdr->icmp6_mtu); 1180 break; 1181 1182 case NDISC_ROUTER_SOLICITATION: 1183 case NDISC_ROUTER_ADVERTISEMENT: 1184 case NDISC_NEIGHBOUR_SOLICITATION: 1185 case NDISC_NEIGHBOUR_ADVERTISEMENT: 1186 case NDISC_REDIRECT: 1187 reason = ndisc_rcv(skb); 1188 break; 1189 1190 case ICMPV6_MGM_QUERY: 1191 igmp6_event_query(skb); 1192 return 0; 1193 1194 case ICMPV6_MGM_REPORT: 1195 igmp6_event_report(skb); 1196 return 0; 1197 1198 case ICMPV6_MGM_REDUCTION: 1199 case ICMPV6_NI_QUERY: 1200 case ICMPV6_NI_REPLY: 1201 case ICMPV6_MLD2_REPORT: 1202 case ICMPV6_DHAAD_REQUEST: 1203 case ICMPV6_DHAAD_REPLY: 1204 case ICMPV6_MOBILE_PREFIX_SOL: 1205 case ICMPV6_MOBILE_PREFIX_ADV: 1206 break; 1207 1208 default: 1209 /* informational */ 1210 if (type & ICMPV6_INFOMSG_MASK) 1211 break; 1212 1213 net_dbg_ratelimited("icmpv6: msg of unknown type [%pI6c > %pI6c]\n", 1214 saddr, daddr); 1215 1216 /* 1217 * error of unknown type. 1218 * must pass to upper level 1219 */ 1220 1221 reason = icmpv6_notify(skb, type, hdr->icmp6_code, 1222 hdr->icmp6_mtu); 1223 } 1224 1225 /* until the v6 path can be better sorted assume failure and 1226 * preserve the status quo behaviour for the rest of the paths to here 1227 */ 1228 if (reason) 1229 kfree_skb_reason(skb, reason); 1230 else 1231 consume_skb(skb); 1232 1233 return 0; 1234 1235csum_error: 1236 reason = SKB_DROP_REASON_ICMP_CSUM; 1237 __ICMP6_INC_STATS(dev_net_rcu(dev), idev, ICMP6_MIB_CSUMERRORS); 1238discard_it: 1239 __ICMP6_INC_STATS(dev_net_rcu(dev), idev, ICMP6_MIB_INERRORS); 1240drop_no_count: 1241 kfree_skb_reason(skb, reason); 1242 return 0; 1243} 1244 1245void icmpv6_flow_init(const struct sock *sk, struct flowi6 *fl6, u8 type, 1246 const struct in6_addr *saddr, 1247 const struct in6_addr *daddr, int oif) 1248{ 1249 memset(fl6, 0, sizeof(*fl6)); 1250 fl6->saddr = *saddr; 1251 fl6->daddr = *daddr; 1252 fl6->flowi6_proto = IPPROTO_ICMPV6; 1253 fl6->fl6_icmp_type = type; 1254 fl6->fl6_icmp_code = 0; 1255 fl6->flowi6_oif = oif; 1256 security_sk_classify_flow(sk, flowi6_to_flowi_common(fl6)); 1257} 1258 1259int __init icmpv6_init(void) 1260{ 1261 struct sock *sk; 1262 int err, i; 1263 1264 for_each_possible_cpu(i) { 1265 err = inet_ctl_sock_create(&sk, PF_INET6, 1266 SOCK_RAW, IPPROTO_ICMPV6, &init_net); 1267 if (err < 0) { 1268 pr_err("Failed to initialize the ICMP6 control socket (err %d)\n", 1269 err); 1270 return err; 1271 } 1272 1273 per_cpu(ipv6_icmp_sk, i) = sk; 1274 1275 /* Enough space for 2 64K ICMP packets, including 1276 * sk_buff struct overhead. 1277 */ 1278 sk->sk_sndbuf = 2 * SKB_TRUESIZE(64 * 1024); 1279 } 1280 1281 err = -EAGAIN; 1282 if (inet6_add_protocol(&icmpv6_protocol, IPPROTO_ICMPV6) < 0) 1283 goto fail; 1284 1285 err = inet6_register_icmp_sender(icmp6_send); 1286 if (err) 1287 goto sender_reg_err; 1288 return 0; 1289 1290sender_reg_err: 1291 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6); 1292fail: 1293 pr_err("Failed to register ICMP6 protocol\n"); 1294 return err; 1295} 1296 1297void icmpv6_cleanup(void) 1298{ 1299 inet6_unregister_icmp_sender(icmp6_send); 1300 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6); 1301} 1302 1303 1304static const struct icmp6_err { 1305 int err; 1306 int fatal; 1307} tab_unreach[] = { 1308 { /* NOROUTE */ 1309 .err = ENETUNREACH, 1310 .fatal = 0, 1311 }, 1312 { /* ADM_PROHIBITED */ 1313 .err = EACCES, 1314 .fatal = 1, 1315 }, 1316 { /* Was NOT_NEIGHBOUR, now reserved */ 1317 .err = EHOSTUNREACH, 1318 .fatal = 0, 1319 }, 1320 { /* ADDR_UNREACH */ 1321 .err = EHOSTUNREACH, 1322 .fatal = 0, 1323 }, 1324 { /* PORT_UNREACH */ 1325 .err = ECONNREFUSED, 1326 .fatal = 1, 1327 }, 1328 { /* POLICY_FAIL */ 1329 .err = EACCES, 1330 .fatal = 1, 1331 }, 1332 { /* REJECT_ROUTE */ 1333 .err = EACCES, 1334 .fatal = 1, 1335 }, 1336}; 1337 1338int icmpv6_err_convert(u8 type, u8 code, int *err) 1339{ 1340 int fatal = 0; 1341 1342 *err = EPROTO; 1343 1344 switch (type) { 1345 case ICMPV6_DEST_UNREACH: 1346 fatal = 1; 1347 if (code < ARRAY_SIZE(tab_unreach)) { 1348 *err = tab_unreach[code].err; 1349 fatal = tab_unreach[code].fatal; 1350 } 1351 break; 1352 1353 case ICMPV6_PKT_TOOBIG: 1354 *err = EMSGSIZE; 1355 break; 1356 1357 case ICMPV6_PARAMPROB: 1358 *err = EPROTO; 1359 fatal = 1; 1360 break; 1361 1362 case ICMPV6_TIME_EXCEED: 1363 *err = EHOSTUNREACH; 1364 break; 1365 } 1366 1367 return fatal; 1368} 1369EXPORT_SYMBOL(icmpv6_err_convert); 1370 1371#ifdef CONFIG_SYSCTL 1372 1373static u32 icmpv6_errors_extension_mask_all = 1374 GENMASK_U8(ICMP_ERR_EXT_COUNT - 1, 0); 1375 1376static struct ctl_table ipv6_icmp_table_template[] = { 1377 { 1378 .procname = "ratelimit", 1379 .data = &init_net.ipv6.sysctl.icmpv6_time, 1380 .maxlen = sizeof(int), 1381 .mode = 0644, 1382 .proc_handler = proc_dointvec_ms_jiffies, 1383 }, 1384 { 1385 .procname = "echo_ignore_all", 1386 .data = &init_net.ipv6.sysctl.icmpv6_echo_ignore_all, 1387 .maxlen = sizeof(u8), 1388 .mode = 0644, 1389 .proc_handler = proc_dou8vec_minmax, 1390 }, 1391 { 1392 .procname = "echo_ignore_multicast", 1393 .data = &init_net.ipv6.sysctl.icmpv6_echo_ignore_multicast, 1394 .maxlen = sizeof(u8), 1395 .mode = 0644, 1396 .proc_handler = proc_dou8vec_minmax, 1397 }, 1398 { 1399 .procname = "echo_ignore_anycast", 1400 .data = &init_net.ipv6.sysctl.icmpv6_echo_ignore_anycast, 1401 .maxlen = sizeof(u8), 1402 .mode = 0644, 1403 .proc_handler = proc_dou8vec_minmax, 1404 }, 1405 { 1406 .procname = "ratemask", 1407 .data = &init_net.ipv6.sysctl.icmpv6_ratemask_ptr, 1408 .maxlen = ICMPV6_MSG_MAX + 1, 1409 .mode = 0644, 1410 .proc_handler = proc_do_large_bitmap, 1411 }, 1412 { 1413 .procname = "error_anycast_as_unicast", 1414 .data = &init_net.ipv6.sysctl.icmpv6_error_anycast_as_unicast, 1415 .maxlen = sizeof(u8), 1416 .mode = 0644, 1417 .proc_handler = proc_dou8vec_minmax, 1418 .extra1 = SYSCTL_ZERO, 1419 .extra2 = SYSCTL_ONE, 1420 }, 1421 { 1422 .procname = "errors_extension_mask", 1423 .data = &init_net.ipv6.sysctl.icmpv6_errors_extension_mask, 1424 .maxlen = sizeof(u8), 1425 .mode = 0644, 1426 .proc_handler = proc_dou8vec_minmax, 1427 .extra1 = SYSCTL_ZERO, 1428 .extra2 = &icmpv6_errors_extension_mask_all, 1429 }, 1430}; 1431 1432struct ctl_table * __net_init ipv6_icmp_sysctl_init(struct net *net) 1433{ 1434 struct ctl_table *table; 1435 1436 table = kmemdup(ipv6_icmp_table_template, 1437 sizeof(ipv6_icmp_table_template), 1438 GFP_KERNEL); 1439 1440 if (table) { 1441 table[0].data = &net->ipv6.sysctl.icmpv6_time; 1442 table[1].data = &net->ipv6.sysctl.icmpv6_echo_ignore_all; 1443 table[2].data = &net->ipv6.sysctl.icmpv6_echo_ignore_multicast; 1444 table[3].data = &net->ipv6.sysctl.icmpv6_echo_ignore_anycast; 1445 table[4].data = &net->ipv6.sysctl.icmpv6_ratemask_ptr; 1446 table[5].data = &net->ipv6.sysctl.icmpv6_error_anycast_as_unicast; 1447 table[6].data = &net->ipv6.sysctl.icmpv6_errors_extension_mask; 1448 } 1449 return table; 1450} 1451 1452size_t ipv6_icmp_sysctl_table_size(void) 1453{ 1454 return ARRAY_SIZE(ipv6_icmp_table_template); 1455} 1456#endif