diff options
| author | David S. Miller <davem@davemloft.net> | 2012-07-12 02:43:53 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2012-07-12 02:43:53 -0400 |
| commit | e8599ff4b1d6b0d61e1074ae4ba9fca8dd0c41d0 (patch) | |
| tree | c3e4a138fce1f57b8d4e4361be87eff85a14eef7 | |
| parent | 30f2a5f379d0b4b4e733df138a49e054ebf75ff8 (diff) | |
ipv6: Move bulk of redirect handling into rt6_redirect().
This sets things up so that we can have the protocol error handlers
call down into the ipv6 route code for redirects just as ipv4 already
does.
Signed-off-by: David S. Miller <davem@davemloft.net>
| -rw-r--r-- | include/net/ip6_route.h | 7 | ||||
| -rw-r--r-- | net/ipv6/ndisc.c | 72 | ||||
| -rw-r--r-- | net/ipv6/route.c | 75 |
3 files changed, 72 insertions, 82 deletions
diff --git a/include/net/ip6_route.h b/include/net/ip6_route.h index 58cb3fc3487..5cedbd7688c 100644 --- a/include/net/ip6_route.h +++ b/include/net/ip6_route.h | |||
| @@ -133,12 +133,7 @@ extern int rt6_route_rcv(struct net_device *dev, | |||
| 133 | u8 *opt, int len, | 133 | u8 *opt, int len, |
| 134 | const struct in6_addr *gwaddr); | 134 | const struct in6_addr *gwaddr); |
| 135 | 135 | ||
| 136 | extern void rt6_redirect(const struct in6_addr *dest, | 136 | extern void rt6_redirect(struct sk_buff *skb); |
| 137 | const struct in6_addr *src, | ||
| 138 | const struct in6_addr *saddr, | ||
| 139 | struct neighbour *neigh, | ||
| 140 | u8 *lladdr, | ||
| 141 | int on_link); | ||
| 142 | 137 | ||
| 143 | extern void ip6_update_pmtu(struct sk_buff *skb, struct net *net, __be32 mtu, | 138 | extern void ip6_update_pmtu(struct sk_buff *skb, struct net *net, __be32 mtu, |
| 144 | int oif, u32 mark); | 139 | int oif, u32 mark); |
diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c index a3189baa9f4..b8d53e186a7 100644 --- a/net/ipv6/ndisc.c +++ b/net/ipv6/ndisc.c | |||
| @@ -143,8 +143,6 @@ struct neigh_table nd_tbl = { | |||
| 143 | .gc_thresh3 = 1024, | 143 | .gc_thresh3 = 1024, |
| 144 | }; | 144 | }; |
| 145 | 145 | ||
| 146 | #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7) | ||
| 147 | |||
| 148 | static inline int ndisc_opt_addr_space(struct net_device *dev) | 146 | static inline int ndisc_opt_addr_space(struct net_device *dev) |
| 149 | { | 147 | { |
| 150 | return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type)); | 148 | return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type)); |
| @@ -1336,16 +1334,6 @@ out: | |||
| 1336 | 1334 | ||
| 1337 | static void ndisc_redirect_rcv(struct sk_buff *skb) | 1335 | static void ndisc_redirect_rcv(struct sk_buff *skb) |
| 1338 | { | 1336 | { |
| 1339 | struct inet6_dev *in6_dev; | ||
| 1340 | struct icmp6hdr *icmph; | ||
| 1341 | const struct in6_addr *dest; | ||
| 1342 | const struct in6_addr *target; /* new first hop to destination */ | ||
| 1343 | struct neighbour *neigh; | ||
| 1344 | int on_link = 0; | ||
| 1345 | struct ndisc_options ndopts; | ||
| 1346 | int optlen; | ||
| 1347 | u8 *lladdr = NULL; | ||
| 1348 | |||
| 1349 | #ifdef CONFIG_IPV6_NDISC_NODETYPE | 1337 | #ifdef CONFIG_IPV6_NDISC_NODETYPE |
| 1350 | switch (skb->ndisc_nodetype) { | 1338 | switch (skb->ndisc_nodetype) { |
| 1351 | case NDISC_NODETYPE_HOST: | 1339 | case NDISC_NODETYPE_HOST: |
| @@ -1362,65 +1350,7 @@ static void ndisc_redirect_rcv(struct sk_buff *skb) | |||
| 1362 | return; | 1350 | return; |
| 1363 | } | 1351 | } |
| 1364 | 1352 | ||
| 1365 | optlen = skb->tail - skb->transport_header; | 1353 | rt6_redirect(skb); |
| 1366 | optlen -= sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr); | ||
| 1367 | |||
| 1368 | if (optlen < 0) { | ||
| 1369 | ND_PRINTK(2, warn, "Redirect: packet too short\n"); | ||
| 1370 | return; | ||
| 1371 | } | ||
| 1372 | |||
| 1373 | icmph = icmp6_hdr(skb); | ||
| 1374 | target = (const struct in6_addr *) (icmph + 1); | ||
| 1375 | dest = target + 1; | ||
| 1376 | |||
| 1377 | if (ipv6_addr_is_multicast(dest)) { | ||
| 1378 | ND_PRINTK(2, warn, | ||
| 1379 | "Redirect: destination address is multicast\n"); | ||
| 1380 | return; | ||
| 1381 | } | ||
| 1382 | |||
| 1383 | if (ipv6_addr_equal(dest, target)) { | ||
| 1384 | on_link = 1; | ||
| 1385 | } else if (ipv6_addr_type(target) != | ||
| 1386 | (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) { | ||
| 1387 | ND_PRINTK(2, warn, | ||
| 1388 | "Redirect: target address is not link-local unicast\n"); | ||
| 1389 | return; | ||
| 1390 | } | ||
| 1391 | |||
| 1392 | in6_dev = __in6_dev_get(skb->dev); | ||
| 1393 | if (!in6_dev) | ||
| 1394 | return; | ||
| 1395 | if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) | ||
| 1396 | return; | ||
| 1397 | |||
| 1398 | /* RFC2461 8.1: | ||
| 1399 | * The IP source address of the Redirect MUST be the same as the current | ||
| 1400 | * first-hop router for the specified ICMP Destination Address. | ||
| 1401 | */ | ||
| 1402 | |||
| 1403 | if (!ndisc_parse_options((u8*)(dest + 1), optlen, &ndopts)) { | ||
| 1404 | ND_PRINTK(2, warn, "Redirect: invalid ND options\n"); | ||
| 1405 | return; | ||
| 1406 | } | ||
| 1407 | if (ndopts.nd_opts_tgt_lladdr) { | ||
| 1408 | lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, | ||
| 1409 | skb->dev); | ||
| 1410 | if (!lladdr) { | ||
| 1411 | ND_PRINTK(2, warn, | ||
| 1412 | "Redirect: invalid link-layer address length\n"); | ||
| 1413 | return; | ||
| 1414 | } | ||
| 1415 | } | ||
| 1416 | |||
| 1417 | neigh = __neigh_lookup(&nd_tbl, target, skb->dev, 1); | ||
| 1418 | if (neigh) { | ||
| 1419 | rt6_redirect(dest, &ipv6_hdr(skb)->daddr, | ||
| 1420 | &ipv6_hdr(skb)->saddr, neigh, lladdr, | ||
| 1421 | on_link); | ||
| 1422 | neigh_release(neigh); | ||
| 1423 | } | ||
| 1424 | } | 1354 | } |
| 1425 | 1355 | ||
| 1426 | void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target) | 1356 | void ndisc_send_redirect(struct sk_buff *skb, const struct in6_addr *target) |
diff --git a/net/ipv6/route.c b/net/ipv6/route.c index 563f12c1c99..73cf3f78aaa 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c | |||
| @@ -1690,14 +1690,78 @@ static struct rt6_info *ip6_route_redirect(const struct in6_addr *dest, | |||
| 1690 | flags, __ip6_route_redirect); | 1690 | flags, __ip6_route_redirect); |
| 1691 | } | 1691 | } |
| 1692 | 1692 | ||
| 1693 | void rt6_redirect(const struct in6_addr *dest, const struct in6_addr *src, | 1693 | void rt6_redirect(struct sk_buff *skb) |
| 1694 | const struct in6_addr *saddr, | ||
| 1695 | struct neighbour *neigh, u8 *lladdr, int on_link) | ||
| 1696 | { | 1694 | { |
| 1697 | struct rt6_info *rt, *nrt = NULL; | 1695 | struct net *net = dev_net(skb->dev); |
| 1698 | struct netevent_redirect netevent; | 1696 | struct netevent_redirect netevent; |
| 1699 | struct net *net = dev_net(neigh->dev); | 1697 | struct rt6_info *rt, *nrt = NULL; |
| 1698 | const struct in6_addr *target; | ||
| 1700 | struct neighbour *old_neigh; | 1699 | struct neighbour *old_neigh; |
| 1700 | const struct in6_addr *dest; | ||
| 1701 | const struct in6_addr *src; | ||
| 1702 | const struct in6_addr *saddr; | ||
| 1703 | struct ndisc_options ndopts; | ||
| 1704 | struct inet6_dev *in6_dev; | ||
| 1705 | struct neighbour *neigh; | ||
| 1706 | struct icmp6hdr *icmph; | ||
| 1707 | int on_link, optlen; | ||
| 1708 | u8 *lladdr = NULL; | ||
| 1709 | |||
| 1710 | optlen = skb->tail - skb->transport_header; | ||
| 1711 | optlen -= sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr); | ||
| 1712 | |||
| 1713 | if (optlen < 0) { | ||
| 1714 | net_dbg_ratelimited("rt6_redirect: packet too short\n"); | ||
| 1715 | return; | ||
| 1716 | } | ||
| 1717 | |||
| 1718 | icmph = icmp6_hdr(skb); | ||
| 1719 | target = (const struct in6_addr *) (icmph + 1); | ||
| 1720 | dest = target + 1; | ||
| 1721 | |||
| 1722 | if (ipv6_addr_is_multicast(dest)) { | ||
| 1723 | net_dbg_ratelimited("rt6_redirect: destination address is multicast\n"); | ||
| 1724 | return; | ||
| 1725 | } | ||
| 1726 | |||
| 1727 | if (ipv6_addr_equal(dest, target)) { | ||
| 1728 | on_link = 1; | ||
| 1729 | } else if (ipv6_addr_type(target) != | ||
| 1730 | (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) { | ||
| 1731 | net_dbg_ratelimited("rt6_redirect: target address is not link-local unicast\n"); | ||
| 1732 | return; | ||
| 1733 | } | ||
| 1734 | |||
| 1735 | in6_dev = __in6_dev_get(skb->dev); | ||
| 1736 | if (!in6_dev) | ||
| 1737 | return; | ||
| 1738 | if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) | ||
| 1739 | return; | ||
| 1740 | |||
| 1741 | /* RFC2461 8.1: | ||
| 1742 | * The IP source address of the Redirect MUST be the same as the current | ||
| 1743 | * first-hop router for the specified ICMP Destination Address. | ||
| 1744 | */ | ||
| 1745 | |||
| 1746 | if (!ndisc_parse_options((u8*)(dest + 1), optlen, &ndopts)) { | ||
| 1747 | net_dbg_ratelimited("rt6_redirect: invalid ND options\n"); | ||
| 1748 | return; | ||
| 1749 | } | ||
| 1750 | if (ndopts.nd_opts_tgt_lladdr) { | ||
| 1751 | lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, | ||
| 1752 | skb->dev); | ||
| 1753 | if (!lladdr) { | ||
| 1754 | net_dbg_ratelimited("rt6_redirect: invalid link-layer address length\n"); | ||
| 1755 | return; | ||
| 1756 | } | ||
| 1757 | } | ||
| 1758 | |||
| 1759 | neigh = __neigh_lookup(&nd_tbl, target, skb->dev, 1); | ||
| 1760 | if (!neigh) | ||
| 1761 | return; | ||
| 1762 | |||
| 1763 | src = &ipv6_hdr(skb)->daddr; | ||
| 1764 | saddr = &ipv6_hdr(skb)->saddr; | ||
| 1701 | 1765 | ||
| 1702 | rt = ip6_route_redirect(dest, src, saddr, neigh->dev); | 1766 | rt = ip6_route_redirect(dest, src, saddr, neigh->dev); |
| 1703 | 1767 | ||
| @@ -1756,6 +1820,7 @@ void rt6_redirect(const struct in6_addr *dest, const struct in6_addr *src, | |||
| 1756 | } | 1820 | } |
| 1757 | 1821 | ||
| 1758 | out: | 1822 | out: |
| 1823 | neigh_release(neigh); | ||
| 1759 | dst_release(&rt->dst); | 1824 | dst_release(&rt->dst); |
| 1760 | } | 1825 | } |
| 1761 | 1826 | ||