1 | /* SPDX-License-Identifier: GPL-2.0-or-later */ |
2 | /* |
3 | * Linux INET6 implementation |
4 | * |
5 | * Authors: |
6 | * Pedro Roque <roque@di.fc.ul.pt> |
7 | */ |
8 | |
9 | #ifndef _NET_IPV6_H |
10 | #define _NET_IPV6_H |
11 | |
12 | #include <linux/ipv6.h> |
13 | #include <linux/hardirq.h> |
14 | #include <linux/jhash.h> |
15 | #include <linux/refcount.h> |
16 | #include <linux/jump_label_ratelimit.h> |
17 | #include <net/if_inet6.h> |
18 | #include <net/flow.h> |
19 | #include <net/flow_dissector.h> |
20 | #include <net/inet_dscp.h> |
21 | #include <net/snmp.h> |
22 | #include <net/netns/hash.h> |
23 | |
24 | struct ip_tunnel_info; |
25 | |
26 | #define SIN6_LEN_RFC2133 24 |
27 | |
28 | #define IPV6_MAXPLEN 65535 |
29 | |
30 | /* |
31 | * NextHeader field of IPv6 header |
32 | */ |
33 | |
34 | #define NEXTHDR_HOP 0 /* Hop-by-hop option header. */ |
35 | #define NEXTHDR_IPV4 4 /* IPv4 in IPv6 */ |
36 | #define NEXTHDR_TCP 6 /* TCP segment. */ |
37 | #define NEXTHDR_UDP 17 /* UDP message. */ |
38 | #define NEXTHDR_IPV6 41 /* IPv6 in IPv6 */ |
39 | #define NEXTHDR_ROUTING 43 /* Routing header. */ |
40 | #define NEXTHDR_FRAGMENT 44 /* Fragmentation/reassembly header. */ |
41 | #define NEXTHDR_GRE 47 /* GRE header. */ |
42 | #define NEXTHDR_ESP 50 /* Encapsulating security payload. */ |
43 | #define NEXTHDR_AUTH 51 /* Authentication header. */ |
44 | #define NEXTHDR_ICMP 58 /* ICMP for IPv6. */ |
45 | #define NEXTHDR_NONE 59 /* No next header */ |
46 | #define NEXTHDR_DEST 60 /* Destination options header. */ |
47 | #define NEXTHDR_SCTP 132 /* SCTP message. */ |
48 | #define NEXTHDR_MOBILITY 135 /* Mobility header. */ |
49 | |
50 | #define NEXTHDR_MAX 255 |
51 | |
52 | #define IPV6_DEFAULT_HOPLIMIT 64 |
53 | #define IPV6_DEFAULT_MCASTHOPS 1 |
54 | |
55 | /* Limits on Hop-by-Hop and Destination options. |
56 | * |
57 | * Per RFC8200 there is no limit on the maximum number or lengths of options in |
58 | * Hop-by-Hop or Destination options other then the packet must fit in an MTU. |
59 | * We allow configurable limits in order to mitigate potential denial of |
60 | * service attacks. |
61 | * |
62 | * There are three limits that may be set: |
63 | * - Limit the number of options in a Hop-by-Hop or Destination options |
64 | * extension header |
65 | * - Limit the byte length of a Hop-by-Hop or Destination options extension |
66 | * header |
67 | * - Disallow unknown options |
68 | * |
69 | * The limits are expressed in corresponding sysctls: |
70 | * |
71 | * ipv6.sysctl.max_dst_opts_cnt |
72 | * ipv6.sysctl.max_hbh_opts_cnt |
73 | * ipv6.sysctl.max_dst_opts_len |
74 | * ipv6.sysctl.max_hbh_opts_len |
75 | * |
76 | * max_*_opts_cnt is the number of TLVs that are allowed for Destination |
77 | * options or Hop-by-Hop options. If the number is less than zero then unknown |
78 | * TLVs are disallowed and the number of known options that are allowed is the |
79 | * absolute value. Setting the value to INT_MAX indicates no limit. |
80 | * |
81 | * max_*_opts_len is the length limit in bytes of a Destination or |
82 | * Hop-by-Hop options extension header. Setting the value to INT_MAX |
83 | * indicates no length limit. |
84 | * |
85 | * If a limit is exceeded when processing an extension header the packet is |
86 | * silently discarded. |
87 | */ |
88 | |
89 | /* Default limits for Hop-by-Hop and Destination options */ |
90 | #define IP6_DEFAULT_MAX_DST_OPTS_CNT 8 |
91 | #define IP6_DEFAULT_MAX_HBH_OPTS_CNT 8 |
92 | #define IP6_DEFAULT_MAX_DST_OPTS_LEN INT_MAX /* No limit */ |
93 | #define IP6_DEFAULT_MAX_HBH_OPTS_LEN INT_MAX /* No limit */ |
94 | |
95 | /* |
96 | * Addr type |
97 | * |
98 | * type - unicast | multicast |
99 | * scope - local | site | global |
100 | * v4 - compat |
101 | * v4mapped |
102 | * any |
103 | * loopback |
104 | */ |
105 | |
106 | #define IPV6_ADDR_ANY 0x0000U |
107 | |
108 | #define IPV6_ADDR_UNICAST 0x0001U |
109 | #define IPV6_ADDR_MULTICAST 0x0002U |
110 | |
111 | #define IPV6_ADDR_LOOPBACK 0x0010U |
112 | #define IPV6_ADDR_LINKLOCAL 0x0020U |
113 | #define IPV6_ADDR_SITELOCAL 0x0040U |
114 | |
115 | #define IPV6_ADDR_COMPATv4 0x0080U |
116 | |
117 | #define IPV6_ADDR_SCOPE_MASK 0x00f0U |
118 | |
119 | #define IPV6_ADDR_MAPPED 0x1000U |
120 | |
121 | /* |
122 | * Addr scopes |
123 | */ |
124 | #define IPV6_ADDR_MC_SCOPE(a) \ |
125 | ((a)->s6_addr[1] & 0x0f) /* nonstandard */ |
126 | #define __IPV6_ADDR_SCOPE_INVALID -1 |
127 | #define IPV6_ADDR_SCOPE_NODELOCAL 0x01 |
128 | #define IPV6_ADDR_SCOPE_LINKLOCAL 0x02 |
129 | #define IPV6_ADDR_SCOPE_SITELOCAL 0x05 |
130 | #define IPV6_ADDR_SCOPE_ORGLOCAL 0x08 |
131 | #define IPV6_ADDR_SCOPE_GLOBAL 0x0e |
132 | |
133 | /* |
134 | * Addr flags |
135 | */ |
136 | #define IPV6_ADDR_MC_FLAG_TRANSIENT(a) \ |
137 | ((a)->s6_addr[1] & 0x10) |
138 | #define IPV6_ADDR_MC_FLAG_PREFIX(a) \ |
139 | ((a)->s6_addr[1] & 0x20) |
140 | #define IPV6_ADDR_MC_FLAG_RENDEZVOUS(a) \ |
141 | ((a)->s6_addr[1] & 0x40) |
142 | |
143 | /* |
144 | * fragmentation header |
145 | */ |
146 | |
147 | struct frag_hdr { |
148 | __u8 nexthdr; |
149 | __u8 reserved; |
150 | __be16 frag_off; |
151 | __be32 identification; |
152 | }; |
153 | |
154 | /* |
155 | * Jumbo payload option, as described in RFC 2675 2. |
156 | */ |
157 | struct hop_jumbo_hdr { |
158 | u8 nexthdr; |
159 | u8 hdrlen; |
160 | u8 tlv_type; /* IPV6_TLV_JUMBO, 0xC2 */ |
161 | u8 tlv_len; /* 4 */ |
162 | __be32 jumbo_payload_len; |
163 | }; |
164 | |
165 | #define IP6_MF 0x0001 |
166 | #define IP6_OFFSET 0xFFF8 |
167 | |
168 | struct ip6_fraglist_iter { |
169 | struct ipv6hdr *tmp_hdr; |
170 | struct sk_buff *frag; |
171 | int offset; |
172 | unsigned int hlen; |
173 | __be32 frag_id; |
174 | u8 nexthdr; |
175 | }; |
176 | |
177 | int ip6_fraglist_init(struct sk_buff *skb, unsigned int hlen, u8 *prevhdr, |
178 | u8 nexthdr, __be32 frag_id, |
179 | struct ip6_fraglist_iter *iter); |
180 | void ip6_fraglist_prepare(struct sk_buff *skb, struct ip6_fraglist_iter *iter); |
181 | |
182 | static inline struct sk_buff *ip6_fraglist_next(struct ip6_fraglist_iter *iter) |
183 | { |
184 | struct sk_buff *skb = iter->frag; |
185 | |
186 | iter->frag = skb->next; |
187 | skb_mark_not_on_list(skb); |
188 | |
189 | return skb; |
190 | } |
191 | |
192 | struct ip6_frag_state { |
193 | u8 *prevhdr; |
194 | unsigned int hlen; |
195 | unsigned int mtu; |
196 | unsigned int left; |
197 | int offset; |
198 | int ptr; |
199 | int hroom; |
200 | int troom; |
201 | __be32 frag_id; |
202 | u8 nexthdr; |
203 | }; |
204 | |
205 | void ip6_frag_init(struct sk_buff *skb, unsigned int hlen, unsigned int mtu, |
206 | unsigned short needed_tailroom, int hdr_room, u8 *prevhdr, |
207 | u8 nexthdr, __be32 frag_id, struct ip6_frag_state *state); |
208 | struct sk_buff *ip6_frag_next(struct sk_buff *skb, |
209 | struct ip6_frag_state *state); |
210 | |
211 | #define IP6_REPLY_MARK(net, mark) \ |
212 | ((net)->ipv6.sysctl.fwmark_reflect ? (mark) : 0) |
213 | |
214 | #include <net/sock.h> |
215 | |
216 | /* sysctls */ |
217 | extern int sysctl_mld_max_msf; |
218 | extern int sysctl_mld_qrv; |
219 | |
220 | #define _DEVINC(net, statname, mod, idev, field) \ |
221 | ({ \ |
222 | struct inet6_dev *_idev = (idev); \ |
223 | if (likely(_idev != NULL)) \ |
224 | mod##SNMP_INC_STATS64((_idev)->stats.statname, (field));\ |
225 | mod##SNMP_INC_STATS64((net)->mib.statname##_statistics, (field));\ |
226 | }) |
227 | |
228 | /* per device counters are atomic_long_t */ |
229 | #define _DEVINCATOMIC(net, statname, mod, idev, field) \ |
230 | ({ \ |
231 | struct inet6_dev *_idev = (idev); \ |
232 | if (likely(_idev != NULL)) \ |
233 | SNMP_INC_STATS_ATOMIC_LONG((_idev)->stats.statname##dev, (field)); \ |
234 | mod##SNMP_INC_STATS((net)->mib.statname##_statistics, (field));\ |
235 | }) |
236 | |
237 | /* per device and per net counters are atomic_long_t */ |
238 | #define _DEVINC_ATOMIC_ATOMIC(net, statname, idev, field) \ |
239 | ({ \ |
240 | struct inet6_dev *_idev = (idev); \ |
241 | if (likely(_idev != NULL)) \ |
242 | SNMP_INC_STATS_ATOMIC_LONG((_idev)->stats.statname##dev, (field)); \ |
243 | SNMP_INC_STATS_ATOMIC_LONG((net)->mib.statname##_statistics, (field));\ |
244 | }) |
245 | |
246 | #define _DEVADD(net, statname, mod, idev, field, val) \ |
247 | ({ \ |
248 | struct inet6_dev *_idev = (idev); \ |
249 | if (likely(_idev != NULL)) \ |
250 | mod##SNMP_ADD_STATS((_idev)->stats.statname, (field), (val)); \ |
251 | mod##SNMP_ADD_STATS((net)->mib.statname##_statistics, (field), (val));\ |
252 | }) |
253 | |
254 | #define _DEVUPD(net, statname, mod, idev, field, val) \ |
255 | ({ \ |
256 | struct inet6_dev *_idev = (idev); \ |
257 | if (likely(_idev != NULL)) \ |
258 | mod##SNMP_UPD_PO_STATS((_idev)->stats.statname, field, (val)); \ |
259 | mod##SNMP_UPD_PO_STATS((net)->mib.statname##_statistics, field, (val));\ |
260 | }) |
261 | |
262 | /* MIBs */ |
263 | |
264 | #define IP6_INC_STATS(net, idev,field) \ |
265 | _DEVINC(net, ipv6, , idev, field) |
266 | #define __IP6_INC_STATS(net, idev,field) \ |
267 | _DEVINC(net, ipv6, __, idev, field) |
268 | #define IP6_ADD_STATS(net, idev,field,val) \ |
269 | _DEVADD(net, ipv6, , idev, field, val) |
270 | #define __IP6_ADD_STATS(net, idev,field,val) \ |
271 | _DEVADD(net, ipv6, __, idev, field, val) |
272 | #define IP6_UPD_PO_STATS(net, idev,field,val) \ |
273 | _DEVUPD(net, ipv6, , idev, field, val) |
274 | #define __IP6_UPD_PO_STATS(net, idev,field,val) \ |
275 | _DEVUPD(net, ipv6, __, idev, field, val) |
276 | #define ICMP6_INC_STATS(net, idev, field) \ |
277 | _DEVINCATOMIC(net, icmpv6, , idev, field) |
278 | #define __ICMP6_INC_STATS(net, idev, field) \ |
279 | _DEVINCATOMIC(net, icmpv6, __, idev, field) |
280 | |
281 | #define ICMP6MSGOUT_INC_STATS(net, idev, field) \ |
282 | _DEVINC_ATOMIC_ATOMIC(net, icmpv6msg, idev, field +256) |
283 | #define ICMP6MSGIN_INC_STATS(net, idev, field) \ |
284 | _DEVINC_ATOMIC_ATOMIC(net, icmpv6msg, idev, field) |
285 | |
286 | struct ip6_ra_chain { |
287 | struct ip6_ra_chain *next; |
288 | struct sock *sk; |
289 | int sel; |
290 | void (*destructor)(struct sock *); |
291 | }; |
292 | |
293 | extern struct ip6_ra_chain *ip6_ra_chain; |
294 | extern rwlock_t ip6_ra_lock; |
295 | |
296 | /* |
297 | This structure is prepared by protocol, when parsing |
298 | ancillary data and passed to IPv6. |
299 | */ |
300 | |
301 | struct ipv6_txoptions { |
302 | refcount_t refcnt; |
303 | /* Length of this structure */ |
304 | int tot_len; |
305 | |
306 | /* length of extension headers */ |
307 | |
308 | __u16 opt_flen; /* after fragment hdr */ |
309 | __u16 opt_nflen; /* before fragment hdr */ |
310 | |
311 | struct ipv6_opt_hdr *hopopt; |
312 | struct ipv6_opt_hdr *dst0opt; |
313 | struct ipv6_rt_hdr *srcrt; /* Routing Header */ |
314 | struct ipv6_opt_hdr *dst1opt; |
315 | struct rcu_head rcu; |
316 | /* Option buffer, as read by IPV6_PKTOPTIONS, starts here. */ |
317 | }; |
318 | |
319 | /* flowlabel_reflect sysctl values */ |
320 | enum flowlabel_reflect { |
321 | FLOWLABEL_REFLECT_ESTABLISHED = 1, |
322 | FLOWLABEL_REFLECT_TCP_RESET = 2, |
323 | FLOWLABEL_REFLECT_ICMPV6_ECHO_REPLIES = 4, |
324 | }; |
325 | |
326 | struct ip6_flowlabel { |
327 | struct ip6_flowlabel __rcu *next; |
328 | __be32 label; |
329 | atomic_t users; |
330 | struct in6_addr dst; |
331 | struct ipv6_txoptions *opt; |
332 | unsigned long linger; |
333 | struct rcu_head rcu; |
334 | u8 share; |
335 | union { |
336 | struct pid *pid; |
337 | kuid_t uid; |
338 | } owner; |
339 | unsigned long lastuse; |
340 | unsigned long expires; |
341 | struct net *fl_net; |
342 | }; |
343 | |
344 | #define IPV6_FLOWINFO_MASK cpu_to_be32(0x0FFFFFFF) |
345 | #define IPV6_FLOWLABEL_MASK cpu_to_be32(0x000FFFFF) |
346 | #define IPV6_FLOWLABEL_STATELESS_FLAG cpu_to_be32(0x00080000) |
347 | |
348 | #define IPV6_TCLASS_MASK (IPV6_FLOWINFO_MASK & ~IPV6_FLOWLABEL_MASK) |
349 | #define IPV6_TCLASS_SHIFT 20 |
350 | |
351 | struct ipv6_fl_socklist { |
352 | struct ipv6_fl_socklist __rcu *next; |
353 | struct ip6_flowlabel *fl; |
354 | struct rcu_head rcu; |
355 | }; |
356 | |
357 | struct ipcm6_cookie { |
358 | struct sockcm_cookie sockc; |
359 | __s16 hlimit; |
360 | __s16 tclass; |
361 | __u16 gso_size; |
362 | __s8 dontfrag; |
363 | struct ipv6_txoptions *opt; |
364 | }; |
365 | |
366 | static inline void ipcm6_init(struct ipcm6_cookie *ipc6) |
367 | { |
368 | *ipc6 = (struct ipcm6_cookie) { |
369 | .hlimit = -1, |
370 | .tclass = -1, |
371 | .dontfrag = -1, |
372 | }; |
373 | } |
374 | |
375 | static inline void ipcm6_init_sk(struct ipcm6_cookie *ipc6, |
376 | const struct sock *sk) |
377 | { |
378 | *ipc6 = (struct ipcm6_cookie) { |
379 | .hlimit = -1, |
380 | .tclass = inet6_sk(sk: sk)->tclass, |
381 | .dontfrag = inet6_test_bit(DONTFRAG, sk), |
382 | }; |
383 | } |
384 | |
385 | static inline struct ipv6_txoptions *txopt_get(const struct ipv6_pinfo *np) |
386 | { |
387 | struct ipv6_txoptions *opt; |
388 | |
389 | rcu_read_lock(); |
390 | opt = rcu_dereference(np->opt); |
391 | if (opt) { |
392 | if (!refcount_inc_not_zero(r: &opt->refcnt)) |
393 | opt = NULL; |
394 | else |
395 | opt = rcu_pointer_handoff(opt); |
396 | } |
397 | rcu_read_unlock(); |
398 | return opt; |
399 | } |
400 | |
401 | static inline void txopt_put(struct ipv6_txoptions *opt) |
402 | { |
403 | if (opt && refcount_dec_and_test(r: &opt->refcnt)) |
404 | kfree_rcu(opt, rcu); |
405 | } |
406 | |
407 | #if IS_ENABLED(CONFIG_IPV6) |
408 | struct ip6_flowlabel *__fl6_sock_lookup(struct sock *sk, __be32 label); |
409 | |
410 | extern struct static_key_false_deferred ipv6_flowlabel_exclusive; |
411 | static inline struct ip6_flowlabel *fl6_sock_lookup(struct sock *sk, |
412 | __be32 label) |
413 | { |
414 | if (static_branch_unlikely(&ipv6_flowlabel_exclusive.key) && |
415 | READ_ONCE(sock_net(sk)->ipv6.flowlabel_has_excl)) |
416 | return __fl6_sock_lookup(sk, label) ? : ERR_PTR(error: -ENOENT); |
417 | |
418 | return NULL; |
419 | } |
420 | #endif |
421 | |
422 | struct ipv6_txoptions *fl6_merge_options(struct ipv6_txoptions *opt_space, |
423 | struct ip6_flowlabel *fl, |
424 | struct ipv6_txoptions *fopt); |
425 | void fl6_free_socklist(struct sock *sk); |
426 | int ipv6_flowlabel_opt(struct sock *sk, sockptr_t optval, int optlen); |
427 | int ipv6_flowlabel_opt_get(struct sock *sk, struct in6_flowlabel_req *freq, |
428 | int flags); |
429 | int ip6_flowlabel_init(void); |
430 | void ip6_flowlabel_cleanup(void); |
431 | bool ip6_autoflowlabel(struct net *net, const struct sock *sk); |
432 | |
433 | static inline void fl6_sock_release(struct ip6_flowlabel *fl) |
434 | { |
435 | if (fl) |
436 | atomic_dec(v: &fl->users); |
437 | } |
438 | |
439 | enum skb_drop_reason icmpv6_notify(struct sk_buff *skb, u8 type, |
440 | u8 code, __be32 info); |
441 | |
442 | void icmpv6_push_pending_frames(struct sock *sk, struct flowi6 *fl6, |
443 | struct icmp6hdr *thdr, int len); |
444 | |
445 | int ip6_ra_control(struct sock *sk, int sel); |
446 | |
447 | int ipv6_parse_hopopts(struct sk_buff *skb); |
448 | |
449 | struct ipv6_txoptions *ipv6_dup_options(struct sock *sk, |
450 | struct ipv6_txoptions *opt); |
451 | struct ipv6_txoptions *ipv6_renew_options(struct sock *sk, |
452 | struct ipv6_txoptions *opt, |
453 | int newtype, |
454 | struct ipv6_opt_hdr *newopt); |
455 | struct ipv6_txoptions *__ipv6_fixup_options(struct ipv6_txoptions *opt_space, |
456 | struct ipv6_txoptions *opt); |
457 | |
458 | static inline struct ipv6_txoptions * |
459 | ipv6_fixup_options(struct ipv6_txoptions *opt_space, struct ipv6_txoptions *opt) |
460 | { |
461 | if (!opt) |
462 | return NULL; |
463 | return __ipv6_fixup_options(opt_space, opt); |
464 | } |
465 | |
466 | bool ipv6_opt_accepted(const struct sock *sk, const struct sk_buff *skb, |
467 | const struct inet6_skb_parm *opt); |
468 | struct ipv6_txoptions *ipv6_update_options(struct sock *sk, |
469 | struct ipv6_txoptions *opt); |
470 | |
471 | /* This helper is specialized for BIG TCP needs. |
472 | * It assumes the hop_jumbo_hdr will immediately follow the IPV6 header. |
473 | * It assumes headers are already in skb->head. |
474 | * Returns 0, or IPPROTO_TCP if a BIG TCP packet is there. |
475 | */ |
476 | static inline int ipv6_has_hopopt_jumbo(const struct sk_buff *skb) |
477 | { |
478 | const struct hop_jumbo_hdr *jhdr; |
479 | const struct ipv6hdr *nhdr; |
480 | |
481 | if (likely(skb->len <= GRO_LEGACY_MAX_SIZE)) |
482 | return 0; |
483 | |
484 | if (skb->protocol != htons(ETH_P_IPV6)) |
485 | return 0; |
486 | |
487 | if (skb_network_offset(skb) + |
488 | sizeof(struct ipv6hdr) + |
489 | sizeof(struct hop_jumbo_hdr) > skb_headlen(skb)) |
490 | return 0; |
491 | |
492 | nhdr = ipv6_hdr(skb); |
493 | |
494 | if (nhdr->nexthdr != NEXTHDR_HOP) |
495 | return 0; |
496 | |
497 | jhdr = (const struct hop_jumbo_hdr *) (nhdr + 1); |
498 | if (jhdr->tlv_type != IPV6_TLV_JUMBO || jhdr->hdrlen != 0 || |
499 | jhdr->nexthdr != IPPROTO_TCP) |
500 | return 0; |
501 | return jhdr->nexthdr; |
502 | } |
503 | |
504 | /* Return 0 if HBH header is successfully removed |
505 | * Or if HBH removal is unnecessary (packet is not big TCP) |
506 | * Return error to indicate dropping the packet |
507 | */ |
508 | static inline int ipv6_hopopt_jumbo_remove(struct sk_buff *skb) |
509 | { |
510 | const int hophdr_len = sizeof(struct hop_jumbo_hdr); |
511 | int nexthdr = ipv6_has_hopopt_jumbo(skb); |
512 | struct ipv6hdr *h6; |
513 | |
514 | if (!nexthdr) |
515 | return 0; |
516 | |
517 | if (skb_cow_head(skb, headroom: 0)) |
518 | return -1; |
519 | |
520 | /* Remove the HBH header. |
521 | * Layout: [Ethernet header][IPv6 header][HBH][L4 Header] |
522 | */ |
523 | memmove(skb_mac_header(skb) + hophdr_len, skb_mac_header(skb), |
524 | skb_network_header(skb) - skb_mac_header(skb) + |
525 | sizeof(struct ipv6hdr)); |
526 | |
527 | __skb_pull(skb, len: hophdr_len); |
528 | skb->network_header += hophdr_len; |
529 | skb->mac_header += hophdr_len; |
530 | |
531 | h6 = ipv6_hdr(skb); |
532 | h6->nexthdr = nexthdr; |
533 | |
534 | return 0; |
535 | } |
536 | |
537 | static inline bool ipv6_accept_ra(struct inet6_dev *idev) |
538 | { |
539 | /* If forwarding is enabled, RA are not accepted unless the special |
540 | * hybrid mode (accept_ra=2) is enabled. |
541 | */ |
542 | return idev->cnf.forwarding ? idev->cnf.accept_ra == 2 : |
543 | idev->cnf.accept_ra; |
544 | } |
545 | |
546 | #define IPV6_FRAG_HIGH_THRESH (4 * 1024*1024) /* 4194304 */ |
547 | #define IPV6_FRAG_LOW_THRESH (3 * 1024*1024) /* 3145728 */ |
548 | #define IPV6_FRAG_TIMEOUT (60 * HZ) /* 60 seconds */ |
549 | |
550 | int __ipv6_addr_type(const struct in6_addr *addr); |
551 | static inline int ipv6_addr_type(const struct in6_addr *addr) |
552 | { |
553 | return __ipv6_addr_type(addr) & 0xffff; |
554 | } |
555 | |
556 | static inline int ipv6_addr_scope(const struct in6_addr *addr) |
557 | { |
558 | return __ipv6_addr_type(addr) & IPV6_ADDR_SCOPE_MASK; |
559 | } |
560 | |
561 | static inline int __ipv6_addr_src_scope(int type) |
562 | { |
563 | return (type == IPV6_ADDR_ANY) ? __IPV6_ADDR_SCOPE_INVALID : (type >> 16); |
564 | } |
565 | |
566 | static inline int ipv6_addr_src_scope(const struct in6_addr *addr) |
567 | { |
568 | return __ipv6_addr_src_scope(type: __ipv6_addr_type(addr)); |
569 | } |
570 | |
571 | static inline bool __ipv6_addr_needs_scope_id(int type) |
572 | { |
573 | return type & IPV6_ADDR_LINKLOCAL || |
574 | (type & IPV6_ADDR_MULTICAST && |
575 | (type & (IPV6_ADDR_LOOPBACK|IPV6_ADDR_LINKLOCAL))); |
576 | } |
577 | |
578 | static inline __u32 ipv6_iface_scope_id(const struct in6_addr *addr, int iface) |
579 | { |
580 | return __ipv6_addr_needs_scope_id(type: __ipv6_addr_type(addr)) ? iface : 0; |
581 | } |
582 | |
583 | static inline int ipv6_addr_cmp(const struct in6_addr *a1, const struct in6_addr *a2) |
584 | { |
585 | return memcmp(p: a1, q: a2, size: sizeof(struct in6_addr)); |
586 | } |
587 | |
588 | static inline bool |
589 | ipv6_masked_addr_cmp(const struct in6_addr *a1, const struct in6_addr *m, |
590 | const struct in6_addr *a2) |
591 | { |
592 | #if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64 |
593 | const unsigned long *ul1 = (const unsigned long *)a1; |
594 | const unsigned long *ulm = (const unsigned long *)m; |
595 | const unsigned long *ul2 = (const unsigned long *)a2; |
596 | |
597 | return !!(((ul1[0] ^ ul2[0]) & ulm[0]) | |
598 | ((ul1[1] ^ ul2[1]) & ulm[1])); |
599 | #else |
600 | return !!(((a1->s6_addr32[0] ^ a2->s6_addr32[0]) & m->s6_addr32[0]) | |
601 | ((a1->s6_addr32[1] ^ a2->s6_addr32[1]) & m->s6_addr32[1]) | |
602 | ((a1->s6_addr32[2] ^ a2->s6_addr32[2]) & m->s6_addr32[2]) | |
603 | ((a1->s6_addr32[3] ^ a2->s6_addr32[3]) & m->s6_addr32[3])); |
604 | #endif |
605 | } |
606 | |
607 | static inline void ipv6_addr_prefix(struct in6_addr *pfx, |
608 | const struct in6_addr *addr, |
609 | int plen) |
610 | { |
611 | /* caller must guarantee 0 <= plen <= 128 */ |
612 | int o = plen >> 3, |
613 | b = plen & 0x7; |
614 | |
615 | memset(pfx->s6_addr, 0, sizeof(pfx->s6_addr)); |
616 | memcpy(pfx->s6_addr, addr, o); |
617 | if (b != 0) |
618 | pfx->s6_addr[o] = addr->s6_addr[o] & (0xff00 >> b); |
619 | } |
620 | |
621 | static inline void ipv6_addr_prefix_copy(struct in6_addr *addr, |
622 | const struct in6_addr *pfx, |
623 | int plen) |
624 | { |
625 | /* caller must guarantee 0 <= plen <= 128 */ |
626 | int o = plen >> 3, |
627 | b = plen & 0x7; |
628 | |
629 | memcpy(addr->s6_addr, pfx, o); |
630 | if (b != 0) { |
631 | addr->s6_addr[o] &= ~(0xff00 >> b); |
632 | addr->s6_addr[o] |= (pfx->s6_addr[o] & (0xff00 >> b)); |
633 | } |
634 | } |
635 | |
636 | static inline void __ipv6_addr_set_half(__be32 *addr, |
637 | __be32 wh, __be32 wl) |
638 | { |
639 | #if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64 |
640 | #if defined(__BIG_ENDIAN) |
641 | if (__builtin_constant_p(wh) && __builtin_constant_p(wl)) { |
642 | *(__force u64 *)addr = ((__force u64)(wh) << 32 | (__force u64)(wl)); |
643 | return; |
644 | } |
645 | #elif defined(__LITTLE_ENDIAN) |
646 | if (__builtin_constant_p(wl) && __builtin_constant_p(wh)) { |
647 | *(__force u64 *)addr = ((__force u64)(wl) << 32 | (__force u64)(wh)); |
648 | return; |
649 | } |
650 | #endif |
651 | #endif |
652 | addr[0] = wh; |
653 | addr[1] = wl; |
654 | } |
655 | |
656 | static inline void ipv6_addr_set(struct in6_addr *addr, |
657 | __be32 w1, __be32 w2, |
658 | __be32 w3, __be32 w4) |
659 | { |
660 | __ipv6_addr_set_half(addr: &addr->s6_addr32[0], wh: w1, wl: w2); |
661 | __ipv6_addr_set_half(addr: &addr->s6_addr32[2], wh: w3, wl: w4); |
662 | } |
663 | |
664 | static inline bool ipv6_addr_equal(const struct in6_addr *a1, |
665 | const struct in6_addr *a2) |
666 | { |
667 | #if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64 |
668 | const unsigned long *ul1 = (const unsigned long *)a1; |
669 | const unsigned long *ul2 = (const unsigned long *)a2; |
670 | |
671 | return ((ul1[0] ^ ul2[0]) | (ul1[1] ^ ul2[1])) == 0UL; |
672 | #else |
673 | return ((a1->s6_addr32[0] ^ a2->s6_addr32[0]) | |
674 | (a1->s6_addr32[1] ^ a2->s6_addr32[1]) | |
675 | (a1->s6_addr32[2] ^ a2->s6_addr32[2]) | |
676 | (a1->s6_addr32[3] ^ a2->s6_addr32[3])) == 0; |
677 | #endif |
678 | } |
679 | |
680 | #if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64 |
681 | static inline bool __ipv6_prefix_equal64_half(const __be64 *a1, |
682 | const __be64 *a2, |
683 | unsigned int len) |
684 | { |
685 | if (len && ((*a1 ^ *a2) & cpu_to_be64((~0UL) << (64 - len)))) |
686 | return false; |
687 | return true; |
688 | } |
689 | |
690 | static inline bool ipv6_prefix_equal(const struct in6_addr *addr1, |
691 | const struct in6_addr *addr2, |
692 | unsigned int prefixlen) |
693 | { |
694 | const __be64 *a1 = (const __be64 *)addr1; |
695 | const __be64 *a2 = (const __be64 *)addr2; |
696 | |
697 | if (prefixlen >= 64) { |
698 | if (a1[0] ^ a2[0]) |
699 | return false; |
700 | return __ipv6_prefix_equal64_half(a1: a1 + 1, a2: a2 + 1, len: prefixlen - 64); |
701 | } |
702 | return __ipv6_prefix_equal64_half(a1, a2, len: prefixlen); |
703 | } |
704 | #else |
705 | static inline bool ipv6_prefix_equal(const struct in6_addr *addr1, |
706 | const struct in6_addr *addr2, |
707 | unsigned int prefixlen) |
708 | { |
709 | const __be32 *a1 = addr1->s6_addr32; |
710 | const __be32 *a2 = addr2->s6_addr32; |
711 | unsigned int pdw, pbi; |
712 | |
713 | /* check complete u32 in prefix */ |
714 | pdw = prefixlen >> 5; |
715 | if (pdw && memcmp(a1, a2, pdw << 2)) |
716 | return false; |
717 | |
718 | /* check incomplete u32 in prefix */ |
719 | pbi = prefixlen & 0x1f; |
720 | if (pbi && ((a1[pdw] ^ a2[pdw]) & htonl((0xffffffff) << (32 - pbi)))) |
721 | return false; |
722 | |
723 | return true; |
724 | } |
725 | #endif |
726 | |
727 | static inline bool ipv6_addr_any(const struct in6_addr *a) |
728 | { |
729 | #if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64 |
730 | const unsigned long *ul = (const unsigned long *)a; |
731 | |
732 | return (ul[0] | ul[1]) == 0UL; |
733 | #else |
734 | return (a->s6_addr32[0] | a->s6_addr32[1] | |
735 | a->s6_addr32[2] | a->s6_addr32[3]) == 0; |
736 | #endif |
737 | } |
738 | |
739 | static inline u32 ipv6_addr_hash(const struct in6_addr *a) |
740 | { |
741 | #if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64 |
742 | const unsigned long *ul = (const unsigned long *)a; |
743 | unsigned long x = ul[0] ^ ul[1]; |
744 | |
745 | return (u32)(x ^ (x >> 32)); |
746 | #else |
747 | return (__force u32)(a->s6_addr32[0] ^ a->s6_addr32[1] ^ |
748 | a->s6_addr32[2] ^ a->s6_addr32[3]); |
749 | #endif |
750 | } |
751 | |
752 | /* more secured version of ipv6_addr_hash() */ |
753 | static inline u32 __ipv6_addr_jhash(const struct in6_addr *a, const u32 initval) |
754 | { |
755 | return jhash2(k: (__force const u32 *)a->s6_addr32, |
756 | ARRAY_SIZE(a->s6_addr32), initval); |
757 | } |
758 | |
759 | static inline bool ipv6_addr_loopback(const struct in6_addr *a) |
760 | { |
761 | #if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64 |
762 | const __be64 *be = (const __be64 *)a; |
763 | |
764 | return (be[0] | (be[1] ^ cpu_to_be64(1))) == 0UL; |
765 | #else |
766 | return (a->s6_addr32[0] | a->s6_addr32[1] | |
767 | a->s6_addr32[2] | (a->s6_addr32[3] ^ cpu_to_be32(1))) == 0; |
768 | #endif |
769 | } |
770 | |
771 | /* |
772 | * Note that we must __force cast these to unsigned long to make sparse happy, |
773 | * since all of the endian-annotated types are fixed size regardless of arch. |
774 | */ |
775 | static inline bool ipv6_addr_v4mapped(const struct in6_addr *a) |
776 | { |
777 | return ( |
778 | #if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64 |
779 | *(unsigned long *)a | |
780 | #else |
781 | (__force unsigned long)(a->s6_addr32[0] | a->s6_addr32[1]) | |
782 | #endif |
783 | (__force unsigned long)(a->s6_addr32[2] ^ |
784 | cpu_to_be32(0x0000ffff))) == 0UL; |
785 | } |
786 | |
787 | static inline bool ipv6_addr_v4mapped_any(const struct in6_addr *a) |
788 | { |
789 | return ipv6_addr_v4mapped(a) && ipv4_is_zeronet(addr: a->s6_addr32[3]); |
790 | } |
791 | |
792 | static inline bool ipv6_addr_v4mapped_loopback(const struct in6_addr *a) |
793 | { |
794 | return ipv6_addr_v4mapped(a) && ipv4_is_loopback(addr: a->s6_addr32[3]); |
795 | } |
796 | |
797 | static inline u32 ipv6_portaddr_hash(const struct net *net, |
798 | const struct in6_addr *addr6, |
799 | unsigned int port) |
800 | { |
801 | unsigned int hash, mix = net_hash_mix(net); |
802 | |
803 | if (ipv6_addr_any(a: addr6)) |
804 | hash = jhash_1word(a: 0, initval: mix); |
805 | else if (ipv6_addr_v4mapped(a: addr6)) |
806 | hash = jhash_1word(a: (__force u32)addr6->s6_addr32[3], initval: mix); |
807 | else |
808 | hash = jhash2(k: (__force u32 *)addr6->s6_addr32, length: 4, initval: mix); |
809 | |
810 | return hash ^ port; |
811 | } |
812 | |
813 | /* |
814 | * Check for a RFC 4843 ORCHID address |
815 | * (Overlay Routable Cryptographic Hash Identifiers) |
816 | */ |
817 | static inline bool ipv6_addr_orchid(const struct in6_addr *a) |
818 | { |
819 | return (a->s6_addr32[0] & htonl(0xfffffff0)) == htonl(0x20010010); |
820 | } |
821 | |
822 | static inline bool ipv6_addr_is_multicast(const struct in6_addr *addr) |
823 | { |
824 | return (addr->s6_addr32[0] & htonl(0xFF000000)) == htonl(0xFF000000); |
825 | } |
826 | |
827 | static inline void ipv6_addr_set_v4mapped(const __be32 addr, |
828 | struct in6_addr *v4mapped) |
829 | { |
830 | ipv6_addr_set(addr: v4mapped, |
831 | w1: 0, w2: 0, |
832 | htonl(0x0000FFFF), |
833 | w4: addr); |
834 | } |
835 | |
836 | /* |
837 | * find the first different bit between two addresses |
838 | * length of address must be a multiple of 32bits |
839 | */ |
840 | static inline int __ipv6_addr_diff32(const void *token1, const void *token2, int addrlen) |
841 | { |
842 | const __be32 *a1 = token1, *a2 = token2; |
843 | int i; |
844 | |
845 | addrlen >>= 2; |
846 | |
847 | for (i = 0; i < addrlen; i++) { |
848 | __be32 xb = a1[i] ^ a2[i]; |
849 | if (xb) |
850 | return i * 32 + 31 - __fls(ntohl(xb)); |
851 | } |
852 | |
853 | /* |
854 | * we should *never* get to this point since that |
855 | * would mean the addrs are equal |
856 | * |
857 | * However, we do get to it 8) And exacly, when |
858 | * addresses are equal 8) |
859 | * |
860 | * ip route add 1111::/128 via ... |
861 | * ip route add 1111::/64 via ... |
862 | * and we are here. |
863 | * |
864 | * Ideally, this function should stop comparison |
865 | * at prefix length. It does not, but it is still OK, |
866 | * if returned value is greater than prefix length. |
867 | * --ANK (980803) |
868 | */ |
869 | return addrlen << 5; |
870 | } |
871 | |
872 | #if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64 |
873 | static inline int __ipv6_addr_diff64(const void *token1, const void *token2, int addrlen) |
874 | { |
875 | const __be64 *a1 = token1, *a2 = token2; |
876 | int i; |
877 | |
878 | addrlen >>= 3; |
879 | |
880 | for (i = 0; i < addrlen; i++) { |
881 | __be64 xb = a1[i] ^ a2[i]; |
882 | if (xb) |
883 | return i * 64 + 63 - __fls(be64_to_cpu(xb)); |
884 | } |
885 | |
886 | return addrlen << 6; |
887 | } |
888 | #endif |
889 | |
890 | static inline int __ipv6_addr_diff(const void *token1, const void *token2, int addrlen) |
891 | { |
892 | #if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64 |
893 | if (__builtin_constant_p(addrlen) && !(addrlen & 7)) |
894 | return __ipv6_addr_diff64(token1, token2, addrlen); |
895 | #endif |
896 | return __ipv6_addr_diff32(token1, token2, addrlen); |
897 | } |
898 | |
899 | static inline int ipv6_addr_diff(const struct in6_addr *a1, const struct in6_addr *a2) |
900 | { |
901 | return __ipv6_addr_diff(token1: a1, token2: a2, addrlen: sizeof(struct in6_addr)); |
902 | } |
903 | |
904 | __be32 ipv6_select_ident(struct net *net, |
905 | const struct in6_addr *daddr, |
906 | const struct in6_addr *saddr); |
907 | __be32 ipv6_proxy_select_ident(struct net *net, struct sk_buff *skb); |
908 | |
909 | int ip6_dst_hoplimit(struct dst_entry *dst); |
910 | |
911 | static inline int ip6_sk_dst_hoplimit(struct ipv6_pinfo *np, struct flowi6 *fl6, |
912 | struct dst_entry *dst) |
913 | { |
914 | int hlimit; |
915 | |
916 | if (ipv6_addr_is_multicast(addr: &fl6->daddr)) |
917 | hlimit = READ_ONCE(np->mcast_hops); |
918 | else |
919 | hlimit = READ_ONCE(np->hop_limit); |
920 | if (hlimit < 0) |
921 | hlimit = ip6_dst_hoplimit(dst); |
922 | return hlimit; |
923 | } |
924 | |
925 | /* copy IPv6 saddr & daddr to flow_keys, possibly using 64bit load/store |
926 | * Equivalent to : flow->v6addrs.src = iph->saddr; |
927 | * flow->v6addrs.dst = iph->daddr; |
928 | */ |
929 | static inline void iph_to_flow_copy_v6addrs(struct flow_keys *flow, |
930 | const struct ipv6hdr *iph) |
931 | { |
932 | BUILD_BUG_ON(offsetof(typeof(flow->addrs), v6addrs.dst) != |
933 | offsetof(typeof(flow->addrs), v6addrs.src) + |
934 | sizeof(flow->addrs.v6addrs.src)); |
935 | memcpy(&flow->addrs.v6addrs, &iph->addrs, sizeof(flow->addrs.v6addrs)); |
936 | flow->control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS; |
937 | } |
938 | |
939 | #if IS_ENABLED(CONFIG_IPV6) |
940 | |
941 | static inline bool ipv6_can_nonlocal_bind(struct net *net, |
942 | struct inet_sock *inet) |
943 | { |
944 | return net->ipv6.sysctl.ip_nonlocal_bind || |
945 | test_bit(INET_FLAGS_FREEBIND, &inet->inet_flags) || |
946 | test_bit(INET_FLAGS_TRANSPARENT, &inet->inet_flags); |
947 | } |
948 | |
949 | /* Sysctl settings for net ipv6.auto_flowlabels */ |
950 | #define IP6_AUTO_FLOW_LABEL_OFF 0 |
951 | #define IP6_AUTO_FLOW_LABEL_OPTOUT 1 |
952 | #define IP6_AUTO_FLOW_LABEL_OPTIN 2 |
953 | #define IP6_AUTO_FLOW_LABEL_FORCED 3 |
954 | |
955 | #define IP6_AUTO_FLOW_LABEL_MAX IP6_AUTO_FLOW_LABEL_FORCED |
956 | |
957 | #define IP6_DEFAULT_AUTO_FLOW_LABELS IP6_AUTO_FLOW_LABEL_OPTOUT |
958 | |
959 | static inline __be32 ip6_make_flowlabel(struct net *net, struct sk_buff *skb, |
960 | __be32 flowlabel, bool autolabel, |
961 | struct flowi6 *fl6) |
962 | { |
963 | u32 hash; |
964 | |
965 | /* @flowlabel may include more than a flow label, eg, the traffic class. |
966 | * Here we want only the flow label value. |
967 | */ |
968 | flowlabel &= IPV6_FLOWLABEL_MASK; |
969 | |
970 | if (flowlabel || |
971 | net->ipv6.sysctl.auto_flowlabels == IP6_AUTO_FLOW_LABEL_OFF || |
972 | (!autolabel && |
973 | net->ipv6.sysctl.auto_flowlabels != IP6_AUTO_FLOW_LABEL_FORCED)) |
974 | return flowlabel; |
975 | |
976 | hash = skb_get_hash_flowi6(skb, fl6); |
977 | |
978 | /* Since this is being sent on the wire obfuscate hash a bit |
979 | * to minimize possbility that any useful information to an |
980 | * attacker is leaked. Only lower 20 bits are relevant. |
981 | */ |
982 | hash = rol32(word: hash, shift: 16); |
983 | |
984 | flowlabel = (__force __be32)hash & IPV6_FLOWLABEL_MASK; |
985 | |
986 | if (net->ipv6.sysctl.flowlabel_state_ranges) |
987 | flowlabel |= IPV6_FLOWLABEL_STATELESS_FLAG; |
988 | |
989 | return flowlabel; |
990 | } |
991 | |
992 | static inline int ip6_default_np_autolabel(struct net *net) |
993 | { |
994 | switch (net->ipv6.sysctl.auto_flowlabels) { |
995 | case IP6_AUTO_FLOW_LABEL_OFF: |
996 | case IP6_AUTO_FLOW_LABEL_OPTIN: |
997 | default: |
998 | return 0; |
999 | case IP6_AUTO_FLOW_LABEL_OPTOUT: |
1000 | case IP6_AUTO_FLOW_LABEL_FORCED: |
1001 | return 1; |
1002 | } |
1003 | } |
1004 | #else |
1005 | static inline __be32 ip6_make_flowlabel(struct net *net, struct sk_buff *skb, |
1006 | __be32 flowlabel, bool autolabel, |
1007 | struct flowi6 *fl6) |
1008 | { |
1009 | return flowlabel; |
1010 | } |
1011 | static inline int ip6_default_np_autolabel(struct net *net) |
1012 | { |
1013 | return 0; |
1014 | } |
1015 | #endif |
1016 | |
1017 | #if IS_ENABLED(CONFIG_IPV6) |
1018 | static inline int ip6_multipath_hash_policy(const struct net *net) |
1019 | { |
1020 | return net->ipv6.sysctl.multipath_hash_policy; |
1021 | } |
1022 | static inline u32 ip6_multipath_hash_fields(const struct net *net) |
1023 | { |
1024 | return net->ipv6.sysctl.multipath_hash_fields; |
1025 | } |
1026 | #else |
1027 | static inline int ip6_multipath_hash_policy(const struct net *net) |
1028 | { |
1029 | return 0; |
1030 | } |
1031 | static inline u32 ip6_multipath_hash_fields(const struct net *net) |
1032 | { |
1033 | return 0; |
1034 | } |
1035 | #endif |
1036 | |
1037 | /* |
1038 | * Header manipulation |
1039 | */ |
1040 | static inline void ip6_flow_hdr(struct ipv6hdr *hdr, unsigned int tclass, |
1041 | __be32 flowlabel) |
1042 | { |
1043 | *(__be32 *)hdr = htonl(0x60000000 | (tclass << 20)) | flowlabel; |
1044 | } |
1045 | |
1046 | static inline __be32 ip6_flowinfo(const struct ipv6hdr *hdr) |
1047 | { |
1048 | return *(__be32 *)hdr & IPV6_FLOWINFO_MASK; |
1049 | } |
1050 | |
1051 | static inline __be32 ip6_flowlabel(const struct ipv6hdr *hdr) |
1052 | { |
1053 | return *(__be32 *)hdr & IPV6_FLOWLABEL_MASK; |
1054 | } |
1055 | |
1056 | static inline u8 ip6_tclass(__be32 flowinfo) |
1057 | { |
1058 | return ntohl(flowinfo & IPV6_TCLASS_MASK) >> IPV6_TCLASS_SHIFT; |
1059 | } |
1060 | |
1061 | static inline dscp_t ip6_dscp(__be32 flowinfo) |
1062 | { |
1063 | return inet_dsfield_to_dscp(dsfield: ip6_tclass(flowinfo)); |
1064 | } |
1065 | |
1066 | static inline __be32 ip6_make_flowinfo(unsigned int tclass, __be32 flowlabel) |
1067 | { |
1068 | return htonl(tclass << IPV6_TCLASS_SHIFT) | flowlabel; |
1069 | } |
1070 | |
1071 | static inline __be32 flowi6_get_flowlabel(const struct flowi6 *fl6) |
1072 | { |
1073 | return fl6->flowlabel & IPV6_FLOWLABEL_MASK; |
1074 | } |
1075 | |
1076 | /* |
1077 | * Prototypes exported by ipv6 |
1078 | */ |
1079 | |
1080 | /* |
1081 | * rcv function (called from netdevice level) |
1082 | */ |
1083 | |
1084 | int ipv6_rcv(struct sk_buff *skb, struct net_device *dev, |
1085 | struct packet_type *pt, struct net_device *orig_dev); |
1086 | void ipv6_list_rcv(struct list_head *head, struct packet_type *pt, |
1087 | struct net_device *orig_dev); |
1088 | |
1089 | int ip6_rcv_finish(struct net *net, struct sock *sk, struct sk_buff *skb); |
1090 | |
1091 | /* |
1092 | * upper-layer output functions |
1093 | */ |
1094 | int ip6_xmit(const struct sock *sk, struct sk_buff *skb, struct flowi6 *fl6, |
1095 | __u32 mark, struct ipv6_txoptions *opt, int tclass, u32 priority); |
1096 | |
1097 | int ip6_find_1stfragopt(struct sk_buff *skb, u8 **nexthdr); |
1098 | |
1099 | int ip6_append_data(struct sock *sk, |
1100 | int getfrag(void *from, char *to, int offset, int len, |
1101 | int odd, struct sk_buff *skb), |
1102 | void *from, size_t length, int transhdrlen, |
1103 | struct ipcm6_cookie *ipc6, struct flowi6 *fl6, |
1104 | struct rt6_info *rt, unsigned int flags); |
1105 | |
1106 | int ip6_push_pending_frames(struct sock *sk); |
1107 | |
1108 | void ip6_flush_pending_frames(struct sock *sk); |
1109 | |
1110 | int ip6_send_skb(struct sk_buff *skb); |
1111 | |
1112 | struct sk_buff *__ip6_make_skb(struct sock *sk, struct sk_buff_head *queue, |
1113 | struct inet_cork_full *cork, |
1114 | struct inet6_cork *v6_cork); |
1115 | struct sk_buff *ip6_make_skb(struct sock *sk, |
1116 | int getfrag(void *from, char *to, int offset, |
1117 | int len, int odd, struct sk_buff *skb), |
1118 | void *from, size_t length, int transhdrlen, |
1119 | struct ipcm6_cookie *ipc6, |
1120 | struct rt6_info *rt, unsigned int flags, |
1121 | struct inet_cork_full *cork); |
1122 | |
1123 | static inline struct sk_buff *ip6_finish_skb(struct sock *sk) |
1124 | { |
1125 | return __ip6_make_skb(sk, queue: &sk->sk_write_queue, cork: &inet_sk(sk)->cork, |
1126 | v6_cork: &inet6_sk(sk: sk)->cork); |
1127 | } |
1128 | |
1129 | int ip6_dst_lookup(struct net *net, struct sock *sk, struct dst_entry **dst, |
1130 | struct flowi6 *fl6); |
1131 | struct dst_entry *ip6_dst_lookup_flow(struct net *net, const struct sock *sk, struct flowi6 *fl6, |
1132 | const struct in6_addr *final_dst); |
1133 | struct dst_entry *ip6_sk_dst_lookup_flow(struct sock *sk, struct flowi6 *fl6, |
1134 | const struct in6_addr *final_dst, |
1135 | bool connected); |
1136 | struct dst_entry *ip6_blackhole_route(struct net *net, |
1137 | struct dst_entry *orig_dst); |
1138 | |
1139 | /* |
1140 | * skb processing functions |
1141 | */ |
1142 | |
1143 | int ip6_output(struct net *net, struct sock *sk, struct sk_buff *skb); |
1144 | int ip6_forward(struct sk_buff *skb); |
1145 | int ip6_input(struct sk_buff *skb); |
1146 | int ip6_mc_input(struct sk_buff *skb); |
1147 | void ip6_protocol_deliver_rcu(struct net *net, struct sk_buff *skb, int nexthdr, |
1148 | bool have_final); |
1149 | |
1150 | int __ip6_local_out(struct net *net, struct sock *sk, struct sk_buff *skb); |
1151 | int ip6_local_out(struct net *net, struct sock *sk, struct sk_buff *skb); |
1152 | |
1153 | /* |
1154 | * Extension header (options) processing |
1155 | */ |
1156 | |
1157 | void ipv6_push_nfrag_opts(struct sk_buff *skb, struct ipv6_txoptions *opt, |
1158 | u8 *proto, struct in6_addr **daddr_p, |
1159 | struct in6_addr *saddr); |
1160 | void ipv6_push_frag_opts(struct sk_buff *skb, struct ipv6_txoptions *opt, |
1161 | u8 *proto); |
1162 | |
1163 | int ipv6_skip_exthdr(const struct sk_buff *, int start, u8 *nexthdrp, |
1164 | __be16 *frag_offp); |
1165 | |
1166 | bool ipv6_ext_hdr(u8 nexthdr); |
1167 | |
1168 | enum { |
1169 | IP6_FH_F_FRAG = (1 << 0), |
1170 | IP6_FH_F_AUTH = (1 << 1), |
1171 | IP6_FH_F_SKIP_RH = (1 << 2), |
1172 | }; |
1173 | |
1174 | /* find specified header and get offset to it */ |
1175 | int ipv6_find_hdr(const struct sk_buff *skb, unsigned int *offset, int target, |
1176 | unsigned short *fragoff, int *fragflg); |
1177 | |
1178 | int ipv6_find_tlv(const struct sk_buff *skb, int offset, int type); |
1179 | |
1180 | struct in6_addr *fl6_update_dst(struct flowi6 *fl6, |
1181 | const struct ipv6_txoptions *opt, |
1182 | struct in6_addr *orig); |
1183 | |
1184 | /* |
1185 | * socket options (ipv6_sockglue.c) |
1186 | */ |
1187 | DECLARE_STATIC_KEY_FALSE(ip6_min_hopcount); |
1188 | |
1189 | int do_ipv6_setsockopt(struct sock *sk, int level, int optname, sockptr_t optval, |
1190 | unsigned int optlen); |
1191 | int ipv6_setsockopt(struct sock *sk, int level, int optname, sockptr_t optval, |
1192 | unsigned int optlen); |
1193 | int do_ipv6_getsockopt(struct sock *sk, int level, int optname, |
1194 | sockptr_t optval, sockptr_t optlen); |
1195 | int ipv6_getsockopt(struct sock *sk, int level, int optname, |
1196 | char __user *optval, int __user *optlen); |
1197 | |
1198 | int __ip6_datagram_connect(struct sock *sk, struct sockaddr *addr, |
1199 | int addr_len); |
1200 | int ip6_datagram_connect(struct sock *sk, struct sockaddr *addr, int addr_len); |
1201 | int ip6_datagram_connect_v6_only(struct sock *sk, struct sockaddr *addr, |
1202 | int addr_len); |
1203 | int ip6_datagram_dst_update(struct sock *sk, bool fix_sk_saddr); |
1204 | void ip6_datagram_release_cb(struct sock *sk); |
1205 | |
1206 | int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len, |
1207 | int *addr_len); |
1208 | int ipv6_recv_rxpmtu(struct sock *sk, struct msghdr *msg, int len, |
1209 | int *addr_len); |
1210 | void ipv6_icmp_error(struct sock *sk, struct sk_buff *skb, int err, __be16 port, |
1211 | u32 info, u8 *payload); |
1212 | void ipv6_local_error(struct sock *sk, int err, struct flowi6 *fl6, u32 info); |
1213 | void ipv6_local_rxpmtu(struct sock *sk, struct flowi6 *fl6, u32 mtu); |
1214 | |
1215 | void inet6_cleanup_sock(struct sock *sk); |
1216 | void inet6_sock_destruct(struct sock *sk); |
1217 | int inet6_release(struct socket *sock); |
1218 | int inet6_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len); |
1219 | int inet6_bind_sk(struct sock *sk, struct sockaddr *uaddr, int addr_len); |
1220 | int inet6_getname(struct socket *sock, struct sockaddr *uaddr, |
1221 | int peer); |
1222 | int inet6_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg); |
1223 | int inet6_compat_ioctl(struct socket *sock, unsigned int cmd, |
1224 | unsigned long arg); |
1225 | |
1226 | int inet6_hash_connect(struct inet_timewait_death_row *death_row, |
1227 | struct sock *sk); |
1228 | int inet6_sendmsg(struct socket *sock, struct msghdr *msg, size_t size); |
1229 | int inet6_recvmsg(struct socket *sock, struct msghdr *msg, size_t size, |
1230 | int flags); |
1231 | |
1232 | /* |
1233 | * reassembly.c |
1234 | */ |
1235 | extern const struct proto_ops inet6_stream_ops; |
1236 | extern const struct proto_ops inet6_dgram_ops; |
1237 | extern const struct proto_ops inet6_sockraw_ops; |
1238 | |
1239 | struct group_source_req; |
1240 | struct group_filter; |
1241 | |
1242 | int ip6_mc_source(int add, int omode, struct sock *sk, |
1243 | struct group_source_req *pgsr); |
1244 | int ip6_mc_msfilter(struct sock *sk, struct group_filter *gsf, |
1245 | struct sockaddr_storage *list); |
1246 | int ip6_mc_msfget(struct sock *sk, struct group_filter *gsf, |
1247 | sockptr_t optval, size_t ss_offset); |
1248 | |
1249 | #ifdef CONFIG_PROC_FS |
1250 | int ac6_proc_init(struct net *net); |
1251 | void ac6_proc_exit(struct net *net); |
1252 | int raw6_proc_init(void); |
1253 | void raw6_proc_exit(void); |
1254 | int tcp6_proc_init(struct net *net); |
1255 | void tcp6_proc_exit(struct net *net); |
1256 | int udp6_proc_init(struct net *net); |
1257 | void udp6_proc_exit(struct net *net); |
1258 | int udplite6_proc_init(void); |
1259 | void udplite6_proc_exit(void); |
1260 | int ipv6_misc_proc_init(void); |
1261 | void ipv6_misc_proc_exit(void); |
1262 | int snmp6_register_dev(struct inet6_dev *idev); |
1263 | int snmp6_unregister_dev(struct inet6_dev *idev); |
1264 | |
1265 | #else |
1266 | static inline int ac6_proc_init(struct net *net) { return 0; } |
1267 | static inline void ac6_proc_exit(struct net *net) { } |
1268 | static inline int snmp6_register_dev(struct inet6_dev *idev) { return 0; } |
1269 | static inline int snmp6_unregister_dev(struct inet6_dev *idev) { return 0; } |
1270 | #endif |
1271 | |
1272 | #ifdef CONFIG_SYSCTL |
1273 | struct ctl_table *ipv6_icmp_sysctl_init(struct net *net); |
1274 | size_t ipv6_icmp_sysctl_table_size(void); |
1275 | struct ctl_table *ipv6_route_sysctl_init(struct net *net); |
1276 | size_t ipv6_route_sysctl_table_size(struct net *net); |
1277 | int ipv6_sysctl_register(void); |
1278 | void ipv6_sysctl_unregister(void); |
1279 | #endif |
1280 | |
1281 | int ipv6_sock_mc_join(struct sock *sk, int ifindex, |
1282 | const struct in6_addr *addr); |
1283 | int ipv6_sock_mc_join_ssm(struct sock *sk, int ifindex, |
1284 | const struct in6_addr *addr, unsigned int mode); |
1285 | int ipv6_sock_mc_drop(struct sock *sk, int ifindex, |
1286 | const struct in6_addr *addr); |
1287 | |
1288 | static inline int ip6_sock_set_v6only(struct sock *sk) |
1289 | { |
1290 | if (inet_sk(sk)->inet_num) |
1291 | return -EINVAL; |
1292 | lock_sock(sk); |
1293 | sk->sk_ipv6only = true; |
1294 | release_sock(sk); |
1295 | return 0; |
1296 | } |
1297 | |
1298 | static inline void ip6_sock_set_recverr(struct sock *sk) |
1299 | { |
1300 | inet6_set_bit(RECVERR6, sk); |
1301 | } |
1302 | |
1303 | #define IPV6_PREFER_SRC_MASK (IPV6_PREFER_SRC_TMP | IPV6_PREFER_SRC_PUBLIC | \ |
1304 | IPV6_PREFER_SRC_COA) |
1305 | |
1306 | static inline int ip6_sock_set_addr_preferences(struct sock *sk, int val) |
1307 | { |
1308 | unsigned int prefmask = ~IPV6_PREFER_SRC_MASK; |
1309 | unsigned int pref = 0; |
1310 | |
1311 | /* check PUBLIC/TMP/PUBTMP_DEFAULT conflicts */ |
1312 | switch (val & (IPV6_PREFER_SRC_PUBLIC | |
1313 | IPV6_PREFER_SRC_TMP | |
1314 | IPV6_PREFER_SRC_PUBTMP_DEFAULT)) { |
1315 | case IPV6_PREFER_SRC_PUBLIC: |
1316 | pref |= IPV6_PREFER_SRC_PUBLIC; |
1317 | prefmask &= ~(IPV6_PREFER_SRC_PUBLIC | |
1318 | IPV6_PREFER_SRC_TMP); |
1319 | break; |
1320 | case IPV6_PREFER_SRC_TMP: |
1321 | pref |= IPV6_PREFER_SRC_TMP; |
1322 | prefmask &= ~(IPV6_PREFER_SRC_PUBLIC | |
1323 | IPV6_PREFER_SRC_TMP); |
1324 | break; |
1325 | case IPV6_PREFER_SRC_PUBTMP_DEFAULT: |
1326 | prefmask &= ~(IPV6_PREFER_SRC_PUBLIC | |
1327 | IPV6_PREFER_SRC_TMP); |
1328 | break; |
1329 | case 0: |
1330 | break; |
1331 | default: |
1332 | return -EINVAL; |
1333 | } |
1334 | |
1335 | /* check HOME/COA conflicts */ |
1336 | switch (val & (IPV6_PREFER_SRC_HOME | IPV6_PREFER_SRC_COA)) { |
1337 | case IPV6_PREFER_SRC_HOME: |
1338 | prefmask &= ~IPV6_PREFER_SRC_COA; |
1339 | break; |
1340 | case IPV6_PREFER_SRC_COA: |
1341 | pref |= IPV6_PREFER_SRC_COA; |
1342 | break; |
1343 | case 0: |
1344 | break; |
1345 | default: |
1346 | return -EINVAL; |
1347 | } |
1348 | |
1349 | /* check CGA/NONCGA conflicts */ |
1350 | switch (val & (IPV6_PREFER_SRC_CGA|IPV6_PREFER_SRC_NONCGA)) { |
1351 | case IPV6_PREFER_SRC_CGA: |
1352 | case IPV6_PREFER_SRC_NONCGA: |
1353 | case 0: |
1354 | break; |
1355 | default: |
1356 | return -EINVAL; |
1357 | } |
1358 | |
1359 | WRITE_ONCE(inet6_sk(sk)->srcprefs, |
1360 | (READ_ONCE(inet6_sk(sk)->srcprefs) & prefmask) | pref); |
1361 | return 0; |
1362 | } |
1363 | |
1364 | static inline void ip6_sock_set_recvpktinfo(struct sock *sk) |
1365 | { |
1366 | lock_sock(sk); |
1367 | inet6_sk(sk: sk)->rxopt.bits.rxinfo = true; |
1368 | release_sock(sk); |
1369 | } |
1370 | |
1371 | #endif /* _NET_IPV6_H */ |
1372 | |