Merge git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-rc-fixes-2.6
[linux-2.6] / net / ipv6 / ip6_input.c
1 /*
2  *      IPv6 input
3  *      Linux INET6 implementation
4  *
5  *      Authors:
6  *      Pedro Roque             <roque@di.fc.ul.pt>
7  *      Ian P. Morris           <I.P.Morris@soton.ac.uk>
8  *
9  *      Based in linux/net/ipv4/ip_input.c
10  *
11  *      This program is free software; you can redistribute it and/or
12  *      modify it under the terms of the GNU General Public License
13  *      as published by the Free Software Foundation; either version
14  *      2 of the License, or (at your option) any later version.
15  */
16 /* Changes
17  *
18  *      Mitsuru KANDA @USAGI and
19  *      YOSHIFUJI Hideaki @USAGI: Remove ipv6_parse_exthdrs().
20  */
21
22 #include <linux/errno.h>
23 #include <linux/types.h>
24 #include <linux/socket.h>
25 #include <linux/sockios.h>
26 #include <linux/net.h>
27 #include <linux/netdevice.h>
28 #include <linux/in6.h>
29 #include <linux/icmpv6.h>
30 #include <linux/mroute6.h>
31
32 #include <linux/netfilter.h>
33 #include <linux/netfilter_ipv6.h>
34
35 #include <net/sock.h>
36 #include <net/snmp.h>
37
38 #include <net/ipv6.h>
39 #include <net/protocol.h>
40 #include <net/transp_v6.h>
41 #include <net/rawv6.h>
42 #include <net/ndisc.h>
43 #include <net/ip6_route.h>
44 #include <net/addrconf.h>
45 #include <net/xfrm.h>
46
47
48
49 inline int ip6_rcv_finish( struct sk_buff *skb)
50 {
51         if (skb->dst == NULL)
52                 ip6_route_input(skb);
53
54         return dst_input(skb);
55 }
56
57 int ipv6_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev)
58 {
59         struct ipv6hdr *hdr;
60         u32             pkt_len;
61         struct inet6_dev *idev;
62
63         if (skb->pkt_type == PACKET_OTHERHOST) {
64                 kfree_skb(skb);
65                 return 0;
66         }
67
68         rcu_read_lock();
69
70         idev = __in6_dev_get(skb->dev);
71
72         IP6_INC_STATS_BH(idev, IPSTATS_MIB_INRECEIVES);
73
74         if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL ||
75             !idev || unlikely(idev->cnf.disable_ipv6)) {
76                 IP6_INC_STATS_BH(idev, IPSTATS_MIB_INDISCARDS);
77                 rcu_read_unlock();
78                 goto out;
79         }
80
81         memset(IP6CB(skb), 0, sizeof(struct inet6_skb_parm));
82
83         /*
84          * Store incoming device index. When the packet will
85          * be queued, we cannot refer to skb->dev anymore.
86          *
87          * BTW, when we send a packet for our own local address on a
88          * non-loopback interface (e.g. ethX), it is being delivered
89          * via the loopback interface (lo) here; skb->dev = loopback_dev.
90          * It, however, should be considered as if it is being
91          * arrived via the sending interface (ethX), because of the
92          * nature of scoping architecture. --yoshfuji
93          */
94         IP6CB(skb)->iif = skb->dst ? ip6_dst_idev(skb->dst)->dev->ifindex : dev->ifindex;
95
96         if (unlikely(!pskb_may_pull(skb, sizeof(*hdr))))
97                 goto err;
98
99         hdr = ipv6_hdr(skb);
100
101         if (hdr->version != 6)
102                 goto err;
103
104         /*
105          * RFC4291 2.5.3
106          * A packet received on an interface with a destination address
107          * of loopback must be dropped.
108          */
109         if (!(dev->flags & IFF_LOOPBACK) &&
110             ipv6_addr_loopback(&hdr->daddr))
111                 goto err;
112
113         skb->transport_header = skb->network_header + sizeof(*hdr);
114         IP6CB(skb)->nhoff = offsetof(struct ipv6hdr, nexthdr);
115
116         pkt_len = ntohs(hdr->payload_len);
117
118         /* pkt_len may be zero if Jumbo payload option is present */
119         if (pkt_len || hdr->nexthdr != NEXTHDR_HOP) {
120                 if (pkt_len + sizeof(struct ipv6hdr) > skb->len) {
121                         IP6_INC_STATS_BH(idev, IPSTATS_MIB_INTRUNCATEDPKTS);
122                         goto drop;
123                 }
124                 if (pskb_trim_rcsum(skb, pkt_len + sizeof(struct ipv6hdr))) {
125                         IP6_INC_STATS_BH(idev, IPSTATS_MIB_INHDRERRORS);
126                         goto drop;
127                 }
128                 hdr = ipv6_hdr(skb);
129         }
130
131         if (hdr->nexthdr == NEXTHDR_HOP) {
132                 if (ipv6_parse_hopopts(skb) < 0) {
133                         IP6_INC_STATS_BH(idev, IPSTATS_MIB_INHDRERRORS);
134                         rcu_read_unlock();
135                         return 0;
136                 }
137         }
138
139         rcu_read_unlock();
140
141         return NF_HOOK(PF_INET6, NF_INET_PRE_ROUTING, skb, dev, NULL,
142                        ip6_rcv_finish);
143 err:
144         IP6_INC_STATS_BH(idev, IPSTATS_MIB_INHDRERRORS);
145 drop:
146         rcu_read_unlock();
147         kfree_skb(skb);
148 out:
149         return 0;
150 }
151
152 /*
153  *      Deliver the packet to the host
154  */
155
156
157 static int ip6_input_finish(struct sk_buff *skb)
158 {
159         struct inet6_protocol *ipprot;
160         unsigned int nhoff;
161         int nexthdr, raw;
162         u8 hash;
163         struct inet6_dev *idev;
164
165         /*
166          *      Parse extension headers
167          */
168
169         rcu_read_lock();
170 resubmit:
171         idev = ip6_dst_idev(skb->dst);
172         if (!pskb_pull(skb, skb_transport_offset(skb)))
173                 goto discard;
174         nhoff = IP6CB(skb)->nhoff;
175         nexthdr = skb_network_header(skb)[nhoff];
176
177         raw = raw6_local_deliver(skb, nexthdr);
178
179         hash = nexthdr & (MAX_INET_PROTOS - 1);
180         if ((ipprot = rcu_dereference(inet6_protos[hash])) != NULL) {
181                 int ret;
182
183                 if (ipprot->flags & INET6_PROTO_FINAL) {
184                         struct ipv6hdr *hdr;
185
186                         /* Free reference early: we don't need it any more,
187                            and it may hold ip_conntrack module loaded
188                            indefinitely. */
189                         nf_reset(skb);
190
191                         skb_postpull_rcsum(skb, skb_network_header(skb),
192                                            skb_network_header_len(skb));
193                         hdr = ipv6_hdr(skb);
194                         if (ipv6_addr_is_multicast(&hdr->daddr) &&
195                             !ipv6_chk_mcast_addr(skb->dev, &hdr->daddr,
196                             &hdr->saddr) &&
197                             !ipv6_is_mld(skb, nexthdr))
198                                 goto discard;
199                 }
200                 if (!(ipprot->flags & INET6_PROTO_NOPOLICY) &&
201                     !xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
202                         goto discard;
203
204                 ret = ipprot->handler(skb);
205                 if (ret > 0)
206                         goto resubmit;
207                 else if (ret == 0)
208                         IP6_INC_STATS_BH(idev, IPSTATS_MIB_INDELIVERS);
209         } else {
210                 if (!raw) {
211                         if (xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
212                                 IP6_INC_STATS_BH(idev, IPSTATS_MIB_INUNKNOWNPROTOS);
213                                 icmpv6_send(skb, ICMPV6_PARAMPROB,
214                                             ICMPV6_UNK_NEXTHDR, nhoff,
215                                             skb->dev);
216                         }
217                 } else
218                         IP6_INC_STATS_BH(idev, IPSTATS_MIB_INDELIVERS);
219                 kfree_skb(skb);
220         }
221         rcu_read_unlock();
222         return 0;
223
224 discard:
225         IP6_INC_STATS_BH(idev, IPSTATS_MIB_INDISCARDS);
226         rcu_read_unlock();
227         kfree_skb(skb);
228         return 0;
229 }
230
231
232 int ip6_input(struct sk_buff *skb)
233 {
234         return NF_HOOK(PF_INET6, NF_INET_LOCAL_IN, skb, skb->dev, NULL,
235                        ip6_input_finish);
236 }
237
238 int ip6_mc_input(struct sk_buff *skb)
239 {
240         struct ipv6hdr *hdr;
241         int deliver;
242
243         IP6_INC_STATS_BH(ip6_dst_idev(skb->dst), IPSTATS_MIB_INMCASTPKTS);
244
245         hdr = ipv6_hdr(skb);
246         deliver = ipv6_chk_mcast_addr(skb->dev, &hdr->daddr, NULL);
247
248 #ifdef CONFIG_IPV6_MROUTE
249         /*
250          *      IPv6 multicast router mode is now supported ;)
251          */
252         if (dev_net(skb->dev)->ipv6.devconf_all->mc_forwarding &&
253             likely(!(IP6CB(skb)->flags & IP6SKB_FORWARDED))) {
254                 /*
255                  * Okay, we try to forward - split and duplicate
256                  * packets.
257                  */
258                 struct sk_buff *skb2;
259                 struct inet6_skb_parm *opt = IP6CB(skb);
260
261                 /* Check for MLD */
262                 if (unlikely(opt->ra)) {
263                         /* Check if this is a mld message */
264                         u8 *ptr = skb_network_header(skb) + opt->ra;
265                         struct icmp6hdr *icmp6;
266                         u8 nexthdr = hdr->nexthdr;
267                         int offset;
268
269                         /* Check if the value of Router Alert
270                          * is for MLD (0x0000).
271                          */
272                         if ((ptr[2] | ptr[3]) == 0) {
273                                 deliver = 0;
274
275                                 if (!ipv6_ext_hdr(nexthdr)) {
276                                         /* BUG */
277                                         goto out;
278                                 }
279                                 offset = ipv6_skip_exthdr(skb, sizeof(*hdr),
280                                                           &nexthdr);
281                                 if (offset < 0)
282                                         goto out;
283
284                                 if (nexthdr != IPPROTO_ICMPV6)
285                                         goto out;
286
287                                 if (!pskb_may_pull(skb, (skb_network_header(skb) +
288                                                    offset + 1 - skb->data)))
289                                         goto out;
290
291                                 icmp6 = (struct icmp6hdr *)(skb_network_header(skb) + offset);
292
293                                 switch (icmp6->icmp6_type) {
294                                 case ICMPV6_MGM_QUERY:
295                                 case ICMPV6_MGM_REPORT:
296                                 case ICMPV6_MGM_REDUCTION:
297                                 case ICMPV6_MLD2_REPORT:
298                                         deliver = 1;
299                                         break;
300                                 }
301                                 goto out;
302                         }
303                         /* unknown RA - process it normally */
304                 }
305
306                 if (deliver)
307                         skb2 = skb_clone(skb, GFP_ATOMIC);
308                 else {
309                         skb2 = skb;
310                         skb = NULL;
311                 }
312
313                 if (skb2) {
314                         skb2->dev = skb2->dst->dev;
315                         ip6_mr_input(skb2);
316                 }
317         }
318 out:
319 #endif
320         if (likely(deliver))
321                 ip6_input(skb);
322         else {
323                 /* discard */
324                 kfree_skb(skb);
325         }
326
327         return 0;
328 }