2 * Internet Control Message Protocol (ICMPv6)
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
8 * Based on net/ipv4/icmp.c
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version
15 * 2 of the License, or (at your option) any later version.
21 * Andi Kleen : exception handling
22 * Andi Kleen add rate limits. never reply to a icmp.
23 * add more length checks and other fixes.
24 * yoshfuji : ensure to sent parameter problem for
26 * YOSHIFUJI Hideaki @USAGI: added sysctl for icmp rate limit.
28 * YOSHIFUJI Hideaki @USAGI: Per-interface statistics support
29 * Kazunori MIYAZAWA @USAGI: change output process to use ip6_append_data
32 #define pr_fmt(fmt) "IPv6: " fmt
34 #include <linux/module.h>
35 #include <linux/errno.h>
36 #include <linux/types.h>
37 #include <linux/socket.h>
39 #include <linux/kernel.h>
40 #include <linux/sockios.h>
41 #include <linux/net.h>
42 #include <linux/skbuff.h>
43 #include <linux/init.h>
44 #include <linux/netfilter.h>
45 #include <linux/slab.h>
48 #include <linux/sysctl.h>
51 #include <linux/inet.h>
52 #include <linux/netdevice.h>
53 #include <linux/icmpv6.h>
59 #include <net/ip6_checksum.h>
61 #include <net/protocol.h>
63 #include <net/rawv6.h>
64 #include <net/transp_v6.h>
65 #include <net/ip6_route.h>
66 #include <net/addrconf.h>
69 #include <net/inet_common.h>
71 #include <asm/uaccess.h>
74 * The ICMP socket(s). This is the most convenient way to flow control
75 * our ICMP output as well as maintain a clean interface throughout
76 * all layers. All Socketless IP sends will soon be gone.
78 * On SMP we have one ICMP socket per-cpu.
80 static inline struct sock *icmpv6_sk(struct net *net)
82 return net->ipv6.icmp_sk[smp_processor_id()];
85 static void icmpv6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
86 u8 type, u8 code, int offset, __be32 info)
88 /* icmpv6_notify checks 8 bytes can be pulled, icmp6hdr is 8 bytes */
89 struct icmp6hdr *icmp6 = (struct icmp6hdr *) (skb->data + offset);
90 struct net *net = dev_net(skb->dev);
92 if (type == ICMPV6_PKT_TOOBIG)
93 ip6_update_pmtu(skb, net, info, 0, 0);
94 else if (type == NDISC_REDIRECT)
95 ip6_redirect(skb, net, 0, 0);
97 if (!(type & ICMPV6_INFOMSG_MASK))
98 if (icmp6->icmp6_type == ICMPV6_ECHO_REQUEST)
99 ping_err(skb, offset, info);
102 static int icmpv6_rcv(struct sk_buff *skb);
104 static const struct inet6_protocol icmpv6_protocol = {
105 .handler = icmpv6_rcv,
106 .err_handler = icmpv6_err,
107 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
110 static __inline__ struct sock *icmpv6_xmit_lock(struct net *net)
117 if (unlikely(!spin_trylock(&sk->sk_lock.slock))) {
118 /* This can happen if the output path (f.e. SIT or
119 * ip6ip6 tunnel) signals dst_link_failure() for an
120 * outgoing ICMP6 packet.
128 static __inline__ void icmpv6_xmit_unlock(struct sock *sk)
130 spin_unlock_bh(&sk->sk_lock.slock);
134 * Figure out, may we reply to this packet with icmp error.
136 * We do not reply, if:
137 * - it was icmp error message.
138 * - it is truncated, so that it is known, that protocol is ICMPV6
139 * (i.e. in the middle of some exthdr)
144 static bool is_ineligible(const struct sk_buff *skb)
146 int ptr = (u8 *)(ipv6_hdr(skb) + 1) - skb->data;
147 int len = skb->len - ptr;
148 __u8 nexthdr = ipv6_hdr(skb)->nexthdr;
154 ptr = ipv6_skip_exthdr(skb, ptr, &nexthdr, &frag_off);
157 if (nexthdr == IPPROTO_ICMPV6) {
159 tp = skb_header_pointer(skb,
160 ptr+offsetof(struct icmp6hdr, icmp6_type),
161 sizeof(_type), &_type);
163 !(*tp & ICMPV6_INFOMSG_MASK))
170 * Check the ICMP output rate limit
172 static inline bool icmpv6_xrlim_allow(struct sock *sk, u8 type,
175 struct dst_entry *dst;
176 struct net *net = sock_net(sk);
179 /* Informational messages are not limited. */
180 if (type & ICMPV6_INFOMSG_MASK)
183 /* Do not limit pmtu discovery, it would break it. */
184 if (type == ICMPV6_PKT_TOOBIG)
188 * Look up the output route.
189 * XXX: perhaps the expire for routing entries cloned by
190 * this lookup should be more aggressive (not longer than timeout).
192 dst = ip6_route_output(net, sk, fl6);
194 IP6_INC_STATS(net, ip6_dst_idev(dst),
195 IPSTATS_MIB_OUTNOROUTES);
196 } else if (dst->dev && (dst->dev->flags&IFF_LOOPBACK)) {
199 struct rt6_info *rt = (struct rt6_info *)dst;
200 int tmo = net->ipv6.sysctl.icmpv6_time;
201 struct inet_peer *peer;
203 /* Give more bandwidth to wider prefixes. */
204 if (rt->rt6i_dst.plen < 128)
205 tmo >>= ((128 - rt->rt6i_dst.plen)>>5);
207 peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
208 res = inet_peer_xrlim_allow(peer, tmo);
217 * an inline helper for the "simple" if statement below
218 * checks if parameter problem report is caused by an
219 * unrecognized IPv6 option that has the Option Type
220 * highest-order two bits set to 10
223 static bool opt_unrec(struct sk_buff *skb, __u32 offset)
227 offset += skb_network_offset(skb);
228 op = skb_header_pointer(skb, offset, sizeof(_optval), &_optval);
231 return (*op & 0xC0) == 0x80;
234 int icmpv6_push_pending_frames(struct sock *sk, struct flowi6 *fl6,
235 struct icmp6hdr *thdr, int len)
238 struct icmp6hdr *icmp6h;
241 if ((skb = skb_peek(&sk->sk_write_queue)) == NULL)
244 icmp6h = icmp6_hdr(skb);
245 memcpy(icmp6h, thdr, sizeof(struct icmp6hdr));
246 icmp6h->icmp6_cksum = 0;
248 if (skb_queue_len(&sk->sk_write_queue) == 1) {
249 skb->csum = csum_partial(icmp6h,
250 sizeof(struct icmp6hdr), skb->csum);
251 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl6->saddr,
253 len, fl6->flowi6_proto,
258 skb_queue_walk(&sk->sk_write_queue, skb) {
259 tmp_csum = csum_add(tmp_csum, skb->csum);
262 tmp_csum = csum_partial(icmp6h,
263 sizeof(struct icmp6hdr), tmp_csum);
264 icmp6h->icmp6_cksum = csum_ipv6_magic(&fl6->saddr,
266 len, fl6->flowi6_proto,
269 ip6_push_pending_frames(sk);
280 static int icmpv6_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb)
282 struct icmpv6_msg *msg = (struct icmpv6_msg *) from;
283 struct sk_buff *org_skb = msg->skb;
286 csum = skb_copy_and_csum_bits(org_skb, msg->offset + offset,
288 skb->csum = csum_block_add(skb->csum, csum, odd);
289 if (!(msg->type & ICMPV6_INFOMSG_MASK))
290 nf_ct_attach(skb, org_skb);
294 #if IS_ENABLED(CONFIG_IPV6_MIP6)
295 static void mip6_addr_swap(struct sk_buff *skb)
297 struct ipv6hdr *iph = ipv6_hdr(skb);
298 struct inet6_skb_parm *opt = IP6CB(skb);
299 struct ipv6_destopt_hao *hao;
304 off = ipv6_find_tlv(skb, opt->dsthao, IPV6_TLV_HAO);
305 if (likely(off >= 0)) {
306 hao = (struct ipv6_destopt_hao *)
307 (skb_network_header(skb) + off);
309 iph->saddr = hao->addr;
315 static inline void mip6_addr_swap(struct sk_buff *skb) {}
318 struct dst_entry *icmpv6_route_lookup(struct net *net, struct sk_buff *skb,
319 struct sock *sk, struct flowi6 *fl6)
321 struct dst_entry *dst, *dst2;
325 err = ip6_dst_lookup(sk, &dst, fl6);
330 * We won't send icmp if the destination is known
333 if (((struct rt6_info *)dst)->rt6i_flags & RTF_ANYCAST) {
334 LIMIT_NETDEBUG(KERN_DEBUG "icmp6_send: acast source\n");
336 return ERR_PTR(-EINVAL);
339 /* No need to clone since we're just using its address. */
342 dst = xfrm_lookup(net, dst, flowi6_to_flowi(fl6), sk, 0);
347 if (PTR_ERR(dst) == -EPERM)
353 err = xfrm_decode_session_reverse(skb, flowi6_to_flowi(&fl2), AF_INET6);
355 goto relookup_failed;
357 err = ip6_dst_lookup(sk, &dst2, &fl2);
359 goto relookup_failed;
361 dst2 = xfrm_lookup(net, dst2, flowi6_to_flowi(&fl2), sk, XFRM_LOOKUP_ICMP);
371 goto relookup_failed;
381 * Send an ICMP message in response to a packet in error
383 static void icmp6_send(struct sk_buff *skb, u8 type, u8 code, __u32 info)
385 struct net *net = dev_net(skb->dev);
386 struct inet6_dev *idev = NULL;
387 struct ipv6hdr *hdr = ipv6_hdr(skb);
389 struct ipv6_pinfo *np;
390 const struct in6_addr *saddr = NULL;
391 struct dst_entry *dst;
392 struct icmp6hdr tmp_hdr;
394 struct icmpv6_msg msg;
401 if ((u8 *)hdr < skb->head ||
402 (skb->network_header + sizeof(*hdr)) > skb->tail)
406 * Make sure we respect the rules
407 * i.e. RFC 1885 2.4(e)
408 * Rule (e.1) is enforced by not using icmp6_send
409 * in any code that processes icmp errors.
411 addr_type = ipv6_addr_type(&hdr->daddr);
413 if (ipv6_chk_addr(net, &hdr->daddr, skb->dev, 0))
420 if ((addr_type & IPV6_ADDR_MULTICAST || skb->pkt_type != PACKET_HOST)) {
421 if (type != ICMPV6_PKT_TOOBIG &&
422 !(type == ICMPV6_PARAMPROB &&
423 code == ICMPV6_UNK_OPTION &&
424 (opt_unrec(skb, info))))
430 addr_type = ipv6_addr_type(&hdr->saddr);
436 if (__ipv6_addr_needs_scope_id(addr_type))
437 iif = skb->dev->ifindex;
440 * Must not send error if the source does not uniquely
441 * identify a single node (RFC2463 Section 2.4).
442 * We check unspecified / multicast addresses here,
443 * and anycast addresses will be checked later.
445 if ((addr_type == IPV6_ADDR_ANY) || (addr_type & IPV6_ADDR_MULTICAST)) {
446 LIMIT_NETDEBUG(KERN_DEBUG "icmp6_send: addr_any/mcast source\n");
451 * Never answer to a ICMP packet.
453 if (is_ineligible(skb)) {
454 LIMIT_NETDEBUG(KERN_DEBUG "icmp6_send: no reply to icmp error\n");
460 memset(&fl6, 0, sizeof(fl6));
461 fl6.flowi6_proto = IPPROTO_ICMPV6;
462 fl6.daddr = hdr->saddr;
465 fl6.flowi6_oif = iif;
466 fl6.fl6_icmp_type = type;
467 fl6.fl6_icmp_code = code;
468 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
470 sk = icmpv6_xmit_lock(net);
475 if (!icmpv6_xrlim_allow(sk, type, &fl6))
478 tmp_hdr.icmp6_type = type;
479 tmp_hdr.icmp6_code = code;
480 tmp_hdr.icmp6_cksum = 0;
481 tmp_hdr.icmp6_pointer = htonl(info);
483 if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr))
484 fl6.flowi6_oif = np->mcast_oif;
485 else if (!fl6.flowi6_oif)
486 fl6.flowi6_oif = np->ucast_oif;
488 dst = icmpv6_route_lookup(net, skb, sk, &fl6);
492 if (ipv6_addr_is_multicast(&fl6.daddr))
493 hlimit = np->mcast_hops;
495 hlimit = np->hop_limit;
497 hlimit = ip6_dst_hoplimit(dst);
500 msg.offset = skb_network_offset(skb);
503 len = skb->len - msg.offset;
504 len = min_t(unsigned int, len, IPV6_MIN_MTU - sizeof(struct ipv6hdr) -sizeof(struct icmp6hdr));
506 LIMIT_NETDEBUG(KERN_DEBUG "icmp: len problem\n");
507 goto out_dst_release;
511 idev = __in6_dev_get(skb->dev);
513 err = ip6_append_data(sk, icmpv6_getfrag, &msg,
514 len + sizeof(struct icmp6hdr),
515 sizeof(struct icmp6hdr), hlimit,
516 np->tclass, NULL, &fl6, (struct rt6_info *)dst,
517 MSG_DONTWAIT, np->dontfrag);
519 ICMP6_INC_STATS_BH(net, idev, ICMP6_MIB_OUTERRORS);
520 ip6_flush_pending_frames(sk);
522 err = icmpv6_push_pending_frames(sk, &fl6, &tmp_hdr,
523 len + sizeof(struct icmp6hdr));
529 icmpv6_xmit_unlock(sk);
532 /* Slightly more convenient version of icmp6_send.
534 void icmpv6_param_prob(struct sk_buff *skb, u8 code, int pos)
536 icmp6_send(skb, ICMPV6_PARAMPROB, code, pos);
540 static void icmpv6_echo_reply(struct sk_buff *skb)
542 struct net *net = dev_net(skb->dev);
544 struct inet6_dev *idev;
545 struct ipv6_pinfo *np;
546 const struct in6_addr *saddr = NULL;
547 struct icmp6hdr *icmph = icmp6_hdr(skb);
548 struct icmp6hdr tmp_hdr;
550 struct icmpv6_msg msg;
551 struct dst_entry *dst;
555 saddr = &ipv6_hdr(skb)->daddr;
557 if (!ipv6_unicast_destination(skb))
560 memcpy(&tmp_hdr, icmph, sizeof(tmp_hdr));
561 tmp_hdr.icmp6_type = ICMPV6_ECHO_REPLY;
563 memset(&fl6, 0, sizeof(fl6));
564 fl6.flowi6_proto = IPPROTO_ICMPV6;
565 fl6.daddr = ipv6_hdr(skb)->saddr;
568 fl6.flowi6_oif = skb->dev->ifindex;
569 fl6.fl6_icmp_type = ICMPV6_ECHO_REPLY;
570 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
572 sk = icmpv6_xmit_lock(net);
577 if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr))
578 fl6.flowi6_oif = np->mcast_oif;
579 else if (!fl6.flowi6_oif)
580 fl6.flowi6_oif = np->ucast_oif;
582 err = ip6_dst_lookup(sk, &dst, &fl6);
585 dst = xfrm_lookup(net, dst, flowi6_to_flowi(&fl6), sk, 0);
589 if (ipv6_addr_is_multicast(&fl6.daddr))
590 hlimit = np->mcast_hops;
592 hlimit = np->hop_limit;
594 hlimit = ip6_dst_hoplimit(dst);
596 idev = __in6_dev_get(skb->dev);
600 msg.type = ICMPV6_ECHO_REPLY;
602 err = ip6_append_data(sk, icmpv6_getfrag, &msg, skb->len + sizeof(struct icmp6hdr),
603 sizeof(struct icmp6hdr), hlimit, np->tclass, NULL, &fl6,
604 (struct rt6_info *)dst, MSG_DONTWAIT,
608 ICMP6_INC_STATS_BH(net, idev, ICMP6_MIB_OUTERRORS);
609 ip6_flush_pending_frames(sk);
611 err = icmpv6_push_pending_frames(sk, &fl6, &tmp_hdr,
612 skb->len + sizeof(struct icmp6hdr));
616 icmpv6_xmit_unlock(sk);
619 void icmpv6_notify(struct sk_buff *skb, u8 type, u8 code, __be32 info)
621 const struct inet6_protocol *ipprot;
626 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
629 nexthdr = ((struct ipv6hdr *)skb->data)->nexthdr;
630 if (ipv6_ext_hdr(nexthdr)) {
631 /* now skip over extension headers */
632 inner_offset = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr),
633 &nexthdr, &frag_off);
637 inner_offset = sizeof(struct ipv6hdr);
640 /* Checkin header including 8 bytes of inner protocol header. */
641 if (!pskb_may_pull(skb, inner_offset+8))
644 /* BUGGG_FUTURE: we should try to parse exthdrs in this packet.
645 Without this we will not able f.e. to make source routed
647 Corresponding argument (opt) to notifiers is already added.
652 ipprot = rcu_dereference(inet6_protos[nexthdr]);
653 if (ipprot && ipprot->err_handler)
654 ipprot->err_handler(skb, NULL, type, code, inner_offset, info);
657 raw6_icmp_error(skb, nexthdr, type, code, inner_offset, info);
661 * Handle icmp messages
664 static int icmpv6_rcv(struct sk_buff *skb)
666 struct net_device *dev = skb->dev;
667 struct inet6_dev *idev = __in6_dev_get(dev);
668 const struct in6_addr *saddr, *daddr;
669 struct icmp6hdr *hdr;
672 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
673 struct sec_path *sp = skb_sec_path(skb);
676 if (!(sp && sp->xvec[sp->len - 1]->props.flags &
680 if (!pskb_may_pull(skb, sizeof(*hdr) + sizeof(struct ipv6hdr)))
683 nh = skb_network_offset(skb);
684 skb_set_network_header(skb, sizeof(*hdr));
686 if (!xfrm6_policy_check_reverse(NULL, XFRM_POLICY_IN, skb))
689 skb_set_network_header(skb, nh);
692 ICMP6_INC_STATS_BH(dev_net(dev), idev, ICMP6_MIB_INMSGS);
694 saddr = &ipv6_hdr(skb)->saddr;
695 daddr = &ipv6_hdr(skb)->daddr;
697 /* Perform checksum. */
698 switch (skb->ip_summed) {
699 case CHECKSUM_COMPLETE:
700 if (!csum_ipv6_magic(saddr, daddr, skb->len, IPPROTO_ICMPV6,
705 skb->csum = ~csum_unfold(csum_ipv6_magic(saddr, daddr, skb->len,
707 if (__skb_checksum_complete(skb)) {
708 LIMIT_NETDEBUG(KERN_DEBUG
709 "ICMPv6 checksum failed [%pI6c > %pI6c]\n",
715 if (!pskb_pull(skb, sizeof(*hdr)))
718 hdr = icmp6_hdr(skb);
720 type = hdr->icmp6_type;
722 ICMP6MSGIN_INC_STATS_BH(dev_net(dev), idev, type);
725 case ICMPV6_ECHO_REQUEST:
726 icmpv6_echo_reply(skb);
729 case ICMPV6_ECHO_REPLY:
733 case ICMPV6_PKT_TOOBIG:
734 /* BUGGG_FUTURE: if packet contains rthdr, we cannot update
735 standard destination cache. Seems, only "advanced"
736 destination cache will allow to solve this problem
739 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
741 hdr = icmp6_hdr(skb);
744 * Drop through to notify
747 case ICMPV6_DEST_UNREACH:
748 case ICMPV6_TIME_EXCEED:
749 case ICMPV6_PARAMPROB:
750 icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu);
753 case NDISC_ROUTER_SOLICITATION:
754 case NDISC_ROUTER_ADVERTISEMENT:
755 case NDISC_NEIGHBOUR_SOLICITATION:
756 case NDISC_NEIGHBOUR_ADVERTISEMENT:
761 case ICMPV6_MGM_QUERY:
762 igmp6_event_query(skb);
765 case ICMPV6_MGM_REPORT:
766 igmp6_event_report(skb);
769 case ICMPV6_MGM_REDUCTION:
770 case ICMPV6_NI_QUERY:
771 case ICMPV6_NI_REPLY:
772 case ICMPV6_MLD2_REPORT:
773 case ICMPV6_DHAAD_REQUEST:
774 case ICMPV6_DHAAD_REPLY:
775 case ICMPV6_MOBILE_PREFIX_SOL:
776 case ICMPV6_MOBILE_PREFIX_ADV:
780 LIMIT_NETDEBUG(KERN_DEBUG "icmpv6: msg of unknown type\n");
783 if (type & ICMPV6_INFOMSG_MASK)
787 * error of unknown type.
788 * must pass to upper level
791 icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu);
798 ICMP6_INC_STATS_BH(dev_net(dev), idev, ICMP6_MIB_CSUMERRORS);
800 ICMP6_INC_STATS_BH(dev_net(dev), idev, ICMP6_MIB_INERRORS);
806 void icmpv6_flow_init(struct sock *sk, struct flowi6 *fl6,
808 const struct in6_addr *saddr,
809 const struct in6_addr *daddr,
812 memset(fl6, 0, sizeof(*fl6));
815 fl6->flowi6_proto = IPPROTO_ICMPV6;
816 fl6->fl6_icmp_type = type;
817 fl6->fl6_icmp_code = 0;
818 fl6->flowi6_oif = oif;
819 security_sk_classify_flow(sk, flowi6_to_flowi(fl6));
823 * Special lock-class for __icmpv6_sk:
825 static struct lock_class_key icmpv6_socket_sk_dst_lock_key;
827 static int __net_init icmpv6_sk_init(struct net *net)
833 kzalloc(nr_cpu_ids * sizeof(struct sock *), GFP_KERNEL);
834 if (net->ipv6.icmp_sk == NULL)
837 for_each_possible_cpu(i) {
838 err = inet_ctl_sock_create(&sk, PF_INET6,
839 SOCK_RAW, IPPROTO_ICMPV6, net);
841 pr_err("Failed to initialize the ICMP6 control socket (err %d)\n",
846 net->ipv6.icmp_sk[i] = sk;
849 * Split off their lock-class, because sk->sk_dst_lock
850 * gets used from softirqs, which is safe for
851 * __icmpv6_sk (because those never get directly used
852 * via userspace syscalls), but unsafe for normal sockets.
854 lockdep_set_class(&sk->sk_dst_lock,
855 &icmpv6_socket_sk_dst_lock_key);
857 /* Enough space for 2 64K ICMP packets, including
858 * sk_buff struct overhead.
860 sk->sk_sndbuf = 2 * SKB_TRUESIZE(64 * 1024);
865 for (j = 0; j < i; j++)
866 inet_ctl_sock_destroy(net->ipv6.icmp_sk[j]);
867 kfree(net->ipv6.icmp_sk);
871 static void __net_exit icmpv6_sk_exit(struct net *net)
875 for_each_possible_cpu(i) {
876 inet_ctl_sock_destroy(net->ipv6.icmp_sk[i]);
878 kfree(net->ipv6.icmp_sk);
881 static struct pernet_operations icmpv6_sk_ops = {
882 .init = icmpv6_sk_init,
883 .exit = icmpv6_sk_exit,
886 int __init icmpv6_init(void)
890 err = register_pernet_subsys(&icmpv6_sk_ops);
895 if (inet6_add_protocol(&icmpv6_protocol, IPPROTO_ICMPV6) < 0)
898 err = inet6_register_icmp_sender(icmp6_send);
904 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6);
906 pr_err("Failed to register ICMP6 protocol\n");
907 unregister_pernet_subsys(&icmpv6_sk_ops);
911 void icmpv6_cleanup(void)
913 inet6_unregister_icmp_sender(icmp6_send);
914 unregister_pernet_subsys(&icmpv6_sk_ops);
915 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6);
919 static const struct icmp6_err {
927 { /* ADM_PROHIBITED */
931 { /* Was NOT_NEIGHBOUR, now reserved */
945 int icmpv6_err_convert(u8 type, u8 code, int *err)
952 case ICMPV6_DEST_UNREACH:
954 if (code <= ICMPV6_PORT_UNREACH) {
955 *err = tab_unreach[code].err;
956 fatal = tab_unreach[code].fatal;
960 case ICMPV6_PKT_TOOBIG:
964 case ICMPV6_PARAMPROB:
969 case ICMPV6_TIME_EXCEED:
976 EXPORT_SYMBOL(icmpv6_err_convert);
979 ctl_table ipv6_icmp_table_template[] = {
981 .procname = "ratelimit",
982 .data = &init_net.ipv6.sysctl.icmpv6_time,
983 .maxlen = sizeof(int),
985 .proc_handler = proc_dointvec_ms_jiffies,
990 struct ctl_table * __net_init ipv6_icmp_sysctl_init(struct net *net)
992 struct ctl_table *table;
994 table = kmemdup(ipv6_icmp_table_template,
995 sizeof(ipv6_icmp_table_template),
999 table[0].data = &net->ipv6.sysctl.icmpv6_time;
git.openpandora.org / pandora-kernel.git / blob