Loading...
1/*
2 * IPv6 library code, needed by static components when full IPv6 support is
3 * not configured or static. These functions are needed by GSO/GRO implementation.
4 */
5#include <linux/export.h>
6#include <net/ip.h>
7#include <net/ipv6.h>
8#include <net/ip6_fib.h>
9#include <net/addrconf.h>
10#include <net/secure_seq.h>
11#include <linux/netfilter.h>
12
13static u32 __ipv6_select_ident(struct net *net, u32 hashrnd,
14 const struct in6_addr *dst,
15 const struct in6_addr *src)
16{
17 u32 hash, id;
18
19 hash = __ipv6_addr_jhash(dst, hashrnd);
20 hash = __ipv6_addr_jhash(src, hash);
21 hash ^= net_hash_mix(net);
22
23 /* Treat id of 0 as unset and if we get 0 back from ip_idents_reserve,
24 * set the hight order instead thus minimizing possible future
25 * collisions.
26 */
27 id = ip_idents_reserve(hash, 1);
28 if (unlikely(!id))
29 id = 1 << 31;
30
31 return id;
32}
33
34/* This function exists only for tap drivers that must support broken
35 * clients requesting UFO without specifying an IPv6 fragment ID.
36 *
37 * This is similar to ipv6_select_ident() but we use an independent hash
38 * seed to limit information leakage.
39 *
40 * The network header must be set before calling this.
41 */
42void ipv6_proxy_select_ident(struct net *net, struct sk_buff *skb)
43{
44 static u32 ip6_proxy_idents_hashrnd __read_mostly;
45 struct in6_addr buf[2];
46 struct in6_addr *addrs;
47 u32 id;
48
49 addrs = skb_header_pointer(skb,
50 skb_network_offset(skb) +
51 offsetof(struct ipv6hdr, saddr),
52 sizeof(buf), buf);
53 if (!addrs)
54 return;
55
56 net_get_random_once(&ip6_proxy_idents_hashrnd,
57 sizeof(ip6_proxy_idents_hashrnd));
58
59 id = __ipv6_select_ident(net, ip6_proxy_idents_hashrnd,
60 &addrs[1], &addrs[0]);
61 skb_shinfo(skb)->ip6_frag_id = htonl(id);
62}
63EXPORT_SYMBOL_GPL(ipv6_proxy_select_ident);
64
65__be32 ipv6_select_ident(struct net *net,
66 const struct in6_addr *daddr,
67 const struct in6_addr *saddr)
68{
69 static u32 ip6_idents_hashrnd __read_mostly;
70 u32 id;
71
72 net_get_random_once(&ip6_idents_hashrnd, sizeof(ip6_idents_hashrnd));
73
74 id = __ipv6_select_ident(net, ip6_idents_hashrnd, daddr, saddr);
75 return htonl(id);
76}
77EXPORT_SYMBOL(ipv6_select_ident);
78
79int ip6_find_1stfragopt(struct sk_buff *skb, u8 **nexthdr)
80{
81 u16 offset = sizeof(struct ipv6hdr);
82 struct ipv6_opt_hdr *exthdr =
83 (struct ipv6_opt_hdr *)(ipv6_hdr(skb) + 1);
84 unsigned int packet_len = skb_tail_pointer(skb) -
85 skb_network_header(skb);
86 int found_rhdr = 0;
87 *nexthdr = &ipv6_hdr(skb)->nexthdr;
88
89 while (offset + 1 <= packet_len) {
90
91 switch (**nexthdr) {
92
93 case NEXTHDR_HOP:
94 break;
95 case NEXTHDR_ROUTING:
96 found_rhdr = 1;
97 break;
98 case NEXTHDR_DEST:
99#if IS_ENABLED(CONFIG_IPV6_MIP6)
100 if (ipv6_find_tlv(skb, offset, IPV6_TLV_HAO) >= 0)
101 break;
102#endif
103 if (found_rhdr)
104 return offset;
105 break;
106 default:
107 return offset;
108 }
109
110 offset += ipv6_optlen(exthdr);
111 *nexthdr = &exthdr->nexthdr;
112 exthdr = (struct ipv6_opt_hdr *)(skb_network_header(skb) +
113 offset);
114 }
115
116 return offset;
117}
118EXPORT_SYMBOL(ip6_find_1stfragopt);
119
120#if IS_ENABLED(CONFIG_IPV6)
121int ip6_dst_hoplimit(struct dst_entry *dst)
122{
123 int hoplimit = dst_metric_raw(dst, RTAX_HOPLIMIT);
124 if (hoplimit == 0) {
125 struct net_device *dev = dst->dev;
126 struct inet6_dev *idev;
127
128 rcu_read_lock();
129 idev = __in6_dev_get(dev);
130 if (idev)
131 hoplimit = idev->cnf.hop_limit;
132 else
133 hoplimit = dev_net(dev)->ipv6.devconf_all->hop_limit;
134 rcu_read_unlock();
135 }
136 return hoplimit;
137}
138EXPORT_SYMBOL(ip6_dst_hoplimit);
139#endif
140
141int __ip6_local_out(struct net *net, struct sock *sk, struct sk_buff *skb)
142{
143 int len;
144
145 len = skb->len - sizeof(struct ipv6hdr);
146 if (len > IPV6_MAXPLEN)
147 len = 0;
148 ipv6_hdr(skb)->payload_len = htons(len);
149 IP6CB(skb)->nhoff = offsetof(struct ipv6hdr, nexthdr);
150
151 return nf_hook(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
152 net, sk, skb, NULL, skb_dst(skb)->dev,
153 dst_output);
154}
155EXPORT_SYMBOL_GPL(__ip6_local_out);
156
157int ip6_local_out(struct net *net, struct sock *sk, struct sk_buff *skb)
158{
159 int err;
160
161 err = __ip6_local_out(net, sk, skb);
162 if (likely(err == 1))
163 err = dst_output(net, sk, skb);
164
165 return err;
166}
167EXPORT_SYMBOL_GPL(ip6_local_out);
1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * IPv6 library code, needed by static components when full IPv6 support is
4 * not configured or static. These functions are needed by GSO/GRO implementation.
5 */
6#include <linux/export.h>
7#include <net/ip.h>
8#include <net/ipv6.h>
9#include <net/ip6_fib.h>
10#include <net/addrconf.h>
11#include <net/secure_seq.h>
12#include <linux/netfilter.h>
13
14static u32 __ipv6_select_ident(struct net *net,
15 const struct in6_addr *dst,
16 const struct in6_addr *src)
17{
18 return get_random_u32_above(0);
19}
20
21/* This function exists only for tap drivers that must support broken
22 * clients requesting UFO without specifying an IPv6 fragment ID.
23 *
24 * This is similar to ipv6_select_ident() but we use an independent hash
25 * seed to limit information leakage.
26 *
27 * The network header must be set before calling this.
28 */
29__be32 ipv6_proxy_select_ident(struct net *net, struct sk_buff *skb)
30{
31 struct in6_addr buf[2];
32 struct in6_addr *addrs;
33 u32 id;
34
35 addrs = skb_header_pointer(skb,
36 skb_network_offset(skb) +
37 offsetof(struct ipv6hdr, saddr),
38 sizeof(buf), buf);
39 if (!addrs)
40 return 0;
41
42 id = __ipv6_select_ident(net, &addrs[1], &addrs[0]);
43 return htonl(id);
44}
45EXPORT_SYMBOL_GPL(ipv6_proxy_select_ident);
46
47__be32 ipv6_select_ident(struct net *net,
48 const struct in6_addr *daddr,
49 const struct in6_addr *saddr)
50{
51 u32 id;
52
53 id = __ipv6_select_ident(net, daddr, saddr);
54 return htonl(id);
55}
56EXPORT_SYMBOL(ipv6_select_ident);
57
58int ip6_find_1stfragopt(struct sk_buff *skb, u8 **nexthdr)
59{
60 unsigned int offset = sizeof(struct ipv6hdr);
61 unsigned int packet_len = skb_tail_pointer(skb) -
62 skb_network_header(skb);
63 int found_rhdr = 0;
64 *nexthdr = &ipv6_hdr(skb)->nexthdr;
65
66 while (offset <= packet_len) {
67 struct ipv6_opt_hdr *exthdr;
68
69 switch (**nexthdr) {
70
71 case NEXTHDR_HOP:
72 break;
73 case NEXTHDR_ROUTING:
74 found_rhdr = 1;
75 break;
76 case NEXTHDR_DEST:
77#if IS_ENABLED(CONFIG_IPV6_MIP6)
78 if (ipv6_find_tlv(skb, offset, IPV6_TLV_HAO) >= 0)
79 break;
80#endif
81 if (found_rhdr)
82 return offset;
83 break;
84 default:
85 return offset;
86 }
87
88 if (offset + sizeof(struct ipv6_opt_hdr) > packet_len)
89 return -EINVAL;
90
91 exthdr = (struct ipv6_opt_hdr *)(skb_network_header(skb) +
92 offset);
93 offset += ipv6_optlen(exthdr);
94 if (offset > IPV6_MAXPLEN)
95 return -EINVAL;
96 *nexthdr = &exthdr->nexthdr;
97 }
98
99 return -EINVAL;
100}
101EXPORT_SYMBOL(ip6_find_1stfragopt);
102
103#if IS_ENABLED(CONFIG_IPV6)
104int ip6_dst_hoplimit(struct dst_entry *dst)
105{
106 int hoplimit = dst_metric_raw(dst, RTAX_HOPLIMIT);
107 if (hoplimit == 0) {
108 struct net_device *dev = dst->dev;
109 struct inet6_dev *idev;
110
111 rcu_read_lock();
112 idev = __in6_dev_get(dev);
113 if (idev)
114 hoplimit = READ_ONCE(idev->cnf.hop_limit);
115 else
116 hoplimit = READ_ONCE(dev_net(dev)->ipv6.devconf_all->hop_limit);
117 rcu_read_unlock();
118 }
119 return hoplimit;
120}
121EXPORT_SYMBOL(ip6_dst_hoplimit);
122#endif
123
124int __ip6_local_out(struct net *net, struct sock *sk, struct sk_buff *skb)
125{
126 int len;
127
128 len = skb->len - sizeof(struct ipv6hdr);
129 if (len > IPV6_MAXPLEN)
130 len = 0;
131 ipv6_hdr(skb)->payload_len = htons(len);
132 IP6CB(skb)->nhoff = offsetof(struct ipv6hdr, nexthdr);
133
134 /* if egress device is enslaved to an L3 master device pass the
135 * skb to its handler for processing
136 */
137 skb = l3mdev_ip6_out(sk, skb);
138 if (unlikely(!skb))
139 return 0;
140
141 skb->protocol = htons(ETH_P_IPV6);
142
143 return nf_hook(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
144 net, sk, skb, NULL, skb_dst(skb)->dev,
145 dst_output);
146}
147EXPORT_SYMBOL_GPL(__ip6_local_out);
148
149int ip6_local_out(struct net *net, struct sock *sk, struct sk_buff *skb)
150{
151 int err;
152
153 err = __ip6_local_out(net, sk, skb);
154 if (likely(err == 1))
155 err = dst_output(net, sk, skb);
156
157 return err;
158}
159EXPORT_SYMBOL_GPL(ip6_local_out);