[PATCH] net: ipv6: Add support for default gateway discovery.
Ramon Fried
rfried.dev at gmail.com
Sat Apr 1 21:02:29 CEST 2023
On Thu, Mar 2, 2023 at 6:58 PM <emohandesi at linux.microsoft.com> wrote:
>
> From: Ehsan Mohandesi <emohandesi at microsoft.com>
>
> In IPv6, the default gateway and prefix length are determined by receiving
> a router advertisement as defined in -
> https://www.rfc-editor.org/rfc/rfc4861.
>
> Add support for sending router solicitation (RS) and processing router
> advertisements (RA).
>
> If the RA has prefix info option and following conditions are met, then
> gatewayip6 and net_prefix_length of ip6addr env variables are initialized.
> These are later consumed by IPv6 code for non-local destination IP.
>
> - "Router Lifetime" != 0
> - Prefix is NOT link-local prefix (0xfe80::/10)
> - L flag is 1
> - "Valid Lifetime" != 0
>
> Timing Parameters:
> - MAX_RTR_SOLICITATION_DELAY (0-1s)
> - RTR_SOLICITATION_INTERVAL (4s) (min retransmit delay)
> - MAX_RTR_SOLICITATIONS (3 RS transmissions)
>
> The functionality is enabled by CONFIG_IPV6_ROUTER_DISCOVERY and invoked
> automatically from net_init_loop().
>
> Signed-off-by: Ehsan Mohandesi <emohandesi at microsoft.com>
>
> Conflicts:
> cmd/Kconfig
> include/net.h
> net/net.c
> ---
> cmd/Kconfig | 7 ++
> include/ndisc.h | 23 ++++++
> include/net.h | 2 +-
> include/net6.h | 40 ++++++++++
> net/ndisc.c | 243 +++++++++++++++++++++++++++++++++++++++++++++++++++++---
> net/net.c | 23 +++++-
> net/net6.c | 1 +
> 7 files changed, 327 insertions(+), 12 deletions(-)
>
> diff --git a/cmd/Kconfig b/cmd/Kconfig
> index 2caa4af..c46613e 100644
> --- a/cmd/Kconfig
> +++ b/cmd/Kconfig
> @@ -1894,6 +1894,13 @@ config CMD_NCSI
> Normally this happens automatically before other network
> operations.
>
> +config IPV6_ROUTER_DISCOVERY
> + bool "Do router discovery"
> + depends on IPV6
> + help
> + Will automatically perform router solicitation on first IPv6
> + network operation
> +
> endif
>
> config CMD_ETHSW
> diff --git a/include/ndisc.h b/include/ndisc.h
> index f6f8eb6..362d707 100644
> --- a/include/ndisc.h
> +++ b/include/ndisc.h
> @@ -19,6 +19,20 @@ struct nd_msg {
> __u8 opt[0];
> };
>
> +/* struct rs_msg - ICMPv6 Router Solicitation message format */
> +struct rs_msg {
> + struct icmp6hdr icmph;
> + __u8 opt[0];
> +};
> +
> +/* struct ra_msg - ICMPv6 Router Advertisement message format */
> +struct ra_msg {
> + struct icmp6hdr icmph;
> + __u32 reachable_time;
> + __u32 retransmission_timer;
> + __u8 opt[0];
> +};
> +
> /* struct echo_msg - ICMPv6 echo request/reply message format */
> struct echo_msg {
> struct icmp6hdr icmph;
> @@ -57,6 +71,11 @@ extern int net_nd_try;
> */
> void ndisc_init(void);
>
> +/*
> + * ip6_send_rs() - Send IPv6 Router Solicitation Message
> + */
> +void ip6_send_rs(void);
> +
> /**
> * ndisc_receive() - Handle ND packet
> *
> @@ -97,6 +116,10 @@ static inline int ndisc_timeout_check(void)
> {
> return 0;
> }
> +
> +void ip6_send_rs(void)
> +{
> +}
> #endif
>
> #endif /* __NDISC_H__ */
> diff --git a/include/net.h b/include/net.h
> index 399af5e..25c43b3 100644
> --- a/include/net.h
> +++ b/include/net.h
> @@ -505,7 +505,7 @@ extern int net_restart_wrap; /* Tried all network devices */
>
> enum proto_t {
> BOOTP, RARP, ARP, TFTPGET, DHCP, PING, PING6, DNS, NFS, CDP, NETCONS,
> - SNTP, TFTPSRV, TFTPPUT, LINKLOCAL, FASTBOOT, WOL, UDP, NCSI, WGET
> + SNTP, TFTPSRV, TFTPPUT, LINKLOCAL, FASTBOOT, WOL, UDP, NCSI, WGET, RS
> };
>
> extern char net_boot_file_name[1024];/* Boot File name */
> diff --git a/include/net6.h b/include/net6.h
> index 2d7c5a0..beafc05 100644
> --- a/include/net6.h
> +++ b/include/net6.h
> @@ -81,8 +81,17 @@ struct udp_hdr {
> 0x00, 0x00, 0x00, 0x00, \
> 0x00, 0x00, 0x00, 0x00, \
> 0x00, 0x00, 0x00, 0x00 } } }
> +/*
> + * All-routers multicast address is the link-local scope address to reach all
> + * routers.
> + */
> +#define ALL_ROUTERS_MULT_ADDR { { { 0xFF, 0x02, 0x00, 0x00, \
> + 0x00, 0x00, 0x00, 0x00, \
> + 0x00, 0x00, 0x00, 0x00, \
> + 0x00, 0x00, 0x00, 0x02 } } }
>
> #define IPV6_LINK_LOCAL_PREFIX 0xfe80
> +#define IPV6_LINK_LOCAL_MASK 0xffb0 /* The first 10-bit of address mask. */
>
> /* hop limit for neighbour discovery packets */
> #define IPV6_NDISC_HOPLIMIT 255
> @@ -166,6 +175,37 @@ struct icmp6hdr {
> #define icmp6_rt_lifetime icmp6_dataun.u_nd_ra.rt_lifetime
> } __packed;
>
> +/*
> + * struct icmp6_ra_prefix_info - Prefix Information option of the ICMPv6 message
> + * The Prefix Information option provides hosts with on-link prefixes and
> + * prefixes for Address Autoconfiguration. Refer to RFC 4861 for more info.
> + */
> +struct icmp6_ra_prefix_info {
> + u8 type; /* Type is 3 for Prefix Information. */
> + u8 len; /* Len is 4 for Prefix Information. */
> + /* The number of leading bits in the Prefix that are valid. */
> + u8 prefix_len;
> + u8 reserved1:6, /* MUST be ignored by the receiver. */
> + aac:1, /* autonomous address-configuration flag */
> + /* Indicates that this prefix can be used for on-link determination. */
> + on_link:1;
> + /*
> + * The length of time in seconds that the prefix is valid for the
> + * purpose of on-link determination.
> + */
> + __be32 valid_lifetime;
> + /* The length of time addresses remain preferred. */
> + __be32 preferred_lifetime;
> + __be32 reserved2; /* MUST be ignored by the receiver. */
> + /*
> + * Prefix is an IP address or a prefix of an IP address. The Prefix
> + * Length field contains the number of valid leading bits in the prefix.
> + * The bits in the prefix after the prefix length are reserved and MUST
> + * be initialized to zero by the sender and ignored by the receiver.
> + */
> + struct in6_addr prefix;
> +};
> +
> extern struct in6_addr const net_null_addr_ip6; /* NULL IPv6 address */
> extern struct in6_addr net_gateway6; /* Our gateways IPv6 address */
> extern struct in6_addr net_ip6; /* Our IPv6 addr (0 = unknown) */
> diff --git a/net/ndisc.c b/net/ndisc.c
> index 367dae7..db76c4b 100644
> --- a/net/ndisc.c
> +++ b/net/ndisc.c
> @@ -13,6 +13,8 @@
> #include <net.h>
> #include <net6.h>
> #include <ndisc.h>
> +#include <stdlib.h>
> +#include <linux/delay.h>
>
> /* IPv6 destination address of packet waiting for ND */
> struct in6_addr net_nd_sol_packet_ip6 = ZERO_IPV6_ADDR;
> @@ -29,31 +31,37 @@ int net_nd_tx_packet_size;
> ulong net_nd_timer_start;
> /* the number of requests we have sent so far */
> int net_nd_try;
> +struct in6_addr all_routers = ALL_ROUTERS_MULT_ADDR;
> +
> +#define MAX_RTR_SOLICITATIONS 3
> +/* The maximum time to delay sending the first router solicitation message. */
> +#define MAX_SOLICITATION_DELAY 1 // 1 second
> +/* The time to wait before sending the next router solicitation message. */
> +#define RTR_SOLICITATION_INTERVAL 4000 // 4 seconds
>
> #define IP6_NDISC_OPT_SPACE(len) (((len) + 2 + 7) & ~7)
>
> /**
> * ndisc_insert_option() - Insert an option into a neighbor discovery packet
> *
> - * @ndisc: pointer to ND packet
> + * @opt: pointer to the option element of the neighbor discovery packet
> * @type: option type to insert
> * @data: option data to insert
> * @len: data length
> * Return: the number of bytes inserted (which may be >= len)
> */
> -static int
> -ndisc_insert_option(struct nd_msg *ndisc, int type, u8 *data, int len)
> +static int ndisc_insert_option(__u8 *opt, int type, u8 *data, int len)
> {
> int space = IP6_NDISC_OPT_SPACE(len);
>
> - ndisc->opt[0] = type;
> - ndisc->opt[1] = space >> 3;
> - memcpy(&ndisc->opt[2], data, len);
> + opt[0] = type;
> + opt[1] = space >> 3;
> + memcpy(&opt[2], data, len);
> len += 2;
>
> /* fill the remainder with 0 */
> if (space - len > 0)
> - memset(&ndisc->opt[len], '\0', space - len);
> + memset(&opt[len], '\0', space - len);
>
> return space;
> }
> @@ -123,7 +131,7 @@ static void ip6_send_ns(struct in6_addr *neigh_addr)
>
> /* Set the target address and llsaddr option */
> net_copy_ip6(&msg->target, neigh_addr);
> - ndisc_insert_option(msg, ND_OPT_SOURCE_LL_ADDR, net_ethaddr,
> + ndisc_insert_option(msg->opt, ND_OPT_SOURCE_LL_ADDR, net_ethaddr,
> INETHADDRSZ);
>
> /* checksum */
> @@ -137,6 +145,76 @@ static void ip6_send_ns(struct in6_addr *neigh_addr)
> net_send_packet(net_tx_packet, (pkt - net_tx_packet));
> }
>
> +/*
> + * ip6_send_rs() - Send IPv6 Router Solicitation Message.
> + *
> + * A router solicitation is sent to discover a router. RS message creation is
> + * based on RFC 4861 section 4.1. Router Solicitation Message Format.
> + */
> +void ip6_send_rs(void)
> +{
> + unsigned char enetaddr[6];
> + struct rs_msg *msg;
> + __u16 icmp_len;
> + uchar *pkt;
> + unsigned short csum;
> + unsigned int pcsum;
> + static unsigned int retry_count;
> +
> + if (!ip6_is_unspecified_addr(&net_gateway6) &&
> + net_prefix_length != 0) {
> + net_set_state(NETLOOP_SUCCESS);
> + return;
> + } else if (retry_count >= MAX_RTR_SOLICITATIONS) {
> + net_set_state(NETLOOP_FAIL);
> + net_set_timeout_handler(0, 0);
> + retry_count = 0;
> + return;
> + }
> +
> + printf("ROUTER SOLICITATION %d\n", retry_count + 1);
> +
> + ip6_make_mult_ethdstaddr(enetaddr, &all_routers);
> + /*
> + * ICMP length is the size of ICMP header (8) + one option (8) = 16.
> + * The option is 2 bytes of type and length + 6 bytes for MAC.
> + */
> + icmp_len = sizeof(struct icmp6hdr) + IP6_NDISC_OPT_SPACE(INETHADDRSZ);
> +
> + pkt = (uchar *)net_tx_packet;
> + pkt += net_set_ether(pkt, enetaddr, PROT_IP6);
> + pkt += ip6_add_hdr(pkt, &net_link_local_ip6, &all_routers, PROT_ICMPV6,
> + IPV6_NDISC_HOPLIMIT, icmp_len);
> +
> + /* ICMPv6 - RS */
> + msg = (struct rs_msg *)pkt;
> + msg->icmph.icmp6_type = IPV6_NDISC_ROUTER_SOLICITATION;
> + msg->icmph.icmp6_code = 0;
> + memset(&msg->icmph.icmp6_cksum, 0, sizeof(__be16));
> + memset(&msg->icmph.icmp6_unused, 0, sizeof(__be32));
> +
> + /* Set the llsaddr option */
> + ndisc_insert_option(msg->opt, ND_OPT_SOURCE_LL_ADDR, net_ethaddr,
> + INETHADDRSZ);
> +
> + /* checksum */
> + pcsum = csum_partial((__u8 *)msg, icmp_len, 0);
> + csum = csum_ipv6_magic(&net_link_local_ip6, &all_routers,
> + icmp_len, PROT_ICMPV6, pcsum);
> + msg->icmph.icmp6_cksum = csum;
> + pkt += icmp_len;
> +
> + /* Wait up to 1 second if it is the first try to get the RA */
> + if (retry_count == 0)
> + udelay(((unsigned int)rand() % 1000000) * MAX_SOLICITATION_DELAY);
> +
> + /* send it! */
> + net_send_packet(net_tx_packet, (pkt - net_tx_packet));
> +
> + retry_count++;
> + net_set_timeout_handler(RTR_SOLICITATION_INTERVAL, ip6_send_rs);
> +}
> +
> static void
> ip6_send_na(uchar *eth_dst_addr, struct in6_addr *neigh_addr,
> struct in6_addr *target)
> @@ -167,7 +245,7 @@ ip6_send_na(uchar *eth_dst_addr, struct in6_addr *neigh_addr,
> msg->icmph.icmp6_dataun.u_nd_advt.override = 1;
> /* Set the target address and lltargetaddr option */
> net_copy_ip6(&msg->target, target);
> - ndisc_insert_option(msg, ND_OPT_TARGET_LL_ADDR, net_ethaddr,
> + ndisc_insert_option(msg->opt, ND_OPT_TARGET_LL_ADDR, net_ethaddr,
> INETHADDRSZ);
>
> /* checksum */
> @@ -223,6 +301,10 @@ int ndisc_timeout_check(void)
> return 1;
> }
>
> +/*
> + * ndisc_init() - Make initial steps for ND state machine.
> + * Usually move variables into initial state.
> + */
> void ndisc_init(void)
> {
> net_nd_packet_mac = NULL;
> @@ -234,12 +316,125 @@ void ndisc_init(void)
> net_nd_tx_packet -= (ulong)net_nd_tx_packet % PKTALIGN;
> }
>
> +/*
> + * validate_ra() - Validate the router advertisement message.
> + *
> + * @ip6: Pointer to the router advertisement packet
> + * @len: Length of the router advertisement packet
> + *
> + * Check if the router advertisement message is valid. Conditions are
> + * according to RFC 4861 section 6.1.2. Validation of Router Advertisement
> + * Messages.
> + *
> + * Return: true if the message is valid and false if it is invalid.
> + */
> +static bool validate_ra(struct ip6_hdr *ip6, int len)
> +{
> + struct icmp6hdr *icmp = (struct icmp6hdr *)(ip6 + 1);
> +
> + /* ICMP length (derived from the IP length) should be 16 or more octets. */
> + if (ip6->payload_len < 16)
> + return false;
> +
> + /* Source IP Address should be a valid link-local address. */
> + if ((ntohs(ip6->saddr.s6_addr16[0]) & IPV6_LINK_LOCAL_MASK) !=
> + IPV6_LINK_LOCAL_PREFIX)
> + return false;
> +
> + /*
> + * The IP Hop Limit field should have a value of 255, i.e., the packet
> + * could not possibly have been forwarded by a router.
> + */
> + if (ip6->hop_limit != 255)
> + return false;
> +
> + /* ICMP checksum has already been checked in net_ip6_handler. */
> +
> + if (icmp->icmp6_code != 0)
> + return false;
> +
> + return true;
> +}
> +
> +/*
> + * process_ra() - Process the router advertisement packet.
> + *
> + * @ip6: Pointer to the router advertisement packet
> + * @len: Length of the router advertisement packet
> + *
> + * Process the received router advertisement message.
> + * Although RFC 4861 requires retaining at least two router addresses, we only
> + * keep one because of the U-Boot limitations and its goal of lightweight code.
> + *
> + * Return: 0 - RA is a default router and contains valid prefix information.
> + * Non-zero - RA options are invalid or do not indicate it is a default router
> + * or do not contain valid prefix information.
> + */
> +static int process_ra(struct ip6_hdr *ip6, int len)
> +{
> + /* Pointer to the ICMP section of the packet */
> + struct icmp6hdr *icmp = (struct icmp6hdr *)(ip6 + 1);
> + struct ra_msg *msg = (struct ra_msg *)icmp;
> + int remaining_option_len = len - IP6_HDR_SIZE - sizeof(struct ra_msg);
> + unsigned short int option_len; /* Length of each option */
> + /* Pointer to the ICMPv6 message options */
> + unsigned char *option = NULL;
> + /* 8-bit identifier of the type of ICMPv6 option */
> + unsigned char type = 0;
> + struct icmp6_ra_prefix_info *prefix = NULL;
> +
> + /* Ignore the packet if router lifetime is 0. */
> + if (!icmp->icmp6_rt_lifetime)
> + return -EOPNOTSUPP;
> +
> + /* Processing the options */
> + option = msg->opt;
> + while (remaining_option_len > 0) {
> + /* The 2nd byte of the option is its length. */
> + option_len = option[1];
> + /* All included options should have a positive length. */
> + if (option_len == 0)
> + return -EINVAL;
> +
> + type = option[0];
> + /* All option types except Prefix Information are ignored. */
> + switch (type) {
> + case ND_OPT_SOURCE_LL_ADDR:
> + case ND_OPT_TARGET_LL_ADDR:
> + case ND_OPT_REDIRECT_HDR:
> + case ND_OPT_MTU:
> + break;
> + case ND_OPT_PREFIX_INFO:
> + prefix = (struct icmp6_ra_prefix_info *)option;
> + /* The link-local prefix 0xfe80::/10 is ignored. */
> + if ((ntohs(prefix->prefix.s6_addr16[0]) &
> + IPV6_LINK_LOCAL_MASK) == IPV6_LINK_LOCAL_PREFIX)
> + break;
> + if (prefix->on_link && ntohl(prefix->valid_lifetime)) {
> + net_prefix_length = prefix->prefix_len;
> + net_gateway6 = ip6->saddr;
> + return 0;
> + }
> + break;
> + default:
> + debug("Unknown IPv6 Neighbor Discovery Option 0x%x\n",
> + type);
> + }
> +
> + option_len <<= 3; /* Option length is a multiple of 8. */
> + remaining_option_len -= option_len;
> + option += option_len;
> + }
> + return -EADDRNOTAVAIL;
> +}
> +
> int ndisc_receive(struct ethernet_hdr *et, struct ip6_hdr *ip6, int len)
> {
> struct icmp6hdr *icmp =
> (struct icmp6hdr *)(((uchar *)ip6) + IP6_HDR_SIZE);
> struct nd_msg *ndisc = (struct nd_msg *)icmp;
> uchar neigh_eth_addr[6];
> + int err = 0; // The error code returned calling functions.
>
> switch (icmp->icmp6_type) {
> case IPV6_NDISC_NEIGHBOUR_SOLICITATION:
> @@ -280,6 +475,36 @@ int ndisc_receive(struct ethernet_hdr *et, struct ip6_hdr *ip6, int len)
> net_nd_packet_mac = NULL;
> }
> break;
> + case IPV6_NDISC_ROUTER_SOLICITATION:
> + break;
> + case IPV6_NDISC_ROUTER_ADVERTISEMENT:
> + debug("Received router advertisement for %pI6c from %pI6c\n",
> + &ip6->daddr, &ip6->saddr);
> + /*
> + * If gateway and prefix are set, the RA packet is ignored. The
> + * reason is that the U-Boot code is supposed to be as compact
> + * as possible and does not need to take care of multiple
> + * routers. In addition to that, U-Boot does not want to handle
> + * scenarios like a router setting its lifetime to zero to
> + * indicate it is not routing anymore. U-Boot program has a
> + * short life when the system boots up and does not need such
> + * sophistication.
> + */
> + if (!ip6_is_unspecified_addr(&net_gateway6) &&
> + net_prefix_length != 0) {
> + break;
> + }
> + if (!validate_ra(ip6, len)) {
> + debug("Invalid router advertisement message.\n");
> + break;
> + }
> + err = process_ra(ip6, len);
> + if (err)
> + debug("Ignored router advertisement. Error: %d\n", err);
> + else
> + printf("Set gatewayip6: %pI6c, prefix_length: %d\n",
> + &net_gateway6, net_prefix_length);
> + break;
> default:
> debug("Unexpected ICMPv6 type 0x%x\n", icmp->icmp6_type);
> return -1;
> diff --git a/net/net.c b/net/net.c
> index c9a749f..39f0b81 100644
> --- a/net/net.c
> +++ b/net/net.c
> @@ -24,7 +24,7 @@
> * - name of bootfile
> * Next step: ARP
> *
> - * LINK_LOCAL:
> + * LINKLOCAL:
> *
> * Prerequisites: - own ethernet address
> * We want: - own IP address
> @@ -122,6 +122,7 @@
> #endif
> #include <net/tcp.h>
> #include <net/wget.h>
> +#include "net_rand.h"
>
> /** BOOTP EXTENTIONS **/
>
> @@ -346,6 +347,8 @@ void net_auto_load(void)
>
> static int net_init_loop(void)
> {
> + static bool first_call = true;
> +
> if (eth_get_dev()) {
> memcpy(net_ethaddr, eth_get_ethaddr(), 6);
>
> @@ -365,6 +368,12 @@ static int net_init_loop(void)
> */
> return -ENONET;
>
> + if (IS_ENABLED(CONFIG_IPV6_ROUTER_DISCOVERY))
> + if (first_call && use_ip6) {
> + first_call = false;
> + srand_mac(); /* This is for rand used in ip6_send_rs. */
> + net_loop(RS);
> + }
> return 0;
> }
>
> @@ -574,6 +583,10 @@ restart:
> ncsi_probe_packages();
> break;
> #endif
> + case RS:
> + if (IS_ENABLED(CONFIG_IPV6_ROUTER_DISCOVERY))
> + ip6_send_rs();
> + break;
> default:
> break;
> }
> @@ -671,7 +684,13 @@ restart:
> x = time_handler;
> time_handler = (thand_f *)0;
> (*x)();
> - }
> + } else if (IS_ENABLED(CONFIG_IPV6_ROUTER_DISCOVERY))
> + if (time_handler && protocol == RS)
> + if (!ip6_is_unspecified_addr(&net_gateway6) &&
> + net_prefix_length != 0) {
> + net_set_state(NETLOOP_SUCCESS);
> + net_set_timeout_handler(0, 0);
> + }
>
> if (net_state == NETLOOP_FAIL)
> ret = net_start_again();
> diff --git a/net/net6.c b/net/net6.c
> index 75577bc..2dd64c0 100644
> --- a/net/net6.c
> +++ b/net/net6.c
> @@ -413,6 +413,7 @@ int net_ip6_handler(struct ethernet_hdr *et, struct ip6_hdr *ip6, int len)
> break;
> case IPV6_NDISC_NEIGHBOUR_SOLICITATION:
> case IPV6_NDISC_NEIGHBOUR_ADVERTISEMENT:
> + case IPV6_NDISC_ROUTER_ADVERTISEMENT:
> ndisc_receive(et, ip6, len);
> break;
> default:
> --
> 1.8.3.1
>
Reviewed-by: Ramon Fried <rfried.dev at gmail.com>
More information about the U-Boot
mailing list