mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2026-01-11 17:10:13 +00:00
f0e7036fc9
Add the ability to append the incoming IP interface information to
ICMPv4 error messages in accordance with RFC 5837 and RFC 4884. This is
required for more meaningful traceroute results in unnumbered networks.
The feature is disabled by default and controlled via a new sysctl
("net.ipv4.icmp_errors_extension_mask") which accepts a bitmask of ICMP
extensions to append to ICMP error messages. Currently, only a single
value is supported, but the interface and the implementation should be
able to support more extensions, if needed.
Clone the skb and copy the relevant data portions before modifying the
skb as the caller of __icmp_send() still owns the skb after the function
returns. This should be fine since by default ICMP error messages are
rate limited to 1000 per second and no more than 1 per second per
specific host.
Trim or pad the packet to 128 bytes before appending the ICMP extension
structure in order to be compatible with legacy applications that assume
that the ICMP extension structure always starts at this offset (the
minimum length specified by RFC 4884).
Reviewed-by: Petr Machata <petrm@nvidia.com>
Reviewed-by: David Ahern <dsahern@kernel.org>
Reviewed-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: Ido Schimmel <idosch@nvidia.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Link: https://patch.msgid.link/20251027082232.232571-2-idosch@nvidia.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
76 lines
1.7 KiB
C
76 lines
1.7 KiB
C
/* SPDX-License-Identifier: GPL-2.0-or-later */
|
|
/*
|
|
* INET An implementation of the TCP/IP protocol suite for the LINUX
|
|
* operating system. INET is implemented using the BSD Socket
|
|
* interface as the means of communication with the user level.
|
|
*
|
|
* Definitions for the ICMP protocol.
|
|
*
|
|
* Version: @(#)icmp.h 1.0.3 04/28/93
|
|
*
|
|
* Author: Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
|
|
*/
|
|
#ifndef _LINUX_ICMP_H
|
|
#define _LINUX_ICMP_H
|
|
|
|
#include <linux/skbuff.h>
|
|
#include <uapi/linux/icmp.h>
|
|
#include <uapi/linux/errqueue.h>
|
|
|
|
static inline struct icmphdr *icmp_hdr(const struct sk_buff *skb)
|
|
{
|
|
return (struct icmphdr *)skb_transport_header(skb);
|
|
}
|
|
|
|
static inline bool icmp_is_err(int type)
|
|
{
|
|
switch (type) {
|
|
case ICMP_DEST_UNREACH:
|
|
case ICMP_SOURCE_QUENCH:
|
|
case ICMP_REDIRECT:
|
|
case ICMP_TIME_EXCEEDED:
|
|
case ICMP_PARAMETERPROB:
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
void ip_icmp_error_rfc4884(const struct sk_buff *skb,
|
|
struct sock_ee_data_rfc4884 *out,
|
|
int thlen, int off);
|
|
|
|
/* RFC 4884 */
|
|
#define ICMP_EXT_ORIG_DGRAM_MIN_LEN 128
|
|
#define ICMP_EXT_VERSION_2 2
|
|
|
|
/* ICMP Extension Object Classes */
|
|
#define ICMP_EXT_OBJ_CLASS_IIO 2 /* RFC 5837 */
|
|
|
|
/* Interface Information Object - RFC 5837 */
|
|
enum {
|
|
ICMP_EXT_CTYPE_IIO_ROLE_IIF,
|
|
};
|
|
|
|
#define ICMP_EXT_CTYPE_IIO_ROLE(ROLE) ((ROLE) << 6)
|
|
#define ICMP_EXT_CTYPE_IIO_MTU BIT(0)
|
|
#define ICMP_EXT_CTYPE_IIO_NAME BIT(1)
|
|
#define ICMP_EXT_CTYPE_IIO_IPADDR BIT(2)
|
|
#define ICMP_EXT_CTYPE_IIO_IFINDEX BIT(3)
|
|
|
|
struct icmp_ext_iio_name_subobj {
|
|
u8 len;
|
|
char name[IFNAMSIZ];
|
|
};
|
|
|
|
enum {
|
|
/* RFC 5837 - Incoming IP Interface Role */
|
|
ICMP_ERR_EXT_IIO_IIF,
|
|
/* Add new constants above. Used by "icmp_errors_extension_mask"
|
|
* sysctl.
|
|
*/
|
|
ICMP_ERR_EXT_COUNT,
|
|
};
|
|
|
|
#endif /* _LINUX_ICMP_H */
|