Use different neighbor tables per network endpoint

This stores each protocol's neighbor state separately.

This change also removes the need for each neighbor entry to keep
track of their own link address resolver now that all the entries
in a cache will use the same resolver.

PiperOrigin-RevId: 354818155

3 files changed, 45 insertions, 19 deletions

diff --git a/pkg/tcpip/network/ipv6/icmp.go b/pkg/tcpip/network/ipv6/icmp.go
index bdc88fe5d..12e5ead5e 100644
--- a/pkg/tcpip/network/ipv6/icmp.go
+++ b/pkg/tcpip/network/ipv6/icmp.go
@@ -290,7 +290,13 @@ func (e *endpoint) handleICMP(pkt *stack.PacketBuffer, hasFragmentHeader bool) {
 			received.invalid.Increment()
 			return
 		} else {
-			e.nic.HandleNeighborProbe(srcAddr, sourceLinkAddr, e)
+			switch err := e.nic.HandleNeighborProbe(ProtocolNumber, srcAddr, sourceLinkAddr); err.(type) {
+			case nil:
+			case *tcpip.ErrNotSupported:
+			// The stack may support ICMPv6 but the NIC may not need link resolution.
+			default:
+				panic(fmt.Sprintf("unexpected error when informing NIC of neighbor probe message: %s", err))
+			}
 		}
 
 		// As per RFC 4861 section 7.1.1:
@@ -456,11 +462,17 @@ func (e *endpoint) handleICMP(pkt *stack.PacketBuffer, hasFragmentHeader bool) {
 
 		// If the NA message has the target link layer option, update the link
 		// address cache with the link address for the target of the message.
-		e.nic.HandleNeighborConfirmation(targetAddr, targetLinkAddr, stack.ReachabilityConfirmationFlags{
+		switch err := e.nic.HandleNeighborConfirmation(ProtocolNumber, targetAddr, targetLinkAddr, stack.ReachabilityConfirmationFlags{
 			Solicited: na.SolicitedFlag(),
 			Override:  na.OverrideFlag(),
 			IsRouter:  na.RouterFlag(),
-		})
+		}); err.(type) {
+		case nil:
+		case *tcpip.ErrNotSupported:
+		// The stack may support ICMPv6 but the NIC may not need link resolution.
+		default:
+			panic(fmt.Sprintf("unexpected error when informing NIC of neighbor confirmation message: %s", err))
+		}
 
 	case header.ICMPv6EchoRequest:
 		received.echoRequest.Increment()
@@ -566,9 +578,15 @@ func (e *endpoint) handleICMP(pkt *stack.PacketBuffer, hasFragmentHeader bool) {
 				return
 			}
 
-			// A RS with a specified source IP address modifies the NUD state
-			// machine in the same way a reachability probe would.
-			e.nic.HandleNeighborProbe(srcAddr, sourceLinkAddr, e)
+			// A RS with a specified source IP address modifies the neighbor table
+			// in the same way a regular probe would.
+			switch err := e.nic.HandleNeighborProbe(ProtocolNumber, srcAddr, sourceLinkAddr); err.(type) {
+			case nil:
+			case *tcpip.ErrNotSupported:
+			// The stack may support ICMPv6 but the NIC may not need link resolution.
+			default:
+				panic(fmt.Sprintf("unexpected error when informing NIC of neighbor probe message: %s", err))
+			}
 		}
 
 	case header.ICMPv6RouterAdvert:
@@ -617,7 +635,13 @@ func (e *endpoint) handleICMP(pkt *stack.PacketBuffer, hasFragmentHeader bool) {
 		// If the RA has the source link layer option, update the link address
 		// cache with the link address for the advertised router.
 		if len(sourceLinkAddr) != 0 {
-			e.nic.HandleNeighborProbe(routerAddr, sourceLinkAddr, e)
+			switch err := e.nic.HandleNeighborProbe(ProtocolNumber, routerAddr, sourceLinkAddr); err.(type) {
+			case nil:
+			case *tcpip.ErrNotSupported:
+			// The stack may support ICMPv6 but the NIC may not need link resolution.
+			default:
+				panic(fmt.Sprintf("unexpected error when informing NIC of neighbor probe message: %s", err))
+			}
 		}
 
 		e.mu.Lock()
diff --git a/pkg/tcpip/network/ipv6/icmp_test.go b/pkg/tcpip/network/ipv6/icmp_test.go
index 755293377..4374d0198 100644
--- a/pkg/tcpip/network/ipv6/icmp_test.go
+++ b/pkg/tcpip/network/ipv6/icmp_test.go
@@ -139,12 +139,14 @@ func (t *testInterface) WritePacketToRemote(remoteLinkAddr tcpip.LinkAddress, gs
 	return t.LinkEndpoint.WritePacket(r, gso, protocol, pkt)
 }
 
-func (t *testInterface) HandleNeighborProbe(tcpip.Address, tcpip.LinkAddress, stack.LinkAddressResolver) {
+func (t *testInterface) HandleNeighborProbe(tcpip.NetworkProtocolNumber, tcpip.Address, tcpip.LinkAddress) tcpip.Error {
 	t.probeCount++
+	return nil
 }
 
-func (t *testInterface) HandleNeighborConfirmation(tcpip.Address, tcpip.LinkAddress, stack.ReachabilityConfirmationFlags) {
+func (t *testInterface) HandleNeighborConfirmation(tcpip.NetworkProtocolNumber, tcpip.Address, tcpip.LinkAddress, stack.ReachabilityConfirmationFlags) tcpip.Error {
 	t.confirmationCount++
+	return nil
 }
 
 func TestICMPCounts(t *testing.T) {
diff --git a/pkg/tcpip/network/ipv6/ndp_test.go b/pkg/tcpip/network/ipv6/ndp_test.go
index 4cc81e6cc..e0245487b 100644
--- a/pkg/tcpip/network/ipv6/ndp_test.go
+++ b/pkg/tcpip/network/ipv6/ndp_test.go
@@ -338,18 +338,18 @@ func TestNeighborSolicitationWithSourceLinkLayerOptionUsingNeighborCache(t *test
 				Data: hdr.View().ToVectorisedView(),
 			}))
 
-			neighbors, err := s.Neighbors(nicID)
+			neighbors, err := s.Neighbors(nicID, ProtocolNumber)
 			if err != nil {
-				t.Fatalf("s.Neighbors(%d): %s", nicID, err)
+				t.Fatalf("s.Neighbors(%d, %d): %s", nicID, ProtocolNumber, err)
 			}
 
 			neighborByAddr := make(map[tcpip.Address]stack.NeighborEntry)
 			for _, n := range neighbors {
 				if existing, ok := neighborByAddr[n.Addr]; ok {
 					if diff := cmp.Diff(existing, n); diff != "" {
-						t.Fatalf("s.Neighbors(%d) returned unexpected duplicate neighbor entry (-existing +got):\n%s", nicID, diff)
+						t.Fatalf("s.Neighbors(%d, %d) returned unexpected duplicate neighbor entry (-existing +got):\n%s", nicID, ProtocolNumber, diff)
 					}
-					t.Fatalf("s.Neighbors(%d) returned unexpected duplicate neighbor entry: %#v", nicID, existing)
+					t.Fatalf("s.Neighbors(%d, %d) returned unexpected duplicate neighbor entry: %#v", nicID, ProtocolNumber, existing)
 				}
 				neighborByAddr[n.Addr] = n
 			}
@@ -907,18 +907,18 @@ func TestNeighborAdvertisementWithTargetLinkLayerOptionUsingNeighborCache(t *tes
 				Data: hdr.View().ToVectorisedView(),
 			}))
 
-			neighbors, err := s.Neighbors(nicID)
+			neighbors, err := s.Neighbors(nicID, ProtocolNumber)
 			if err != nil {
-				t.Fatalf("s.Neighbors(%d): %s", nicID, err)
+				t.Fatalf("s.Neighbors(%d, %d): %s", nicID, ProtocolNumber, err)
 			}
 
 			neighborByAddr := make(map[tcpip.Address]stack.NeighborEntry)
 			for _, n := range neighbors {
 				if existing, ok := neighborByAddr[n.Addr]; ok {
 					if diff := cmp.Diff(existing, n); diff != "" {
-						t.Fatalf("s.Neighbors(%d) returned unexpected duplicate neighbor entry (-existing +got):\n%s", nicID, diff)
+						t.Fatalf("s.Neighbors(%d, %d) returned unexpected duplicate neighbor entry (-existing +got):\n%s", nicID, ProtocolNumber, diff)
 					}
-					t.Fatalf("s.Neighbors(%d) returned unexpected duplicate neighbor entry: %#v", nicID, existing)
+					t.Fatalf("s.Neighbors(%d, %d) returned unexpected duplicate neighbor entry: %#v", nicID, ProtocolNumber, existing)
 				}
 				neighborByAddr[n.Addr] = n
 			}
@@ -1277,8 +1277,8 @@ func TestNeighborAdvertisementValidation(t *testing.T) {
 			//   There is no need to create an entry if none exists, since the
 			//   recipient has apparently not initiated any communication with the
 			//   target.
-			if neighbors, err := s.Neighbors(nicID); err != nil {
-				t.Fatalf("s.Neighbors(%d): %s", nicID, err)
+			if neighbors, err := s.Neighbors(nicID, ProtocolNumber); err != nil {
+				t.Fatalf("s.Neighbors(%d, %d): %s", nicID, ProtocolNumber, err)
 			} else if len(neighbors) != 0 {
 				t.Fatalf("got len(neighbors) = %d, want = 0; neighbors = %#v", len(neighbors), neighbors)
 			}