Merge release-20200115.0-123-gce0bac4 (automated)

3 files changed, 53 insertions, 6 deletions

diff --git a/pkg/tcpip/header/icmpv6.go b/pkg/tcpip/header/icmpv6.go
index b095dc0ab..c7ee2de57 100644
--- a/pkg/tcpip/header/icmpv6.go
+++ b/pkg/tcpip/header/icmpv6.go
@@ -52,7 +52,7 @@ const (
 	// ICMPv6NeighborAdvertSize is size of a neighbor advertisement
 	// including the NDP Target Link Layer option for an Ethernet
 	// address.
-	ICMPv6NeighborAdvertSize = ICMPv6HeaderSize + NDPNAMinimumSize + ndpLinkLayerAddressSize
+	ICMPv6NeighborAdvertSize = ICMPv6HeaderSize + NDPNAMinimumSize + NDPLinkLayerAddressSize
 
 	// ICMPv6EchoMinimumSize is the minimum size of a valid ICMP echo packet.
 	ICMPv6EchoMinimumSize = 8
diff --git a/pkg/tcpip/header/ndp_options.go b/pkg/tcpip/header/ndp_options.go
index 1e60f3d4f..e6a6ad39b 100755
--- a/pkg/tcpip/header/ndp_options.go
+++ b/pkg/tcpip/header/ndp_options.go
@@ -17,6 +17,7 @@ package header
 import (
 	"encoding/binary"
 	"errors"
+	"fmt"
 	"math"
 	"time"
 
@@ -32,9 +33,9 @@ const (
 	// Address option, as per RFC 4861 section 4.6.1.
 	NDPTargetLinkLayerAddressOptionType = 2
 
-	// ndpLinkLayerAddressSize is the size of a Source or Target Link Layer
-	// Address option.
-	ndpLinkLayerAddressSize = 8
+	// NDPLinkLayerAddressSize is the size of a Source or Target Link Layer
+	// Address option for an Ethernet address.
+	NDPLinkLayerAddressSize = 8
 
 	// NDPPrefixInformationType is the type of the Prefix Information
 	// option, as per RFC 4861 section 4.6.2.
@@ -300,6 +301,8 @@ func (b NDPOptions) Serialize(s NDPOptionsSerializer) int {
 
 // NDPOption is the set of functions to be implemented by all NDP option types.
 type NDPOption interface {
+	fmt.Stringer
+
 	// Type returns the type of the receiver.
 	Type() uint8
 
@@ -397,6 +400,11 @@ func (o NDPSourceLinkLayerAddressOption) serializeInto(b []byte) int {
 	return copy(b, o)
 }
 
+// String implements fmt.Stringer.String.
+func (o NDPSourceLinkLayerAddressOption) String() string {
+	return fmt.Sprintf("%T(%s)", o, tcpip.LinkAddress(o))
+}
+
 // EthernetAddress will return an ethernet (MAC) address if the
 // NDPSourceLinkLayerAddressOption's body has at minimum EthernetAddressSize
 // bytes. If the body has more than EthernetAddressSize bytes, only the first
@@ -432,6 +440,11 @@ func (o NDPTargetLinkLayerAddressOption) serializeInto(b []byte) int {
 	return copy(b, o)
 }
 
+// String implements fmt.Stringer.String.
+func (o NDPTargetLinkLayerAddressOption) String() string {
+	return fmt.Sprintf("%T(%s)", o, tcpip.LinkAddress(o))
+}
+
 // EthernetAddress will return an ethernet (MAC) address if the
 // NDPTargetLinkLayerAddressOption's body has at minimum EthernetAddressSize
 // bytes. If the body has more than EthernetAddressSize bytes, only the first
@@ -478,6 +491,17 @@ func (o NDPPrefixInformation) serializeInto(b []byte) int {
 	return used
 }
 
+// String implements fmt.Stringer.String.
+func (o NDPPrefixInformation) String() string {
+	return fmt.Sprintf("%T(O=%t, A=%t, PL=%s, VL=%s, Prefix=%s)",
+		o,
+		o.OnLinkFlag(),
+		o.AutonomousAddressConfigurationFlag(),
+		o.PreferredLifetime(),
+		o.ValidLifetime(),
+		o.Subnet())
+}
+
 // PrefixLength returns the value in the number of leading bits in the Prefix
 // that are valid.
 //
@@ -587,6 +611,11 @@ func (o NDPRecursiveDNSServer) serializeInto(b []byte) int {
 	return used
 }
 
+// String implements fmt.Stringer.String.
+func (o NDPRecursiveDNSServer) String() string {
+	return fmt.Sprintf("%T(%s valid for %s)", o, o.Addresses(), o.Lifetime())
+}
+
 // Lifetime returns the length of time that the DNS server addresses
 // in this option may be used for name resolution.
 //
diff --git a/pkg/tcpip/stack/ndp.go b/pkg/tcpip/stack/ndp.go
index d983ac390..245694118 100755
--- a/pkg/tcpip/stack/ndp.go
+++ b/pkg/tcpip/stack/ndp.go
@@ -538,11 +538,29 @@ func (ndp *ndpState) sendDADPacket(addr tcpip.Address) *tcpip.Error {
 	r := makeRoute(header.IPv6ProtocolNumber, header.IPv6Any, snmc, ndp.nic.linkEP.LinkAddress(), ref, false, false)
 	defer r.Release()
 
-	hdr := buffer.NewPrependable(int(r.MaxHeaderLength()) + header.ICMPv6NeighborSolicitMinimumSize)
-	pkt := header.ICMPv6(hdr.Prepend(header.ICMPv6NeighborSolicitMinimumSize))
+	linkAddr := ndp.nic.linkEP.LinkAddress()
+	isValidLinkAddr := header.IsValidUnicastEthernetAddress(linkAddr)
+	ndpNSSize := header.ICMPv6NeighborSolicitMinimumSize
+	if isValidLinkAddr {
+		// Only include a Source Link Layer Address option if the NIC has a valid
+		// link layer address.
+		//
+		// TODO(b/141011931): Validate a LinkEndpoint's link address (provided by
+		// LinkEndpoint.LinkAddress) before reaching this point.
+		ndpNSSize += header.NDPLinkLayerAddressSize
+	}
+
+	hdr := buffer.NewPrependable(int(r.MaxHeaderLength()) + ndpNSSize)
+	pkt := header.ICMPv6(hdr.Prepend(ndpNSSize))
 	pkt.SetType(header.ICMPv6NeighborSolicit)
 	ns := header.NDPNeighborSolicit(pkt.NDPPayload())
 	ns.SetTargetAddress(addr)
+
+	if isValidLinkAddr {
+		ns.Options().Serialize(header.NDPOptionsSerializer{
+			header.NDPSourceLinkLayerAddressOption(linkAddr),
+		})
+	}
 	pkt.SetChecksum(header.ICMPv6Checksum(pkt, r.LocalAddress, r.RemoteAddress, buffer.VectorisedView{}))
 
 	sent := r.Stats().ICMP.V6PacketsSent