blob: 459f282d90e16591efa92a2c108caf76a9e9e123 [file] [log] [blame]
rjw1f884582022-01-06 17:20:42 +08001/*
2 * Linux IPv6 multicast routing support for BSD pim6sd
3 * Based on net/ipv4/ipmr.c.
4 *
5 * (c) 2004 Mickael Hoerdt, <hoerdt@clarinet.u-strasbg.fr>
6 * LSIIT Laboratory, Strasbourg, France
7 * (c) 2004 Jean-Philippe Andriot, <jean-philippe.andriot@6WIND.com>
8 * 6WIND, Paris, France
9 * Copyright (C)2007,2008 USAGI/WIDE Project
10 * YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
11 *
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version
15 * 2 of the License, or (at your option) any later version.
16 *
17 */
18
19#include <linux/uaccess.h>
20#include <linux/types.h>
21#include <linux/sched.h>
22#include <linux/errno.h>
23#include <linux/timer.h>
24#include <linux/mm.h>
25#include <linux/kernel.h>
26#include <linux/fcntl.h>
27#include <linux/stat.h>
28#include <linux/socket.h>
29#include <linux/inet.h>
30#include <linux/netdevice.h>
31#include <linux/inetdevice.h>
32#include <linux/proc_fs.h>
33#include <linux/seq_file.h>
34#include <linux/init.h>
35#include <linux/slab.h>
36#include <linux/compat.h>
37#include <net/protocol.h>
38#include <linux/skbuff.h>
39#include <net/sock.h>
40#include <net/raw.h>
41#include <linux/notifier.h>
42#include <linux/if_arp.h>
43#include <net/checksum.h>
44#include <net/netlink.h>
45#include <net/fib_rules.h>
46
47#include <net/ipv6.h>
48#include <net/ip6_route.h>
49#include <linux/mroute6.h>
50#include <linux/pim.h>
51#include <net/addrconf.h>
52#include <linux/netfilter_ipv6.h>
53#include <linux/export.h>
54#include <net/ip6_checksum.h>
55#include <linux/netconf.h>
56
57struct mr6_table {
58 struct list_head list;
59 possible_net_t net;
60 u32 id;
61 struct sock *mroute6_sk;
62 struct timer_list ipmr_expire_timer;
63 struct list_head mfc6_unres_queue;
64 struct list_head mfc6_cache_array[MFC6_LINES];
65 struct mif_device vif6_table[MAXMIFS];
66 int maxvif;
67 atomic_t cache_resolve_queue_len;
68 bool mroute_do_assert;
69 bool mroute_do_pim;
70#ifdef CONFIG_IPV6_PIMSM_V2
71 int mroute_reg_vif_num;
72#endif
73};
74
75#include <linux/nospec.h>
76
77struct ip6mr_rule {
78 struct fib_rule common;
79};
80
81struct ip6mr_result {
82 struct mr6_table *mrt;
83};
84
85/* Big lock, protecting vif table, mrt cache and mroute socket state.
86 Note that the changes are semaphored via rtnl_lock.
87 */
88
89static DEFINE_RWLOCK(mrt_lock);
90
91/*
92 * Multicast router control variables
93 */
94
95#define MIF_EXISTS(_mrt, _idx) ((_mrt)->vif6_table[_idx].dev != NULL)
96
97/* Special spinlock for queue of unresolved entries */
98static DEFINE_SPINLOCK(mfc_unres_lock);
99
100/* We return to original Alan's scheme. Hash table of resolved
101 entries is changed only in process context and protected
102 with weak lock mrt_lock. Queue of unresolved entries is protected
103 with strong spinlock mfc_unres_lock.
104
105 In this case data path is free of exclusive locks at all.
106 */
107
108static struct kmem_cache *mrt_cachep __read_mostly;
109
110static struct mr6_table *ip6mr_new_table(struct net *net, u32 id);
111static void ip6mr_free_table(struct mr6_table *mrt);
112
113static void ip6_mr_forward(struct net *net, struct mr6_table *mrt,
114 struct sk_buff *skb, struct mfc6_cache *cache);
115static int ip6mr_cache_report(struct mr6_table *mrt, struct sk_buff *pkt,
116 mifi_t mifi, int assert);
117static int __ip6mr_fill_mroute(struct mr6_table *mrt, struct sk_buff *skb,
118 struct mfc6_cache *c, struct rtmsg *rtm);
119static void mr6_netlink_event(struct mr6_table *mrt, struct mfc6_cache *mfc,
120 int cmd);
121static void mrt6msg_netlink_event(struct mr6_table *mrt, struct sk_buff *pkt);
122static int ip6mr_rtm_dumproute(struct sk_buff *skb,
123 struct netlink_callback *cb);
124static void mroute_clean_tables(struct mr6_table *mrt, bool all);
125static void ipmr_expire_process(unsigned long arg);
126
127#ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES
128#define ip6mr_for_each_table(mrt, net) \
129 list_for_each_entry_rcu(mrt, &net->ipv6.mr6_tables, list)
130
131static struct mr6_table *ip6mr_get_table(struct net *net, u32 id)
132{
133 struct mr6_table *mrt;
134
135 ip6mr_for_each_table(mrt, net) {
136 if (mrt->id == id)
137 return mrt;
138 }
139 return NULL;
140}
141
142static int ip6mr_fib_lookup(struct net *net, struct flowi6 *flp6,
143 struct mr6_table **mrt)
144{
145 int err;
146 struct ip6mr_result res;
147 struct fib_lookup_arg arg = {
148 .result = &res,
149 .flags = FIB_LOOKUP_NOREF,
150 };
151
152 err = fib_rules_lookup(net->ipv6.mr6_rules_ops,
153 flowi6_to_flowi(flp6), 0, &arg);
154 if (err < 0)
155 return err;
156 *mrt = res.mrt;
157 return 0;
158}
159
160static int ip6mr_rule_action(struct fib_rule *rule, struct flowi *flp,
161 int flags, struct fib_lookup_arg *arg)
162{
163 struct ip6mr_result *res = arg->result;
164 struct mr6_table *mrt;
165
166 switch (rule->action) {
167 case FR_ACT_TO_TBL:
168 break;
169 case FR_ACT_UNREACHABLE:
170 return -ENETUNREACH;
171 case FR_ACT_PROHIBIT:
172 return -EACCES;
173 case FR_ACT_BLACKHOLE:
174 default:
175 return -EINVAL;
176 }
177
178 mrt = ip6mr_get_table(rule->fr_net, rule->table);
179 if (!mrt)
180 return -EAGAIN;
181 res->mrt = mrt;
182 return 0;
183}
184
185static int ip6mr_rule_match(struct fib_rule *rule, struct flowi *flp, int flags)
186{
187 return 1;
188}
189
190static const struct nla_policy ip6mr_rule_policy[FRA_MAX + 1] = {
191 FRA_GENERIC_POLICY,
192};
193
194static int ip6mr_rule_configure(struct fib_rule *rule, struct sk_buff *skb,
195 struct fib_rule_hdr *frh, struct nlattr **tb)
196{
197 return 0;
198}
199
200static int ip6mr_rule_compare(struct fib_rule *rule, struct fib_rule_hdr *frh,
201 struct nlattr **tb)
202{
203 return 1;
204}
205
206static int ip6mr_rule_fill(struct fib_rule *rule, struct sk_buff *skb,
207 struct fib_rule_hdr *frh)
208{
209 frh->dst_len = 0;
210 frh->src_len = 0;
211 frh->tos = 0;
212 return 0;
213}
214
215static const struct fib_rules_ops __net_initconst ip6mr_rules_ops_template = {
216 .family = RTNL_FAMILY_IP6MR,
217 .rule_size = sizeof(struct ip6mr_rule),
218 .addr_size = sizeof(struct in6_addr),
219 .action = ip6mr_rule_action,
220 .match = ip6mr_rule_match,
221 .configure = ip6mr_rule_configure,
222 .compare = ip6mr_rule_compare,
223 .fill = ip6mr_rule_fill,
224 .nlgroup = RTNLGRP_IPV6_RULE,
225 .policy = ip6mr_rule_policy,
226 .owner = THIS_MODULE,
227};
228
229static int __net_init ip6mr_rules_init(struct net *net)
230{
231 struct fib_rules_ops *ops;
232 struct mr6_table *mrt;
233 int err;
234
235 ops = fib_rules_register(&ip6mr_rules_ops_template, net);
236 if (IS_ERR(ops))
237 return PTR_ERR(ops);
238
239 INIT_LIST_HEAD(&net->ipv6.mr6_tables);
240
241 mrt = ip6mr_new_table(net, RT6_TABLE_DFLT);
242 if (!mrt) {
243 err = -ENOMEM;
244 goto err1;
245 }
246
247 err = fib_default_rule_add(ops, 0x7fff, RT6_TABLE_DFLT, 0);
248 if (err < 0)
249 goto err2;
250
251 net->ipv6.mr6_rules_ops = ops;
252 return 0;
253
254err2:
255 ip6mr_free_table(mrt);
256err1:
257 fib_rules_unregister(ops);
258 return err;
259}
260
261static void __net_exit ip6mr_rules_exit(struct net *net)
262{
263 struct mr6_table *mrt, *next;
264
265 rtnl_lock();
266 list_for_each_entry_safe(mrt, next, &net->ipv6.mr6_tables, list) {
267 list_del(&mrt->list);
268 ip6mr_free_table(mrt);
269 }
270 fib_rules_unregister(net->ipv6.mr6_rules_ops);
271 rtnl_unlock();
272}
273#else
274#define ip6mr_for_each_table(mrt, net) \
275 for (mrt = net->ipv6.mrt6; mrt; mrt = NULL)
276
277static struct mr6_table *ip6mr_get_table(struct net *net, u32 id)
278{
279 return net->ipv6.mrt6;
280}
281
282static int ip6mr_fib_lookup(struct net *net, struct flowi6 *flp6,
283 struct mr6_table **mrt)
284{
285 *mrt = net->ipv6.mrt6;
286 return 0;
287}
288
289static int __net_init ip6mr_rules_init(struct net *net)
290{
291 net->ipv6.mrt6 = ip6mr_new_table(net, RT6_TABLE_DFLT);
292 return net->ipv6.mrt6 ? 0 : -ENOMEM;
293}
294
295static void __net_exit ip6mr_rules_exit(struct net *net)
296{
297 rtnl_lock();
298 ip6mr_free_table(net->ipv6.mrt6);
299 net->ipv6.mrt6 = NULL;
300 rtnl_unlock();
301}
302#endif
303
304static struct mr6_table *ip6mr_new_table(struct net *net, u32 id)
305{
306 struct mr6_table *mrt;
307 unsigned int i;
308
309 mrt = ip6mr_get_table(net, id);
310 if (mrt)
311 return mrt;
312
313 mrt = kzalloc(sizeof(*mrt), GFP_KERNEL);
314 if (!mrt)
315 return NULL;
316 mrt->id = id;
317 write_pnet(&mrt->net, net);
318
319 /* Forwarding cache */
320 for (i = 0; i < MFC6_LINES; i++)
321 INIT_LIST_HEAD(&mrt->mfc6_cache_array[i]);
322
323 INIT_LIST_HEAD(&mrt->mfc6_unres_queue);
324
325 setup_timer(&mrt->ipmr_expire_timer, ipmr_expire_process,
326 (unsigned long)mrt);
327
328#ifdef CONFIG_IPV6_PIMSM_V2
329 mrt->mroute_reg_vif_num = -1;
330#endif
331#ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES
332 list_add_tail_rcu(&mrt->list, &net->ipv6.mr6_tables);
333#endif
334 return mrt;
335}
336
337static void ip6mr_free_table(struct mr6_table *mrt)
338{
339 del_timer_sync(&mrt->ipmr_expire_timer);
340 mroute_clean_tables(mrt, true);
341 kfree(mrt);
342}
343
344#ifdef CONFIG_PROC_FS
345
346struct ipmr_mfc_iter {
347 struct seq_net_private p;
348 struct mr6_table *mrt;
349 struct list_head *cache;
350 int ct;
351};
352
353
354static struct mfc6_cache *ipmr_mfc_seq_idx(struct net *net,
355 struct ipmr_mfc_iter *it, loff_t pos)
356{
357 struct mr6_table *mrt = it->mrt;
358 struct mfc6_cache *mfc;
359
360 read_lock(&mrt_lock);
361 for (it->ct = 0; it->ct < MFC6_LINES; it->ct++) {
362 it->cache = &mrt->mfc6_cache_array[it->ct];
363 list_for_each_entry(mfc, it->cache, list)
364 if (pos-- == 0)
365 return mfc;
366 }
367 read_unlock(&mrt_lock);
368
369 spin_lock_bh(&mfc_unres_lock);
370 it->cache = &mrt->mfc6_unres_queue;
371 list_for_each_entry(mfc, it->cache, list)
372 if (pos-- == 0)
373 return mfc;
374 spin_unlock_bh(&mfc_unres_lock);
375
376 it->cache = NULL;
377 return NULL;
378}
379
380/*
381 * The /proc interfaces to multicast routing /proc/ip6_mr_cache /proc/ip6_mr_vif
382 */
383
384struct ipmr_vif_iter {
385 struct seq_net_private p;
386 struct mr6_table *mrt;
387 int ct;
388};
389
390static struct mif_device *ip6mr_vif_seq_idx(struct net *net,
391 struct ipmr_vif_iter *iter,
392 loff_t pos)
393{
394 struct mr6_table *mrt = iter->mrt;
395
396 for (iter->ct = 0; iter->ct < mrt->maxvif; ++iter->ct) {
397 if (!MIF_EXISTS(mrt, iter->ct))
398 continue;
399 if (pos-- == 0)
400 return &mrt->vif6_table[iter->ct];
401 }
402 return NULL;
403}
404
405static void *ip6mr_vif_seq_start(struct seq_file *seq, loff_t *pos)
406 __acquires(mrt_lock)
407{
408 struct ipmr_vif_iter *iter = seq->private;
409 struct net *net = seq_file_net(seq);
410 struct mr6_table *mrt;
411
412 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT);
413 if (!mrt)
414 return ERR_PTR(-ENOENT);
415
416 iter->mrt = mrt;
417
418 read_lock(&mrt_lock);
419 return *pos ? ip6mr_vif_seq_idx(net, seq->private, *pos - 1)
420 : SEQ_START_TOKEN;
421}
422
423static void *ip6mr_vif_seq_next(struct seq_file *seq, void *v, loff_t *pos)
424{
425 struct ipmr_vif_iter *iter = seq->private;
426 struct net *net = seq_file_net(seq);
427 struct mr6_table *mrt = iter->mrt;
428
429 ++*pos;
430 if (v == SEQ_START_TOKEN)
431 return ip6mr_vif_seq_idx(net, iter, 0);
432
433 while (++iter->ct < mrt->maxvif) {
434 if (!MIF_EXISTS(mrt, iter->ct))
435 continue;
436 return &mrt->vif6_table[iter->ct];
437 }
438 return NULL;
439}
440
441static void ip6mr_vif_seq_stop(struct seq_file *seq, void *v)
442 __releases(mrt_lock)
443{
444 read_unlock(&mrt_lock);
445}
446
447static int ip6mr_vif_seq_show(struct seq_file *seq, void *v)
448{
449 struct ipmr_vif_iter *iter = seq->private;
450 struct mr6_table *mrt = iter->mrt;
451
452 if (v == SEQ_START_TOKEN) {
453 seq_puts(seq,
454 "Interface BytesIn PktsIn BytesOut PktsOut Flags\n");
455 } else {
456 const struct mif_device *vif = v;
457 const char *name = vif->dev ? vif->dev->name : "none";
458
459 seq_printf(seq,
460 "%2td %-10s %8ld %7ld %8ld %7ld %05X\n",
461 vif - mrt->vif6_table,
462 name, vif->bytes_in, vif->pkt_in,
463 vif->bytes_out, vif->pkt_out,
464 vif->flags);
465 }
466 return 0;
467}
468
469static const struct seq_operations ip6mr_vif_seq_ops = {
470 .start = ip6mr_vif_seq_start,
471 .next = ip6mr_vif_seq_next,
472 .stop = ip6mr_vif_seq_stop,
473 .show = ip6mr_vif_seq_show,
474};
475
476static int ip6mr_vif_open(struct inode *inode, struct file *file)
477{
478 return seq_open_net(inode, file, &ip6mr_vif_seq_ops,
479 sizeof(struct ipmr_vif_iter));
480}
481
482static const struct file_operations ip6mr_vif_fops = {
483 .owner = THIS_MODULE,
484 .open = ip6mr_vif_open,
485 .read = seq_read,
486 .llseek = seq_lseek,
487 .release = seq_release_net,
488};
489
490static void *ipmr_mfc_seq_start(struct seq_file *seq, loff_t *pos)
491{
492 struct ipmr_mfc_iter *it = seq->private;
493 struct net *net = seq_file_net(seq);
494 struct mr6_table *mrt;
495
496 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT);
497 if (!mrt)
498 return ERR_PTR(-ENOENT);
499
500 it->mrt = mrt;
501 it->cache = NULL;
502 return *pos ? ipmr_mfc_seq_idx(net, seq->private, *pos - 1)
503 : SEQ_START_TOKEN;
504}
505
506static void *ipmr_mfc_seq_next(struct seq_file *seq, void *v, loff_t *pos)
507{
508 struct mfc6_cache *mfc = v;
509 struct ipmr_mfc_iter *it = seq->private;
510 struct net *net = seq_file_net(seq);
511 struct mr6_table *mrt = it->mrt;
512
513 ++*pos;
514
515 if (v == SEQ_START_TOKEN)
516 return ipmr_mfc_seq_idx(net, seq->private, 0);
517
518 if (mfc->list.next != it->cache)
519 return list_entry(mfc->list.next, struct mfc6_cache, list);
520
521 if (it->cache == &mrt->mfc6_unres_queue)
522 goto end_of_list;
523
524 BUG_ON(it->cache != &mrt->mfc6_cache_array[it->ct]);
525
526 while (++it->ct < MFC6_LINES) {
527 it->cache = &mrt->mfc6_cache_array[it->ct];
528 if (list_empty(it->cache))
529 continue;
530 return list_first_entry(it->cache, struct mfc6_cache, list);
531 }
532
533 /* exhausted cache_array, show unresolved */
534 read_unlock(&mrt_lock);
535 it->cache = &mrt->mfc6_unres_queue;
536 it->ct = 0;
537
538 spin_lock_bh(&mfc_unres_lock);
539 if (!list_empty(it->cache))
540 return list_first_entry(it->cache, struct mfc6_cache, list);
541
542 end_of_list:
543 spin_unlock_bh(&mfc_unres_lock);
544 it->cache = NULL;
545
546 return NULL;
547}
548
549static void ipmr_mfc_seq_stop(struct seq_file *seq, void *v)
550{
551 struct ipmr_mfc_iter *it = seq->private;
552 struct mr6_table *mrt = it->mrt;
553
554 if (it->cache == &mrt->mfc6_unres_queue)
555 spin_unlock_bh(&mfc_unres_lock);
556 else if (it->cache == &mrt->mfc6_cache_array[it->ct])
557 read_unlock(&mrt_lock);
558}
559
560static int ipmr_mfc_seq_show(struct seq_file *seq, void *v)
561{
562 int n;
563
564 if (v == SEQ_START_TOKEN) {
565 seq_puts(seq,
566 "Group "
567 "Origin "
568 "Iif Pkts Bytes Wrong Oifs\n");
569 } else {
570 const struct mfc6_cache *mfc = v;
571 const struct ipmr_mfc_iter *it = seq->private;
572 struct mr6_table *mrt = it->mrt;
573
574 seq_printf(seq, "%pI6 %pI6 %-3hd",
575 &mfc->mf6c_mcastgrp, &mfc->mf6c_origin,
576 mfc->mf6c_parent);
577
578 if (it->cache != &mrt->mfc6_unres_queue) {
579 seq_printf(seq, " %8lu %8lu %8lu",
580 mfc->mfc_un.res.pkt,
581 mfc->mfc_un.res.bytes,
582 mfc->mfc_un.res.wrong_if);
583 for (n = mfc->mfc_un.res.minvif;
584 n < mfc->mfc_un.res.maxvif; n++) {
585 if (MIF_EXISTS(mrt, n) &&
586 mfc->mfc_un.res.ttls[n] < 255)
587 seq_printf(seq,
588 " %2d:%-3d",
589 n, mfc->mfc_un.res.ttls[n]);
590 }
591 } else {
592 /* unresolved mfc_caches don't contain
593 * pkt, bytes and wrong_if values
594 */
595 seq_printf(seq, " %8lu %8lu %8lu", 0ul, 0ul, 0ul);
596 }
597 seq_putc(seq, '\n');
598 }
599 return 0;
600}
601
602static const struct seq_operations ipmr_mfc_seq_ops = {
603 .start = ipmr_mfc_seq_start,
604 .next = ipmr_mfc_seq_next,
605 .stop = ipmr_mfc_seq_stop,
606 .show = ipmr_mfc_seq_show,
607};
608
609static int ipmr_mfc_open(struct inode *inode, struct file *file)
610{
611 return seq_open_net(inode, file, &ipmr_mfc_seq_ops,
612 sizeof(struct ipmr_mfc_iter));
613}
614
615static const struct file_operations ip6mr_mfc_fops = {
616 .owner = THIS_MODULE,
617 .open = ipmr_mfc_open,
618 .read = seq_read,
619 .llseek = seq_lseek,
620 .release = seq_release_net,
621};
622#endif
623
624#ifdef CONFIG_IPV6_PIMSM_V2
625
626static int pim6_rcv(struct sk_buff *skb)
627{
628 struct pimreghdr *pim;
629 struct ipv6hdr *encap;
630 struct net_device *reg_dev = NULL;
631 struct net *net = dev_net(skb->dev);
632 struct mr6_table *mrt;
633 struct flowi6 fl6 = {
634 .flowi6_iif = skb->dev->ifindex,
635 .flowi6_mark = skb->mark,
636 };
637 int reg_vif_num;
638
639 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(*encap)))
640 goto drop;
641
642 pim = (struct pimreghdr *)skb_transport_header(skb);
643 if (pim->type != ((PIM_VERSION << 4) | PIM_TYPE_REGISTER) ||
644 (pim->flags & PIM_NULL_REGISTER) ||
645 (csum_ipv6_magic(&ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr,
646 sizeof(*pim), IPPROTO_PIM,
647 csum_partial((void *)pim, sizeof(*pim), 0)) &&
648 csum_fold(skb_checksum(skb, 0, skb->len, 0))))
649 goto drop;
650
651 /* check if the inner packet is destined to mcast group */
652 encap = (struct ipv6hdr *)(skb_transport_header(skb) +
653 sizeof(*pim));
654
655 if (!ipv6_addr_is_multicast(&encap->daddr) ||
656 encap->payload_len == 0 ||
657 ntohs(encap->payload_len) + sizeof(*pim) > skb->len)
658 goto drop;
659
660 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0)
661 goto drop;
662 reg_vif_num = mrt->mroute_reg_vif_num;
663
664 read_lock(&mrt_lock);
665 if (reg_vif_num >= 0)
666 reg_dev = mrt->vif6_table[reg_vif_num].dev;
667 if (reg_dev)
668 dev_hold(reg_dev);
669 read_unlock(&mrt_lock);
670
671 if (!reg_dev)
672 goto drop;
673
674 skb->mac_header = skb->network_header;
675 skb_pull(skb, (u8 *)encap - skb->data);
676 skb_reset_network_header(skb);
677 skb->protocol = htons(ETH_P_IPV6);
678 skb->ip_summed = CHECKSUM_NONE;
679
680 skb_tunnel_rx(skb, reg_dev, dev_net(reg_dev));
681
682 netif_rx(skb);
683
684 dev_put(reg_dev);
685 return 0;
686 drop:
687 kfree_skb(skb);
688 return 0;
689}
690
691static const struct inet6_protocol pim6_protocol = {
692 .handler = pim6_rcv,
693};
694
695/* Service routines creating virtual interfaces: PIMREG */
696
697static netdev_tx_t reg_vif_xmit(struct sk_buff *skb,
698 struct net_device *dev)
699{
700 struct net *net = dev_net(dev);
701 struct mr6_table *mrt;
702 struct flowi6 fl6 = {
703 .flowi6_oif = dev->ifindex,
704 .flowi6_iif = skb->skb_iif ? : LOOPBACK_IFINDEX,
705 .flowi6_mark = skb->mark,
706 };
707 int err;
708
709 err = ip6mr_fib_lookup(net, &fl6, &mrt);
710 if (err < 0) {
711 kfree_skb(skb);
712 return err;
713 }
714
715 read_lock(&mrt_lock);
716 dev->stats.tx_bytes += skb->len;
717 dev->stats.tx_packets++;
718 ip6mr_cache_report(mrt, skb, mrt->mroute_reg_vif_num, MRT6MSG_WHOLEPKT);
719 read_unlock(&mrt_lock);
720 kfree_skb(skb);
721 return NETDEV_TX_OK;
722}
723
724static int reg_vif_get_iflink(const struct net_device *dev)
725{
726 return 0;
727}
728
729static const struct net_device_ops reg_vif_netdev_ops = {
730 .ndo_start_xmit = reg_vif_xmit,
731 .ndo_get_iflink = reg_vif_get_iflink,
732};
733
734static void reg_vif_setup(struct net_device *dev)
735{
736 dev->type = ARPHRD_PIMREG;
737 dev->mtu = 1500 - sizeof(struct ipv6hdr) - 8;
738 dev->flags = IFF_NOARP;
739 dev->netdev_ops = &reg_vif_netdev_ops;
740 dev->needs_free_netdev = true;
741 dev->features |= NETIF_F_NETNS_LOCAL;
742}
743
744static struct net_device *ip6mr_reg_vif(struct net *net, struct mr6_table *mrt)
745{
746 struct net_device *dev;
747 char name[IFNAMSIZ];
748
749 if (mrt->id == RT6_TABLE_DFLT)
750 sprintf(name, "pim6reg");
751 else
752 sprintf(name, "pim6reg%u", mrt->id);
753
754 dev = alloc_netdev(0, name, NET_NAME_UNKNOWN, reg_vif_setup);
755 if (!dev)
756 return NULL;
757
758 dev_net_set(dev, net);
759
760 if (register_netdevice(dev)) {
761 free_netdev(dev);
762 return NULL;
763 }
764
765 if (dev_open(dev))
766 goto failure;
767
768 dev_hold(dev);
769 return dev;
770
771failure:
772 unregister_netdevice(dev);
773 return NULL;
774}
775#endif
776
777/*
778 * Delete a VIF entry
779 */
780
781static int mif6_delete(struct mr6_table *mrt, int vifi, int notify,
782 struct list_head *head)
783{
784 struct mif_device *v;
785 struct net_device *dev;
786 struct inet6_dev *in6_dev;
787
788 if (vifi < 0 || vifi >= mrt->maxvif)
789 return -EADDRNOTAVAIL;
790
791 v = &mrt->vif6_table[vifi];
792
793 write_lock_bh(&mrt_lock);
794 dev = v->dev;
795 v->dev = NULL;
796
797 if (!dev) {
798 write_unlock_bh(&mrt_lock);
799 return -EADDRNOTAVAIL;
800 }
801
802#ifdef CONFIG_IPV6_PIMSM_V2
803 if (vifi == mrt->mroute_reg_vif_num)
804 mrt->mroute_reg_vif_num = -1;
805#endif
806
807 if (vifi + 1 == mrt->maxvif) {
808 int tmp;
809 for (tmp = vifi - 1; tmp >= 0; tmp--) {
810 if (MIF_EXISTS(mrt, tmp))
811 break;
812 }
813 mrt->maxvif = tmp + 1;
814 }
815
816 write_unlock_bh(&mrt_lock);
817
818 dev_set_allmulti(dev, -1);
819
820 in6_dev = __in6_dev_get(dev);
821 if (in6_dev) {
822 in6_dev->cnf.mc_forwarding--;
823 inet6_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF,
824 NETCONFA_MC_FORWARDING,
825 dev->ifindex, &in6_dev->cnf);
826 }
827
828 if ((v->flags & MIFF_REGISTER) && !notify)
829 unregister_netdevice_queue(dev, head);
830
831 dev_put(dev);
832 return 0;
833}
834
835static inline void ip6mr_cache_free(struct mfc6_cache *c)
836{
837 kmem_cache_free(mrt_cachep, c);
838}
839
840/* Destroy an unresolved cache entry, killing queued skbs
841 and reporting error to netlink readers.
842 */
843
844static void ip6mr_destroy_unres(struct mr6_table *mrt, struct mfc6_cache *c)
845{
846 struct net *net = read_pnet(&mrt->net);
847 struct sk_buff *skb;
848
849 atomic_dec(&mrt->cache_resolve_queue_len);
850
851 while ((skb = skb_dequeue(&c->mfc_un.unres.unresolved)) != NULL) {
852 if (ipv6_hdr(skb)->version == 0) {
853 struct nlmsghdr *nlh = skb_pull(skb,
854 sizeof(struct ipv6hdr));
855 nlh->nlmsg_type = NLMSG_ERROR;
856 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr));
857 skb_trim(skb, nlh->nlmsg_len);
858 ((struct nlmsgerr *)nlmsg_data(nlh))->error = -ETIMEDOUT;
859 rtnl_unicast(skb, net, NETLINK_CB(skb).portid);
860 } else
861 kfree_skb(skb);
862 }
863
864 ip6mr_cache_free(c);
865}
866
867
868/* Timer process for all the unresolved queue. */
869
870static void ipmr_do_expire_process(struct mr6_table *mrt)
871{
872 unsigned long now = jiffies;
873 unsigned long expires = 10 * HZ;
874 struct mfc6_cache *c, *next;
875
876 list_for_each_entry_safe(c, next, &mrt->mfc6_unres_queue, list) {
877 if (time_after(c->mfc_un.unres.expires, now)) {
878 /* not yet... */
879 unsigned long interval = c->mfc_un.unres.expires - now;
880 if (interval < expires)
881 expires = interval;
882 continue;
883 }
884
885 list_del(&c->list);
886 mr6_netlink_event(mrt, c, RTM_DELROUTE);
887 ip6mr_destroy_unres(mrt, c);
888 }
889
890 if (!list_empty(&mrt->mfc6_unres_queue))
891 mod_timer(&mrt->ipmr_expire_timer, jiffies + expires);
892}
893
894static void ipmr_expire_process(unsigned long arg)
895{
896 struct mr6_table *mrt = (struct mr6_table *)arg;
897
898 if (!spin_trylock(&mfc_unres_lock)) {
899 mod_timer(&mrt->ipmr_expire_timer, jiffies + 1);
900 return;
901 }
902
903 if (!list_empty(&mrt->mfc6_unres_queue))
904 ipmr_do_expire_process(mrt);
905
906 spin_unlock(&mfc_unres_lock);
907}
908
909/* Fill oifs list. It is called under write locked mrt_lock. */
910
911static void ip6mr_update_thresholds(struct mr6_table *mrt, struct mfc6_cache *cache,
912 unsigned char *ttls)
913{
914 int vifi;
915
916 cache->mfc_un.res.minvif = MAXMIFS;
917 cache->mfc_un.res.maxvif = 0;
918 memset(cache->mfc_un.res.ttls, 255, MAXMIFS);
919
920 for (vifi = 0; vifi < mrt->maxvif; vifi++) {
921 if (MIF_EXISTS(mrt, vifi) &&
922 ttls[vifi] && ttls[vifi] < 255) {
923 cache->mfc_un.res.ttls[vifi] = ttls[vifi];
924 if (cache->mfc_un.res.minvif > vifi)
925 cache->mfc_un.res.minvif = vifi;
926 if (cache->mfc_un.res.maxvif <= vifi)
927 cache->mfc_un.res.maxvif = vifi + 1;
928 }
929 }
930 cache->mfc_un.res.lastuse = jiffies;
931}
932
933static int mif6_add(struct net *net, struct mr6_table *mrt,
934 struct mif6ctl *vifc, int mrtsock)
935{
936 int vifi = vifc->mif6c_mifi;
937 struct mif_device *v = &mrt->vif6_table[vifi];
938 struct net_device *dev;
939 struct inet6_dev *in6_dev;
940 int err;
941
942 /* Is vif busy ? */
943 if (MIF_EXISTS(mrt, vifi))
944 return -EADDRINUSE;
945
946 switch (vifc->mif6c_flags) {
947#ifdef CONFIG_IPV6_PIMSM_V2
948 case MIFF_REGISTER:
949 /*
950 * Special Purpose VIF in PIM
951 * All the packets will be sent to the daemon
952 */
953 if (mrt->mroute_reg_vif_num >= 0)
954 return -EADDRINUSE;
955 dev = ip6mr_reg_vif(net, mrt);
956 if (!dev)
957 return -ENOBUFS;
958 err = dev_set_allmulti(dev, 1);
959 if (err) {
960 unregister_netdevice(dev);
961 dev_put(dev);
962 return err;
963 }
964 break;
965#endif
966 case 0:
967 dev = dev_get_by_index(net, vifc->mif6c_pifi);
968 if (!dev)
969 return -EADDRNOTAVAIL;
970 err = dev_set_allmulti(dev, 1);
971 if (err) {
972 dev_put(dev);
973 return err;
974 }
975 break;
976 default:
977 return -EINVAL;
978 }
979
980 in6_dev = __in6_dev_get(dev);
981 if (in6_dev) {
982 in6_dev->cnf.mc_forwarding++;
983 inet6_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF,
984 NETCONFA_MC_FORWARDING,
985 dev->ifindex, &in6_dev->cnf);
986 }
987
988 /*
989 * Fill in the VIF structures
990 */
991 v->rate_limit = vifc->vifc_rate_limit;
992 v->flags = vifc->mif6c_flags;
993 if (!mrtsock)
994 v->flags |= VIFF_STATIC;
995 v->threshold = vifc->vifc_threshold;
996 v->bytes_in = 0;
997 v->bytes_out = 0;
998 v->pkt_in = 0;
999 v->pkt_out = 0;
1000 v->link = dev->ifindex;
1001 if (v->flags & MIFF_REGISTER)
1002 v->link = dev_get_iflink(dev);
1003
1004 /* And finish update writing critical data */
1005 write_lock_bh(&mrt_lock);
1006 v->dev = dev;
1007#ifdef CONFIG_IPV6_PIMSM_V2
1008 if (v->flags & MIFF_REGISTER)
1009 mrt->mroute_reg_vif_num = vifi;
1010#endif
1011 if (vifi + 1 > mrt->maxvif)
1012 mrt->maxvif = vifi + 1;
1013 write_unlock_bh(&mrt_lock);
1014 return 0;
1015}
1016
1017static struct mfc6_cache *ip6mr_cache_find(struct mr6_table *mrt,
1018 const struct in6_addr *origin,
1019 const struct in6_addr *mcastgrp)
1020{
1021 int line = MFC6_HASH(mcastgrp, origin);
1022 struct mfc6_cache *c;
1023
1024 list_for_each_entry(c, &mrt->mfc6_cache_array[line], list) {
1025 if (ipv6_addr_equal(&c->mf6c_origin, origin) &&
1026 ipv6_addr_equal(&c->mf6c_mcastgrp, mcastgrp))
1027 return c;
1028 }
1029 return NULL;
1030}
1031
1032/* Look for a (*,*,oif) entry */
1033static struct mfc6_cache *ip6mr_cache_find_any_parent(struct mr6_table *mrt,
1034 mifi_t mifi)
1035{
1036 int line = MFC6_HASH(&in6addr_any, &in6addr_any);
1037 struct mfc6_cache *c;
1038
1039 list_for_each_entry(c, &mrt->mfc6_cache_array[line], list)
1040 if (ipv6_addr_any(&c->mf6c_origin) &&
1041 ipv6_addr_any(&c->mf6c_mcastgrp) &&
1042 (c->mfc_un.res.ttls[mifi] < 255))
1043 return c;
1044
1045 return NULL;
1046}
1047
1048/* Look for a (*,G) entry */
1049static struct mfc6_cache *ip6mr_cache_find_any(struct mr6_table *mrt,
1050 struct in6_addr *mcastgrp,
1051 mifi_t mifi)
1052{
1053 int line = MFC6_HASH(mcastgrp, &in6addr_any);
1054 struct mfc6_cache *c, *proxy;
1055
1056 if (ipv6_addr_any(mcastgrp))
1057 goto skip;
1058
1059 list_for_each_entry(c, &mrt->mfc6_cache_array[line], list)
1060 if (ipv6_addr_any(&c->mf6c_origin) &&
1061 ipv6_addr_equal(&c->mf6c_mcastgrp, mcastgrp)) {
1062 if (c->mfc_un.res.ttls[mifi] < 255)
1063 return c;
1064
1065 /* It's ok if the mifi is part of the static tree */
1066 proxy = ip6mr_cache_find_any_parent(mrt,
1067 c->mf6c_parent);
1068 if (proxy && proxy->mfc_un.res.ttls[mifi] < 255)
1069 return c;
1070 }
1071
1072skip:
1073 return ip6mr_cache_find_any_parent(mrt, mifi);
1074}
1075
1076/*
1077 * Allocate a multicast cache entry
1078 */
1079static struct mfc6_cache *ip6mr_cache_alloc(void)
1080{
1081 struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_KERNEL);
1082 if (!c)
1083 return NULL;
1084 c->mfc_un.res.last_assert = jiffies - MFC_ASSERT_THRESH - 1;
1085 c->mfc_un.res.minvif = MAXMIFS;
1086 return c;
1087}
1088
1089static struct mfc6_cache *ip6mr_cache_alloc_unres(void)
1090{
1091 struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_ATOMIC);
1092 if (!c)
1093 return NULL;
1094 skb_queue_head_init(&c->mfc_un.unres.unresolved);
1095 c->mfc_un.unres.expires = jiffies + 10 * HZ;
1096 return c;
1097}
1098
1099/*
1100 * A cache entry has gone into a resolved state from queued
1101 */
1102
1103static void ip6mr_cache_resolve(struct net *net, struct mr6_table *mrt,
1104 struct mfc6_cache *uc, struct mfc6_cache *c)
1105{
1106 struct sk_buff *skb;
1107
1108 /*
1109 * Play the pending entries through our router
1110 */
1111
1112 while ((skb = __skb_dequeue(&uc->mfc_un.unres.unresolved))) {
1113 if (ipv6_hdr(skb)->version == 0) {
1114 struct nlmsghdr *nlh = skb_pull(skb,
1115 sizeof(struct ipv6hdr));
1116
1117 if (__ip6mr_fill_mroute(mrt, skb, c, nlmsg_data(nlh)) > 0) {
1118 nlh->nlmsg_len = skb_tail_pointer(skb) - (u8 *)nlh;
1119 } else {
1120 nlh->nlmsg_type = NLMSG_ERROR;
1121 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr));
1122 skb_trim(skb, nlh->nlmsg_len);
1123 ((struct nlmsgerr *)nlmsg_data(nlh))->error = -EMSGSIZE;
1124 }
1125 rtnl_unicast(skb, net, NETLINK_CB(skb).portid);
1126 } else
1127 ip6_mr_forward(net, mrt, skb, c);
1128 }
1129}
1130
1131/*
1132 * Bounce a cache query up to pim6sd and netlink.
1133 *
1134 * Called under mrt_lock.
1135 */
1136
1137static int ip6mr_cache_report(struct mr6_table *mrt, struct sk_buff *pkt,
1138 mifi_t mifi, int assert)
1139{
1140 struct sk_buff *skb;
1141 struct mrt6msg *msg;
1142 int ret;
1143
1144#ifdef CONFIG_IPV6_PIMSM_V2
1145 if (assert == MRT6MSG_WHOLEPKT)
1146 skb = skb_realloc_headroom(pkt, -skb_network_offset(pkt)
1147 +sizeof(*msg));
1148 else
1149#endif
1150 skb = alloc_skb(sizeof(struct ipv6hdr) + sizeof(*msg), GFP_ATOMIC);
1151
1152 if (!skb)
1153 return -ENOBUFS;
1154
1155 /* I suppose that internal messages
1156 * do not require checksums */
1157
1158 skb->ip_summed = CHECKSUM_UNNECESSARY;
1159
1160#ifdef CONFIG_IPV6_PIMSM_V2
1161 if (assert == MRT6MSG_WHOLEPKT) {
1162 /* Ugly, but we have no choice with this interface.
1163 Duplicate old header, fix length etc.
1164 And all this only to mangle msg->im6_msgtype and
1165 to set msg->im6_mbz to "mbz" :-)
1166 */
1167 skb_push(skb, -skb_network_offset(pkt));
1168
1169 skb_push(skb, sizeof(*msg));
1170 skb_reset_transport_header(skb);
1171 msg = (struct mrt6msg *)skb_transport_header(skb);
1172 msg->im6_mbz = 0;
1173 msg->im6_msgtype = MRT6MSG_WHOLEPKT;
1174 msg->im6_mif = mrt->mroute_reg_vif_num;
1175 msg->im6_pad = 0;
1176 msg->im6_src = ipv6_hdr(pkt)->saddr;
1177 msg->im6_dst = ipv6_hdr(pkt)->daddr;
1178
1179 skb->ip_summed = CHECKSUM_UNNECESSARY;
1180 } else
1181#endif
1182 {
1183 /*
1184 * Copy the IP header
1185 */
1186
1187 skb_put(skb, sizeof(struct ipv6hdr));
1188 skb_reset_network_header(skb);
1189 skb_copy_to_linear_data(skb, ipv6_hdr(pkt), sizeof(struct ipv6hdr));
1190
1191 /*
1192 * Add our header
1193 */
1194 skb_put(skb, sizeof(*msg));
1195 skb_reset_transport_header(skb);
1196 msg = (struct mrt6msg *)skb_transport_header(skb);
1197
1198 msg->im6_mbz = 0;
1199 msg->im6_msgtype = assert;
1200 msg->im6_mif = mifi;
1201 msg->im6_pad = 0;
1202 msg->im6_src = ipv6_hdr(pkt)->saddr;
1203 msg->im6_dst = ipv6_hdr(pkt)->daddr;
1204
1205 skb_dst_set(skb, dst_clone(skb_dst(pkt)));
1206 skb->ip_summed = CHECKSUM_UNNECESSARY;
1207 }
1208
1209 if (!mrt->mroute6_sk) {
1210 kfree_skb(skb);
1211 return -EINVAL;
1212 }
1213
1214 mrt6msg_netlink_event(mrt, skb);
1215
1216 /*
1217 * Deliver to user space multicast routing algorithms
1218 */
1219 ret = sock_queue_rcv_skb(mrt->mroute6_sk, skb);
1220 if (ret < 0) {
1221 net_warn_ratelimited("mroute6: pending queue full, dropping entries\n");
1222 kfree_skb(skb);
1223 }
1224
1225 return ret;
1226}
1227
1228/*
1229 * Queue a packet for resolution. It gets locked cache entry!
1230 */
1231
1232static int
1233ip6mr_cache_unresolved(struct mr6_table *mrt, mifi_t mifi, struct sk_buff *skb)
1234{
1235 bool found = false;
1236 int err;
1237 struct mfc6_cache *c;
1238
1239 spin_lock_bh(&mfc_unres_lock);
1240 list_for_each_entry(c, &mrt->mfc6_unres_queue, list) {
1241 if (ipv6_addr_equal(&c->mf6c_mcastgrp, &ipv6_hdr(skb)->daddr) &&
1242 ipv6_addr_equal(&c->mf6c_origin, &ipv6_hdr(skb)->saddr)) {
1243 found = true;
1244 break;
1245 }
1246 }
1247
1248 if (!found) {
1249 /*
1250 * Create a new entry if allowable
1251 */
1252
1253 if (atomic_read(&mrt->cache_resolve_queue_len) >= 10 ||
1254 (c = ip6mr_cache_alloc_unres()) == NULL) {
1255 spin_unlock_bh(&mfc_unres_lock);
1256
1257 kfree_skb(skb);
1258 return -ENOBUFS;
1259 }
1260
1261 /*
1262 * Fill in the new cache entry
1263 */
1264 c->mf6c_parent = -1;
1265 c->mf6c_origin = ipv6_hdr(skb)->saddr;
1266 c->mf6c_mcastgrp = ipv6_hdr(skb)->daddr;
1267
1268 /*
1269 * Reflect first query at pim6sd
1270 */
1271 err = ip6mr_cache_report(mrt, skb, mifi, MRT6MSG_NOCACHE);
1272 if (err < 0) {
1273 /* If the report failed throw the cache entry
1274 out - Brad Parker
1275 */
1276 spin_unlock_bh(&mfc_unres_lock);
1277
1278 ip6mr_cache_free(c);
1279 kfree_skb(skb);
1280 return err;
1281 }
1282
1283 atomic_inc(&mrt->cache_resolve_queue_len);
1284 list_add(&c->list, &mrt->mfc6_unres_queue);
1285 mr6_netlink_event(mrt, c, RTM_NEWROUTE);
1286
1287 ipmr_do_expire_process(mrt);
1288 }
1289
1290 /*
1291 * See if we can append the packet
1292 */
1293 if (c->mfc_un.unres.unresolved.qlen > 3) {
1294 kfree_skb(skb);
1295 err = -ENOBUFS;
1296 } else {
1297 skb_queue_tail(&c->mfc_un.unres.unresolved, skb);
1298 err = 0;
1299 }
1300
1301 spin_unlock_bh(&mfc_unres_lock);
1302 return err;
1303}
1304
1305/*
1306 * MFC6 cache manipulation by user space
1307 */
1308
1309static int ip6mr_mfc_delete(struct mr6_table *mrt, struct mf6cctl *mfc,
1310 int parent)
1311{
1312 int line;
1313 struct mfc6_cache *c, *next;
1314
1315 line = MFC6_HASH(&mfc->mf6cc_mcastgrp.sin6_addr, &mfc->mf6cc_origin.sin6_addr);
1316
1317 list_for_each_entry_safe(c, next, &mrt->mfc6_cache_array[line], list) {
1318 if (ipv6_addr_equal(&c->mf6c_origin, &mfc->mf6cc_origin.sin6_addr) &&
1319 ipv6_addr_equal(&c->mf6c_mcastgrp,
1320 &mfc->mf6cc_mcastgrp.sin6_addr) &&
1321 (parent == -1 || parent == c->mf6c_parent)) {
1322 write_lock_bh(&mrt_lock);
1323 list_del(&c->list);
1324 write_unlock_bh(&mrt_lock);
1325
1326 mr6_netlink_event(mrt, c, RTM_DELROUTE);
1327 ip6mr_cache_free(c);
1328 return 0;
1329 }
1330 }
1331 return -ENOENT;
1332}
1333
1334static int ip6mr_device_event(struct notifier_block *this,
1335 unsigned long event, void *ptr)
1336{
1337 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1338 struct net *net = dev_net(dev);
1339 struct mr6_table *mrt;
1340 struct mif_device *v;
1341 int ct;
1342
1343 if (event != NETDEV_UNREGISTER)
1344 return NOTIFY_DONE;
1345
1346 ip6mr_for_each_table(mrt, net) {
1347 v = &mrt->vif6_table[0];
1348 for (ct = 0; ct < mrt->maxvif; ct++, v++) {
1349 if (v->dev == dev)
1350 mif6_delete(mrt, ct, 1, NULL);
1351 }
1352 }
1353
1354 return NOTIFY_DONE;
1355}
1356
1357static struct notifier_block ip6_mr_notifier = {
1358 .notifier_call = ip6mr_device_event
1359};
1360
1361/*
1362 * Setup for IP multicast routing
1363 */
1364
1365static int __net_init ip6mr_net_init(struct net *net)
1366{
1367 int err;
1368
1369 err = ip6mr_rules_init(net);
1370 if (err < 0)
1371 goto fail;
1372
1373#ifdef CONFIG_PROC_FS
1374 err = -ENOMEM;
1375 if (!proc_create("ip6_mr_vif", 0, net->proc_net, &ip6mr_vif_fops))
1376 goto proc_vif_fail;
1377 if (!proc_create("ip6_mr_cache", 0, net->proc_net, &ip6mr_mfc_fops))
1378 goto proc_cache_fail;
1379#endif
1380
1381 return 0;
1382
1383#ifdef CONFIG_PROC_FS
1384proc_cache_fail:
1385 remove_proc_entry("ip6_mr_vif", net->proc_net);
1386proc_vif_fail:
1387 ip6mr_rules_exit(net);
1388#endif
1389fail:
1390 return err;
1391}
1392
1393static void __net_exit ip6mr_net_exit(struct net *net)
1394{
1395#ifdef CONFIG_PROC_FS
1396 remove_proc_entry("ip6_mr_cache", net->proc_net);
1397 remove_proc_entry("ip6_mr_vif", net->proc_net);
1398#endif
1399 ip6mr_rules_exit(net);
1400}
1401
1402static struct pernet_operations ip6mr_net_ops = {
1403 .init = ip6mr_net_init,
1404 .exit = ip6mr_net_exit,
1405};
1406
1407int __init ip6_mr_init(void)
1408{
1409 int err;
1410
1411 mrt_cachep = kmem_cache_create("ip6_mrt_cache",
1412 sizeof(struct mfc6_cache),
1413 0, SLAB_HWCACHE_ALIGN,
1414 NULL);
1415 if (!mrt_cachep)
1416 return -ENOMEM;
1417
1418 err = register_pernet_subsys(&ip6mr_net_ops);
1419 if (err)
1420 goto reg_pernet_fail;
1421
1422 err = register_netdevice_notifier(&ip6_mr_notifier);
1423 if (err)
1424 goto reg_notif_fail;
1425#ifdef CONFIG_IPV6_PIMSM_V2
1426 if (inet6_add_protocol(&pim6_protocol, IPPROTO_PIM) < 0) {
1427 pr_err("%s: can't add PIM protocol\n", __func__);
1428 err = -EAGAIN;
1429 goto add_proto_fail;
1430 }
1431#endif
1432 rtnl_register(RTNL_FAMILY_IP6MR, RTM_GETROUTE, NULL,
1433 ip6mr_rtm_dumproute, 0);
1434 return 0;
1435#ifdef CONFIG_IPV6_PIMSM_V2
1436add_proto_fail:
1437 unregister_netdevice_notifier(&ip6_mr_notifier);
1438#endif
1439reg_notif_fail:
1440 unregister_pernet_subsys(&ip6mr_net_ops);
1441reg_pernet_fail:
1442 kmem_cache_destroy(mrt_cachep);
1443 return err;
1444}
1445
1446void ip6_mr_cleanup(void)
1447{
1448 rtnl_unregister(RTNL_FAMILY_IP6MR, RTM_GETROUTE);
1449#ifdef CONFIG_IPV6_PIMSM_V2
1450 inet6_del_protocol(&pim6_protocol, IPPROTO_PIM);
1451#endif
1452 unregister_netdevice_notifier(&ip6_mr_notifier);
1453 unregister_pernet_subsys(&ip6mr_net_ops);
1454 kmem_cache_destroy(mrt_cachep);
1455}
1456
1457static int ip6mr_mfc_add(struct net *net, struct mr6_table *mrt,
1458 struct mf6cctl *mfc, int mrtsock, int parent)
1459{
1460 bool found = false;
1461 int line;
1462 struct mfc6_cache *uc, *c;
1463 unsigned char ttls[MAXMIFS];
1464 int i;
1465
1466 if (mfc->mf6cc_parent >= MAXMIFS)
1467 return -ENFILE;
1468
1469 memset(ttls, 255, MAXMIFS);
1470 for (i = 0; i < MAXMIFS; i++) {
1471 if (IF_ISSET(i, &mfc->mf6cc_ifset))
1472 ttls[i] = 1;
1473
1474 }
1475
1476 line = MFC6_HASH(&mfc->mf6cc_mcastgrp.sin6_addr, &mfc->mf6cc_origin.sin6_addr);
1477
1478 list_for_each_entry(c, &mrt->mfc6_cache_array[line], list) {
1479 if (ipv6_addr_equal(&c->mf6c_origin, &mfc->mf6cc_origin.sin6_addr) &&
1480 ipv6_addr_equal(&c->mf6c_mcastgrp,
1481 &mfc->mf6cc_mcastgrp.sin6_addr) &&
1482 (parent == -1 || parent == mfc->mf6cc_parent)) {
1483 found = true;
1484 break;
1485 }
1486 }
1487
1488 if (found) {
1489 write_lock_bh(&mrt_lock);
1490 c->mf6c_parent = mfc->mf6cc_parent;
1491 ip6mr_update_thresholds(mrt, c, ttls);
1492 if (!mrtsock)
1493 c->mfc_flags |= MFC_STATIC;
1494 write_unlock_bh(&mrt_lock);
1495 mr6_netlink_event(mrt, c, RTM_NEWROUTE);
1496 return 0;
1497 }
1498
1499 if (!ipv6_addr_any(&mfc->mf6cc_mcastgrp.sin6_addr) &&
1500 !ipv6_addr_is_multicast(&mfc->mf6cc_mcastgrp.sin6_addr))
1501 return -EINVAL;
1502
1503 c = ip6mr_cache_alloc();
1504 if (!c)
1505 return -ENOMEM;
1506
1507 c->mf6c_origin = mfc->mf6cc_origin.sin6_addr;
1508 c->mf6c_mcastgrp = mfc->mf6cc_mcastgrp.sin6_addr;
1509 c->mf6c_parent = mfc->mf6cc_parent;
1510 ip6mr_update_thresholds(mrt, c, ttls);
1511 if (!mrtsock)
1512 c->mfc_flags |= MFC_STATIC;
1513
1514 write_lock_bh(&mrt_lock);
1515 list_add(&c->list, &mrt->mfc6_cache_array[line]);
1516 write_unlock_bh(&mrt_lock);
1517
1518 /*
1519 * Check to see if we resolved a queued list. If so we
1520 * need to send on the frames and tidy up.
1521 */
1522 found = false;
1523 spin_lock_bh(&mfc_unres_lock);
1524 list_for_each_entry(uc, &mrt->mfc6_unres_queue, list) {
1525 if (ipv6_addr_equal(&uc->mf6c_origin, &c->mf6c_origin) &&
1526 ipv6_addr_equal(&uc->mf6c_mcastgrp, &c->mf6c_mcastgrp)) {
1527 list_del(&uc->list);
1528 atomic_dec(&mrt->cache_resolve_queue_len);
1529 found = true;
1530 break;
1531 }
1532 }
1533 if (list_empty(&mrt->mfc6_unres_queue))
1534 del_timer(&mrt->ipmr_expire_timer);
1535 spin_unlock_bh(&mfc_unres_lock);
1536
1537 if (found) {
1538 ip6mr_cache_resolve(net, mrt, uc, c);
1539 ip6mr_cache_free(uc);
1540 }
1541 mr6_netlink_event(mrt, c, RTM_NEWROUTE);
1542 return 0;
1543}
1544
1545/*
1546 * Close the multicast socket, and clear the vif tables etc
1547 */
1548
1549static void mroute_clean_tables(struct mr6_table *mrt, bool all)
1550{
1551 int i;
1552 LIST_HEAD(list);
1553 struct mfc6_cache *c, *next;
1554
1555 /*
1556 * Shut down all active vif entries
1557 */
1558 for (i = 0; i < mrt->maxvif; i++) {
1559 if (!all && (mrt->vif6_table[i].flags & VIFF_STATIC))
1560 continue;
1561 mif6_delete(mrt, i, 0, &list);
1562 }
1563 unregister_netdevice_many(&list);
1564
1565 /*
1566 * Wipe the cache
1567 */
1568 for (i = 0; i < MFC6_LINES; i++) {
1569 list_for_each_entry_safe(c, next, &mrt->mfc6_cache_array[i], list) {
1570 if (!all && (c->mfc_flags & MFC_STATIC))
1571 continue;
1572 write_lock_bh(&mrt_lock);
1573 list_del(&c->list);
1574 write_unlock_bh(&mrt_lock);
1575
1576 mr6_netlink_event(mrt, c, RTM_DELROUTE);
1577 ip6mr_cache_free(c);
1578 }
1579 }
1580
1581 if (atomic_read(&mrt->cache_resolve_queue_len) != 0) {
1582 spin_lock_bh(&mfc_unres_lock);
1583 list_for_each_entry_safe(c, next, &mrt->mfc6_unres_queue, list) {
1584 list_del(&c->list);
1585 mr6_netlink_event(mrt, c, RTM_DELROUTE);
1586 ip6mr_destroy_unres(mrt, c);
1587 }
1588 spin_unlock_bh(&mfc_unres_lock);
1589 }
1590}
1591
1592static int ip6mr_sk_init(struct mr6_table *mrt, struct sock *sk)
1593{
1594 int err = 0;
1595 struct net *net = sock_net(sk);
1596
1597 rtnl_lock();
1598 write_lock_bh(&mrt_lock);
1599 if (likely(mrt->mroute6_sk == NULL)) {
1600 mrt->mroute6_sk = sk;
1601 net->ipv6.devconf_all->mc_forwarding++;
1602 } else {
1603 err = -EADDRINUSE;
1604 }
1605 write_unlock_bh(&mrt_lock);
1606
1607 if (!err)
1608 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF,
1609 NETCONFA_MC_FORWARDING,
1610 NETCONFA_IFINDEX_ALL,
1611 net->ipv6.devconf_all);
1612 rtnl_unlock();
1613
1614 return err;
1615}
1616
1617int ip6mr_sk_done(struct sock *sk)
1618{
1619 int err = -EACCES;
1620 struct net *net = sock_net(sk);
1621 struct mr6_table *mrt;
1622
1623 rtnl_lock();
1624 ip6mr_for_each_table(mrt, net) {
1625 if (sk == mrt->mroute6_sk) {
1626 write_lock_bh(&mrt_lock);
1627 mrt->mroute6_sk = NULL;
1628 net->ipv6.devconf_all->mc_forwarding--;
1629 write_unlock_bh(&mrt_lock);
1630 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF,
1631 NETCONFA_MC_FORWARDING,
1632 NETCONFA_IFINDEX_ALL,
1633 net->ipv6.devconf_all);
1634
1635 mroute_clean_tables(mrt, false);
1636 err = 0;
1637 break;
1638 }
1639 }
1640 rtnl_unlock();
1641
1642 return err;
1643}
1644
1645struct sock *mroute6_socket(struct net *net, struct sk_buff *skb)
1646{
1647 struct mr6_table *mrt;
1648 struct flowi6 fl6 = {
1649 .flowi6_iif = skb->skb_iif ? : LOOPBACK_IFINDEX,
1650 .flowi6_oif = skb->dev->ifindex,
1651 .flowi6_mark = skb->mark,
1652 };
1653
1654 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0)
1655 return NULL;
1656
1657 return mrt->mroute6_sk;
1658}
1659
1660/*
1661 * Socket options and virtual interface manipulation. The whole
1662 * virtual interface system is a complete heap, but unfortunately
1663 * that's how BSD mrouted happens to think. Maybe one day with a proper
1664 * MOSPF/PIM router set up we can clean this up.
1665 */
1666
1667int ip6_mroute_setsockopt(struct sock *sk, int optname, char __user *optval, unsigned int optlen)
1668{
1669 int ret, parent = 0;
1670 struct mif6ctl vif;
1671 struct mf6cctl mfc;
1672 mifi_t mifi;
1673 struct net *net = sock_net(sk);
1674 struct mr6_table *mrt;
1675
1676 if (sk->sk_type != SOCK_RAW ||
1677 inet_sk(sk)->inet_num != IPPROTO_ICMPV6)
1678 return -EOPNOTSUPP;
1679
1680 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1681 if (!mrt)
1682 return -ENOENT;
1683
1684 if (optname != MRT6_INIT) {
1685 if (sk != mrt->mroute6_sk && !ns_capable(net->user_ns, CAP_NET_ADMIN))
1686 return -EACCES;
1687 }
1688
1689 switch (optname) {
1690 case MRT6_INIT:
1691 if (optlen < sizeof(int))
1692 return -EINVAL;
1693
1694 return ip6mr_sk_init(mrt, sk);
1695
1696 case MRT6_DONE:
1697 return ip6mr_sk_done(sk);
1698
1699 case MRT6_ADD_MIF:
1700 if (optlen < sizeof(vif))
1701 return -EINVAL;
1702 if (copy_from_user(&vif, optval, sizeof(vif)))
1703 return -EFAULT;
1704 if (vif.mif6c_mifi >= MAXMIFS)
1705 return -ENFILE;
1706 rtnl_lock();
1707 ret = mif6_add(net, mrt, &vif, sk == mrt->mroute6_sk);
1708 rtnl_unlock();
1709 return ret;
1710
1711 case MRT6_DEL_MIF:
1712 if (optlen < sizeof(mifi_t))
1713 return -EINVAL;
1714 if (copy_from_user(&mifi, optval, sizeof(mifi_t)))
1715 return -EFAULT;
1716 rtnl_lock();
1717 ret = mif6_delete(mrt, mifi, 0, NULL);
1718 rtnl_unlock();
1719 return ret;
1720
1721 /*
1722 * Manipulate the forwarding caches. These live
1723 * in a sort of kernel/user symbiosis.
1724 */
1725 case MRT6_ADD_MFC:
1726 case MRT6_DEL_MFC:
1727 parent = -1;
1728 case MRT6_ADD_MFC_PROXY:
1729 case MRT6_DEL_MFC_PROXY:
1730 if (optlen < sizeof(mfc))
1731 return -EINVAL;
1732 if (copy_from_user(&mfc, optval, sizeof(mfc)))
1733 return -EFAULT;
1734 if (parent == 0)
1735 parent = mfc.mf6cc_parent;
1736 rtnl_lock();
1737 if (optname == MRT6_DEL_MFC || optname == MRT6_DEL_MFC_PROXY)
1738 ret = ip6mr_mfc_delete(mrt, &mfc, parent);
1739 else
1740 ret = ip6mr_mfc_add(net, mrt, &mfc,
1741 sk == mrt->mroute6_sk, parent);
1742 rtnl_unlock();
1743 return ret;
1744
1745 /*
1746 * Control PIM assert (to activate pim will activate assert)
1747 */
1748 case MRT6_ASSERT:
1749 {
1750 int v;
1751
1752 if (optlen != sizeof(v))
1753 return -EINVAL;
1754 if (get_user(v, (int __user *)optval))
1755 return -EFAULT;
1756 mrt->mroute_do_assert = v;
1757 return 0;
1758 }
1759
1760#ifdef CONFIG_IPV6_PIMSM_V2
1761 case MRT6_PIM:
1762 {
1763 int v;
1764
1765 if (optlen != sizeof(v))
1766 return -EINVAL;
1767 if (get_user(v, (int __user *)optval))
1768 return -EFAULT;
1769 v = !!v;
1770 rtnl_lock();
1771 ret = 0;
1772 if (v != mrt->mroute_do_pim) {
1773 mrt->mroute_do_pim = v;
1774 mrt->mroute_do_assert = v;
1775 }
1776 rtnl_unlock();
1777 return ret;
1778 }
1779
1780#endif
1781#ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES
1782 case MRT6_TABLE:
1783 {
1784 u32 v;
1785
1786 if (optlen != sizeof(u32))
1787 return -EINVAL;
1788 if (get_user(v, (u32 __user *)optval))
1789 return -EFAULT;
1790 /* "pim6reg%u" should not exceed 16 bytes (IFNAMSIZ) */
1791 if (v != RT_TABLE_DEFAULT && v >= 100000000)
1792 return -EINVAL;
1793 if (sk == mrt->mroute6_sk)
1794 return -EBUSY;
1795
1796 rtnl_lock();
1797 ret = 0;
1798 if (!ip6mr_new_table(net, v))
1799 ret = -ENOMEM;
1800 else
1801 raw6_sk(sk)->ip6mr_table = v;
1802 rtnl_unlock();
1803 return ret;
1804 }
1805#endif
1806 /*
1807 * Spurious command, or MRT6_VERSION which you cannot
1808 * set.
1809 */
1810 default:
1811 return -ENOPROTOOPT;
1812 }
1813}
1814
1815/*
1816 * Getsock opt support for the multicast routing system.
1817 */
1818
1819int ip6_mroute_getsockopt(struct sock *sk, int optname, char __user *optval,
1820 int __user *optlen)
1821{
1822 int olr;
1823 int val;
1824 struct net *net = sock_net(sk);
1825 struct mr6_table *mrt;
1826
1827 if (sk->sk_type != SOCK_RAW ||
1828 inet_sk(sk)->inet_num != IPPROTO_ICMPV6)
1829 return -EOPNOTSUPP;
1830
1831 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1832 if (!mrt)
1833 return -ENOENT;
1834
1835 switch (optname) {
1836 case MRT6_VERSION:
1837 val = 0x0305;
1838 break;
1839#ifdef CONFIG_IPV6_PIMSM_V2
1840 case MRT6_PIM:
1841 val = mrt->mroute_do_pim;
1842 break;
1843#endif
1844 case MRT6_ASSERT:
1845 val = mrt->mroute_do_assert;
1846 break;
1847 default:
1848 return -ENOPROTOOPT;
1849 }
1850
1851 if (get_user(olr, optlen))
1852 return -EFAULT;
1853
1854 olr = min_t(int, olr, sizeof(int));
1855 if (olr < 0)
1856 return -EINVAL;
1857
1858 if (put_user(olr, optlen))
1859 return -EFAULT;
1860 if (copy_to_user(optval, &val, olr))
1861 return -EFAULT;
1862 return 0;
1863}
1864
1865/*
1866 * The IP multicast ioctl support routines.
1867 */
1868
1869int ip6mr_ioctl(struct sock *sk, int cmd, void __user *arg)
1870{
1871 struct sioc_sg_req6 sr;
1872 struct sioc_mif_req6 vr;
1873 struct mif_device *vif;
1874 struct mfc6_cache *c;
1875 struct net *net = sock_net(sk);
1876 struct mr6_table *mrt;
1877
1878 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1879 if (!mrt)
1880 return -ENOENT;
1881
1882 switch (cmd) {
1883 case SIOCGETMIFCNT_IN6:
1884 if (copy_from_user(&vr, arg, sizeof(vr)))
1885 return -EFAULT;
1886 if (vr.mifi >= mrt->maxvif)
1887 return -EINVAL;
1888 vr.mifi = array_index_nospec(vr.mifi, mrt->maxvif);
1889 read_lock(&mrt_lock);
1890 vif = &mrt->vif6_table[vr.mifi];
1891 if (MIF_EXISTS(mrt, vr.mifi)) {
1892 vr.icount = vif->pkt_in;
1893 vr.ocount = vif->pkt_out;
1894 vr.ibytes = vif->bytes_in;
1895 vr.obytes = vif->bytes_out;
1896 read_unlock(&mrt_lock);
1897
1898 if (copy_to_user(arg, &vr, sizeof(vr)))
1899 return -EFAULT;
1900 return 0;
1901 }
1902 read_unlock(&mrt_lock);
1903 return -EADDRNOTAVAIL;
1904 case SIOCGETSGCNT_IN6:
1905 if (copy_from_user(&sr, arg, sizeof(sr)))
1906 return -EFAULT;
1907
1908 read_lock(&mrt_lock);
1909 c = ip6mr_cache_find(mrt, &sr.src.sin6_addr, &sr.grp.sin6_addr);
1910 if (c) {
1911 sr.pktcnt = c->mfc_un.res.pkt;
1912 sr.bytecnt = c->mfc_un.res.bytes;
1913 sr.wrong_if = c->mfc_un.res.wrong_if;
1914 read_unlock(&mrt_lock);
1915
1916 if (copy_to_user(arg, &sr, sizeof(sr)))
1917 return -EFAULT;
1918 return 0;
1919 }
1920 read_unlock(&mrt_lock);
1921 return -EADDRNOTAVAIL;
1922 default:
1923 return -ENOIOCTLCMD;
1924 }
1925}
1926
1927#ifdef CONFIG_COMPAT
1928struct compat_sioc_sg_req6 {
1929 struct sockaddr_in6 src;
1930 struct sockaddr_in6 grp;
1931 compat_ulong_t pktcnt;
1932 compat_ulong_t bytecnt;
1933 compat_ulong_t wrong_if;
1934};
1935
1936struct compat_sioc_mif_req6 {
1937 mifi_t mifi;
1938 compat_ulong_t icount;
1939 compat_ulong_t ocount;
1940 compat_ulong_t ibytes;
1941 compat_ulong_t obytes;
1942};
1943
1944int ip6mr_compat_ioctl(struct sock *sk, unsigned int cmd, void __user *arg)
1945{
1946 struct compat_sioc_sg_req6 sr;
1947 struct compat_sioc_mif_req6 vr;
1948 struct mif_device *vif;
1949 struct mfc6_cache *c;
1950 struct net *net = sock_net(sk);
1951 struct mr6_table *mrt;
1952
1953 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1954 if (!mrt)
1955 return -ENOENT;
1956
1957 switch (cmd) {
1958 case SIOCGETMIFCNT_IN6:
1959 if (copy_from_user(&vr, arg, sizeof(vr)))
1960 return -EFAULT;
1961 if (vr.mifi >= mrt->maxvif)
1962 return -EINVAL;
1963 vr.mifi = array_index_nospec(vr.mifi, mrt->maxvif);
1964 read_lock(&mrt_lock);
1965 vif = &mrt->vif6_table[vr.mifi];
1966 if (MIF_EXISTS(mrt, vr.mifi)) {
1967 vr.icount = vif->pkt_in;
1968 vr.ocount = vif->pkt_out;
1969 vr.ibytes = vif->bytes_in;
1970 vr.obytes = vif->bytes_out;
1971 read_unlock(&mrt_lock);
1972
1973 if (copy_to_user(arg, &vr, sizeof(vr)))
1974 return -EFAULT;
1975 return 0;
1976 }
1977 read_unlock(&mrt_lock);
1978 return -EADDRNOTAVAIL;
1979 case SIOCGETSGCNT_IN6:
1980 if (copy_from_user(&sr, arg, sizeof(sr)))
1981 return -EFAULT;
1982
1983 read_lock(&mrt_lock);
1984 c = ip6mr_cache_find(mrt, &sr.src.sin6_addr, &sr.grp.sin6_addr);
1985 if (c) {
1986 sr.pktcnt = c->mfc_un.res.pkt;
1987 sr.bytecnt = c->mfc_un.res.bytes;
1988 sr.wrong_if = c->mfc_un.res.wrong_if;
1989 read_unlock(&mrt_lock);
1990
1991 if (copy_to_user(arg, &sr, sizeof(sr)))
1992 return -EFAULT;
1993 return 0;
1994 }
1995 read_unlock(&mrt_lock);
1996 return -EADDRNOTAVAIL;
1997 default:
1998 return -ENOIOCTLCMD;
1999 }
2000}
2001#endif
2002
2003static inline int ip6mr_forward2_finish(struct net *net, struct sock *sk, struct sk_buff *skb)
2004{
2005 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
2006 IPSTATS_MIB_OUTFORWDATAGRAMS);
2007 IP6_ADD_STATS(net, ip6_dst_idev(skb_dst(skb)),
2008 IPSTATS_MIB_OUTOCTETS, skb->len);
2009 return dst_output(net, sk, skb);
2010}
2011
2012/*
2013 * Processing handlers for ip6mr_forward
2014 */
2015
2016static int ip6mr_forward2(struct net *net, struct mr6_table *mrt,
2017 struct sk_buff *skb, struct mfc6_cache *c, int vifi)
2018{
2019 struct ipv6hdr *ipv6h;
2020 struct mif_device *vif = &mrt->vif6_table[vifi];
2021 struct net_device *dev;
2022 struct dst_entry *dst;
2023 struct flowi6 fl6;
2024
2025 if (!vif->dev)
2026 goto out_free;
2027
2028#ifdef CONFIG_IPV6_PIMSM_V2
2029 if (vif->flags & MIFF_REGISTER) {
2030 vif->pkt_out++;
2031 vif->bytes_out += skb->len;
2032 vif->dev->stats.tx_bytes += skb->len;
2033 vif->dev->stats.tx_packets++;
2034 ip6mr_cache_report(mrt, skb, vifi, MRT6MSG_WHOLEPKT);
2035 goto out_free;
2036 }
2037#endif
2038
2039 ipv6h = ipv6_hdr(skb);
2040
2041 fl6 = (struct flowi6) {
2042 .flowi6_oif = vif->link,
2043 .daddr = ipv6h->daddr,
2044 };
2045
2046 dst = ip6_route_output(net, NULL, &fl6);
2047 if (dst->error) {
2048 dst_release(dst);
2049 goto out_free;
2050 }
2051
2052 skb_dst_drop(skb);
2053 skb_dst_set(skb, dst);
2054
2055 /*
2056 * RFC1584 teaches, that DVMRP/PIM router must deliver packets locally
2057 * not only before forwarding, but after forwarding on all output
2058 * interfaces. It is clear, if mrouter runs a multicasting
2059 * program, it should receive packets not depending to what interface
2060 * program is joined.
2061 * If we will not make it, the program will have to join on all
2062 * interfaces. On the other hand, multihoming host (or router, but
2063 * not mrouter) cannot join to more than one interface - it will
2064 * result in receiving multiple packets.
2065 */
2066 dev = vif->dev;
2067 skb->dev = dev;
2068 vif->pkt_out++;
2069 vif->bytes_out += skb->len;
2070
2071 /* We are about to write */
2072 /* XXX: extension headers? */
2073 if (skb_cow(skb, sizeof(*ipv6h) + LL_RESERVED_SPACE(dev)))
2074 goto out_free;
2075
2076 ipv6h = ipv6_hdr(skb);
2077 ipv6h->hop_limit--;
2078
2079 IP6CB(skb)->flags |= IP6SKB_FORWARDED;
2080
2081 return NF_HOOK(NFPROTO_IPV6, NF_INET_FORWARD,
2082 net, NULL, skb, skb->dev, dev,
2083 ip6mr_forward2_finish);
2084
2085out_free:
2086 kfree_skb(skb);
2087 return 0;
2088}
2089
2090static int ip6mr_find_vif(struct mr6_table *mrt, struct net_device *dev)
2091{
2092 int ct;
2093
2094 for (ct = mrt->maxvif - 1; ct >= 0; ct--) {
2095 if (mrt->vif6_table[ct].dev == dev)
2096 break;
2097 }
2098 return ct;
2099}
2100
2101static void ip6_mr_forward(struct net *net, struct mr6_table *mrt,
2102 struct sk_buff *skb, struct mfc6_cache *cache)
2103{
2104 int psend = -1;
2105 int vif, ct;
2106 int true_vifi = ip6mr_find_vif(mrt, skb->dev);
2107
2108 vif = cache->mf6c_parent;
2109 cache->mfc_un.res.pkt++;
2110 cache->mfc_un.res.bytes += skb->len;
2111 cache->mfc_un.res.lastuse = jiffies;
2112
2113 if (ipv6_addr_any(&cache->mf6c_origin) && true_vifi >= 0) {
2114 struct mfc6_cache *cache_proxy;
2115
2116 /* For an (*,G) entry, we only check that the incoming
2117 * interface is part of the static tree.
2118 */
2119 cache_proxy = ip6mr_cache_find_any_parent(mrt, vif);
2120 if (cache_proxy &&
2121 cache_proxy->mfc_un.res.ttls[true_vifi] < 255)
2122 goto forward;
2123 }
2124
2125 /*
2126 * Wrong interface: drop packet and (maybe) send PIM assert.
2127 */
2128 if (mrt->vif6_table[vif].dev != skb->dev) {
2129 cache->mfc_un.res.wrong_if++;
2130
2131 if (true_vifi >= 0 && mrt->mroute_do_assert &&
2132 /* pimsm uses asserts, when switching from RPT to SPT,
2133 so that we cannot check that packet arrived on an oif.
2134 It is bad, but otherwise we would need to move pretty
2135 large chunk of pimd to kernel. Ough... --ANK
2136 */
2137 (mrt->mroute_do_pim ||
2138 cache->mfc_un.res.ttls[true_vifi] < 255) &&
2139 time_after(jiffies,
2140 cache->mfc_un.res.last_assert + MFC_ASSERT_THRESH)) {
2141 cache->mfc_un.res.last_assert = jiffies;
2142 ip6mr_cache_report(mrt, skb, true_vifi, MRT6MSG_WRONGMIF);
2143 }
2144 goto dont_forward;
2145 }
2146
2147forward:
2148 mrt->vif6_table[vif].pkt_in++;
2149 mrt->vif6_table[vif].bytes_in += skb->len;
2150
2151 /*
2152 * Forward the frame
2153 */
2154 if (ipv6_addr_any(&cache->mf6c_origin) &&
2155 ipv6_addr_any(&cache->mf6c_mcastgrp)) {
2156 if (true_vifi >= 0 &&
2157 true_vifi != cache->mf6c_parent &&
2158 ipv6_hdr(skb)->hop_limit >
2159 cache->mfc_un.res.ttls[cache->mf6c_parent]) {
2160 /* It's an (*,*) entry and the packet is not coming from
2161 * the upstream: forward the packet to the upstream
2162 * only.
2163 */
2164 psend = cache->mf6c_parent;
2165 goto last_forward;
2166 }
2167 goto dont_forward;
2168 }
2169 for (ct = cache->mfc_un.res.maxvif - 1; ct >= cache->mfc_un.res.minvif; ct--) {
2170 /* For (*,G) entry, don't forward to the incoming interface */
2171 if ((!ipv6_addr_any(&cache->mf6c_origin) || ct != true_vifi) &&
2172 ipv6_hdr(skb)->hop_limit > cache->mfc_un.res.ttls[ct]) {
2173 if (psend != -1) {
2174 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
2175 if (skb2)
2176 ip6mr_forward2(net, mrt, skb2, cache, psend);
2177 }
2178 psend = ct;
2179 }
2180 }
2181last_forward:
2182 if (psend != -1) {
2183 ip6mr_forward2(net, mrt, skb, cache, psend);
2184 return;
2185 }
2186
2187dont_forward:
2188 kfree_skb(skb);
2189}
2190
2191
2192/*
2193 * Multicast packets for forwarding arrive here
2194 */
2195
2196int ip6_mr_input(struct sk_buff *skb)
2197{
2198 struct mfc6_cache *cache;
2199 struct net *net = dev_net(skb->dev);
2200 struct mr6_table *mrt;
2201 struct flowi6 fl6 = {
2202 .flowi6_iif = skb->dev->ifindex,
2203 .flowi6_mark = skb->mark,
2204 };
2205 int err;
2206
2207 err = ip6mr_fib_lookup(net, &fl6, &mrt);
2208 if (err < 0) {
2209 kfree_skb(skb);
2210 return err;
2211 }
2212
2213 read_lock(&mrt_lock);
2214 cache = ip6mr_cache_find(mrt,
2215 &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr);
2216 if (!cache) {
2217 int vif = ip6mr_find_vif(mrt, skb->dev);
2218
2219 if (vif >= 0)
2220 cache = ip6mr_cache_find_any(mrt,
2221 &ipv6_hdr(skb)->daddr,
2222 vif);
2223 }
2224
2225 /*
2226 * No usable cache entry
2227 */
2228 if (!cache) {
2229 int vif;
2230
2231 vif = ip6mr_find_vif(mrt, skb->dev);
2232 if (vif >= 0) {
2233 int err = ip6mr_cache_unresolved(mrt, vif, skb);
2234 read_unlock(&mrt_lock);
2235
2236 return err;
2237 }
2238 read_unlock(&mrt_lock);
2239 kfree_skb(skb);
2240 return -ENODEV;
2241 }
2242
2243 ip6_mr_forward(net, mrt, skb, cache);
2244
2245 read_unlock(&mrt_lock);
2246
2247 return 0;
2248}
2249
2250
2251static int __ip6mr_fill_mroute(struct mr6_table *mrt, struct sk_buff *skb,
2252 struct mfc6_cache *c, struct rtmsg *rtm)
2253{
2254 struct rta_mfc_stats mfcs;
2255 struct nlattr *mp_attr;
2256 struct rtnexthop *nhp;
2257 unsigned long lastuse;
2258 int ct;
2259
2260 /* If cache is unresolved, don't try to parse IIF and OIF */
2261 if (c->mf6c_parent >= MAXMIFS) {
2262 rtm->rtm_flags |= RTNH_F_UNRESOLVED;
2263 return -ENOENT;
2264 }
2265
2266 if (MIF_EXISTS(mrt, c->mf6c_parent) &&
2267 nla_put_u32(skb, RTA_IIF, mrt->vif6_table[c->mf6c_parent].dev->ifindex) < 0)
2268 return -EMSGSIZE;
2269 mp_attr = nla_nest_start(skb, RTA_MULTIPATH);
2270 if (!mp_attr)
2271 return -EMSGSIZE;
2272
2273 for (ct = c->mfc_un.res.minvif; ct < c->mfc_un.res.maxvif; ct++) {
2274 if (MIF_EXISTS(mrt, ct) && c->mfc_un.res.ttls[ct] < 255) {
2275 nhp = nla_reserve_nohdr(skb, sizeof(*nhp));
2276 if (!nhp) {
2277 nla_nest_cancel(skb, mp_attr);
2278 return -EMSGSIZE;
2279 }
2280
2281 nhp->rtnh_flags = 0;
2282 nhp->rtnh_hops = c->mfc_un.res.ttls[ct];
2283 nhp->rtnh_ifindex = mrt->vif6_table[ct].dev->ifindex;
2284 nhp->rtnh_len = sizeof(*nhp);
2285 }
2286 }
2287
2288 nla_nest_end(skb, mp_attr);
2289
2290 lastuse = READ_ONCE(c->mfc_un.res.lastuse);
2291 lastuse = time_after_eq(jiffies, lastuse) ? jiffies - lastuse : 0;
2292
2293 mfcs.mfcs_packets = c->mfc_un.res.pkt;
2294 mfcs.mfcs_bytes = c->mfc_un.res.bytes;
2295 mfcs.mfcs_wrong_if = c->mfc_un.res.wrong_if;
2296 if (nla_put_64bit(skb, RTA_MFC_STATS, sizeof(mfcs), &mfcs, RTA_PAD) ||
2297 nla_put_u64_64bit(skb, RTA_EXPIRES, jiffies_to_clock_t(lastuse),
2298 RTA_PAD))
2299 return -EMSGSIZE;
2300
2301 rtm->rtm_type = RTN_MULTICAST;
2302 return 1;
2303}
2304
2305int ip6mr_get_route(struct net *net, struct sk_buff *skb, struct rtmsg *rtm,
2306 u32 portid)
2307{
2308 int err;
2309 struct mr6_table *mrt;
2310 struct mfc6_cache *cache;
2311 struct rt6_info *rt = (struct rt6_info *)skb_dst(skb);
2312
2313 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT);
2314 if (!mrt)
2315 return -ENOENT;
2316
2317 read_lock(&mrt_lock);
2318 cache = ip6mr_cache_find(mrt, &rt->rt6i_src.addr, &rt->rt6i_dst.addr);
2319 if (!cache && skb->dev) {
2320 int vif = ip6mr_find_vif(mrt, skb->dev);
2321
2322 if (vif >= 0)
2323 cache = ip6mr_cache_find_any(mrt, &rt->rt6i_dst.addr,
2324 vif);
2325 }
2326
2327 if (!cache) {
2328 struct sk_buff *skb2;
2329 struct ipv6hdr *iph;
2330 struct net_device *dev;
2331 int vif;
2332
2333 dev = skb->dev;
2334 if (!dev || (vif = ip6mr_find_vif(mrt, dev)) < 0) {
2335 read_unlock(&mrt_lock);
2336 return -ENODEV;
2337 }
2338
2339 /* really correct? */
2340 skb2 = alloc_skb(sizeof(struct ipv6hdr), GFP_ATOMIC);
2341 if (!skb2) {
2342 read_unlock(&mrt_lock);
2343 return -ENOMEM;
2344 }
2345
2346 NETLINK_CB(skb2).portid = portid;
2347 skb_reset_transport_header(skb2);
2348
2349 skb_put(skb2, sizeof(struct ipv6hdr));
2350 skb_reset_network_header(skb2);
2351
2352 iph = ipv6_hdr(skb2);
2353 iph->version = 0;
2354 iph->priority = 0;
2355 iph->flow_lbl[0] = 0;
2356 iph->flow_lbl[1] = 0;
2357 iph->flow_lbl[2] = 0;
2358 iph->payload_len = 0;
2359 iph->nexthdr = IPPROTO_NONE;
2360 iph->hop_limit = 0;
2361 iph->saddr = rt->rt6i_src.addr;
2362 iph->daddr = rt->rt6i_dst.addr;
2363
2364 err = ip6mr_cache_unresolved(mrt, vif, skb2);
2365 read_unlock(&mrt_lock);
2366
2367 return err;
2368 }
2369
2370 if (rtm->rtm_flags & RTM_F_NOTIFY)
2371 cache->mfc_flags |= MFC_NOTIFY;
2372
2373 err = __ip6mr_fill_mroute(mrt, skb, cache, rtm);
2374 read_unlock(&mrt_lock);
2375 return err;
2376}
2377
2378static int ip6mr_fill_mroute(struct mr6_table *mrt, struct sk_buff *skb,
2379 u32 portid, u32 seq, struct mfc6_cache *c, int cmd,
2380 int flags)
2381{
2382 struct nlmsghdr *nlh;
2383 struct rtmsg *rtm;
2384 int err;
2385
2386 nlh = nlmsg_put(skb, portid, seq, cmd, sizeof(*rtm), flags);
2387 if (!nlh)
2388 return -EMSGSIZE;
2389
2390 rtm = nlmsg_data(nlh);
2391 rtm->rtm_family = RTNL_FAMILY_IP6MR;
2392 rtm->rtm_dst_len = 128;
2393 rtm->rtm_src_len = 128;
2394 rtm->rtm_tos = 0;
2395 rtm->rtm_table = mrt->id;
2396 if (nla_put_u32(skb, RTA_TABLE, mrt->id))
2397 goto nla_put_failure;
2398 rtm->rtm_type = RTN_MULTICAST;
2399 rtm->rtm_scope = RT_SCOPE_UNIVERSE;
2400 if (c->mfc_flags & MFC_STATIC)
2401 rtm->rtm_protocol = RTPROT_STATIC;
2402 else
2403 rtm->rtm_protocol = RTPROT_MROUTED;
2404 rtm->rtm_flags = 0;
2405
2406 if (nla_put_in6_addr(skb, RTA_SRC, &c->mf6c_origin) ||
2407 nla_put_in6_addr(skb, RTA_DST, &c->mf6c_mcastgrp))
2408 goto nla_put_failure;
2409 err = __ip6mr_fill_mroute(mrt, skb, c, rtm);
2410 /* do not break the dump if cache is unresolved */
2411 if (err < 0 && err != -ENOENT)
2412 goto nla_put_failure;
2413
2414 nlmsg_end(skb, nlh);
2415 return 0;
2416
2417nla_put_failure:
2418 nlmsg_cancel(skb, nlh);
2419 return -EMSGSIZE;
2420}
2421
2422static int mr6_msgsize(bool unresolved, int maxvif)
2423{
2424 size_t len =
2425 NLMSG_ALIGN(sizeof(struct rtmsg))
2426 + nla_total_size(4) /* RTA_TABLE */
2427 + nla_total_size(sizeof(struct in6_addr)) /* RTA_SRC */
2428 + nla_total_size(sizeof(struct in6_addr)) /* RTA_DST */
2429 ;
2430
2431 if (!unresolved)
2432 len = len
2433 + nla_total_size(4) /* RTA_IIF */
2434 + nla_total_size(0) /* RTA_MULTIPATH */
2435 + maxvif * NLA_ALIGN(sizeof(struct rtnexthop))
2436 /* RTA_MFC_STATS */
2437 + nla_total_size_64bit(sizeof(struct rta_mfc_stats))
2438 ;
2439
2440 return len;
2441}
2442
2443static void mr6_netlink_event(struct mr6_table *mrt, struct mfc6_cache *mfc,
2444 int cmd)
2445{
2446 struct net *net = read_pnet(&mrt->net);
2447 struct sk_buff *skb;
2448 int err = -ENOBUFS;
2449
2450 skb = nlmsg_new(mr6_msgsize(mfc->mf6c_parent >= MAXMIFS, mrt->maxvif),
2451 GFP_ATOMIC);
2452 if (!skb)
2453 goto errout;
2454
2455 err = ip6mr_fill_mroute(mrt, skb, 0, 0, mfc, cmd, 0);
2456 if (err < 0)
2457 goto errout;
2458
2459 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_MROUTE, NULL, GFP_ATOMIC);
2460 return;
2461
2462errout:
2463 kfree_skb(skb);
2464 if (err < 0)
2465 rtnl_set_sk_err(net, RTNLGRP_IPV6_MROUTE, err);
2466}
2467
2468static size_t mrt6msg_netlink_msgsize(size_t payloadlen)
2469{
2470 size_t len =
2471 NLMSG_ALIGN(sizeof(struct rtgenmsg))
2472 + nla_total_size(1) /* IP6MRA_CREPORT_MSGTYPE */
2473 + nla_total_size(4) /* IP6MRA_CREPORT_MIF_ID */
2474 /* IP6MRA_CREPORT_SRC_ADDR */
2475 + nla_total_size(sizeof(struct in6_addr))
2476 /* IP6MRA_CREPORT_DST_ADDR */
2477 + nla_total_size(sizeof(struct in6_addr))
2478 /* IP6MRA_CREPORT_PKT */
2479 + nla_total_size(payloadlen)
2480 ;
2481
2482 return len;
2483}
2484
2485static void mrt6msg_netlink_event(struct mr6_table *mrt, struct sk_buff *pkt)
2486{
2487 struct net *net = read_pnet(&mrt->net);
2488 struct nlmsghdr *nlh;
2489 struct rtgenmsg *rtgenm;
2490 struct mrt6msg *msg;
2491 struct sk_buff *skb;
2492 struct nlattr *nla;
2493 int payloadlen;
2494
2495 payloadlen = pkt->len - sizeof(struct mrt6msg);
2496 msg = (struct mrt6msg *)skb_transport_header(pkt);
2497
2498 skb = nlmsg_new(mrt6msg_netlink_msgsize(payloadlen), GFP_ATOMIC);
2499 if (!skb)
2500 goto errout;
2501
2502 nlh = nlmsg_put(skb, 0, 0, RTM_NEWCACHEREPORT,
2503 sizeof(struct rtgenmsg), 0);
2504 if (!nlh)
2505 goto errout;
2506 rtgenm = nlmsg_data(nlh);
2507 rtgenm->rtgen_family = RTNL_FAMILY_IP6MR;
2508 if (nla_put_u8(skb, IP6MRA_CREPORT_MSGTYPE, msg->im6_msgtype) ||
2509 nla_put_u32(skb, IP6MRA_CREPORT_MIF_ID, msg->im6_mif) ||
2510 nla_put_in6_addr(skb, IP6MRA_CREPORT_SRC_ADDR,
2511 &msg->im6_src) ||
2512 nla_put_in6_addr(skb, IP6MRA_CREPORT_DST_ADDR,
2513 &msg->im6_dst))
2514 goto nla_put_failure;
2515
2516 nla = nla_reserve(skb, IP6MRA_CREPORT_PKT, payloadlen);
2517 if (!nla || skb_copy_bits(pkt, sizeof(struct mrt6msg),
2518 nla_data(nla), payloadlen))
2519 goto nla_put_failure;
2520
2521 nlmsg_end(skb, nlh);
2522
2523 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_MROUTE_R, NULL, GFP_ATOMIC);
2524 return;
2525
2526nla_put_failure:
2527 nlmsg_cancel(skb, nlh);
2528errout:
2529 kfree_skb(skb);
2530 rtnl_set_sk_err(net, RTNLGRP_IPV6_MROUTE_R, -ENOBUFS);
2531}
2532
2533static int ip6mr_rtm_dumproute(struct sk_buff *skb, struct netlink_callback *cb)
2534{
2535 struct net *net = sock_net(skb->sk);
2536 struct mr6_table *mrt;
2537 struct mfc6_cache *mfc;
2538 unsigned int t = 0, s_t;
2539 unsigned int h = 0, s_h;
2540 unsigned int e = 0, s_e;
2541
2542 s_t = cb->args[0];
2543 s_h = cb->args[1];
2544 s_e = cb->args[2];
2545
2546 read_lock(&mrt_lock);
2547 ip6mr_for_each_table(mrt, net) {
2548 if (t < s_t)
2549 goto next_table;
2550 if (t > s_t)
2551 s_h = 0;
2552 for (h = s_h; h < MFC6_LINES; h++) {
2553 list_for_each_entry(mfc, &mrt->mfc6_cache_array[h], list) {
2554 if (e < s_e)
2555 goto next_entry;
2556 if (ip6mr_fill_mroute(mrt, skb,
2557 NETLINK_CB(cb->skb).portid,
2558 cb->nlh->nlmsg_seq,
2559 mfc, RTM_NEWROUTE,
2560 NLM_F_MULTI) < 0)
2561 goto done;
2562next_entry:
2563 e++;
2564 }
2565 e = s_e = 0;
2566 }
2567 spin_lock_bh(&mfc_unres_lock);
2568 list_for_each_entry(mfc, &mrt->mfc6_unres_queue, list) {
2569 if (e < s_e)
2570 goto next_entry2;
2571 if (ip6mr_fill_mroute(mrt, skb,
2572 NETLINK_CB(cb->skb).portid,
2573 cb->nlh->nlmsg_seq,
2574 mfc, RTM_NEWROUTE,
2575 NLM_F_MULTI) < 0) {
2576 spin_unlock_bh(&mfc_unres_lock);
2577 goto done;
2578 }
2579next_entry2:
2580 e++;
2581 }
2582 spin_unlock_bh(&mfc_unres_lock);
2583 e = s_e = 0;
2584 s_h = 0;
2585next_table:
2586 t++;
2587 }
2588done:
2589 read_unlock(&mrt_lock);
2590
2591 cb->args[2] = e;
2592 cb->args[1] = h;
2593 cb->args[0] = t;
2594
2595 return skb->len;
2596}