1 /* 2 * Linux IPv6 multicast routing support for BSD pim6sd 3 * Based on net/ipv4/ipmr.c. 4 * 5 * (c) 2004 Mickael Hoerdt, <hoerdt@clarinet.u-strasbg.fr> 6 * LSIIT Laboratory, Strasbourg, France 7 * (c) 2004 Jean-Philippe Andriot, <jean-philippe.andriot@6WIND.com> 8 * 6WIND, Paris, France 9 * Copyright (C)2007,2008 USAGI/WIDE Project 10 * YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> 11 * 12 * This program is free software; you can redistribute it and/or 13 * modify it under the terms of the GNU General Public License 14 * as published by the Free Software Foundation; either version 15 * 2 of the License, or (at your option) any later version. 16 * 17 */ 18 19 #include <linux/uaccess.h> 20 #include <linux/types.h> 21 #include <linux/sched.h> 22 #include <linux/errno.h> 23 #include <linux/mm.h> 24 #include <linux/kernel.h> 25 #include <linux/fcntl.h> 26 #include <linux/stat.h> 27 #include <linux/socket.h> 28 #include <linux/inet.h> 29 #include <linux/netdevice.h> 30 #include <linux/inetdevice.h> 31 #include <linux/proc_fs.h> 32 #include <linux/seq_file.h> 33 #include <linux/init.h> 34 #include <linux/compat.h> 35 #include <linux/rhashtable.h> 36 #include <net/protocol.h> 37 #include <linux/skbuff.h> 38 #include <net/raw.h> 39 #include <linux/notifier.h> 40 #include <linux/if_arp.h> 41 #include <net/checksum.h> 42 #include <net/netlink.h> 43 #include <net/fib_rules.h> 44 45 #include <net/ipv6.h> 46 #include <net/ip6_route.h> 47 #include <linux/mroute6.h> 48 #include <linux/pim.h> 49 #include <net/addrconf.h> 50 #include <linux/netfilter_ipv6.h> 51 #include <linux/export.h> 52 #include <net/ip6_checksum.h> 53 #include <linux/netconf.h> 54 55 #include <linux/nospec.h> 56 57 struct ip6mr_rule { 58 struct fib_rule common; 59 }; 60 61 struct ip6mr_result { 62 struct mr_table *mrt; 63 }; 64 65 /* Big lock, protecting vif table, mrt cache and mroute socket state. 66 Note that the changes are semaphored via rtnl_lock. 67 */ 68 69 static DEFINE_RWLOCK(mrt_lock); 70 71 /* Multicast router control variables */ 72 73 /* Special spinlock for queue of unresolved entries */ 74 static DEFINE_SPINLOCK(mfc_unres_lock); 75 76 /* We return to original Alan's scheme. Hash table of resolved 77 entries is changed only in process context and protected 78 with weak lock mrt_lock. Queue of unresolved entries is protected 79 with strong spinlock mfc_unres_lock. 80 81 In this case data path is free of exclusive locks at all. 82 */ 83 84 static struct kmem_cache *mrt_cachep __read_mostly; 85 86 static struct mr_table *ip6mr_new_table(struct net *net, u32 id); 87 static void ip6mr_free_table(struct mr_table *mrt); 88 89 static void ip6_mr_forward(struct net *net, struct mr_table *mrt, 90 struct net_device *dev, struct sk_buff *skb, 91 struct mfc6_cache *cache); 92 static int ip6mr_cache_report(struct mr_table *mrt, struct sk_buff *pkt, 93 mifi_t mifi, int assert); 94 static void mr6_netlink_event(struct mr_table *mrt, struct mfc6_cache *mfc, 95 int cmd); 96 static void mrt6msg_netlink_event(struct mr_table *mrt, struct sk_buff *pkt); 97 static int ip6mr_rtm_dumproute(struct sk_buff *skb, 98 struct netlink_callback *cb); 99 static void mroute_clean_tables(struct mr_table *mrt, bool all); 100 static void ipmr_expire_process(struct timer_list *t); 101 102 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES 103 #define ip6mr_for_each_table(mrt, net) \ 104 list_for_each_entry_rcu(mrt, &net->ipv6.mr6_tables, list) 105 106 static struct mr_table *ip6mr_mr_table_iter(struct net *net, 107 struct mr_table *mrt) 108 { 109 struct mr_table *ret; 110 111 if (!mrt) 112 ret = list_entry_rcu(net->ipv6.mr6_tables.next, 113 struct mr_table, list); 114 else 115 ret = list_entry_rcu(mrt->list.next, 116 struct mr_table, list); 117 118 if (&ret->list == &net->ipv6.mr6_tables) 119 return NULL; 120 return ret; 121 } 122 123 static struct mr_table *ip6mr_get_table(struct net *net, u32 id) 124 { 125 struct mr_table *mrt; 126 127 ip6mr_for_each_table(mrt, net) { 128 if (mrt->id == id) 129 return mrt; 130 } 131 return NULL; 132 } 133 134 static int ip6mr_fib_lookup(struct net *net, struct flowi6 *flp6, 135 struct mr_table **mrt) 136 { 137 int err; 138 struct ip6mr_result res; 139 struct fib_lookup_arg arg = { 140 .result = &res, 141 .flags = FIB_LOOKUP_NOREF, 142 }; 143 144 /* update flow if oif or iif point to device enslaved to l3mdev */ 145 l3mdev_update_flow(net, flowi6_to_flowi(flp6)); 146 147 err = fib_rules_lookup(net->ipv6.mr6_rules_ops, 148 flowi6_to_flowi(flp6), 0, &arg); 149 if (err < 0) 150 return err; 151 *mrt = res.mrt; 152 return 0; 153 } 154 155 static int ip6mr_rule_action(struct fib_rule *rule, struct flowi *flp, 156 int flags, struct fib_lookup_arg *arg) 157 { 158 struct ip6mr_result *res = arg->result; 159 struct mr_table *mrt; 160 161 switch (rule->action) { 162 case FR_ACT_TO_TBL: 163 break; 164 case FR_ACT_UNREACHABLE: 165 return -ENETUNREACH; 166 case FR_ACT_PROHIBIT: 167 return -EACCES; 168 case FR_ACT_BLACKHOLE: 169 default: 170 return -EINVAL; 171 } 172 173 arg->table = fib_rule_get_table(rule, arg); 174 175 mrt = ip6mr_get_table(rule->fr_net, arg->table); 176 if (!mrt) 177 return -EAGAIN; 178 res->mrt = mrt; 179 return 0; 180 } 181 182 static int ip6mr_rule_match(struct fib_rule *rule, struct flowi *flp, int flags) 183 { 184 return 1; 185 } 186 187 static const struct nla_policy ip6mr_rule_policy[FRA_MAX + 1] = { 188 FRA_GENERIC_POLICY, 189 }; 190 191 static int ip6mr_rule_configure(struct fib_rule *rule, struct sk_buff *skb, 192 struct fib_rule_hdr *frh, struct nlattr **tb, 193 struct netlink_ext_ack *extack) 194 { 195 return 0; 196 } 197 198 static int ip6mr_rule_compare(struct fib_rule *rule, struct fib_rule_hdr *frh, 199 struct nlattr **tb) 200 { 201 return 1; 202 } 203 204 static int ip6mr_rule_fill(struct fib_rule *rule, struct sk_buff *skb, 205 struct fib_rule_hdr *frh) 206 { 207 frh->dst_len = 0; 208 frh->src_len = 0; 209 frh->tos = 0; 210 return 0; 211 } 212 213 static const struct fib_rules_ops __net_initconst ip6mr_rules_ops_template = { 214 .family = RTNL_FAMILY_IP6MR, 215 .rule_size = sizeof(struct ip6mr_rule), 216 .addr_size = sizeof(struct in6_addr), 217 .action = ip6mr_rule_action, 218 .match = ip6mr_rule_match, 219 .configure = ip6mr_rule_configure, 220 .compare = ip6mr_rule_compare, 221 .fill = ip6mr_rule_fill, 222 .nlgroup = RTNLGRP_IPV6_RULE, 223 .policy = ip6mr_rule_policy, 224 .owner = THIS_MODULE, 225 }; 226 227 static int __net_init ip6mr_rules_init(struct net *net) 228 { 229 struct fib_rules_ops *ops; 230 struct mr_table *mrt; 231 int err; 232 233 ops = fib_rules_register(&ip6mr_rules_ops_template, net); 234 if (IS_ERR(ops)) 235 return PTR_ERR(ops); 236 237 INIT_LIST_HEAD(&net->ipv6.mr6_tables); 238 239 mrt = ip6mr_new_table(net, RT6_TABLE_DFLT); 240 if (IS_ERR(mrt)) { 241 err = PTR_ERR(mrt); 242 goto err1; 243 } 244 245 err = fib_default_rule_add(ops, 0x7fff, RT6_TABLE_DFLT, 0); 246 if (err < 0) 247 goto err2; 248 249 net->ipv6.mr6_rules_ops = ops; 250 return 0; 251 252 err2: 253 ip6mr_free_table(mrt); 254 err1: 255 fib_rules_unregister(ops); 256 return err; 257 } 258 259 static void __net_exit ip6mr_rules_exit(struct net *net) 260 { 261 struct mr_table *mrt, *next; 262 263 rtnl_lock(); 264 list_for_each_entry_safe(mrt, next, &net->ipv6.mr6_tables, list) { 265 list_del(&mrt->list); 266 ip6mr_free_table(mrt); 267 } 268 fib_rules_unregister(net->ipv6.mr6_rules_ops); 269 rtnl_unlock(); 270 } 271 272 static int ip6mr_rules_dump(struct net *net, struct notifier_block *nb) 273 { 274 return fib_rules_dump(net, nb, RTNL_FAMILY_IP6MR); 275 } 276 277 static unsigned int ip6mr_rules_seq_read(struct net *net) 278 { 279 return fib_rules_seq_read(net, RTNL_FAMILY_IP6MR); 280 } 281 282 bool ip6mr_rule_default(const struct fib_rule *rule) 283 { 284 return fib_rule_matchall(rule) && rule->action == FR_ACT_TO_TBL && 285 rule->table == RT6_TABLE_DFLT && !rule->l3mdev; 286 } 287 EXPORT_SYMBOL(ip6mr_rule_default); 288 #else 289 #define ip6mr_for_each_table(mrt, net) \ 290 for (mrt = net->ipv6.mrt6; mrt; mrt = NULL) 291 292 static struct mr_table *ip6mr_mr_table_iter(struct net *net, 293 struct mr_table *mrt) 294 { 295 if (!mrt) 296 return net->ipv6.mrt6; 297 return NULL; 298 } 299 300 static struct mr_table *ip6mr_get_table(struct net *net, u32 id) 301 { 302 return net->ipv6.mrt6; 303 } 304 305 static int ip6mr_fib_lookup(struct net *net, struct flowi6 *flp6, 306 struct mr_table **mrt) 307 { 308 *mrt = net->ipv6.mrt6; 309 return 0; 310 } 311 312 static int __net_init ip6mr_rules_init(struct net *net) 313 { 314 struct mr_table *mrt; 315 316 mrt = ip6mr_new_table(net, RT6_TABLE_DFLT); 317 if (IS_ERR(mrt)) 318 return PTR_ERR(mrt); 319 net->ipv6.mrt6 = mrt; 320 return 0; 321 } 322 323 static void __net_exit ip6mr_rules_exit(struct net *net) 324 { 325 rtnl_lock(); 326 ip6mr_free_table(net->ipv6.mrt6); 327 net->ipv6.mrt6 = NULL; 328 rtnl_unlock(); 329 } 330 331 static int ip6mr_rules_dump(struct net *net, struct notifier_block *nb) 332 { 333 return 0; 334 } 335 336 static unsigned int ip6mr_rules_seq_read(struct net *net) 337 { 338 return 0; 339 } 340 #endif 341 342 static int ip6mr_hash_cmp(struct rhashtable_compare_arg *arg, 343 const void *ptr) 344 { 345 const struct mfc6_cache_cmp_arg *cmparg = arg->key; 346 struct mfc6_cache *c = (struct mfc6_cache *)ptr; 347 348 return !ipv6_addr_equal(&c->mf6c_mcastgrp, &cmparg->mf6c_mcastgrp) || 349 !ipv6_addr_equal(&c->mf6c_origin, &cmparg->mf6c_origin); 350 } 351 352 static const struct rhashtable_params ip6mr_rht_params = { 353 .head_offset = offsetof(struct mr_mfc, mnode), 354 .key_offset = offsetof(struct mfc6_cache, cmparg), 355 .key_len = sizeof(struct mfc6_cache_cmp_arg), 356 .nelem_hint = 3, 357 .locks_mul = 1, 358 .obj_cmpfn = ip6mr_hash_cmp, 359 .automatic_shrinking = true, 360 }; 361 362 static void ip6mr_new_table_set(struct mr_table *mrt, 363 struct net *net) 364 { 365 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES 366 list_add_tail_rcu(&mrt->list, &net->ipv6.mr6_tables); 367 #endif 368 } 369 370 static struct mfc6_cache_cmp_arg ip6mr_mr_table_ops_cmparg_any = { 371 .mf6c_origin = IN6ADDR_ANY_INIT, 372 .mf6c_mcastgrp = IN6ADDR_ANY_INIT, 373 }; 374 375 static struct mr_table_ops ip6mr_mr_table_ops = { 376 .rht_params = &ip6mr_rht_params, 377 .cmparg_any = &ip6mr_mr_table_ops_cmparg_any, 378 }; 379 380 static struct mr_table *ip6mr_new_table(struct net *net, u32 id) 381 { 382 struct mr_table *mrt; 383 384 mrt = ip6mr_get_table(net, id); 385 if (mrt) 386 return mrt; 387 388 return mr_table_alloc(net, id, &ip6mr_mr_table_ops, 389 ipmr_expire_process, ip6mr_new_table_set); 390 } 391 392 static void ip6mr_free_table(struct mr_table *mrt) 393 { 394 del_timer_sync(&mrt->ipmr_expire_timer); 395 mroute_clean_tables(mrt, true); 396 rhltable_destroy(&mrt->mfc_hash); 397 kfree(mrt); 398 } 399 400 #ifdef CONFIG_PROC_FS 401 /* The /proc interfaces to multicast routing 402 * /proc/ip6_mr_cache /proc/ip6_mr_vif 403 */ 404 405 static void *ip6mr_vif_seq_start(struct seq_file *seq, loff_t *pos) 406 __acquires(mrt_lock) 407 { 408 struct mr_vif_iter *iter = seq->private; 409 struct net *net = seq_file_net(seq); 410 struct mr_table *mrt; 411 412 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT); 413 if (!mrt) 414 return ERR_PTR(-ENOENT); 415 416 iter->mrt = mrt; 417 418 read_lock(&mrt_lock); 419 return mr_vif_seq_start(seq, pos); 420 } 421 422 static void ip6mr_vif_seq_stop(struct seq_file *seq, void *v) 423 __releases(mrt_lock) 424 { 425 read_unlock(&mrt_lock); 426 } 427 428 static int ip6mr_vif_seq_show(struct seq_file *seq, void *v) 429 { 430 struct mr_vif_iter *iter = seq->private; 431 struct mr_table *mrt = iter->mrt; 432 433 if (v == SEQ_START_TOKEN) { 434 seq_puts(seq, 435 "Interface BytesIn PktsIn BytesOut PktsOut Flags\n"); 436 } else { 437 const struct vif_device *vif = v; 438 const char *name = vif->dev ? vif->dev->name : "none"; 439 440 seq_printf(seq, 441 "%2td %-10s %8ld %7ld %8ld %7ld %05X\n", 442 vif - mrt->vif_table, 443 name, vif->bytes_in, vif->pkt_in, 444 vif->bytes_out, vif->pkt_out, 445 vif->flags); 446 } 447 return 0; 448 } 449 450 static const struct seq_operations ip6mr_vif_seq_ops = { 451 .start = ip6mr_vif_seq_start, 452 .next = mr_vif_seq_next, 453 .stop = ip6mr_vif_seq_stop, 454 .show = ip6mr_vif_seq_show, 455 }; 456 457 static void *ipmr_mfc_seq_start(struct seq_file *seq, loff_t *pos) 458 { 459 struct net *net = seq_file_net(seq); 460 struct mr_table *mrt; 461 462 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT); 463 if (!mrt) 464 return ERR_PTR(-ENOENT); 465 466 return mr_mfc_seq_start(seq, pos, mrt, &mfc_unres_lock); 467 } 468 469 static int ipmr_mfc_seq_show(struct seq_file *seq, void *v) 470 { 471 int n; 472 473 if (v == SEQ_START_TOKEN) { 474 seq_puts(seq, 475 "Group " 476 "Origin " 477 "Iif Pkts Bytes Wrong Oifs\n"); 478 } else { 479 const struct mfc6_cache *mfc = v; 480 const struct mr_mfc_iter *it = seq->private; 481 struct mr_table *mrt = it->mrt; 482 483 seq_printf(seq, "%pI6 %pI6 %-3hd", 484 &mfc->mf6c_mcastgrp, &mfc->mf6c_origin, 485 mfc->_c.mfc_parent); 486 487 if (it->cache != &mrt->mfc_unres_queue) { 488 seq_printf(seq, " %8lu %8lu %8lu", 489 mfc->_c.mfc_un.res.pkt, 490 mfc->_c.mfc_un.res.bytes, 491 mfc->_c.mfc_un.res.wrong_if); 492 for (n = mfc->_c.mfc_un.res.minvif; 493 n < mfc->_c.mfc_un.res.maxvif; n++) { 494 if (VIF_EXISTS(mrt, n) && 495 mfc->_c.mfc_un.res.ttls[n] < 255) 496 seq_printf(seq, 497 " %2d:%-3d", n, 498 mfc->_c.mfc_un.res.ttls[n]); 499 } 500 } else { 501 /* unresolved mfc_caches don't contain 502 * pkt, bytes and wrong_if values 503 */ 504 seq_printf(seq, " %8lu %8lu %8lu", 0ul, 0ul, 0ul); 505 } 506 seq_putc(seq, '\n'); 507 } 508 return 0; 509 } 510 511 static const struct seq_operations ipmr_mfc_seq_ops = { 512 .start = ipmr_mfc_seq_start, 513 .next = mr_mfc_seq_next, 514 .stop = mr_mfc_seq_stop, 515 .show = ipmr_mfc_seq_show, 516 }; 517 #endif 518 519 #ifdef CONFIG_IPV6_PIMSM_V2 520 521 static int pim6_rcv(struct sk_buff *skb) 522 { 523 struct pimreghdr *pim; 524 struct ipv6hdr *encap; 525 struct net_device *reg_dev = NULL; 526 struct net *net = dev_net(skb->dev); 527 struct mr_table *mrt; 528 struct flowi6 fl6 = { 529 .flowi6_iif = skb->dev->ifindex, 530 .flowi6_mark = skb->mark, 531 }; 532 int reg_vif_num; 533 534 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(*encap))) 535 goto drop; 536 537 pim = (struct pimreghdr *)skb_transport_header(skb); 538 if (pim->type != ((PIM_VERSION << 4) | PIM_TYPE_REGISTER) || 539 (pim->flags & PIM_NULL_REGISTER) || 540 (csum_ipv6_magic(&ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr, 541 sizeof(*pim), IPPROTO_PIM, 542 csum_partial((void *)pim, sizeof(*pim), 0)) && 543 csum_fold(skb_checksum(skb, 0, skb->len, 0)))) 544 goto drop; 545 546 /* check if the inner packet is destined to mcast group */ 547 encap = (struct ipv6hdr *)(skb_transport_header(skb) + 548 sizeof(*pim)); 549 550 if (!ipv6_addr_is_multicast(&encap->daddr) || 551 encap->payload_len == 0 || 552 ntohs(encap->payload_len) + sizeof(*pim) > skb->len) 553 goto drop; 554 555 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0) 556 goto drop; 557 reg_vif_num = mrt->mroute_reg_vif_num; 558 559 read_lock(&mrt_lock); 560 if (reg_vif_num >= 0) 561 reg_dev = mrt->vif_table[reg_vif_num].dev; 562 if (reg_dev) 563 dev_hold(reg_dev); 564 read_unlock(&mrt_lock); 565 566 if (!reg_dev) 567 goto drop; 568 569 skb->mac_header = skb->network_header; 570 skb_pull(skb, (u8 *)encap - skb->data); 571 skb_reset_network_header(skb); 572 skb->protocol = htons(ETH_P_IPV6); 573 skb->ip_summed = CHECKSUM_NONE; 574 575 skb_tunnel_rx(skb, reg_dev, dev_net(reg_dev)); 576 577 netif_rx(skb); 578 579 dev_put(reg_dev); 580 return 0; 581 drop: 582 kfree_skb(skb); 583 return 0; 584 } 585 586 static const struct inet6_protocol pim6_protocol = { 587 .handler = pim6_rcv, 588 }; 589 590 /* Service routines creating virtual interfaces: PIMREG */ 591 592 static netdev_tx_t reg_vif_xmit(struct sk_buff *skb, 593 struct net_device *dev) 594 { 595 struct net *net = dev_net(dev); 596 struct mr_table *mrt; 597 struct flowi6 fl6 = { 598 .flowi6_oif = dev->ifindex, 599 .flowi6_iif = skb->skb_iif ? : LOOPBACK_IFINDEX, 600 .flowi6_mark = skb->mark, 601 }; 602 int err; 603 604 err = ip6mr_fib_lookup(net, &fl6, &mrt); 605 if (err < 0) { 606 kfree_skb(skb); 607 return err; 608 } 609 610 read_lock(&mrt_lock); 611 dev->stats.tx_bytes += skb->len; 612 dev->stats.tx_packets++; 613 ip6mr_cache_report(mrt, skb, mrt->mroute_reg_vif_num, MRT6MSG_WHOLEPKT); 614 read_unlock(&mrt_lock); 615 kfree_skb(skb); 616 return NETDEV_TX_OK; 617 } 618 619 static int reg_vif_get_iflink(const struct net_device *dev) 620 { 621 return 0; 622 } 623 624 static const struct net_device_ops reg_vif_netdev_ops = { 625 .ndo_start_xmit = reg_vif_xmit, 626 .ndo_get_iflink = reg_vif_get_iflink, 627 }; 628 629 static void reg_vif_setup(struct net_device *dev) 630 { 631 dev->type = ARPHRD_PIMREG; 632 dev->mtu = 1500 - sizeof(struct ipv6hdr) - 8; 633 dev->flags = IFF_NOARP; 634 dev->netdev_ops = ®_vif_netdev_ops; 635 dev->needs_free_netdev = true; 636 dev->features |= NETIF_F_NETNS_LOCAL; 637 } 638 639 static struct net_device *ip6mr_reg_vif(struct net *net, struct mr_table *mrt) 640 { 641 struct net_device *dev; 642 char name[IFNAMSIZ]; 643 644 if (mrt->id == RT6_TABLE_DFLT) 645 sprintf(name, "pim6reg"); 646 else 647 sprintf(name, "pim6reg%u", mrt->id); 648 649 dev = alloc_netdev(0, name, NET_NAME_UNKNOWN, reg_vif_setup); 650 if (!dev) 651 return NULL; 652 653 dev_net_set(dev, net); 654 655 if (register_netdevice(dev)) { 656 free_netdev(dev); 657 return NULL; 658 } 659 660 if (dev_open(dev, NULL)) 661 goto failure; 662 663 dev_hold(dev); 664 return dev; 665 666 failure: 667 unregister_netdevice(dev); 668 return NULL; 669 } 670 #endif 671 672 static int call_ip6mr_vif_entry_notifiers(struct net *net, 673 enum fib_event_type event_type, 674 struct vif_device *vif, 675 mifi_t vif_index, u32 tb_id) 676 { 677 return mr_call_vif_notifiers(net, RTNL_FAMILY_IP6MR, event_type, 678 vif, vif_index, tb_id, 679 &net->ipv6.ipmr_seq); 680 } 681 682 static int call_ip6mr_mfc_entry_notifiers(struct net *net, 683 enum fib_event_type event_type, 684 struct mfc6_cache *mfc, u32 tb_id) 685 { 686 return mr_call_mfc_notifiers(net, RTNL_FAMILY_IP6MR, event_type, 687 &mfc->_c, tb_id, &net->ipv6.ipmr_seq); 688 } 689 690 /* Delete a VIF entry */ 691 static int mif6_delete(struct mr_table *mrt, int vifi, int notify, 692 struct list_head *head) 693 { 694 struct vif_device *v; 695 struct net_device *dev; 696 struct inet6_dev *in6_dev; 697 698 if (vifi < 0 || vifi >= mrt->maxvif) 699 return -EADDRNOTAVAIL; 700 701 v = &mrt->vif_table[vifi]; 702 703 if (VIF_EXISTS(mrt, vifi)) 704 call_ip6mr_vif_entry_notifiers(read_pnet(&mrt->net), 705 FIB_EVENT_VIF_DEL, v, vifi, 706 mrt->id); 707 708 write_lock_bh(&mrt_lock); 709 dev = v->dev; 710 v->dev = NULL; 711 712 if (!dev) { 713 write_unlock_bh(&mrt_lock); 714 return -EADDRNOTAVAIL; 715 } 716 717 #ifdef CONFIG_IPV6_PIMSM_V2 718 if (vifi == mrt->mroute_reg_vif_num) 719 mrt->mroute_reg_vif_num = -1; 720 #endif 721 722 if (vifi + 1 == mrt->maxvif) { 723 int tmp; 724 for (tmp = vifi - 1; tmp >= 0; tmp--) { 725 if (VIF_EXISTS(mrt, tmp)) 726 break; 727 } 728 mrt->maxvif = tmp + 1; 729 } 730 731 write_unlock_bh(&mrt_lock); 732 733 dev_set_allmulti(dev, -1); 734 735 in6_dev = __in6_dev_get(dev); 736 if (in6_dev) { 737 in6_dev->cnf.mc_forwarding--; 738 inet6_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF, 739 NETCONFA_MC_FORWARDING, 740 dev->ifindex, &in6_dev->cnf); 741 } 742 743 if ((v->flags & MIFF_REGISTER) && !notify) 744 unregister_netdevice_queue(dev, head); 745 746 dev_put(dev); 747 return 0; 748 } 749 750 static inline void ip6mr_cache_free_rcu(struct rcu_head *head) 751 { 752 struct mr_mfc *c = container_of(head, struct mr_mfc, rcu); 753 754 kmem_cache_free(mrt_cachep, (struct mfc6_cache *)c); 755 } 756 757 static inline void ip6mr_cache_free(struct mfc6_cache *c) 758 { 759 call_rcu(&c->_c.rcu, ip6mr_cache_free_rcu); 760 } 761 762 /* Destroy an unresolved cache entry, killing queued skbs 763 and reporting error to netlink readers. 764 */ 765 766 static void ip6mr_destroy_unres(struct mr_table *mrt, struct mfc6_cache *c) 767 { 768 struct net *net = read_pnet(&mrt->net); 769 struct sk_buff *skb; 770 771 atomic_dec(&mrt->cache_resolve_queue_len); 772 773 while ((skb = skb_dequeue(&c->_c.mfc_un.unres.unresolved)) != NULL) { 774 if (ipv6_hdr(skb)->version == 0) { 775 struct nlmsghdr *nlh = skb_pull(skb, 776 sizeof(struct ipv6hdr)); 777 nlh->nlmsg_type = NLMSG_ERROR; 778 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr)); 779 skb_trim(skb, nlh->nlmsg_len); 780 ((struct nlmsgerr *)nlmsg_data(nlh))->error = -ETIMEDOUT; 781 rtnl_unicast(skb, net, NETLINK_CB(skb).portid); 782 } else 783 kfree_skb(skb); 784 } 785 786 ip6mr_cache_free(c); 787 } 788 789 790 /* Timer process for all the unresolved queue. */ 791 792 static void ipmr_do_expire_process(struct mr_table *mrt) 793 { 794 unsigned long now = jiffies; 795 unsigned long expires = 10 * HZ; 796 struct mr_mfc *c, *next; 797 798 list_for_each_entry_safe(c, next, &mrt->mfc_unres_queue, list) { 799 if (time_after(c->mfc_un.unres.expires, now)) { 800 /* not yet... */ 801 unsigned long interval = c->mfc_un.unres.expires - now; 802 if (interval < expires) 803 expires = interval; 804 continue; 805 } 806 807 list_del(&c->list); 808 mr6_netlink_event(mrt, (struct mfc6_cache *)c, RTM_DELROUTE); 809 ip6mr_destroy_unres(mrt, (struct mfc6_cache *)c); 810 } 811 812 if (!list_empty(&mrt->mfc_unres_queue)) 813 mod_timer(&mrt->ipmr_expire_timer, jiffies + expires); 814 } 815 816 static void ipmr_expire_process(struct timer_list *t) 817 { 818 struct mr_table *mrt = from_timer(mrt, t, ipmr_expire_timer); 819 820 if (!spin_trylock(&mfc_unres_lock)) { 821 mod_timer(&mrt->ipmr_expire_timer, jiffies + 1); 822 return; 823 } 824 825 if (!list_empty(&mrt->mfc_unres_queue)) 826 ipmr_do_expire_process(mrt); 827 828 spin_unlock(&mfc_unres_lock); 829 } 830 831 /* Fill oifs list. It is called under write locked mrt_lock. */ 832 833 static void ip6mr_update_thresholds(struct mr_table *mrt, 834 struct mr_mfc *cache, 835 unsigned char *ttls) 836 { 837 int vifi; 838 839 cache->mfc_un.res.minvif = MAXMIFS; 840 cache->mfc_un.res.maxvif = 0; 841 memset(cache->mfc_un.res.ttls, 255, MAXMIFS); 842 843 for (vifi = 0; vifi < mrt->maxvif; vifi++) { 844 if (VIF_EXISTS(mrt, vifi) && 845 ttls[vifi] && ttls[vifi] < 255) { 846 cache->mfc_un.res.ttls[vifi] = ttls[vifi]; 847 if (cache->mfc_un.res.minvif > vifi) 848 cache->mfc_un.res.minvif = vifi; 849 if (cache->mfc_un.res.maxvif <= vifi) 850 cache->mfc_un.res.maxvif = vifi + 1; 851 } 852 } 853 cache->mfc_un.res.lastuse = jiffies; 854 } 855 856 static int mif6_add(struct net *net, struct mr_table *mrt, 857 struct mif6ctl *vifc, int mrtsock) 858 { 859 int vifi = vifc->mif6c_mifi; 860 struct vif_device *v = &mrt->vif_table[vifi]; 861 struct net_device *dev; 862 struct inet6_dev *in6_dev; 863 int err; 864 865 /* Is vif busy ? */ 866 if (VIF_EXISTS(mrt, vifi)) 867 return -EADDRINUSE; 868 869 switch (vifc->mif6c_flags) { 870 #ifdef CONFIG_IPV6_PIMSM_V2 871 case MIFF_REGISTER: 872 /* 873 * Special Purpose VIF in PIM 874 * All the packets will be sent to the daemon 875 */ 876 if (mrt->mroute_reg_vif_num >= 0) 877 return -EADDRINUSE; 878 dev = ip6mr_reg_vif(net, mrt); 879 if (!dev) 880 return -ENOBUFS; 881 err = dev_set_allmulti(dev, 1); 882 if (err) { 883 unregister_netdevice(dev); 884 dev_put(dev); 885 return err; 886 } 887 break; 888 #endif 889 case 0: 890 dev = dev_get_by_index(net, vifc->mif6c_pifi); 891 if (!dev) 892 return -EADDRNOTAVAIL; 893 err = dev_set_allmulti(dev, 1); 894 if (err) { 895 dev_put(dev); 896 return err; 897 } 898 break; 899 default: 900 return -EINVAL; 901 } 902 903 in6_dev = __in6_dev_get(dev); 904 if (in6_dev) { 905 in6_dev->cnf.mc_forwarding++; 906 inet6_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF, 907 NETCONFA_MC_FORWARDING, 908 dev->ifindex, &in6_dev->cnf); 909 } 910 911 /* Fill in the VIF structures */ 912 vif_device_init(v, dev, vifc->vifc_rate_limit, vifc->vifc_threshold, 913 vifc->mif6c_flags | (!mrtsock ? VIFF_STATIC : 0), 914 MIFF_REGISTER); 915 916 /* And finish update writing critical data */ 917 write_lock_bh(&mrt_lock); 918 v->dev = dev; 919 #ifdef CONFIG_IPV6_PIMSM_V2 920 if (v->flags & MIFF_REGISTER) 921 mrt->mroute_reg_vif_num = vifi; 922 #endif 923 if (vifi + 1 > mrt->maxvif) 924 mrt->maxvif = vifi + 1; 925 write_unlock_bh(&mrt_lock); 926 call_ip6mr_vif_entry_notifiers(net, FIB_EVENT_VIF_ADD, 927 v, vifi, mrt->id); 928 return 0; 929 } 930 931 static struct mfc6_cache *ip6mr_cache_find(struct mr_table *mrt, 932 const struct in6_addr *origin, 933 const struct in6_addr *mcastgrp) 934 { 935 struct mfc6_cache_cmp_arg arg = { 936 .mf6c_origin = *origin, 937 .mf6c_mcastgrp = *mcastgrp, 938 }; 939 940 return mr_mfc_find(mrt, &arg); 941 } 942 943 /* Look for a (*,G) entry */ 944 static struct mfc6_cache *ip6mr_cache_find_any(struct mr_table *mrt, 945 struct in6_addr *mcastgrp, 946 mifi_t mifi) 947 { 948 struct mfc6_cache_cmp_arg arg = { 949 .mf6c_origin = in6addr_any, 950 .mf6c_mcastgrp = *mcastgrp, 951 }; 952 953 if (ipv6_addr_any(mcastgrp)) 954 return mr_mfc_find_any_parent(mrt, mifi); 955 return mr_mfc_find_any(mrt, mifi, &arg); 956 } 957 958 /* Look for a (S,G,iif) entry if parent != -1 */ 959 static struct mfc6_cache * 960 ip6mr_cache_find_parent(struct mr_table *mrt, 961 const struct in6_addr *origin, 962 const struct in6_addr *mcastgrp, 963 int parent) 964 { 965 struct mfc6_cache_cmp_arg arg = { 966 .mf6c_origin = *origin, 967 .mf6c_mcastgrp = *mcastgrp, 968 }; 969 970 return mr_mfc_find_parent(mrt, &arg, parent); 971 } 972 973 /* Allocate a multicast cache entry */ 974 static struct mfc6_cache *ip6mr_cache_alloc(void) 975 { 976 struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_KERNEL); 977 if (!c) 978 return NULL; 979 c->_c.mfc_un.res.last_assert = jiffies - MFC_ASSERT_THRESH - 1; 980 c->_c.mfc_un.res.minvif = MAXMIFS; 981 c->_c.free = ip6mr_cache_free_rcu; 982 refcount_set(&c->_c.mfc_un.res.refcount, 1); 983 return c; 984 } 985 986 static struct mfc6_cache *ip6mr_cache_alloc_unres(void) 987 { 988 struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_ATOMIC); 989 if (!c) 990 return NULL; 991 skb_queue_head_init(&c->_c.mfc_un.unres.unresolved); 992 c->_c.mfc_un.unres.expires = jiffies + 10 * HZ; 993 return c; 994 } 995 996 /* 997 * A cache entry has gone into a resolved state from queued 998 */ 999 1000 static void ip6mr_cache_resolve(struct net *net, struct mr_table *mrt, 1001 struct mfc6_cache *uc, struct mfc6_cache *c) 1002 { 1003 struct sk_buff *skb; 1004 1005 /* 1006 * Play the pending entries through our router 1007 */ 1008 1009 while ((skb = __skb_dequeue(&uc->_c.mfc_un.unres.unresolved))) { 1010 if (ipv6_hdr(skb)->version == 0) { 1011 struct nlmsghdr *nlh = skb_pull(skb, 1012 sizeof(struct ipv6hdr)); 1013 1014 if (mr_fill_mroute(mrt, skb, &c->_c, 1015 nlmsg_data(nlh)) > 0) { 1016 nlh->nlmsg_len = skb_tail_pointer(skb) - (u8 *)nlh; 1017 } else { 1018 nlh->nlmsg_type = NLMSG_ERROR; 1019 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr)); 1020 skb_trim(skb, nlh->nlmsg_len); 1021 ((struct nlmsgerr *)nlmsg_data(nlh))->error = -EMSGSIZE; 1022 } 1023 rtnl_unicast(skb, net, NETLINK_CB(skb).portid); 1024 } else 1025 ip6_mr_forward(net, mrt, skb->dev, skb, c); 1026 } 1027 } 1028 1029 /* 1030 * Bounce a cache query up to pim6sd and netlink. 1031 * 1032 * Called under mrt_lock. 1033 */ 1034 1035 static int ip6mr_cache_report(struct mr_table *mrt, struct sk_buff *pkt, 1036 mifi_t mifi, int assert) 1037 { 1038 struct sock *mroute6_sk; 1039 struct sk_buff *skb; 1040 struct mrt6msg *msg; 1041 int ret; 1042 1043 #ifdef CONFIG_IPV6_PIMSM_V2 1044 if (assert == MRT6MSG_WHOLEPKT) 1045 skb = skb_realloc_headroom(pkt, -skb_network_offset(pkt) 1046 +sizeof(*msg)); 1047 else 1048 #endif 1049 skb = alloc_skb(sizeof(struct ipv6hdr) + sizeof(*msg), GFP_ATOMIC); 1050 1051 if (!skb) 1052 return -ENOBUFS; 1053 1054 /* I suppose that internal messages 1055 * do not require checksums */ 1056 1057 skb->ip_summed = CHECKSUM_UNNECESSARY; 1058 1059 #ifdef CONFIG_IPV6_PIMSM_V2 1060 if (assert == MRT6MSG_WHOLEPKT) { 1061 /* Ugly, but we have no choice with this interface. 1062 Duplicate old header, fix length etc. 1063 And all this only to mangle msg->im6_msgtype and 1064 to set msg->im6_mbz to "mbz" :-) 1065 */ 1066 skb_push(skb, -skb_network_offset(pkt)); 1067 1068 skb_push(skb, sizeof(*msg)); 1069 skb_reset_transport_header(skb); 1070 msg = (struct mrt6msg *)skb_transport_header(skb); 1071 msg->im6_mbz = 0; 1072 msg->im6_msgtype = MRT6MSG_WHOLEPKT; 1073 msg->im6_mif = mrt->mroute_reg_vif_num; 1074 msg->im6_pad = 0; 1075 msg->im6_src = ipv6_hdr(pkt)->saddr; 1076 msg->im6_dst = ipv6_hdr(pkt)->daddr; 1077 1078 skb->ip_summed = CHECKSUM_UNNECESSARY; 1079 } else 1080 #endif 1081 { 1082 /* 1083 * Copy the IP header 1084 */ 1085 1086 skb_put(skb, sizeof(struct ipv6hdr)); 1087 skb_reset_network_header(skb); 1088 skb_copy_to_linear_data(skb, ipv6_hdr(pkt), sizeof(struct ipv6hdr)); 1089 1090 /* 1091 * Add our header 1092 */ 1093 skb_put(skb, sizeof(*msg)); 1094 skb_reset_transport_header(skb); 1095 msg = (struct mrt6msg *)skb_transport_header(skb); 1096 1097 msg->im6_mbz = 0; 1098 msg->im6_msgtype = assert; 1099 msg->im6_mif = mifi; 1100 msg->im6_pad = 0; 1101 msg->im6_src = ipv6_hdr(pkt)->saddr; 1102 msg->im6_dst = ipv6_hdr(pkt)->daddr; 1103 1104 skb_dst_set(skb, dst_clone(skb_dst(pkt))); 1105 skb->ip_summed = CHECKSUM_UNNECESSARY; 1106 } 1107 1108 rcu_read_lock(); 1109 mroute6_sk = rcu_dereference(mrt->mroute_sk); 1110 if (!mroute6_sk) { 1111 rcu_read_unlock(); 1112 kfree_skb(skb); 1113 return -EINVAL; 1114 } 1115 1116 mrt6msg_netlink_event(mrt, skb); 1117 1118 /* Deliver to user space multicast routing algorithms */ 1119 ret = sock_queue_rcv_skb(mroute6_sk, skb); 1120 rcu_read_unlock(); 1121 if (ret < 0) { 1122 net_warn_ratelimited("mroute6: pending queue full, dropping entries\n"); 1123 kfree_skb(skb); 1124 } 1125 1126 return ret; 1127 } 1128 1129 /* Queue a packet for resolution. It gets locked cache entry! */ 1130 static int ip6mr_cache_unresolved(struct mr_table *mrt, mifi_t mifi, 1131 struct sk_buff *skb, struct net_device *dev) 1132 { 1133 struct mfc6_cache *c; 1134 bool found = false; 1135 int err; 1136 1137 spin_lock_bh(&mfc_unres_lock); 1138 list_for_each_entry(c, &mrt->mfc_unres_queue, _c.list) { 1139 if (ipv6_addr_equal(&c->mf6c_mcastgrp, &ipv6_hdr(skb)->daddr) && 1140 ipv6_addr_equal(&c->mf6c_origin, &ipv6_hdr(skb)->saddr)) { 1141 found = true; 1142 break; 1143 } 1144 } 1145 1146 if (!found) { 1147 /* 1148 * Create a new entry if allowable 1149 */ 1150 1151 if (atomic_read(&mrt->cache_resolve_queue_len) >= 10 || 1152 (c = ip6mr_cache_alloc_unres()) == NULL) { 1153 spin_unlock_bh(&mfc_unres_lock); 1154 1155 kfree_skb(skb); 1156 return -ENOBUFS; 1157 } 1158 1159 /* Fill in the new cache entry */ 1160 c->_c.mfc_parent = -1; 1161 c->mf6c_origin = ipv6_hdr(skb)->saddr; 1162 c->mf6c_mcastgrp = ipv6_hdr(skb)->daddr; 1163 1164 /* 1165 * Reflect first query at pim6sd 1166 */ 1167 err = ip6mr_cache_report(mrt, skb, mifi, MRT6MSG_NOCACHE); 1168 if (err < 0) { 1169 /* If the report failed throw the cache entry 1170 out - Brad Parker 1171 */ 1172 spin_unlock_bh(&mfc_unres_lock); 1173 1174 ip6mr_cache_free(c); 1175 kfree_skb(skb); 1176 return err; 1177 } 1178 1179 atomic_inc(&mrt->cache_resolve_queue_len); 1180 list_add(&c->_c.list, &mrt->mfc_unres_queue); 1181 mr6_netlink_event(mrt, c, RTM_NEWROUTE); 1182 1183 ipmr_do_expire_process(mrt); 1184 } 1185 1186 /* See if we can append the packet */ 1187 if (c->_c.mfc_un.unres.unresolved.qlen > 3) { 1188 kfree_skb(skb); 1189 err = -ENOBUFS; 1190 } else { 1191 if (dev) { 1192 skb->dev = dev; 1193 skb->skb_iif = dev->ifindex; 1194 } 1195 skb_queue_tail(&c->_c.mfc_un.unres.unresolved, skb); 1196 err = 0; 1197 } 1198 1199 spin_unlock_bh(&mfc_unres_lock); 1200 return err; 1201 } 1202 1203 /* 1204 * MFC6 cache manipulation by user space 1205 */ 1206 1207 static int ip6mr_mfc_delete(struct mr_table *mrt, struct mf6cctl *mfc, 1208 int parent) 1209 { 1210 struct mfc6_cache *c; 1211 1212 /* The entries are added/deleted only under RTNL */ 1213 rcu_read_lock(); 1214 c = ip6mr_cache_find_parent(mrt, &mfc->mf6cc_origin.sin6_addr, 1215 &mfc->mf6cc_mcastgrp.sin6_addr, parent); 1216 rcu_read_unlock(); 1217 if (!c) 1218 return -ENOENT; 1219 rhltable_remove(&mrt->mfc_hash, &c->_c.mnode, ip6mr_rht_params); 1220 list_del_rcu(&c->_c.list); 1221 1222 call_ip6mr_mfc_entry_notifiers(read_pnet(&mrt->net), 1223 FIB_EVENT_ENTRY_DEL, c, mrt->id); 1224 mr6_netlink_event(mrt, c, RTM_DELROUTE); 1225 mr_cache_put(&c->_c); 1226 return 0; 1227 } 1228 1229 static int ip6mr_device_event(struct notifier_block *this, 1230 unsigned long event, void *ptr) 1231 { 1232 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 1233 struct net *net = dev_net(dev); 1234 struct mr_table *mrt; 1235 struct vif_device *v; 1236 int ct; 1237 1238 if (event != NETDEV_UNREGISTER) 1239 return NOTIFY_DONE; 1240 1241 ip6mr_for_each_table(mrt, net) { 1242 v = &mrt->vif_table[0]; 1243 for (ct = 0; ct < mrt->maxvif; ct++, v++) { 1244 if (v->dev == dev) 1245 mif6_delete(mrt, ct, 1, NULL); 1246 } 1247 } 1248 1249 return NOTIFY_DONE; 1250 } 1251 1252 static unsigned int ip6mr_seq_read(struct net *net) 1253 { 1254 ASSERT_RTNL(); 1255 1256 return net->ipv6.ipmr_seq + ip6mr_rules_seq_read(net); 1257 } 1258 1259 static int ip6mr_dump(struct net *net, struct notifier_block *nb) 1260 { 1261 return mr_dump(net, nb, RTNL_FAMILY_IP6MR, ip6mr_rules_dump, 1262 ip6mr_mr_table_iter, &mrt_lock); 1263 } 1264 1265 static struct notifier_block ip6_mr_notifier = { 1266 .notifier_call = ip6mr_device_event 1267 }; 1268 1269 static const struct fib_notifier_ops ip6mr_notifier_ops_template = { 1270 .family = RTNL_FAMILY_IP6MR, 1271 .fib_seq_read = ip6mr_seq_read, 1272 .fib_dump = ip6mr_dump, 1273 .owner = THIS_MODULE, 1274 }; 1275 1276 static int __net_init ip6mr_notifier_init(struct net *net) 1277 { 1278 struct fib_notifier_ops *ops; 1279 1280 net->ipv6.ipmr_seq = 0; 1281 1282 ops = fib_notifier_ops_register(&ip6mr_notifier_ops_template, net); 1283 if (IS_ERR(ops)) 1284 return PTR_ERR(ops); 1285 1286 net->ipv6.ip6mr_notifier_ops = ops; 1287 1288 return 0; 1289 } 1290 1291 static void __net_exit ip6mr_notifier_exit(struct net *net) 1292 { 1293 fib_notifier_ops_unregister(net->ipv6.ip6mr_notifier_ops); 1294 net->ipv6.ip6mr_notifier_ops = NULL; 1295 } 1296 1297 /* Setup for IP multicast routing */ 1298 static int __net_init ip6mr_net_init(struct net *net) 1299 { 1300 int err; 1301 1302 err = ip6mr_notifier_init(net); 1303 if (err) 1304 return err; 1305 1306 err = ip6mr_rules_init(net); 1307 if (err < 0) 1308 goto ip6mr_rules_fail; 1309 1310 #ifdef CONFIG_PROC_FS 1311 err = -ENOMEM; 1312 if (!proc_create_net("ip6_mr_vif", 0, net->proc_net, &ip6mr_vif_seq_ops, 1313 sizeof(struct mr_vif_iter))) 1314 goto proc_vif_fail; 1315 if (!proc_create_net("ip6_mr_cache", 0, net->proc_net, &ipmr_mfc_seq_ops, 1316 sizeof(struct mr_mfc_iter))) 1317 goto proc_cache_fail; 1318 #endif 1319 1320 return 0; 1321 1322 #ifdef CONFIG_PROC_FS 1323 proc_cache_fail: 1324 remove_proc_entry("ip6_mr_vif", net->proc_net); 1325 proc_vif_fail: 1326 ip6mr_rules_exit(net); 1327 #endif 1328 ip6mr_rules_fail: 1329 ip6mr_notifier_exit(net); 1330 return err; 1331 } 1332 1333 static void __net_exit ip6mr_net_exit(struct net *net) 1334 { 1335 #ifdef CONFIG_PROC_FS 1336 remove_proc_entry("ip6_mr_cache", net->proc_net); 1337 remove_proc_entry("ip6_mr_vif", net->proc_net); 1338 #endif 1339 ip6mr_rules_exit(net); 1340 ip6mr_notifier_exit(net); 1341 } 1342 1343 static struct pernet_operations ip6mr_net_ops = { 1344 .init = ip6mr_net_init, 1345 .exit = ip6mr_net_exit, 1346 }; 1347 1348 int __init ip6_mr_init(void) 1349 { 1350 int err; 1351 1352 mrt_cachep = kmem_cache_create("ip6_mrt_cache", 1353 sizeof(struct mfc6_cache), 1354 0, SLAB_HWCACHE_ALIGN, 1355 NULL); 1356 if (!mrt_cachep) 1357 return -ENOMEM; 1358 1359 err = register_pernet_subsys(&ip6mr_net_ops); 1360 if (err) 1361 goto reg_pernet_fail; 1362 1363 err = register_netdevice_notifier(&ip6_mr_notifier); 1364 if (err) 1365 goto reg_notif_fail; 1366 #ifdef CONFIG_IPV6_PIMSM_V2 1367 if (inet6_add_protocol(&pim6_protocol, IPPROTO_PIM) < 0) { 1368 pr_err("%s: can't add PIM protocol\n", __func__); 1369 err = -EAGAIN; 1370 goto add_proto_fail; 1371 } 1372 #endif 1373 err = rtnl_register_module(THIS_MODULE, RTNL_FAMILY_IP6MR, RTM_GETROUTE, 1374 NULL, ip6mr_rtm_dumproute, 0); 1375 if (err == 0) 1376 return 0; 1377 1378 #ifdef CONFIG_IPV6_PIMSM_V2 1379 inet6_del_protocol(&pim6_protocol, IPPROTO_PIM); 1380 add_proto_fail: 1381 unregister_netdevice_notifier(&ip6_mr_notifier); 1382 #endif 1383 reg_notif_fail: 1384 unregister_pernet_subsys(&ip6mr_net_ops); 1385 reg_pernet_fail: 1386 kmem_cache_destroy(mrt_cachep); 1387 return err; 1388 } 1389 1390 void ip6_mr_cleanup(void) 1391 { 1392 rtnl_unregister(RTNL_FAMILY_IP6MR, RTM_GETROUTE); 1393 #ifdef CONFIG_IPV6_PIMSM_V2 1394 inet6_del_protocol(&pim6_protocol, IPPROTO_PIM); 1395 #endif 1396 unregister_netdevice_notifier(&ip6_mr_notifier); 1397 unregister_pernet_subsys(&ip6mr_net_ops); 1398 kmem_cache_destroy(mrt_cachep); 1399 } 1400 1401 static int ip6mr_mfc_add(struct net *net, struct mr_table *mrt, 1402 struct mf6cctl *mfc, int mrtsock, int parent) 1403 { 1404 unsigned char ttls[MAXMIFS]; 1405 struct mfc6_cache *uc, *c; 1406 struct mr_mfc *_uc; 1407 bool found; 1408 int i, err; 1409 1410 if (mfc->mf6cc_parent >= MAXMIFS) 1411 return -ENFILE; 1412 1413 memset(ttls, 255, MAXMIFS); 1414 for (i = 0; i < MAXMIFS; i++) { 1415 if (IF_ISSET(i, &mfc->mf6cc_ifset)) 1416 ttls[i] = 1; 1417 } 1418 1419 /* The entries are added/deleted only under RTNL */ 1420 rcu_read_lock(); 1421 c = ip6mr_cache_find_parent(mrt, &mfc->mf6cc_origin.sin6_addr, 1422 &mfc->mf6cc_mcastgrp.sin6_addr, parent); 1423 rcu_read_unlock(); 1424 if (c) { 1425 write_lock_bh(&mrt_lock); 1426 c->_c.mfc_parent = mfc->mf6cc_parent; 1427 ip6mr_update_thresholds(mrt, &c->_c, ttls); 1428 if (!mrtsock) 1429 c->_c.mfc_flags |= MFC_STATIC; 1430 write_unlock_bh(&mrt_lock); 1431 call_ip6mr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_REPLACE, 1432 c, mrt->id); 1433 mr6_netlink_event(mrt, c, RTM_NEWROUTE); 1434 return 0; 1435 } 1436 1437 if (!ipv6_addr_any(&mfc->mf6cc_mcastgrp.sin6_addr) && 1438 !ipv6_addr_is_multicast(&mfc->mf6cc_mcastgrp.sin6_addr)) 1439 return -EINVAL; 1440 1441 c = ip6mr_cache_alloc(); 1442 if (!c) 1443 return -ENOMEM; 1444 1445 c->mf6c_origin = mfc->mf6cc_origin.sin6_addr; 1446 c->mf6c_mcastgrp = mfc->mf6cc_mcastgrp.sin6_addr; 1447 c->_c.mfc_parent = mfc->mf6cc_parent; 1448 ip6mr_update_thresholds(mrt, &c->_c, ttls); 1449 if (!mrtsock) 1450 c->_c.mfc_flags |= MFC_STATIC; 1451 1452 err = rhltable_insert_key(&mrt->mfc_hash, &c->cmparg, &c->_c.mnode, 1453 ip6mr_rht_params); 1454 if (err) { 1455 pr_err("ip6mr: rhtable insert error %d\n", err); 1456 ip6mr_cache_free(c); 1457 return err; 1458 } 1459 list_add_tail_rcu(&c->_c.list, &mrt->mfc_cache_list); 1460 1461 /* Check to see if we resolved a queued list. If so we 1462 * need to send on the frames and tidy up. 1463 */ 1464 found = false; 1465 spin_lock_bh(&mfc_unres_lock); 1466 list_for_each_entry(_uc, &mrt->mfc_unres_queue, list) { 1467 uc = (struct mfc6_cache *)_uc; 1468 if (ipv6_addr_equal(&uc->mf6c_origin, &c->mf6c_origin) && 1469 ipv6_addr_equal(&uc->mf6c_mcastgrp, &c->mf6c_mcastgrp)) { 1470 list_del(&_uc->list); 1471 atomic_dec(&mrt->cache_resolve_queue_len); 1472 found = true; 1473 break; 1474 } 1475 } 1476 if (list_empty(&mrt->mfc_unres_queue)) 1477 del_timer(&mrt->ipmr_expire_timer); 1478 spin_unlock_bh(&mfc_unres_lock); 1479 1480 if (found) { 1481 ip6mr_cache_resolve(net, mrt, uc, c); 1482 ip6mr_cache_free(uc); 1483 } 1484 call_ip6mr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_ADD, 1485 c, mrt->id); 1486 mr6_netlink_event(mrt, c, RTM_NEWROUTE); 1487 return 0; 1488 } 1489 1490 /* 1491 * Close the multicast socket, and clear the vif tables etc 1492 */ 1493 1494 static void mroute_clean_tables(struct mr_table *mrt, bool all) 1495 { 1496 struct mr_mfc *c, *tmp; 1497 LIST_HEAD(list); 1498 int i; 1499 1500 /* Shut down all active vif entries */ 1501 for (i = 0; i < mrt->maxvif; i++) { 1502 if (!all && (mrt->vif_table[i].flags & VIFF_STATIC)) 1503 continue; 1504 mif6_delete(mrt, i, 0, &list); 1505 } 1506 unregister_netdevice_many(&list); 1507 1508 /* Wipe the cache */ 1509 list_for_each_entry_safe(c, tmp, &mrt->mfc_cache_list, list) { 1510 if (!all && (c->mfc_flags & MFC_STATIC)) 1511 continue; 1512 rhltable_remove(&mrt->mfc_hash, &c->mnode, ip6mr_rht_params); 1513 list_del_rcu(&c->list); 1514 mr6_netlink_event(mrt, (struct mfc6_cache *)c, RTM_DELROUTE); 1515 mr_cache_put(c); 1516 } 1517 1518 if (atomic_read(&mrt->cache_resolve_queue_len) != 0) { 1519 spin_lock_bh(&mfc_unres_lock); 1520 list_for_each_entry_safe(c, tmp, &mrt->mfc_unres_queue, list) { 1521 list_del(&c->list); 1522 call_ip6mr_mfc_entry_notifiers(read_pnet(&mrt->net), 1523 FIB_EVENT_ENTRY_DEL, 1524 (struct mfc6_cache *)c, 1525 mrt->id); 1526 mr6_netlink_event(mrt, (struct mfc6_cache *)c, 1527 RTM_DELROUTE); 1528 ip6mr_destroy_unres(mrt, (struct mfc6_cache *)c); 1529 } 1530 spin_unlock_bh(&mfc_unres_lock); 1531 } 1532 } 1533 1534 static int ip6mr_sk_init(struct mr_table *mrt, struct sock *sk) 1535 { 1536 int err = 0; 1537 struct net *net = sock_net(sk); 1538 1539 rtnl_lock(); 1540 write_lock_bh(&mrt_lock); 1541 if (rtnl_dereference(mrt->mroute_sk)) { 1542 err = -EADDRINUSE; 1543 } else { 1544 rcu_assign_pointer(mrt->mroute_sk, sk); 1545 sock_set_flag(sk, SOCK_RCU_FREE); 1546 net->ipv6.devconf_all->mc_forwarding++; 1547 } 1548 write_unlock_bh(&mrt_lock); 1549 1550 if (!err) 1551 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF, 1552 NETCONFA_MC_FORWARDING, 1553 NETCONFA_IFINDEX_ALL, 1554 net->ipv6.devconf_all); 1555 rtnl_unlock(); 1556 1557 return err; 1558 } 1559 1560 int ip6mr_sk_done(struct sock *sk) 1561 { 1562 int err = -EACCES; 1563 struct net *net = sock_net(sk); 1564 struct mr_table *mrt; 1565 1566 if (sk->sk_type != SOCK_RAW || 1567 inet_sk(sk)->inet_num != IPPROTO_ICMPV6) 1568 return err; 1569 1570 rtnl_lock(); 1571 ip6mr_for_each_table(mrt, net) { 1572 if (sk == rtnl_dereference(mrt->mroute_sk)) { 1573 write_lock_bh(&mrt_lock); 1574 RCU_INIT_POINTER(mrt->mroute_sk, NULL); 1575 /* Note that mroute_sk had SOCK_RCU_FREE set, 1576 * so the RCU grace period before sk freeing 1577 * is guaranteed by sk_destruct() 1578 */ 1579 net->ipv6.devconf_all->mc_forwarding--; 1580 write_unlock_bh(&mrt_lock); 1581 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF, 1582 NETCONFA_MC_FORWARDING, 1583 NETCONFA_IFINDEX_ALL, 1584 net->ipv6.devconf_all); 1585 1586 mroute_clean_tables(mrt, false); 1587 err = 0; 1588 break; 1589 } 1590 } 1591 rtnl_unlock(); 1592 1593 return err; 1594 } 1595 1596 bool mroute6_is_socket(struct net *net, struct sk_buff *skb) 1597 { 1598 struct mr_table *mrt; 1599 struct flowi6 fl6 = { 1600 .flowi6_iif = skb->skb_iif ? : LOOPBACK_IFINDEX, 1601 .flowi6_oif = skb->dev->ifindex, 1602 .flowi6_mark = skb->mark, 1603 }; 1604 1605 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0) 1606 return NULL; 1607 1608 return rcu_access_pointer(mrt->mroute_sk); 1609 } 1610 EXPORT_SYMBOL(mroute6_is_socket); 1611 1612 /* 1613 * Socket options and virtual interface manipulation. The whole 1614 * virtual interface system is a complete heap, but unfortunately 1615 * that's how BSD mrouted happens to think. Maybe one day with a proper 1616 * MOSPF/PIM router set up we can clean this up. 1617 */ 1618 1619 int ip6_mroute_setsockopt(struct sock *sk, int optname, char __user *optval, unsigned int optlen) 1620 { 1621 int ret, parent = 0; 1622 struct mif6ctl vif; 1623 struct mf6cctl mfc; 1624 mifi_t mifi; 1625 struct net *net = sock_net(sk); 1626 struct mr_table *mrt; 1627 1628 if (sk->sk_type != SOCK_RAW || 1629 inet_sk(sk)->inet_num != IPPROTO_ICMPV6) 1630 return -EOPNOTSUPP; 1631 1632 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT); 1633 if (!mrt) 1634 return -ENOENT; 1635 1636 if (optname != MRT6_INIT) { 1637 if (sk != rcu_access_pointer(mrt->mroute_sk) && 1638 !ns_capable(net->user_ns, CAP_NET_ADMIN)) 1639 return -EACCES; 1640 } 1641 1642 switch (optname) { 1643 case MRT6_INIT: 1644 if (optlen < sizeof(int)) 1645 return -EINVAL; 1646 1647 return ip6mr_sk_init(mrt, sk); 1648 1649 case MRT6_DONE: 1650 return ip6mr_sk_done(sk); 1651 1652 case MRT6_ADD_MIF: 1653 if (optlen < sizeof(vif)) 1654 return -EINVAL; 1655 if (copy_from_user(&vif, optval, sizeof(vif))) 1656 return -EFAULT; 1657 if (vif.mif6c_mifi >= MAXMIFS) 1658 return -ENFILE; 1659 rtnl_lock(); 1660 ret = mif6_add(net, mrt, &vif, 1661 sk == rtnl_dereference(mrt->mroute_sk)); 1662 rtnl_unlock(); 1663 return ret; 1664 1665 case MRT6_DEL_MIF: 1666 if (optlen < sizeof(mifi_t)) 1667 return -EINVAL; 1668 if (copy_from_user(&mifi, optval, sizeof(mifi_t))) 1669 return -EFAULT; 1670 rtnl_lock(); 1671 ret = mif6_delete(mrt, mifi, 0, NULL); 1672 rtnl_unlock(); 1673 return ret; 1674 1675 /* 1676 * Manipulate the forwarding caches. These live 1677 * in a sort of kernel/user symbiosis. 1678 */ 1679 case MRT6_ADD_MFC: 1680 case MRT6_DEL_MFC: 1681 parent = -1; 1682 /* fall through */ 1683 case MRT6_ADD_MFC_PROXY: 1684 case MRT6_DEL_MFC_PROXY: 1685 if (optlen < sizeof(mfc)) 1686 return -EINVAL; 1687 if (copy_from_user(&mfc, optval, sizeof(mfc))) 1688 return -EFAULT; 1689 if (parent == 0) 1690 parent = mfc.mf6cc_parent; 1691 rtnl_lock(); 1692 if (optname == MRT6_DEL_MFC || optname == MRT6_DEL_MFC_PROXY) 1693 ret = ip6mr_mfc_delete(mrt, &mfc, parent); 1694 else 1695 ret = ip6mr_mfc_add(net, mrt, &mfc, 1696 sk == 1697 rtnl_dereference(mrt->mroute_sk), 1698 parent); 1699 rtnl_unlock(); 1700 return ret; 1701 1702 /* 1703 * Control PIM assert (to activate pim will activate assert) 1704 */ 1705 case MRT6_ASSERT: 1706 { 1707 int v; 1708 1709 if (optlen != sizeof(v)) 1710 return -EINVAL; 1711 if (get_user(v, (int __user *)optval)) 1712 return -EFAULT; 1713 mrt->mroute_do_assert = v; 1714 return 0; 1715 } 1716 1717 #ifdef CONFIG_IPV6_PIMSM_V2 1718 case MRT6_PIM: 1719 { 1720 int v; 1721 1722 if (optlen != sizeof(v)) 1723 return -EINVAL; 1724 if (get_user(v, (int __user *)optval)) 1725 return -EFAULT; 1726 v = !!v; 1727 rtnl_lock(); 1728 ret = 0; 1729 if (v != mrt->mroute_do_pim) { 1730 mrt->mroute_do_pim = v; 1731 mrt->mroute_do_assert = v; 1732 } 1733 rtnl_unlock(); 1734 return ret; 1735 } 1736 1737 #endif 1738 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES 1739 case MRT6_TABLE: 1740 { 1741 u32 v; 1742 1743 if (optlen != sizeof(u32)) 1744 return -EINVAL; 1745 if (get_user(v, (u32 __user *)optval)) 1746 return -EFAULT; 1747 /* "pim6reg%u" should not exceed 16 bytes (IFNAMSIZ) */ 1748 if (v != RT_TABLE_DEFAULT && v >= 100000000) 1749 return -EINVAL; 1750 if (sk == rcu_access_pointer(mrt->mroute_sk)) 1751 return -EBUSY; 1752 1753 rtnl_lock(); 1754 ret = 0; 1755 mrt = ip6mr_new_table(net, v); 1756 if (IS_ERR(mrt)) 1757 ret = PTR_ERR(mrt); 1758 else 1759 raw6_sk(sk)->ip6mr_table = v; 1760 rtnl_unlock(); 1761 return ret; 1762 } 1763 #endif 1764 /* 1765 * Spurious command, or MRT6_VERSION which you cannot 1766 * set. 1767 */ 1768 default: 1769 return -ENOPROTOOPT; 1770 } 1771 } 1772 1773 /* 1774 * Getsock opt support for the multicast routing system. 1775 */ 1776 1777 int ip6_mroute_getsockopt(struct sock *sk, int optname, char __user *optval, 1778 int __user *optlen) 1779 { 1780 int olr; 1781 int val; 1782 struct net *net = sock_net(sk); 1783 struct mr_table *mrt; 1784 1785 if (sk->sk_type != SOCK_RAW || 1786 inet_sk(sk)->inet_num != IPPROTO_ICMPV6) 1787 return -EOPNOTSUPP; 1788 1789 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT); 1790 if (!mrt) 1791 return -ENOENT; 1792 1793 switch (optname) { 1794 case MRT6_VERSION: 1795 val = 0x0305; 1796 break; 1797 #ifdef CONFIG_IPV6_PIMSM_V2 1798 case MRT6_PIM: 1799 val = mrt->mroute_do_pim; 1800 break; 1801 #endif 1802 case MRT6_ASSERT: 1803 val = mrt->mroute_do_assert; 1804 break; 1805 default: 1806 return -ENOPROTOOPT; 1807 } 1808 1809 if (get_user(olr, optlen)) 1810 return -EFAULT; 1811 1812 olr = min_t(int, olr, sizeof(int)); 1813 if (olr < 0) 1814 return -EINVAL; 1815 1816 if (put_user(olr, optlen)) 1817 return -EFAULT; 1818 if (copy_to_user(optval, &val, olr)) 1819 return -EFAULT; 1820 return 0; 1821 } 1822 1823 /* 1824 * The IP multicast ioctl support routines. 1825 */ 1826 1827 int ip6mr_ioctl(struct sock *sk, int cmd, void __user *arg) 1828 { 1829 struct sioc_sg_req6 sr; 1830 struct sioc_mif_req6 vr; 1831 struct vif_device *vif; 1832 struct mfc6_cache *c; 1833 struct net *net = sock_net(sk); 1834 struct mr_table *mrt; 1835 1836 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT); 1837 if (!mrt) 1838 return -ENOENT; 1839 1840 switch (cmd) { 1841 case SIOCGETMIFCNT_IN6: 1842 if (copy_from_user(&vr, arg, sizeof(vr))) 1843 return -EFAULT; 1844 if (vr.mifi >= mrt->maxvif) 1845 return -EINVAL; 1846 vr.mifi = array_index_nospec(vr.mifi, mrt->maxvif); 1847 read_lock(&mrt_lock); 1848 vif = &mrt->vif_table[vr.mifi]; 1849 if (VIF_EXISTS(mrt, vr.mifi)) { 1850 vr.icount = vif->pkt_in; 1851 vr.ocount = vif->pkt_out; 1852 vr.ibytes = vif->bytes_in; 1853 vr.obytes = vif->bytes_out; 1854 read_unlock(&mrt_lock); 1855 1856 if (copy_to_user(arg, &vr, sizeof(vr))) 1857 return -EFAULT; 1858 return 0; 1859 } 1860 read_unlock(&mrt_lock); 1861 return -EADDRNOTAVAIL; 1862 case SIOCGETSGCNT_IN6: 1863 if (copy_from_user(&sr, arg, sizeof(sr))) 1864 return -EFAULT; 1865 1866 rcu_read_lock(); 1867 c = ip6mr_cache_find(mrt, &sr.src.sin6_addr, &sr.grp.sin6_addr); 1868 if (c) { 1869 sr.pktcnt = c->_c.mfc_un.res.pkt; 1870 sr.bytecnt = c->_c.mfc_un.res.bytes; 1871 sr.wrong_if = c->_c.mfc_un.res.wrong_if; 1872 rcu_read_unlock(); 1873 1874 if (copy_to_user(arg, &sr, sizeof(sr))) 1875 return -EFAULT; 1876 return 0; 1877 } 1878 rcu_read_unlock(); 1879 return -EADDRNOTAVAIL; 1880 default: 1881 return -ENOIOCTLCMD; 1882 } 1883 } 1884 1885 #ifdef CONFIG_COMPAT 1886 struct compat_sioc_sg_req6 { 1887 struct sockaddr_in6 src; 1888 struct sockaddr_in6 grp; 1889 compat_ulong_t pktcnt; 1890 compat_ulong_t bytecnt; 1891 compat_ulong_t wrong_if; 1892 }; 1893 1894 struct compat_sioc_mif_req6 { 1895 mifi_t mifi; 1896 compat_ulong_t icount; 1897 compat_ulong_t ocount; 1898 compat_ulong_t ibytes; 1899 compat_ulong_t obytes; 1900 }; 1901 1902 int ip6mr_compat_ioctl(struct sock *sk, unsigned int cmd, void __user *arg) 1903 { 1904 struct compat_sioc_sg_req6 sr; 1905 struct compat_sioc_mif_req6 vr; 1906 struct vif_device *vif; 1907 struct mfc6_cache *c; 1908 struct net *net = sock_net(sk); 1909 struct mr_table *mrt; 1910 1911 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT); 1912 if (!mrt) 1913 return -ENOENT; 1914 1915 switch (cmd) { 1916 case SIOCGETMIFCNT_IN6: 1917 if (copy_from_user(&vr, arg, sizeof(vr))) 1918 return -EFAULT; 1919 if (vr.mifi >= mrt->maxvif) 1920 return -EINVAL; 1921 vr.mifi = array_index_nospec(vr.mifi, mrt->maxvif); 1922 read_lock(&mrt_lock); 1923 vif = &mrt->vif_table[vr.mifi]; 1924 if (VIF_EXISTS(mrt, vr.mifi)) { 1925 vr.icount = vif->pkt_in; 1926 vr.ocount = vif->pkt_out; 1927 vr.ibytes = vif->bytes_in; 1928 vr.obytes = vif->bytes_out; 1929 read_unlock(&mrt_lock); 1930 1931 if (copy_to_user(arg, &vr, sizeof(vr))) 1932 return -EFAULT; 1933 return 0; 1934 } 1935 read_unlock(&mrt_lock); 1936 return -EADDRNOTAVAIL; 1937 case SIOCGETSGCNT_IN6: 1938 if (copy_from_user(&sr, arg, sizeof(sr))) 1939 return -EFAULT; 1940 1941 rcu_read_lock(); 1942 c = ip6mr_cache_find(mrt, &sr.src.sin6_addr, &sr.grp.sin6_addr); 1943 if (c) { 1944 sr.pktcnt = c->_c.mfc_un.res.pkt; 1945 sr.bytecnt = c->_c.mfc_un.res.bytes; 1946 sr.wrong_if = c->_c.mfc_un.res.wrong_if; 1947 rcu_read_unlock(); 1948 1949 if (copy_to_user(arg, &sr, sizeof(sr))) 1950 return -EFAULT; 1951 return 0; 1952 } 1953 rcu_read_unlock(); 1954 return -EADDRNOTAVAIL; 1955 default: 1956 return -ENOIOCTLCMD; 1957 } 1958 } 1959 #endif 1960 1961 static inline int ip6mr_forward2_finish(struct net *net, struct sock *sk, struct sk_buff *skb) 1962 { 1963 __IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), 1964 IPSTATS_MIB_OUTFORWDATAGRAMS); 1965 __IP6_ADD_STATS(net, ip6_dst_idev(skb_dst(skb)), 1966 IPSTATS_MIB_OUTOCTETS, skb->len); 1967 return dst_output(net, sk, skb); 1968 } 1969 1970 /* 1971 * Processing handlers for ip6mr_forward 1972 */ 1973 1974 static int ip6mr_forward2(struct net *net, struct mr_table *mrt, 1975 struct sk_buff *skb, int vifi) 1976 { 1977 struct ipv6hdr *ipv6h; 1978 struct vif_device *vif = &mrt->vif_table[vifi]; 1979 struct net_device *dev; 1980 struct dst_entry *dst; 1981 struct flowi6 fl6; 1982 1983 if (!vif->dev) 1984 goto out_free; 1985 1986 #ifdef CONFIG_IPV6_PIMSM_V2 1987 if (vif->flags & MIFF_REGISTER) { 1988 vif->pkt_out++; 1989 vif->bytes_out += skb->len; 1990 vif->dev->stats.tx_bytes += skb->len; 1991 vif->dev->stats.tx_packets++; 1992 ip6mr_cache_report(mrt, skb, vifi, MRT6MSG_WHOLEPKT); 1993 goto out_free; 1994 } 1995 #endif 1996 1997 ipv6h = ipv6_hdr(skb); 1998 1999 fl6 = (struct flowi6) { 2000 .flowi6_oif = vif->link, 2001 .daddr = ipv6h->daddr, 2002 }; 2003 2004 dst = ip6_route_output(net, NULL, &fl6); 2005 if (dst->error) { 2006 dst_release(dst); 2007 goto out_free; 2008 } 2009 2010 skb_dst_drop(skb); 2011 skb_dst_set(skb, dst); 2012 2013 /* 2014 * RFC1584 teaches, that DVMRP/PIM router must deliver packets locally 2015 * not only before forwarding, but after forwarding on all output 2016 * interfaces. It is clear, if mrouter runs a multicasting 2017 * program, it should receive packets not depending to what interface 2018 * program is joined. 2019 * If we will not make it, the program will have to join on all 2020 * interfaces. On the other hand, multihoming host (or router, but 2021 * not mrouter) cannot join to more than one interface - it will 2022 * result in receiving multiple packets. 2023 */ 2024 dev = vif->dev; 2025 skb->dev = dev; 2026 vif->pkt_out++; 2027 vif->bytes_out += skb->len; 2028 2029 /* We are about to write */ 2030 /* XXX: extension headers? */ 2031 if (skb_cow(skb, sizeof(*ipv6h) + LL_RESERVED_SPACE(dev))) 2032 goto out_free; 2033 2034 ipv6h = ipv6_hdr(skb); 2035 ipv6h->hop_limit--; 2036 2037 IP6CB(skb)->flags |= IP6SKB_FORWARDED; 2038 2039 return NF_HOOK(NFPROTO_IPV6, NF_INET_FORWARD, 2040 net, NULL, skb, skb->dev, dev, 2041 ip6mr_forward2_finish); 2042 2043 out_free: 2044 kfree_skb(skb); 2045 return 0; 2046 } 2047 2048 static int ip6mr_find_vif(struct mr_table *mrt, struct net_device *dev) 2049 { 2050 int ct; 2051 2052 for (ct = mrt->maxvif - 1; ct >= 0; ct--) { 2053 if (mrt->vif_table[ct].dev == dev) 2054 break; 2055 } 2056 return ct; 2057 } 2058 2059 static void ip6_mr_forward(struct net *net, struct mr_table *mrt, 2060 struct net_device *dev, struct sk_buff *skb, 2061 struct mfc6_cache *c) 2062 { 2063 int psend = -1; 2064 int vif, ct; 2065 int true_vifi = ip6mr_find_vif(mrt, dev); 2066 2067 vif = c->_c.mfc_parent; 2068 c->_c.mfc_un.res.pkt++; 2069 c->_c.mfc_un.res.bytes += skb->len; 2070 c->_c.mfc_un.res.lastuse = jiffies; 2071 2072 if (ipv6_addr_any(&c->mf6c_origin) && true_vifi >= 0) { 2073 struct mfc6_cache *cache_proxy; 2074 2075 /* For an (*,G) entry, we only check that the incoming 2076 * interface is part of the static tree. 2077 */ 2078 rcu_read_lock(); 2079 cache_proxy = mr_mfc_find_any_parent(mrt, vif); 2080 if (cache_proxy && 2081 cache_proxy->_c.mfc_un.res.ttls[true_vifi] < 255) { 2082 rcu_read_unlock(); 2083 goto forward; 2084 } 2085 rcu_read_unlock(); 2086 } 2087 2088 /* 2089 * Wrong interface: drop packet and (maybe) send PIM assert. 2090 */ 2091 if (mrt->vif_table[vif].dev != dev) { 2092 c->_c.mfc_un.res.wrong_if++; 2093 2094 if (true_vifi >= 0 && mrt->mroute_do_assert && 2095 /* pimsm uses asserts, when switching from RPT to SPT, 2096 so that we cannot check that packet arrived on an oif. 2097 It is bad, but otherwise we would need to move pretty 2098 large chunk of pimd to kernel. Ough... --ANK 2099 */ 2100 (mrt->mroute_do_pim || 2101 c->_c.mfc_un.res.ttls[true_vifi] < 255) && 2102 time_after(jiffies, 2103 c->_c.mfc_un.res.last_assert + 2104 MFC_ASSERT_THRESH)) { 2105 c->_c.mfc_un.res.last_assert = jiffies; 2106 ip6mr_cache_report(mrt, skb, true_vifi, MRT6MSG_WRONGMIF); 2107 } 2108 goto dont_forward; 2109 } 2110 2111 forward: 2112 mrt->vif_table[vif].pkt_in++; 2113 mrt->vif_table[vif].bytes_in += skb->len; 2114 2115 /* 2116 * Forward the frame 2117 */ 2118 if (ipv6_addr_any(&c->mf6c_origin) && 2119 ipv6_addr_any(&c->mf6c_mcastgrp)) { 2120 if (true_vifi >= 0 && 2121 true_vifi != c->_c.mfc_parent && 2122 ipv6_hdr(skb)->hop_limit > 2123 c->_c.mfc_un.res.ttls[c->_c.mfc_parent]) { 2124 /* It's an (*,*) entry and the packet is not coming from 2125 * the upstream: forward the packet to the upstream 2126 * only. 2127 */ 2128 psend = c->_c.mfc_parent; 2129 goto last_forward; 2130 } 2131 goto dont_forward; 2132 } 2133 for (ct = c->_c.mfc_un.res.maxvif - 1; 2134 ct >= c->_c.mfc_un.res.minvif; ct--) { 2135 /* For (*,G) entry, don't forward to the incoming interface */ 2136 if ((!ipv6_addr_any(&c->mf6c_origin) || ct != true_vifi) && 2137 ipv6_hdr(skb)->hop_limit > c->_c.mfc_un.res.ttls[ct]) { 2138 if (psend != -1) { 2139 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC); 2140 if (skb2) 2141 ip6mr_forward2(net, mrt, skb2, psend); 2142 } 2143 psend = ct; 2144 } 2145 } 2146 last_forward: 2147 if (psend != -1) { 2148 ip6mr_forward2(net, mrt, skb, psend); 2149 return; 2150 } 2151 2152 dont_forward: 2153 kfree_skb(skb); 2154 } 2155 2156 2157 /* 2158 * Multicast packets for forwarding arrive here 2159 */ 2160 2161 int ip6_mr_input(struct sk_buff *skb) 2162 { 2163 struct mfc6_cache *cache; 2164 struct net *net = dev_net(skb->dev); 2165 struct mr_table *mrt; 2166 struct flowi6 fl6 = { 2167 .flowi6_iif = skb->dev->ifindex, 2168 .flowi6_mark = skb->mark, 2169 }; 2170 int err; 2171 struct net_device *dev; 2172 2173 /* skb->dev passed in is the master dev for vrfs. 2174 * Get the proper interface that does have a vif associated with it. 2175 */ 2176 dev = skb->dev; 2177 if (netif_is_l3_master(skb->dev)) { 2178 dev = dev_get_by_index_rcu(net, IPCB(skb)->iif); 2179 if (!dev) { 2180 kfree_skb(skb); 2181 return -ENODEV; 2182 } 2183 } 2184 2185 err = ip6mr_fib_lookup(net, &fl6, &mrt); 2186 if (err < 0) { 2187 kfree_skb(skb); 2188 return err; 2189 } 2190 2191 read_lock(&mrt_lock); 2192 cache = ip6mr_cache_find(mrt, 2193 &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr); 2194 if (!cache) { 2195 int vif = ip6mr_find_vif(mrt, dev); 2196 2197 if (vif >= 0) 2198 cache = ip6mr_cache_find_any(mrt, 2199 &ipv6_hdr(skb)->daddr, 2200 vif); 2201 } 2202 2203 /* 2204 * No usable cache entry 2205 */ 2206 if (!cache) { 2207 int vif; 2208 2209 vif = ip6mr_find_vif(mrt, dev); 2210 if (vif >= 0) { 2211 int err = ip6mr_cache_unresolved(mrt, vif, skb, dev); 2212 read_unlock(&mrt_lock); 2213 2214 return err; 2215 } 2216 read_unlock(&mrt_lock); 2217 kfree_skb(skb); 2218 return -ENODEV; 2219 } 2220 2221 ip6_mr_forward(net, mrt, dev, skb, cache); 2222 2223 read_unlock(&mrt_lock); 2224 2225 return 0; 2226 } 2227 2228 int ip6mr_get_route(struct net *net, struct sk_buff *skb, struct rtmsg *rtm, 2229 u32 portid) 2230 { 2231 int err; 2232 struct mr_table *mrt; 2233 struct mfc6_cache *cache; 2234 struct rt6_info *rt = (struct rt6_info *)skb_dst(skb); 2235 2236 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT); 2237 if (!mrt) 2238 return -ENOENT; 2239 2240 read_lock(&mrt_lock); 2241 cache = ip6mr_cache_find(mrt, &rt->rt6i_src.addr, &rt->rt6i_dst.addr); 2242 if (!cache && skb->dev) { 2243 int vif = ip6mr_find_vif(mrt, skb->dev); 2244 2245 if (vif >= 0) 2246 cache = ip6mr_cache_find_any(mrt, &rt->rt6i_dst.addr, 2247 vif); 2248 } 2249 2250 if (!cache) { 2251 struct sk_buff *skb2; 2252 struct ipv6hdr *iph; 2253 struct net_device *dev; 2254 int vif; 2255 2256 dev = skb->dev; 2257 if (!dev || (vif = ip6mr_find_vif(mrt, dev)) < 0) { 2258 read_unlock(&mrt_lock); 2259 return -ENODEV; 2260 } 2261 2262 /* really correct? */ 2263 skb2 = alloc_skb(sizeof(struct ipv6hdr), GFP_ATOMIC); 2264 if (!skb2) { 2265 read_unlock(&mrt_lock); 2266 return -ENOMEM; 2267 } 2268 2269 NETLINK_CB(skb2).portid = portid; 2270 skb_reset_transport_header(skb2); 2271 2272 skb_put(skb2, sizeof(struct ipv6hdr)); 2273 skb_reset_network_header(skb2); 2274 2275 iph = ipv6_hdr(skb2); 2276 iph->version = 0; 2277 iph->priority = 0; 2278 iph->flow_lbl[0] = 0; 2279 iph->flow_lbl[1] = 0; 2280 iph->flow_lbl[2] = 0; 2281 iph->payload_len = 0; 2282 iph->nexthdr = IPPROTO_NONE; 2283 iph->hop_limit = 0; 2284 iph->saddr = rt->rt6i_src.addr; 2285 iph->daddr = rt->rt6i_dst.addr; 2286 2287 err = ip6mr_cache_unresolved(mrt, vif, skb2, dev); 2288 read_unlock(&mrt_lock); 2289 2290 return err; 2291 } 2292 2293 err = mr_fill_mroute(mrt, skb, &cache->_c, rtm); 2294 read_unlock(&mrt_lock); 2295 return err; 2296 } 2297 2298 static int ip6mr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb, 2299 u32 portid, u32 seq, struct mfc6_cache *c, int cmd, 2300 int flags) 2301 { 2302 struct nlmsghdr *nlh; 2303 struct rtmsg *rtm; 2304 int err; 2305 2306 nlh = nlmsg_put(skb, portid, seq, cmd, sizeof(*rtm), flags); 2307 if (!nlh) 2308 return -EMSGSIZE; 2309 2310 rtm = nlmsg_data(nlh); 2311 rtm->rtm_family = RTNL_FAMILY_IP6MR; 2312 rtm->rtm_dst_len = 128; 2313 rtm->rtm_src_len = 128; 2314 rtm->rtm_tos = 0; 2315 rtm->rtm_table = mrt->id; 2316 if (nla_put_u32(skb, RTA_TABLE, mrt->id)) 2317 goto nla_put_failure; 2318 rtm->rtm_type = RTN_MULTICAST; 2319 rtm->rtm_scope = RT_SCOPE_UNIVERSE; 2320 if (c->_c.mfc_flags & MFC_STATIC) 2321 rtm->rtm_protocol = RTPROT_STATIC; 2322 else 2323 rtm->rtm_protocol = RTPROT_MROUTED; 2324 rtm->rtm_flags = 0; 2325 2326 if (nla_put_in6_addr(skb, RTA_SRC, &c->mf6c_origin) || 2327 nla_put_in6_addr(skb, RTA_DST, &c->mf6c_mcastgrp)) 2328 goto nla_put_failure; 2329 err = mr_fill_mroute(mrt, skb, &c->_c, rtm); 2330 /* do not break the dump if cache is unresolved */ 2331 if (err < 0 && err != -ENOENT) 2332 goto nla_put_failure; 2333 2334 nlmsg_end(skb, nlh); 2335 return 0; 2336 2337 nla_put_failure: 2338 nlmsg_cancel(skb, nlh); 2339 return -EMSGSIZE; 2340 } 2341 2342 static int _ip6mr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb, 2343 u32 portid, u32 seq, struct mr_mfc *c, 2344 int cmd, int flags) 2345 { 2346 return ip6mr_fill_mroute(mrt, skb, portid, seq, (struct mfc6_cache *)c, 2347 cmd, flags); 2348 } 2349 2350 static int mr6_msgsize(bool unresolved, int maxvif) 2351 { 2352 size_t len = 2353 NLMSG_ALIGN(sizeof(struct rtmsg)) 2354 + nla_total_size(4) /* RTA_TABLE */ 2355 + nla_total_size(sizeof(struct in6_addr)) /* RTA_SRC */ 2356 + nla_total_size(sizeof(struct in6_addr)) /* RTA_DST */ 2357 ; 2358 2359 if (!unresolved) 2360 len = len 2361 + nla_total_size(4) /* RTA_IIF */ 2362 + nla_total_size(0) /* RTA_MULTIPATH */ 2363 + maxvif * NLA_ALIGN(sizeof(struct rtnexthop)) 2364 /* RTA_MFC_STATS */ 2365 + nla_total_size_64bit(sizeof(struct rta_mfc_stats)) 2366 ; 2367 2368 return len; 2369 } 2370 2371 static void mr6_netlink_event(struct mr_table *mrt, struct mfc6_cache *mfc, 2372 int cmd) 2373 { 2374 struct net *net = read_pnet(&mrt->net); 2375 struct sk_buff *skb; 2376 int err = -ENOBUFS; 2377 2378 skb = nlmsg_new(mr6_msgsize(mfc->_c.mfc_parent >= MAXMIFS, mrt->maxvif), 2379 GFP_ATOMIC); 2380 if (!skb) 2381 goto errout; 2382 2383 err = ip6mr_fill_mroute(mrt, skb, 0, 0, mfc, cmd, 0); 2384 if (err < 0) 2385 goto errout; 2386 2387 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_MROUTE, NULL, GFP_ATOMIC); 2388 return; 2389 2390 errout: 2391 kfree_skb(skb); 2392 if (err < 0) 2393 rtnl_set_sk_err(net, RTNLGRP_IPV6_MROUTE, err); 2394 } 2395 2396 static size_t mrt6msg_netlink_msgsize(size_t payloadlen) 2397 { 2398 size_t len = 2399 NLMSG_ALIGN(sizeof(struct rtgenmsg)) 2400 + nla_total_size(1) /* IP6MRA_CREPORT_MSGTYPE */ 2401 + nla_total_size(4) /* IP6MRA_CREPORT_MIF_ID */ 2402 /* IP6MRA_CREPORT_SRC_ADDR */ 2403 + nla_total_size(sizeof(struct in6_addr)) 2404 /* IP6MRA_CREPORT_DST_ADDR */ 2405 + nla_total_size(sizeof(struct in6_addr)) 2406 /* IP6MRA_CREPORT_PKT */ 2407 + nla_total_size(payloadlen) 2408 ; 2409 2410 return len; 2411 } 2412 2413 static void mrt6msg_netlink_event(struct mr_table *mrt, struct sk_buff *pkt) 2414 { 2415 struct net *net = read_pnet(&mrt->net); 2416 struct nlmsghdr *nlh; 2417 struct rtgenmsg *rtgenm; 2418 struct mrt6msg *msg; 2419 struct sk_buff *skb; 2420 struct nlattr *nla; 2421 int payloadlen; 2422 2423 payloadlen = pkt->len - sizeof(struct mrt6msg); 2424 msg = (struct mrt6msg *)skb_transport_header(pkt); 2425 2426 skb = nlmsg_new(mrt6msg_netlink_msgsize(payloadlen), GFP_ATOMIC); 2427 if (!skb) 2428 goto errout; 2429 2430 nlh = nlmsg_put(skb, 0, 0, RTM_NEWCACHEREPORT, 2431 sizeof(struct rtgenmsg), 0); 2432 if (!nlh) 2433 goto errout; 2434 rtgenm = nlmsg_data(nlh); 2435 rtgenm->rtgen_family = RTNL_FAMILY_IP6MR; 2436 if (nla_put_u8(skb, IP6MRA_CREPORT_MSGTYPE, msg->im6_msgtype) || 2437 nla_put_u32(skb, IP6MRA_CREPORT_MIF_ID, msg->im6_mif) || 2438 nla_put_in6_addr(skb, IP6MRA_CREPORT_SRC_ADDR, 2439 &msg->im6_src) || 2440 nla_put_in6_addr(skb, IP6MRA_CREPORT_DST_ADDR, 2441 &msg->im6_dst)) 2442 goto nla_put_failure; 2443 2444 nla = nla_reserve(skb, IP6MRA_CREPORT_PKT, payloadlen); 2445 if (!nla || skb_copy_bits(pkt, sizeof(struct mrt6msg), 2446 nla_data(nla), payloadlen)) 2447 goto nla_put_failure; 2448 2449 nlmsg_end(skb, nlh); 2450 2451 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_MROUTE_R, NULL, GFP_ATOMIC); 2452 return; 2453 2454 nla_put_failure: 2455 nlmsg_cancel(skb, nlh); 2456 errout: 2457 kfree_skb(skb); 2458 rtnl_set_sk_err(net, RTNLGRP_IPV6_MROUTE_R, -ENOBUFS); 2459 } 2460 2461 static int ip6mr_rtm_dumproute(struct sk_buff *skb, struct netlink_callback *cb) 2462 { 2463 const struct nlmsghdr *nlh = cb->nlh; 2464 struct fib_dump_filter filter = {}; 2465 int err; 2466 2467 if (cb->strict_check) { 2468 err = ip_valid_fib_dump_req(sock_net(skb->sk), nlh, 2469 &filter, cb); 2470 if (err < 0) 2471 return err; 2472 } 2473 2474 if (filter.table_id) { 2475 struct mr_table *mrt; 2476 2477 mrt = ip6mr_get_table(sock_net(skb->sk), filter.table_id); 2478 if (!mrt) { 2479 if (filter.dump_all_families) 2480 return skb->len; 2481 2482 NL_SET_ERR_MSG_MOD(cb->extack, "MR table does not exist"); 2483 return -ENOENT; 2484 } 2485 err = mr_table_dump(mrt, skb, cb, _ip6mr_fill_mroute, 2486 &mfc_unres_lock, &filter); 2487 return skb->len ? : err; 2488 } 2489 2490 return mr_rtm_dumproute(skb, cb, ip6mr_mr_table_iter, 2491 _ip6mr_fill_mroute, &mfc_unres_lock, &filter); 2492 } 2493