1 /* 2 * Multicast support for IPv6 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * Based on linux/ipv4/igmp.c and linux/ipv4/ip_sockglue.c 9 * 10 * This program is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU General Public License 12 * as published by the Free Software Foundation; either version 13 * 2 of the License, or (at your option) any later version. 14 */ 15 16 /* Changes: 17 * 18 * yoshfuji : fix format of router-alert option 19 * YOSHIFUJI Hideaki @USAGI: 20 * Fixed source address for MLD message based on 21 * <draft-ietf-magma-mld-source-05.txt>. 22 * YOSHIFUJI Hideaki @USAGI: 23 * - Ignore Queries for invalid addresses. 24 * - MLD for link-local addresses. 25 * David L Stevens <dlstevens@us.ibm.com>: 26 * - MLDv2 support 27 */ 28 29 #include <linux/module.h> 30 #include <linux/errno.h> 31 #include <linux/types.h> 32 #include <linux/string.h> 33 #include <linux/socket.h> 34 #include <linux/sockios.h> 35 #include <linux/jiffies.h> 36 #include <linux/times.h> 37 #include <linux/net.h> 38 #include <linux/in.h> 39 #include <linux/in6.h> 40 #include <linux/netdevice.h> 41 #include <linux/if_arp.h> 42 #include <linux/route.h> 43 #include <linux/init.h> 44 #include <linux/proc_fs.h> 45 #include <linux/seq_file.h> 46 #include <linux/slab.h> 47 #include <linux/pkt_sched.h> 48 #include <net/mld.h> 49 50 #include <linux/netfilter.h> 51 #include <linux/netfilter_ipv6.h> 52 53 #include <net/net_namespace.h> 54 #include <net/sock.h> 55 #include <net/snmp.h> 56 57 #include <net/ipv6.h> 58 #include <net/protocol.h> 59 #include <net/if_inet6.h> 60 #include <net/ndisc.h> 61 #include <net/addrconf.h> 62 #include <net/ip6_route.h> 63 #include <net/inet_common.h> 64 65 #include <net/ip6_checksum.h> 66 67 /* Ensure that we have struct in6_addr aligned on 32bit word. */ 68 static void *__mld2_query_bugs[] __attribute__((__unused__)) = { 69 BUILD_BUG_ON_NULL(offsetof(struct mld2_query, mld2q_srcs) % 4), 70 BUILD_BUG_ON_NULL(offsetof(struct mld2_report, mld2r_grec) % 4), 71 BUILD_BUG_ON_NULL(offsetof(struct mld2_grec, grec_mca) % 4) 72 }; 73 74 static struct in6_addr mld2_all_mcr = MLD2_ALL_MCR_INIT; 75 76 static void igmp6_join_group(struct ifmcaddr6 *ma); 77 static void igmp6_leave_group(struct ifmcaddr6 *ma); 78 static void igmp6_timer_handler(unsigned long data); 79 80 static void mld_gq_timer_expire(unsigned long data); 81 static void mld_ifc_timer_expire(unsigned long data); 82 static void mld_ifc_event(struct inet6_dev *idev); 83 static void mld_add_delrec(struct inet6_dev *idev, struct ifmcaddr6 *pmc); 84 static void mld_del_delrec(struct inet6_dev *idev, const struct in6_addr *addr); 85 static void mld_clear_delrec(struct inet6_dev *idev); 86 static bool mld_in_v1_mode(const struct inet6_dev *idev); 87 static int sf_setstate(struct ifmcaddr6 *pmc); 88 static void sf_markstate(struct ifmcaddr6 *pmc); 89 static void ip6_mc_clear_src(struct ifmcaddr6 *pmc); 90 static int ip6_mc_del_src(struct inet6_dev *idev, const struct in6_addr *pmca, 91 int sfmode, int sfcount, const struct in6_addr *psfsrc, 92 int delta); 93 static int ip6_mc_add_src(struct inet6_dev *idev, const struct in6_addr *pmca, 94 int sfmode, int sfcount, const struct in6_addr *psfsrc, 95 int delta); 96 static int ip6_mc_leave_src(struct sock *sk, struct ipv6_mc_socklist *iml, 97 struct inet6_dev *idev); 98 99 #define MLD_QRV_DEFAULT 2 100 /* RFC3810, 9.2. Query Interval */ 101 #define MLD_QI_DEFAULT (125 * HZ) 102 /* RFC3810, 9.3. Query Response Interval */ 103 #define MLD_QRI_DEFAULT (10 * HZ) 104 105 /* RFC3810, 8.1 Query Version Distinctions */ 106 #define MLD_V1_QUERY_LEN 24 107 #define MLD_V2_QUERY_LEN_MIN 28 108 109 #define IPV6_MLD_MAX_MSF 64 110 111 int sysctl_mld_max_msf __read_mostly = IPV6_MLD_MAX_MSF; 112 int sysctl_mld_qrv __read_mostly = MLD_QRV_DEFAULT; 113 114 /* 115 * socket join on multicast group 116 */ 117 118 #define for_each_pmc_rcu(np, pmc) \ 119 for (pmc = rcu_dereference(np->ipv6_mc_list); \ 120 pmc != NULL; \ 121 pmc = rcu_dereference(pmc->next)) 122 123 static int unsolicited_report_interval(struct inet6_dev *idev) 124 { 125 int iv; 126 127 if (mld_in_v1_mode(idev)) 128 iv = idev->cnf.mldv1_unsolicited_report_interval; 129 else 130 iv = idev->cnf.mldv2_unsolicited_report_interval; 131 132 return iv > 0 ? iv : 1; 133 } 134 135 int ipv6_sock_mc_join(struct sock *sk, int ifindex, const struct in6_addr *addr) 136 { 137 struct net_device *dev = NULL; 138 struct ipv6_mc_socklist *mc_lst; 139 struct ipv6_pinfo *np = inet6_sk(sk); 140 struct net *net = sock_net(sk); 141 int err; 142 143 if (!ipv6_addr_is_multicast(addr)) 144 return -EINVAL; 145 146 rcu_read_lock(); 147 for_each_pmc_rcu(np, mc_lst) { 148 if ((ifindex == 0 || mc_lst->ifindex == ifindex) && 149 ipv6_addr_equal(&mc_lst->addr, addr)) { 150 rcu_read_unlock(); 151 return -EADDRINUSE; 152 } 153 } 154 rcu_read_unlock(); 155 156 mc_lst = sock_kmalloc(sk, sizeof(struct ipv6_mc_socklist), GFP_KERNEL); 157 158 if (mc_lst == NULL) 159 return -ENOMEM; 160 161 mc_lst->next = NULL; 162 mc_lst->addr = *addr; 163 164 rtnl_lock(); 165 if (ifindex == 0) { 166 struct rt6_info *rt; 167 rt = rt6_lookup(net, addr, NULL, 0, 0); 168 if (rt) { 169 dev = rt->dst.dev; 170 ip6_rt_put(rt); 171 } 172 } else 173 dev = __dev_get_by_index(net, ifindex); 174 175 if (dev == NULL) { 176 rtnl_unlock(); 177 sock_kfree_s(sk, mc_lst, sizeof(*mc_lst)); 178 return -ENODEV; 179 } 180 181 mc_lst->ifindex = dev->ifindex; 182 mc_lst->sfmode = MCAST_EXCLUDE; 183 rwlock_init(&mc_lst->sflock); 184 mc_lst->sflist = NULL; 185 186 /* 187 * now add/increase the group membership on the device 188 */ 189 190 err = ipv6_dev_mc_inc(dev, addr); 191 192 if (err) { 193 rtnl_unlock(); 194 sock_kfree_s(sk, mc_lst, sizeof(*mc_lst)); 195 return err; 196 } 197 198 mc_lst->next = np->ipv6_mc_list; 199 rcu_assign_pointer(np->ipv6_mc_list, mc_lst); 200 201 rtnl_unlock(); 202 203 return 0; 204 } 205 206 /* 207 * socket leave on multicast group 208 */ 209 int ipv6_sock_mc_drop(struct sock *sk, int ifindex, const struct in6_addr *addr) 210 { 211 struct ipv6_pinfo *np = inet6_sk(sk); 212 struct ipv6_mc_socklist *mc_lst; 213 struct ipv6_mc_socklist __rcu **lnk; 214 struct net *net = sock_net(sk); 215 216 if (!ipv6_addr_is_multicast(addr)) 217 return -EINVAL; 218 219 rtnl_lock(); 220 for (lnk = &np->ipv6_mc_list; 221 (mc_lst = rtnl_dereference(*lnk)) != NULL; 222 lnk = &mc_lst->next) { 223 if ((ifindex == 0 || mc_lst->ifindex == ifindex) && 224 ipv6_addr_equal(&mc_lst->addr, addr)) { 225 struct net_device *dev; 226 227 *lnk = mc_lst->next; 228 229 dev = __dev_get_by_index(net, mc_lst->ifindex); 230 if (dev != NULL) { 231 struct inet6_dev *idev = __in6_dev_get(dev); 232 233 (void) ip6_mc_leave_src(sk, mc_lst, idev); 234 if (idev) 235 __ipv6_dev_mc_dec(idev, &mc_lst->addr); 236 } else 237 (void) ip6_mc_leave_src(sk, mc_lst, NULL); 238 rtnl_unlock(); 239 240 atomic_sub(sizeof(*mc_lst), &sk->sk_omem_alloc); 241 kfree_rcu(mc_lst, rcu); 242 return 0; 243 } 244 } 245 rtnl_unlock(); 246 247 return -EADDRNOTAVAIL; 248 } 249 250 /* called with rcu_read_lock() */ 251 static struct inet6_dev *ip6_mc_find_dev_rcu(struct net *net, 252 const struct in6_addr *group, 253 int ifindex) 254 { 255 struct net_device *dev = NULL; 256 struct inet6_dev *idev = NULL; 257 258 if (ifindex == 0) { 259 struct rt6_info *rt = rt6_lookup(net, group, NULL, 0, 0); 260 261 if (rt) { 262 dev = rt->dst.dev; 263 ip6_rt_put(rt); 264 } 265 } else 266 dev = dev_get_by_index_rcu(net, ifindex); 267 268 if (!dev) 269 return NULL; 270 idev = __in6_dev_get(dev); 271 if (!idev) 272 return NULL; 273 read_lock_bh(&idev->lock); 274 if (idev->dead) { 275 read_unlock_bh(&idev->lock); 276 return NULL; 277 } 278 return idev; 279 } 280 281 void ipv6_sock_mc_close(struct sock *sk) 282 { 283 struct ipv6_pinfo *np = inet6_sk(sk); 284 struct ipv6_mc_socklist *mc_lst; 285 struct net *net = sock_net(sk); 286 287 if (!rcu_access_pointer(np->ipv6_mc_list)) 288 return; 289 290 rtnl_lock(); 291 while ((mc_lst = rtnl_dereference(np->ipv6_mc_list)) != NULL) { 292 struct net_device *dev; 293 294 np->ipv6_mc_list = mc_lst->next; 295 296 dev = __dev_get_by_index(net, mc_lst->ifindex); 297 if (dev) { 298 struct inet6_dev *idev = __in6_dev_get(dev); 299 300 (void) ip6_mc_leave_src(sk, mc_lst, idev); 301 if (idev) 302 __ipv6_dev_mc_dec(idev, &mc_lst->addr); 303 } else 304 (void) ip6_mc_leave_src(sk, mc_lst, NULL); 305 306 atomic_sub(sizeof(*mc_lst), &sk->sk_omem_alloc); 307 kfree_rcu(mc_lst, rcu); 308 309 } 310 rtnl_unlock(); 311 } 312 313 int ip6_mc_source(int add, int omode, struct sock *sk, 314 struct group_source_req *pgsr) 315 { 316 struct in6_addr *source, *group; 317 struct ipv6_mc_socklist *pmc; 318 struct inet6_dev *idev; 319 struct ipv6_pinfo *inet6 = inet6_sk(sk); 320 struct ip6_sf_socklist *psl; 321 struct net *net = sock_net(sk); 322 int i, j, rv; 323 int leavegroup = 0; 324 int pmclocked = 0; 325 int err; 326 327 source = &((struct sockaddr_in6 *)&pgsr->gsr_source)->sin6_addr; 328 group = &((struct sockaddr_in6 *)&pgsr->gsr_group)->sin6_addr; 329 330 if (!ipv6_addr_is_multicast(group)) 331 return -EINVAL; 332 333 rcu_read_lock(); 334 idev = ip6_mc_find_dev_rcu(net, group, pgsr->gsr_interface); 335 if (!idev) { 336 rcu_read_unlock(); 337 return -ENODEV; 338 } 339 340 err = -EADDRNOTAVAIL; 341 342 for_each_pmc_rcu(inet6, pmc) { 343 if (pgsr->gsr_interface && pmc->ifindex != pgsr->gsr_interface) 344 continue; 345 if (ipv6_addr_equal(&pmc->addr, group)) 346 break; 347 } 348 if (!pmc) { /* must have a prior join */ 349 err = -EINVAL; 350 goto done; 351 } 352 /* if a source filter was set, must be the same mode as before */ 353 if (pmc->sflist) { 354 if (pmc->sfmode != omode) { 355 err = -EINVAL; 356 goto done; 357 } 358 } else if (pmc->sfmode != omode) { 359 /* allow mode switches for empty-set filters */ 360 ip6_mc_add_src(idev, group, omode, 0, NULL, 0); 361 ip6_mc_del_src(idev, group, pmc->sfmode, 0, NULL, 0); 362 pmc->sfmode = omode; 363 } 364 365 write_lock(&pmc->sflock); 366 pmclocked = 1; 367 368 psl = pmc->sflist; 369 if (!add) { 370 if (!psl) 371 goto done; /* err = -EADDRNOTAVAIL */ 372 rv = !0; 373 for (i = 0; i < psl->sl_count; i++) { 374 rv = !ipv6_addr_equal(&psl->sl_addr[i], source); 375 if (rv == 0) 376 break; 377 } 378 if (rv) /* source not found */ 379 goto done; /* err = -EADDRNOTAVAIL */ 380 381 /* special case - (INCLUDE, empty) == LEAVE_GROUP */ 382 if (psl->sl_count == 1 && omode == MCAST_INCLUDE) { 383 leavegroup = 1; 384 goto done; 385 } 386 387 /* update the interface filter */ 388 ip6_mc_del_src(idev, group, omode, 1, source, 1); 389 390 for (j = i+1; j < psl->sl_count; j++) 391 psl->sl_addr[j-1] = psl->sl_addr[j]; 392 psl->sl_count--; 393 err = 0; 394 goto done; 395 } 396 /* else, add a new source to the filter */ 397 398 if (psl && psl->sl_count >= sysctl_mld_max_msf) { 399 err = -ENOBUFS; 400 goto done; 401 } 402 if (!psl || psl->sl_count == psl->sl_max) { 403 struct ip6_sf_socklist *newpsl; 404 int count = IP6_SFBLOCK; 405 406 if (psl) 407 count += psl->sl_max; 408 newpsl = sock_kmalloc(sk, IP6_SFLSIZE(count), GFP_ATOMIC); 409 if (!newpsl) { 410 err = -ENOBUFS; 411 goto done; 412 } 413 newpsl->sl_max = count; 414 newpsl->sl_count = count - IP6_SFBLOCK; 415 if (psl) { 416 for (i = 0; i < psl->sl_count; i++) 417 newpsl->sl_addr[i] = psl->sl_addr[i]; 418 sock_kfree_s(sk, psl, IP6_SFLSIZE(psl->sl_max)); 419 } 420 pmc->sflist = psl = newpsl; 421 } 422 rv = 1; /* > 0 for insert logic below if sl_count is 0 */ 423 for (i = 0; i < psl->sl_count; i++) { 424 rv = !ipv6_addr_equal(&psl->sl_addr[i], source); 425 if (rv == 0) /* There is an error in the address. */ 426 goto done; 427 } 428 for (j = psl->sl_count-1; j >= i; j--) 429 psl->sl_addr[j+1] = psl->sl_addr[j]; 430 psl->sl_addr[i] = *source; 431 psl->sl_count++; 432 err = 0; 433 /* update the interface list */ 434 ip6_mc_add_src(idev, group, omode, 1, source, 1); 435 done: 436 if (pmclocked) 437 write_unlock(&pmc->sflock); 438 read_unlock_bh(&idev->lock); 439 rcu_read_unlock(); 440 if (leavegroup) 441 return ipv6_sock_mc_drop(sk, pgsr->gsr_interface, group); 442 return err; 443 } 444 445 int ip6_mc_msfilter(struct sock *sk, struct group_filter *gsf) 446 { 447 const struct in6_addr *group; 448 struct ipv6_mc_socklist *pmc; 449 struct inet6_dev *idev; 450 struct ipv6_pinfo *inet6 = inet6_sk(sk); 451 struct ip6_sf_socklist *newpsl, *psl; 452 struct net *net = sock_net(sk); 453 int leavegroup = 0; 454 int i, err; 455 456 group = &((struct sockaddr_in6 *)&gsf->gf_group)->sin6_addr; 457 458 if (!ipv6_addr_is_multicast(group)) 459 return -EINVAL; 460 if (gsf->gf_fmode != MCAST_INCLUDE && 461 gsf->gf_fmode != MCAST_EXCLUDE) 462 return -EINVAL; 463 464 rcu_read_lock(); 465 idev = ip6_mc_find_dev_rcu(net, group, gsf->gf_interface); 466 467 if (!idev) { 468 rcu_read_unlock(); 469 return -ENODEV; 470 } 471 472 err = 0; 473 474 if (gsf->gf_fmode == MCAST_INCLUDE && gsf->gf_numsrc == 0) { 475 leavegroup = 1; 476 goto done; 477 } 478 479 for_each_pmc_rcu(inet6, pmc) { 480 if (pmc->ifindex != gsf->gf_interface) 481 continue; 482 if (ipv6_addr_equal(&pmc->addr, group)) 483 break; 484 } 485 if (!pmc) { /* must have a prior join */ 486 err = -EINVAL; 487 goto done; 488 } 489 if (gsf->gf_numsrc) { 490 newpsl = sock_kmalloc(sk, IP6_SFLSIZE(gsf->gf_numsrc), 491 GFP_ATOMIC); 492 if (!newpsl) { 493 err = -ENOBUFS; 494 goto done; 495 } 496 newpsl->sl_max = newpsl->sl_count = gsf->gf_numsrc; 497 for (i = 0; i < newpsl->sl_count; ++i) { 498 struct sockaddr_in6 *psin6; 499 500 psin6 = (struct sockaddr_in6 *)&gsf->gf_slist[i]; 501 newpsl->sl_addr[i] = psin6->sin6_addr; 502 } 503 err = ip6_mc_add_src(idev, group, gsf->gf_fmode, 504 newpsl->sl_count, newpsl->sl_addr, 0); 505 if (err) { 506 sock_kfree_s(sk, newpsl, IP6_SFLSIZE(newpsl->sl_max)); 507 goto done; 508 } 509 } else { 510 newpsl = NULL; 511 (void) ip6_mc_add_src(idev, group, gsf->gf_fmode, 0, NULL, 0); 512 } 513 514 write_lock(&pmc->sflock); 515 psl = pmc->sflist; 516 if (psl) { 517 (void) ip6_mc_del_src(idev, group, pmc->sfmode, 518 psl->sl_count, psl->sl_addr, 0); 519 sock_kfree_s(sk, psl, IP6_SFLSIZE(psl->sl_max)); 520 } else 521 (void) ip6_mc_del_src(idev, group, pmc->sfmode, 0, NULL, 0); 522 pmc->sflist = newpsl; 523 pmc->sfmode = gsf->gf_fmode; 524 write_unlock(&pmc->sflock); 525 err = 0; 526 done: 527 read_unlock_bh(&idev->lock); 528 rcu_read_unlock(); 529 if (leavegroup) 530 err = ipv6_sock_mc_drop(sk, gsf->gf_interface, group); 531 return err; 532 } 533 534 int ip6_mc_msfget(struct sock *sk, struct group_filter *gsf, 535 struct group_filter __user *optval, int __user *optlen) 536 { 537 int err, i, count, copycount; 538 const struct in6_addr *group; 539 struct ipv6_mc_socklist *pmc; 540 struct inet6_dev *idev; 541 struct ipv6_pinfo *inet6 = inet6_sk(sk); 542 struct ip6_sf_socklist *psl; 543 struct net *net = sock_net(sk); 544 545 group = &((struct sockaddr_in6 *)&gsf->gf_group)->sin6_addr; 546 547 if (!ipv6_addr_is_multicast(group)) 548 return -EINVAL; 549 550 rcu_read_lock(); 551 idev = ip6_mc_find_dev_rcu(net, group, gsf->gf_interface); 552 553 if (!idev) { 554 rcu_read_unlock(); 555 return -ENODEV; 556 } 557 558 err = -EADDRNOTAVAIL; 559 /* changes to the ipv6_mc_list require the socket lock and 560 * rtnl lock. We have the socket lock and rcu read lock, 561 * so reading the list is safe. 562 */ 563 564 for_each_pmc_rcu(inet6, pmc) { 565 if (pmc->ifindex != gsf->gf_interface) 566 continue; 567 if (ipv6_addr_equal(group, &pmc->addr)) 568 break; 569 } 570 if (!pmc) /* must have a prior join */ 571 goto done; 572 gsf->gf_fmode = pmc->sfmode; 573 psl = pmc->sflist; 574 count = psl ? psl->sl_count : 0; 575 read_unlock_bh(&idev->lock); 576 rcu_read_unlock(); 577 578 copycount = count < gsf->gf_numsrc ? count : gsf->gf_numsrc; 579 gsf->gf_numsrc = count; 580 if (put_user(GROUP_FILTER_SIZE(copycount), optlen) || 581 copy_to_user(optval, gsf, GROUP_FILTER_SIZE(0))) { 582 return -EFAULT; 583 } 584 /* changes to psl require the socket lock, and a write lock 585 * on pmc->sflock. We have the socket lock so reading here is safe. 586 */ 587 for (i = 0; i < copycount; i++) { 588 struct sockaddr_in6 *psin6; 589 struct sockaddr_storage ss; 590 591 psin6 = (struct sockaddr_in6 *)&ss; 592 memset(&ss, 0, sizeof(ss)); 593 psin6->sin6_family = AF_INET6; 594 psin6->sin6_addr = psl->sl_addr[i]; 595 if (copy_to_user(&optval->gf_slist[i], &ss, sizeof(ss))) 596 return -EFAULT; 597 } 598 return 0; 599 done: 600 read_unlock_bh(&idev->lock); 601 rcu_read_unlock(); 602 return err; 603 } 604 605 bool inet6_mc_check(struct sock *sk, const struct in6_addr *mc_addr, 606 const struct in6_addr *src_addr) 607 { 608 struct ipv6_pinfo *np = inet6_sk(sk); 609 struct ipv6_mc_socklist *mc; 610 struct ip6_sf_socklist *psl; 611 bool rv = true; 612 613 rcu_read_lock(); 614 for_each_pmc_rcu(np, mc) { 615 if (ipv6_addr_equal(&mc->addr, mc_addr)) 616 break; 617 } 618 if (!mc) { 619 rcu_read_unlock(); 620 return true; 621 } 622 read_lock(&mc->sflock); 623 psl = mc->sflist; 624 if (!psl) { 625 rv = mc->sfmode == MCAST_EXCLUDE; 626 } else { 627 int i; 628 629 for (i = 0; i < psl->sl_count; i++) { 630 if (ipv6_addr_equal(&psl->sl_addr[i], src_addr)) 631 break; 632 } 633 if (mc->sfmode == MCAST_INCLUDE && i >= psl->sl_count) 634 rv = false; 635 if (mc->sfmode == MCAST_EXCLUDE && i < psl->sl_count) 636 rv = false; 637 } 638 read_unlock(&mc->sflock); 639 rcu_read_unlock(); 640 641 return rv; 642 } 643 644 static void igmp6_group_added(struct ifmcaddr6 *mc) 645 { 646 struct net_device *dev = mc->idev->dev; 647 char buf[MAX_ADDR_LEN]; 648 649 if (IPV6_ADDR_MC_SCOPE(&mc->mca_addr) < 650 IPV6_ADDR_SCOPE_LINKLOCAL) 651 return; 652 653 spin_lock_bh(&mc->mca_lock); 654 if (!(mc->mca_flags&MAF_LOADED)) { 655 mc->mca_flags |= MAF_LOADED; 656 if (ndisc_mc_map(&mc->mca_addr, buf, dev, 0) == 0) 657 dev_mc_add(dev, buf); 658 } 659 spin_unlock_bh(&mc->mca_lock); 660 661 if (!(dev->flags & IFF_UP) || (mc->mca_flags & MAF_NOREPORT)) 662 return; 663 664 if (mld_in_v1_mode(mc->idev)) { 665 igmp6_join_group(mc); 666 return; 667 } 668 /* else v2 */ 669 670 mc->mca_crcount = mc->idev->mc_qrv; 671 mld_ifc_event(mc->idev); 672 } 673 674 static void igmp6_group_dropped(struct ifmcaddr6 *mc) 675 { 676 struct net_device *dev = mc->idev->dev; 677 char buf[MAX_ADDR_LEN]; 678 679 if (IPV6_ADDR_MC_SCOPE(&mc->mca_addr) < 680 IPV6_ADDR_SCOPE_LINKLOCAL) 681 return; 682 683 spin_lock_bh(&mc->mca_lock); 684 if (mc->mca_flags&MAF_LOADED) { 685 mc->mca_flags &= ~MAF_LOADED; 686 if (ndisc_mc_map(&mc->mca_addr, buf, dev, 0) == 0) 687 dev_mc_del(dev, buf); 688 } 689 690 if (mc->mca_flags & MAF_NOREPORT) 691 goto done; 692 spin_unlock_bh(&mc->mca_lock); 693 694 if (!mc->idev->dead) 695 igmp6_leave_group(mc); 696 697 spin_lock_bh(&mc->mca_lock); 698 if (del_timer(&mc->mca_timer)) 699 atomic_dec(&mc->mca_refcnt); 700 done: 701 ip6_mc_clear_src(mc); 702 spin_unlock_bh(&mc->mca_lock); 703 } 704 705 /* 706 * deleted ifmcaddr6 manipulation 707 */ 708 static void mld_add_delrec(struct inet6_dev *idev, struct ifmcaddr6 *im) 709 { 710 struct ifmcaddr6 *pmc; 711 712 /* this is an "ifmcaddr6" for convenience; only the fields below 713 * are actually used. In particular, the refcnt and users are not 714 * used for management of the delete list. Using the same structure 715 * for deleted items allows change reports to use common code with 716 * non-deleted or query-response MCA's. 717 */ 718 pmc = kzalloc(sizeof(*pmc), GFP_ATOMIC); 719 if (!pmc) 720 return; 721 722 spin_lock_bh(&im->mca_lock); 723 spin_lock_init(&pmc->mca_lock); 724 pmc->idev = im->idev; 725 in6_dev_hold(idev); 726 pmc->mca_addr = im->mca_addr; 727 pmc->mca_crcount = idev->mc_qrv; 728 pmc->mca_sfmode = im->mca_sfmode; 729 if (pmc->mca_sfmode == MCAST_INCLUDE) { 730 struct ip6_sf_list *psf; 731 732 pmc->mca_tomb = im->mca_tomb; 733 pmc->mca_sources = im->mca_sources; 734 im->mca_tomb = im->mca_sources = NULL; 735 for (psf = pmc->mca_sources; psf; psf = psf->sf_next) 736 psf->sf_crcount = pmc->mca_crcount; 737 } 738 spin_unlock_bh(&im->mca_lock); 739 740 spin_lock_bh(&idev->mc_lock); 741 pmc->next = idev->mc_tomb; 742 idev->mc_tomb = pmc; 743 spin_unlock_bh(&idev->mc_lock); 744 } 745 746 static void mld_del_delrec(struct inet6_dev *idev, const struct in6_addr *pmca) 747 { 748 struct ifmcaddr6 *pmc, *pmc_prev; 749 struct ip6_sf_list *psf, *psf_next; 750 751 spin_lock_bh(&idev->mc_lock); 752 pmc_prev = NULL; 753 for (pmc = idev->mc_tomb; pmc; pmc = pmc->next) { 754 if (ipv6_addr_equal(&pmc->mca_addr, pmca)) 755 break; 756 pmc_prev = pmc; 757 } 758 if (pmc) { 759 if (pmc_prev) 760 pmc_prev->next = pmc->next; 761 else 762 idev->mc_tomb = pmc->next; 763 } 764 spin_unlock_bh(&idev->mc_lock); 765 766 if (pmc) { 767 for (psf = pmc->mca_tomb; psf; psf = psf_next) { 768 psf_next = psf->sf_next; 769 kfree(psf); 770 } 771 in6_dev_put(pmc->idev); 772 kfree(pmc); 773 } 774 } 775 776 static void mld_clear_delrec(struct inet6_dev *idev) 777 { 778 struct ifmcaddr6 *pmc, *nextpmc; 779 780 spin_lock_bh(&idev->mc_lock); 781 pmc = idev->mc_tomb; 782 idev->mc_tomb = NULL; 783 spin_unlock_bh(&idev->mc_lock); 784 785 for (; pmc; pmc = nextpmc) { 786 nextpmc = pmc->next; 787 ip6_mc_clear_src(pmc); 788 in6_dev_put(pmc->idev); 789 kfree(pmc); 790 } 791 792 /* clear dead sources, too */ 793 read_lock_bh(&idev->lock); 794 for (pmc = idev->mc_list; pmc; pmc = pmc->next) { 795 struct ip6_sf_list *psf, *psf_next; 796 797 spin_lock_bh(&pmc->mca_lock); 798 psf = pmc->mca_tomb; 799 pmc->mca_tomb = NULL; 800 spin_unlock_bh(&pmc->mca_lock); 801 for (; psf; psf = psf_next) { 802 psf_next = psf->sf_next; 803 kfree(psf); 804 } 805 } 806 read_unlock_bh(&idev->lock); 807 } 808 809 static void mca_get(struct ifmcaddr6 *mc) 810 { 811 atomic_inc(&mc->mca_refcnt); 812 } 813 814 static void ma_put(struct ifmcaddr6 *mc) 815 { 816 if (atomic_dec_and_test(&mc->mca_refcnt)) { 817 in6_dev_put(mc->idev); 818 kfree(mc); 819 } 820 } 821 822 static struct ifmcaddr6 *mca_alloc(struct inet6_dev *idev, 823 const struct in6_addr *addr) 824 { 825 struct ifmcaddr6 *mc; 826 827 mc = kzalloc(sizeof(*mc), GFP_ATOMIC); 828 if (mc == NULL) 829 return NULL; 830 831 setup_timer(&mc->mca_timer, igmp6_timer_handler, (unsigned long)mc); 832 833 mc->mca_addr = *addr; 834 mc->idev = idev; /* reference taken by caller */ 835 mc->mca_users = 1; 836 /* mca_stamp should be updated upon changes */ 837 mc->mca_cstamp = mc->mca_tstamp = jiffies; 838 atomic_set(&mc->mca_refcnt, 1); 839 spin_lock_init(&mc->mca_lock); 840 841 /* initial mode is (EX, empty) */ 842 mc->mca_sfmode = MCAST_EXCLUDE; 843 mc->mca_sfcount[MCAST_EXCLUDE] = 1; 844 845 if (ipv6_addr_is_ll_all_nodes(&mc->mca_addr) || 846 IPV6_ADDR_MC_SCOPE(&mc->mca_addr) < IPV6_ADDR_SCOPE_LINKLOCAL) 847 mc->mca_flags |= MAF_NOREPORT; 848 849 return mc; 850 } 851 852 /* 853 * device multicast group inc (add if not found) 854 */ 855 int ipv6_dev_mc_inc(struct net_device *dev, const struct in6_addr *addr) 856 { 857 struct ifmcaddr6 *mc; 858 struct inet6_dev *idev; 859 860 ASSERT_RTNL(); 861 862 /* we need to take a reference on idev */ 863 idev = in6_dev_get(dev); 864 865 if (idev == NULL) 866 return -EINVAL; 867 868 write_lock_bh(&idev->lock); 869 if (idev->dead) { 870 write_unlock_bh(&idev->lock); 871 in6_dev_put(idev); 872 return -ENODEV; 873 } 874 875 for (mc = idev->mc_list; mc; mc = mc->next) { 876 if (ipv6_addr_equal(&mc->mca_addr, addr)) { 877 mc->mca_users++; 878 write_unlock_bh(&idev->lock); 879 ip6_mc_add_src(idev, &mc->mca_addr, MCAST_EXCLUDE, 0, 880 NULL, 0); 881 in6_dev_put(idev); 882 return 0; 883 } 884 } 885 886 mc = mca_alloc(idev, addr); 887 if (!mc) { 888 write_unlock_bh(&idev->lock); 889 in6_dev_put(idev); 890 return -ENOMEM; 891 } 892 893 mc->next = idev->mc_list; 894 idev->mc_list = mc; 895 896 /* Hold this for the code below before we unlock, 897 * it is already exposed via idev->mc_list. 898 */ 899 mca_get(mc); 900 write_unlock_bh(&idev->lock); 901 902 mld_del_delrec(idev, &mc->mca_addr); 903 igmp6_group_added(mc); 904 ma_put(mc); 905 return 0; 906 } 907 908 /* 909 * device multicast group del 910 */ 911 int __ipv6_dev_mc_dec(struct inet6_dev *idev, const struct in6_addr *addr) 912 { 913 struct ifmcaddr6 *ma, **map; 914 915 ASSERT_RTNL(); 916 917 write_lock_bh(&idev->lock); 918 for (map = &idev->mc_list; (ma = *map) != NULL; map = &ma->next) { 919 if (ipv6_addr_equal(&ma->mca_addr, addr)) { 920 if (--ma->mca_users == 0) { 921 *map = ma->next; 922 write_unlock_bh(&idev->lock); 923 924 igmp6_group_dropped(ma); 925 926 ma_put(ma); 927 return 0; 928 } 929 write_unlock_bh(&idev->lock); 930 return 0; 931 } 932 } 933 write_unlock_bh(&idev->lock); 934 935 return -ENOENT; 936 } 937 938 int ipv6_dev_mc_dec(struct net_device *dev, const struct in6_addr *addr) 939 { 940 struct inet6_dev *idev; 941 int err; 942 943 ASSERT_RTNL(); 944 945 idev = __in6_dev_get(dev); 946 if (!idev) 947 err = -ENODEV; 948 else 949 err = __ipv6_dev_mc_dec(idev, addr); 950 951 return err; 952 } 953 954 /* 955 * check if the interface/address pair is valid 956 */ 957 bool ipv6_chk_mcast_addr(struct net_device *dev, const struct in6_addr *group, 958 const struct in6_addr *src_addr) 959 { 960 struct inet6_dev *idev; 961 struct ifmcaddr6 *mc; 962 bool rv = false; 963 964 rcu_read_lock(); 965 idev = __in6_dev_get(dev); 966 if (idev) { 967 read_lock_bh(&idev->lock); 968 for (mc = idev->mc_list; mc; mc = mc->next) { 969 if (ipv6_addr_equal(&mc->mca_addr, group)) 970 break; 971 } 972 if (mc) { 973 if (src_addr && !ipv6_addr_any(src_addr)) { 974 struct ip6_sf_list *psf; 975 976 spin_lock_bh(&mc->mca_lock); 977 for (psf = mc->mca_sources; psf; psf = psf->sf_next) { 978 if (ipv6_addr_equal(&psf->sf_addr, src_addr)) 979 break; 980 } 981 if (psf) 982 rv = psf->sf_count[MCAST_INCLUDE] || 983 psf->sf_count[MCAST_EXCLUDE] != 984 mc->mca_sfcount[MCAST_EXCLUDE]; 985 else 986 rv = mc->mca_sfcount[MCAST_EXCLUDE] != 0; 987 spin_unlock_bh(&mc->mca_lock); 988 } else 989 rv = true; /* don't filter unspecified source */ 990 } 991 read_unlock_bh(&idev->lock); 992 } 993 rcu_read_unlock(); 994 return rv; 995 } 996 997 static void mld_gq_start_timer(struct inet6_dev *idev) 998 { 999 unsigned long tv = prandom_u32() % idev->mc_maxdelay; 1000 1001 idev->mc_gq_running = 1; 1002 if (!mod_timer(&idev->mc_gq_timer, jiffies+tv+2)) 1003 in6_dev_hold(idev); 1004 } 1005 1006 static void mld_gq_stop_timer(struct inet6_dev *idev) 1007 { 1008 idev->mc_gq_running = 0; 1009 if (del_timer(&idev->mc_gq_timer)) 1010 __in6_dev_put(idev); 1011 } 1012 1013 static void mld_ifc_start_timer(struct inet6_dev *idev, unsigned long delay) 1014 { 1015 unsigned long tv = prandom_u32() % delay; 1016 1017 if (!mod_timer(&idev->mc_ifc_timer, jiffies+tv+2)) 1018 in6_dev_hold(idev); 1019 } 1020 1021 static void mld_ifc_stop_timer(struct inet6_dev *idev) 1022 { 1023 idev->mc_ifc_count = 0; 1024 if (del_timer(&idev->mc_ifc_timer)) 1025 __in6_dev_put(idev); 1026 } 1027 1028 static void mld_dad_start_timer(struct inet6_dev *idev, unsigned long delay) 1029 { 1030 unsigned long tv = prandom_u32() % delay; 1031 1032 if (!mod_timer(&idev->mc_dad_timer, jiffies+tv+2)) 1033 in6_dev_hold(idev); 1034 } 1035 1036 static void mld_dad_stop_timer(struct inet6_dev *idev) 1037 { 1038 if (del_timer(&idev->mc_dad_timer)) 1039 __in6_dev_put(idev); 1040 } 1041 1042 /* 1043 * IGMP handling (alias multicast ICMPv6 messages) 1044 */ 1045 1046 static void igmp6_group_queried(struct ifmcaddr6 *ma, unsigned long resptime) 1047 { 1048 unsigned long delay = resptime; 1049 1050 /* Do not start timer for these addresses */ 1051 if (ipv6_addr_is_ll_all_nodes(&ma->mca_addr) || 1052 IPV6_ADDR_MC_SCOPE(&ma->mca_addr) < IPV6_ADDR_SCOPE_LINKLOCAL) 1053 return; 1054 1055 if (del_timer(&ma->mca_timer)) { 1056 atomic_dec(&ma->mca_refcnt); 1057 delay = ma->mca_timer.expires - jiffies; 1058 } 1059 1060 if (delay >= resptime) 1061 delay = prandom_u32() % resptime; 1062 1063 ma->mca_timer.expires = jiffies + delay; 1064 if (!mod_timer(&ma->mca_timer, jiffies + delay)) 1065 atomic_inc(&ma->mca_refcnt); 1066 ma->mca_flags |= MAF_TIMER_RUNNING; 1067 } 1068 1069 /* mark EXCLUDE-mode sources */ 1070 static bool mld_xmarksources(struct ifmcaddr6 *pmc, int nsrcs, 1071 const struct in6_addr *srcs) 1072 { 1073 struct ip6_sf_list *psf; 1074 int i, scount; 1075 1076 scount = 0; 1077 for (psf = pmc->mca_sources; psf; psf = psf->sf_next) { 1078 if (scount == nsrcs) 1079 break; 1080 for (i = 0; i < nsrcs; i++) { 1081 /* skip inactive filters */ 1082 if (psf->sf_count[MCAST_INCLUDE] || 1083 pmc->mca_sfcount[MCAST_EXCLUDE] != 1084 psf->sf_count[MCAST_EXCLUDE]) 1085 break; 1086 if (ipv6_addr_equal(&srcs[i], &psf->sf_addr)) { 1087 scount++; 1088 break; 1089 } 1090 } 1091 } 1092 pmc->mca_flags &= ~MAF_GSQUERY; 1093 if (scount == nsrcs) /* all sources excluded */ 1094 return false; 1095 return true; 1096 } 1097 1098 static bool mld_marksources(struct ifmcaddr6 *pmc, int nsrcs, 1099 const struct in6_addr *srcs) 1100 { 1101 struct ip6_sf_list *psf; 1102 int i, scount; 1103 1104 if (pmc->mca_sfmode == MCAST_EXCLUDE) 1105 return mld_xmarksources(pmc, nsrcs, srcs); 1106 1107 /* mark INCLUDE-mode sources */ 1108 1109 scount = 0; 1110 for (psf = pmc->mca_sources; psf; psf = psf->sf_next) { 1111 if (scount == nsrcs) 1112 break; 1113 for (i = 0; i < nsrcs; i++) { 1114 if (ipv6_addr_equal(&srcs[i], &psf->sf_addr)) { 1115 psf->sf_gsresp = 1; 1116 scount++; 1117 break; 1118 } 1119 } 1120 } 1121 if (!scount) { 1122 pmc->mca_flags &= ~MAF_GSQUERY; 1123 return false; 1124 } 1125 pmc->mca_flags |= MAF_GSQUERY; 1126 return true; 1127 } 1128 1129 static int mld_force_mld_version(const struct inet6_dev *idev) 1130 { 1131 /* Normally, both are 0 here. If enforcement to a particular is 1132 * being used, individual device enforcement will have a lower 1133 * precedence over 'all' device (.../conf/all/force_mld_version). 1134 */ 1135 1136 if (dev_net(idev->dev)->ipv6.devconf_all->force_mld_version != 0) 1137 return dev_net(idev->dev)->ipv6.devconf_all->force_mld_version; 1138 else 1139 return idev->cnf.force_mld_version; 1140 } 1141 1142 static bool mld_in_v2_mode_only(const struct inet6_dev *idev) 1143 { 1144 return mld_force_mld_version(idev) == 2; 1145 } 1146 1147 static bool mld_in_v1_mode_only(const struct inet6_dev *idev) 1148 { 1149 return mld_force_mld_version(idev) == 1; 1150 } 1151 1152 static bool mld_in_v1_mode(const struct inet6_dev *idev) 1153 { 1154 if (mld_in_v2_mode_only(idev)) 1155 return false; 1156 if (mld_in_v1_mode_only(idev)) 1157 return true; 1158 if (idev->mc_v1_seen && time_before(jiffies, idev->mc_v1_seen)) 1159 return true; 1160 1161 return false; 1162 } 1163 1164 static void mld_set_v1_mode(struct inet6_dev *idev) 1165 { 1166 /* RFC3810, relevant sections: 1167 * - 9.1. Robustness Variable 1168 * - 9.2. Query Interval 1169 * - 9.3. Query Response Interval 1170 * - 9.12. Older Version Querier Present Timeout 1171 */ 1172 unsigned long switchback; 1173 1174 switchback = (idev->mc_qrv * idev->mc_qi) + idev->mc_qri; 1175 1176 idev->mc_v1_seen = jiffies + switchback; 1177 } 1178 1179 static void mld_update_qrv(struct inet6_dev *idev, 1180 const struct mld2_query *mlh2) 1181 { 1182 /* RFC3810, relevant sections: 1183 * - 5.1.8. QRV (Querier's Robustness Variable) 1184 * - 9.1. Robustness Variable 1185 */ 1186 1187 /* The value of the Robustness Variable MUST NOT be zero, 1188 * and SHOULD NOT be one. Catch this here if we ever run 1189 * into such a case in future. 1190 */ 1191 const int min_qrv = min(MLD_QRV_DEFAULT, sysctl_mld_qrv); 1192 WARN_ON(idev->mc_qrv == 0); 1193 1194 if (mlh2->mld2q_qrv > 0) 1195 idev->mc_qrv = mlh2->mld2q_qrv; 1196 1197 if (unlikely(idev->mc_qrv < min_qrv)) { 1198 net_warn_ratelimited("IPv6: MLD: clamping QRV from %u to %u!\n", 1199 idev->mc_qrv, min_qrv); 1200 idev->mc_qrv = min_qrv; 1201 } 1202 } 1203 1204 static void mld_update_qi(struct inet6_dev *idev, 1205 const struct mld2_query *mlh2) 1206 { 1207 /* RFC3810, relevant sections: 1208 * - 5.1.9. QQIC (Querier's Query Interval Code) 1209 * - 9.2. Query Interval 1210 * - 9.12. Older Version Querier Present Timeout 1211 * (the [Query Interval] in the last Query received) 1212 */ 1213 unsigned long mc_qqi; 1214 1215 if (mlh2->mld2q_qqic < 128) { 1216 mc_qqi = mlh2->mld2q_qqic; 1217 } else { 1218 unsigned long mc_man, mc_exp; 1219 1220 mc_exp = MLDV2_QQIC_EXP(mlh2->mld2q_qqic); 1221 mc_man = MLDV2_QQIC_MAN(mlh2->mld2q_qqic); 1222 1223 mc_qqi = (mc_man | 0x10) << (mc_exp + 3); 1224 } 1225 1226 idev->mc_qi = mc_qqi * HZ; 1227 } 1228 1229 static void mld_update_qri(struct inet6_dev *idev, 1230 const struct mld2_query *mlh2) 1231 { 1232 /* RFC3810, relevant sections: 1233 * - 5.1.3. Maximum Response Code 1234 * - 9.3. Query Response Interval 1235 */ 1236 idev->mc_qri = msecs_to_jiffies(mldv2_mrc(mlh2)); 1237 } 1238 1239 static int mld_process_v1(struct inet6_dev *idev, struct mld_msg *mld, 1240 unsigned long *max_delay, bool v1_query) 1241 { 1242 unsigned long mldv1_md; 1243 1244 /* Ignore v1 queries */ 1245 if (mld_in_v2_mode_only(idev)) 1246 return -EINVAL; 1247 1248 mldv1_md = ntohs(mld->mld_maxdelay); 1249 1250 /* When in MLDv1 fallback and a MLDv2 router start-up being 1251 * unaware of current MLDv1 operation, the MRC == MRD mapping 1252 * only works when the exponential algorithm is not being 1253 * used (as MLDv1 is unaware of such things). 1254 * 1255 * According to the RFC author, the MLDv2 implementations 1256 * he's aware of all use a MRC < 32768 on start up queries. 1257 * 1258 * Thus, should we *ever* encounter something else larger 1259 * than that, just assume the maximum possible within our 1260 * reach. 1261 */ 1262 if (!v1_query) 1263 mldv1_md = min(mldv1_md, MLDV1_MRD_MAX_COMPAT); 1264 1265 *max_delay = max(msecs_to_jiffies(mldv1_md), 1UL); 1266 1267 /* MLDv1 router present: we need to go into v1 mode *only* 1268 * when an MLDv1 query is received as per section 9.12. of 1269 * RFC3810! And we know from RFC2710 section 3.7 that MLDv1 1270 * queries MUST be of exactly 24 octets. 1271 */ 1272 if (v1_query) 1273 mld_set_v1_mode(idev); 1274 1275 /* cancel MLDv2 report timer */ 1276 mld_gq_stop_timer(idev); 1277 /* cancel the interface change timer */ 1278 mld_ifc_stop_timer(idev); 1279 /* clear deleted report items */ 1280 mld_clear_delrec(idev); 1281 1282 return 0; 1283 } 1284 1285 static int mld_process_v2(struct inet6_dev *idev, struct mld2_query *mld, 1286 unsigned long *max_delay) 1287 { 1288 *max_delay = max(msecs_to_jiffies(mldv2_mrc(mld)), 1UL); 1289 1290 mld_update_qrv(idev, mld); 1291 mld_update_qi(idev, mld); 1292 mld_update_qri(idev, mld); 1293 1294 idev->mc_maxdelay = *max_delay; 1295 1296 return 0; 1297 } 1298 1299 /* called with rcu_read_lock() */ 1300 int igmp6_event_query(struct sk_buff *skb) 1301 { 1302 struct mld2_query *mlh2 = NULL; 1303 struct ifmcaddr6 *ma; 1304 const struct in6_addr *group; 1305 unsigned long max_delay; 1306 struct inet6_dev *idev; 1307 struct mld_msg *mld; 1308 int group_type; 1309 int mark = 0; 1310 int len, err; 1311 1312 if (!pskb_may_pull(skb, sizeof(struct in6_addr))) 1313 return -EINVAL; 1314 1315 /* compute payload length excluding extension headers */ 1316 len = ntohs(ipv6_hdr(skb)->payload_len) + sizeof(struct ipv6hdr); 1317 len -= skb_network_header_len(skb); 1318 1319 /* RFC3810 6.2 1320 * Upon reception of an MLD message that contains a Query, the node 1321 * checks if the source address of the message is a valid link-local 1322 * address, if the Hop Limit is set to 1, and if the Router Alert 1323 * option is present in the Hop-By-Hop Options header of the IPv6 1324 * packet. If any of these checks fails, the packet is dropped. 1325 */ 1326 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL) || 1327 ipv6_hdr(skb)->hop_limit != 1 || 1328 !(IP6CB(skb)->flags & IP6SKB_ROUTERALERT) || 1329 IP6CB(skb)->ra != htons(IPV6_OPT_ROUTERALERT_MLD)) 1330 return -EINVAL; 1331 1332 idev = __in6_dev_get(skb->dev); 1333 if (idev == NULL) 1334 return 0; 1335 1336 mld = (struct mld_msg *)icmp6_hdr(skb); 1337 group = &mld->mld_mca; 1338 group_type = ipv6_addr_type(group); 1339 1340 if (group_type != IPV6_ADDR_ANY && 1341 !(group_type&IPV6_ADDR_MULTICAST)) 1342 return -EINVAL; 1343 1344 if (len < MLD_V1_QUERY_LEN) { 1345 return -EINVAL; 1346 } else if (len == MLD_V1_QUERY_LEN || mld_in_v1_mode(idev)) { 1347 err = mld_process_v1(idev, mld, &max_delay, 1348 len == MLD_V1_QUERY_LEN); 1349 if (err < 0) 1350 return err; 1351 } else if (len >= MLD_V2_QUERY_LEN_MIN) { 1352 int srcs_offset = sizeof(struct mld2_query) - 1353 sizeof(struct icmp6hdr); 1354 1355 if (!pskb_may_pull(skb, srcs_offset)) 1356 return -EINVAL; 1357 1358 mlh2 = (struct mld2_query *)skb_transport_header(skb); 1359 1360 err = mld_process_v2(idev, mlh2, &max_delay); 1361 if (err < 0) 1362 return err; 1363 1364 if (group_type == IPV6_ADDR_ANY) { /* general query */ 1365 if (mlh2->mld2q_nsrcs) 1366 return -EINVAL; /* no sources allowed */ 1367 1368 mld_gq_start_timer(idev); 1369 return 0; 1370 } 1371 /* mark sources to include, if group & source-specific */ 1372 if (mlh2->mld2q_nsrcs != 0) { 1373 if (!pskb_may_pull(skb, srcs_offset + 1374 ntohs(mlh2->mld2q_nsrcs) * sizeof(struct in6_addr))) 1375 return -EINVAL; 1376 1377 mlh2 = (struct mld2_query *)skb_transport_header(skb); 1378 mark = 1; 1379 } 1380 } else { 1381 return -EINVAL; 1382 } 1383 1384 read_lock_bh(&idev->lock); 1385 if (group_type == IPV6_ADDR_ANY) { 1386 for (ma = idev->mc_list; ma; ma = ma->next) { 1387 spin_lock_bh(&ma->mca_lock); 1388 igmp6_group_queried(ma, max_delay); 1389 spin_unlock_bh(&ma->mca_lock); 1390 } 1391 } else { 1392 for (ma = idev->mc_list; ma; ma = ma->next) { 1393 if (!ipv6_addr_equal(group, &ma->mca_addr)) 1394 continue; 1395 spin_lock_bh(&ma->mca_lock); 1396 if (ma->mca_flags & MAF_TIMER_RUNNING) { 1397 /* gsquery <- gsquery && mark */ 1398 if (!mark) 1399 ma->mca_flags &= ~MAF_GSQUERY; 1400 } else { 1401 /* gsquery <- mark */ 1402 if (mark) 1403 ma->mca_flags |= MAF_GSQUERY; 1404 else 1405 ma->mca_flags &= ~MAF_GSQUERY; 1406 } 1407 if (!(ma->mca_flags & MAF_GSQUERY) || 1408 mld_marksources(ma, ntohs(mlh2->mld2q_nsrcs), mlh2->mld2q_srcs)) 1409 igmp6_group_queried(ma, max_delay); 1410 spin_unlock_bh(&ma->mca_lock); 1411 break; 1412 } 1413 } 1414 read_unlock_bh(&idev->lock); 1415 1416 return 0; 1417 } 1418 1419 /* called with rcu_read_lock() */ 1420 int igmp6_event_report(struct sk_buff *skb) 1421 { 1422 struct ifmcaddr6 *ma; 1423 struct inet6_dev *idev; 1424 struct mld_msg *mld; 1425 int addr_type; 1426 1427 /* Our own report looped back. Ignore it. */ 1428 if (skb->pkt_type == PACKET_LOOPBACK) 1429 return 0; 1430 1431 /* send our report if the MC router may not have heard this report */ 1432 if (skb->pkt_type != PACKET_MULTICAST && 1433 skb->pkt_type != PACKET_BROADCAST) 1434 return 0; 1435 1436 if (!pskb_may_pull(skb, sizeof(*mld) - sizeof(struct icmp6hdr))) 1437 return -EINVAL; 1438 1439 mld = (struct mld_msg *)icmp6_hdr(skb); 1440 1441 /* Drop reports with not link local source */ 1442 addr_type = ipv6_addr_type(&ipv6_hdr(skb)->saddr); 1443 if (addr_type != IPV6_ADDR_ANY && 1444 !(addr_type&IPV6_ADDR_LINKLOCAL)) 1445 return -EINVAL; 1446 1447 idev = __in6_dev_get(skb->dev); 1448 if (idev == NULL) 1449 return -ENODEV; 1450 1451 /* 1452 * Cancel the timer for this group 1453 */ 1454 1455 read_lock_bh(&idev->lock); 1456 for (ma = idev->mc_list; ma; ma = ma->next) { 1457 if (ipv6_addr_equal(&ma->mca_addr, &mld->mld_mca)) { 1458 spin_lock(&ma->mca_lock); 1459 if (del_timer(&ma->mca_timer)) 1460 atomic_dec(&ma->mca_refcnt); 1461 ma->mca_flags &= ~(MAF_LAST_REPORTER|MAF_TIMER_RUNNING); 1462 spin_unlock(&ma->mca_lock); 1463 break; 1464 } 1465 } 1466 read_unlock_bh(&idev->lock); 1467 return 0; 1468 } 1469 1470 static bool is_in(struct ifmcaddr6 *pmc, struct ip6_sf_list *psf, int type, 1471 int gdeleted, int sdeleted) 1472 { 1473 switch (type) { 1474 case MLD2_MODE_IS_INCLUDE: 1475 case MLD2_MODE_IS_EXCLUDE: 1476 if (gdeleted || sdeleted) 1477 return false; 1478 if (!((pmc->mca_flags & MAF_GSQUERY) && !psf->sf_gsresp)) { 1479 if (pmc->mca_sfmode == MCAST_INCLUDE) 1480 return true; 1481 /* don't include if this source is excluded 1482 * in all filters 1483 */ 1484 if (psf->sf_count[MCAST_INCLUDE]) 1485 return type == MLD2_MODE_IS_INCLUDE; 1486 return pmc->mca_sfcount[MCAST_EXCLUDE] == 1487 psf->sf_count[MCAST_EXCLUDE]; 1488 } 1489 return false; 1490 case MLD2_CHANGE_TO_INCLUDE: 1491 if (gdeleted || sdeleted) 1492 return false; 1493 return psf->sf_count[MCAST_INCLUDE] != 0; 1494 case MLD2_CHANGE_TO_EXCLUDE: 1495 if (gdeleted || sdeleted) 1496 return false; 1497 if (pmc->mca_sfcount[MCAST_EXCLUDE] == 0 || 1498 psf->sf_count[MCAST_INCLUDE]) 1499 return false; 1500 return pmc->mca_sfcount[MCAST_EXCLUDE] == 1501 psf->sf_count[MCAST_EXCLUDE]; 1502 case MLD2_ALLOW_NEW_SOURCES: 1503 if (gdeleted || !psf->sf_crcount) 1504 return false; 1505 return (pmc->mca_sfmode == MCAST_INCLUDE) ^ sdeleted; 1506 case MLD2_BLOCK_OLD_SOURCES: 1507 if (pmc->mca_sfmode == MCAST_INCLUDE) 1508 return gdeleted || (psf->sf_crcount && sdeleted); 1509 return psf->sf_crcount && !gdeleted && !sdeleted; 1510 } 1511 return false; 1512 } 1513 1514 static int 1515 mld_scount(struct ifmcaddr6 *pmc, int type, int gdeleted, int sdeleted) 1516 { 1517 struct ip6_sf_list *psf; 1518 int scount = 0; 1519 1520 for (psf = pmc->mca_sources; psf; psf = psf->sf_next) { 1521 if (!is_in(pmc, psf, type, gdeleted, sdeleted)) 1522 continue; 1523 scount++; 1524 } 1525 return scount; 1526 } 1527 1528 static void ip6_mc_hdr(struct sock *sk, struct sk_buff *skb, 1529 struct net_device *dev, 1530 const struct in6_addr *saddr, 1531 const struct in6_addr *daddr, 1532 int proto, int len) 1533 { 1534 struct ipv6hdr *hdr; 1535 1536 skb->protocol = htons(ETH_P_IPV6); 1537 skb->dev = dev; 1538 1539 skb_reset_network_header(skb); 1540 skb_put(skb, sizeof(struct ipv6hdr)); 1541 hdr = ipv6_hdr(skb); 1542 1543 ip6_flow_hdr(hdr, 0, 0); 1544 1545 hdr->payload_len = htons(len); 1546 hdr->nexthdr = proto; 1547 hdr->hop_limit = inet6_sk(sk)->hop_limit; 1548 1549 hdr->saddr = *saddr; 1550 hdr->daddr = *daddr; 1551 } 1552 1553 static struct sk_buff *mld_newpack(struct inet6_dev *idev, int size) 1554 { 1555 struct net_device *dev = idev->dev; 1556 struct net *net = dev_net(dev); 1557 struct sock *sk = net->ipv6.igmp_sk; 1558 struct sk_buff *skb; 1559 struct mld2_report *pmr; 1560 struct in6_addr addr_buf; 1561 const struct in6_addr *saddr; 1562 int hlen = LL_RESERVED_SPACE(dev); 1563 int tlen = dev->needed_tailroom; 1564 int err; 1565 u8 ra[8] = { IPPROTO_ICMPV6, 0, 1566 IPV6_TLV_ROUTERALERT, 2, 0, 0, 1567 IPV6_TLV_PADN, 0 }; 1568 1569 /* we assume size > sizeof(ra) here */ 1570 size += hlen + tlen; 1571 /* limit our allocations to order-0 page */ 1572 size = min_t(int, size, SKB_MAX_ORDER(0, 0)); 1573 skb = sock_alloc_send_skb(sk, size, 1, &err); 1574 1575 if (!skb) 1576 return NULL; 1577 1578 skb->priority = TC_PRIO_CONTROL; 1579 skb_reserve(skb, hlen); 1580 1581 if (__ipv6_get_lladdr(idev, &addr_buf, IFA_F_TENTATIVE)) { 1582 /* <draft-ietf-magma-mld-source-05.txt>: 1583 * use unspecified address as the source address 1584 * when a valid link-local address is not available. 1585 */ 1586 saddr = &in6addr_any; 1587 } else 1588 saddr = &addr_buf; 1589 1590 ip6_mc_hdr(sk, skb, dev, saddr, &mld2_all_mcr, NEXTHDR_HOP, 0); 1591 1592 memcpy(skb_put(skb, sizeof(ra)), ra, sizeof(ra)); 1593 1594 skb_set_transport_header(skb, skb_tail_pointer(skb) - skb->data); 1595 skb_put(skb, sizeof(*pmr)); 1596 pmr = (struct mld2_report *)skb_transport_header(skb); 1597 pmr->mld2r_type = ICMPV6_MLD2_REPORT; 1598 pmr->mld2r_resv1 = 0; 1599 pmr->mld2r_cksum = 0; 1600 pmr->mld2r_resv2 = 0; 1601 pmr->mld2r_ngrec = 0; 1602 return skb; 1603 } 1604 1605 static void mld_sendpack(struct sk_buff *skb) 1606 { 1607 struct ipv6hdr *pip6 = ipv6_hdr(skb); 1608 struct mld2_report *pmr = 1609 (struct mld2_report *)skb_transport_header(skb); 1610 int payload_len, mldlen; 1611 struct inet6_dev *idev; 1612 struct net *net = dev_net(skb->dev); 1613 int err; 1614 struct flowi6 fl6; 1615 struct dst_entry *dst; 1616 1617 rcu_read_lock(); 1618 idev = __in6_dev_get(skb->dev); 1619 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len); 1620 1621 payload_len = (skb_tail_pointer(skb) - skb_network_header(skb)) - 1622 sizeof(*pip6); 1623 mldlen = skb_tail_pointer(skb) - skb_transport_header(skb); 1624 pip6->payload_len = htons(payload_len); 1625 1626 pmr->mld2r_cksum = csum_ipv6_magic(&pip6->saddr, &pip6->daddr, mldlen, 1627 IPPROTO_ICMPV6, 1628 csum_partial(skb_transport_header(skb), 1629 mldlen, 0)); 1630 1631 icmpv6_flow_init(net->ipv6.igmp_sk, &fl6, ICMPV6_MLD2_REPORT, 1632 &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr, 1633 skb->dev->ifindex); 1634 dst = icmp6_dst_alloc(skb->dev, &fl6); 1635 1636 err = 0; 1637 if (IS_ERR(dst)) { 1638 err = PTR_ERR(dst); 1639 dst = NULL; 1640 } 1641 skb_dst_set(skb, dst); 1642 if (err) 1643 goto err_out; 1644 1645 payload_len = skb->len; 1646 1647 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, skb->dev, 1648 dst_output); 1649 out: 1650 if (!err) { 1651 ICMP6MSGOUT_INC_STATS(net, idev, ICMPV6_MLD2_REPORT); 1652 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS); 1653 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUTMCAST, payload_len); 1654 } else { 1655 IP6_INC_STATS(net, idev, IPSTATS_MIB_OUTDISCARDS); 1656 } 1657 1658 rcu_read_unlock(); 1659 return; 1660 1661 err_out: 1662 kfree_skb(skb); 1663 goto out; 1664 } 1665 1666 static int grec_size(struct ifmcaddr6 *pmc, int type, int gdel, int sdel) 1667 { 1668 return sizeof(struct mld2_grec) + 16 * mld_scount(pmc,type,gdel,sdel); 1669 } 1670 1671 static struct sk_buff *add_grhead(struct sk_buff *skb, struct ifmcaddr6 *pmc, 1672 int type, struct mld2_grec **ppgr) 1673 { 1674 struct net_device *dev = pmc->idev->dev; 1675 struct mld2_report *pmr; 1676 struct mld2_grec *pgr; 1677 1678 if (!skb) 1679 skb = mld_newpack(pmc->idev, dev->mtu); 1680 if (!skb) 1681 return NULL; 1682 pgr = (struct mld2_grec *)skb_put(skb, sizeof(struct mld2_grec)); 1683 pgr->grec_type = type; 1684 pgr->grec_auxwords = 0; 1685 pgr->grec_nsrcs = 0; 1686 pgr->grec_mca = pmc->mca_addr; /* structure copy */ 1687 pmr = (struct mld2_report *)skb_transport_header(skb); 1688 pmr->mld2r_ngrec = htons(ntohs(pmr->mld2r_ngrec)+1); 1689 *ppgr = pgr; 1690 return skb; 1691 } 1692 1693 #define AVAILABLE(skb) ((skb) ? ((skb)->dev ? (skb)->dev->mtu - (skb)->len : \ 1694 skb_tailroom(skb)) : 0) 1695 1696 static struct sk_buff *add_grec(struct sk_buff *skb, struct ifmcaddr6 *pmc, 1697 int type, int gdeleted, int sdeleted, int crsend) 1698 { 1699 struct inet6_dev *idev = pmc->idev; 1700 struct net_device *dev = idev->dev; 1701 struct mld2_report *pmr; 1702 struct mld2_grec *pgr = NULL; 1703 struct ip6_sf_list *psf, *psf_next, *psf_prev, **psf_list; 1704 int scount, stotal, first, isquery, truncate; 1705 1706 if (pmc->mca_flags & MAF_NOREPORT) 1707 return skb; 1708 1709 isquery = type == MLD2_MODE_IS_INCLUDE || 1710 type == MLD2_MODE_IS_EXCLUDE; 1711 truncate = type == MLD2_MODE_IS_EXCLUDE || 1712 type == MLD2_CHANGE_TO_EXCLUDE; 1713 1714 stotal = scount = 0; 1715 1716 psf_list = sdeleted ? &pmc->mca_tomb : &pmc->mca_sources; 1717 1718 if (!*psf_list) 1719 goto empty_source; 1720 1721 pmr = skb ? (struct mld2_report *)skb_transport_header(skb) : NULL; 1722 1723 /* EX and TO_EX get a fresh packet, if needed */ 1724 if (truncate) { 1725 if (pmr && pmr->mld2r_ngrec && 1726 AVAILABLE(skb) < grec_size(pmc, type, gdeleted, sdeleted)) { 1727 if (skb) 1728 mld_sendpack(skb); 1729 skb = mld_newpack(idev, dev->mtu); 1730 } 1731 } 1732 first = 1; 1733 psf_prev = NULL; 1734 for (psf = *psf_list; psf; psf = psf_next) { 1735 struct in6_addr *psrc; 1736 1737 psf_next = psf->sf_next; 1738 1739 if (!is_in(pmc, psf, type, gdeleted, sdeleted)) { 1740 psf_prev = psf; 1741 continue; 1742 } 1743 1744 /* clear marks on query responses */ 1745 if (isquery) 1746 psf->sf_gsresp = 0; 1747 1748 if (AVAILABLE(skb) < sizeof(*psrc) + 1749 first*sizeof(struct mld2_grec)) { 1750 if (truncate && !first) 1751 break; /* truncate these */ 1752 if (pgr) 1753 pgr->grec_nsrcs = htons(scount); 1754 if (skb) 1755 mld_sendpack(skb); 1756 skb = mld_newpack(idev, dev->mtu); 1757 first = 1; 1758 scount = 0; 1759 } 1760 if (first) { 1761 skb = add_grhead(skb, pmc, type, &pgr); 1762 first = 0; 1763 } 1764 if (!skb) 1765 return NULL; 1766 psrc = (struct in6_addr *)skb_put(skb, sizeof(*psrc)); 1767 *psrc = psf->sf_addr; 1768 scount++; stotal++; 1769 if ((type == MLD2_ALLOW_NEW_SOURCES || 1770 type == MLD2_BLOCK_OLD_SOURCES) && psf->sf_crcount) { 1771 psf->sf_crcount--; 1772 if ((sdeleted || gdeleted) && psf->sf_crcount == 0) { 1773 if (psf_prev) 1774 psf_prev->sf_next = psf->sf_next; 1775 else 1776 *psf_list = psf->sf_next; 1777 kfree(psf); 1778 continue; 1779 } 1780 } 1781 psf_prev = psf; 1782 } 1783 1784 empty_source: 1785 if (!stotal) { 1786 if (type == MLD2_ALLOW_NEW_SOURCES || 1787 type == MLD2_BLOCK_OLD_SOURCES) 1788 return skb; 1789 if (pmc->mca_crcount || isquery || crsend) { 1790 /* make sure we have room for group header */ 1791 if (skb && AVAILABLE(skb) < sizeof(struct mld2_grec)) { 1792 mld_sendpack(skb); 1793 skb = NULL; /* add_grhead will get a new one */ 1794 } 1795 skb = add_grhead(skb, pmc, type, &pgr); 1796 } 1797 } 1798 if (pgr) 1799 pgr->grec_nsrcs = htons(scount); 1800 1801 if (isquery) 1802 pmc->mca_flags &= ~MAF_GSQUERY; /* clear query state */ 1803 return skb; 1804 } 1805 1806 static void mld_send_report(struct inet6_dev *idev, struct ifmcaddr6 *pmc) 1807 { 1808 struct sk_buff *skb = NULL; 1809 int type; 1810 1811 read_lock_bh(&idev->lock); 1812 if (!pmc) { 1813 for (pmc = idev->mc_list; pmc; pmc = pmc->next) { 1814 if (pmc->mca_flags & MAF_NOREPORT) 1815 continue; 1816 spin_lock_bh(&pmc->mca_lock); 1817 if (pmc->mca_sfcount[MCAST_EXCLUDE]) 1818 type = MLD2_MODE_IS_EXCLUDE; 1819 else 1820 type = MLD2_MODE_IS_INCLUDE; 1821 skb = add_grec(skb, pmc, type, 0, 0, 0); 1822 spin_unlock_bh(&pmc->mca_lock); 1823 } 1824 } else { 1825 spin_lock_bh(&pmc->mca_lock); 1826 if (pmc->mca_sfcount[MCAST_EXCLUDE]) 1827 type = MLD2_MODE_IS_EXCLUDE; 1828 else 1829 type = MLD2_MODE_IS_INCLUDE; 1830 skb = add_grec(skb, pmc, type, 0, 0, 0); 1831 spin_unlock_bh(&pmc->mca_lock); 1832 } 1833 read_unlock_bh(&idev->lock); 1834 if (skb) 1835 mld_sendpack(skb); 1836 } 1837 1838 /* 1839 * remove zero-count source records from a source filter list 1840 */ 1841 static void mld_clear_zeros(struct ip6_sf_list **ppsf) 1842 { 1843 struct ip6_sf_list *psf_prev, *psf_next, *psf; 1844 1845 psf_prev = NULL; 1846 for (psf = *ppsf; psf; psf = psf_next) { 1847 psf_next = psf->sf_next; 1848 if (psf->sf_crcount == 0) { 1849 if (psf_prev) 1850 psf_prev->sf_next = psf->sf_next; 1851 else 1852 *ppsf = psf->sf_next; 1853 kfree(psf); 1854 } else 1855 psf_prev = psf; 1856 } 1857 } 1858 1859 static void mld_send_cr(struct inet6_dev *idev) 1860 { 1861 struct ifmcaddr6 *pmc, *pmc_prev, *pmc_next; 1862 struct sk_buff *skb = NULL; 1863 int type, dtype; 1864 1865 read_lock_bh(&idev->lock); 1866 spin_lock(&idev->mc_lock); 1867 1868 /* deleted MCA's */ 1869 pmc_prev = NULL; 1870 for (pmc = idev->mc_tomb; pmc; pmc = pmc_next) { 1871 pmc_next = pmc->next; 1872 if (pmc->mca_sfmode == MCAST_INCLUDE) { 1873 type = MLD2_BLOCK_OLD_SOURCES; 1874 dtype = MLD2_BLOCK_OLD_SOURCES; 1875 skb = add_grec(skb, pmc, type, 1, 0, 0); 1876 skb = add_grec(skb, pmc, dtype, 1, 1, 0); 1877 } 1878 if (pmc->mca_crcount) { 1879 if (pmc->mca_sfmode == MCAST_EXCLUDE) { 1880 type = MLD2_CHANGE_TO_INCLUDE; 1881 skb = add_grec(skb, pmc, type, 1, 0, 0); 1882 } 1883 pmc->mca_crcount--; 1884 if (pmc->mca_crcount == 0) { 1885 mld_clear_zeros(&pmc->mca_tomb); 1886 mld_clear_zeros(&pmc->mca_sources); 1887 } 1888 } 1889 if (pmc->mca_crcount == 0 && !pmc->mca_tomb && 1890 !pmc->mca_sources) { 1891 if (pmc_prev) 1892 pmc_prev->next = pmc_next; 1893 else 1894 idev->mc_tomb = pmc_next; 1895 in6_dev_put(pmc->idev); 1896 kfree(pmc); 1897 } else 1898 pmc_prev = pmc; 1899 } 1900 spin_unlock(&idev->mc_lock); 1901 1902 /* change recs */ 1903 for (pmc = idev->mc_list; pmc; pmc = pmc->next) { 1904 spin_lock_bh(&pmc->mca_lock); 1905 if (pmc->mca_sfcount[MCAST_EXCLUDE]) { 1906 type = MLD2_BLOCK_OLD_SOURCES; 1907 dtype = MLD2_ALLOW_NEW_SOURCES; 1908 } else { 1909 type = MLD2_ALLOW_NEW_SOURCES; 1910 dtype = MLD2_BLOCK_OLD_SOURCES; 1911 } 1912 skb = add_grec(skb, pmc, type, 0, 0, 0); 1913 skb = add_grec(skb, pmc, dtype, 0, 1, 0); /* deleted sources */ 1914 1915 /* filter mode changes */ 1916 if (pmc->mca_crcount) { 1917 if (pmc->mca_sfmode == MCAST_EXCLUDE) 1918 type = MLD2_CHANGE_TO_EXCLUDE; 1919 else 1920 type = MLD2_CHANGE_TO_INCLUDE; 1921 skb = add_grec(skb, pmc, type, 0, 0, 0); 1922 pmc->mca_crcount--; 1923 } 1924 spin_unlock_bh(&pmc->mca_lock); 1925 } 1926 read_unlock_bh(&idev->lock); 1927 if (!skb) 1928 return; 1929 (void) mld_sendpack(skb); 1930 } 1931 1932 static void igmp6_send(struct in6_addr *addr, struct net_device *dev, int type) 1933 { 1934 struct net *net = dev_net(dev); 1935 struct sock *sk = net->ipv6.igmp_sk; 1936 struct inet6_dev *idev; 1937 struct sk_buff *skb; 1938 struct mld_msg *hdr; 1939 const struct in6_addr *snd_addr, *saddr; 1940 struct in6_addr addr_buf; 1941 int hlen = LL_RESERVED_SPACE(dev); 1942 int tlen = dev->needed_tailroom; 1943 int err, len, payload_len, full_len; 1944 u8 ra[8] = { IPPROTO_ICMPV6, 0, 1945 IPV6_TLV_ROUTERALERT, 2, 0, 0, 1946 IPV6_TLV_PADN, 0 }; 1947 struct flowi6 fl6; 1948 struct dst_entry *dst; 1949 1950 if (type == ICMPV6_MGM_REDUCTION) 1951 snd_addr = &in6addr_linklocal_allrouters; 1952 else 1953 snd_addr = addr; 1954 1955 len = sizeof(struct icmp6hdr) + sizeof(struct in6_addr); 1956 payload_len = len + sizeof(ra); 1957 full_len = sizeof(struct ipv6hdr) + payload_len; 1958 1959 rcu_read_lock(); 1960 IP6_UPD_PO_STATS(net, __in6_dev_get(dev), 1961 IPSTATS_MIB_OUT, full_len); 1962 rcu_read_unlock(); 1963 1964 skb = sock_alloc_send_skb(sk, hlen + tlen + full_len, 1, &err); 1965 1966 if (skb == NULL) { 1967 rcu_read_lock(); 1968 IP6_INC_STATS(net, __in6_dev_get(dev), 1969 IPSTATS_MIB_OUTDISCARDS); 1970 rcu_read_unlock(); 1971 return; 1972 } 1973 skb->priority = TC_PRIO_CONTROL; 1974 skb_reserve(skb, hlen); 1975 1976 if (ipv6_get_lladdr(dev, &addr_buf, IFA_F_TENTATIVE)) { 1977 /* <draft-ietf-magma-mld-source-05.txt>: 1978 * use unspecified address as the source address 1979 * when a valid link-local address is not available. 1980 */ 1981 saddr = &in6addr_any; 1982 } else 1983 saddr = &addr_buf; 1984 1985 ip6_mc_hdr(sk, skb, dev, saddr, snd_addr, NEXTHDR_HOP, payload_len); 1986 1987 memcpy(skb_put(skb, sizeof(ra)), ra, sizeof(ra)); 1988 1989 hdr = (struct mld_msg *) skb_put(skb, sizeof(struct mld_msg)); 1990 memset(hdr, 0, sizeof(struct mld_msg)); 1991 hdr->mld_type = type; 1992 hdr->mld_mca = *addr; 1993 1994 hdr->mld_cksum = csum_ipv6_magic(saddr, snd_addr, len, 1995 IPPROTO_ICMPV6, 1996 csum_partial(hdr, len, 0)); 1997 1998 rcu_read_lock(); 1999 idev = __in6_dev_get(skb->dev); 2000 2001 icmpv6_flow_init(sk, &fl6, type, 2002 &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr, 2003 skb->dev->ifindex); 2004 dst = icmp6_dst_alloc(skb->dev, &fl6); 2005 if (IS_ERR(dst)) { 2006 err = PTR_ERR(dst); 2007 goto err_out; 2008 } 2009 2010 skb_dst_set(skb, dst); 2011 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, skb->dev, 2012 dst_output); 2013 out: 2014 if (!err) { 2015 ICMP6MSGOUT_INC_STATS(net, idev, type); 2016 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS); 2017 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUTMCAST, full_len); 2018 } else 2019 IP6_INC_STATS(net, idev, IPSTATS_MIB_OUTDISCARDS); 2020 2021 rcu_read_unlock(); 2022 return; 2023 2024 err_out: 2025 kfree_skb(skb); 2026 goto out; 2027 } 2028 2029 static void mld_send_initial_cr(struct inet6_dev *idev) 2030 { 2031 struct sk_buff *skb; 2032 struct ifmcaddr6 *pmc; 2033 int type; 2034 2035 if (mld_in_v1_mode(idev)) 2036 return; 2037 2038 skb = NULL; 2039 read_lock_bh(&idev->lock); 2040 for (pmc = idev->mc_list; pmc; pmc = pmc->next) { 2041 spin_lock_bh(&pmc->mca_lock); 2042 if (pmc->mca_sfcount[MCAST_EXCLUDE]) 2043 type = MLD2_CHANGE_TO_EXCLUDE; 2044 else 2045 type = MLD2_CHANGE_TO_INCLUDE; 2046 skb = add_grec(skb, pmc, type, 0, 0, 1); 2047 spin_unlock_bh(&pmc->mca_lock); 2048 } 2049 read_unlock_bh(&idev->lock); 2050 if (skb) 2051 mld_sendpack(skb); 2052 } 2053 2054 void ipv6_mc_dad_complete(struct inet6_dev *idev) 2055 { 2056 idev->mc_dad_count = idev->mc_qrv; 2057 if (idev->mc_dad_count) { 2058 mld_send_initial_cr(idev); 2059 idev->mc_dad_count--; 2060 if (idev->mc_dad_count) 2061 mld_dad_start_timer(idev, idev->mc_maxdelay); 2062 } 2063 } 2064 2065 static void mld_dad_timer_expire(unsigned long data) 2066 { 2067 struct inet6_dev *idev = (struct inet6_dev *)data; 2068 2069 mld_send_initial_cr(idev); 2070 if (idev->mc_dad_count) { 2071 idev->mc_dad_count--; 2072 if (idev->mc_dad_count) 2073 mld_dad_start_timer(idev, idev->mc_maxdelay); 2074 } 2075 in6_dev_put(idev); 2076 } 2077 2078 static int ip6_mc_del1_src(struct ifmcaddr6 *pmc, int sfmode, 2079 const struct in6_addr *psfsrc) 2080 { 2081 struct ip6_sf_list *psf, *psf_prev; 2082 int rv = 0; 2083 2084 psf_prev = NULL; 2085 for (psf = pmc->mca_sources; psf; psf = psf->sf_next) { 2086 if (ipv6_addr_equal(&psf->sf_addr, psfsrc)) 2087 break; 2088 psf_prev = psf; 2089 } 2090 if (!psf || psf->sf_count[sfmode] == 0) { 2091 /* source filter not found, or count wrong => bug */ 2092 return -ESRCH; 2093 } 2094 psf->sf_count[sfmode]--; 2095 if (!psf->sf_count[MCAST_INCLUDE] && !psf->sf_count[MCAST_EXCLUDE]) { 2096 struct inet6_dev *idev = pmc->idev; 2097 2098 /* no more filters for this source */ 2099 if (psf_prev) 2100 psf_prev->sf_next = psf->sf_next; 2101 else 2102 pmc->mca_sources = psf->sf_next; 2103 if (psf->sf_oldin && !(pmc->mca_flags & MAF_NOREPORT) && 2104 !mld_in_v1_mode(idev)) { 2105 psf->sf_crcount = idev->mc_qrv; 2106 psf->sf_next = pmc->mca_tomb; 2107 pmc->mca_tomb = psf; 2108 rv = 1; 2109 } else 2110 kfree(psf); 2111 } 2112 return rv; 2113 } 2114 2115 static int ip6_mc_del_src(struct inet6_dev *idev, const struct in6_addr *pmca, 2116 int sfmode, int sfcount, const struct in6_addr *psfsrc, 2117 int delta) 2118 { 2119 struct ifmcaddr6 *pmc; 2120 int changerec = 0; 2121 int i, err; 2122 2123 if (!idev) 2124 return -ENODEV; 2125 read_lock_bh(&idev->lock); 2126 for (pmc = idev->mc_list; pmc; pmc = pmc->next) { 2127 if (ipv6_addr_equal(pmca, &pmc->mca_addr)) 2128 break; 2129 } 2130 if (!pmc) { 2131 /* MCA not found?? bug */ 2132 read_unlock_bh(&idev->lock); 2133 return -ESRCH; 2134 } 2135 spin_lock_bh(&pmc->mca_lock); 2136 sf_markstate(pmc); 2137 if (!delta) { 2138 if (!pmc->mca_sfcount[sfmode]) { 2139 spin_unlock_bh(&pmc->mca_lock); 2140 read_unlock_bh(&idev->lock); 2141 return -EINVAL; 2142 } 2143 pmc->mca_sfcount[sfmode]--; 2144 } 2145 err = 0; 2146 for (i = 0; i < sfcount; i++) { 2147 int rv = ip6_mc_del1_src(pmc, sfmode, &psfsrc[i]); 2148 2149 changerec |= rv > 0; 2150 if (!err && rv < 0) 2151 err = rv; 2152 } 2153 if (pmc->mca_sfmode == MCAST_EXCLUDE && 2154 pmc->mca_sfcount[MCAST_EXCLUDE] == 0 && 2155 pmc->mca_sfcount[MCAST_INCLUDE]) { 2156 struct ip6_sf_list *psf; 2157 2158 /* filter mode change */ 2159 pmc->mca_sfmode = MCAST_INCLUDE; 2160 pmc->mca_crcount = idev->mc_qrv; 2161 idev->mc_ifc_count = pmc->mca_crcount; 2162 for (psf = pmc->mca_sources; psf; psf = psf->sf_next) 2163 psf->sf_crcount = 0; 2164 mld_ifc_event(pmc->idev); 2165 } else if (sf_setstate(pmc) || changerec) 2166 mld_ifc_event(pmc->idev); 2167 spin_unlock_bh(&pmc->mca_lock); 2168 read_unlock_bh(&idev->lock); 2169 return err; 2170 } 2171 2172 /* 2173 * Add multicast single-source filter to the interface list 2174 */ 2175 static int ip6_mc_add1_src(struct ifmcaddr6 *pmc, int sfmode, 2176 const struct in6_addr *psfsrc) 2177 { 2178 struct ip6_sf_list *psf, *psf_prev; 2179 2180 psf_prev = NULL; 2181 for (psf = pmc->mca_sources; psf; psf = psf->sf_next) { 2182 if (ipv6_addr_equal(&psf->sf_addr, psfsrc)) 2183 break; 2184 psf_prev = psf; 2185 } 2186 if (!psf) { 2187 psf = kzalloc(sizeof(*psf), GFP_ATOMIC); 2188 if (!psf) 2189 return -ENOBUFS; 2190 2191 psf->sf_addr = *psfsrc; 2192 if (psf_prev) { 2193 psf_prev->sf_next = psf; 2194 } else 2195 pmc->mca_sources = psf; 2196 } 2197 psf->sf_count[sfmode]++; 2198 return 0; 2199 } 2200 2201 static void sf_markstate(struct ifmcaddr6 *pmc) 2202 { 2203 struct ip6_sf_list *psf; 2204 int mca_xcount = pmc->mca_sfcount[MCAST_EXCLUDE]; 2205 2206 for (psf = pmc->mca_sources; psf; psf = psf->sf_next) 2207 if (pmc->mca_sfcount[MCAST_EXCLUDE]) { 2208 psf->sf_oldin = mca_xcount == 2209 psf->sf_count[MCAST_EXCLUDE] && 2210 !psf->sf_count[MCAST_INCLUDE]; 2211 } else 2212 psf->sf_oldin = psf->sf_count[MCAST_INCLUDE] != 0; 2213 } 2214 2215 static int sf_setstate(struct ifmcaddr6 *pmc) 2216 { 2217 struct ip6_sf_list *psf, *dpsf; 2218 int mca_xcount = pmc->mca_sfcount[MCAST_EXCLUDE]; 2219 int qrv = pmc->idev->mc_qrv; 2220 int new_in, rv; 2221 2222 rv = 0; 2223 for (psf = pmc->mca_sources; psf; psf = psf->sf_next) { 2224 if (pmc->mca_sfcount[MCAST_EXCLUDE]) { 2225 new_in = mca_xcount == psf->sf_count[MCAST_EXCLUDE] && 2226 !psf->sf_count[MCAST_INCLUDE]; 2227 } else 2228 new_in = psf->sf_count[MCAST_INCLUDE] != 0; 2229 if (new_in) { 2230 if (!psf->sf_oldin) { 2231 struct ip6_sf_list *prev = NULL; 2232 2233 for (dpsf = pmc->mca_tomb; dpsf; 2234 dpsf = dpsf->sf_next) { 2235 if (ipv6_addr_equal(&dpsf->sf_addr, 2236 &psf->sf_addr)) 2237 break; 2238 prev = dpsf; 2239 } 2240 if (dpsf) { 2241 if (prev) 2242 prev->sf_next = dpsf->sf_next; 2243 else 2244 pmc->mca_tomb = dpsf->sf_next; 2245 kfree(dpsf); 2246 } 2247 psf->sf_crcount = qrv; 2248 rv++; 2249 } 2250 } else if (psf->sf_oldin) { 2251 psf->sf_crcount = 0; 2252 /* 2253 * add or update "delete" records if an active filter 2254 * is now inactive 2255 */ 2256 for (dpsf = pmc->mca_tomb; dpsf; dpsf = dpsf->sf_next) 2257 if (ipv6_addr_equal(&dpsf->sf_addr, 2258 &psf->sf_addr)) 2259 break; 2260 if (!dpsf) { 2261 dpsf = kmalloc(sizeof(*dpsf), GFP_ATOMIC); 2262 if (!dpsf) 2263 continue; 2264 *dpsf = *psf; 2265 /* pmc->mca_lock held by callers */ 2266 dpsf->sf_next = pmc->mca_tomb; 2267 pmc->mca_tomb = dpsf; 2268 } 2269 dpsf->sf_crcount = qrv; 2270 rv++; 2271 } 2272 } 2273 return rv; 2274 } 2275 2276 /* 2277 * Add multicast source filter list to the interface list 2278 */ 2279 static int ip6_mc_add_src(struct inet6_dev *idev, const struct in6_addr *pmca, 2280 int sfmode, int sfcount, const struct in6_addr *psfsrc, 2281 int delta) 2282 { 2283 struct ifmcaddr6 *pmc; 2284 int isexclude; 2285 int i, err; 2286 2287 if (!idev) 2288 return -ENODEV; 2289 read_lock_bh(&idev->lock); 2290 for (pmc = idev->mc_list; pmc; pmc = pmc->next) { 2291 if (ipv6_addr_equal(pmca, &pmc->mca_addr)) 2292 break; 2293 } 2294 if (!pmc) { 2295 /* MCA not found?? bug */ 2296 read_unlock_bh(&idev->lock); 2297 return -ESRCH; 2298 } 2299 spin_lock_bh(&pmc->mca_lock); 2300 2301 sf_markstate(pmc); 2302 isexclude = pmc->mca_sfmode == MCAST_EXCLUDE; 2303 if (!delta) 2304 pmc->mca_sfcount[sfmode]++; 2305 err = 0; 2306 for (i = 0; i < sfcount; i++) { 2307 err = ip6_mc_add1_src(pmc, sfmode, &psfsrc[i]); 2308 if (err) 2309 break; 2310 } 2311 if (err) { 2312 int j; 2313 2314 if (!delta) 2315 pmc->mca_sfcount[sfmode]--; 2316 for (j = 0; j < i; j++) 2317 ip6_mc_del1_src(pmc, sfmode, &psfsrc[j]); 2318 } else if (isexclude != (pmc->mca_sfcount[MCAST_EXCLUDE] != 0)) { 2319 struct ip6_sf_list *psf; 2320 2321 /* filter mode change */ 2322 if (pmc->mca_sfcount[MCAST_EXCLUDE]) 2323 pmc->mca_sfmode = MCAST_EXCLUDE; 2324 else if (pmc->mca_sfcount[MCAST_INCLUDE]) 2325 pmc->mca_sfmode = MCAST_INCLUDE; 2326 /* else no filters; keep old mode for reports */ 2327 2328 pmc->mca_crcount = idev->mc_qrv; 2329 idev->mc_ifc_count = pmc->mca_crcount; 2330 for (psf = pmc->mca_sources; psf; psf = psf->sf_next) 2331 psf->sf_crcount = 0; 2332 mld_ifc_event(idev); 2333 } else if (sf_setstate(pmc)) 2334 mld_ifc_event(idev); 2335 spin_unlock_bh(&pmc->mca_lock); 2336 read_unlock_bh(&idev->lock); 2337 return err; 2338 } 2339 2340 static void ip6_mc_clear_src(struct ifmcaddr6 *pmc) 2341 { 2342 struct ip6_sf_list *psf, *nextpsf; 2343 2344 for (psf = pmc->mca_tomb; psf; psf = nextpsf) { 2345 nextpsf = psf->sf_next; 2346 kfree(psf); 2347 } 2348 pmc->mca_tomb = NULL; 2349 for (psf = pmc->mca_sources; psf; psf = nextpsf) { 2350 nextpsf = psf->sf_next; 2351 kfree(psf); 2352 } 2353 pmc->mca_sources = NULL; 2354 pmc->mca_sfmode = MCAST_EXCLUDE; 2355 pmc->mca_sfcount[MCAST_INCLUDE] = 0; 2356 pmc->mca_sfcount[MCAST_EXCLUDE] = 1; 2357 } 2358 2359 2360 static void igmp6_join_group(struct ifmcaddr6 *ma) 2361 { 2362 unsigned long delay; 2363 2364 if (ma->mca_flags & MAF_NOREPORT) 2365 return; 2366 2367 igmp6_send(&ma->mca_addr, ma->idev->dev, ICMPV6_MGM_REPORT); 2368 2369 delay = prandom_u32() % unsolicited_report_interval(ma->idev); 2370 2371 spin_lock_bh(&ma->mca_lock); 2372 if (del_timer(&ma->mca_timer)) { 2373 atomic_dec(&ma->mca_refcnt); 2374 delay = ma->mca_timer.expires - jiffies; 2375 } 2376 2377 if (!mod_timer(&ma->mca_timer, jiffies + delay)) 2378 atomic_inc(&ma->mca_refcnt); 2379 ma->mca_flags |= MAF_TIMER_RUNNING | MAF_LAST_REPORTER; 2380 spin_unlock_bh(&ma->mca_lock); 2381 } 2382 2383 static int ip6_mc_leave_src(struct sock *sk, struct ipv6_mc_socklist *iml, 2384 struct inet6_dev *idev) 2385 { 2386 int err; 2387 2388 /* callers have the socket lock and rtnl lock 2389 * so no other readers or writers of iml or its sflist 2390 */ 2391 if (!iml->sflist) { 2392 /* any-source empty exclude case */ 2393 return ip6_mc_del_src(idev, &iml->addr, iml->sfmode, 0, NULL, 0); 2394 } 2395 err = ip6_mc_del_src(idev, &iml->addr, iml->sfmode, 2396 iml->sflist->sl_count, iml->sflist->sl_addr, 0); 2397 sock_kfree_s(sk, iml->sflist, IP6_SFLSIZE(iml->sflist->sl_max)); 2398 iml->sflist = NULL; 2399 return err; 2400 } 2401 2402 static void igmp6_leave_group(struct ifmcaddr6 *ma) 2403 { 2404 if (mld_in_v1_mode(ma->idev)) { 2405 if (ma->mca_flags & MAF_LAST_REPORTER) 2406 igmp6_send(&ma->mca_addr, ma->idev->dev, 2407 ICMPV6_MGM_REDUCTION); 2408 } else { 2409 mld_add_delrec(ma->idev, ma); 2410 mld_ifc_event(ma->idev); 2411 } 2412 } 2413 2414 static void mld_gq_timer_expire(unsigned long data) 2415 { 2416 struct inet6_dev *idev = (struct inet6_dev *)data; 2417 2418 idev->mc_gq_running = 0; 2419 mld_send_report(idev, NULL); 2420 in6_dev_put(idev); 2421 } 2422 2423 static void mld_ifc_timer_expire(unsigned long data) 2424 { 2425 struct inet6_dev *idev = (struct inet6_dev *)data; 2426 2427 mld_send_cr(idev); 2428 if (idev->mc_ifc_count) { 2429 idev->mc_ifc_count--; 2430 if (idev->mc_ifc_count) 2431 mld_ifc_start_timer(idev, idev->mc_maxdelay); 2432 } 2433 in6_dev_put(idev); 2434 } 2435 2436 static void mld_ifc_event(struct inet6_dev *idev) 2437 { 2438 if (mld_in_v1_mode(idev)) 2439 return; 2440 idev->mc_ifc_count = idev->mc_qrv; 2441 mld_ifc_start_timer(idev, 1); 2442 } 2443 2444 2445 static void igmp6_timer_handler(unsigned long data) 2446 { 2447 struct ifmcaddr6 *ma = (struct ifmcaddr6 *) data; 2448 2449 if (mld_in_v1_mode(ma->idev)) 2450 igmp6_send(&ma->mca_addr, ma->idev->dev, ICMPV6_MGM_REPORT); 2451 else 2452 mld_send_report(ma->idev, ma); 2453 2454 spin_lock(&ma->mca_lock); 2455 ma->mca_flags |= MAF_LAST_REPORTER; 2456 ma->mca_flags &= ~MAF_TIMER_RUNNING; 2457 spin_unlock(&ma->mca_lock); 2458 ma_put(ma); 2459 } 2460 2461 /* Device changing type */ 2462 2463 void ipv6_mc_unmap(struct inet6_dev *idev) 2464 { 2465 struct ifmcaddr6 *i; 2466 2467 /* Install multicast list, except for all-nodes (already installed) */ 2468 2469 read_lock_bh(&idev->lock); 2470 for (i = idev->mc_list; i; i = i->next) 2471 igmp6_group_dropped(i); 2472 read_unlock_bh(&idev->lock); 2473 } 2474 2475 void ipv6_mc_remap(struct inet6_dev *idev) 2476 { 2477 ipv6_mc_up(idev); 2478 } 2479 2480 /* Device going down */ 2481 2482 void ipv6_mc_down(struct inet6_dev *idev) 2483 { 2484 struct ifmcaddr6 *i; 2485 2486 /* Withdraw multicast list */ 2487 2488 read_lock_bh(&idev->lock); 2489 mld_ifc_stop_timer(idev); 2490 mld_gq_stop_timer(idev); 2491 mld_dad_stop_timer(idev); 2492 2493 for (i = idev->mc_list; i; i = i->next) 2494 igmp6_group_dropped(i); 2495 read_unlock_bh(&idev->lock); 2496 2497 mld_clear_delrec(idev); 2498 } 2499 2500 static void ipv6_mc_reset(struct inet6_dev *idev) 2501 { 2502 idev->mc_qrv = sysctl_mld_qrv; 2503 idev->mc_qi = MLD_QI_DEFAULT; 2504 idev->mc_qri = MLD_QRI_DEFAULT; 2505 idev->mc_v1_seen = 0; 2506 idev->mc_maxdelay = unsolicited_report_interval(idev); 2507 } 2508 2509 /* Device going up */ 2510 2511 void ipv6_mc_up(struct inet6_dev *idev) 2512 { 2513 struct ifmcaddr6 *i; 2514 2515 /* Install multicast list, except for all-nodes (already installed) */ 2516 2517 read_lock_bh(&idev->lock); 2518 ipv6_mc_reset(idev); 2519 for (i = idev->mc_list; i; i = i->next) 2520 igmp6_group_added(i); 2521 read_unlock_bh(&idev->lock); 2522 } 2523 2524 /* IPv6 device initialization. */ 2525 2526 void ipv6_mc_init_dev(struct inet6_dev *idev) 2527 { 2528 write_lock_bh(&idev->lock); 2529 spin_lock_init(&idev->mc_lock); 2530 idev->mc_gq_running = 0; 2531 setup_timer(&idev->mc_gq_timer, mld_gq_timer_expire, 2532 (unsigned long)idev); 2533 idev->mc_tomb = NULL; 2534 idev->mc_ifc_count = 0; 2535 setup_timer(&idev->mc_ifc_timer, mld_ifc_timer_expire, 2536 (unsigned long)idev); 2537 setup_timer(&idev->mc_dad_timer, mld_dad_timer_expire, 2538 (unsigned long)idev); 2539 ipv6_mc_reset(idev); 2540 write_unlock_bh(&idev->lock); 2541 } 2542 2543 /* 2544 * Device is about to be destroyed: clean up. 2545 */ 2546 2547 void ipv6_mc_destroy_dev(struct inet6_dev *idev) 2548 { 2549 struct ifmcaddr6 *i; 2550 2551 /* Deactivate timers */ 2552 ipv6_mc_down(idev); 2553 2554 /* Delete all-nodes address. */ 2555 /* We cannot call ipv6_dev_mc_dec() directly, our caller in 2556 * addrconf.c has NULL'd out dev->ip6_ptr so in6_dev_get() will 2557 * fail. 2558 */ 2559 __ipv6_dev_mc_dec(idev, &in6addr_linklocal_allnodes); 2560 2561 if (idev->cnf.forwarding) 2562 __ipv6_dev_mc_dec(idev, &in6addr_linklocal_allrouters); 2563 2564 write_lock_bh(&idev->lock); 2565 while ((i = idev->mc_list) != NULL) { 2566 idev->mc_list = i->next; 2567 write_unlock_bh(&idev->lock); 2568 2569 igmp6_group_dropped(i); 2570 ma_put(i); 2571 2572 write_lock_bh(&idev->lock); 2573 } 2574 write_unlock_bh(&idev->lock); 2575 } 2576 2577 #ifdef CONFIG_PROC_FS 2578 struct igmp6_mc_iter_state { 2579 struct seq_net_private p; 2580 struct net_device *dev; 2581 struct inet6_dev *idev; 2582 }; 2583 2584 #define igmp6_mc_seq_private(seq) ((struct igmp6_mc_iter_state *)(seq)->private) 2585 2586 static inline struct ifmcaddr6 *igmp6_mc_get_first(struct seq_file *seq) 2587 { 2588 struct ifmcaddr6 *im = NULL; 2589 struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); 2590 struct net *net = seq_file_net(seq); 2591 2592 state->idev = NULL; 2593 for_each_netdev_rcu(net, state->dev) { 2594 struct inet6_dev *idev; 2595 idev = __in6_dev_get(state->dev); 2596 if (!idev) 2597 continue; 2598 read_lock_bh(&idev->lock); 2599 im = idev->mc_list; 2600 if (im) { 2601 state->idev = idev; 2602 break; 2603 } 2604 read_unlock_bh(&idev->lock); 2605 } 2606 return im; 2607 } 2608 2609 static struct ifmcaddr6 *igmp6_mc_get_next(struct seq_file *seq, struct ifmcaddr6 *im) 2610 { 2611 struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); 2612 2613 im = im->next; 2614 while (!im) { 2615 if (likely(state->idev != NULL)) 2616 read_unlock_bh(&state->idev->lock); 2617 2618 state->dev = next_net_device_rcu(state->dev); 2619 if (!state->dev) { 2620 state->idev = NULL; 2621 break; 2622 } 2623 state->idev = __in6_dev_get(state->dev); 2624 if (!state->idev) 2625 continue; 2626 read_lock_bh(&state->idev->lock); 2627 im = state->idev->mc_list; 2628 } 2629 return im; 2630 } 2631 2632 static struct ifmcaddr6 *igmp6_mc_get_idx(struct seq_file *seq, loff_t pos) 2633 { 2634 struct ifmcaddr6 *im = igmp6_mc_get_first(seq); 2635 if (im) 2636 while (pos && (im = igmp6_mc_get_next(seq, im)) != NULL) 2637 --pos; 2638 return pos ? NULL : im; 2639 } 2640 2641 static void *igmp6_mc_seq_start(struct seq_file *seq, loff_t *pos) 2642 __acquires(RCU) 2643 { 2644 rcu_read_lock(); 2645 return igmp6_mc_get_idx(seq, *pos); 2646 } 2647 2648 static void *igmp6_mc_seq_next(struct seq_file *seq, void *v, loff_t *pos) 2649 { 2650 struct ifmcaddr6 *im = igmp6_mc_get_next(seq, v); 2651 2652 ++*pos; 2653 return im; 2654 } 2655 2656 static void igmp6_mc_seq_stop(struct seq_file *seq, void *v) 2657 __releases(RCU) 2658 { 2659 struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); 2660 2661 if (likely(state->idev != NULL)) { 2662 read_unlock_bh(&state->idev->lock); 2663 state->idev = NULL; 2664 } 2665 state->dev = NULL; 2666 rcu_read_unlock(); 2667 } 2668 2669 static int igmp6_mc_seq_show(struct seq_file *seq, void *v) 2670 { 2671 struct ifmcaddr6 *im = (struct ifmcaddr6 *)v; 2672 struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); 2673 2674 seq_printf(seq, 2675 "%-4d %-15s %pi6 %5d %08X %ld\n", 2676 state->dev->ifindex, state->dev->name, 2677 &im->mca_addr, 2678 im->mca_users, im->mca_flags, 2679 (im->mca_flags&MAF_TIMER_RUNNING) ? 2680 jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); 2681 return 0; 2682 } 2683 2684 static const struct seq_operations igmp6_mc_seq_ops = { 2685 .start = igmp6_mc_seq_start, 2686 .next = igmp6_mc_seq_next, 2687 .stop = igmp6_mc_seq_stop, 2688 .show = igmp6_mc_seq_show, 2689 }; 2690 2691 static int igmp6_mc_seq_open(struct inode *inode, struct file *file) 2692 { 2693 return seq_open_net(inode, file, &igmp6_mc_seq_ops, 2694 sizeof(struct igmp6_mc_iter_state)); 2695 } 2696 2697 static const struct file_operations igmp6_mc_seq_fops = { 2698 .owner = THIS_MODULE, 2699 .open = igmp6_mc_seq_open, 2700 .read = seq_read, 2701 .llseek = seq_lseek, 2702 .release = seq_release_net, 2703 }; 2704 2705 struct igmp6_mcf_iter_state { 2706 struct seq_net_private p; 2707 struct net_device *dev; 2708 struct inet6_dev *idev; 2709 struct ifmcaddr6 *im; 2710 }; 2711 2712 #define igmp6_mcf_seq_private(seq) ((struct igmp6_mcf_iter_state *)(seq)->private) 2713 2714 static inline struct ip6_sf_list *igmp6_mcf_get_first(struct seq_file *seq) 2715 { 2716 struct ip6_sf_list *psf = NULL; 2717 struct ifmcaddr6 *im = NULL; 2718 struct igmp6_mcf_iter_state *state = igmp6_mcf_seq_private(seq); 2719 struct net *net = seq_file_net(seq); 2720 2721 state->idev = NULL; 2722 state->im = NULL; 2723 for_each_netdev_rcu(net, state->dev) { 2724 struct inet6_dev *idev; 2725 idev = __in6_dev_get(state->dev); 2726 if (unlikely(idev == NULL)) 2727 continue; 2728 read_lock_bh(&idev->lock); 2729 im = idev->mc_list; 2730 if (likely(im != NULL)) { 2731 spin_lock_bh(&im->mca_lock); 2732 psf = im->mca_sources; 2733 if (likely(psf != NULL)) { 2734 state->im = im; 2735 state->idev = idev; 2736 break; 2737 } 2738 spin_unlock_bh(&im->mca_lock); 2739 } 2740 read_unlock_bh(&idev->lock); 2741 } 2742 return psf; 2743 } 2744 2745 static struct ip6_sf_list *igmp6_mcf_get_next(struct seq_file *seq, struct ip6_sf_list *psf) 2746 { 2747 struct igmp6_mcf_iter_state *state = igmp6_mcf_seq_private(seq); 2748 2749 psf = psf->sf_next; 2750 while (!psf) { 2751 spin_unlock_bh(&state->im->mca_lock); 2752 state->im = state->im->next; 2753 while (!state->im) { 2754 if (likely(state->idev != NULL)) 2755 read_unlock_bh(&state->idev->lock); 2756 2757 state->dev = next_net_device_rcu(state->dev); 2758 if (!state->dev) { 2759 state->idev = NULL; 2760 goto out; 2761 } 2762 state->idev = __in6_dev_get(state->dev); 2763 if (!state->idev) 2764 continue; 2765 read_lock_bh(&state->idev->lock); 2766 state->im = state->idev->mc_list; 2767 } 2768 if (!state->im) 2769 break; 2770 spin_lock_bh(&state->im->mca_lock); 2771 psf = state->im->mca_sources; 2772 } 2773 out: 2774 return psf; 2775 } 2776 2777 static struct ip6_sf_list *igmp6_mcf_get_idx(struct seq_file *seq, loff_t pos) 2778 { 2779 struct ip6_sf_list *psf = igmp6_mcf_get_first(seq); 2780 if (psf) 2781 while (pos && (psf = igmp6_mcf_get_next(seq, psf)) != NULL) 2782 --pos; 2783 return pos ? NULL : psf; 2784 } 2785 2786 static void *igmp6_mcf_seq_start(struct seq_file *seq, loff_t *pos) 2787 __acquires(RCU) 2788 { 2789 rcu_read_lock(); 2790 return *pos ? igmp6_mcf_get_idx(seq, *pos - 1) : SEQ_START_TOKEN; 2791 } 2792 2793 static void *igmp6_mcf_seq_next(struct seq_file *seq, void *v, loff_t *pos) 2794 { 2795 struct ip6_sf_list *psf; 2796 if (v == SEQ_START_TOKEN) 2797 psf = igmp6_mcf_get_first(seq); 2798 else 2799 psf = igmp6_mcf_get_next(seq, v); 2800 ++*pos; 2801 return psf; 2802 } 2803 2804 static void igmp6_mcf_seq_stop(struct seq_file *seq, void *v) 2805 __releases(RCU) 2806 { 2807 struct igmp6_mcf_iter_state *state = igmp6_mcf_seq_private(seq); 2808 if (likely(state->im != NULL)) { 2809 spin_unlock_bh(&state->im->mca_lock); 2810 state->im = NULL; 2811 } 2812 if (likely(state->idev != NULL)) { 2813 read_unlock_bh(&state->idev->lock); 2814 state->idev = NULL; 2815 } 2816 state->dev = NULL; 2817 rcu_read_unlock(); 2818 } 2819 2820 static int igmp6_mcf_seq_show(struct seq_file *seq, void *v) 2821 { 2822 struct ip6_sf_list *psf = (struct ip6_sf_list *)v; 2823 struct igmp6_mcf_iter_state *state = igmp6_mcf_seq_private(seq); 2824 2825 if (v == SEQ_START_TOKEN) { 2826 seq_printf(seq, 2827 "%3s %6s " 2828 "%32s %32s %6s %6s\n", "Idx", 2829 "Device", "Multicast Address", 2830 "Source Address", "INC", "EXC"); 2831 } else { 2832 seq_printf(seq, 2833 "%3d %6.6s %pi6 %pi6 %6lu %6lu\n", 2834 state->dev->ifindex, state->dev->name, 2835 &state->im->mca_addr, 2836 &psf->sf_addr, 2837 psf->sf_count[MCAST_INCLUDE], 2838 psf->sf_count[MCAST_EXCLUDE]); 2839 } 2840 return 0; 2841 } 2842 2843 static const struct seq_operations igmp6_mcf_seq_ops = { 2844 .start = igmp6_mcf_seq_start, 2845 .next = igmp6_mcf_seq_next, 2846 .stop = igmp6_mcf_seq_stop, 2847 .show = igmp6_mcf_seq_show, 2848 }; 2849 2850 static int igmp6_mcf_seq_open(struct inode *inode, struct file *file) 2851 { 2852 return seq_open_net(inode, file, &igmp6_mcf_seq_ops, 2853 sizeof(struct igmp6_mcf_iter_state)); 2854 } 2855 2856 static const struct file_operations igmp6_mcf_seq_fops = { 2857 .owner = THIS_MODULE, 2858 .open = igmp6_mcf_seq_open, 2859 .read = seq_read, 2860 .llseek = seq_lseek, 2861 .release = seq_release_net, 2862 }; 2863 2864 static int __net_init igmp6_proc_init(struct net *net) 2865 { 2866 int err; 2867 2868 err = -ENOMEM; 2869 if (!proc_create("igmp6", S_IRUGO, net->proc_net, &igmp6_mc_seq_fops)) 2870 goto out; 2871 if (!proc_create("mcfilter6", S_IRUGO, net->proc_net, 2872 &igmp6_mcf_seq_fops)) 2873 goto out_proc_net_igmp6; 2874 2875 err = 0; 2876 out: 2877 return err; 2878 2879 out_proc_net_igmp6: 2880 remove_proc_entry("igmp6", net->proc_net); 2881 goto out; 2882 } 2883 2884 static void __net_exit igmp6_proc_exit(struct net *net) 2885 { 2886 remove_proc_entry("mcfilter6", net->proc_net); 2887 remove_proc_entry("igmp6", net->proc_net); 2888 } 2889 #else 2890 static inline int igmp6_proc_init(struct net *net) 2891 { 2892 return 0; 2893 } 2894 static inline void igmp6_proc_exit(struct net *net) 2895 { 2896 } 2897 #endif 2898 2899 static int __net_init igmp6_net_init(struct net *net) 2900 { 2901 int err; 2902 2903 err = inet_ctl_sock_create(&net->ipv6.igmp_sk, PF_INET6, 2904 SOCK_RAW, IPPROTO_ICMPV6, net); 2905 if (err < 0) { 2906 pr_err("Failed to initialize the IGMP6 control socket (err %d)\n", 2907 err); 2908 goto out; 2909 } 2910 2911 inet6_sk(net->ipv6.igmp_sk)->hop_limit = 1; 2912 2913 err = igmp6_proc_init(net); 2914 if (err) 2915 goto out_sock_create; 2916 out: 2917 return err; 2918 2919 out_sock_create: 2920 inet_ctl_sock_destroy(net->ipv6.igmp_sk); 2921 goto out; 2922 } 2923 2924 static void __net_exit igmp6_net_exit(struct net *net) 2925 { 2926 inet_ctl_sock_destroy(net->ipv6.igmp_sk); 2927 igmp6_proc_exit(net); 2928 } 2929 2930 static struct pernet_operations igmp6_net_ops = { 2931 .init = igmp6_net_init, 2932 .exit = igmp6_net_exit, 2933 }; 2934 2935 int __init igmp6_init(void) 2936 { 2937 return register_pernet_subsys(&igmp6_net_ops); 2938 } 2939 2940 void igmp6_cleanup(void) 2941 { 2942 unregister_pernet_subsys(&igmp6_net_ops); 2943 } 2944