1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* Copyright (c) 2021 Taehee Yoo <ap420073@gmail.com> */ 3 4 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 5 6 #include <linux/module.h> 7 #include <linux/skbuff.h> 8 #include <linux/udp.h> 9 #include <linux/jhash.h> 10 #include <linux/if_tunnel.h> 11 #include <linux/net.h> 12 #include <linux/igmp.h> 13 #include <linux/workqueue.h> 14 #include <net/sch_generic.h> 15 #include <net/net_namespace.h> 16 #include <net/ip.h> 17 #include <net/udp.h> 18 #include <net/udp_tunnel.h> 19 #include <net/icmp.h> 20 #include <net/mld.h> 21 #include <net/amt.h> 22 #include <uapi/linux/amt.h> 23 #include <linux/security.h> 24 #include <net/gro_cells.h> 25 #include <net/ipv6.h> 26 #include <net/if_inet6.h> 27 #include <net/ndisc.h> 28 #include <net/addrconf.h> 29 #include <net/ip6_route.h> 30 #include <net/inet_common.h> 31 #include <net/ip6_checksum.h> 32 33 static struct workqueue_struct *amt_wq; 34 35 static HLIST_HEAD(source_gc_list); 36 /* Lock for source_gc_list */ 37 static spinlock_t source_gc_lock; 38 static struct delayed_work source_gc_wq; 39 static char *status_str[] = { 40 "AMT_STATUS_INIT", 41 "AMT_STATUS_SENT_DISCOVERY", 42 "AMT_STATUS_RECEIVED_DISCOVERY", 43 "AMT_STATUS_SENT_ADVERTISEMENT", 44 "AMT_STATUS_RECEIVED_ADVERTISEMENT", 45 "AMT_STATUS_SENT_REQUEST", 46 "AMT_STATUS_RECEIVED_REQUEST", 47 "AMT_STATUS_SENT_QUERY", 48 "AMT_STATUS_RECEIVED_QUERY", 49 "AMT_STATUS_SENT_UPDATE", 50 "AMT_STATUS_RECEIVED_UPDATE", 51 }; 52 53 static char *type_str[] = { 54 "", /* Type 0 is not defined */ 55 "AMT_MSG_DISCOVERY", 56 "AMT_MSG_ADVERTISEMENT", 57 "AMT_MSG_REQUEST", 58 "AMT_MSG_MEMBERSHIP_QUERY", 59 "AMT_MSG_MEMBERSHIP_UPDATE", 60 "AMT_MSG_MULTICAST_DATA", 61 "AMT_MSG_TEARDOWN", 62 }; 63 64 static char *action_str[] = { 65 "AMT_ACT_GMI", 66 "AMT_ACT_GMI_ZERO", 67 "AMT_ACT_GT", 68 "AMT_ACT_STATUS_FWD_NEW", 69 "AMT_ACT_STATUS_D_FWD_NEW", 70 "AMT_ACT_STATUS_NONE_NEW", 71 }; 72 73 static struct igmpv3_grec igmpv3_zero_grec; 74 75 #if IS_ENABLED(CONFIG_IPV6) 76 #define MLD2_ALL_NODE_INIT { { { 0xff, 0x02, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x01 } } } 77 static struct in6_addr mld2_all_node = MLD2_ALL_NODE_INIT; 78 static struct mld2_grec mldv2_zero_grec; 79 #endif 80 81 static struct amt_skb_cb *amt_skb_cb(struct sk_buff *skb) 82 { 83 BUILD_BUG_ON(sizeof(struct amt_skb_cb) + sizeof(struct qdisc_skb_cb) > 84 sizeof_field(struct sk_buff, cb)); 85 86 return (struct amt_skb_cb *)((void *)skb->cb + 87 sizeof(struct qdisc_skb_cb)); 88 } 89 90 static void __amt_source_gc_work(void) 91 { 92 struct amt_source_node *snode; 93 struct hlist_head gc_list; 94 struct hlist_node *t; 95 96 spin_lock_bh(&source_gc_lock); 97 hlist_move_list(&source_gc_list, &gc_list); 98 spin_unlock_bh(&source_gc_lock); 99 100 hlist_for_each_entry_safe(snode, t, &gc_list, node) { 101 hlist_del_rcu(&snode->node); 102 kfree_rcu(snode, rcu); 103 } 104 } 105 106 static void amt_source_gc_work(struct work_struct *work) 107 { 108 __amt_source_gc_work(); 109 110 spin_lock_bh(&source_gc_lock); 111 mod_delayed_work(amt_wq, &source_gc_wq, 112 msecs_to_jiffies(AMT_GC_INTERVAL)); 113 spin_unlock_bh(&source_gc_lock); 114 } 115 116 static bool amt_addr_equal(union amt_addr *a, union amt_addr *b) 117 { 118 return !memcmp(a, b, sizeof(union amt_addr)); 119 } 120 121 static u32 amt_source_hash(struct amt_tunnel_list *tunnel, union amt_addr *src) 122 { 123 u32 hash = jhash(src, sizeof(*src), tunnel->amt->hash_seed); 124 125 return reciprocal_scale(hash, tunnel->amt->hash_buckets); 126 } 127 128 static bool amt_status_filter(struct amt_source_node *snode, 129 enum amt_filter filter) 130 { 131 bool rc = false; 132 133 switch (filter) { 134 case AMT_FILTER_FWD: 135 if (snode->status == AMT_SOURCE_STATUS_FWD && 136 snode->flags == AMT_SOURCE_OLD) 137 rc = true; 138 break; 139 case AMT_FILTER_D_FWD: 140 if (snode->status == AMT_SOURCE_STATUS_D_FWD && 141 snode->flags == AMT_SOURCE_OLD) 142 rc = true; 143 break; 144 case AMT_FILTER_FWD_NEW: 145 if (snode->status == AMT_SOURCE_STATUS_FWD && 146 snode->flags == AMT_SOURCE_NEW) 147 rc = true; 148 break; 149 case AMT_FILTER_D_FWD_NEW: 150 if (snode->status == AMT_SOURCE_STATUS_D_FWD && 151 snode->flags == AMT_SOURCE_NEW) 152 rc = true; 153 break; 154 case AMT_FILTER_ALL: 155 rc = true; 156 break; 157 case AMT_FILTER_NONE_NEW: 158 if (snode->status == AMT_SOURCE_STATUS_NONE && 159 snode->flags == AMT_SOURCE_NEW) 160 rc = true; 161 break; 162 case AMT_FILTER_BOTH: 163 if ((snode->status == AMT_SOURCE_STATUS_D_FWD || 164 snode->status == AMT_SOURCE_STATUS_FWD) && 165 snode->flags == AMT_SOURCE_OLD) 166 rc = true; 167 break; 168 case AMT_FILTER_BOTH_NEW: 169 if ((snode->status == AMT_SOURCE_STATUS_D_FWD || 170 snode->status == AMT_SOURCE_STATUS_FWD) && 171 snode->flags == AMT_SOURCE_NEW) 172 rc = true; 173 break; 174 default: 175 WARN_ON_ONCE(1); 176 break; 177 } 178 179 return rc; 180 } 181 182 static struct amt_source_node *amt_lookup_src(struct amt_tunnel_list *tunnel, 183 struct amt_group_node *gnode, 184 enum amt_filter filter, 185 union amt_addr *src) 186 { 187 u32 hash = amt_source_hash(tunnel, src); 188 struct amt_source_node *snode; 189 190 hlist_for_each_entry_rcu(snode, &gnode->sources[hash], node) 191 if (amt_status_filter(snode, filter) && 192 amt_addr_equal(&snode->source_addr, src)) 193 return snode; 194 195 return NULL; 196 } 197 198 static u32 amt_group_hash(struct amt_tunnel_list *tunnel, union amt_addr *group) 199 { 200 u32 hash = jhash(group, sizeof(*group), tunnel->amt->hash_seed); 201 202 return reciprocal_scale(hash, tunnel->amt->hash_buckets); 203 } 204 205 static struct amt_group_node *amt_lookup_group(struct amt_tunnel_list *tunnel, 206 union amt_addr *group, 207 union amt_addr *host, 208 bool v6) 209 { 210 u32 hash = amt_group_hash(tunnel, group); 211 struct amt_group_node *gnode; 212 213 hlist_for_each_entry_rcu(gnode, &tunnel->groups[hash], node) { 214 if (amt_addr_equal(&gnode->group_addr, group) && 215 amt_addr_equal(&gnode->host_addr, host) && 216 gnode->v6 == v6) 217 return gnode; 218 } 219 220 return NULL; 221 } 222 223 static void amt_destroy_source(struct amt_source_node *snode) 224 { 225 struct amt_group_node *gnode = snode->gnode; 226 struct amt_tunnel_list *tunnel; 227 228 tunnel = gnode->tunnel_list; 229 230 if (!gnode->v6) { 231 netdev_dbg(snode->gnode->amt->dev, 232 "Delete source %pI4 from %pI4\n", 233 &snode->source_addr.ip4, 234 &gnode->group_addr.ip4); 235 #if IS_ENABLED(CONFIG_IPV6) 236 } else { 237 netdev_dbg(snode->gnode->amt->dev, 238 "Delete source %pI6 from %pI6\n", 239 &snode->source_addr.ip6, 240 &gnode->group_addr.ip6); 241 #endif 242 } 243 244 cancel_delayed_work(&snode->source_timer); 245 hlist_del_init_rcu(&snode->node); 246 tunnel->nr_sources--; 247 gnode->nr_sources--; 248 spin_lock_bh(&source_gc_lock); 249 hlist_add_head_rcu(&snode->node, &source_gc_list); 250 spin_unlock_bh(&source_gc_lock); 251 } 252 253 static void amt_del_group(struct amt_dev *amt, struct amt_group_node *gnode) 254 { 255 struct amt_source_node *snode; 256 struct hlist_node *t; 257 int i; 258 259 if (cancel_delayed_work(&gnode->group_timer)) 260 dev_put(amt->dev); 261 hlist_del_rcu(&gnode->node); 262 gnode->tunnel_list->nr_groups--; 263 264 if (!gnode->v6) 265 netdev_dbg(amt->dev, "Leave group %pI4\n", 266 &gnode->group_addr.ip4); 267 #if IS_ENABLED(CONFIG_IPV6) 268 else 269 netdev_dbg(amt->dev, "Leave group %pI6\n", 270 &gnode->group_addr.ip6); 271 #endif 272 for (i = 0; i < amt->hash_buckets; i++) 273 hlist_for_each_entry_safe(snode, t, &gnode->sources[i], node) 274 amt_destroy_source(snode); 275 276 /* tunnel->lock was acquired outside of amt_del_group() 277 * But rcu_read_lock() was acquired too so It's safe. 278 */ 279 kfree_rcu(gnode, rcu); 280 } 281 282 /* If a source timer expires with a router filter-mode for the group of 283 * INCLUDE, the router concludes that traffic from this particular 284 * source is no longer desired on the attached network, and deletes the 285 * associated source record. 286 */ 287 static void amt_source_work(struct work_struct *work) 288 { 289 struct amt_source_node *snode = container_of(to_delayed_work(work), 290 struct amt_source_node, 291 source_timer); 292 struct amt_group_node *gnode = snode->gnode; 293 struct amt_dev *amt = gnode->amt; 294 struct amt_tunnel_list *tunnel; 295 296 tunnel = gnode->tunnel_list; 297 spin_lock_bh(&tunnel->lock); 298 rcu_read_lock(); 299 if (gnode->filter_mode == MCAST_INCLUDE) { 300 amt_destroy_source(snode); 301 if (!gnode->nr_sources) 302 amt_del_group(amt, gnode); 303 } else { 304 /* When a router filter-mode for a group is EXCLUDE, 305 * source records are only deleted when the group timer expires 306 */ 307 snode->status = AMT_SOURCE_STATUS_D_FWD; 308 } 309 rcu_read_unlock(); 310 spin_unlock_bh(&tunnel->lock); 311 } 312 313 static void amt_act_src(struct amt_tunnel_list *tunnel, 314 struct amt_group_node *gnode, 315 struct amt_source_node *snode, 316 enum amt_act act) 317 { 318 struct amt_dev *amt = tunnel->amt; 319 320 switch (act) { 321 case AMT_ACT_GMI: 322 mod_delayed_work(amt_wq, &snode->source_timer, 323 msecs_to_jiffies(amt_gmi(amt))); 324 break; 325 case AMT_ACT_GMI_ZERO: 326 cancel_delayed_work(&snode->source_timer); 327 break; 328 case AMT_ACT_GT: 329 mod_delayed_work(amt_wq, &snode->source_timer, 330 gnode->group_timer.timer.expires); 331 break; 332 case AMT_ACT_STATUS_FWD_NEW: 333 snode->status = AMT_SOURCE_STATUS_FWD; 334 snode->flags = AMT_SOURCE_NEW; 335 break; 336 case AMT_ACT_STATUS_D_FWD_NEW: 337 snode->status = AMT_SOURCE_STATUS_D_FWD; 338 snode->flags = AMT_SOURCE_NEW; 339 break; 340 case AMT_ACT_STATUS_NONE_NEW: 341 cancel_delayed_work(&snode->source_timer); 342 snode->status = AMT_SOURCE_STATUS_NONE; 343 snode->flags = AMT_SOURCE_NEW; 344 break; 345 default: 346 WARN_ON_ONCE(1); 347 return; 348 } 349 350 if (!gnode->v6) 351 netdev_dbg(amt->dev, "Source %pI4 from %pI4 Acted %s\n", 352 &snode->source_addr.ip4, 353 &gnode->group_addr.ip4, 354 action_str[act]); 355 #if IS_ENABLED(CONFIG_IPV6) 356 else 357 netdev_dbg(amt->dev, "Source %pI6 from %pI6 Acted %s\n", 358 &snode->source_addr.ip6, 359 &gnode->group_addr.ip6, 360 action_str[act]); 361 #endif 362 } 363 364 static struct amt_source_node *amt_alloc_snode(struct amt_group_node *gnode, 365 union amt_addr *src) 366 { 367 struct amt_source_node *snode; 368 369 snode = kzalloc(sizeof(*snode), GFP_ATOMIC); 370 if (!snode) 371 return NULL; 372 373 memcpy(&snode->source_addr, src, sizeof(union amt_addr)); 374 snode->gnode = gnode; 375 snode->status = AMT_SOURCE_STATUS_NONE; 376 snode->flags = AMT_SOURCE_NEW; 377 INIT_HLIST_NODE(&snode->node); 378 INIT_DELAYED_WORK(&snode->source_timer, amt_source_work); 379 380 return snode; 381 } 382 383 /* RFC 3810 - 7.2.2. Definition of Filter Timers 384 * 385 * Router Mode Filter Timer Actions/Comments 386 * ----------- ----------------- ---------------- 387 * 388 * INCLUDE Not Used All listeners in 389 * INCLUDE mode. 390 * 391 * EXCLUDE Timer > 0 At least one listener 392 * in EXCLUDE mode. 393 * 394 * EXCLUDE Timer == 0 No more listeners in 395 * EXCLUDE mode for the 396 * multicast address. 397 * If the Requested List 398 * is empty, delete 399 * Multicast Address 400 * Record. If not, switch 401 * to INCLUDE filter mode; 402 * the sources in the 403 * Requested List are 404 * moved to the Include 405 * List, and the Exclude 406 * List is deleted. 407 */ 408 static void amt_group_work(struct work_struct *work) 409 { 410 struct amt_group_node *gnode = container_of(to_delayed_work(work), 411 struct amt_group_node, 412 group_timer); 413 struct amt_tunnel_list *tunnel = gnode->tunnel_list; 414 struct amt_dev *amt = gnode->amt; 415 struct amt_source_node *snode; 416 bool delete_group = true; 417 struct hlist_node *t; 418 int i, buckets; 419 420 buckets = amt->hash_buckets; 421 422 spin_lock_bh(&tunnel->lock); 423 if (gnode->filter_mode == MCAST_INCLUDE) { 424 /* Not Used */ 425 spin_unlock_bh(&tunnel->lock); 426 goto out; 427 } 428 429 rcu_read_lock(); 430 for (i = 0; i < buckets; i++) { 431 hlist_for_each_entry_safe(snode, t, 432 &gnode->sources[i], node) { 433 if (!delayed_work_pending(&snode->source_timer) || 434 snode->status == AMT_SOURCE_STATUS_D_FWD) { 435 amt_destroy_source(snode); 436 } else { 437 delete_group = false; 438 snode->status = AMT_SOURCE_STATUS_FWD; 439 } 440 } 441 } 442 if (delete_group) 443 amt_del_group(amt, gnode); 444 else 445 gnode->filter_mode = MCAST_INCLUDE; 446 rcu_read_unlock(); 447 spin_unlock_bh(&tunnel->lock); 448 out: 449 dev_put(amt->dev); 450 } 451 452 /* Non-existant group is created as INCLUDE {empty}: 453 * 454 * RFC 3376 - 5.1. Action on Change of Interface State 455 * 456 * If no interface state existed for that multicast address before 457 * the change (i.e., the change consisted of creating a new 458 * per-interface record), or if no state exists after the change 459 * (i.e., the change consisted of deleting a per-interface record), 460 * then the "non-existent" state is considered to have a filter mode 461 * of INCLUDE and an empty source list. 462 */ 463 static struct amt_group_node *amt_add_group(struct amt_dev *amt, 464 struct amt_tunnel_list *tunnel, 465 union amt_addr *group, 466 union amt_addr *host, 467 bool v6) 468 { 469 struct amt_group_node *gnode; 470 u32 hash; 471 int i; 472 473 if (tunnel->nr_groups >= amt->max_groups) 474 return ERR_PTR(-ENOSPC); 475 476 gnode = kzalloc(sizeof(*gnode) + 477 (sizeof(struct hlist_head) * amt->hash_buckets), 478 GFP_ATOMIC); 479 if (unlikely(!gnode)) 480 return ERR_PTR(-ENOMEM); 481 482 gnode->amt = amt; 483 gnode->group_addr = *group; 484 gnode->host_addr = *host; 485 gnode->v6 = v6; 486 gnode->tunnel_list = tunnel; 487 gnode->filter_mode = MCAST_INCLUDE; 488 INIT_HLIST_NODE(&gnode->node); 489 INIT_DELAYED_WORK(&gnode->group_timer, amt_group_work); 490 for (i = 0; i < amt->hash_buckets; i++) 491 INIT_HLIST_HEAD(&gnode->sources[i]); 492 493 hash = amt_group_hash(tunnel, group); 494 hlist_add_head_rcu(&gnode->node, &tunnel->groups[hash]); 495 tunnel->nr_groups++; 496 497 if (!gnode->v6) 498 netdev_dbg(amt->dev, "Join group %pI4\n", 499 &gnode->group_addr.ip4); 500 #if IS_ENABLED(CONFIG_IPV6) 501 else 502 netdev_dbg(amt->dev, "Join group %pI6\n", 503 &gnode->group_addr.ip6); 504 #endif 505 506 return gnode; 507 } 508 509 static struct sk_buff *amt_build_igmp_gq(struct amt_dev *amt) 510 { 511 u8 ra[AMT_IPHDR_OPTS] = { IPOPT_RA, 4, 0, 0 }; 512 int hlen = LL_RESERVED_SPACE(amt->dev); 513 int tlen = amt->dev->needed_tailroom; 514 struct igmpv3_query *ihv3; 515 void *csum_start = NULL; 516 __sum16 *csum = NULL; 517 struct sk_buff *skb; 518 struct ethhdr *eth; 519 struct iphdr *iph; 520 unsigned int len; 521 int offset; 522 523 len = hlen + tlen + sizeof(*iph) + AMT_IPHDR_OPTS + sizeof(*ihv3); 524 skb = netdev_alloc_skb_ip_align(amt->dev, len); 525 if (!skb) 526 return NULL; 527 528 skb_reserve(skb, hlen); 529 skb_push(skb, sizeof(*eth)); 530 skb->protocol = htons(ETH_P_IP); 531 skb_reset_mac_header(skb); 532 skb->priority = TC_PRIO_CONTROL; 533 skb_put(skb, sizeof(*iph)); 534 skb_put_data(skb, ra, sizeof(ra)); 535 skb_put(skb, sizeof(*ihv3)); 536 skb_pull(skb, sizeof(*eth)); 537 skb_reset_network_header(skb); 538 539 iph = ip_hdr(skb); 540 iph->version = 4; 541 iph->ihl = (sizeof(struct iphdr) + AMT_IPHDR_OPTS) >> 2; 542 iph->tos = AMT_TOS; 543 iph->tot_len = htons(sizeof(*iph) + AMT_IPHDR_OPTS + sizeof(*ihv3)); 544 iph->frag_off = htons(IP_DF); 545 iph->ttl = 1; 546 iph->id = 0; 547 iph->protocol = IPPROTO_IGMP; 548 iph->daddr = htonl(INADDR_ALLHOSTS_GROUP); 549 iph->saddr = htonl(INADDR_ANY); 550 ip_send_check(iph); 551 552 eth = eth_hdr(skb); 553 ether_addr_copy(eth->h_source, amt->dev->dev_addr); 554 ip_eth_mc_map(htonl(INADDR_ALLHOSTS_GROUP), eth->h_dest); 555 eth->h_proto = htons(ETH_P_IP); 556 557 ihv3 = skb_pull(skb, sizeof(*iph) + AMT_IPHDR_OPTS); 558 skb_reset_transport_header(skb); 559 ihv3->type = IGMP_HOST_MEMBERSHIP_QUERY; 560 ihv3->code = 1; 561 ihv3->group = 0; 562 ihv3->qqic = amt->qi; 563 ihv3->nsrcs = 0; 564 ihv3->resv = 0; 565 ihv3->suppress = false; 566 ihv3->qrv = amt->net->ipv4.sysctl_igmp_qrv; 567 ihv3->csum = 0; 568 csum = &ihv3->csum; 569 csum_start = (void *)ihv3; 570 *csum = ip_compute_csum(csum_start, sizeof(*ihv3)); 571 offset = skb_transport_offset(skb); 572 skb->csum = skb_checksum(skb, offset, skb->len - offset, 0); 573 skb->ip_summed = CHECKSUM_NONE; 574 575 skb_push(skb, sizeof(*eth) + sizeof(*iph) + AMT_IPHDR_OPTS); 576 577 return skb; 578 } 579 580 static void __amt_update_gw_status(struct amt_dev *amt, enum amt_status status, 581 bool validate) 582 { 583 if (validate && amt->status >= status) 584 return; 585 netdev_dbg(amt->dev, "Update GW status %s -> %s", 586 status_str[amt->status], status_str[status]); 587 amt->status = status; 588 } 589 590 static void __amt_update_relay_status(struct amt_tunnel_list *tunnel, 591 enum amt_status status, 592 bool validate) 593 { 594 if (validate && tunnel->status >= status) 595 return; 596 netdev_dbg(tunnel->amt->dev, 597 "Update Tunnel(IP = %pI4, PORT = %u) status %s -> %s", 598 &tunnel->ip4, ntohs(tunnel->source_port), 599 status_str[tunnel->status], status_str[status]); 600 tunnel->status = status; 601 } 602 603 static void amt_update_gw_status(struct amt_dev *amt, enum amt_status status, 604 bool validate) 605 { 606 spin_lock_bh(&amt->lock); 607 __amt_update_gw_status(amt, status, validate); 608 spin_unlock_bh(&amt->lock); 609 } 610 611 static void amt_update_relay_status(struct amt_tunnel_list *tunnel, 612 enum amt_status status, bool validate) 613 { 614 spin_lock_bh(&tunnel->lock); 615 __amt_update_relay_status(tunnel, status, validate); 616 spin_unlock_bh(&tunnel->lock); 617 } 618 619 static void amt_send_discovery(struct amt_dev *amt) 620 { 621 struct amt_header_discovery *amtd; 622 int hlen, tlen, offset; 623 struct socket *sock; 624 struct udphdr *udph; 625 struct sk_buff *skb; 626 struct iphdr *iph; 627 struct rtable *rt; 628 struct flowi4 fl4; 629 u32 len; 630 int err; 631 632 rcu_read_lock(); 633 sock = rcu_dereference(amt->sock); 634 if (!sock) 635 goto out; 636 637 if (!netif_running(amt->stream_dev) || !netif_running(amt->dev)) 638 goto out; 639 640 rt = ip_route_output_ports(amt->net, &fl4, sock->sk, 641 amt->discovery_ip, amt->local_ip, 642 amt->gw_port, amt->relay_port, 643 IPPROTO_UDP, 0, 644 amt->stream_dev->ifindex); 645 if (IS_ERR(rt)) { 646 amt->dev->stats.tx_errors++; 647 goto out; 648 } 649 650 hlen = LL_RESERVED_SPACE(amt->dev); 651 tlen = amt->dev->needed_tailroom; 652 len = hlen + tlen + sizeof(*iph) + sizeof(*udph) + sizeof(*amtd); 653 skb = netdev_alloc_skb_ip_align(amt->dev, len); 654 if (!skb) { 655 ip_rt_put(rt); 656 amt->dev->stats.tx_errors++; 657 goto out; 658 } 659 660 skb->priority = TC_PRIO_CONTROL; 661 skb_dst_set(skb, &rt->dst); 662 663 len = sizeof(*iph) + sizeof(*udph) + sizeof(*amtd); 664 skb_reset_network_header(skb); 665 skb_put(skb, len); 666 amtd = skb_pull(skb, sizeof(*iph) + sizeof(*udph)); 667 amtd->version = 0; 668 amtd->type = AMT_MSG_DISCOVERY; 669 amtd->reserved = 0; 670 amtd->nonce = amt->nonce; 671 skb_push(skb, sizeof(*udph)); 672 skb_reset_transport_header(skb); 673 udph = udp_hdr(skb); 674 udph->source = amt->gw_port; 675 udph->dest = amt->relay_port; 676 udph->len = htons(sizeof(*udph) + sizeof(*amtd)); 677 udph->check = 0; 678 offset = skb_transport_offset(skb); 679 skb->csum = skb_checksum(skb, offset, skb->len - offset, 0); 680 udph->check = csum_tcpudp_magic(amt->local_ip, amt->discovery_ip, 681 sizeof(*udph) + sizeof(*amtd), 682 IPPROTO_UDP, skb->csum); 683 684 skb_push(skb, sizeof(*iph)); 685 iph = ip_hdr(skb); 686 iph->version = 4; 687 iph->ihl = (sizeof(struct iphdr)) >> 2; 688 iph->tos = AMT_TOS; 689 iph->frag_off = 0; 690 iph->ttl = ip4_dst_hoplimit(&rt->dst); 691 iph->daddr = amt->discovery_ip; 692 iph->saddr = amt->local_ip; 693 iph->protocol = IPPROTO_UDP; 694 iph->tot_len = htons(len); 695 696 skb->ip_summed = CHECKSUM_NONE; 697 ip_select_ident(amt->net, skb, NULL); 698 ip_send_check(iph); 699 err = ip_local_out(amt->net, sock->sk, skb); 700 if (unlikely(net_xmit_eval(err))) 701 amt->dev->stats.tx_errors++; 702 703 spin_lock_bh(&amt->lock); 704 __amt_update_gw_status(amt, AMT_STATUS_SENT_DISCOVERY, true); 705 spin_unlock_bh(&amt->lock); 706 out: 707 rcu_read_unlock(); 708 } 709 710 static void amt_send_request(struct amt_dev *amt, bool v6) 711 { 712 struct amt_header_request *amtrh; 713 int hlen, tlen, offset; 714 struct socket *sock; 715 struct udphdr *udph; 716 struct sk_buff *skb; 717 struct iphdr *iph; 718 struct rtable *rt; 719 struct flowi4 fl4; 720 u32 len; 721 int err; 722 723 rcu_read_lock(); 724 sock = rcu_dereference(amt->sock); 725 if (!sock) 726 goto out; 727 728 if (!netif_running(amt->stream_dev) || !netif_running(amt->dev)) 729 goto out; 730 731 rt = ip_route_output_ports(amt->net, &fl4, sock->sk, 732 amt->remote_ip, amt->local_ip, 733 amt->gw_port, amt->relay_port, 734 IPPROTO_UDP, 0, 735 amt->stream_dev->ifindex); 736 if (IS_ERR(rt)) { 737 amt->dev->stats.tx_errors++; 738 goto out; 739 } 740 741 hlen = LL_RESERVED_SPACE(amt->dev); 742 tlen = amt->dev->needed_tailroom; 743 len = hlen + tlen + sizeof(*iph) + sizeof(*udph) + sizeof(*amtrh); 744 skb = netdev_alloc_skb_ip_align(amt->dev, len); 745 if (!skb) { 746 ip_rt_put(rt); 747 amt->dev->stats.tx_errors++; 748 goto out; 749 } 750 751 skb->priority = TC_PRIO_CONTROL; 752 skb_dst_set(skb, &rt->dst); 753 754 len = sizeof(*iph) + sizeof(*udph) + sizeof(*amtrh); 755 skb_reset_network_header(skb); 756 skb_put(skb, len); 757 amtrh = skb_pull(skb, sizeof(*iph) + sizeof(*udph)); 758 amtrh->version = 0; 759 amtrh->type = AMT_MSG_REQUEST; 760 amtrh->reserved1 = 0; 761 amtrh->p = v6; 762 amtrh->reserved2 = 0; 763 amtrh->nonce = amt->nonce; 764 skb_push(skb, sizeof(*udph)); 765 skb_reset_transport_header(skb); 766 udph = udp_hdr(skb); 767 udph->source = amt->gw_port; 768 udph->dest = amt->relay_port; 769 udph->len = htons(sizeof(*amtrh) + sizeof(*udph)); 770 udph->check = 0; 771 offset = skb_transport_offset(skb); 772 skb->csum = skb_checksum(skb, offset, skb->len - offset, 0); 773 udph->check = csum_tcpudp_magic(amt->local_ip, amt->remote_ip, 774 sizeof(*udph) + sizeof(*amtrh), 775 IPPROTO_UDP, skb->csum); 776 777 skb_push(skb, sizeof(*iph)); 778 iph = ip_hdr(skb); 779 iph->version = 4; 780 iph->ihl = (sizeof(struct iphdr)) >> 2; 781 iph->tos = AMT_TOS; 782 iph->frag_off = 0; 783 iph->ttl = ip4_dst_hoplimit(&rt->dst); 784 iph->daddr = amt->remote_ip; 785 iph->saddr = amt->local_ip; 786 iph->protocol = IPPROTO_UDP; 787 iph->tot_len = htons(len); 788 789 skb->ip_summed = CHECKSUM_NONE; 790 ip_select_ident(amt->net, skb, NULL); 791 ip_send_check(iph); 792 err = ip_local_out(amt->net, sock->sk, skb); 793 if (unlikely(net_xmit_eval(err))) 794 amt->dev->stats.tx_errors++; 795 796 out: 797 rcu_read_unlock(); 798 } 799 800 static void amt_send_igmp_gq(struct amt_dev *amt, 801 struct amt_tunnel_list *tunnel) 802 { 803 struct sk_buff *skb; 804 805 skb = amt_build_igmp_gq(amt); 806 if (!skb) 807 return; 808 809 amt_skb_cb(skb)->tunnel = tunnel; 810 dev_queue_xmit(skb); 811 } 812 813 #if IS_ENABLED(CONFIG_IPV6) 814 static struct sk_buff *amt_build_mld_gq(struct amt_dev *amt) 815 { 816 u8 ra[AMT_IP6HDR_OPTS] = { IPPROTO_ICMPV6, 0, IPV6_TLV_ROUTERALERT, 817 2, 0, 0, IPV6_TLV_PAD1, IPV6_TLV_PAD1 }; 818 int hlen = LL_RESERVED_SPACE(amt->dev); 819 int tlen = amt->dev->needed_tailroom; 820 struct mld2_query *mld2q; 821 void *csum_start = NULL; 822 struct ipv6hdr *ip6h; 823 struct sk_buff *skb; 824 struct ethhdr *eth; 825 u32 len; 826 827 len = hlen + tlen + sizeof(*ip6h) + sizeof(ra) + sizeof(*mld2q); 828 skb = netdev_alloc_skb_ip_align(amt->dev, len); 829 if (!skb) 830 return NULL; 831 832 skb_reserve(skb, hlen); 833 skb_push(skb, sizeof(*eth)); 834 skb_reset_mac_header(skb); 835 eth = eth_hdr(skb); 836 skb->priority = TC_PRIO_CONTROL; 837 skb->protocol = htons(ETH_P_IPV6); 838 skb_put_zero(skb, sizeof(*ip6h)); 839 skb_put_data(skb, ra, sizeof(ra)); 840 skb_put_zero(skb, sizeof(*mld2q)); 841 skb_pull(skb, sizeof(*eth)); 842 skb_reset_network_header(skb); 843 ip6h = ipv6_hdr(skb); 844 ip6h->payload_len = htons(sizeof(ra) + sizeof(*mld2q)); 845 ip6h->nexthdr = NEXTHDR_HOP; 846 ip6h->hop_limit = 1; 847 ip6h->daddr = mld2_all_node; 848 ip6_flow_hdr(ip6h, 0, 0); 849 850 if (ipv6_dev_get_saddr(amt->net, amt->dev, &ip6h->daddr, 0, 851 &ip6h->saddr)) { 852 amt->dev->stats.tx_errors++; 853 kfree_skb(skb); 854 return NULL; 855 } 856 857 eth->h_proto = htons(ETH_P_IPV6); 858 ether_addr_copy(eth->h_source, amt->dev->dev_addr); 859 ipv6_eth_mc_map(&mld2_all_node, eth->h_dest); 860 861 skb_pull(skb, sizeof(*ip6h) + sizeof(ra)); 862 skb_reset_transport_header(skb); 863 mld2q = (struct mld2_query *)icmp6_hdr(skb); 864 mld2q->mld2q_mrc = htons(1); 865 mld2q->mld2q_type = ICMPV6_MGM_QUERY; 866 mld2q->mld2q_code = 0; 867 mld2q->mld2q_cksum = 0; 868 mld2q->mld2q_resv1 = 0; 869 mld2q->mld2q_resv2 = 0; 870 mld2q->mld2q_suppress = 0; 871 mld2q->mld2q_qrv = amt->qrv; 872 mld2q->mld2q_nsrcs = 0; 873 mld2q->mld2q_qqic = amt->qi; 874 csum_start = (void *)mld2q; 875 mld2q->mld2q_cksum = csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr, 876 sizeof(*mld2q), 877 IPPROTO_ICMPV6, 878 csum_partial(csum_start, 879 sizeof(*mld2q), 0)); 880 881 skb->ip_summed = CHECKSUM_NONE; 882 skb_push(skb, sizeof(*eth) + sizeof(*ip6h) + sizeof(ra)); 883 return skb; 884 } 885 886 static void amt_send_mld_gq(struct amt_dev *amt, struct amt_tunnel_list *tunnel) 887 { 888 struct sk_buff *skb; 889 890 skb = amt_build_mld_gq(amt); 891 if (!skb) 892 return; 893 894 amt_skb_cb(skb)->tunnel = tunnel; 895 dev_queue_xmit(skb); 896 } 897 #else 898 static void amt_send_mld_gq(struct amt_dev *amt, struct amt_tunnel_list *tunnel) 899 { 900 } 901 #endif 902 903 static void amt_secret_work(struct work_struct *work) 904 { 905 struct amt_dev *amt = container_of(to_delayed_work(work), 906 struct amt_dev, 907 secret_wq); 908 909 spin_lock_bh(&amt->lock); 910 get_random_bytes(&amt->key, sizeof(siphash_key_t)); 911 spin_unlock_bh(&amt->lock); 912 mod_delayed_work(amt_wq, &amt->secret_wq, 913 msecs_to_jiffies(AMT_SECRET_TIMEOUT)); 914 } 915 916 static void amt_discovery_work(struct work_struct *work) 917 { 918 struct amt_dev *amt = container_of(to_delayed_work(work), 919 struct amt_dev, 920 discovery_wq); 921 922 spin_lock_bh(&amt->lock); 923 if (amt->status > AMT_STATUS_SENT_DISCOVERY) 924 goto out; 925 get_random_bytes(&amt->nonce, sizeof(__be32)); 926 spin_unlock_bh(&amt->lock); 927 928 amt_send_discovery(amt); 929 spin_lock_bh(&amt->lock); 930 out: 931 mod_delayed_work(amt_wq, &amt->discovery_wq, 932 msecs_to_jiffies(AMT_DISCOVERY_TIMEOUT)); 933 spin_unlock_bh(&amt->lock); 934 } 935 936 static void amt_req_work(struct work_struct *work) 937 { 938 struct amt_dev *amt = container_of(to_delayed_work(work), 939 struct amt_dev, 940 req_wq); 941 u32 exp; 942 943 spin_lock_bh(&amt->lock); 944 if (amt->status < AMT_STATUS_RECEIVED_ADVERTISEMENT) 945 goto out; 946 947 if (amt->req_cnt > AMT_MAX_REQ_COUNT) { 948 netdev_dbg(amt->dev, "Gateway is not ready"); 949 amt->qi = AMT_INIT_REQ_TIMEOUT; 950 amt->ready4 = false; 951 amt->ready6 = false; 952 amt->remote_ip = 0; 953 __amt_update_gw_status(amt, AMT_STATUS_INIT, false); 954 amt->req_cnt = 0; 955 goto out; 956 } 957 spin_unlock_bh(&amt->lock); 958 959 amt_send_request(amt, false); 960 amt_send_request(amt, true); 961 spin_lock_bh(&amt->lock); 962 __amt_update_gw_status(amt, AMT_STATUS_SENT_REQUEST, true); 963 amt->req_cnt++; 964 out: 965 exp = min_t(u32, (1 * (1 << amt->req_cnt)), AMT_MAX_REQ_TIMEOUT); 966 mod_delayed_work(amt_wq, &amt->req_wq, msecs_to_jiffies(exp * 1000)); 967 spin_unlock_bh(&amt->lock); 968 } 969 970 static bool amt_send_membership_update(struct amt_dev *amt, 971 struct sk_buff *skb, 972 bool v6) 973 { 974 struct amt_header_membership_update *amtmu; 975 struct socket *sock; 976 struct iphdr *iph; 977 struct flowi4 fl4; 978 struct rtable *rt; 979 int err; 980 981 sock = rcu_dereference_bh(amt->sock); 982 if (!sock) 983 return true; 984 985 err = skb_cow_head(skb, LL_RESERVED_SPACE(amt->dev) + sizeof(*amtmu) + 986 sizeof(*iph) + sizeof(struct udphdr)); 987 if (err) 988 return true; 989 990 skb_reset_inner_headers(skb); 991 memset(&fl4, 0, sizeof(struct flowi4)); 992 fl4.flowi4_oif = amt->stream_dev->ifindex; 993 fl4.daddr = amt->remote_ip; 994 fl4.saddr = amt->local_ip; 995 fl4.flowi4_tos = AMT_TOS; 996 fl4.flowi4_proto = IPPROTO_UDP; 997 rt = ip_route_output_key(amt->net, &fl4); 998 if (IS_ERR(rt)) { 999 netdev_dbg(amt->dev, "no route to %pI4\n", &amt->remote_ip); 1000 return true; 1001 } 1002 1003 amtmu = skb_push(skb, sizeof(*amtmu)); 1004 amtmu->version = 0; 1005 amtmu->type = AMT_MSG_MEMBERSHIP_UPDATE; 1006 amtmu->reserved = 0; 1007 amtmu->nonce = amt->nonce; 1008 amtmu->response_mac = amt->mac; 1009 1010 if (!v6) 1011 skb_set_inner_protocol(skb, htons(ETH_P_IP)); 1012 else 1013 skb_set_inner_protocol(skb, htons(ETH_P_IPV6)); 1014 udp_tunnel_xmit_skb(rt, sock->sk, skb, 1015 fl4.saddr, 1016 fl4.daddr, 1017 AMT_TOS, 1018 ip4_dst_hoplimit(&rt->dst), 1019 0, 1020 amt->gw_port, 1021 amt->relay_port, 1022 false, 1023 false); 1024 amt_update_gw_status(amt, AMT_STATUS_SENT_UPDATE, true); 1025 return false; 1026 } 1027 1028 static void amt_send_multicast_data(struct amt_dev *amt, 1029 const struct sk_buff *oskb, 1030 struct amt_tunnel_list *tunnel, 1031 bool v6) 1032 { 1033 struct amt_header_mcast_data *amtmd; 1034 struct socket *sock; 1035 struct sk_buff *skb; 1036 struct iphdr *iph; 1037 struct flowi4 fl4; 1038 struct rtable *rt; 1039 1040 sock = rcu_dereference_bh(amt->sock); 1041 if (!sock) 1042 return; 1043 1044 skb = skb_copy_expand(oskb, sizeof(*amtmd) + sizeof(*iph) + 1045 sizeof(struct udphdr), 0, GFP_ATOMIC); 1046 if (!skb) 1047 return; 1048 1049 skb_reset_inner_headers(skb); 1050 memset(&fl4, 0, sizeof(struct flowi4)); 1051 fl4.flowi4_oif = amt->stream_dev->ifindex; 1052 fl4.daddr = tunnel->ip4; 1053 fl4.saddr = amt->local_ip; 1054 fl4.flowi4_proto = IPPROTO_UDP; 1055 rt = ip_route_output_key(amt->net, &fl4); 1056 if (IS_ERR(rt)) { 1057 netdev_dbg(amt->dev, "no route to %pI4\n", &tunnel->ip4); 1058 kfree_skb(skb); 1059 return; 1060 } 1061 1062 amtmd = skb_push(skb, sizeof(*amtmd)); 1063 amtmd->version = 0; 1064 amtmd->reserved = 0; 1065 amtmd->type = AMT_MSG_MULTICAST_DATA; 1066 1067 if (!v6) 1068 skb_set_inner_protocol(skb, htons(ETH_P_IP)); 1069 else 1070 skb_set_inner_protocol(skb, htons(ETH_P_IPV6)); 1071 udp_tunnel_xmit_skb(rt, sock->sk, skb, 1072 fl4.saddr, 1073 fl4.daddr, 1074 AMT_TOS, 1075 ip4_dst_hoplimit(&rt->dst), 1076 0, 1077 amt->relay_port, 1078 tunnel->source_port, 1079 false, 1080 false); 1081 } 1082 1083 static bool amt_send_membership_query(struct amt_dev *amt, 1084 struct sk_buff *skb, 1085 struct amt_tunnel_list *tunnel, 1086 bool v6) 1087 { 1088 struct amt_header_membership_query *amtmq; 1089 struct socket *sock; 1090 struct rtable *rt; 1091 struct flowi4 fl4; 1092 int err; 1093 1094 sock = rcu_dereference_bh(amt->sock); 1095 if (!sock) 1096 return true; 1097 1098 err = skb_cow_head(skb, LL_RESERVED_SPACE(amt->dev) + sizeof(*amtmq) + 1099 sizeof(struct iphdr) + sizeof(struct udphdr)); 1100 if (err) 1101 return true; 1102 1103 skb_reset_inner_headers(skb); 1104 memset(&fl4, 0, sizeof(struct flowi4)); 1105 fl4.flowi4_oif = amt->stream_dev->ifindex; 1106 fl4.daddr = tunnel->ip4; 1107 fl4.saddr = amt->local_ip; 1108 fl4.flowi4_tos = AMT_TOS; 1109 fl4.flowi4_proto = IPPROTO_UDP; 1110 rt = ip_route_output_key(amt->net, &fl4); 1111 if (IS_ERR(rt)) { 1112 netdev_dbg(amt->dev, "no route to %pI4\n", &tunnel->ip4); 1113 return true; 1114 } 1115 1116 amtmq = skb_push(skb, sizeof(*amtmq)); 1117 amtmq->version = 0; 1118 amtmq->type = AMT_MSG_MEMBERSHIP_QUERY; 1119 amtmq->reserved = 0; 1120 amtmq->l = 0; 1121 amtmq->g = 0; 1122 amtmq->nonce = tunnel->nonce; 1123 amtmq->response_mac = tunnel->mac; 1124 1125 if (!v6) 1126 skb_set_inner_protocol(skb, htons(ETH_P_IP)); 1127 else 1128 skb_set_inner_protocol(skb, htons(ETH_P_IPV6)); 1129 udp_tunnel_xmit_skb(rt, sock->sk, skb, 1130 fl4.saddr, 1131 fl4.daddr, 1132 AMT_TOS, 1133 ip4_dst_hoplimit(&rt->dst), 1134 0, 1135 amt->relay_port, 1136 tunnel->source_port, 1137 false, 1138 false); 1139 amt_update_relay_status(tunnel, AMT_STATUS_SENT_QUERY, true); 1140 return false; 1141 } 1142 1143 static netdev_tx_t amt_dev_xmit(struct sk_buff *skb, struct net_device *dev) 1144 { 1145 struct amt_dev *amt = netdev_priv(dev); 1146 struct amt_tunnel_list *tunnel; 1147 struct amt_group_node *gnode; 1148 union amt_addr group = {0,}; 1149 #if IS_ENABLED(CONFIG_IPV6) 1150 struct ipv6hdr *ip6h; 1151 struct mld_msg *mld; 1152 #endif 1153 bool report = false; 1154 struct igmphdr *ih; 1155 bool query = false; 1156 struct iphdr *iph; 1157 bool data = false; 1158 bool v6 = false; 1159 u32 hash; 1160 1161 iph = ip_hdr(skb); 1162 if (iph->version == 4) { 1163 if (!ipv4_is_multicast(iph->daddr)) 1164 goto free; 1165 1166 if (!ip_mc_check_igmp(skb)) { 1167 ih = igmp_hdr(skb); 1168 switch (ih->type) { 1169 case IGMPV3_HOST_MEMBERSHIP_REPORT: 1170 case IGMP_HOST_MEMBERSHIP_REPORT: 1171 report = true; 1172 break; 1173 case IGMP_HOST_MEMBERSHIP_QUERY: 1174 query = true; 1175 break; 1176 default: 1177 goto free; 1178 } 1179 } else { 1180 data = true; 1181 } 1182 v6 = false; 1183 group.ip4 = iph->daddr; 1184 #if IS_ENABLED(CONFIG_IPV6) 1185 } else if (iph->version == 6) { 1186 ip6h = ipv6_hdr(skb); 1187 if (!ipv6_addr_is_multicast(&ip6h->daddr)) 1188 goto free; 1189 1190 if (!ipv6_mc_check_mld(skb)) { 1191 mld = (struct mld_msg *)skb_transport_header(skb); 1192 switch (mld->mld_type) { 1193 case ICMPV6_MGM_REPORT: 1194 case ICMPV6_MLD2_REPORT: 1195 report = true; 1196 break; 1197 case ICMPV6_MGM_QUERY: 1198 query = true; 1199 break; 1200 default: 1201 goto free; 1202 } 1203 } else { 1204 data = true; 1205 } 1206 v6 = true; 1207 group.ip6 = ip6h->daddr; 1208 #endif 1209 } else { 1210 dev->stats.tx_errors++; 1211 goto free; 1212 } 1213 1214 if (!pskb_may_pull(skb, sizeof(struct ethhdr))) 1215 goto free; 1216 1217 skb_pull(skb, sizeof(struct ethhdr)); 1218 1219 if (amt->mode == AMT_MODE_GATEWAY) { 1220 /* Gateway only passes IGMP/MLD packets */ 1221 if (!report) 1222 goto free; 1223 if ((!v6 && !amt->ready4) || (v6 && !amt->ready6)) 1224 goto free; 1225 if (amt_send_membership_update(amt, skb, v6)) 1226 goto free; 1227 goto unlock; 1228 } else if (amt->mode == AMT_MODE_RELAY) { 1229 if (query) { 1230 tunnel = amt_skb_cb(skb)->tunnel; 1231 if (!tunnel) { 1232 WARN_ON(1); 1233 goto free; 1234 } 1235 1236 /* Do not forward unexpected query */ 1237 if (amt_send_membership_query(amt, skb, tunnel, v6)) 1238 goto free; 1239 goto unlock; 1240 } 1241 1242 if (!data) 1243 goto free; 1244 list_for_each_entry_rcu(tunnel, &amt->tunnel_list, list) { 1245 hash = amt_group_hash(tunnel, &group); 1246 hlist_for_each_entry_rcu(gnode, &tunnel->groups[hash], 1247 node) { 1248 if (!v6) { 1249 if (gnode->group_addr.ip4 == iph->daddr) 1250 goto found; 1251 #if IS_ENABLED(CONFIG_IPV6) 1252 } else { 1253 if (ipv6_addr_equal(&gnode->group_addr.ip6, 1254 &ip6h->daddr)) 1255 goto found; 1256 #endif 1257 } 1258 } 1259 continue; 1260 found: 1261 amt_send_multicast_data(amt, skb, tunnel, v6); 1262 } 1263 } 1264 1265 dev_kfree_skb(skb); 1266 return NETDEV_TX_OK; 1267 free: 1268 dev_kfree_skb(skb); 1269 unlock: 1270 dev->stats.tx_dropped++; 1271 return NETDEV_TX_OK; 1272 } 1273 1274 static int amt_parse_type(struct sk_buff *skb) 1275 { 1276 struct amt_header *amth; 1277 1278 if (!pskb_may_pull(skb, sizeof(struct udphdr) + 1279 sizeof(struct amt_header))) 1280 return -1; 1281 1282 amth = (struct amt_header *)(udp_hdr(skb) + 1); 1283 1284 if (amth->version != 0) 1285 return -1; 1286 1287 if (amth->type >= __AMT_MSG_MAX || !amth->type) 1288 return -1; 1289 return amth->type; 1290 } 1291 1292 static void amt_clear_groups(struct amt_tunnel_list *tunnel) 1293 { 1294 struct amt_dev *amt = tunnel->amt; 1295 struct amt_group_node *gnode; 1296 struct hlist_node *t; 1297 int i; 1298 1299 spin_lock_bh(&tunnel->lock); 1300 rcu_read_lock(); 1301 for (i = 0; i < amt->hash_buckets; i++) 1302 hlist_for_each_entry_safe(gnode, t, &tunnel->groups[i], node) 1303 amt_del_group(amt, gnode); 1304 rcu_read_unlock(); 1305 spin_unlock_bh(&tunnel->lock); 1306 } 1307 1308 static void amt_tunnel_expire(struct work_struct *work) 1309 { 1310 struct amt_tunnel_list *tunnel = container_of(to_delayed_work(work), 1311 struct amt_tunnel_list, 1312 gc_wq); 1313 struct amt_dev *amt = tunnel->amt; 1314 1315 spin_lock_bh(&amt->lock); 1316 rcu_read_lock(); 1317 list_del_rcu(&tunnel->list); 1318 amt->nr_tunnels--; 1319 amt_clear_groups(tunnel); 1320 rcu_read_unlock(); 1321 spin_unlock_bh(&amt->lock); 1322 kfree_rcu(tunnel, rcu); 1323 } 1324 1325 static void amt_cleanup_srcs(struct amt_dev *amt, 1326 struct amt_tunnel_list *tunnel, 1327 struct amt_group_node *gnode) 1328 { 1329 struct amt_source_node *snode; 1330 struct hlist_node *t; 1331 int i; 1332 1333 /* Delete old sources */ 1334 for (i = 0; i < amt->hash_buckets; i++) { 1335 hlist_for_each_entry_safe(snode, t, &gnode->sources[i], node) { 1336 if (snode->flags == AMT_SOURCE_OLD) 1337 amt_destroy_source(snode); 1338 } 1339 } 1340 1341 /* switch from new to old */ 1342 for (i = 0; i < amt->hash_buckets; i++) { 1343 hlist_for_each_entry_rcu(snode, &gnode->sources[i], node) { 1344 snode->flags = AMT_SOURCE_OLD; 1345 if (!gnode->v6) 1346 netdev_dbg(snode->gnode->amt->dev, 1347 "Add source as OLD %pI4 from %pI4\n", 1348 &snode->source_addr.ip4, 1349 &gnode->group_addr.ip4); 1350 #if IS_ENABLED(CONFIG_IPV6) 1351 else 1352 netdev_dbg(snode->gnode->amt->dev, 1353 "Add source as OLD %pI6 from %pI6\n", 1354 &snode->source_addr.ip6, 1355 &gnode->group_addr.ip6); 1356 #endif 1357 } 1358 } 1359 } 1360 1361 static void amt_add_srcs(struct amt_dev *amt, struct amt_tunnel_list *tunnel, 1362 struct amt_group_node *gnode, void *grec, 1363 bool v6) 1364 { 1365 struct igmpv3_grec *igmp_grec; 1366 struct amt_source_node *snode; 1367 #if IS_ENABLED(CONFIG_IPV6) 1368 struct mld2_grec *mld_grec; 1369 #endif 1370 union amt_addr src = {0,}; 1371 u16 nsrcs; 1372 u32 hash; 1373 int i; 1374 1375 if (!v6) { 1376 igmp_grec = (struct igmpv3_grec *)grec; 1377 nsrcs = ntohs(igmp_grec->grec_nsrcs); 1378 } else { 1379 #if IS_ENABLED(CONFIG_IPV6) 1380 mld_grec = (struct mld2_grec *)grec; 1381 nsrcs = ntohs(mld_grec->grec_nsrcs); 1382 #else 1383 return; 1384 #endif 1385 } 1386 for (i = 0; i < nsrcs; i++) { 1387 if (tunnel->nr_sources >= amt->max_sources) 1388 return; 1389 if (!v6) 1390 src.ip4 = igmp_grec->grec_src[i]; 1391 #if IS_ENABLED(CONFIG_IPV6) 1392 else 1393 memcpy(&src.ip6, &mld_grec->grec_src[i], 1394 sizeof(struct in6_addr)); 1395 #endif 1396 if (amt_lookup_src(tunnel, gnode, AMT_FILTER_ALL, &src)) 1397 continue; 1398 1399 snode = amt_alloc_snode(gnode, &src); 1400 if (snode) { 1401 hash = amt_source_hash(tunnel, &snode->source_addr); 1402 hlist_add_head_rcu(&snode->node, &gnode->sources[hash]); 1403 tunnel->nr_sources++; 1404 gnode->nr_sources++; 1405 1406 if (!gnode->v6) 1407 netdev_dbg(snode->gnode->amt->dev, 1408 "Add source as NEW %pI4 from %pI4\n", 1409 &snode->source_addr.ip4, 1410 &gnode->group_addr.ip4); 1411 #if IS_ENABLED(CONFIG_IPV6) 1412 else 1413 netdev_dbg(snode->gnode->amt->dev, 1414 "Add source as NEW %pI6 from %pI6\n", 1415 &snode->source_addr.ip6, 1416 &gnode->group_addr.ip6); 1417 #endif 1418 } 1419 } 1420 } 1421 1422 /* Router State Report Rec'd New Router State 1423 * ------------ ------------ ---------------- 1424 * EXCLUDE (X,Y) IS_IN (A) EXCLUDE (X+A,Y-A) 1425 * 1426 * -----------+-----------+-----------+ 1427 * | OLD | NEW | 1428 * -----------+-----------+-----------+ 1429 * FWD | X | X+A | 1430 * -----------+-----------+-----------+ 1431 * D_FWD | Y | Y-A | 1432 * -----------+-----------+-----------+ 1433 * NONE | | A | 1434 * -----------+-----------+-----------+ 1435 * 1436 * a) Received sources are NONE/NEW 1437 * b) All NONE will be deleted by amt_cleanup_srcs(). 1438 * c) All OLD will be deleted by amt_cleanup_srcs(). 1439 * d) After delete, NEW source will be switched to OLD. 1440 */ 1441 static void amt_lookup_act_srcs(struct amt_tunnel_list *tunnel, 1442 struct amt_group_node *gnode, 1443 void *grec, 1444 enum amt_ops ops, 1445 enum amt_filter filter, 1446 enum amt_act act, 1447 bool v6) 1448 { 1449 struct amt_dev *amt = tunnel->amt; 1450 struct amt_source_node *snode; 1451 struct igmpv3_grec *igmp_grec; 1452 #if IS_ENABLED(CONFIG_IPV6) 1453 struct mld2_grec *mld_grec; 1454 #endif 1455 union amt_addr src = {0,}; 1456 struct hlist_node *t; 1457 u16 nsrcs; 1458 int i, j; 1459 1460 if (!v6) { 1461 igmp_grec = (struct igmpv3_grec *)grec; 1462 nsrcs = ntohs(igmp_grec->grec_nsrcs); 1463 } else { 1464 #if IS_ENABLED(CONFIG_IPV6) 1465 mld_grec = (struct mld2_grec *)grec; 1466 nsrcs = ntohs(mld_grec->grec_nsrcs); 1467 #else 1468 return; 1469 #endif 1470 } 1471 1472 memset(&src, 0, sizeof(union amt_addr)); 1473 switch (ops) { 1474 case AMT_OPS_INT: 1475 /* A*B */ 1476 for (i = 0; i < nsrcs; i++) { 1477 if (!v6) 1478 src.ip4 = igmp_grec->grec_src[i]; 1479 #if IS_ENABLED(CONFIG_IPV6) 1480 else 1481 memcpy(&src.ip6, &mld_grec->grec_src[i], 1482 sizeof(struct in6_addr)); 1483 #endif 1484 snode = amt_lookup_src(tunnel, gnode, filter, &src); 1485 if (!snode) 1486 continue; 1487 amt_act_src(tunnel, gnode, snode, act); 1488 } 1489 break; 1490 case AMT_OPS_UNI: 1491 /* A+B */ 1492 for (i = 0; i < amt->hash_buckets; i++) { 1493 hlist_for_each_entry_safe(snode, t, &gnode->sources[i], 1494 node) { 1495 if (amt_status_filter(snode, filter)) 1496 amt_act_src(tunnel, gnode, snode, act); 1497 } 1498 } 1499 for (i = 0; i < nsrcs; i++) { 1500 if (!v6) 1501 src.ip4 = igmp_grec->grec_src[i]; 1502 #if IS_ENABLED(CONFIG_IPV6) 1503 else 1504 memcpy(&src.ip6, &mld_grec->grec_src[i], 1505 sizeof(struct in6_addr)); 1506 #endif 1507 snode = amt_lookup_src(tunnel, gnode, filter, &src); 1508 if (!snode) 1509 continue; 1510 amt_act_src(tunnel, gnode, snode, act); 1511 } 1512 break; 1513 case AMT_OPS_SUB: 1514 /* A-B */ 1515 for (i = 0; i < amt->hash_buckets; i++) { 1516 hlist_for_each_entry_safe(snode, t, &gnode->sources[i], 1517 node) { 1518 if (!amt_status_filter(snode, filter)) 1519 continue; 1520 for (j = 0; j < nsrcs; j++) { 1521 if (!v6) 1522 src.ip4 = igmp_grec->grec_src[j]; 1523 #if IS_ENABLED(CONFIG_IPV6) 1524 else 1525 memcpy(&src.ip6, 1526 &mld_grec->grec_src[j], 1527 sizeof(struct in6_addr)); 1528 #endif 1529 if (amt_addr_equal(&snode->source_addr, 1530 &src)) 1531 goto out_sub; 1532 } 1533 amt_act_src(tunnel, gnode, snode, act); 1534 continue; 1535 out_sub:; 1536 } 1537 } 1538 break; 1539 case AMT_OPS_SUB_REV: 1540 /* B-A */ 1541 for (i = 0; i < nsrcs; i++) { 1542 if (!v6) 1543 src.ip4 = igmp_grec->grec_src[i]; 1544 #if IS_ENABLED(CONFIG_IPV6) 1545 else 1546 memcpy(&src.ip6, &mld_grec->grec_src[i], 1547 sizeof(struct in6_addr)); 1548 #endif 1549 snode = amt_lookup_src(tunnel, gnode, AMT_FILTER_ALL, 1550 &src); 1551 if (!snode) { 1552 snode = amt_lookup_src(tunnel, gnode, 1553 filter, &src); 1554 if (snode) 1555 amt_act_src(tunnel, gnode, snode, act); 1556 } 1557 } 1558 break; 1559 default: 1560 netdev_dbg(amt->dev, "Invalid type\n"); 1561 return; 1562 } 1563 } 1564 1565 static void amt_mcast_is_in_handler(struct amt_dev *amt, 1566 struct amt_tunnel_list *tunnel, 1567 struct amt_group_node *gnode, 1568 void *grec, void *zero_grec, bool v6) 1569 { 1570 if (gnode->filter_mode == MCAST_INCLUDE) { 1571 /* Router State Report Rec'd New Router State Actions 1572 * ------------ ------------ ---------------- ------- 1573 * INCLUDE (A) IS_IN (B) INCLUDE (A+B) (B)=GMI 1574 */ 1575 /* Update IS_IN (B) as FWD/NEW */ 1576 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_UNI, 1577 AMT_FILTER_NONE_NEW, 1578 AMT_ACT_STATUS_FWD_NEW, 1579 v6); 1580 /* Update INCLUDE (A) as NEW */ 1581 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_UNI, 1582 AMT_FILTER_FWD, 1583 AMT_ACT_STATUS_FWD_NEW, 1584 v6); 1585 /* (B)=GMI */ 1586 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_INT, 1587 AMT_FILTER_FWD_NEW, 1588 AMT_ACT_GMI, 1589 v6); 1590 } else { 1591 /* State Actions 1592 * ------------ ------------ ---------------- ------- 1593 * EXCLUDE (X,Y) IS_IN (A) EXCLUDE (X+A,Y-A) (A)=GMI 1594 */ 1595 /* Update (A) in (X, Y) as NONE/NEW */ 1596 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_INT, 1597 AMT_FILTER_BOTH, 1598 AMT_ACT_STATUS_NONE_NEW, 1599 v6); 1600 /* Update FWD/OLD as FWD/NEW */ 1601 amt_lookup_act_srcs(tunnel, gnode, zero_grec, AMT_OPS_UNI, 1602 AMT_FILTER_FWD, 1603 AMT_ACT_STATUS_FWD_NEW, 1604 v6); 1605 /* Update IS_IN (A) as FWD/NEW */ 1606 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_INT, 1607 AMT_FILTER_NONE_NEW, 1608 AMT_ACT_STATUS_FWD_NEW, 1609 v6); 1610 /* Update EXCLUDE (, Y-A) as D_FWD_NEW */ 1611 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_SUB, 1612 AMT_FILTER_D_FWD, 1613 AMT_ACT_STATUS_D_FWD_NEW, 1614 v6); 1615 } 1616 } 1617 1618 static void amt_mcast_is_ex_handler(struct amt_dev *amt, 1619 struct amt_tunnel_list *tunnel, 1620 struct amt_group_node *gnode, 1621 void *grec, void *zero_grec, bool v6) 1622 { 1623 if (gnode->filter_mode == MCAST_INCLUDE) { 1624 /* Router State Report Rec'd New Router State Actions 1625 * ------------ ------------ ---------------- ------- 1626 * INCLUDE (A) IS_EX (B) EXCLUDE (A*B,B-A) (B-A)=0 1627 * Delete (A-B) 1628 * Group Timer=GMI 1629 */ 1630 /* EXCLUDE(A*B, ) */ 1631 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_INT, 1632 AMT_FILTER_FWD, 1633 AMT_ACT_STATUS_FWD_NEW, 1634 v6); 1635 /* EXCLUDE(, B-A) */ 1636 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_SUB_REV, 1637 AMT_FILTER_FWD, 1638 AMT_ACT_STATUS_D_FWD_NEW, 1639 v6); 1640 /* (B-A)=0 */ 1641 amt_lookup_act_srcs(tunnel, gnode, zero_grec, AMT_OPS_UNI, 1642 AMT_FILTER_D_FWD_NEW, 1643 AMT_ACT_GMI_ZERO, 1644 v6); 1645 /* Group Timer=GMI */ 1646 if (!mod_delayed_work(amt_wq, &gnode->group_timer, 1647 msecs_to_jiffies(amt_gmi(amt)))) 1648 dev_hold(amt->dev); 1649 gnode->filter_mode = MCAST_EXCLUDE; 1650 /* Delete (A-B) will be worked by amt_cleanup_srcs(). */ 1651 } else { 1652 /* Router State Report Rec'd New Router State Actions 1653 * ------------ ------------ ---------------- ------- 1654 * EXCLUDE (X,Y) IS_EX (A) EXCLUDE (A-Y,Y*A) (A-X-Y)=GMI 1655 * Delete (X-A) 1656 * Delete (Y-A) 1657 * Group Timer=GMI 1658 */ 1659 /* EXCLUDE (A-Y, ) */ 1660 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_SUB_REV, 1661 AMT_FILTER_D_FWD, 1662 AMT_ACT_STATUS_FWD_NEW, 1663 v6); 1664 /* EXCLUDE (, Y*A ) */ 1665 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_INT, 1666 AMT_FILTER_D_FWD, 1667 AMT_ACT_STATUS_D_FWD_NEW, 1668 v6); 1669 /* (A-X-Y)=GMI */ 1670 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_SUB_REV, 1671 AMT_FILTER_BOTH_NEW, 1672 AMT_ACT_GMI, 1673 v6); 1674 /* Group Timer=GMI */ 1675 if (!mod_delayed_work(amt_wq, &gnode->group_timer, 1676 msecs_to_jiffies(amt_gmi(amt)))) 1677 dev_hold(amt->dev); 1678 /* Delete (X-A), (Y-A) will be worked by amt_cleanup_srcs(). */ 1679 } 1680 } 1681 1682 static void amt_mcast_to_in_handler(struct amt_dev *amt, 1683 struct amt_tunnel_list *tunnel, 1684 struct amt_group_node *gnode, 1685 void *grec, void *zero_grec, bool v6) 1686 { 1687 if (gnode->filter_mode == MCAST_INCLUDE) { 1688 /* Router State Report Rec'd New Router State Actions 1689 * ------------ ------------ ---------------- ------- 1690 * INCLUDE (A) TO_IN (B) INCLUDE (A+B) (B)=GMI 1691 * Send Q(G,A-B) 1692 */ 1693 /* Update TO_IN (B) sources as FWD/NEW */ 1694 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_UNI, 1695 AMT_FILTER_NONE_NEW, 1696 AMT_ACT_STATUS_FWD_NEW, 1697 v6); 1698 /* Update INCLUDE (A) sources as NEW */ 1699 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_UNI, 1700 AMT_FILTER_FWD, 1701 AMT_ACT_STATUS_FWD_NEW, 1702 v6); 1703 /* (B)=GMI */ 1704 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_INT, 1705 AMT_FILTER_FWD_NEW, 1706 AMT_ACT_GMI, 1707 v6); 1708 } else { 1709 /* Router State Report Rec'd New Router State Actions 1710 * ------------ ------------ ---------------- ------- 1711 * EXCLUDE (X,Y) TO_IN (A) EXCLUDE (X+A,Y-A) (A)=GMI 1712 * Send Q(G,X-A) 1713 * Send Q(G) 1714 */ 1715 /* Update TO_IN (A) sources as FWD/NEW */ 1716 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_UNI, 1717 AMT_FILTER_NONE_NEW, 1718 AMT_ACT_STATUS_FWD_NEW, 1719 v6); 1720 /* Update EXCLUDE(X,) sources as FWD/NEW */ 1721 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_UNI, 1722 AMT_FILTER_FWD, 1723 AMT_ACT_STATUS_FWD_NEW, 1724 v6); 1725 /* EXCLUDE (, Y-A) 1726 * (A) are already switched to FWD_NEW. 1727 * So, D_FWD/OLD -> D_FWD/NEW is okay. 1728 */ 1729 amt_lookup_act_srcs(tunnel, gnode, zero_grec, AMT_OPS_UNI, 1730 AMT_FILTER_D_FWD, 1731 AMT_ACT_STATUS_D_FWD_NEW, 1732 v6); 1733 /* (A)=GMI 1734 * Only FWD_NEW will have (A) sources. 1735 */ 1736 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_INT, 1737 AMT_FILTER_FWD_NEW, 1738 AMT_ACT_GMI, 1739 v6); 1740 } 1741 } 1742 1743 static void amt_mcast_to_ex_handler(struct amt_dev *amt, 1744 struct amt_tunnel_list *tunnel, 1745 struct amt_group_node *gnode, 1746 void *grec, void *zero_grec, bool v6) 1747 { 1748 if (gnode->filter_mode == MCAST_INCLUDE) { 1749 /* Router State Report Rec'd New Router State Actions 1750 * ------------ ------------ ---------------- ------- 1751 * INCLUDE (A) TO_EX (B) EXCLUDE (A*B,B-A) (B-A)=0 1752 * Delete (A-B) 1753 * Send Q(G,A*B) 1754 * Group Timer=GMI 1755 */ 1756 /* EXCLUDE (A*B, ) */ 1757 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_INT, 1758 AMT_FILTER_FWD, 1759 AMT_ACT_STATUS_FWD_NEW, 1760 v6); 1761 /* EXCLUDE (, B-A) */ 1762 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_SUB_REV, 1763 AMT_FILTER_FWD, 1764 AMT_ACT_STATUS_D_FWD_NEW, 1765 v6); 1766 /* (B-A)=0 */ 1767 amt_lookup_act_srcs(tunnel, gnode, zero_grec, AMT_OPS_UNI, 1768 AMT_FILTER_D_FWD_NEW, 1769 AMT_ACT_GMI_ZERO, 1770 v6); 1771 /* Group Timer=GMI */ 1772 if (!mod_delayed_work(amt_wq, &gnode->group_timer, 1773 msecs_to_jiffies(amt_gmi(amt)))) 1774 dev_hold(amt->dev); 1775 gnode->filter_mode = MCAST_EXCLUDE; 1776 /* Delete (A-B) will be worked by amt_cleanup_srcs(). */ 1777 } else { 1778 /* Router State Report Rec'd New Router State Actions 1779 * ------------ ------------ ---------------- ------- 1780 * EXCLUDE (X,Y) TO_EX (A) EXCLUDE (A-Y,Y*A) (A-X-Y)=Group Timer 1781 * Delete (X-A) 1782 * Delete (Y-A) 1783 * Send Q(G,A-Y) 1784 * Group Timer=GMI 1785 */ 1786 /* Update (A-X-Y) as NONE/OLD */ 1787 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_SUB_REV, 1788 AMT_FILTER_BOTH, 1789 AMT_ACT_GT, 1790 v6); 1791 /* EXCLUDE (A-Y, ) */ 1792 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_SUB_REV, 1793 AMT_FILTER_D_FWD, 1794 AMT_ACT_STATUS_FWD_NEW, 1795 v6); 1796 /* EXCLUDE (, Y*A) */ 1797 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_INT, 1798 AMT_FILTER_D_FWD, 1799 AMT_ACT_STATUS_D_FWD_NEW, 1800 v6); 1801 /* Group Timer=GMI */ 1802 if (!mod_delayed_work(amt_wq, &gnode->group_timer, 1803 msecs_to_jiffies(amt_gmi(amt)))) 1804 dev_hold(amt->dev); 1805 /* Delete (X-A), (Y-A) will be worked by amt_cleanup_srcs(). */ 1806 } 1807 } 1808 1809 static void amt_mcast_allow_handler(struct amt_dev *amt, 1810 struct amt_tunnel_list *tunnel, 1811 struct amt_group_node *gnode, 1812 void *grec, void *zero_grec, bool v6) 1813 { 1814 if (gnode->filter_mode == MCAST_INCLUDE) { 1815 /* Router State Report Rec'd New Router State Actions 1816 * ------------ ------------ ---------------- ------- 1817 * INCLUDE (A) ALLOW (B) INCLUDE (A+B) (B)=GMI 1818 */ 1819 /* INCLUDE (A+B) */ 1820 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_UNI, 1821 AMT_FILTER_FWD, 1822 AMT_ACT_STATUS_FWD_NEW, 1823 v6); 1824 /* (B)=GMI */ 1825 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_INT, 1826 AMT_FILTER_FWD_NEW, 1827 AMT_ACT_GMI, 1828 v6); 1829 } else { 1830 /* Router State Report Rec'd New Router State Actions 1831 * ------------ ------------ ---------------- ------- 1832 * EXCLUDE (X,Y) ALLOW (A) EXCLUDE (X+A,Y-A) (A)=GMI 1833 */ 1834 /* EXCLUDE (X+A, ) */ 1835 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_UNI, 1836 AMT_FILTER_FWD, 1837 AMT_ACT_STATUS_FWD_NEW, 1838 v6); 1839 /* EXCLUDE (, Y-A) */ 1840 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_SUB, 1841 AMT_FILTER_D_FWD, 1842 AMT_ACT_STATUS_D_FWD_NEW, 1843 v6); 1844 /* (A)=GMI 1845 * All (A) source are now FWD/NEW status. 1846 */ 1847 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_INT, 1848 AMT_FILTER_FWD_NEW, 1849 AMT_ACT_GMI, 1850 v6); 1851 } 1852 } 1853 1854 static void amt_mcast_block_handler(struct amt_dev *amt, 1855 struct amt_tunnel_list *tunnel, 1856 struct amt_group_node *gnode, 1857 void *grec, void *zero_grec, bool v6) 1858 { 1859 if (gnode->filter_mode == MCAST_INCLUDE) { 1860 /* Router State Report Rec'd New Router State Actions 1861 * ------------ ------------ ---------------- ------- 1862 * INCLUDE (A) BLOCK (B) INCLUDE (A) Send Q(G,A*B) 1863 */ 1864 /* INCLUDE (A) */ 1865 amt_lookup_act_srcs(tunnel, gnode, zero_grec, AMT_OPS_UNI, 1866 AMT_FILTER_FWD, 1867 AMT_ACT_STATUS_FWD_NEW, 1868 v6); 1869 } else { 1870 /* Router State Report Rec'd New Router State Actions 1871 * ------------ ------------ ---------------- ------- 1872 * EXCLUDE (X,Y) BLOCK (A) EXCLUDE (X+(A-Y),Y) (A-X-Y)=Group Timer 1873 * Send Q(G,A-Y) 1874 */ 1875 /* (A-X-Y)=Group Timer */ 1876 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_SUB_REV, 1877 AMT_FILTER_BOTH, 1878 AMT_ACT_GT, 1879 v6); 1880 /* EXCLUDE (X, ) */ 1881 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_UNI, 1882 AMT_FILTER_FWD, 1883 AMT_ACT_STATUS_FWD_NEW, 1884 v6); 1885 /* EXCLUDE (X+(A-Y) */ 1886 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_SUB_REV, 1887 AMT_FILTER_D_FWD, 1888 AMT_ACT_STATUS_FWD_NEW, 1889 v6); 1890 /* EXCLUDE (, Y) */ 1891 amt_lookup_act_srcs(tunnel, gnode, grec, AMT_OPS_UNI, 1892 AMT_FILTER_D_FWD, 1893 AMT_ACT_STATUS_D_FWD_NEW, 1894 v6); 1895 } 1896 } 1897 1898 /* RFC 3376 1899 * 7.3.2. In the Presence of Older Version Group Members 1900 * 1901 * When Group Compatibility Mode is IGMPv2, a router internally 1902 * translates the following IGMPv2 messages for that group to their 1903 * IGMPv3 equivalents: 1904 * 1905 * IGMPv2 Message IGMPv3 Equivalent 1906 * -------------- ----------------- 1907 * Report IS_EX( {} ) 1908 * Leave TO_IN( {} ) 1909 */ 1910 static void amt_igmpv2_report_handler(struct amt_dev *amt, struct sk_buff *skb, 1911 struct amt_tunnel_list *tunnel) 1912 { 1913 struct igmphdr *ih = igmp_hdr(skb); 1914 struct iphdr *iph = ip_hdr(skb); 1915 struct amt_group_node *gnode; 1916 union amt_addr group, host; 1917 1918 memset(&group, 0, sizeof(union amt_addr)); 1919 group.ip4 = ih->group; 1920 memset(&host, 0, sizeof(union amt_addr)); 1921 host.ip4 = iph->saddr; 1922 1923 gnode = amt_lookup_group(tunnel, &group, &host, false); 1924 if (!gnode) { 1925 gnode = amt_add_group(amt, tunnel, &group, &host, false); 1926 if (!IS_ERR(gnode)) { 1927 gnode->filter_mode = MCAST_EXCLUDE; 1928 if (!mod_delayed_work(amt_wq, &gnode->group_timer, 1929 msecs_to_jiffies(amt_gmi(amt)))) 1930 dev_hold(amt->dev); 1931 } 1932 } 1933 } 1934 1935 /* RFC 3376 1936 * 7.3.2. In the Presence of Older Version Group Members 1937 * 1938 * When Group Compatibility Mode is IGMPv2, a router internally 1939 * translates the following IGMPv2 messages for that group to their 1940 * IGMPv3 equivalents: 1941 * 1942 * IGMPv2 Message IGMPv3 Equivalent 1943 * -------------- ----------------- 1944 * Report IS_EX( {} ) 1945 * Leave TO_IN( {} ) 1946 */ 1947 static void amt_igmpv2_leave_handler(struct amt_dev *amt, struct sk_buff *skb, 1948 struct amt_tunnel_list *tunnel) 1949 { 1950 struct igmphdr *ih = igmp_hdr(skb); 1951 struct iphdr *iph = ip_hdr(skb); 1952 struct amt_group_node *gnode; 1953 union amt_addr group, host; 1954 1955 memset(&group, 0, sizeof(union amt_addr)); 1956 group.ip4 = ih->group; 1957 memset(&host, 0, sizeof(union amt_addr)); 1958 host.ip4 = iph->saddr; 1959 1960 gnode = amt_lookup_group(tunnel, &group, &host, false); 1961 if (gnode) 1962 amt_del_group(amt, gnode); 1963 } 1964 1965 static void amt_igmpv3_report_handler(struct amt_dev *amt, struct sk_buff *skb, 1966 struct amt_tunnel_list *tunnel) 1967 { 1968 struct igmpv3_report *ihrv3 = igmpv3_report_hdr(skb); 1969 int len = skb_transport_offset(skb) + sizeof(*ihrv3); 1970 void *zero_grec = (void *)&igmpv3_zero_grec; 1971 struct iphdr *iph = ip_hdr(skb); 1972 struct amt_group_node *gnode; 1973 union amt_addr group, host; 1974 struct igmpv3_grec *grec; 1975 u16 nsrcs; 1976 int i; 1977 1978 for (i = 0; i < ntohs(ihrv3->ngrec); i++) { 1979 len += sizeof(*grec); 1980 if (!ip_mc_may_pull(skb, len)) 1981 break; 1982 1983 grec = (void *)(skb->data + len - sizeof(*grec)); 1984 nsrcs = ntohs(grec->grec_nsrcs); 1985 1986 len += nsrcs * sizeof(__be32); 1987 if (!ip_mc_may_pull(skb, len)) 1988 break; 1989 1990 memset(&group, 0, sizeof(union amt_addr)); 1991 group.ip4 = grec->grec_mca; 1992 memset(&host, 0, sizeof(union amt_addr)); 1993 host.ip4 = iph->saddr; 1994 gnode = amt_lookup_group(tunnel, &group, &host, false); 1995 if (!gnode) { 1996 gnode = amt_add_group(amt, tunnel, &group, &host, 1997 false); 1998 if (IS_ERR(gnode)) 1999 continue; 2000 } 2001 2002 amt_add_srcs(amt, tunnel, gnode, grec, false); 2003 switch (grec->grec_type) { 2004 case IGMPV3_MODE_IS_INCLUDE: 2005 amt_mcast_is_in_handler(amt, tunnel, gnode, grec, 2006 zero_grec, false); 2007 break; 2008 case IGMPV3_MODE_IS_EXCLUDE: 2009 amt_mcast_is_ex_handler(amt, tunnel, gnode, grec, 2010 zero_grec, false); 2011 break; 2012 case IGMPV3_CHANGE_TO_INCLUDE: 2013 amt_mcast_to_in_handler(amt, tunnel, gnode, grec, 2014 zero_grec, false); 2015 break; 2016 case IGMPV3_CHANGE_TO_EXCLUDE: 2017 amt_mcast_to_ex_handler(amt, tunnel, gnode, grec, 2018 zero_grec, false); 2019 break; 2020 case IGMPV3_ALLOW_NEW_SOURCES: 2021 amt_mcast_allow_handler(amt, tunnel, gnode, grec, 2022 zero_grec, false); 2023 break; 2024 case IGMPV3_BLOCK_OLD_SOURCES: 2025 amt_mcast_block_handler(amt, tunnel, gnode, grec, 2026 zero_grec, false); 2027 break; 2028 default: 2029 break; 2030 } 2031 amt_cleanup_srcs(amt, tunnel, gnode); 2032 } 2033 } 2034 2035 /* caller held tunnel->lock */ 2036 static void amt_igmp_report_handler(struct amt_dev *amt, struct sk_buff *skb, 2037 struct amt_tunnel_list *tunnel) 2038 { 2039 struct igmphdr *ih = igmp_hdr(skb); 2040 2041 switch (ih->type) { 2042 case IGMPV3_HOST_MEMBERSHIP_REPORT: 2043 amt_igmpv3_report_handler(amt, skb, tunnel); 2044 break; 2045 case IGMPV2_HOST_MEMBERSHIP_REPORT: 2046 amt_igmpv2_report_handler(amt, skb, tunnel); 2047 break; 2048 case IGMP_HOST_LEAVE_MESSAGE: 2049 amt_igmpv2_leave_handler(amt, skb, tunnel); 2050 break; 2051 default: 2052 break; 2053 } 2054 } 2055 2056 #if IS_ENABLED(CONFIG_IPV6) 2057 /* RFC 3810 2058 * 8.3.2. In the Presence of MLDv1 Multicast Address Listeners 2059 * 2060 * When Multicast Address Compatibility Mode is MLDv2, a router acts 2061 * using the MLDv2 protocol for that multicast address. When Multicast 2062 * Address Compatibility Mode is MLDv1, a router internally translates 2063 * the following MLDv1 messages for that multicast address to their 2064 * MLDv2 equivalents: 2065 * 2066 * MLDv1 Message MLDv2 Equivalent 2067 * -------------- ----------------- 2068 * Report IS_EX( {} ) 2069 * Done TO_IN( {} ) 2070 */ 2071 static void amt_mldv1_report_handler(struct amt_dev *amt, struct sk_buff *skb, 2072 struct amt_tunnel_list *tunnel) 2073 { 2074 struct mld_msg *mld = (struct mld_msg *)icmp6_hdr(skb); 2075 struct ipv6hdr *ip6h = ipv6_hdr(skb); 2076 struct amt_group_node *gnode; 2077 union amt_addr group, host; 2078 2079 memcpy(&group.ip6, &mld->mld_mca, sizeof(struct in6_addr)); 2080 memcpy(&host.ip6, &ip6h->saddr, sizeof(struct in6_addr)); 2081 2082 gnode = amt_lookup_group(tunnel, &group, &host, true); 2083 if (!gnode) { 2084 gnode = amt_add_group(amt, tunnel, &group, &host, true); 2085 if (!IS_ERR(gnode)) { 2086 gnode->filter_mode = MCAST_EXCLUDE; 2087 if (!mod_delayed_work(amt_wq, &gnode->group_timer, 2088 msecs_to_jiffies(amt_gmi(amt)))) 2089 dev_hold(amt->dev); 2090 } 2091 } 2092 } 2093 2094 /* RFC 3810 2095 * 8.3.2. In the Presence of MLDv1 Multicast Address Listeners 2096 * 2097 * When Multicast Address Compatibility Mode is MLDv2, a router acts 2098 * using the MLDv2 protocol for that multicast address. When Multicast 2099 * Address Compatibility Mode is MLDv1, a router internally translates 2100 * the following MLDv1 messages for that multicast address to their 2101 * MLDv2 equivalents: 2102 * 2103 * MLDv1 Message MLDv2 Equivalent 2104 * -------------- ----------------- 2105 * Report IS_EX( {} ) 2106 * Done TO_IN( {} ) 2107 */ 2108 static void amt_mldv1_leave_handler(struct amt_dev *amt, struct sk_buff *skb, 2109 struct amt_tunnel_list *tunnel) 2110 { 2111 struct mld_msg *mld = (struct mld_msg *)icmp6_hdr(skb); 2112 struct iphdr *iph = ip_hdr(skb); 2113 struct amt_group_node *gnode; 2114 union amt_addr group, host; 2115 2116 memcpy(&group.ip6, &mld->mld_mca, sizeof(struct in6_addr)); 2117 memset(&host, 0, sizeof(union amt_addr)); 2118 host.ip4 = iph->saddr; 2119 2120 gnode = amt_lookup_group(tunnel, &group, &host, true); 2121 if (gnode) { 2122 amt_del_group(amt, gnode); 2123 return; 2124 } 2125 } 2126 2127 static void amt_mldv2_report_handler(struct amt_dev *amt, struct sk_buff *skb, 2128 struct amt_tunnel_list *tunnel) 2129 { 2130 struct mld2_report *mld2r = (struct mld2_report *)icmp6_hdr(skb); 2131 int len = skb_transport_offset(skb) + sizeof(*mld2r); 2132 void *zero_grec = (void *)&mldv2_zero_grec; 2133 struct ipv6hdr *ip6h = ipv6_hdr(skb); 2134 struct amt_group_node *gnode; 2135 union amt_addr group, host; 2136 struct mld2_grec *grec; 2137 u16 nsrcs; 2138 int i; 2139 2140 for (i = 0; i < ntohs(mld2r->mld2r_ngrec); i++) { 2141 len += sizeof(*grec); 2142 if (!ipv6_mc_may_pull(skb, len)) 2143 break; 2144 2145 grec = (void *)(skb->data + len - sizeof(*grec)); 2146 nsrcs = ntohs(grec->grec_nsrcs); 2147 2148 len += nsrcs * sizeof(struct in6_addr); 2149 if (!ipv6_mc_may_pull(skb, len)) 2150 break; 2151 2152 memset(&group, 0, sizeof(union amt_addr)); 2153 group.ip6 = grec->grec_mca; 2154 memset(&host, 0, sizeof(union amt_addr)); 2155 host.ip6 = ip6h->saddr; 2156 gnode = amt_lookup_group(tunnel, &group, &host, true); 2157 if (!gnode) { 2158 gnode = amt_add_group(amt, tunnel, &group, &host, 2159 ETH_P_IPV6); 2160 if (IS_ERR(gnode)) 2161 continue; 2162 } 2163 2164 amt_add_srcs(amt, tunnel, gnode, grec, true); 2165 switch (grec->grec_type) { 2166 case MLD2_MODE_IS_INCLUDE: 2167 amt_mcast_is_in_handler(amt, tunnel, gnode, grec, 2168 zero_grec, true); 2169 break; 2170 case MLD2_MODE_IS_EXCLUDE: 2171 amt_mcast_is_ex_handler(amt, tunnel, gnode, grec, 2172 zero_grec, true); 2173 break; 2174 case MLD2_CHANGE_TO_INCLUDE: 2175 amt_mcast_to_in_handler(amt, tunnel, gnode, grec, 2176 zero_grec, true); 2177 break; 2178 case MLD2_CHANGE_TO_EXCLUDE: 2179 amt_mcast_to_ex_handler(amt, tunnel, gnode, grec, 2180 zero_grec, true); 2181 break; 2182 case MLD2_ALLOW_NEW_SOURCES: 2183 amt_mcast_allow_handler(amt, tunnel, gnode, grec, 2184 zero_grec, true); 2185 break; 2186 case MLD2_BLOCK_OLD_SOURCES: 2187 amt_mcast_block_handler(amt, tunnel, gnode, grec, 2188 zero_grec, true); 2189 break; 2190 default: 2191 break; 2192 } 2193 amt_cleanup_srcs(amt, tunnel, gnode); 2194 } 2195 } 2196 2197 /* caller held tunnel->lock */ 2198 static void amt_mld_report_handler(struct amt_dev *amt, struct sk_buff *skb, 2199 struct amt_tunnel_list *tunnel) 2200 { 2201 struct mld_msg *mld = (struct mld_msg *)icmp6_hdr(skb); 2202 2203 switch (mld->mld_type) { 2204 case ICMPV6_MGM_REPORT: 2205 amt_mldv1_report_handler(amt, skb, tunnel); 2206 break; 2207 case ICMPV6_MLD2_REPORT: 2208 amt_mldv2_report_handler(amt, skb, tunnel); 2209 break; 2210 case ICMPV6_MGM_REDUCTION: 2211 amt_mldv1_leave_handler(amt, skb, tunnel); 2212 break; 2213 default: 2214 break; 2215 } 2216 } 2217 #endif 2218 2219 static bool amt_advertisement_handler(struct amt_dev *amt, struct sk_buff *skb) 2220 { 2221 struct amt_header_advertisement *amta; 2222 int hdr_size; 2223 2224 hdr_size = sizeof(*amta) + sizeof(struct udphdr); 2225 if (!pskb_may_pull(skb, hdr_size)) 2226 return true; 2227 2228 amta = (struct amt_header_advertisement *)(udp_hdr(skb) + 1); 2229 if (!amta->ip4) 2230 return true; 2231 2232 if (amta->reserved || amta->version) 2233 return true; 2234 2235 if (ipv4_is_loopback(amta->ip4) || ipv4_is_multicast(amta->ip4) || 2236 ipv4_is_zeronet(amta->ip4)) 2237 return true; 2238 2239 amt->remote_ip = amta->ip4; 2240 netdev_dbg(amt->dev, "advertised remote ip = %pI4\n", &amt->remote_ip); 2241 mod_delayed_work(amt_wq, &amt->req_wq, 0); 2242 2243 amt_update_gw_status(amt, AMT_STATUS_RECEIVED_ADVERTISEMENT, true); 2244 return false; 2245 } 2246 2247 static bool amt_multicast_data_handler(struct amt_dev *amt, struct sk_buff *skb) 2248 { 2249 struct amt_header_mcast_data *amtmd; 2250 int hdr_size, len, err; 2251 struct ethhdr *eth; 2252 struct iphdr *iph; 2253 2254 hdr_size = sizeof(*amtmd) + sizeof(struct udphdr); 2255 if (!pskb_may_pull(skb, hdr_size)) 2256 return true; 2257 2258 amtmd = (struct amt_header_mcast_data *)(udp_hdr(skb) + 1); 2259 if (amtmd->reserved || amtmd->version) 2260 return true; 2261 2262 if (iptunnel_pull_header(skb, hdr_size, htons(ETH_P_IP), false)) 2263 return true; 2264 2265 skb_reset_network_header(skb); 2266 skb_push(skb, sizeof(*eth)); 2267 skb_reset_mac_header(skb); 2268 skb_pull(skb, sizeof(*eth)); 2269 eth = eth_hdr(skb); 2270 2271 if (!pskb_may_pull(skb, sizeof(*iph))) 2272 return true; 2273 iph = ip_hdr(skb); 2274 2275 if (iph->version == 4) { 2276 if (!ipv4_is_multicast(iph->daddr)) 2277 return true; 2278 skb->protocol = htons(ETH_P_IP); 2279 eth->h_proto = htons(ETH_P_IP); 2280 ip_eth_mc_map(iph->daddr, eth->h_dest); 2281 #if IS_ENABLED(CONFIG_IPV6) 2282 } else if (iph->version == 6) { 2283 struct ipv6hdr *ip6h; 2284 2285 if (!pskb_may_pull(skb, sizeof(*ip6h))) 2286 return true; 2287 2288 ip6h = ipv6_hdr(skb); 2289 if (!ipv6_addr_is_multicast(&ip6h->daddr)) 2290 return true; 2291 skb->protocol = htons(ETH_P_IPV6); 2292 eth->h_proto = htons(ETH_P_IPV6); 2293 ipv6_eth_mc_map(&ip6h->daddr, eth->h_dest); 2294 #endif 2295 } else { 2296 return true; 2297 } 2298 2299 skb->pkt_type = PACKET_MULTICAST; 2300 skb->ip_summed = CHECKSUM_NONE; 2301 len = skb->len; 2302 err = gro_cells_receive(&amt->gro_cells, skb); 2303 if (likely(err == NET_RX_SUCCESS)) 2304 dev_sw_netstats_rx_add(amt->dev, len); 2305 else 2306 amt->dev->stats.rx_dropped++; 2307 2308 return false; 2309 } 2310 2311 static bool amt_membership_query_handler(struct amt_dev *amt, 2312 struct sk_buff *skb) 2313 { 2314 struct amt_header_membership_query *amtmq; 2315 struct igmpv3_query *ihv3; 2316 struct ethhdr *eth, *oeth; 2317 struct iphdr *iph; 2318 int hdr_size, len; 2319 2320 hdr_size = sizeof(*amtmq) + sizeof(struct udphdr); 2321 if (!pskb_may_pull(skb, hdr_size)) 2322 return true; 2323 2324 amtmq = (struct amt_header_membership_query *)(udp_hdr(skb) + 1); 2325 if (amtmq->reserved || amtmq->version) 2326 return true; 2327 2328 hdr_size -= sizeof(*eth); 2329 if (iptunnel_pull_header(skb, hdr_size, htons(ETH_P_TEB), false)) 2330 return true; 2331 2332 oeth = eth_hdr(skb); 2333 skb_reset_mac_header(skb); 2334 skb_pull(skb, sizeof(*eth)); 2335 skb_reset_network_header(skb); 2336 eth = eth_hdr(skb); 2337 if (!pskb_may_pull(skb, sizeof(*iph))) 2338 return true; 2339 2340 iph = ip_hdr(skb); 2341 if (iph->version == 4) { 2342 if (!pskb_may_pull(skb, sizeof(*iph) + AMT_IPHDR_OPTS + 2343 sizeof(*ihv3))) 2344 return true; 2345 2346 if (!ipv4_is_multicast(iph->daddr)) 2347 return true; 2348 2349 ihv3 = skb_pull(skb, sizeof(*iph) + AMT_IPHDR_OPTS); 2350 skb_reset_transport_header(skb); 2351 skb_push(skb, sizeof(*iph) + AMT_IPHDR_OPTS); 2352 spin_lock_bh(&amt->lock); 2353 amt->ready4 = true; 2354 amt->mac = amtmq->response_mac; 2355 amt->req_cnt = 0; 2356 amt->qi = ihv3->qqic; 2357 spin_unlock_bh(&amt->lock); 2358 skb->protocol = htons(ETH_P_IP); 2359 eth->h_proto = htons(ETH_P_IP); 2360 ip_eth_mc_map(iph->daddr, eth->h_dest); 2361 #if IS_ENABLED(CONFIG_IPV6) 2362 } else if (iph->version == 6) { 2363 struct mld2_query *mld2q; 2364 struct ipv6hdr *ip6h; 2365 2366 if (!pskb_may_pull(skb, sizeof(*ip6h) + AMT_IP6HDR_OPTS + 2367 sizeof(*mld2q))) 2368 return true; 2369 2370 ip6h = ipv6_hdr(skb); 2371 if (!ipv6_addr_is_multicast(&ip6h->daddr)) 2372 return true; 2373 2374 mld2q = skb_pull(skb, sizeof(*ip6h) + AMT_IP6HDR_OPTS); 2375 skb_reset_transport_header(skb); 2376 skb_push(skb, sizeof(*ip6h) + AMT_IP6HDR_OPTS); 2377 spin_lock_bh(&amt->lock); 2378 amt->ready6 = true; 2379 amt->mac = amtmq->response_mac; 2380 amt->req_cnt = 0; 2381 amt->qi = mld2q->mld2q_qqic; 2382 spin_unlock_bh(&amt->lock); 2383 skb->protocol = htons(ETH_P_IPV6); 2384 eth->h_proto = htons(ETH_P_IPV6); 2385 ipv6_eth_mc_map(&ip6h->daddr, eth->h_dest); 2386 #endif 2387 } else { 2388 return true; 2389 } 2390 2391 ether_addr_copy(eth->h_source, oeth->h_source); 2392 skb->pkt_type = PACKET_MULTICAST; 2393 skb->ip_summed = CHECKSUM_NONE; 2394 len = skb->len; 2395 if (__netif_rx(skb) == NET_RX_SUCCESS) { 2396 amt_update_gw_status(amt, AMT_STATUS_RECEIVED_QUERY, true); 2397 dev_sw_netstats_rx_add(amt->dev, len); 2398 } else { 2399 amt->dev->stats.rx_dropped++; 2400 } 2401 2402 return false; 2403 } 2404 2405 static bool amt_update_handler(struct amt_dev *amt, struct sk_buff *skb) 2406 { 2407 struct amt_header_membership_update *amtmu; 2408 struct amt_tunnel_list *tunnel; 2409 struct ethhdr *eth; 2410 struct iphdr *iph; 2411 int len, hdr_size; 2412 2413 iph = ip_hdr(skb); 2414 2415 hdr_size = sizeof(*amtmu) + sizeof(struct udphdr); 2416 if (!pskb_may_pull(skb, hdr_size)) 2417 return true; 2418 2419 amtmu = (struct amt_header_membership_update *)(udp_hdr(skb) + 1); 2420 if (amtmu->reserved || amtmu->version) 2421 return true; 2422 2423 if (iptunnel_pull_header(skb, hdr_size, skb->protocol, false)) 2424 return true; 2425 2426 skb_reset_network_header(skb); 2427 2428 list_for_each_entry_rcu(tunnel, &amt->tunnel_list, list) { 2429 if (tunnel->ip4 == iph->saddr) { 2430 if ((amtmu->nonce == tunnel->nonce && 2431 amtmu->response_mac == tunnel->mac)) { 2432 mod_delayed_work(amt_wq, &tunnel->gc_wq, 2433 msecs_to_jiffies(amt_gmi(amt)) 2434 * 3); 2435 goto report; 2436 } else { 2437 netdev_dbg(amt->dev, "Invalid MAC\n"); 2438 return true; 2439 } 2440 } 2441 } 2442 2443 return true; 2444 2445 report: 2446 if (!pskb_may_pull(skb, sizeof(*iph))) 2447 return true; 2448 2449 iph = ip_hdr(skb); 2450 if (iph->version == 4) { 2451 if (ip_mc_check_igmp(skb)) { 2452 netdev_dbg(amt->dev, "Invalid IGMP\n"); 2453 return true; 2454 } 2455 2456 spin_lock_bh(&tunnel->lock); 2457 amt_igmp_report_handler(amt, skb, tunnel); 2458 spin_unlock_bh(&tunnel->lock); 2459 2460 skb_push(skb, sizeof(struct ethhdr)); 2461 skb_reset_mac_header(skb); 2462 eth = eth_hdr(skb); 2463 skb->protocol = htons(ETH_P_IP); 2464 eth->h_proto = htons(ETH_P_IP); 2465 ip_eth_mc_map(iph->daddr, eth->h_dest); 2466 #if IS_ENABLED(CONFIG_IPV6) 2467 } else if (iph->version == 6) { 2468 struct ipv6hdr *ip6h = ipv6_hdr(skb); 2469 2470 if (ipv6_mc_check_mld(skb)) { 2471 netdev_dbg(amt->dev, "Invalid MLD\n"); 2472 return true; 2473 } 2474 2475 spin_lock_bh(&tunnel->lock); 2476 amt_mld_report_handler(amt, skb, tunnel); 2477 spin_unlock_bh(&tunnel->lock); 2478 2479 skb_push(skb, sizeof(struct ethhdr)); 2480 skb_reset_mac_header(skb); 2481 eth = eth_hdr(skb); 2482 skb->protocol = htons(ETH_P_IPV6); 2483 eth->h_proto = htons(ETH_P_IPV6); 2484 ipv6_eth_mc_map(&ip6h->daddr, eth->h_dest); 2485 #endif 2486 } else { 2487 netdev_dbg(amt->dev, "Unsupported Protocol\n"); 2488 return true; 2489 } 2490 2491 skb_pull(skb, sizeof(struct ethhdr)); 2492 skb->pkt_type = PACKET_MULTICAST; 2493 skb->ip_summed = CHECKSUM_NONE; 2494 len = skb->len; 2495 if (__netif_rx(skb) == NET_RX_SUCCESS) { 2496 amt_update_relay_status(tunnel, AMT_STATUS_RECEIVED_UPDATE, 2497 true); 2498 dev_sw_netstats_rx_add(amt->dev, len); 2499 } else { 2500 amt->dev->stats.rx_dropped++; 2501 } 2502 2503 return false; 2504 } 2505 2506 static void amt_send_advertisement(struct amt_dev *amt, __be32 nonce, 2507 __be32 daddr, __be16 dport) 2508 { 2509 struct amt_header_advertisement *amta; 2510 int hlen, tlen, offset; 2511 struct socket *sock; 2512 struct udphdr *udph; 2513 struct sk_buff *skb; 2514 struct iphdr *iph; 2515 struct rtable *rt; 2516 struct flowi4 fl4; 2517 u32 len; 2518 int err; 2519 2520 rcu_read_lock(); 2521 sock = rcu_dereference(amt->sock); 2522 if (!sock) 2523 goto out; 2524 2525 if (!netif_running(amt->stream_dev) || !netif_running(amt->dev)) 2526 goto out; 2527 2528 rt = ip_route_output_ports(amt->net, &fl4, sock->sk, 2529 daddr, amt->local_ip, 2530 dport, amt->relay_port, 2531 IPPROTO_UDP, 0, 2532 amt->stream_dev->ifindex); 2533 if (IS_ERR(rt)) { 2534 amt->dev->stats.tx_errors++; 2535 goto out; 2536 } 2537 2538 hlen = LL_RESERVED_SPACE(amt->dev); 2539 tlen = amt->dev->needed_tailroom; 2540 len = hlen + tlen + sizeof(*iph) + sizeof(*udph) + sizeof(*amta); 2541 skb = netdev_alloc_skb_ip_align(amt->dev, len); 2542 if (!skb) { 2543 ip_rt_put(rt); 2544 amt->dev->stats.tx_errors++; 2545 goto out; 2546 } 2547 2548 skb->priority = TC_PRIO_CONTROL; 2549 skb_dst_set(skb, &rt->dst); 2550 2551 len = sizeof(*iph) + sizeof(*udph) + sizeof(*amta); 2552 skb_reset_network_header(skb); 2553 skb_put(skb, len); 2554 amta = skb_pull(skb, sizeof(*iph) + sizeof(*udph)); 2555 amta->version = 0; 2556 amta->type = AMT_MSG_ADVERTISEMENT; 2557 amta->reserved = 0; 2558 amta->nonce = nonce; 2559 amta->ip4 = amt->local_ip; 2560 skb_push(skb, sizeof(*udph)); 2561 skb_reset_transport_header(skb); 2562 udph = udp_hdr(skb); 2563 udph->source = amt->relay_port; 2564 udph->dest = dport; 2565 udph->len = htons(sizeof(*amta) + sizeof(*udph)); 2566 udph->check = 0; 2567 offset = skb_transport_offset(skb); 2568 skb->csum = skb_checksum(skb, offset, skb->len - offset, 0); 2569 udph->check = csum_tcpudp_magic(amt->local_ip, daddr, 2570 sizeof(*udph) + sizeof(*amta), 2571 IPPROTO_UDP, skb->csum); 2572 2573 skb_push(skb, sizeof(*iph)); 2574 iph = ip_hdr(skb); 2575 iph->version = 4; 2576 iph->ihl = (sizeof(struct iphdr)) >> 2; 2577 iph->tos = AMT_TOS; 2578 iph->frag_off = 0; 2579 iph->ttl = ip4_dst_hoplimit(&rt->dst); 2580 iph->daddr = daddr; 2581 iph->saddr = amt->local_ip; 2582 iph->protocol = IPPROTO_UDP; 2583 iph->tot_len = htons(len); 2584 2585 skb->ip_summed = CHECKSUM_NONE; 2586 ip_select_ident(amt->net, skb, NULL); 2587 ip_send_check(iph); 2588 err = ip_local_out(amt->net, sock->sk, skb); 2589 if (unlikely(net_xmit_eval(err))) 2590 amt->dev->stats.tx_errors++; 2591 2592 out: 2593 rcu_read_unlock(); 2594 } 2595 2596 static bool amt_discovery_handler(struct amt_dev *amt, struct sk_buff *skb) 2597 { 2598 struct amt_header_discovery *amtd; 2599 struct udphdr *udph; 2600 struct iphdr *iph; 2601 2602 if (!pskb_may_pull(skb, sizeof(*udph) + sizeof(*amtd))) 2603 return true; 2604 2605 iph = ip_hdr(skb); 2606 udph = udp_hdr(skb); 2607 amtd = (struct amt_header_discovery *)(udp_hdr(skb) + 1); 2608 2609 if (amtd->reserved || amtd->version) 2610 return true; 2611 2612 amt_send_advertisement(amt, amtd->nonce, iph->saddr, udph->source); 2613 2614 return false; 2615 } 2616 2617 static bool amt_request_handler(struct amt_dev *amt, struct sk_buff *skb) 2618 { 2619 struct amt_header_request *amtrh; 2620 struct amt_tunnel_list *tunnel; 2621 unsigned long long key; 2622 struct udphdr *udph; 2623 struct iphdr *iph; 2624 u64 mac; 2625 int i; 2626 2627 if (!pskb_may_pull(skb, sizeof(*udph) + sizeof(*amtrh))) 2628 return true; 2629 2630 iph = ip_hdr(skb); 2631 udph = udp_hdr(skb); 2632 amtrh = (struct amt_header_request *)(udp_hdr(skb) + 1); 2633 2634 if (amtrh->reserved1 || amtrh->reserved2 || amtrh->version) 2635 return true; 2636 2637 list_for_each_entry_rcu(tunnel, &amt->tunnel_list, list) 2638 if (tunnel->ip4 == iph->saddr) 2639 goto send; 2640 2641 if (amt->nr_tunnels >= amt->max_tunnels) { 2642 icmp_ndo_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, 0); 2643 return true; 2644 } 2645 2646 tunnel = kzalloc(sizeof(*tunnel) + 2647 (sizeof(struct hlist_head) * amt->hash_buckets), 2648 GFP_ATOMIC); 2649 if (!tunnel) 2650 return true; 2651 2652 tunnel->source_port = udph->source; 2653 tunnel->ip4 = iph->saddr; 2654 2655 memcpy(&key, &tunnel->key, sizeof(unsigned long long)); 2656 tunnel->amt = amt; 2657 spin_lock_init(&tunnel->lock); 2658 for (i = 0; i < amt->hash_buckets; i++) 2659 INIT_HLIST_HEAD(&tunnel->groups[i]); 2660 2661 INIT_DELAYED_WORK(&tunnel->gc_wq, amt_tunnel_expire); 2662 2663 spin_lock_bh(&amt->lock); 2664 list_add_tail_rcu(&tunnel->list, &amt->tunnel_list); 2665 tunnel->key = amt->key; 2666 amt_update_relay_status(tunnel, AMT_STATUS_RECEIVED_REQUEST, true); 2667 amt->nr_tunnels++; 2668 mod_delayed_work(amt_wq, &tunnel->gc_wq, 2669 msecs_to_jiffies(amt_gmi(amt))); 2670 spin_unlock_bh(&amt->lock); 2671 2672 send: 2673 tunnel->nonce = amtrh->nonce; 2674 mac = siphash_3u32((__force u32)tunnel->ip4, 2675 (__force u32)tunnel->source_port, 2676 (__force u32)tunnel->nonce, 2677 &tunnel->key); 2678 tunnel->mac = mac >> 16; 2679 2680 if (!netif_running(amt->dev) || !netif_running(amt->stream_dev)) 2681 return true; 2682 2683 if (!amtrh->p) 2684 amt_send_igmp_gq(amt, tunnel); 2685 else 2686 amt_send_mld_gq(amt, tunnel); 2687 2688 return false; 2689 } 2690 2691 static int amt_rcv(struct sock *sk, struct sk_buff *skb) 2692 { 2693 struct amt_dev *amt; 2694 struct iphdr *iph; 2695 int type; 2696 bool err; 2697 2698 rcu_read_lock_bh(); 2699 amt = rcu_dereference_sk_user_data(sk); 2700 if (!amt) { 2701 err = true; 2702 kfree_skb(skb); 2703 goto out; 2704 } 2705 2706 skb->dev = amt->dev; 2707 iph = ip_hdr(skb); 2708 type = amt_parse_type(skb); 2709 if (type == -1) { 2710 err = true; 2711 goto drop; 2712 } 2713 2714 if (amt->mode == AMT_MODE_GATEWAY) { 2715 switch (type) { 2716 case AMT_MSG_ADVERTISEMENT: 2717 if (iph->saddr != amt->discovery_ip) { 2718 netdev_dbg(amt->dev, "Invalid Relay IP\n"); 2719 err = true; 2720 goto drop; 2721 } 2722 err = amt_advertisement_handler(amt, skb); 2723 break; 2724 case AMT_MSG_MULTICAST_DATA: 2725 if (iph->saddr != amt->remote_ip) { 2726 netdev_dbg(amt->dev, "Invalid Relay IP\n"); 2727 err = true; 2728 goto drop; 2729 } 2730 err = amt_multicast_data_handler(amt, skb); 2731 if (err) 2732 goto drop; 2733 else 2734 goto out; 2735 case AMT_MSG_MEMBERSHIP_QUERY: 2736 if (iph->saddr != amt->remote_ip) { 2737 netdev_dbg(amt->dev, "Invalid Relay IP\n"); 2738 err = true; 2739 goto drop; 2740 } 2741 err = amt_membership_query_handler(amt, skb); 2742 if (err) 2743 goto drop; 2744 else 2745 goto out; 2746 default: 2747 err = true; 2748 netdev_dbg(amt->dev, "Invalid type of Gateway\n"); 2749 break; 2750 } 2751 } else { 2752 switch (type) { 2753 case AMT_MSG_DISCOVERY: 2754 err = amt_discovery_handler(amt, skb); 2755 break; 2756 case AMT_MSG_REQUEST: 2757 err = amt_request_handler(amt, skb); 2758 break; 2759 case AMT_MSG_MEMBERSHIP_UPDATE: 2760 err = amt_update_handler(amt, skb); 2761 if (err) 2762 goto drop; 2763 else 2764 goto out; 2765 default: 2766 err = true; 2767 netdev_dbg(amt->dev, "Invalid type of relay\n"); 2768 break; 2769 } 2770 } 2771 drop: 2772 if (err) { 2773 amt->dev->stats.rx_dropped++; 2774 kfree_skb(skb); 2775 } else { 2776 consume_skb(skb); 2777 } 2778 out: 2779 rcu_read_unlock_bh(); 2780 return 0; 2781 } 2782 2783 static int amt_err_lookup(struct sock *sk, struct sk_buff *skb) 2784 { 2785 struct amt_dev *amt; 2786 int type; 2787 2788 rcu_read_lock_bh(); 2789 amt = rcu_dereference_sk_user_data(sk); 2790 if (!amt) 2791 goto out; 2792 2793 if (amt->mode != AMT_MODE_GATEWAY) 2794 goto drop; 2795 2796 type = amt_parse_type(skb); 2797 if (type == -1) 2798 goto drop; 2799 2800 netdev_dbg(amt->dev, "Received IGMP Unreachable of %s\n", 2801 type_str[type]); 2802 switch (type) { 2803 case AMT_MSG_DISCOVERY: 2804 break; 2805 case AMT_MSG_REQUEST: 2806 case AMT_MSG_MEMBERSHIP_UPDATE: 2807 if (amt->status >= AMT_STATUS_RECEIVED_ADVERTISEMENT) 2808 mod_delayed_work(amt_wq, &amt->req_wq, 0); 2809 break; 2810 default: 2811 goto drop; 2812 } 2813 out: 2814 rcu_read_unlock_bh(); 2815 return 0; 2816 drop: 2817 rcu_read_unlock_bh(); 2818 amt->dev->stats.rx_dropped++; 2819 return 0; 2820 } 2821 2822 static struct socket *amt_create_sock(struct net *net, __be16 port) 2823 { 2824 struct udp_port_cfg udp_conf; 2825 struct socket *sock; 2826 int err; 2827 2828 memset(&udp_conf, 0, sizeof(udp_conf)); 2829 udp_conf.family = AF_INET; 2830 udp_conf.local_ip.s_addr = htonl(INADDR_ANY); 2831 2832 udp_conf.local_udp_port = port; 2833 2834 err = udp_sock_create(net, &udp_conf, &sock); 2835 if (err < 0) 2836 return ERR_PTR(err); 2837 2838 return sock; 2839 } 2840 2841 static int amt_socket_create(struct amt_dev *amt) 2842 { 2843 struct udp_tunnel_sock_cfg tunnel_cfg; 2844 struct socket *sock; 2845 2846 sock = amt_create_sock(amt->net, amt->relay_port); 2847 if (IS_ERR(sock)) 2848 return PTR_ERR(sock); 2849 2850 /* Mark socket as an encapsulation socket */ 2851 memset(&tunnel_cfg, 0, sizeof(tunnel_cfg)); 2852 tunnel_cfg.sk_user_data = amt; 2853 tunnel_cfg.encap_type = 1; 2854 tunnel_cfg.encap_rcv = amt_rcv; 2855 tunnel_cfg.encap_err_lookup = amt_err_lookup; 2856 tunnel_cfg.encap_destroy = NULL; 2857 setup_udp_tunnel_sock(amt->net, sock, &tunnel_cfg); 2858 2859 rcu_assign_pointer(amt->sock, sock); 2860 return 0; 2861 } 2862 2863 static int amt_dev_open(struct net_device *dev) 2864 { 2865 struct amt_dev *amt = netdev_priv(dev); 2866 int err; 2867 2868 amt->ready4 = false; 2869 amt->ready6 = false; 2870 2871 err = amt_socket_create(amt); 2872 if (err) 2873 return err; 2874 2875 amt->req_cnt = 0; 2876 amt->remote_ip = 0; 2877 get_random_bytes(&amt->key, sizeof(siphash_key_t)); 2878 2879 amt->status = AMT_STATUS_INIT; 2880 if (amt->mode == AMT_MODE_GATEWAY) { 2881 mod_delayed_work(amt_wq, &amt->discovery_wq, 0); 2882 mod_delayed_work(amt_wq, &amt->req_wq, 0); 2883 } else if (amt->mode == AMT_MODE_RELAY) { 2884 mod_delayed_work(amt_wq, &amt->secret_wq, 2885 msecs_to_jiffies(AMT_SECRET_TIMEOUT)); 2886 } 2887 return err; 2888 } 2889 2890 static int amt_dev_stop(struct net_device *dev) 2891 { 2892 struct amt_dev *amt = netdev_priv(dev); 2893 struct amt_tunnel_list *tunnel, *tmp; 2894 struct socket *sock; 2895 2896 cancel_delayed_work_sync(&amt->req_wq); 2897 cancel_delayed_work_sync(&amt->discovery_wq); 2898 cancel_delayed_work_sync(&amt->secret_wq); 2899 2900 /* shutdown */ 2901 sock = rtnl_dereference(amt->sock); 2902 RCU_INIT_POINTER(amt->sock, NULL); 2903 synchronize_net(); 2904 if (sock) 2905 udp_tunnel_sock_release(sock); 2906 2907 amt->ready4 = false; 2908 amt->ready6 = false; 2909 amt->req_cnt = 0; 2910 amt->remote_ip = 0; 2911 2912 list_for_each_entry_safe(tunnel, tmp, &amt->tunnel_list, list) { 2913 list_del_rcu(&tunnel->list); 2914 amt->nr_tunnels--; 2915 cancel_delayed_work_sync(&tunnel->gc_wq); 2916 amt_clear_groups(tunnel); 2917 kfree_rcu(tunnel, rcu); 2918 } 2919 2920 return 0; 2921 } 2922 2923 static const struct device_type amt_type = { 2924 .name = "amt", 2925 }; 2926 2927 static int amt_dev_init(struct net_device *dev) 2928 { 2929 struct amt_dev *amt = netdev_priv(dev); 2930 int err; 2931 2932 amt->dev = dev; 2933 dev->tstats = netdev_alloc_pcpu_stats(struct pcpu_sw_netstats); 2934 if (!dev->tstats) 2935 return -ENOMEM; 2936 2937 err = gro_cells_init(&amt->gro_cells, dev); 2938 if (err) { 2939 free_percpu(dev->tstats); 2940 return err; 2941 } 2942 2943 return 0; 2944 } 2945 2946 static void amt_dev_uninit(struct net_device *dev) 2947 { 2948 struct amt_dev *amt = netdev_priv(dev); 2949 2950 gro_cells_destroy(&amt->gro_cells); 2951 free_percpu(dev->tstats); 2952 } 2953 2954 static const struct net_device_ops amt_netdev_ops = { 2955 .ndo_init = amt_dev_init, 2956 .ndo_uninit = amt_dev_uninit, 2957 .ndo_open = amt_dev_open, 2958 .ndo_stop = amt_dev_stop, 2959 .ndo_start_xmit = amt_dev_xmit, 2960 .ndo_get_stats64 = dev_get_tstats64, 2961 }; 2962 2963 static void amt_link_setup(struct net_device *dev) 2964 { 2965 dev->netdev_ops = &amt_netdev_ops; 2966 dev->needs_free_netdev = true; 2967 SET_NETDEV_DEVTYPE(dev, &amt_type); 2968 dev->min_mtu = ETH_MIN_MTU; 2969 dev->max_mtu = ETH_MAX_MTU; 2970 dev->type = ARPHRD_NONE; 2971 dev->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST; 2972 dev->hard_header_len = 0; 2973 dev->addr_len = 0; 2974 dev->priv_flags |= IFF_NO_QUEUE; 2975 dev->features |= NETIF_F_LLTX; 2976 dev->features |= NETIF_F_GSO_SOFTWARE; 2977 dev->features |= NETIF_F_NETNS_LOCAL; 2978 dev->hw_features |= NETIF_F_SG | NETIF_F_HW_CSUM; 2979 dev->hw_features |= NETIF_F_FRAGLIST | NETIF_F_RXCSUM; 2980 dev->hw_features |= NETIF_F_GSO_SOFTWARE; 2981 eth_hw_addr_random(dev); 2982 eth_zero_addr(dev->broadcast); 2983 ether_setup(dev); 2984 } 2985 2986 static const struct nla_policy amt_policy[IFLA_AMT_MAX + 1] = { 2987 [IFLA_AMT_MODE] = { .type = NLA_U32 }, 2988 [IFLA_AMT_RELAY_PORT] = { .type = NLA_U16 }, 2989 [IFLA_AMT_GATEWAY_PORT] = { .type = NLA_U16 }, 2990 [IFLA_AMT_LINK] = { .type = NLA_U32 }, 2991 [IFLA_AMT_LOCAL_IP] = { .len = sizeof_field(struct iphdr, daddr) }, 2992 [IFLA_AMT_REMOTE_IP] = { .len = sizeof_field(struct iphdr, daddr) }, 2993 [IFLA_AMT_DISCOVERY_IP] = { .len = sizeof_field(struct iphdr, daddr) }, 2994 [IFLA_AMT_MAX_TUNNELS] = { .type = NLA_U32 }, 2995 }; 2996 2997 static int amt_validate(struct nlattr *tb[], struct nlattr *data[], 2998 struct netlink_ext_ack *extack) 2999 { 3000 if (!data) 3001 return -EINVAL; 3002 3003 if (!data[IFLA_AMT_LINK]) { 3004 NL_SET_ERR_MSG_ATTR(extack, data[IFLA_AMT_LINK], 3005 "Link attribute is required"); 3006 return -EINVAL; 3007 } 3008 3009 if (!data[IFLA_AMT_MODE]) { 3010 NL_SET_ERR_MSG_ATTR(extack, data[IFLA_AMT_MODE], 3011 "Mode attribute is required"); 3012 return -EINVAL; 3013 } 3014 3015 if (nla_get_u32(data[IFLA_AMT_MODE]) > AMT_MODE_MAX) { 3016 NL_SET_ERR_MSG_ATTR(extack, data[IFLA_AMT_MODE], 3017 "Mode attribute is not valid"); 3018 return -EINVAL; 3019 } 3020 3021 if (!data[IFLA_AMT_LOCAL_IP]) { 3022 NL_SET_ERR_MSG_ATTR(extack, data[IFLA_AMT_DISCOVERY_IP], 3023 "Local attribute is required"); 3024 return -EINVAL; 3025 } 3026 3027 if (!data[IFLA_AMT_DISCOVERY_IP] && 3028 nla_get_u32(data[IFLA_AMT_MODE]) == AMT_MODE_GATEWAY) { 3029 NL_SET_ERR_MSG_ATTR(extack, data[IFLA_AMT_LOCAL_IP], 3030 "Discovery attribute is required"); 3031 return -EINVAL; 3032 } 3033 3034 return 0; 3035 } 3036 3037 static int amt_newlink(struct net *net, struct net_device *dev, 3038 struct nlattr *tb[], struct nlattr *data[], 3039 struct netlink_ext_ack *extack) 3040 { 3041 struct amt_dev *amt = netdev_priv(dev); 3042 int err = -EINVAL; 3043 3044 amt->net = net; 3045 amt->mode = nla_get_u32(data[IFLA_AMT_MODE]); 3046 3047 if (data[IFLA_AMT_MAX_TUNNELS] && 3048 nla_get_u32(data[IFLA_AMT_MAX_TUNNELS])) 3049 amt->max_tunnels = nla_get_u32(data[IFLA_AMT_MAX_TUNNELS]); 3050 else 3051 amt->max_tunnels = AMT_MAX_TUNNELS; 3052 3053 spin_lock_init(&amt->lock); 3054 amt->max_groups = AMT_MAX_GROUP; 3055 amt->max_sources = AMT_MAX_SOURCE; 3056 amt->hash_buckets = AMT_HSIZE; 3057 amt->nr_tunnels = 0; 3058 get_random_bytes(&amt->hash_seed, sizeof(amt->hash_seed)); 3059 amt->stream_dev = dev_get_by_index(net, 3060 nla_get_u32(data[IFLA_AMT_LINK])); 3061 if (!amt->stream_dev) { 3062 NL_SET_ERR_MSG_ATTR(extack, tb[IFLA_AMT_LINK], 3063 "Can't find stream device"); 3064 return -ENODEV; 3065 } 3066 3067 if (amt->stream_dev->type != ARPHRD_ETHER) { 3068 NL_SET_ERR_MSG_ATTR(extack, tb[IFLA_AMT_LINK], 3069 "Invalid stream device type"); 3070 goto err; 3071 } 3072 3073 amt->local_ip = nla_get_in_addr(data[IFLA_AMT_LOCAL_IP]); 3074 if (ipv4_is_loopback(amt->local_ip) || 3075 ipv4_is_zeronet(amt->local_ip) || 3076 ipv4_is_multicast(amt->local_ip)) { 3077 NL_SET_ERR_MSG_ATTR(extack, tb[IFLA_AMT_LOCAL_IP], 3078 "Invalid Local address"); 3079 goto err; 3080 } 3081 3082 if (data[IFLA_AMT_RELAY_PORT]) 3083 amt->relay_port = nla_get_be16(data[IFLA_AMT_RELAY_PORT]); 3084 else 3085 amt->relay_port = htons(IANA_AMT_UDP_PORT); 3086 3087 if (data[IFLA_AMT_GATEWAY_PORT]) 3088 amt->gw_port = nla_get_be16(data[IFLA_AMT_GATEWAY_PORT]); 3089 else 3090 amt->gw_port = htons(IANA_AMT_UDP_PORT); 3091 3092 if (!amt->relay_port) { 3093 NL_SET_ERR_MSG_ATTR(extack, tb[IFLA_AMT_DISCOVERY_IP], 3094 "relay port must not be 0"); 3095 goto err; 3096 } 3097 if (amt->mode == AMT_MODE_RELAY) { 3098 amt->qrv = amt->net->ipv4.sysctl_igmp_qrv; 3099 amt->qri = 10; 3100 dev->needed_headroom = amt->stream_dev->needed_headroom + 3101 AMT_RELAY_HLEN; 3102 dev->mtu = amt->stream_dev->mtu - AMT_RELAY_HLEN; 3103 dev->max_mtu = dev->mtu; 3104 dev->min_mtu = ETH_MIN_MTU + AMT_RELAY_HLEN; 3105 } else { 3106 if (!data[IFLA_AMT_DISCOVERY_IP]) { 3107 NL_SET_ERR_MSG_ATTR(extack, tb[IFLA_AMT_DISCOVERY_IP], 3108 "discovery must be set in gateway mode"); 3109 goto err; 3110 } 3111 if (!amt->gw_port) { 3112 NL_SET_ERR_MSG_ATTR(extack, tb[IFLA_AMT_DISCOVERY_IP], 3113 "gateway port must not be 0"); 3114 goto err; 3115 } 3116 amt->remote_ip = 0; 3117 amt->discovery_ip = nla_get_in_addr(data[IFLA_AMT_DISCOVERY_IP]); 3118 if (ipv4_is_loopback(amt->discovery_ip) || 3119 ipv4_is_zeronet(amt->discovery_ip) || 3120 ipv4_is_multicast(amt->discovery_ip)) { 3121 NL_SET_ERR_MSG_ATTR(extack, tb[IFLA_AMT_DISCOVERY_IP], 3122 "discovery must be unicast"); 3123 goto err; 3124 } 3125 3126 dev->needed_headroom = amt->stream_dev->needed_headroom + 3127 AMT_GW_HLEN; 3128 dev->mtu = amt->stream_dev->mtu - AMT_GW_HLEN; 3129 dev->max_mtu = dev->mtu; 3130 dev->min_mtu = ETH_MIN_MTU + AMT_GW_HLEN; 3131 } 3132 amt->qi = AMT_INIT_QUERY_INTERVAL; 3133 3134 err = register_netdevice(dev); 3135 if (err < 0) { 3136 netdev_dbg(dev, "failed to register new netdev %d\n", err); 3137 goto err; 3138 } 3139 3140 err = netdev_upper_dev_link(amt->stream_dev, dev, extack); 3141 if (err < 0) { 3142 unregister_netdevice(dev); 3143 goto err; 3144 } 3145 3146 INIT_DELAYED_WORK(&amt->discovery_wq, amt_discovery_work); 3147 INIT_DELAYED_WORK(&amt->req_wq, amt_req_work); 3148 INIT_DELAYED_WORK(&amt->secret_wq, amt_secret_work); 3149 INIT_LIST_HEAD(&amt->tunnel_list); 3150 3151 return 0; 3152 err: 3153 dev_put(amt->stream_dev); 3154 return err; 3155 } 3156 3157 static void amt_dellink(struct net_device *dev, struct list_head *head) 3158 { 3159 struct amt_dev *amt = netdev_priv(dev); 3160 3161 unregister_netdevice_queue(dev, head); 3162 netdev_upper_dev_unlink(amt->stream_dev, dev); 3163 dev_put(amt->stream_dev); 3164 } 3165 3166 static size_t amt_get_size(const struct net_device *dev) 3167 { 3168 return nla_total_size(sizeof(__u32)) + /* IFLA_AMT_MODE */ 3169 nla_total_size(sizeof(__u16)) + /* IFLA_AMT_RELAY_PORT */ 3170 nla_total_size(sizeof(__u16)) + /* IFLA_AMT_GATEWAY_PORT */ 3171 nla_total_size(sizeof(__u32)) + /* IFLA_AMT_LINK */ 3172 nla_total_size(sizeof(__u32)) + /* IFLA_MAX_TUNNELS */ 3173 nla_total_size(sizeof(struct iphdr)) + /* IFLA_AMT_DISCOVERY_IP */ 3174 nla_total_size(sizeof(struct iphdr)) + /* IFLA_AMT_REMOTE_IP */ 3175 nla_total_size(sizeof(struct iphdr)); /* IFLA_AMT_LOCAL_IP */ 3176 } 3177 3178 static int amt_fill_info(struct sk_buff *skb, const struct net_device *dev) 3179 { 3180 struct amt_dev *amt = netdev_priv(dev); 3181 3182 if (nla_put_u32(skb, IFLA_AMT_MODE, amt->mode)) 3183 goto nla_put_failure; 3184 if (nla_put_be16(skb, IFLA_AMT_RELAY_PORT, amt->relay_port)) 3185 goto nla_put_failure; 3186 if (nla_put_be16(skb, IFLA_AMT_GATEWAY_PORT, amt->gw_port)) 3187 goto nla_put_failure; 3188 if (nla_put_u32(skb, IFLA_AMT_LINK, amt->stream_dev->ifindex)) 3189 goto nla_put_failure; 3190 if (nla_put_in_addr(skb, IFLA_AMT_LOCAL_IP, amt->local_ip)) 3191 goto nla_put_failure; 3192 if (nla_put_in_addr(skb, IFLA_AMT_DISCOVERY_IP, amt->discovery_ip)) 3193 goto nla_put_failure; 3194 if (amt->remote_ip) 3195 if (nla_put_in_addr(skb, IFLA_AMT_REMOTE_IP, amt->remote_ip)) 3196 goto nla_put_failure; 3197 if (nla_put_u32(skb, IFLA_AMT_MAX_TUNNELS, amt->max_tunnels)) 3198 goto nla_put_failure; 3199 3200 return 0; 3201 3202 nla_put_failure: 3203 return -EMSGSIZE; 3204 } 3205 3206 static struct rtnl_link_ops amt_link_ops __read_mostly = { 3207 .kind = "amt", 3208 .maxtype = IFLA_AMT_MAX, 3209 .policy = amt_policy, 3210 .priv_size = sizeof(struct amt_dev), 3211 .setup = amt_link_setup, 3212 .validate = amt_validate, 3213 .newlink = amt_newlink, 3214 .dellink = amt_dellink, 3215 .get_size = amt_get_size, 3216 .fill_info = amt_fill_info, 3217 }; 3218 3219 static struct net_device *amt_lookup_upper_dev(struct net_device *dev) 3220 { 3221 struct net_device *upper_dev; 3222 struct amt_dev *amt; 3223 3224 for_each_netdev(dev_net(dev), upper_dev) { 3225 if (netif_is_amt(upper_dev)) { 3226 amt = netdev_priv(upper_dev); 3227 if (amt->stream_dev == dev) 3228 return upper_dev; 3229 } 3230 } 3231 3232 return NULL; 3233 } 3234 3235 static int amt_device_event(struct notifier_block *unused, 3236 unsigned long event, void *ptr) 3237 { 3238 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 3239 struct net_device *upper_dev; 3240 struct amt_dev *amt; 3241 LIST_HEAD(list); 3242 int new_mtu; 3243 3244 upper_dev = amt_lookup_upper_dev(dev); 3245 if (!upper_dev) 3246 return NOTIFY_DONE; 3247 amt = netdev_priv(upper_dev); 3248 3249 switch (event) { 3250 case NETDEV_UNREGISTER: 3251 amt_dellink(amt->dev, &list); 3252 unregister_netdevice_many(&list); 3253 break; 3254 case NETDEV_CHANGEMTU: 3255 if (amt->mode == AMT_MODE_RELAY) 3256 new_mtu = dev->mtu - AMT_RELAY_HLEN; 3257 else 3258 new_mtu = dev->mtu - AMT_GW_HLEN; 3259 3260 dev_set_mtu(amt->dev, new_mtu); 3261 break; 3262 } 3263 3264 return NOTIFY_DONE; 3265 } 3266 3267 static struct notifier_block amt_notifier_block __read_mostly = { 3268 .notifier_call = amt_device_event, 3269 }; 3270 3271 static int __init amt_init(void) 3272 { 3273 int err; 3274 3275 err = register_netdevice_notifier(&amt_notifier_block); 3276 if (err < 0) 3277 goto err; 3278 3279 err = rtnl_link_register(&amt_link_ops); 3280 if (err < 0) 3281 goto unregister_notifier; 3282 3283 amt_wq = alloc_workqueue("amt", WQ_UNBOUND, 1); 3284 if (!amt_wq) { 3285 err = -ENOMEM; 3286 goto rtnl_unregister; 3287 } 3288 3289 spin_lock_init(&source_gc_lock); 3290 spin_lock_bh(&source_gc_lock); 3291 INIT_DELAYED_WORK(&source_gc_wq, amt_source_gc_work); 3292 mod_delayed_work(amt_wq, &source_gc_wq, 3293 msecs_to_jiffies(AMT_GC_INTERVAL)); 3294 spin_unlock_bh(&source_gc_lock); 3295 3296 return 0; 3297 3298 rtnl_unregister: 3299 rtnl_link_unregister(&amt_link_ops); 3300 unregister_notifier: 3301 unregister_netdevice_notifier(&amt_notifier_block); 3302 err: 3303 pr_err("error loading AMT module loaded\n"); 3304 return err; 3305 } 3306 late_initcall(amt_init); 3307 3308 static void __exit amt_fini(void) 3309 { 3310 rtnl_link_unregister(&amt_link_ops); 3311 unregister_netdevice_notifier(&amt_notifier_block); 3312 cancel_delayed_work_sync(&source_gc_wq); 3313 __amt_source_gc_work(); 3314 destroy_workqueue(amt_wq); 3315 } 3316 module_exit(amt_fini); 3317 3318 MODULE_LICENSE("GPL"); 3319 MODULE_AUTHOR("Taehee Yoo <ap420073@gmail.com>"); 3320 MODULE_ALIAS_RTNL_LINK("amt"); 3321