1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * IP multicast routing support for mrouted 3.6/3.8 4 * 5 * (c) 1995 Alan Cox, <alan@lxorguk.ukuu.org.uk> 6 * Linux Consultancy and Custom Driver Development 7 * 8 * Fixes: 9 * Michael Chastain : Incorrect size of copying. 10 * Alan Cox : Added the cache manager code 11 * Alan Cox : Fixed the clone/copy bug and device race. 12 * Mike McLagan : Routing by source 13 * Malcolm Beattie : Buffer handling fixes. 14 * Alexey Kuznetsov : Double buffer free and other fixes. 15 * SVR Anand : Fixed several multicast bugs and problems. 16 * Alexey Kuznetsov : Status, optimisations and more. 17 * Brad Parker : Better behaviour on mrouted upcall 18 * overflow. 19 * Carlos Picoto : PIMv1 Support 20 * Pavlin Ivanov Radoslavov: PIMv2 Registers must checksum only PIM header 21 * Relax this requirement to work with older peers. 22 */ 23 24 #include <linux/uaccess.h> 25 #include <linux/types.h> 26 #include <linux/cache.h> 27 #include <linux/capability.h> 28 #include <linux/errno.h> 29 #include <linux/mm.h> 30 #include <linux/kernel.h> 31 #include <linux/fcntl.h> 32 #include <linux/stat.h> 33 #include <linux/socket.h> 34 #include <linux/in.h> 35 #include <linux/inet.h> 36 #include <linux/netdevice.h> 37 #include <linux/inetdevice.h> 38 #include <linux/igmp.h> 39 #include <linux/proc_fs.h> 40 #include <linux/seq_file.h> 41 #include <linux/mroute.h> 42 #include <linux/init.h> 43 #include <linux/if_ether.h> 44 #include <linux/slab.h> 45 #include <net/net_namespace.h> 46 #include <net/ip.h> 47 #include <net/protocol.h> 48 #include <linux/skbuff.h> 49 #include <net/route.h> 50 #include <net/icmp.h> 51 #include <net/udp.h> 52 #include <net/raw.h> 53 #include <linux/notifier.h> 54 #include <linux/if_arp.h> 55 #include <linux/netfilter_ipv4.h> 56 #include <linux/compat.h> 57 #include <linux/export.h> 58 #include <linux/rhashtable.h> 59 #include <net/ip_tunnels.h> 60 #include <net/checksum.h> 61 #include <net/netlink.h> 62 #include <net/fib_rules.h> 63 #include <linux/netconf.h> 64 #include <net/rtnh.h> 65 66 #include <linux/nospec.h> 67 68 struct ipmr_rule { 69 struct fib_rule common; 70 }; 71 72 struct ipmr_result { 73 struct mr_table *mrt; 74 }; 75 76 /* Big lock, protecting vif table, mrt cache and mroute socket state. 77 * Note that the changes are semaphored via rtnl_lock. 78 */ 79 80 static DEFINE_RWLOCK(mrt_lock); 81 82 /* Multicast router control variables */ 83 84 /* Special spinlock for queue of unresolved entries */ 85 static DEFINE_SPINLOCK(mfc_unres_lock); 86 87 /* We return to original Alan's scheme. Hash table of resolved 88 * entries is changed only in process context and protected 89 * with weak lock mrt_lock. Queue of unresolved entries is protected 90 * with strong spinlock mfc_unres_lock. 91 * 92 * In this case data path is free of exclusive locks at all. 93 */ 94 95 static struct kmem_cache *mrt_cachep __ro_after_init; 96 97 static struct mr_table *ipmr_new_table(struct net *net, u32 id); 98 static void ipmr_free_table(struct mr_table *mrt); 99 100 static void ip_mr_forward(struct net *net, struct mr_table *mrt, 101 struct net_device *dev, struct sk_buff *skb, 102 struct mfc_cache *cache, int local); 103 static int ipmr_cache_report(struct mr_table *mrt, 104 struct sk_buff *pkt, vifi_t vifi, int assert); 105 static void mroute_netlink_event(struct mr_table *mrt, struct mfc_cache *mfc, 106 int cmd); 107 static void igmpmsg_netlink_event(struct mr_table *mrt, struct sk_buff *pkt); 108 static void mroute_clean_tables(struct mr_table *mrt, int flags); 109 static void ipmr_expire_process(struct timer_list *t); 110 111 #ifdef CONFIG_IP_MROUTE_MULTIPLE_TABLES 112 #define ipmr_for_each_table(mrt, net) \ 113 list_for_each_entry_rcu(mrt, &net->ipv4.mr_tables, list, \ 114 lockdep_rtnl_is_held() || \ 115 list_empty(&net->ipv4.mr_tables)) 116 117 static struct mr_table *ipmr_mr_table_iter(struct net *net, 118 struct mr_table *mrt) 119 { 120 struct mr_table *ret; 121 122 if (!mrt) 123 ret = list_entry_rcu(net->ipv4.mr_tables.next, 124 struct mr_table, list); 125 else 126 ret = list_entry_rcu(mrt->list.next, 127 struct mr_table, list); 128 129 if (&ret->list == &net->ipv4.mr_tables) 130 return NULL; 131 return ret; 132 } 133 134 static struct mr_table *ipmr_get_table(struct net *net, u32 id) 135 { 136 struct mr_table *mrt; 137 138 ipmr_for_each_table(mrt, net) { 139 if (mrt->id == id) 140 return mrt; 141 } 142 return NULL; 143 } 144 145 static int ipmr_fib_lookup(struct net *net, struct flowi4 *flp4, 146 struct mr_table **mrt) 147 { 148 int err; 149 struct ipmr_result res; 150 struct fib_lookup_arg arg = { 151 .result = &res, 152 .flags = FIB_LOOKUP_NOREF, 153 }; 154 155 /* update flow if oif or iif point to device enslaved to l3mdev */ 156 l3mdev_update_flow(net, flowi4_to_flowi(flp4)); 157 158 err = fib_rules_lookup(net->ipv4.mr_rules_ops, 159 flowi4_to_flowi(flp4), 0, &arg); 160 if (err < 0) 161 return err; 162 *mrt = res.mrt; 163 return 0; 164 } 165 166 static int ipmr_rule_action(struct fib_rule *rule, struct flowi *flp, 167 int flags, struct fib_lookup_arg *arg) 168 { 169 struct ipmr_result *res = arg->result; 170 struct mr_table *mrt; 171 172 switch (rule->action) { 173 case FR_ACT_TO_TBL: 174 break; 175 case FR_ACT_UNREACHABLE: 176 return -ENETUNREACH; 177 case FR_ACT_PROHIBIT: 178 return -EACCES; 179 case FR_ACT_BLACKHOLE: 180 default: 181 return -EINVAL; 182 } 183 184 arg->table = fib_rule_get_table(rule, arg); 185 186 mrt = ipmr_get_table(rule->fr_net, arg->table); 187 if (!mrt) 188 return -EAGAIN; 189 res->mrt = mrt; 190 return 0; 191 } 192 193 static int ipmr_rule_match(struct fib_rule *rule, struct flowi *fl, int flags) 194 { 195 return 1; 196 } 197 198 static const struct nla_policy ipmr_rule_policy[FRA_MAX + 1] = { 199 FRA_GENERIC_POLICY, 200 }; 201 202 static int ipmr_rule_configure(struct fib_rule *rule, struct sk_buff *skb, 203 struct fib_rule_hdr *frh, struct nlattr **tb, 204 struct netlink_ext_ack *extack) 205 { 206 return 0; 207 } 208 209 static int ipmr_rule_compare(struct fib_rule *rule, struct fib_rule_hdr *frh, 210 struct nlattr **tb) 211 { 212 return 1; 213 } 214 215 static int ipmr_rule_fill(struct fib_rule *rule, struct sk_buff *skb, 216 struct fib_rule_hdr *frh) 217 { 218 frh->dst_len = 0; 219 frh->src_len = 0; 220 frh->tos = 0; 221 return 0; 222 } 223 224 static const struct fib_rules_ops __net_initconst ipmr_rules_ops_template = { 225 .family = RTNL_FAMILY_IPMR, 226 .rule_size = sizeof(struct ipmr_rule), 227 .addr_size = sizeof(u32), 228 .action = ipmr_rule_action, 229 .match = ipmr_rule_match, 230 .configure = ipmr_rule_configure, 231 .compare = ipmr_rule_compare, 232 .fill = ipmr_rule_fill, 233 .nlgroup = RTNLGRP_IPV4_RULE, 234 .policy = ipmr_rule_policy, 235 .owner = THIS_MODULE, 236 }; 237 238 static int __net_init ipmr_rules_init(struct net *net) 239 { 240 struct fib_rules_ops *ops; 241 struct mr_table *mrt; 242 int err; 243 244 ops = fib_rules_register(&ipmr_rules_ops_template, net); 245 if (IS_ERR(ops)) 246 return PTR_ERR(ops); 247 248 INIT_LIST_HEAD(&net->ipv4.mr_tables); 249 250 mrt = ipmr_new_table(net, RT_TABLE_DEFAULT); 251 if (IS_ERR(mrt)) { 252 err = PTR_ERR(mrt); 253 goto err1; 254 } 255 256 err = fib_default_rule_add(ops, 0x7fff, RT_TABLE_DEFAULT, 0); 257 if (err < 0) 258 goto err2; 259 260 net->ipv4.mr_rules_ops = ops; 261 return 0; 262 263 err2: 264 ipmr_free_table(mrt); 265 err1: 266 fib_rules_unregister(ops); 267 return err; 268 } 269 270 static void __net_exit ipmr_rules_exit(struct net *net) 271 { 272 struct mr_table *mrt, *next; 273 274 rtnl_lock(); 275 list_for_each_entry_safe(mrt, next, &net->ipv4.mr_tables, list) { 276 list_del(&mrt->list); 277 ipmr_free_table(mrt); 278 } 279 fib_rules_unregister(net->ipv4.mr_rules_ops); 280 rtnl_unlock(); 281 } 282 283 static int ipmr_rules_dump(struct net *net, struct notifier_block *nb, 284 struct netlink_ext_ack *extack) 285 { 286 return fib_rules_dump(net, nb, RTNL_FAMILY_IPMR, extack); 287 } 288 289 static unsigned int ipmr_rules_seq_read(struct net *net) 290 { 291 return fib_rules_seq_read(net, RTNL_FAMILY_IPMR); 292 } 293 294 bool ipmr_rule_default(const struct fib_rule *rule) 295 { 296 return fib_rule_matchall(rule) && rule->table == RT_TABLE_DEFAULT; 297 } 298 EXPORT_SYMBOL(ipmr_rule_default); 299 #else 300 #define ipmr_for_each_table(mrt, net) \ 301 for (mrt = net->ipv4.mrt; mrt; mrt = NULL) 302 303 static struct mr_table *ipmr_mr_table_iter(struct net *net, 304 struct mr_table *mrt) 305 { 306 if (!mrt) 307 return net->ipv4.mrt; 308 return NULL; 309 } 310 311 static struct mr_table *ipmr_get_table(struct net *net, u32 id) 312 { 313 return net->ipv4.mrt; 314 } 315 316 static int ipmr_fib_lookup(struct net *net, struct flowi4 *flp4, 317 struct mr_table **mrt) 318 { 319 *mrt = net->ipv4.mrt; 320 return 0; 321 } 322 323 static int __net_init ipmr_rules_init(struct net *net) 324 { 325 struct mr_table *mrt; 326 327 mrt = ipmr_new_table(net, RT_TABLE_DEFAULT); 328 if (IS_ERR(mrt)) 329 return PTR_ERR(mrt); 330 net->ipv4.mrt = mrt; 331 return 0; 332 } 333 334 static void __net_exit ipmr_rules_exit(struct net *net) 335 { 336 rtnl_lock(); 337 ipmr_free_table(net->ipv4.mrt); 338 net->ipv4.mrt = NULL; 339 rtnl_unlock(); 340 } 341 342 static int ipmr_rules_dump(struct net *net, struct notifier_block *nb, 343 struct netlink_ext_ack *extack) 344 { 345 return 0; 346 } 347 348 static unsigned int ipmr_rules_seq_read(struct net *net) 349 { 350 return 0; 351 } 352 353 bool ipmr_rule_default(const struct fib_rule *rule) 354 { 355 return true; 356 } 357 EXPORT_SYMBOL(ipmr_rule_default); 358 #endif 359 360 static inline int ipmr_hash_cmp(struct rhashtable_compare_arg *arg, 361 const void *ptr) 362 { 363 const struct mfc_cache_cmp_arg *cmparg = arg->key; 364 struct mfc_cache *c = (struct mfc_cache *)ptr; 365 366 return cmparg->mfc_mcastgrp != c->mfc_mcastgrp || 367 cmparg->mfc_origin != c->mfc_origin; 368 } 369 370 static const struct rhashtable_params ipmr_rht_params = { 371 .head_offset = offsetof(struct mr_mfc, mnode), 372 .key_offset = offsetof(struct mfc_cache, cmparg), 373 .key_len = sizeof(struct mfc_cache_cmp_arg), 374 .nelem_hint = 3, 375 .obj_cmpfn = ipmr_hash_cmp, 376 .automatic_shrinking = true, 377 }; 378 379 static void ipmr_new_table_set(struct mr_table *mrt, 380 struct net *net) 381 { 382 #ifdef CONFIG_IP_MROUTE_MULTIPLE_TABLES 383 list_add_tail_rcu(&mrt->list, &net->ipv4.mr_tables); 384 #endif 385 } 386 387 static struct mfc_cache_cmp_arg ipmr_mr_table_ops_cmparg_any = { 388 .mfc_mcastgrp = htonl(INADDR_ANY), 389 .mfc_origin = htonl(INADDR_ANY), 390 }; 391 392 static struct mr_table_ops ipmr_mr_table_ops = { 393 .rht_params = &ipmr_rht_params, 394 .cmparg_any = &ipmr_mr_table_ops_cmparg_any, 395 }; 396 397 static struct mr_table *ipmr_new_table(struct net *net, u32 id) 398 { 399 struct mr_table *mrt; 400 401 /* "pimreg%u" should not exceed 16 bytes (IFNAMSIZ) */ 402 if (id != RT_TABLE_DEFAULT && id >= 1000000000) 403 return ERR_PTR(-EINVAL); 404 405 mrt = ipmr_get_table(net, id); 406 if (mrt) 407 return mrt; 408 409 return mr_table_alloc(net, id, &ipmr_mr_table_ops, 410 ipmr_expire_process, ipmr_new_table_set); 411 } 412 413 static void ipmr_free_table(struct mr_table *mrt) 414 { 415 del_timer_sync(&mrt->ipmr_expire_timer); 416 mroute_clean_tables(mrt, MRT_FLUSH_VIFS | MRT_FLUSH_VIFS_STATIC | 417 MRT_FLUSH_MFC | MRT_FLUSH_MFC_STATIC); 418 rhltable_destroy(&mrt->mfc_hash); 419 kfree(mrt); 420 } 421 422 /* Service routines creating virtual interfaces: DVMRP tunnels and PIMREG */ 423 424 /* Initialize ipmr pimreg/tunnel in_device */ 425 static bool ipmr_init_vif_indev(const struct net_device *dev) 426 { 427 struct in_device *in_dev; 428 429 ASSERT_RTNL(); 430 431 in_dev = __in_dev_get_rtnl(dev); 432 if (!in_dev) 433 return false; 434 ipv4_devconf_setall(in_dev); 435 neigh_parms_data_state_setall(in_dev->arp_parms); 436 IPV4_DEVCONF(in_dev->cnf, RP_FILTER) = 0; 437 438 return true; 439 } 440 441 static struct net_device *ipmr_new_tunnel(struct net *net, struct vifctl *v) 442 { 443 struct net_device *tunnel_dev, *new_dev; 444 struct ip_tunnel_parm p = { }; 445 int err; 446 447 tunnel_dev = __dev_get_by_name(net, "tunl0"); 448 if (!tunnel_dev) 449 goto out; 450 451 p.iph.daddr = v->vifc_rmt_addr.s_addr; 452 p.iph.saddr = v->vifc_lcl_addr.s_addr; 453 p.iph.version = 4; 454 p.iph.ihl = 5; 455 p.iph.protocol = IPPROTO_IPIP; 456 sprintf(p.name, "dvmrp%d", v->vifc_vifi); 457 458 if (!tunnel_dev->netdev_ops->ndo_tunnel_ctl) 459 goto out; 460 err = tunnel_dev->netdev_ops->ndo_tunnel_ctl(tunnel_dev, &p, 461 SIOCADDTUNNEL); 462 if (err) 463 goto out; 464 465 new_dev = __dev_get_by_name(net, p.name); 466 if (!new_dev) 467 goto out; 468 469 new_dev->flags |= IFF_MULTICAST; 470 if (!ipmr_init_vif_indev(new_dev)) 471 goto out_unregister; 472 if (dev_open(new_dev, NULL)) 473 goto out_unregister; 474 dev_hold(new_dev); 475 err = dev_set_allmulti(new_dev, 1); 476 if (err) { 477 dev_close(new_dev); 478 tunnel_dev->netdev_ops->ndo_tunnel_ctl(tunnel_dev, &p, 479 SIOCDELTUNNEL); 480 dev_put(new_dev); 481 new_dev = ERR_PTR(err); 482 } 483 return new_dev; 484 485 out_unregister: 486 unregister_netdevice(new_dev); 487 out: 488 return ERR_PTR(-ENOBUFS); 489 } 490 491 #if defined(CONFIG_IP_PIMSM_V1) || defined(CONFIG_IP_PIMSM_V2) 492 static netdev_tx_t reg_vif_xmit(struct sk_buff *skb, struct net_device *dev) 493 { 494 struct net *net = dev_net(dev); 495 struct mr_table *mrt; 496 struct flowi4 fl4 = { 497 .flowi4_oif = dev->ifindex, 498 .flowi4_iif = skb->skb_iif ? : LOOPBACK_IFINDEX, 499 .flowi4_mark = skb->mark, 500 }; 501 int err; 502 503 err = ipmr_fib_lookup(net, &fl4, &mrt); 504 if (err < 0) { 505 kfree_skb(skb); 506 return err; 507 } 508 509 read_lock(&mrt_lock); 510 dev->stats.tx_bytes += skb->len; 511 dev->stats.tx_packets++; 512 ipmr_cache_report(mrt, skb, mrt->mroute_reg_vif_num, IGMPMSG_WHOLEPKT); 513 read_unlock(&mrt_lock); 514 kfree_skb(skb); 515 return NETDEV_TX_OK; 516 } 517 518 static int reg_vif_get_iflink(const struct net_device *dev) 519 { 520 return 0; 521 } 522 523 static const struct net_device_ops reg_vif_netdev_ops = { 524 .ndo_start_xmit = reg_vif_xmit, 525 .ndo_get_iflink = reg_vif_get_iflink, 526 }; 527 528 static void reg_vif_setup(struct net_device *dev) 529 { 530 dev->type = ARPHRD_PIMREG; 531 dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr) - 8; 532 dev->flags = IFF_NOARP; 533 dev->netdev_ops = ®_vif_netdev_ops; 534 dev->needs_free_netdev = true; 535 dev->features |= NETIF_F_NETNS_LOCAL; 536 } 537 538 static struct net_device *ipmr_reg_vif(struct net *net, struct mr_table *mrt) 539 { 540 struct net_device *dev; 541 char name[IFNAMSIZ]; 542 543 if (mrt->id == RT_TABLE_DEFAULT) 544 sprintf(name, "pimreg"); 545 else 546 sprintf(name, "pimreg%u", mrt->id); 547 548 dev = alloc_netdev(0, name, NET_NAME_UNKNOWN, reg_vif_setup); 549 550 if (!dev) 551 return NULL; 552 553 dev_net_set(dev, net); 554 555 if (register_netdevice(dev)) { 556 free_netdev(dev); 557 return NULL; 558 } 559 560 if (!ipmr_init_vif_indev(dev)) 561 goto failure; 562 if (dev_open(dev, NULL)) 563 goto failure; 564 565 dev_hold(dev); 566 567 return dev; 568 569 failure: 570 unregister_netdevice(dev); 571 return NULL; 572 } 573 574 /* called with rcu_read_lock() */ 575 static int __pim_rcv(struct mr_table *mrt, struct sk_buff *skb, 576 unsigned int pimlen) 577 { 578 struct net_device *reg_dev = NULL; 579 struct iphdr *encap; 580 581 encap = (struct iphdr *)(skb_transport_header(skb) + pimlen); 582 /* Check that: 583 * a. packet is really sent to a multicast group 584 * b. packet is not a NULL-REGISTER 585 * c. packet is not truncated 586 */ 587 if (!ipv4_is_multicast(encap->daddr) || 588 encap->tot_len == 0 || 589 ntohs(encap->tot_len) + pimlen > skb->len) 590 return 1; 591 592 read_lock(&mrt_lock); 593 if (mrt->mroute_reg_vif_num >= 0) 594 reg_dev = mrt->vif_table[mrt->mroute_reg_vif_num].dev; 595 read_unlock(&mrt_lock); 596 597 if (!reg_dev) 598 return 1; 599 600 skb->mac_header = skb->network_header; 601 skb_pull(skb, (u8 *)encap - skb->data); 602 skb_reset_network_header(skb); 603 skb->protocol = htons(ETH_P_IP); 604 skb->ip_summed = CHECKSUM_NONE; 605 606 skb_tunnel_rx(skb, reg_dev, dev_net(reg_dev)); 607 608 netif_rx(skb); 609 610 return NET_RX_SUCCESS; 611 } 612 #else 613 static struct net_device *ipmr_reg_vif(struct net *net, struct mr_table *mrt) 614 { 615 return NULL; 616 } 617 #endif 618 619 static int call_ipmr_vif_entry_notifiers(struct net *net, 620 enum fib_event_type event_type, 621 struct vif_device *vif, 622 vifi_t vif_index, u32 tb_id) 623 { 624 return mr_call_vif_notifiers(net, RTNL_FAMILY_IPMR, event_type, 625 vif, vif_index, tb_id, 626 &net->ipv4.ipmr_seq); 627 } 628 629 static int call_ipmr_mfc_entry_notifiers(struct net *net, 630 enum fib_event_type event_type, 631 struct mfc_cache *mfc, u32 tb_id) 632 { 633 return mr_call_mfc_notifiers(net, RTNL_FAMILY_IPMR, event_type, 634 &mfc->_c, tb_id, &net->ipv4.ipmr_seq); 635 } 636 637 /** 638 * vif_delete - Delete a VIF entry 639 * @mrt: Table to delete from 640 * @vifi: VIF identifier to delete 641 * @notify: Set to 1, if the caller is a notifier_call 642 * @head: if unregistering the VIF, place it on this queue 643 */ 644 static int vif_delete(struct mr_table *mrt, int vifi, int notify, 645 struct list_head *head) 646 { 647 struct net *net = read_pnet(&mrt->net); 648 struct vif_device *v; 649 struct net_device *dev; 650 struct in_device *in_dev; 651 652 if (vifi < 0 || vifi >= mrt->maxvif) 653 return -EADDRNOTAVAIL; 654 655 v = &mrt->vif_table[vifi]; 656 657 if (VIF_EXISTS(mrt, vifi)) 658 call_ipmr_vif_entry_notifiers(net, FIB_EVENT_VIF_DEL, v, vifi, 659 mrt->id); 660 661 write_lock_bh(&mrt_lock); 662 dev = v->dev; 663 v->dev = NULL; 664 665 if (!dev) { 666 write_unlock_bh(&mrt_lock); 667 return -EADDRNOTAVAIL; 668 } 669 670 if (vifi == mrt->mroute_reg_vif_num) 671 mrt->mroute_reg_vif_num = -1; 672 673 if (vifi + 1 == mrt->maxvif) { 674 int tmp; 675 676 for (tmp = vifi - 1; tmp >= 0; tmp--) { 677 if (VIF_EXISTS(mrt, tmp)) 678 break; 679 } 680 mrt->maxvif = tmp+1; 681 } 682 683 write_unlock_bh(&mrt_lock); 684 685 dev_set_allmulti(dev, -1); 686 687 in_dev = __in_dev_get_rtnl(dev); 688 if (in_dev) { 689 IPV4_DEVCONF(in_dev->cnf, MC_FORWARDING)--; 690 inet_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF, 691 NETCONFA_MC_FORWARDING, 692 dev->ifindex, &in_dev->cnf); 693 ip_rt_multicast_event(in_dev); 694 } 695 696 if (v->flags & (VIFF_TUNNEL | VIFF_REGISTER) && !notify) 697 unregister_netdevice_queue(dev, head); 698 699 dev_put(dev); 700 return 0; 701 } 702 703 static void ipmr_cache_free_rcu(struct rcu_head *head) 704 { 705 struct mr_mfc *c = container_of(head, struct mr_mfc, rcu); 706 707 kmem_cache_free(mrt_cachep, (struct mfc_cache *)c); 708 } 709 710 static void ipmr_cache_free(struct mfc_cache *c) 711 { 712 call_rcu(&c->_c.rcu, ipmr_cache_free_rcu); 713 } 714 715 /* Destroy an unresolved cache entry, killing queued skbs 716 * and reporting error to netlink readers. 717 */ 718 static void ipmr_destroy_unres(struct mr_table *mrt, struct mfc_cache *c) 719 { 720 struct net *net = read_pnet(&mrt->net); 721 struct sk_buff *skb; 722 struct nlmsgerr *e; 723 724 atomic_dec(&mrt->cache_resolve_queue_len); 725 726 while ((skb = skb_dequeue(&c->_c.mfc_un.unres.unresolved))) { 727 if (ip_hdr(skb)->version == 0) { 728 struct nlmsghdr *nlh = skb_pull(skb, 729 sizeof(struct iphdr)); 730 nlh->nlmsg_type = NLMSG_ERROR; 731 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr)); 732 skb_trim(skb, nlh->nlmsg_len); 733 e = nlmsg_data(nlh); 734 e->error = -ETIMEDOUT; 735 memset(&e->msg, 0, sizeof(e->msg)); 736 737 rtnl_unicast(skb, net, NETLINK_CB(skb).portid); 738 } else { 739 kfree_skb(skb); 740 } 741 } 742 743 ipmr_cache_free(c); 744 } 745 746 /* Timer process for the unresolved queue. */ 747 static void ipmr_expire_process(struct timer_list *t) 748 { 749 struct mr_table *mrt = from_timer(mrt, t, ipmr_expire_timer); 750 struct mr_mfc *c, *next; 751 unsigned long expires; 752 unsigned long now; 753 754 if (!spin_trylock(&mfc_unres_lock)) { 755 mod_timer(&mrt->ipmr_expire_timer, jiffies+HZ/10); 756 return; 757 } 758 759 if (list_empty(&mrt->mfc_unres_queue)) 760 goto out; 761 762 now = jiffies; 763 expires = 10*HZ; 764 765 list_for_each_entry_safe(c, next, &mrt->mfc_unres_queue, list) { 766 if (time_after(c->mfc_un.unres.expires, now)) { 767 unsigned long interval = c->mfc_un.unres.expires - now; 768 if (interval < expires) 769 expires = interval; 770 continue; 771 } 772 773 list_del(&c->list); 774 mroute_netlink_event(mrt, (struct mfc_cache *)c, RTM_DELROUTE); 775 ipmr_destroy_unres(mrt, (struct mfc_cache *)c); 776 } 777 778 if (!list_empty(&mrt->mfc_unres_queue)) 779 mod_timer(&mrt->ipmr_expire_timer, jiffies + expires); 780 781 out: 782 spin_unlock(&mfc_unres_lock); 783 } 784 785 /* Fill oifs list. It is called under write locked mrt_lock. */ 786 static void ipmr_update_thresholds(struct mr_table *mrt, struct mr_mfc *cache, 787 unsigned char *ttls) 788 { 789 int vifi; 790 791 cache->mfc_un.res.minvif = MAXVIFS; 792 cache->mfc_un.res.maxvif = 0; 793 memset(cache->mfc_un.res.ttls, 255, MAXVIFS); 794 795 for (vifi = 0; vifi < mrt->maxvif; vifi++) { 796 if (VIF_EXISTS(mrt, vifi) && 797 ttls[vifi] && ttls[vifi] < 255) { 798 cache->mfc_un.res.ttls[vifi] = ttls[vifi]; 799 if (cache->mfc_un.res.minvif > vifi) 800 cache->mfc_un.res.minvif = vifi; 801 if (cache->mfc_un.res.maxvif <= vifi) 802 cache->mfc_un.res.maxvif = vifi + 1; 803 } 804 } 805 cache->mfc_un.res.lastuse = jiffies; 806 } 807 808 static int vif_add(struct net *net, struct mr_table *mrt, 809 struct vifctl *vifc, int mrtsock) 810 { 811 struct netdev_phys_item_id ppid = { }; 812 int vifi = vifc->vifc_vifi; 813 struct vif_device *v = &mrt->vif_table[vifi]; 814 struct net_device *dev; 815 struct in_device *in_dev; 816 int err; 817 818 /* Is vif busy ? */ 819 if (VIF_EXISTS(mrt, vifi)) 820 return -EADDRINUSE; 821 822 switch (vifc->vifc_flags) { 823 case VIFF_REGISTER: 824 if (!ipmr_pimsm_enabled()) 825 return -EINVAL; 826 /* Special Purpose VIF in PIM 827 * All the packets will be sent to the daemon 828 */ 829 if (mrt->mroute_reg_vif_num >= 0) 830 return -EADDRINUSE; 831 dev = ipmr_reg_vif(net, mrt); 832 if (!dev) 833 return -ENOBUFS; 834 err = dev_set_allmulti(dev, 1); 835 if (err) { 836 unregister_netdevice(dev); 837 dev_put(dev); 838 return err; 839 } 840 break; 841 case VIFF_TUNNEL: 842 dev = ipmr_new_tunnel(net, vifc); 843 if (IS_ERR(dev)) 844 return PTR_ERR(dev); 845 break; 846 case VIFF_USE_IFINDEX: 847 case 0: 848 if (vifc->vifc_flags == VIFF_USE_IFINDEX) { 849 dev = dev_get_by_index(net, vifc->vifc_lcl_ifindex); 850 if (dev && !__in_dev_get_rtnl(dev)) { 851 dev_put(dev); 852 return -EADDRNOTAVAIL; 853 } 854 } else { 855 dev = ip_dev_find(net, vifc->vifc_lcl_addr.s_addr); 856 } 857 if (!dev) 858 return -EADDRNOTAVAIL; 859 err = dev_set_allmulti(dev, 1); 860 if (err) { 861 dev_put(dev); 862 return err; 863 } 864 break; 865 default: 866 return -EINVAL; 867 } 868 869 in_dev = __in_dev_get_rtnl(dev); 870 if (!in_dev) { 871 dev_put(dev); 872 return -EADDRNOTAVAIL; 873 } 874 IPV4_DEVCONF(in_dev->cnf, MC_FORWARDING)++; 875 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, NETCONFA_MC_FORWARDING, 876 dev->ifindex, &in_dev->cnf); 877 ip_rt_multicast_event(in_dev); 878 879 /* Fill in the VIF structures */ 880 vif_device_init(v, dev, vifc->vifc_rate_limit, 881 vifc->vifc_threshold, 882 vifc->vifc_flags | (!mrtsock ? VIFF_STATIC : 0), 883 (VIFF_TUNNEL | VIFF_REGISTER)); 884 885 err = dev_get_port_parent_id(dev, &ppid, true); 886 if (err == 0) { 887 memcpy(v->dev_parent_id.id, ppid.id, ppid.id_len); 888 v->dev_parent_id.id_len = ppid.id_len; 889 } else { 890 v->dev_parent_id.id_len = 0; 891 } 892 893 v->local = vifc->vifc_lcl_addr.s_addr; 894 v->remote = vifc->vifc_rmt_addr.s_addr; 895 896 /* And finish update writing critical data */ 897 write_lock_bh(&mrt_lock); 898 v->dev = dev; 899 if (v->flags & VIFF_REGISTER) 900 mrt->mroute_reg_vif_num = vifi; 901 if (vifi+1 > mrt->maxvif) 902 mrt->maxvif = vifi+1; 903 write_unlock_bh(&mrt_lock); 904 call_ipmr_vif_entry_notifiers(net, FIB_EVENT_VIF_ADD, v, vifi, mrt->id); 905 return 0; 906 } 907 908 /* called with rcu_read_lock() */ 909 static struct mfc_cache *ipmr_cache_find(struct mr_table *mrt, 910 __be32 origin, 911 __be32 mcastgrp) 912 { 913 struct mfc_cache_cmp_arg arg = { 914 .mfc_mcastgrp = mcastgrp, 915 .mfc_origin = origin 916 }; 917 918 return mr_mfc_find(mrt, &arg); 919 } 920 921 /* Look for a (*,G) entry */ 922 static struct mfc_cache *ipmr_cache_find_any(struct mr_table *mrt, 923 __be32 mcastgrp, int vifi) 924 { 925 struct mfc_cache_cmp_arg arg = { 926 .mfc_mcastgrp = mcastgrp, 927 .mfc_origin = htonl(INADDR_ANY) 928 }; 929 930 if (mcastgrp == htonl(INADDR_ANY)) 931 return mr_mfc_find_any_parent(mrt, vifi); 932 return mr_mfc_find_any(mrt, vifi, &arg); 933 } 934 935 /* Look for a (S,G,iif) entry if parent != -1 */ 936 static struct mfc_cache *ipmr_cache_find_parent(struct mr_table *mrt, 937 __be32 origin, __be32 mcastgrp, 938 int parent) 939 { 940 struct mfc_cache_cmp_arg arg = { 941 .mfc_mcastgrp = mcastgrp, 942 .mfc_origin = origin, 943 }; 944 945 return mr_mfc_find_parent(mrt, &arg, parent); 946 } 947 948 /* Allocate a multicast cache entry */ 949 static struct mfc_cache *ipmr_cache_alloc(void) 950 { 951 struct mfc_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_KERNEL); 952 953 if (c) { 954 c->_c.mfc_un.res.last_assert = jiffies - MFC_ASSERT_THRESH - 1; 955 c->_c.mfc_un.res.minvif = MAXVIFS; 956 c->_c.free = ipmr_cache_free_rcu; 957 refcount_set(&c->_c.mfc_un.res.refcount, 1); 958 } 959 return c; 960 } 961 962 static struct mfc_cache *ipmr_cache_alloc_unres(void) 963 { 964 struct mfc_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_ATOMIC); 965 966 if (c) { 967 skb_queue_head_init(&c->_c.mfc_un.unres.unresolved); 968 c->_c.mfc_un.unres.expires = jiffies + 10 * HZ; 969 } 970 return c; 971 } 972 973 /* A cache entry has gone into a resolved state from queued */ 974 static void ipmr_cache_resolve(struct net *net, struct mr_table *mrt, 975 struct mfc_cache *uc, struct mfc_cache *c) 976 { 977 struct sk_buff *skb; 978 struct nlmsgerr *e; 979 980 /* Play the pending entries through our router */ 981 while ((skb = __skb_dequeue(&uc->_c.mfc_un.unres.unresolved))) { 982 if (ip_hdr(skb)->version == 0) { 983 struct nlmsghdr *nlh = skb_pull(skb, 984 sizeof(struct iphdr)); 985 986 if (mr_fill_mroute(mrt, skb, &c->_c, 987 nlmsg_data(nlh)) > 0) { 988 nlh->nlmsg_len = skb_tail_pointer(skb) - 989 (u8 *)nlh; 990 } else { 991 nlh->nlmsg_type = NLMSG_ERROR; 992 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr)); 993 skb_trim(skb, nlh->nlmsg_len); 994 e = nlmsg_data(nlh); 995 e->error = -EMSGSIZE; 996 memset(&e->msg, 0, sizeof(e->msg)); 997 } 998 999 rtnl_unicast(skb, net, NETLINK_CB(skb).portid); 1000 } else { 1001 ip_mr_forward(net, mrt, skb->dev, skb, c, 0); 1002 } 1003 } 1004 } 1005 1006 /* Bounce a cache query up to mrouted and netlink. 1007 * 1008 * Called under mrt_lock. 1009 */ 1010 static int ipmr_cache_report(struct mr_table *mrt, 1011 struct sk_buff *pkt, vifi_t vifi, int assert) 1012 { 1013 const int ihl = ip_hdrlen(pkt); 1014 struct sock *mroute_sk; 1015 struct igmphdr *igmp; 1016 struct igmpmsg *msg; 1017 struct sk_buff *skb; 1018 int ret; 1019 1020 if (assert == IGMPMSG_WHOLEPKT || assert == IGMPMSG_WRVIFWHOLE) 1021 skb = skb_realloc_headroom(pkt, sizeof(struct iphdr)); 1022 else 1023 skb = alloc_skb(128, GFP_ATOMIC); 1024 1025 if (!skb) 1026 return -ENOBUFS; 1027 1028 if (assert == IGMPMSG_WHOLEPKT || assert == IGMPMSG_WRVIFWHOLE) { 1029 /* Ugly, but we have no choice with this interface. 1030 * Duplicate old header, fix ihl, length etc. 1031 * And all this only to mangle msg->im_msgtype and 1032 * to set msg->im_mbz to "mbz" :-) 1033 */ 1034 skb_push(skb, sizeof(struct iphdr)); 1035 skb_reset_network_header(skb); 1036 skb_reset_transport_header(skb); 1037 msg = (struct igmpmsg *)skb_network_header(skb); 1038 memcpy(msg, skb_network_header(pkt), sizeof(struct iphdr)); 1039 msg->im_msgtype = assert; 1040 msg->im_mbz = 0; 1041 if (assert == IGMPMSG_WRVIFWHOLE) { 1042 msg->im_vif = vifi; 1043 msg->im_vif_hi = vifi >> 8; 1044 } else { 1045 msg->im_vif = mrt->mroute_reg_vif_num; 1046 msg->im_vif_hi = mrt->mroute_reg_vif_num >> 8; 1047 } 1048 ip_hdr(skb)->ihl = sizeof(struct iphdr) >> 2; 1049 ip_hdr(skb)->tot_len = htons(ntohs(ip_hdr(pkt)->tot_len) + 1050 sizeof(struct iphdr)); 1051 } else { 1052 /* Copy the IP header */ 1053 skb_set_network_header(skb, skb->len); 1054 skb_put(skb, ihl); 1055 skb_copy_to_linear_data(skb, pkt->data, ihl); 1056 /* Flag to the kernel this is a route add */ 1057 ip_hdr(skb)->protocol = 0; 1058 msg = (struct igmpmsg *)skb_network_header(skb); 1059 msg->im_vif = vifi; 1060 msg->im_vif_hi = vifi >> 8; 1061 skb_dst_set(skb, dst_clone(skb_dst(pkt))); 1062 /* Add our header */ 1063 igmp = skb_put(skb, sizeof(struct igmphdr)); 1064 igmp->type = assert; 1065 msg->im_msgtype = assert; 1066 igmp->code = 0; 1067 ip_hdr(skb)->tot_len = htons(skb->len); /* Fix the length */ 1068 skb->transport_header = skb->network_header; 1069 } 1070 1071 rcu_read_lock(); 1072 mroute_sk = rcu_dereference(mrt->mroute_sk); 1073 if (!mroute_sk) { 1074 rcu_read_unlock(); 1075 kfree_skb(skb); 1076 return -EINVAL; 1077 } 1078 1079 igmpmsg_netlink_event(mrt, skb); 1080 1081 /* Deliver to mrouted */ 1082 ret = sock_queue_rcv_skb(mroute_sk, skb); 1083 rcu_read_unlock(); 1084 if (ret < 0) { 1085 net_warn_ratelimited("mroute: pending queue full, dropping entries\n"); 1086 kfree_skb(skb); 1087 } 1088 1089 return ret; 1090 } 1091 1092 /* Queue a packet for resolution. It gets locked cache entry! */ 1093 static int ipmr_cache_unresolved(struct mr_table *mrt, vifi_t vifi, 1094 struct sk_buff *skb, struct net_device *dev) 1095 { 1096 const struct iphdr *iph = ip_hdr(skb); 1097 struct mfc_cache *c; 1098 bool found = false; 1099 int err; 1100 1101 spin_lock_bh(&mfc_unres_lock); 1102 list_for_each_entry(c, &mrt->mfc_unres_queue, _c.list) { 1103 if (c->mfc_mcastgrp == iph->daddr && 1104 c->mfc_origin == iph->saddr) { 1105 found = true; 1106 break; 1107 } 1108 } 1109 1110 if (!found) { 1111 /* Create a new entry if allowable */ 1112 c = ipmr_cache_alloc_unres(); 1113 if (!c) { 1114 spin_unlock_bh(&mfc_unres_lock); 1115 1116 kfree_skb(skb); 1117 return -ENOBUFS; 1118 } 1119 1120 /* Fill in the new cache entry */ 1121 c->_c.mfc_parent = -1; 1122 c->mfc_origin = iph->saddr; 1123 c->mfc_mcastgrp = iph->daddr; 1124 1125 /* Reflect first query at mrouted. */ 1126 err = ipmr_cache_report(mrt, skb, vifi, IGMPMSG_NOCACHE); 1127 1128 if (err < 0) { 1129 /* If the report failed throw the cache entry 1130 out - Brad Parker 1131 */ 1132 spin_unlock_bh(&mfc_unres_lock); 1133 1134 ipmr_cache_free(c); 1135 kfree_skb(skb); 1136 return err; 1137 } 1138 1139 atomic_inc(&mrt->cache_resolve_queue_len); 1140 list_add(&c->_c.list, &mrt->mfc_unres_queue); 1141 mroute_netlink_event(mrt, c, RTM_NEWROUTE); 1142 1143 if (atomic_read(&mrt->cache_resolve_queue_len) == 1) 1144 mod_timer(&mrt->ipmr_expire_timer, 1145 c->_c.mfc_un.unres.expires); 1146 } 1147 1148 /* See if we can append the packet */ 1149 if (c->_c.mfc_un.unres.unresolved.qlen > 3) { 1150 kfree_skb(skb); 1151 err = -ENOBUFS; 1152 } else { 1153 if (dev) { 1154 skb->dev = dev; 1155 skb->skb_iif = dev->ifindex; 1156 } 1157 skb_queue_tail(&c->_c.mfc_un.unres.unresolved, skb); 1158 err = 0; 1159 } 1160 1161 spin_unlock_bh(&mfc_unres_lock); 1162 return err; 1163 } 1164 1165 /* MFC cache manipulation by user space mroute daemon */ 1166 1167 static int ipmr_mfc_delete(struct mr_table *mrt, struct mfcctl *mfc, int parent) 1168 { 1169 struct net *net = read_pnet(&mrt->net); 1170 struct mfc_cache *c; 1171 1172 /* The entries are added/deleted only under RTNL */ 1173 rcu_read_lock(); 1174 c = ipmr_cache_find_parent(mrt, mfc->mfcc_origin.s_addr, 1175 mfc->mfcc_mcastgrp.s_addr, parent); 1176 rcu_read_unlock(); 1177 if (!c) 1178 return -ENOENT; 1179 rhltable_remove(&mrt->mfc_hash, &c->_c.mnode, ipmr_rht_params); 1180 list_del_rcu(&c->_c.list); 1181 call_ipmr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_DEL, c, mrt->id); 1182 mroute_netlink_event(mrt, c, RTM_DELROUTE); 1183 mr_cache_put(&c->_c); 1184 1185 return 0; 1186 } 1187 1188 static int ipmr_mfc_add(struct net *net, struct mr_table *mrt, 1189 struct mfcctl *mfc, int mrtsock, int parent) 1190 { 1191 struct mfc_cache *uc, *c; 1192 struct mr_mfc *_uc; 1193 bool found; 1194 int ret; 1195 1196 if (mfc->mfcc_parent >= MAXVIFS) 1197 return -ENFILE; 1198 1199 /* The entries are added/deleted only under RTNL */ 1200 rcu_read_lock(); 1201 c = ipmr_cache_find_parent(mrt, mfc->mfcc_origin.s_addr, 1202 mfc->mfcc_mcastgrp.s_addr, parent); 1203 rcu_read_unlock(); 1204 if (c) { 1205 write_lock_bh(&mrt_lock); 1206 c->_c.mfc_parent = mfc->mfcc_parent; 1207 ipmr_update_thresholds(mrt, &c->_c, mfc->mfcc_ttls); 1208 if (!mrtsock) 1209 c->_c.mfc_flags |= MFC_STATIC; 1210 write_unlock_bh(&mrt_lock); 1211 call_ipmr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_REPLACE, c, 1212 mrt->id); 1213 mroute_netlink_event(mrt, c, RTM_NEWROUTE); 1214 return 0; 1215 } 1216 1217 if (mfc->mfcc_mcastgrp.s_addr != htonl(INADDR_ANY) && 1218 !ipv4_is_multicast(mfc->mfcc_mcastgrp.s_addr)) 1219 return -EINVAL; 1220 1221 c = ipmr_cache_alloc(); 1222 if (!c) 1223 return -ENOMEM; 1224 1225 c->mfc_origin = mfc->mfcc_origin.s_addr; 1226 c->mfc_mcastgrp = mfc->mfcc_mcastgrp.s_addr; 1227 c->_c.mfc_parent = mfc->mfcc_parent; 1228 ipmr_update_thresholds(mrt, &c->_c, mfc->mfcc_ttls); 1229 if (!mrtsock) 1230 c->_c.mfc_flags |= MFC_STATIC; 1231 1232 ret = rhltable_insert_key(&mrt->mfc_hash, &c->cmparg, &c->_c.mnode, 1233 ipmr_rht_params); 1234 if (ret) { 1235 pr_err("ipmr: rhtable insert error %d\n", ret); 1236 ipmr_cache_free(c); 1237 return ret; 1238 } 1239 list_add_tail_rcu(&c->_c.list, &mrt->mfc_cache_list); 1240 /* Check to see if we resolved a queued list. If so we 1241 * need to send on the frames and tidy up. 1242 */ 1243 found = false; 1244 spin_lock_bh(&mfc_unres_lock); 1245 list_for_each_entry(_uc, &mrt->mfc_unres_queue, list) { 1246 uc = (struct mfc_cache *)_uc; 1247 if (uc->mfc_origin == c->mfc_origin && 1248 uc->mfc_mcastgrp == c->mfc_mcastgrp) { 1249 list_del(&_uc->list); 1250 atomic_dec(&mrt->cache_resolve_queue_len); 1251 found = true; 1252 break; 1253 } 1254 } 1255 if (list_empty(&mrt->mfc_unres_queue)) 1256 del_timer(&mrt->ipmr_expire_timer); 1257 spin_unlock_bh(&mfc_unres_lock); 1258 1259 if (found) { 1260 ipmr_cache_resolve(net, mrt, uc, c); 1261 ipmr_cache_free(uc); 1262 } 1263 call_ipmr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_ADD, c, mrt->id); 1264 mroute_netlink_event(mrt, c, RTM_NEWROUTE); 1265 return 0; 1266 } 1267 1268 /* Close the multicast socket, and clear the vif tables etc */ 1269 static void mroute_clean_tables(struct mr_table *mrt, int flags) 1270 { 1271 struct net *net = read_pnet(&mrt->net); 1272 struct mr_mfc *c, *tmp; 1273 struct mfc_cache *cache; 1274 LIST_HEAD(list); 1275 int i; 1276 1277 /* Shut down all active vif entries */ 1278 if (flags & (MRT_FLUSH_VIFS | MRT_FLUSH_VIFS_STATIC)) { 1279 for (i = 0; i < mrt->maxvif; i++) { 1280 if (((mrt->vif_table[i].flags & VIFF_STATIC) && 1281 !(flags & MRT_FLUSH_VIFS_STATIC)) || 1282 (!(mrt->vif_table[i].flags & VIFF_STATIC) && !(flags & MRT_FLUSH_VIFS))) 1283 continue; 1284 vif_delete(mrt, i, 0, &list); 1285 } 1286 unregister_netdevice_many(&list); 1287 } 1288 1289 /* Wipe the cache */ 1290 if (flags & (MRT_FLUSH_MFC | MRT_FLUSH_MFC_STATIC)) { 1291 list_for_each_entry_safe(c, tmp, &mrt->mfc_cache_list, list) { 1292 if (((c->mfc_flags & MFC_STATIC) && !(flags & MRT_FLUSH_MFC_STATIC)) || 1293 (!(c->mfc_flags & MFC_STATIC) && !(flags & MRT_FLUSH_MFC))) 1294 continue; 1295 rhltable_remove(&mrt->mfc_hash, &c->mnode, ipmr_rht_params); 1296 list_del_rcu(&c->list); 1297 cache = (struct mfc_cache *)c; 1298 call_ipmr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_DEL, cache, 1299 mrt->id); 1300 mroute_netlink_event(mrt, cache, RTM_DELROUTE); 1301 mr_cache_put(c); 1302 } 1303 } 1304 1305 if (flags & MRT_FLUSH_MFC) { 1306 if (atomic_read(&mrt->cache_resolve_queue_len) != 0) { 1307 spin_lock_bh(&mfc_unres_lock); 1308 list_for_each_entry_safe(c, tmp, &mrt->mfc_unres_queue, list) { 1309 list_del(&c->list); 1310 cache = (struct mfc_cache *)c; 1311 mroute_netlink_event(mrt, cache, RTM_DELROUTE); 1312 ipmr_destroy_unres(mrt, cache); 1313 } 1314 spin_unlock_bh(&mfc_unres_lock); 1315 } 1316 } 1317 } 1318 1319 /* called from ip_ra_control(), before an RCU grace period, 1320 * we dont need to call synchronize_rcu() here 1321 */ 1322 static void mrtsock_destruct(struct sock *sk) 1323 { 1324 struct net *net = sock_net(sk); 1325 struct mr_table *mrt; 1326 1327 rtnl_lock(); 1328 ipmr_for_each_table(mrt, net) { 1329 if (sk == rtnl_dereference(mrt->mroute_sk)) { 1330 IPV4_DEVCONF_ALL(net, MC_FORWARDING)--; 1331 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 1332 NETCONFA_MC_FORWARDING, 1333 NETCONFA_IFINDEX_ALL, 1334 net->ipv4.devconf_all); 1335 RCU_INIT_POINTER(mrt->mroute_sk, NULL); 1336 mroute_clean_tables(mrt, MRT_FLUSH_VIFS | MRT_FLUSH_MFC); 1337 } 1338 } 1339 rtnl_unlock(); 1340 } 1341 1342 /* Socket options and virtual interface manipulation. The whole 1343 * virtual interface system is a complete heap, but unfortunately 1344 * that's how BSD mrouted happens to think. Maybe one day with a proper 1345 * MOSPF/PIM router set up we can clean this up. 1346 */ 1347 1348 int ip_mroute_setsockopt(struct sock *sk, int optname, sockptr_t optval, 1349 unsigned int optlen) 1350 { 1351 struct net *net = sock_net(sk); 1352 int val, ret = 0, parent = 0; 1353 struct mr_table *mrt; 1354 struct vifctl vif; 1355 struct mfcctl mfc; 1356 bool do_wrvifwhole; 1357 u32 uval; 1358 1359 /* There's one exception to the lock - MRT_DONE which needs to unlock */ 1360 rtnl_lock(); 1361 if (sk->sk_type != SOCK_RAW || 1362 inet_sk(sk)->inet_num != IPPROTO_IGMP) { 1363 ret = -EOPNOTSUPP; 1364 goto out_unlock; 1365 } 1366 1367 mrt = ipmr_get_table(net, raw_sk(sk)->ipmr_table ? : RT_TABLE_DEFAULT); 1368 if (!mrt) { 1369 ret = -ENOENT; 1370 goto out_unlock; 1371 } 1372 if (optname != MRT_INIT) { 1373 if (sk != rcu_access_pointer(mrt->mroute_sk) && 1374 !ns_capable(net->user_ns, CAP_NET_ADMIN)) { 1375 ret = -EACCES; 1376 goto out_unlock; 1377 } 1378 } 1379 1380 switch (optname) { 1381 case MRT_INIT: 1382 if (optlen != sizeof(int)) { 1383 ret = -EINVAL; 1384 break; 1385 } 1386 if (rtnl_dereference(mrt->mroute_sk)) { 1387 ret = -EADDRINUSE; 1388 break; 1389 } 1390 1391 ret = ip_ra_control(sk, 1, mrtsock_destruct); 1392 if (ret == 0) { 1393 rcu_assign_pointer(mrt->mroute_sk, sk); 1394 IPV4_DEVCONF_ALL(net, MC_FORWARDING)++; 1395 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 1396 NETCONFA_MC_FORWARDING, 1397 NETCONFA_IFINDEX_ALL, 1398 net->ipv4.devconf_all); 1399 } 1400 break; 1401 case MRT_DONE: 1402 if (sk != rcu_access_pointer(mrt->mroute_sk)) { 1403 ret = -EACCES; 1404 } else { 1405 /* We need to unlock here because mrtsock_destruct takes 1406 * care of rtnl itself and we can't change that due to 1407 * the IP_ROUTER_ALERT setsockopt which runs without it. 1408 */ 1409 rtnl_unlock(); 1410 ret = ip_ra_control(sk, 0, NULL); 1411 goto out; 1412 } 1413 break; 1414 case MRT_ADD_VIF: 1415 case MRT_DEL_VIF: 1416 if (optlen != sizeof(vif)) { 1417 ret = -EINVAL; 1418 break; 1419 } 1420 if (copy_from_sockptr(&vif, optval, sizeof(vif))) { 1421 ret = -EFAULT; 1422 break; 1423 } 1424 if (vif.vifc_vifi >= MAXVIFS) { 1425 ret = -ENFILE; 1426 break; 1427 } 1428 if (optname == MRT_ADD_VIF) { 1429 ret = vif_add(net, mrt, &vif, 1430 sk == rtnl_dereference(mrt->mroute_sk)); 1431 } else { 1432 ret = vif_delete(mrt, vif.vifc_vifi, 0, NULL); 1433 } 1434 break; 1435 /* Manipulate the forwarding caches. These live 1436 * in a sort of kernel/user symbiosis. 1437 */ 1438 case MRT_ADD_MFC: 1439 case MRT_DEL_MFC: 1440 parent = -1; 1441 fallthrough; 1442 case MRT_ADD_MFC_PROXY: 1443 case MRT_DEL_MFC_PROXY: 1444 if (optlen != sizeof(mfc)) { 1445 ret = -EINVAL; 1446 break; 1447 } 1448 if (copy_from_sockptr(&mfc, optval, sizeof(mfc))) { 1449 ret = -EFAULT; 1450 break; 1451 } 1452 if (parent == 0) 1453 parent = mfc.mfcc_parent; 1454 if (optname == MRT_DEL_MFC || optname == MRT_DEL_MFC_PROXY) 1455 ret = ipmr_mfc_delete(mrt, &mfc, parent); 1456 else 1457 ret = ipmr_mfc_add(net, mrt, &mfc, 1458 sk == rtnl_dereference(mrt->mroute_sk), 1459 parent); 1460 break; 1461 case MRT_FLUSH: 1462 if (optlen != sizeof(val)) { 1463 ret = -EINVAL; 1464 break; 1465 } 1466 if (copy_from_sockptr(&val, optval, sizeof(val))) { 1467 ret = -EFAULT; 1468 break; 1469 } 1470 mroute_clean_tables(mrt, val); 1471 break; 1472 /* Control PIM assert. */ 1473 case MRT_ASSERT: 1474 if (optlen != sizeof(val)) { 1475 ret = -EINVAL; 1476 break; 1477 } 1478 if (copy_from_sockptr(&val, optval, sizeof(val))) { 1479 ret = -EFAULT; 1480 break; 1481 } 1482 mrt->mroute_do_assert = val; 1483 break; 1484 case MRT_PIM: 1485 if (!ipmr_pimsm_enabled()) { 1486 ret = -ENOPROTOOPT; 1487 break; 1488 } 1489 if (optlen != sizeof(val)) { 1490 ret = -EINVAL; 1491 break; 1492 } 1493 if (copy_from_sockptr(&val, optval, sizeof(val))) { 1494 ret = -EFAULT; 1495 break; 1496 } 1497 1498 do_wrvifwhole = (val == IGMPMSG_WRVIFWHOLE); 1499 val = !!val; 1500 if (val != mrt->mroute_do_pim) { 1501 mrt->mroute_do_pim = val; 1502 mrt->mroute_do_assert = val; 1503 mrt->mroute_do_wrvifwhole = do_wrvifwhole; 1504 } 1505 break; 1506 case MRT_TABLE: 1507 if (!IS_BUILTIN(CONFIG_IP_MROUTE_MULTIPLE_TABLES)) { 1508 ret = -ENOPROTOOPT; 1509 break; 1510 } 1511 if (optlen != sizeof(uval)) { 1512 ret = -EINVAL; 1513 break; 1514 } 1515 if (copy_from_sockptr(&uval, optval, sizeof(uval))) { 1516 ret = -EFAULT; 1517 break; 1518 } 1519 1520 if (sk == rtnl_dereference(mrt->mroute_sk)) { 1521 ret = -EBUSY; 1522 } else { 1523 mrt = ipmr_new_table(net, uval); 1524 if (IS_ERR(mrt)) 1525 ret = PTR_ERR(mrt); 1526 else 1527 raw_sk(sk)->ipmr_table = uval; 1528 } 1529 break; 1530 /* Spurious command, or MRT_VERSION which you cannot set. */ 1531 default: 1532 ret = -ENOPROTOOPT; 1533 } 1534 out_unlock: 1535 rtnl_unlock(); 1536 out: 1537 return ret; 1538 } 1539 1540 /* Getsock opt support for the multicast routing system. */ 1541 int ip_mroute_getsockopt(struct sock *sk, int optname, char __user *optval, int __user *optlen) 1542 { 1543 int olr; 1544 int val; 1545 struct net *net = sock_net(sk); 1546 struct mr_table *mrt; 1547 1548 if (sk->sk_type != SOCK_RAW || 1549 inet_sk(sk)->inet_num != IPPROTO_IGMP) 1550 return -EOPNOTSUPP; 1551 1552 mrt = ipmr_get_table(net, raw_sk(sk)->ipmr_table ? : RT_TABLE_DEFAULT); 1553 if (!mrt) 1554 return -ENOENT; 1555 1556 switch (optname) { 1557 case MRT_VERSION: 1558 val = 0x0305; 1559 break; 1560 case MRT_PIM: 1561 if (!ipmr_pimsm_enabled()) 1562 return -ENOPROTOOPT; 1563 val = mrt->mroute_do_pim; 1564 break; 1565 case MRT_ASSERT: 1566 val = mrt->mroute_do_assert; 1567 break; 1568 default: 1569 return -ENOPROTOOPT; 1570 } 1571 1572 if (get_user(olr, optlen)) 1573 return -EFAULT; 1574 olr = min_t(unsigned int, olr, sizeof(int)); 1575 if (olr < 0) 1576 return -EINVAL; 1577 if (put_user(olr, optlen)) 1578 return -EFAULT; 1579 if (copy_to_user(optval, &val, olr)) 1580 return -EFAULT; 1581 return 0; 1582 } 1583 1584 /* The IP multicast ioctl support routines. */ 1585 int ipmr_ioctl(struct sock *sk, int cmd, void __user *arg) 1586 { 1587 struct sioc_sg_req sr; 1588 struct sioc_vif_req vr; 1589 struct vif_device *vif; 1590 struct mfc_cache *c; 1591 struct net *net = sock_net(sk); 1592 struct mr_table *mrt; 1593 1594 mrt = ipmr_get_table(net, raw_sk(sk)->ipmr_table ? : RT_TABLE_DEFAULT); 1595 if (!mrt) 1596 return -ENOENT; 1597 1598 switch (cmd) { 1599 case SIOCGETVIFCNT: 1600 if (copy_from_user(&vr, arg, sizeof(vr))) 1601 return -EFAULT; 1602 if (vr.vifi >= mrt->maxvif) 1603 return -EINVAL; 1604 vr.vifi = array_index_nospec(vr.vifi, mrt->maxvif); 1605 read_lock(&mrt_lock); 1606 vif = &mrt->vif_table[vr.vifi]; 1607 if (VIF_EXISTS(mrt, vr.vifi)) { 1608 vr.icount = vif->pkt_in; 1609 vr.ocount = vif->pkt_out; 1610 vr.ibytes = vif->bytes_in; 1611 vr.obytes = vif->bytes_out; 1612 read_unlock(&mrt_lock); 1613 1614 if (copy_to_user(arg, &vr, sizeof(vr))) 1615 return -EFAULT; 1616 return 0; 1617 } 1618 read_unlock(&mrt_lock); 1619 return -EADDRNOTAVAIL; 1620 case SIOCGETSGCNT: 1621 if (copy_from_user(&sr, arg, sizeof(sr))) 1622 return -EFAULT; 1623 1624 rcu_read_lock(); 1625 c = ipmr_cache_find(mrt, sr.src.s_addr, sr.grp.s_addr); 1626 if (c) { 1627 sr.pktcnt = c->_c.mfc_un.res.pkt; 1628 sr.bytecnt = c->_c.mfc_un.res.bytes; 1629 sr.wrong_if = c->_c.mfc_un.res.wrong_if; 1630 rcu_read_unlock(); 1631 1632 if (copy_to_user(arg, &sr, sizeof(sr))) 1633 return -EFAULT; 1634 return 0; 1635 } 1636 rcu_read_unlock(); 1637 return -EADDRNOTAVAIL; 1638 default: 1639 return -ENOIOCTLCMD; 1640 } 1641 } 1642 1643 #ifdef CONFIG_COMPAT 1644 struct compat_sioc_sg_req { 1645 struct in_addr src; 1646 struct in_addr grp; 1647 compat_ulong_t pktcnt; 1648 compat_ulong_t bytecnt; 1649 compat_ulong_t wrong_if; 1650 }; 1651 1652 struct compat_sioc_vif_req { 1653 vifi_t vifi; /* Which iface */ 1654 compat_ulong_t icount; 1655 compat_ulong_t ocount; 1656 compat_ulong_t ibytes; 1657 compat_ulong_t obytes; 1658 }; 1659 1660 int ipmr_compat_ioctl(struct sock *sk, unsigned int cmd, void __user *arg) 1661 { 1662 struct compat_sioc_sg_req sr; 1663 struct compat_sioc_vif_req vr; 1664 struct vif_device *vif; 1665 struct mfc_cache *c; 1666 struct net *net = sock_net(sk); 1667 struct mr_table *mrt; 1668 1669 mrt = ipmr_get_table(net, raw_sk(sk)->ipmr_table ? : RT_TABLE_DEFAULT); 1670 if (!mrt) 1671 return -ENOENT; 1672 1673 switch (cmd) { 1674 case SIOCGETVIFCNT: 1675 if (copy_from_user(&vr, arg, sizeof(vr))) 1676 return -EFAULT; 1677 if (vr.vifi >= mrt->maxvif) 1678 return -EINVAL; 1679 vr.vifi = array_index_nospec(vr.vifi, mrt->maxvif); 1680 read_lock(&mrt_lock); 1681 vif = &mrt->vif_table[vr.vifi]; 1682 if (VIF_EXISTS(mrt, vr.vifi)) { 1683 vr.icount = vif->pkt_in; 1684 vr.ocount = vif->pkt_out; 1685 vr.ibytes = vif->bytes_in; 1686 vr.obytes = vif->bytes_out; 1687 read_unlock(&mrt_lock); 1688 1689 if (copy_to_user(arg, &vr, sizeof(vr))) 1690 return -EFAULT; 1691 return 0; 1692 } 1693 read_unlock(&mrt_lock); 1694 return -EADDRNOTAVAIL; 1695 case SIOCGETSGCNT: 1696 if (copy_from_user(&sr, arg, sizeof(sr))) 1697 return -EFAULT; 1698 1699 rcu_read_lock(); 1700 c = ipmr_cache_find(mrt, sr.src.s_addr, sr.grp.s_addr); 1701 if (c) { 1702 sr.pktcnt = c->_c.mfc_un.res.pkt; 1703 sr.bytecnt = c->_c.mfc_un.res.bytes; 1704 sr.wrong_if = c->_c.mfc_un.res.wrong_if; 1705 rcu_read_unlock(); 1706 1707 if (copy_to_user(arg, &sr, sizeof(sr))) 1708 return -EFAULT; 1709 return 0; 1710 } 1711 rcu_read_unlock(); 1712 return -EADDRNOTAVAIL; 1713 default: 1714 return -ENOIOCTLCMD; 1715 } 1716 } 1717 #endif 1718 1719 static int ipmr_device_event(struct notifier_block *this, unsigned long event, void *ptr) 1720 { 1721 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 1722 struct net *net = dev_net(dev); 1723 struct mr_table *mrt; 1724 struct vif_device *v; 1725 int ct; 1726 1727 if (event != NETDEV_UNREGISTER) 1728 return NOTIFY_DONE; 1729 1730 ipmr_for_each_table(mrt, net) { 1731 v = &mrt->vif_table[0]; 1732 for (ct = 0; ct < mrt->maxvif; ct++, v++) { 1733 if (v->dev == dev) 1734 vif_delete(mrt, ct, 1, NULL); 1735 } 1736 } 1737 return NOTIFY_DONE; 1738 } 1739 1740 static struct notifier_block ip_mr_notifier = { 1741 .notifier_call = ipmr_device_event, 1742 }; 1743 1744 /* Encapsulate a packet by attaching a valid IPIP header to it. 1745 * This avoids tunnel drivers and other mess and gives us the speed so 1746 * important for multicast video. 1747 */ 1748 static void ip_encap(struct net *net, struct sk_buff *skb, 1749 __be32 saddr, __be32 daddr) 1750 { 1751 struct iphdr *iph; 1752 const struct iphdr *old_iph = ip_hdr(skb); 1753 1754 skb_push(skb, sizeof(struct iphdr)); 1755 skb->transport_header = skb->network_header; 1756 skb_reset_network_header(skb); 1757 iph = ip_hdr(skb); 1758 1759 iph->version = 4; 1760 iph->tos = old_iph->tos; 1761 iph->ttl = old_iph->ttl; 1762 iph->frag_off = 0; 1763 iph->daddr = daddr; 1764 iph->saddr = saddr; 1765 iph->protocol = IPPROTO_IPIP; 1766 iph->ihl = 5; 1767 iph->tot_len = htons(skb->len); 1768 ip_select_ident(net, skb, NULL); 1769 ip_send_check(iph); 1770 1771 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt)); 1772 nf_reset_ct(skb); 1773 } 1774 1775 static inline int ipmr_forward_finish(struct net *net, struct sock *sk, 1776 struct sk_buff *skb) 1777 { 1778 struct ip_options *opt = &(IPCB(skb)->opt); 1779 1780 IP_INC_STATS(net, IPSTATS_MIB_OUTFORWDATAGRAMS); 1781 IP_ADD_STATS(net, IPSTATS_MIB_OUTOCTETS, skb->len); 1782 1783 if (unlikely(opt->optlen)) 1784 ip_forward_options(skb); 1785 1786 return dst_output(net, sk, skb); 1787 } 1788 1789 #ifdef CONFIG_NET_SWITCHDEV 1790 static bool ipmr_forward_offloaded(struct sk_buff *skb, struct mr_table *mrt, 1791 int in_vifi, int out_vifi) 1792 { 1793 struct vif_device *out_vif = &mrt->vif_table[out_vifi]; 1794 struct vif_device *in_vif = &mrt->vif_table[in_vifi]; 1795 1796 if (!skb->offload_l3_fwd_mark) 1797 return false; 1798 if (!out_vif->dev_parent_id.id_len || !in_vif->dev_parent_id.id_len) 1799 return false; 1800 return netdev_phys_item_id_same(&out_vif->dev_parent_id, 1801 &in_vif->dev_parent_id); 1802 } 1803 #else 1804 static bool ipmr_forward_offloaded(struct sk_buff *skb, struct mr_table *mrt, 1805 int in_vifi, int out_vifi) 1806 { 1807 return false; 1808 } 1809 #endif 1810 1811 /* Processing handlers for ipmr_forward */ 1812 1813 static void ipmr_queue_xmit(struct net *net, struct mr_table *mrt, 1814 int in_vifi, struct sk_buff *skb, int vifi) 1815 { 1816 const struct iphdr *iph = ip_hdr(skb); 1817 struct vif_device *vif = &mrt->vif_table[vifi]; 1818 struct net_device *dev; 1819 struct rtable *rt; 1820 struct flowi4 fl4; 1821 int encap = 0; 1822 1823 if (!vif->dev) 1824 goto out_free; 1825 1826 if (vif->flags & VIFF_REGISTER) { 1827 vif->pkt_out++; 1828 vif->bytes_out += skb->len; 1829 vif->dev->stats.tx_bytes += skb->len; 1830 vif->dev->stats.tx_packets++; 1831 ipmr_cache_report(mrt, skb, vifi, IGMPMSG_WHOLEPKT); 1832 goto out_free; 1833 } 1834 1835 if (ipmr_forward_offloaded(skb, mrt, in_vifi, vifi)) 1836 goto out_free; 1837 1838 if (vif->flags & VIFF_TUNNEL) { 1839 rt = ip_route_output_ports(net, &fl4, NULL, 1840 vif->remote, vif->local, 1841 0, 0, 1842 IPPROTO_IPIP, 1843 RT_TOS(iph->tos), vif->link); 1844 if (IS_ERR(rt)) 1845 goto out_free; 1846 encap = sizeof(struct iphdr); 1847 } else { 1848 rt = ip_route_output_ports(net, &fl4, NULL, iph->daddr, 0, 1849 0, 0, 1850 IPPROTO_IPIP, 1851 RT_TOS(iph->tos), vif->link); 1852 if (IS_ERR(rt)) 1853 goto out_free; 1854 } 1855 1856 dev = rt->dst.dev; 1857 1858 if (skb->len+encap > dst_mtu(&rt->dst) && (ntohs(iph->frag_off) & IP_DF)) { 1859 /* Do not fragment multicasts. Alas, IPv4 does not 1860 * allow to send ICMP, so that packets will disappear 1861 * to blackhole. 1862 */ 1863 IP_INC_STATS(net, IPSTATS_MIB_FRAGFAILS); 1864 ip_rt_put(rt); 1865 goto out_free; 1866 } 1867 1868 encap += LL_RESERVED_SPACE(dev) + rt->dst.header_len; 1869 1870 if (skb_cow(skb, encap)) { 1871 ip_rt_put(rt); 1872 goto out_free; 1873 } 1874 1875 vif->pkt_out++; 1876 vif->bytes_out += skb->len; 1877 1878 skb_dst_drop(skb); 1879 skb_dst_set(skb, &rt->dst); 1880 ip_decrease_ttl(ip_hdr(skb)); 1881 1882 /* FIXME: forward and output firewalls used to be called here. 1883 * What do we do with netfilter? -- RR 1884 */ 1885 if (vif->flags & VIFF_TUNNEL) { 1886 ip_encap(net, skb, vif->local, vif->remote); 1887 /* FIXME: extra output firewall step used to be here. --RR */ 1888 vif->dev->stats.tx_packets++; 1889 vif->dev->stats.tx_bytes += skb->len; 1890 } 1891 1892 IPCB(skb)->flags |= IPSKB_FORWARDED; 1893 1894 /* RFC1584 teaches, that DVMRP/PIM router must deliver packets locally 1895 * not only before forwarding, but after forwarding on all output 1896 * interfaces. It is clear, if mrouter runs a multicasting 1897 * program, it should receive packets not depending to what interface 1898 * program is joined. 1899 * If we will not make it, the program will have to join on all 1900 * interfaces. On the other hand, multihoming host (or router, but 1901 * not mrouter) cannot join to more than one interface - it will 1902 * result in receiving multiple packets. 1903 */ 1904 NF_HOOK(NFPROTO_IPV4, NF_INET_FORWARD, 1905 net, NULL, skb, skb->dev, dev, 1906 ipmr_forward_finish); 1907 return; 1908 1909 out_free: 1910 kfree_skb(skb); 1911 } 1912 1913 static int ipmr_find_vif(struct mr_table *mrt, struct net_device *dev) 1914 { 1915 int ct; 1916 1917 for (ct = mrt->maxvif-1; ct >= 0; ct--) { 1918 if (mrt->vif_table[ct].dev == dev) 1919 break; 1920 } 1921 return ct; 1922 } 1923 1924 /* "local" means that we should preserve one skb (for local delivery) */ 1925 static void ip_mr_forward(struct net *net, struct mr_table *mrt, 1926 struct net_device *dev, struct sk_buff *skb, 1927 struct mfc_cache *c, int local) 1928 { 1929 int true_vifi = ipmr_find_vif(mrt, dev); 1930 int psend = -1; 1931 int vif, ct; 1932 1933 vif = c->_c.mfc_parent; 1934 c->_c.mfc_un.res.pkt++; 1935 c->_c.mfc_un.res.bytes += skb->len; 1936 c->_c.mfc_un.res.lastuse = jiffies; 1937 1938 if (c->mfc_origin == htonl(INADDR_ANY) && true_vifi >= 0) { 1939 struct mfc_cache *cache_proxy; 1940 1941 /* For an (*,G) entry, we only check that the incomming 1942 * interface is part of the static tree. 1943 */ 1944 cache_proxy = mr_mfc_find_any_parent(mrt, vif); 1945 if (cache_proxy && 1946 cache_proxy->_c.mfc_un.res.ttls[true_vifi] < 255) 1947 goto forward; 1948 } 1949 1950 /* Wrong interface: drop packet and (maybe) send PIM assert. */ 1951 if (mrt->vif_table[vif].dev != dev) { 1952 if (rt_is_output_route(skb_rtable(skb))) { 1953 /* It is our own packet, looped back. 1954 * Very complicated situation... 1955 * 1956 * The best workaround until routing daemons will be 1957 * fixed is not to redistribute packet, if it was 1958 * send through wrong interface. It means, that 1959 * multicast applications WILL NOT work for 1960 * (S,G), which have default multicast route pointing 1961 * to wrong oif. In any case, it is not a good 1962 * idea to use multicasting applications on router. 1963 */ 1964 goto dont_forward; 1965 } 1966 1967 c->_c.mfc_un.res.wrong_if++; 1968 1969 if (true_vifi >= 0 && mrt->mroute_do_assert && 1970 /* pimsm uses asserts, when switching from RPT to SPT, 1971 * so that we cannot check that packet arrived on an oif. 1972 * It is bad, but otherwise we would need to move pretty 1973 * large chunk of pimd to kernel. Ough... --ANK 1974 */ 1975 (mrt->mroute_do_pim || 1976 c->_c.mfc_un.res.ttls[true_vifi] < 255) && 1977 time_after(jiffies, 1978 c->_c.mfc_un.res.last_assert + 1979 MFC_ASSERT_THRESH)) { 1980 c->_c.mfc_un.res.last_assert = jiffies; 1981 ipmr_cache_report(mrt, skb, true_vifi, IGMPMSG_WRONGVIF); 1982 if (mrt->mroute_do_wrvifwhole) 1983 ipmr_cache_report(mrt, skb, true_vifi, 1984 IGMPMSG_WRVIFWHOLE); 1985 } 1986 goto dont_forward; 1987 } 1988 1989 forward: 1990 mrt->vif_table[vif].pkt_in++; 1991 mrt->vif_table[vif].bytes_in += skb->len; 1992 1993 /* Forward the frame */ 1994 if (c->mfc_origin == htonl(INADDR_ANY) && 1995 c->mfc_mcastgrp == htonl(INADDR_ANY)) { 1996 if (true_vifi >= 0 && 1997 true_vifi != c->_c.mfc_parent && 1998 ip_hdr(skb)->ttl > 1999 c->_c.mfc_un.res.ttls[c->_c.mfc_parent]) { 2000 /* It's an (*,*) entry and the packet is not coming from 2001 * the upstream: forward the packet to the upstream 2002 * only. 2003 */ 2004 psend = c->_c.mfc_parent; 2005 goto last_forward; 2006 } 2007 goto dont_forward; 2008 } 2009 for (ct = c->_c.mfc_un.res.maxvif - 1; 2010 ct >= c->_c.mfc_un.res.minvif; ct--) { 2011 /* For (*,G) entry, don't forward to the incoming interface */ 2012 if ((c->mfc_origin != htonl(INADDR_ANY) || 2013 ct != true_vifi) && 2014 ip_hdr(skb)->ttl > c->_c.mfc_un.res.ttls[ct]) { 2015 if (psend != -1) { 2016 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC); 2017 2018 if (skb2) 2019 ipmr_queue_xmit(net, mrt, true_vifi, 2020 skb2, psend); 2021 } 2022 psend = ct; 2023 } 2024 } 2025 last_forward: 2026 if (psend != -1) { 2027 if (local) { 2028 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC); 2029 2030 if (skb2) 2031 ipmr_queue_xmit(net, mrt, true_vifi, skb2, 2032 psend); 2033 } else { 2034 ipmr_queue_xmit(net, mrt, true_vifi, skb, psend); 2035 return; 2036 } 2037 } 2038 2039 dont_forward: 2040 if (!local) 2041 kfree_skb(skb); 2042 } 2043 2044 static struct mr_table *ipmr_rt_fib_lookup(struct net *net, struct sk_buff *skb) 2045 { 2046 struct rtable *rt = skb_rtable(skb); 2047 struct iphdr *iph = ip_hdr(skb); 2048 struct flowi4 fl4 = { 2049 .daddr = iph->daddr, 2050 .saddr = iph->saddr, 2051 .flowi4_tos = RT_TOS(iph->tos), 2052 .flowi4_oif = (rt_is_output_route(rt) ? 2053 skb->dev->ifindex : 0), 2054 .flowi4_iif = (rt_is_output_route(rt) ? 2055 LOOPBACK_IFINDEX : 2056 skb->dev->ifindex), 2057 .flowi4_mark = skb->mark, 2058 }; 2059 struct mr_table *mrt; 2060 int err; 2061 2062 err = ipmr_fib_lookup(net, &fl4, &mrt); 2063 if (err) 2064 return ERR_PTR(err); 2065 return mrt; 2066 } 2067 2068 /* Multicast packets for forwarding arrive here 2069 * Called with rcu_read_lock(); 2070 */ 2071 int ip_mr_input(struct sk_buff *skb) 2072 { 2073 struct mfc_cache *cache; 2074 struct net *net = dev_net(skb->dev); 2075 int local = skb_rtable(skb)->rt_flags & RTCF_LOCAL; 2076 struct mr_table *mrt; 2077 struct net_device *dev; 2078 2079 /* skb->dev passed in is the loX master dev for vrfs. 2080 * As there are no vifs associated with loopback devices, 2081 * get the proper interface that does have a vif associated with it. 2082 */ 2083 dev = skb->dev; 2084 if (netif_is_l3_master(skb->dev)) { 2085 dev = dev_get_by_index_rcu(net, IPCB(skb)->iif); 2086 if (!dev) { 2087 kfree_skb(skb); 2088 return -ENODEV; 2089 } 2090 } 2091 2092 /* Packet is looped back after forward, it should not be 2093 * forwarded second time, but still can be delivered locally. 2094 */ 2095 if (IPCB(skb)->flags & IPSKB_FORWARDED) 2096 goto dont_forward; 2097 2098 mrt = ipmr_rt_fib_lookup(net, skb); 2099 if (IS_ERR(mrt)) { 2100 kfree_skb(skb); 2101 return PTR_ERR(mrt); 2102 } 2103 if (!local) { 2104 if (IPCB(skb)->opt.router_alert) { 2105 if (ip_call_ra_chain(skb)) 2106 return 0; 2107 } else if (ip_hdr(skb)->protocol == IPPROTO_IGMP) { 2108 /* IGMPv1 (and broken IGMPv2 implementations sort of 2109 * Cisco IOS <= 11.2(8)) do not put router alert 2110 * option to IGMP packets destined to routable 2111 * groups. It is very bad, because it means 2112 * that we can forward NO IGMP messages. 2113 */ 2114 struct sock *mroute_sk; 2115 2116 mroute_sk = rcu_dereference(mrt->mroute_sk); 2117 if (mroute_sk) { 2118 nf_reset_ct(skb); 2119 raw_rcv(mroute_sk, skb); 2120 return 0; 2121 } 2122 } 2123 } 2124 2125 /* already under rcu_read_lock() */ 2126 cache = ipmr_cache_find(mrt, ip_hdr(skb)->saddr, ip_hdr(skb)->daddr); 2127 if (!cache) { 2128 int vif = ipmr_find_vif(mrt, dev); 2129 2130 if (vif >= 0) 2131 cache = ipmr_cache_find_any(mrt, ip_hdr(skb)->daddr, 2132 vif); 2133 } 2134 2135 /* No usable cache entry */ 2136 if (!cache) { 2137 int vif; 2138 2139 if (local) { 2140 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC); 2141 ip_local_deliver(skb); 2142 if (!skb2) 2143 return -ENOBUFS; 2144 skb = skb2; 2145 } 2146 2147 read_lock(&mrt_lock); 2148 vif = ipmr_find_vif(mrt, dev); 2149 if (vif >= 0) { 2150 int err2 = ipmr_cache_unresolved(mrt, vif, skb, dev); 2151 read_unlock(&mrt_lock); 2152 2153 return err2; 2154 } 2155 read_unlock(&mrt_lock); 2156 kfree_skb(skb); 2157 return -ENODEV; 2158 } 2159 2160 read_lock(&mrt_lock); 2161 ip_mr_forward(net, mrt, dev, skb, cache, local); 2162 read_unlock(&mrt_lock); 2163 2164 if (local) 2165 return ip_local_deliver(skb); 2166 2167 return 0; 2168 2169 dont_forward: 2170 if (local) 2171 return ip_local_deliver(skb); 2172 kfree_skb(skb); 2173 return 0; 2174 } 2175 2176 #ifdef CONFIG_IP_PIMSM_V1 2177 /* Handle IGMP messages of PIMv1 */ 2178 int pim_rcv_v1(struct sk_buff *skb) 2179 { 2180 struct igmphdr *pim; 2181 struct net *net = dev_net(skb->dev); 2182 struct mr_table *mrt; 2183 2184 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(struct iphdr))) 2185 goto drop; 2186 2187 pim = igmp_hdr(skb); 2188 2189 mrt = ipmr_rt_fib_lookup(net, skb); 2190 if (IS_ERR(mrt)) 2191 goto drop; 2192 if (!mrt->mroute_do_pim || 2193 pim->group != PIM_V1_VERSION || pim->code != PIM_V1_REGISTER) 2194 goto drop; 2195 2196 if (__pim_rcv(mrt, skb, sizeof(*pim))) { 2197 drop: 2198 kfree_skb(skb); 2199 } 2200 return 0; 2201 } 2202 #endif 2203 2204 #ifdef CONFIG_IP_PIMSM_V2 2205 static int pim_rcv(struct sk_buff *skb) 2206 { 2207 struct pimreghdr *pim; 2208 struct net *net = dev_net(skb->dev); 2209 struct mr_table *mrt; 2210 2211 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(struct iphdr))) 2212 goto drop; 2213 2214 pim = (struct pimreghdr *)skb_transport_header(skb); 2215 if (pim->type != ((PIM_VERSION << 4) | (PIM_TYPE_REGISTER)) || 2216 (pim->flags & PIM_NULL_REGISTER) || 2217 (ip_compute_csum((void *)pim, sizeof(*pim)) != 0 && 2218 csum_fold(skb_checksum(skb, 0, skb->len, 0)))) 2219 goto drop; 2220 2221 mrt = ipmr_rt_fib_lookup(net, skb); 2222 if (IS_ERR(mrt)) 2223 goto drop; 2224 if (__pim_rcv(mrt, skb, sizeof(*pim))) { 2225 drop: 2226 kfree_skb(skb); 2227 } 2228 return 0; 2229 } 2230 #endif 2231 2232 int ipmr_get_route(struct net *net, struct sk_buff *skb, 2233 __be32 saddr, __be32 daddr, 2234 struct rtmsg *rtm, u32 portid) 2235 { 2236 struct mfc_cache *cache; 2237 struct mr_table *mrt; 2238 int err; 2239 2240 mrt = ipmr_get_table(net, RT_TABLE_DEFAULT); 2241 if (!mrt) 2242 return -ENOENT; 2243 2244 rcu_read_lock(); 2245 cache = ipmr_cache_find(mrt, saddr, daddr); 2246 if (!cache && skb->dev) { 2247 int vif = ipmr_find_vif(mrt, skb->dev); 2248 2249 if (vif >= 0) 2250 cache = ipmr_cache_find_any(mrt, daddr, vif); 2251 } 2252 if (!cache) { 2253 struct sk_buff *skb2; 2254 struct iphdr *iph; 2255 struct net_device *dev; 2256 int vif = -1; 2257 2258 dev = skb->dev; 2259 read_lock(&mrt_lock); 2260 if (dev) 2261 vif = ipmr_find_vif(mrt, dev); 2262 if (vif < 0) { 2263 read_unlock(&mrt_lock); 2264 rcu_read_unlock(); 2265 return -ENODEV; 2266 } 2267 2268 skb2 = skb_realloc_headroom(skb, sizeof(struct iphdr)); 2269 if (!skb2) { 2270 read_unlock(&mrt_lock); 2271 rcu_read_unlock(); 2272 return -ENOMEM; 2273 } 2274 2275 NETLINK_CB(skb2).portid = portid; 2276 skb_push(skb2, sizeof(struct iphdr)); 2277 skb_reset_network_header(skb2); 2278 iph = ip_hdr(skb2); 2279 iph->ihl = sizeof(struct iphdr) >> 2; 2280 iph->saddr = saddr; 2281 iph->daddr = daddr; 2282 iph->version = 0; 2283 err = ipmr_cache_unresolved(mrt, vif, skb2, dev); 2284 read_unlock(&mrt_lock); 2285 rcu_read_unlock(); 2286 return err; 2287 } 2288 2289 read_lock(&mrt_lock); 2290 err = mr_fill_mroute(mrt, skb, &cache->_c, rtm); 2291 read_unlock(&mrt_lock); 2292 rcu_read_unlock(); 2293 return err; 2294 } 2295 2296 static int ipmr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb, 2297 u32 portid, u32 seq, struct mfc_cache *c, int cmd, 2298 int flags) 2299 { 2300 struct nlmsghdr *nlh; 2301 struct rtmsg *rtm; 2302 int err; 2303 2304 nlh = nlmsg_put(skb, portid, seq, cmd, sizeof(*rtm), flags); 2305 if (!nlh) 2306 return -EMSGSIZE; 2307 2308 rtm = nlmsg_data(nlh); 2309 rtm->rtm_family = RTNL_FAMILY_IPMR; 2310 rtm->rtm_dst_len = 32; 2311 rtm->rtm_src_len = 32; 2312 rtm->rtm_tos = 0; 2313 rtm->rtm_table = mrt->id; 2314 if (nla_put_u32(skb, RTA_TABLE, mrt->id)) 2315 goto nla_put_failure; 2316 rtm->rtm_type = RTN_MULTICAST; 2317 rtm->rtm_scope = RT_SCOPE_UNIVERSE; 2318 if (c->_c.mfc_flags & MFC_STATIC) 2319 rtm->rtm_protocol = RTPROT_STATIC; 2320 else 2321 rtm->rtm_protocol = RTPROT_MROUTED; 2322 rtm->rtm_flags = 0; 2323 2324 if (nla_put_in_addr(skb, RTA_SRC, c->mfc_origin) || 2325 nla_put_in_addr(skb, RTA_DST, c->mfc_mcastgrp)) 2326 goto nla_put_failure; 2327 err = mr_fill_mroute(mrt, skb, &c->_c, rtm); 2328 /* do not break the dump if cache is unresolved */ 2329 if (err < 0 && err != -ENOENT) 2330 goto nla_put_failure; 2331 2332 nlmsg_end(skb, nlh); 2333 return 0; 2334 2335 nla_put_failure: 2336 nlmsg_cancel(skb, nlh); 2337 return -EMSGSIZE; 2338 } 2339 2340 static int _ipmr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb, 2341 u32 portid, u32 seq, struct mr_mfc *c, int cmd, 2342 int flags) 2343 { 2344 return ipmr_fill_mroute(mrt, skb, portid, seq, (struct mfc_cache *)c, 2345 cmd, flags); 2346 } 2347 2348 static size_t mroute_msgsize(bool unresolved, int maxvif) 2349 { 2350 size_t len = 2351 NLMSG_ALIGN(sizeof(struct rtmsg)) 2352 + nla_total_size(4) /* RTA_TABLE */ 2353 + nla_total_size(4) /* RTA_SRC */ 2354 + nla_total_size(4) /* RTA_DST */ 2355 ; 2356 2357 if (!unresolved) 2358 len = len 2359 + nla_total_size(4) /* RTA_IIF */ 2360 + nla_total_size(0) /* RTA_MULTIPATH */ 2361 + maxvif * NLA_ALIGN(sizeof(struct rtnexthop)) 2362 /* RTA_MFC_STATS */ 2363 + nla_total_size_64bit(sizeof(struct rta_mfc_stats)) 2364 ; 2365 2366 return len; 2367 } 2368 2369 static void mroute_netlink_event(struct mr_table *mrt, struct mfc_cache *mfc, 2370 int cmd) 2371 { 2372 struct net *net = read_pnet(&mrt->net); 2373 struct sk_buff *skb; 2374 int err = -ENOBUFS; 2375 2376 skb = nlmsg_new(mroute_msgsize(mfc->_c.mfc_parent >= MAXVIFS, 2377 mrt->maxvif), 2378 GFP_ATOMIC); 2379 if (!skb) 2380 goto errout; 2381 2382 err = ipmr_fill_mroute(mrt, skb, 0, 0, mfc, cmd, 0); 2383 if (err < 0) 2384 goto errout; 2385 2386 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_MROUTE, NULL, GFP_ATOMIC); 2387 return; 2388 2389 errout: 2390 kfree_skb(skb); 2391 if (err < 0) 2392 rtnl_set_sk_err(net, RTNLGRP_IPV4_MROUTE, err); 2393 } 2394 2395 static size_t igmpmsg_netlink_msgsize(size_t payloadlen) 2396 { 2397 size_t len = 2398 NLMSG_ALIGN(sizeof(struct rtgenmsg)) 2399 + nla_total_size(1) /* IPMRA_CREPORT_MSGTYPE */ 2400 + nla_total_size(4) /* IPMRA_CREPORT_VIF_ID */ 2401 + nla_total_size(4) /* IPMRA_CREPORT_SRC_ADDR */ 2402 + nla_total_size(4) /* IPMRA_CREPORT_DST_ADDR */ 2403 + nla_total_size(4) /* IPMRA_CREPORT_TABLE */ 2404 /* IPMRA_CREPORT_PKT */ 2405 + nla_total_size(payloadlen) 2406 ; 2407 2408 return len; 2409 } 2410 2411 static void igmpmsg_netlink_event(struct mr_table *mrt, struct sk_buff *pkt) 2412 { 2413 struct net *net = read_pnet(&mrt->net); 2414 struct nlmsghdr *nlh; 2415 struct rtgenmsg *rtgenm; 2416 struct igmpmsg *msg; 2417 struct sk_buff *skb; 2418 struct nlattr *nla; 2419 int payloadlen; 2420 2421 payloadlen = pkt->len - sizeof(struct igmpmsg); 2422 msg = (struct igmpmsg *)skb_network_header(pkt); 2423 2424 skb = nlmsg_new(igmpmsg_netlink_msgsize(payloadlen), GFP_ATOMIC); 2425 if (!skb) 2426 goto errout; 2427 2428 nlh = nlmsg_put(skb, 0, 0, RTM_NEWCACHEREPORT, 2429 sizeof(struct rtgenmsg), 0); 2430 if (!nlh) 2431 goto errout; 2432 rtgenm = nlmsg_data(nlh); 2433 rtgenm->rtgen_family = RTNL_FAMILY_IPMR; 2434 if (nla_put_u8(skb, IPMRA_CREPORT_MSGTYPE, msg->im_msgtype) || 2435 nla_put_u32(skb, IPMRA_CREPORT_VIF_ID, msg->im_vif | (msg->im_vif_hi << 8)) || 2436 nla_put_in_addr(skb, IPMRA_CREPORT_SRC_ADDR, 2437 msg->im_src.s_addr) || 2438 nla_put_in_addr(skb, IPMRA_CREPORT_DST_ADDR, 2439 msg->im_dst.s_addr) || 2440 nla_put_u32(skb, IPMRA_CREPORT_TABLE, mrt->id)) 2441 goto nla_put_failure; 2442 2443 nla = nla_reserve(skb, IPMRA_CREPORT_PKT, payloadlen); 2444 if (!nla || skb_copy_bits(pkt, sizeof(struct igmpmsg), 2445 nla_data(nla), payloadlen)) 2446 goto nla_put_failure; 2447 2448 nlmsg_end(skb, nlh); 2449 2450 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_MROUTE_R, NULL, GFP_ATOMIC); 2451 return; 2452 2453 nla_put_failure: 2454 nlmsg_cancel(skb, nlh); 2455 errout: 2456 kfree_skb(skb); 2457 rtnl_set_sk_err(net, RTNLGRP_IPV4_MROUTE_R, -ENOBUFS); 2458 } 2459 2460 static int ipmr_rtm_valid_getroute_req(struct sk_buff *skb, 2461 const struct nlmsghdr *nlh, 2462 struct nlattr **tb, 2463 struct netlink_ext_ack *extack) 2464 { 2465 struct rtmsg *rtm; 2466 int i, err; 2467 2468 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*rtm))) { 2469 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for multicast route get request"); 2470 return -EINVAL; 2471 } 2472 2473 if (!netlink_strict_get_check(skb)) 2474 return nlmsg_parse_deprecated(nlh, sizeof(*rtm), tb, RTA_MAX, 2475 rtm_ipv4_policy, extack); 2476 2477 rtm = nlmsg_data(nlh); 2478 if ((rtm->rtm_src_len && rtm->rtm_src_len != 32) || 2479 (rtm->rtm_dst_len && rtm->rtm_dst_len != 32) || 2480 rtm->rtm_tos || rtm->rtm_table || rtm->rtm_protocol || 2481 rtm->rtm_scope || rtm->rtm_type || rtm->rtm_flags) { 2482 NL_SET_ERR_MSG(extack, "ipv4: Invalid values in header for multicast route get request"); 2483 return -EINVAL; 2484 } 2485 2486 err = nlmsg_parse_deprecated_strict(nlh, sizeof(*rtm), tb, RTA_MAX, 2487 rtm_ipv4_policy, extack); 2488 if (err) 2489 return err; 2490 2491 if ((tb[RTA_SRC] && !rtm->rtm_src_len) || 2492 (tb[RTA_DST] && !rtm->rtm_dst_len)) { 2493 NL_SET_ERR_MSG(extack, "ipv4: rtm_src_len and rtm_dst_len must be 32 for IPv4"); 2494 return -EINVAL; 2495 } 2496 2497 for (i = 0; i <= RTA_MAX; i++) { 2498 if (!tb[i]) 2499 continue; 2500 2501 switch (i) { 2502 case RTA_SRC: 2503 case RTA_DST: 2504 case RTA_TABLE: 2505 break; 2506 default: 2507 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in multicast route get request"); 2508 return -EINVAL; 2509 } 2510 } 2511 2512 return 0; 2513 } 2514 2515 static int ipmr_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh, 2516 struct netlink_ext_ack *extack) 2517 { 2518 struct net *net = sock_net(in_skb->sk); 2519 struct nlattr *tb[RTA_MAX + 1]; 2520 struct sk_buff *skb = NULL; 2521 struct mfc_cache *cache; 2522 struct mr_table *mrt; 2523 __be32 src, grp; 2524 u32 tableid; 2525 int err; 2526 2527 err = ipmr_rtm_valid_getroute_req(in_skb, nlh, tb, extack); 2528 if (err < 0) 2529 goto errout; 2530 2531 src = tb[RTA_SRC] ? nla_get_in_addr(tb[RTA_SRC]) : 0; 2532 grp = tb[RTA_DST] ? nla_get_in_addr(tb[RTA_DST]) : 0; 2533 tableid = tb[RTA_TABLE] ? nla_get_u32(tb[RTA_TABLE]) : 0; 2534 2535 mrt = ipmr_get_table(net, tableid ? tableid : RT_TABLE_DEFAULT); 2536 if (!mrt) { 2537 err = -ENOENT; 2538 goto errout_free; 2539 } 2540 2541 /* entries are added/deleted only under RTNL */ 2542 rcu_read_lock(); 2543 cache = ipmr_cache_find(mrt, src, grp); 2544 rcu_read_unlock(); 2545 if (!cache) { 2546 err = -ENOENT; 2547 goto errout_free; 2548 } 2549 2550 skb = nlmsg_new(mroute_msgsize(false, mrt->maxvif), GFP_KERNEL); 2551 if (!skb) { 2552 err = -ENOBUFS; 2553 goto errout_free; 2554 } 2555 2556 err = ipmr_fill_mroute(mrt, skb, NETLINK_CB(in_skb).portid, 2557 nlh->nlmsg_seq, cache, 2558 RTM_NEWROUTE, 0); 2559 if (err < 0) 2560 goto errout_free; 2561 2562 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid); 2563 2564 errout: 2565 return err; 2566 2567 errout_free: 2568 kfree_skb(skb); 2569 goto errout; 2570 } 2571 2572 static int ipmr_rtm_dumproute(struct sk_buff *skb, struct netlink_callback *cb) 2573 { 2574 struct fib_dump_filter filter = {}; 2575 int err; 2576 2577 if (cb->strict_check) { 2578 err = ip_valid_fib_dump_req(sock_net(skb->sk), cb->nlh, 2579 &filter, cb); 2580 if (err < 0) 2581 return err; 2582 } 2583 2584 if (filter.table_id) { 2585 struct mr_table *mrt; 2586 2587 mrt = ipmr_get_table(sock_net(skb->sk), filter.table_id); 2588 if (!mrt) { 2589 if (rtnl_msg_family(cb->nlh) != RTNL_FAMILY_IPMR) 2590 return skb->len; 2591 2592 NL_SET_ERR_MSG(cb->extack, "ipv4: MR table does not exist"); 2593 return -ENOENT; 2594 } 2595 err = mr_table_dump(mrt, skb, cb, _ipmr_fill_mroute, 2596 &mfc_unres_lock, &filter); 2597 return skb->len ? : err; 2598 } 2599 2600 return mr_rtm_dumproute(skb, cb, ipmr_mr_table_iter, 2601 _ipmr_fill_mroute, &mfc_unres_lock, &filter); 2602 } 2603 2604 static const struct nla_policy rtm_ipmr_policy[RTA_MAX + 1] = { 2605 [RTA_SRC] = { .type = NLA_U32 }, 2606 [RTA_DST] = { .type = NLA_U32 }, 2607 [RTA_IIF] = { .type = NLA_U32 }, 2608 [RTA_TABLE] = { .type = NLA_U32 }, 2609 [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) }, 2610 }; 2611 2612 static bool ipmr_rtm_validate_proto(unsigned char rtm_protocol) 2613 { 2614 switch (rtm_protocol) { 2615 case RTPROT_STATIC: 2616 case RTPROT_MROUTED: 2617 return true; 2618 } 2619 return false; 2620 } 2621 2622 static int ipmr_nla_get_ttls(const struct nlattr *nla, struct mfcctl *mfcc) 2623 { 2624 struct rtnexthop *rtnh = nla_data(nla); 2625 int remaining = nla_len(nla), vifi = 0; 2626 2627 while (rtnh_ok(rtnh, remaining)) { 2628 mfcc->mfcc_ttls[vifi] = rtnh->rtnh_hops; 2629 if (++vifi == MAXVIFS) 2630 break; 2631 rtnh = rtnh_next(rtnh, &remaining); 2632 } 2633 2634 return remaining > 0 ? -EINVAL : vifi; 2635 } 2636 2637 /* returns < 0 on error, 0 for ADD_MFC and 1 for ADD_MFC_PROXY */ 2638 static int rtm_to_ipmr_mfcc(struct net *net, struct nlmsghdr *nlh, 2639 struct mfcctl *mfcc, int *mrtsock, 2640 struct mr_table **mrtret, 2641 struct netlink_ext_ack *extack) 2642 { 2643 struct net_device *dev = NULL; 2644 u32 tblid = RT_TABLE_DEFAULT; 2645 struct mr_table *mrt; 2646 struct nlattr *attr; 2647 struct rtmsg *rtm; 2648 int ret, rem; 2649 2650 ret = nlmsg_validate_deprecated(nlh, sizeof(*rtm), RTA_MAX, 2651 rtm_ipmr_policy, extack); 2652 if (ret < 0) 2653 goto out; 2654 rtm = nlmsg_data(nlh); 2655 2656 ret = -EINVAL; 2657 if (rtm->rtm_family != RTNL_FAMILY_IPMR || rtm->rtm_dst_len != 32 || 2658 rtm->rtm_type != RTN_MULTICAST || 2659 rtm->rtm_scope != RT_SCOPE_UNIVERSE || 2660 !ipmr_rtm_validate_proto(rtm->rtm_protocol)) 2661 goto out; 2662 2663 memset(mfcc, 0, sizeof(*mfcc)); 2664 mfcc->mfcc_parent = -1; 2665 ret = 0; 2666 nlmsg_for_each_attr(attr, nlh, sizeof(struct rtmsg), rem) { 2667 switch (nla_type(attr)) { 2668 case RTA_SRC: 2669 mfcc->mfcc_origin.s_addr = nla_get_be32(attr); 2670 break; 2671 case RTA_DST: 2672 mfcc->mfcc_mcastgrp.s_addr = nla_get_be32(attr); 2673 break; 2674 case RTA_IIF: 2675 dev = __dev_get_by_index(net, nla_get_u32(attr)); 2676 if (!dev) { 2677 ret = -ENODEV; 2678 goto out; 2679 } 2680 break; 2681 case RTA_MULTIPATH: 2682 if (ipmr_nla_get_ttls(attr, mfcc) < 0) { 2683 ret = -EINVAL; 2684 goto out; 2685 } 2686 break; 2687 case RTA_PREFSRC: 2688 ret = 1; 2689 break; 2690 case RTA_TABLE: 2691 tblid = nla_get_u32(attr); 2692 break; 2693 } 2694 } 2695 mrt = ipmr_get_table(net, tblid); 2696 if (!mrt) { 2697 ret = -ENOENT; 2698 goto out; 2699 } 2700 *mrtret = mrt; 2701 *mrtsock = rtm->rtm_protocol == RTPROT_MROUTED ? 1 : 0; 2702 if (dev) 2703 mfcc->mfcc_parent = ipmr_find_vif(mrt, dev); 2704 2705 out: 2706 return ret; 2707 } 2708 2709 /* takes care of both newroute and delroute */ 2710 static int ipmr_rtm_route(struct sk_buff *skb, struct nlmsghdr *nlh, 2711 struct netlink_ext_ack *extack) 2712 { 2713 struct net *net = sock_net(skb->sk); 2714 int ret, mrtsock, parent; 2715 struct mr_table *tbl; 2716 struct mfcctl mfcc; 2717 2718 mrtsock = 0; 2719 tbl = NULL; 2720 ret = rtm_to_ipmr_mfcc(net, nlh, &mfcc, &mrtsock, &tbl, extack); 2721 if (ret < 0) 2722 return ret; 2723 2724 parent = ret ? mfcc.mfcc_parent : -1; 2725 if (nlh->nlmsg_type == RTM_NEWROUTE) 2726 return ipmr_mfc_add(net, tbl, &mfcc, mrtsock, parent); 2727 else 2728 return ipmr_mfc_delete(tbl, &mfcc, parent); 2729 } 2730 2731 static bool ipmr_fill_table(struct mr_table *mrt, struct sk_buff *skb) 2732 { 2733 u32 queue_len = atomic_read(&mrt->cache_resolve_queue_len); 2734 2735 if (nla_put_u32(skb, IPMRA_TABLE_ID, mrt->id) || 2736 nla_put_u32(skb, IPMRA_TABLE_CACHE_RES_QUEUE_LEN, queue_len) || 2737 nla_put_s32(skb, IPMRA_TABLE_MROUTE_REG_VIF_NUM, 2738 mrt->mroute_reg_vif_num) || 2739 nla_put_u8(skb, IPMRA_TABLE_MROUTE_DO_ASSERT, 2740 mrt->mroute_do_assert) || 2741 nla_put_u8(skb, IPMRA_TABLE_MROUTE_DO_PIM, mrt->mroute_do_pim) || 2742 nla_put_u8(skb, IPMRA_TABLE_MROUTE_DO_WRVIFWHOLE, 2743 mrt->mroute_do_wrvifwhole)) 2744 return false; 2745 2746 return true; 2747 } 2748 2749 static bool ipmr_fill_vif(struct mr_table *mrt, u32 vifid, struct sk_buff *skb) 2750 { 2751 struct nlattr *vif_nest; 2752 struct vif_device *vif; 2753 2754 /* if the VIF doesn't exist just continue */ 2755 if (!VIF_EXISTS(mrt, vifid)) 2756 return true; 2757 2758 vif = &mrt->vif_table[vifid]; 2759 vif_nest = nla_nest_start_noflag(skb, IPMRA_VIF); 2760 if (!vif_nest) 2761 return false; 2762 if (nla_put_u32(skb, IPMRA_VIFA_IFINDEX, vif->dev->ifindex) || 2763 nla_put_u32(skb, IPMRA_VIFA_VIF_ID, vifid) || 2764 nla_put_u16(skb, IPMRA_VIFA_FLAGS, vif->flags) || 2765 nla_put_u64_64bit(skb, IPMRA_VIFA_BYTES_IN, vif->bytes_in, 2766 IPMRA_VIFA_PAD) || 2767 nla_put_u64_64bit(skb, IPMRA_VIFA_BYTES_OUT, vif->bytes_out, 2768 IPMRA_VIFA_PAD) || 2769 nla_put_u64_64bit(skb, IPMRA_VIFA_PACKETS_IN, vif->pkt_in, 2770 IPMRA_VIFA_PAD) || 2771 nla_put_u64_64bit(skb, IPMRA_VIFA_PACKETS_OUT, vif->pkt_out, 2772 IPMRA_VIFA_PAD) || 2773 nla_put_be32(skb, IPMRA_VIFA_LOCAL_ADDR, vif->local) || 2774 nla_put_be32(skb, IPMRA_VIFA_REMOTE_ADDR, vif->remote)) { 2775 nla_nest_cancel(skb, vif_nest); 2776 return false; 2777 } 2778 nla_nest_end(skb, vif_nest); 2779 2780 return true; 2781 } 2782 2783 static int ipmr_valid_dumplink(const struct nlmsghdr *nlh, 2784 struct netlink_ext_ack *extack) 2785 { 2786 struct ifinfomsg *ifm; 2787 2788 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ifm))) { 2789 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for ipmr link dump"); 2790 return -EINVAL; 2791 } 2792 2793 if (nlmsg_attrlen(nlh, sizeof(*ifm))) { 2794 NL_SET_ERR_MSG(extack, "Invalid data after header in ipmr link dump"); 2795 return -EINVAL; 2796 } 2797 2798 ifm = nlmsg_data(nlh); 2799 if (ifm->__ifi_pad || ifm->ifi_type || ifm->ifi_flags || 2800 ifm->ifi_change || ifm->ifi_index) { 2801 NL_SET_ERR_MSG(extack, "Invalid values in header for ipmr link dump request"); 2802 return -EINVAL; 2803 } 2804 2805 return 0; 2806 } 2807 2808 static int ipmr_rtm_dumplink(struct sk_buff *skb, struct netlink_callback *cb) 2809 { 2810 struct net *net = sock_net(skb->sk); 2811 struct nlmsghdr *nlh = NULL; 2812 unsigned int t = 0, s_t; 2813 unsigned int e = 0, s_e; 2814 struct mr_table *mrt; 2815 2816 if (cb->strict_check) { 2817 int err = ipmr_valid_dumplink(cb->nlh, cb->extack); 2818 2819 if (err < 0) 2820 return err; 2821 } 2822 2823 s_t = cb->args[0]; 2824 s_e = cb->args[1]; 2825 2826 ipmr_for_each_table(mrt, net) { 2827 struct nlattr *vifs, *af; 2828 struct ifinfomsg *hdr; 2829 u32 i; 2830 2831 if (t < s_t) 2832 goto skip_table; 2833 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, 2834 cb->nlh->nlmsg_seq, RTM_NEWLINK, 2835 sizeof(*hdr), NLM_F_MULTI); 2836 if (!nlh) 2837 break; 2838 2839 hdr = nlmsg_data(nlh); 2840 memset(hdr, 0, sizeof(*hdr)); 2841 hdr->ifi_family = RTNL_FAMILY_IPMR; 2842 2843 af = nla_nest_start_noflag(skb, IFLA_AF_SPEC); 2844 if (!af) { 2845 nlmsg_cancel(skb, nlh); 2846 goto out; 2847 } 2848 2849 if (!ipmr_fill_table(mrt, skb)) { 2850 nlmsg_cancel(skb, nlh); 2851 goto out; 2852 } 2853 2854 vifs = nla_nest_start_noflag(skb, IPMRA_TABLE_VIFS); 2855 if (!vifs) { 2856 nla_nest_end(skb, af); 2857 nlmsg_end(skb, nlh); 2858 goto out; 2859 } 2860 for (i = 0; i < mrt->maxvif; i++) { 2861 if (e < s_e) 2862 goto skip_entry; 2863 if (!ipmr_fill_vif(mrt, i, skb)) { 2864 nla_nest_end(skb, vifs); 2865 nla_nest_end(skb, af); 2866 nlmsg_end(skb, nlh); 2867 goto out; 2868 } 2869 skip_entry: 2870 e++; 2871 } 2872 s_e = 0; 2873 e = 0; 2874 nla_nest_end(skb, vifs); 2875 nla_nest_end(skb, af); 2876 nlmsg_end(skb, nlh); 2877 skip_table: 2878 t++; 2879 } 2880 2881 out: 2882 cb->args[1] = e; 2883 cb->args[0] = t; 2884 2885 return skb->len; 2886 } 2887 2888 #ifdef CONFIG_PROC_FS 2889 /* The /proc interfaces to multicast routing : 2890 * /proc/net/ip_mr_cache & /proc/net/ip_mr_vif 2891 */ 2892 2893 static void *ipmr_vif_seq_start(struct seq_file *seq, loff_t *pos) 2894 __acquires(mrt_lock) 2895 { 2896 struct mr_vif_iter *iter = seq->private; 2897 struct net *net = seq_file_net(seq); 2898 struct mr_table *mrt; 2899 2900 mrt = ipmr_get_table(net, RT_TABLE_DEFAULT); 2901 if (!mrt) 2902 return ERR_PTR(-ENOENT); 2903 2904 iter->mrt = mrt; 2905 2906 read_lock(&mrt_lock); 2907 return mr_vif_seq_start(seq, pos); 2908 } 2909 2910 static void ipmr_vif_seq_stop(struct seq_file *seq, void *v) 2911 __releases(mrt_lock) 2912 { 2913 read_unlock(&mrt_lock); 2914 } 2915 2916 static int ipmr_vif_seq_show(struct seq_file *seq, void *v) 2917 { 2918 struct mr_vif_iter *iter = seq->private; 2919 struct mr_table *mrt = iter->mrt; 2920 2921 if (v == SEQ_START_TOKEN) { 2922 seq_puts(seq, 2923 "Interface BytesIn PktsIn BytesOut PktsOut Flags Local Remote\n"); 2924 } else { 2925 const struct vif_device *vif = v; 2926 const char *name = vif->dev ? 2927 vif->dev->name : "none"; 2928 2929 seq_printf(seq, 2930 "%2td %-10s %8ld %7ld %8ld %7ld %05X %08X %08X\n", 2931 vif - mrt->vif_table, 2932 name, vif->bytes_in, vif->pkt_in, 2933 vif->bytes_out, vif->pkt_out, 2934 vif->flags, vif->local, vif->remote); 2935 } 2936 return 0; 2937 } 2938 2939 static const struct seq_operations ipmr_vif_seq_ops = { 2940 .start = ipmr_vif_seq_start, 2941 .next = mr_vif_seq_next, 2942 .stop = ipmr_vif_seq_stop, 2943 .show = ipmr_vif_seq_show, 2944 }; 2945 2946 static void *ipmr_mfc_seq_start(struct seq_file *seq, loff_t *pos) 2947 { 2948 struct net *net = seq_file_net(seq); 2949 struct mr_table *mrt; 2950 2951 mrt = ipmr_get_table(net, RT_TABLE_DEFAULT); 2952 if (!mrt) 2953 return ERR_PTR(-ENOENT); 2954 2955 return mr_mfc_seq_start(seq, pos, mrt, &mfc_unres_lock); 2956 } 2957 2958 static int ipmr_mfc_seq_show(struct seq_file *seq, void *v) 2959 { 2960 int n; 2961 2962 if (v == SEQ_START_TOKEN) { 2963 seq_puts(seq, 2964 "Group Origin Iif Pkts Bytes Wrong Oifs\n"); 2965 } else { 2966 const struct mfc_cache *mfc = v; 2967 const struct mr_mfc_iter *it = seq->private; 2968 const struct mr_table *mrt = it->mrt; 2969 2970 seq_printf(seq, "%08X %08X %-3hd", 2971 (__force u32) mfc->mfc_mcastgrp, 2972 (__force u32) mfc->mfc_origin, 2973 mfc->_c.mfc_parent); 2974 2975 if (it->cache != &mrt->mfc_unres_queue) { 2976 seq_printf(seq, " %8lu %8lu %8lu", 2977 mfc->_c.mfc_un.res.pkt, 2978 mfc->_c.mfc_un.res.bytes, 2979 mfc->_c.mfc_un.res.wrong_if); 2980 for (n = mfc->_c.mfc_un.res.minvif; 2981 n < mfc->_c.mfc_un.res.maxvif; n++) { 2982 if (VIF_EXISTS(mrt, n) && 2983 mfc->_c.mfc_un.res.ttls[n] < 255) 2984 seq_printf(seq, 2985 " %2d:%-3d", 2986 n, mfc->_c.mfc_un.res.ttls[n]); 2987 } 2988 } else { 2989 /* unresolved mfc_caches don't contain 2990 * pkt, bytes and wrong_if values 2991 */ 2992 seq_printf(seq, " %8lu %8lu %8lu", 0ul, 0ul, 0ul); 2993 } 2994 seq_putc(seq, '\n'); 2995 } 2996 return 0; 2997 } 2998 2999 static const struct seq_operations ipmr_mfc_seq_ops = { 3000 .start = ipmr_mfc_seq_start, 3001 .next = mr_mfc_seq_next, 3002 .stop = mr_mfc_seq_stop, 3003 .show = ipmr_mfc_seq_show, 3004 }; 3005 #endif 3006 3007 #ifdef CONFIG_IP_PIMSM_V2 3008 static const struct net_protocol pim_protocol = { 3009 .handler = pim_rcv, 3010 .netns_ok = 1, 3011 }; 3012 #endif 3013 3014 static unsigned int ipmr_seq_read(struct net *net) 3015 { 3016 ASSERT_RTNL(); 3017 3018 return net->ipv4.ipmr_seq + ipmr_rules_seq_read(net); 3019 } 3020 3021 static int ipmr_dump(struct net *net, struct notifier_block *nb, 3022 struct netlink_ext_ack *extack) 3023 { 3024 return mr_dump(net, nb, RTNL_FAMILY_IPMR, ipmr_rules_dump, 3025 ipmr_mr_table_iter, &mrt_lock, extack); 3026 } 3027 3028 static const struct fib_notifier_ops ipmr_notifier_ops_template = { 3029 .family = RTNL_FAMILY_IPMR, 3030 .fib_seq_read = ipmr_seq_read, 3031 .fib_dump = ipmr_dump, 3032 .owner = THIS_MODULE, 3033 }; 3034 3035 static int __net_init ipmr_notifier_init(struct net *net) 3036 { 3037 struct fib_notifier_ops *ops; 3038 3039 net->ipv4.ipmr_seq = 0; 3040 3041 ops = fib_notifier_ops_register(&ipmr_notifier_ops_template, net); 3042 if (IS_ERR(ops)) 3043 return PTR_ERR(ops); 3044 net->ipv4.ipmr_notifier_ops = ops; 3045 3046 return 0; 3047 } 3048 3049 static void __net_exit ipmr_notifier_exit(struct net *net) 3050 { 3051 fib_notifier_ops_unregister(net->ipv4.ipmr_notifier_ops); 3052 net->ipv4.ipmr_notifier_ops = NULL; 3053 } 3054 3055 /* Setup for IP multicast routing */ 3056 static int __net_init ipmr_net_init(struct net *net) 3057 { 3058 int err; 3059 3060 err = ipmr_notifier_init(net); 3061 if (err) 3062 goto ipmr_notifier_fail; 3063 3064 err = ipmr_rules_init(net); 3065 if (err < 0) 3066 goto ipmr_rules_fail; 3067 3068 #ifdef CONFIG_PROC_FS 3069 err = -ENOMEM; 3070 if (!proc_create_net("ip_mr_vif", 0, net->proc_net, &ipmr_vif_seq_ops, 3071 sizeof(struct mr_vif_iter))) 3072 goto proc_vif_fail; 3073 if (!proc_create_net("ip_mr_cache", 0, net->proc_net, &ipmr_mfc_seq_ops, 3074 sizeof(struct mr_mfc_iter))) 3075 goto proc_cache_fail; 3076 #endif 3077 return 0; 3078 3079 #ifdef CONFIG_PROC_FS 3080 proc_cache_fail: 3081 remove_proc_entry("ip_mr_vif", net->proc_net); 3082 proc_vif_fail: 3083 ipmr_rules_exit(net); 3084 #endif 3085 ipmr_rules_fail: 3086 ipmr_notifier_exit(net); 3087 ipmr_notifier_fail: 3088 return err; 3089 } 3090 3091 static void __net_exit ipmr_net_exit(struct net *net) 3092 { 3093 #ifdef CONFIG_PROC_FS 3094 remove_proc_entry("ip_mr_cache", net->proc_net); 3095 remove_proc_entry("ip_mr_vif", net->proc_net); 3096 #endif 3097 ipmr_notifier_exit(net); 3098 ipmr_rules_exit(net); 3099 } 3100 3101 static struct pernet_operations ipmr_net_ops = { 3102 .init = ipmr_net_init, 3103 .exit = ipmr_net_exit, 3104 }; 3105 3106 int __init ip_mr_init(void) 3107 { 3108 int err; 3109 3110 mrt_cachep = kmem_cache_create("ip_mrt_cache", 3111 sizeof(struct mfc_cache), 3112 0, SLAB_HWCACHE_ALIGN | SLAB_PANIC, 3113 NULL); 3114 3115 err = register_pernet_subsys(&ipmr_net_ops); 3116 if (err) 3117 goto reg_pernet_fail; 3118 3119 err = register_netdevice_notifier(&ip_mr_notifier); 3120 if (err) 3121 goto reg_notif_fail; 3122 #ifdef CONFIG_IP_PIMSM_V2 3123 if (inet_add_protocol(&pim_protocol, IPPROTO_PIM) < 0) { 3124 pr_err("%s: can't add PIM protocol\n", __func__); 3125 err = -EAGAIN; 3126 goto add_proto_fail; 3127 } 3128 #endif 3129 rtnl_register(RTNL_FAMILY_IPMR, RTM_GETROUTE, 3130 ipmr_rtm_getroute, ipmr_rtm_dumproute, 0); 3131 rtnl_register(RTNL_FAMILY_IPMR, RTM_NEWROUTE, 3132 ipmr_rtm_route, NULL, 0); 3133 rtnl_register(RTNL_FAMILY_IPMR, RTM_DELROUTE, 3134 ipmr_rtm_route, NULL, 0); 3135 3136 rtnl_register(RTNL_FAMILY_IPMR, RTM_GETLINK, 3137 NULL, ipmr_rtm_dumplink, 0); 3138 return 0; 3139 3140 #ifdef CONFIG_IP_PIMSM_V2 3141 add_proto_fail: 3142 unregister_netdevice_notifier(&ip_mr_notifier); 3143 #endif 3144 reg_notif_fail: 3145 unregister_pernet_subsys(&ipmr_net_ops); 3146 reg_pernet_fail: 3147 kmem_cache_destroy(mrt_cachep); 3148 return err; 3149 } 3150