1 /* 2 * IP multicast routing support for mrouted 3.6/3.8 3 * 4 * (c) 1995 Alan Cox, <alan@lxorguk.ukuu.org.uk> 5 * Linux Consultancy and Custom Driver Development 6 * 7 * This program is free software; you can redistribute it and/or 8 * modify it under the terms of the GNU General Public License 9 * as published by the Free Software Foundation; either version 10 * 2 of the License, or (at your option) any later version. 11 * 12 * Fixes: 13 * Michael Chastain : Incorrect size of copying. 14 * Alan Cox : Added the cache manager code 15 * Alan Cox : Fixed the clone/copy bug and device race. 16 * Mike McLagan : Routing by source 17 * Malcolm Beattie : Buffer handling fixes. 18 * Alexey Kuznetsov : Double buffer free and other fixes. 19 * SVR Anand : Fixed several multicast bugs and problems. 20 * Alexey Kuznetsov : Status, optimisations and more. 21 * Brad Parker : Better behaviour on mrouted upcall 22 * overflow. 23 * Carlos Picoto : PIMv1 Support 24 * Pavlin Ivanov Radoslavov: PIMv2 Registers must checksum only PIM header 25 * Relax this requirement to work with older peers. 26 * 27 */ 28 29 #include <linux/uaccess.h> 30 #include <linux/types.h> 31 #include <linux/cache.h> 32 #include <linux/capability.h> 33 #include <linux/errno.h> 34 #include <linux/mm.h> 35 #include <linux/kernel.h> 36 #include <linux/fcntl.h> 37 #include <linux/stat.h> 38 #include <linux/socket.h> 39 #include <linux/in.h> 40 #include <linux/inet.h> 41 #include <linux/netdevice.h> 42 #include <linux/inetdevice.h> 43 #include <linux/igmp.h> 44 #include <linux/proc_fs.h> 45 #include <linux/seq_file.h> 46 #include <linux/mroute.h> 47 #include <linux/init.h> 48 #include <linux/if_ether.h> 49 #include <linux/slab.h> 50 #include <net/net_namespace.h> 51 #include <net/ip.h> 52 #include <net/protocol.h> 53 #include <linux/skbuff.h> 54 #include <net/route.h> 55 #include <net/icmp.h> 56 #include <net/udp.h> 57 #include <net/raw.h> 58 #include <linux/notifier.h> 59 #include <linux/if_arp.h> 60 #include <linux/netfilter_ipv4.h> 61 #include <linux/compat.h> 62 #include <linux/export.h> 63 #include <net/ip_tunnels.h> 64 #include <net/checksum.h> 65 #include <net/netlink.h> 66 #include <net/fib_rules.h> 67 #include <linux/netconf.h> 68 #include <net/nexthop.h> 69 #include <net/switchdev.h> 70 71 struct ipmr_rule { 72 struct fib_rule common; 73 }; 74 75 struct ipmr_result { 76 struct mr_table *mrt; 77 }; 78 79 /* Big lock, protecting vif table, mrt cache and mroute socket state. 80 * Note that the changes are semaphored via rtnl_lock. 81 */ 82 83 static DEFINE_RWLOCK(mrt_lock); 84 85 /* Multicast router control variables */ 86 87 /* Special spinlock for queue of unresolved entries */ 88 static DEFINE_SPINLOCK(mfc_unres_lock); 89 90 /* We return to original Alan's scheme. Hash table of resolved 91 * entries is changed only in process context and protected 92 * with weak lock mrt_lock. Queue of unresolved entries is protected 93 * with strong spinlock mfc_unres_lock. 94 * 95 * In this case data path is free of exclusive locks at all. 96 */ 97 98 static struct kmem_cache *mrt_cachep __ro_after_init; 99 100 static struct mr_table *ipmr_new_table(struct net *net, u32 id); 101 static void ipmr_free_table(struct mr_table *mrt); 102 103 static void ip_mr_forward(struct net *net, struct mr_table *mrt, 104 struct net_device *dev, struct sk_buff *skb, 105 struct mfc_cache *cache, int local); 106 static int ipmr_cache_report(struct mr_table *mrt, 107 struct sk_buff *pkt, vifi_t vifi, int assert); 108 static void mroute_netlink_event(struct mr_table *mrt, struct mfc_cache *mfc, 109 int cmd); 110 static void igmpmsg_netlink_event(struct mr_table *mrt, struct sk_buff *pkt); 111 static void mroute_clean_tables(struct mr_table *mrt, bool all); 112 static void ipmr_expire_process(struct timer_list *t); 113 114 #ifdef CONFIG_IP_MROUTE_MULTIPLE_TABLES 115 #define ipmr_for_each_table(mrt, net) \ 116 list_for_each_entry_rcu(mrt, &net->ipv4.mr_tables, list) 117 118 static struct mr_table *ipmr_mr_table_iter(struct net *net, 119 struct mr_table *mrt) 120 { 121 struct mr_table *ret; 122 123 if (!mrt) 124 ret = list_entry_rcu(net->ipv4.mr_tables.next, 125 struct mr_table, list); 126 else 127 ret = list_entry_rcu(mrt->list.next, 128 struct mr_table, list); 129 130 if (&ret->list == &net->ipv4.mr_tables) 131 return NULL; 132 return ret; 133 } 134 135 static struct mr_table *ipmr_get_table(struct net *net, u32 id) 136 { 137 struct mr_table *mrt; 138 139 ipmr_for_each_table(mrt, net) { 140 if (mrt->id == id) 141 return mrt; 142 } 143 return NULL; 144 } 145 146 static int ipmr_fib_lookup(struct net *net, struct flowi4 *flp4, 147 struct mr_table **mrt) 148 { 149 int err; 150 struct ipmr_result res; 151 struct fib_lookup_arg arg = { 152 .result = &res, 153 .flags = FIB_LOOKUP_NOREF, 154 }; 155 156 /* update flow if oif or iif point to device enslaved to l3mdev */ 157 l3mdev_update_flow(net, flowi4_to_flowi(flp4)); 158 159 err = fib_rules_lookup(net->ipv4.mr_rules_ops, 160 flowi4_to_flowi(flp4), 0, &arg); 161 if (err < 0) 162 return err; 163 *mrt = res.mrt; 164 return 0; 165 } 166 167 static int ipmr_rule_action(struct fib_rule *rule, struct flowi *flp, 168 int flags, struct fib_lookup_arg *arg) 169 { 170 struct ipmr_result *res = arg->result; 171 struct mr_table *mrt; 172 173 switch (rule->action) { 174 case FR_ACT_TO_TBL: 175 break; 176 case FR_ACT_UNREACHABLE: 177 return -ENETUNREACH; 178 case FR_ACT_PROHIBIT: 179 return -EACCES; 180 case FR_ACT_BLACKHOLE: 181 default: 182 return -EINVAL; 183 } 184 185 arg->table = fib_rule_get_table(rule, arg); 186 187 mrt = ipmr_get_table(rule->fr_net, arg->table); 188 if (!mrt) 189 return -EAGAIN; 190 res->mrt = mrt; 191 return 0; 192 } 193 194 static int ipmr_rule_match(struct fib_rule *rule, struct flowi *fl, int flags) 195 { 196 return 1; 197 } 198 199 static const struct nla_policy ipmr_rule_policy[FRA_MAX + 1] = { 200 FRA_GENERIC_POLICY, 201 }; 202 203 static int ipmr_rule_configure(struct fib_rule *rule, struct sk_buff *skb, 204 struct fib_rule_hdr *frh, struct nlattr **tb) 205 { 206 return 0; 207 } 208 209 static int ipmr_rule_compare(struct fib_rule *rule, struct fib_rule_hdr *frh, 210 struct nlattr **tb) 211 { 212 return 1; 213 } 214 215 static int ipmr_rule_fill(struct fib_rule *rule, struct sk_buff *skb, 216 struct fib_rule_hdr *frh) 217 { 218 frh->dst_len = 0; 219 frh->src_len = 0; 220 frh->tos = 0; 221 return 0; 222 } 223 224 static const struct fib_rules_ops __net_initconst ipmr_rules_ops_template = { 225 .family = RTNL_FAMILY_IPMR, 226 .rule_size = sizeof(struct ipmr_rule), 227 .addr_size = sizeof(u32), 228 .action = ipmr_rule_action, 229 .match = ipmr_rule_match, 230 .configure = ipmr_rule_configure, 231 .compare = ipmr_rule_compare, 232 .fill = ipmr_rule_fill, 233 .nlgroup = RTNLGRP_IPV4_RULE, 234 .policy = ipmr_rule_policy, 235 .owner = THIS_MODULE, 236 }; 237 238 static int __net_init ipmr_rules_init(struct net *net) 239 { 240 struct fib_rules_ops *ops; 241 struct mr_table *mrt; 242 int err; 243 244 ops = fib_rules_register(&ipmr_rules_ops_template, net); 245 if (IS_ERR(ops)) 246 return PTR_ERR(ops); 247 248 INIT_LIST_HEAD(&net->ipv4.mr_tables); 249 250 mrt = ipmr_new_table(net, RT_TABLE_DEFAULT); 251 if (IS_ERR(mrt)) { 252 err = PTR_ERR(mrt); 253 goto err1; 254 } 255 256 err = fib_default_rule_add(ops, 0x7fff, RT_TABLE_DEFAULT, 0); 257 if (err < 0) 258 goto err2; 259 260 net->ipv4.mr_rules_ops = ops; 261 return 0; 262 263 err2: 264 ipmr_free_table(mrt); 265 err1: 266 fib_rules_unregister(ops); 267 return err; 268 } 269 270 static void __net_exit ipmr_rules_exit(struct net *net) 271 { 272 struct mr_table *mrt, *next; 273 274 rtnl_lock(); 275 list_for_each_entry_safe(mrt, next, &net->ipv4.mr_tables, list) { 276 list_del(&mrt->list); 277 ipmr_free_table(mrt); 278 } 279 fib_rules_unregister(net->ipv4.mr_rules_ops); 280 rtnl_unlock(); 281 } 282 283 static int ipmr_rules_dump(struct net *net, struct notifier_block *nb) 284 { 285 return fib_rules_dump(net, nb, RTNL_FAMILY_IPMR); 286 } 287 288 static unsigned int ipmr_rules_seq_read(struct net *net) 289 { 290 return fib_rules_seq_read(net, RTNL_FAMILY_IPMR); 291 } 292 293 bool ipmr_rule_default(const struct fib_rule *rule) 294 { 295 return fib_rule_matchall(rule) && rule->table == RT_TABLE_DEFAULT; 296 } 297 EXPORT_SYMBOL(ipmr_rule_default); 298 #else 299 #define ipmr_for_each_table(mrt, net) \ 300 for (mrt = net->ipv4.mrt; mrt; mrt = NULL) 301 302 static struct mr_table *ipmr_mr_table_iter(struct net *net, 303 struct mr_table *mrt) 304 { 305 if (!mrt) 306 return net->ipv4.mrt; 307 return NULL; 308 } 309 310 static struct mr_table *ipmr_get_table(struct net *net, u32 id) 311 { 312 return net->ipv4.mrt; 313 } 314 315 static int ipmr_fib_lookup(struct net *net, struct flowi4 *flp4, 316 struct mr_table **mrt) 317 { 318 *mrt = net->ipv4.mrt; 319 return 0; 320 } 321 322 static int __net_init ipmr_rules_init(struct net *net) 323 { 324 struct mr_table *mrt; 325 326 mrt = ipmr_new_table(net, RT_TABLE_DEFAULT); 327 if (IS_ERR(mrt)) 328 return PTR_ERR(mrt); 329 net->ipv4.mrt = mrt; 330 return 0; 331 } 332 333 static void __net_exit ipmr_rules_exit(struct net *net) 334 { 335 rtnl_lock(); 336 ipmr_free_table(net->ipv4.mrt); 337 net->ipv4.mrt = NULL; 338 rtnl_unlock(); 339 } 340 341 static int ipmr_rules_dump(struct net *net, struct notifier_block *nb) 342 { 343 return 0; 344 } 345 346 static unsigned int ipmr_rules_seq_read(struct net *net) 347 { 348 return 0; 349 } 350 351 bool ipmr_rule_default(const struct fib_rule *rule) 352 { 353 return true; 354 } 355 EXPORT_SYMBOL(ipmr_rule_default); 356 #endif 357 358 static inline int ipmr_hash_cmp(struct rhashtable_compare_arg *arg, 359 const void *ptr) 360 { 361 const struct mfc_cache_cmp_arg *cmparg = arg->key; 362 struct mfc_cache *c = (struct mfc_cache *)ptr; 363 364 return cmparg->mfc_mcastgrp != c->mfc_mcastgrp || 365 cmparg->mfc_origin != c->mfc_origin; 366 } 367 368 static const struct rhashtable_params ipmr_rht_params = { 369 .head_offset = offsetof(struct mr_mfc, mnode), 370 .key_offset = offsetof(struct mfc_cache, cmparg), 371 .key_len = sizeof(struct mfc_cache_cmp_arg), 372 .nelem_hint = 3, 373 .locks_mul = 1, 374 .obj_cmpfn = ipmr_hash_cmp, 375 .automatic_shrinking = true, 376 }; 377 378 static void ipmr_new_table_set(struct mr_table *mrt, 379 struct net *net) 380 { 381 #ifdef CONFIG_IP_MROUTE_MULTIPLE_TABLES 382 list_add_tail_rcu(&mrt->list, &net->ipv4.mr_tables); 383 #endif 384 } 385 386 static struct mfc_cache_cmp_arg ipmr_mr_table_ops_cmparg_any = { 387 .mfc_mcastgrp = htonl(INADDR_ANY), 388 .mfc_origin = htonl(INADDR_ANY), 389 }; 390 391 static struct mr_table_ops ipmr_mr_table_ops = { 392 .rht_params = &ipmr_rht_params, 393 .cmparg_any = &ipmr_mr_table_ops_cmparg_any, 394 }; 395 396 static struct mr_table *ipmr_new_table(struct net *net, u32 id) 397 { 398 struct mr_table *mrt; 399 400 /* "pimreg%u" should not exceed 16 bytes (IFNAMSIZ) */ 401 if (id != RT_TABLE_DEFAULT && id >= 1000000000) 402 return ERR_PTR(-EINVAL); 403 404 mrt = ipmr_get_table(net, id); 405 if (mrt) 406 return mrt; 407 408 return mr_table_alloc(net, id, &ipmr_mr_table_ops, 409 ipmr_expire_process, ipmr_new_table_set); 410 } 411 412 static void ipmr_free_table(struct mr_table *mrt) 413 { 414 del_timer_sync(&mrt->ipmr_expire_timer); 415 mroute_clean_tables(mrt, true); 416 rhltable_destroy(&mrt->mfc_hash); 417 kfree(mrt); 418 } 419 420 /* Service routines creating virtual interfaces: DVMRP tunnels and PIMREG */ 421 422 static void ipmr_del_tunnel(struct net_device *dev, struct vifctl *v) 423 { 424 struct net *net = dev_net(dev); 425 426 dev_close(dev); 427 428 dev = __dev_get_by_name(net, "tunl0"); 429 if (dev) { 430 const struct net_device_ops *ops = dev->netdev_ops; 431 struct ifreq ifr; 432 struct ip_tunnel_parm p; 433 434 memset(&p, 0, sizeof(p)); 435 p.iph.daddr = v->vifc_rmt_addr.s_addr; 436 p.iph.saddr = v->vifc_lcl_addr.s_addr; 437 p.iph.version = 4; 438 p.iph.ihl = 5; 439 p.iph.protocol = IPPROTO_IPIP; 440 sprintf(p.name, "dvmrp%d", v->vifc_vifi); 441 ifr.ifr_ifru.ifru_data = (__force void __user *)&p; 442 443 if (ops->ndo_do_ioctl) { 444 mm_segment_t oldfs = get_fs(); 445 446 set_fs(KERNEL_DS); 447 ops->ndo_do_ioctl(dev, &ifr, SIOCDELTUNNEL); 448 set_fs(oldfs); 449 } 450 } 451 } 452 453 /* Initialize ipmr pimreg/tunnel in_device */ 454 static bool ipmr_init_vif_indev(const struct net_device *dev) 455 { 456 struct in_device *in_dev; 457 458 ASSERT_RTNL(); 459 460 in_dev = __in_dev_get_rtnl(dev); 461 if (!in_dev) 462 return false; 463 ipv4_devconf_setall(in_dev); 464 neigh_parms_data_state_setall(in_dev->arp_parms); 465 IPV4_DEVCONF(in_dev->cnf, RP_FILTER) = 0; 466 467 return true; 468 } 469 470 static struct net_device *ipmr_new_tunnel(struct net *net, struct vifctl *v) 471 { 472 struct net_device *dev; 473 474 dev = __dev_get_by_name(net, "tunl0"); 475 476 if (dev) { 477 const struct net_device_ops *ops = dev->netdev_ops; 478 int err; 479 struct ifreq ifr; 480 struct ip_tunnel_parm p; 481 482 memset(&p, 0, sizeof(p)); 483 p.iph.daddr = v->vifc_rmt_addr.s_addr; 484 p.iph.saddr = v->vifc_lcl_addr.s_addr; 485 p.iph.version = 4; 486 p.iph.ihl = 5; 487 p.iph.protocol = IPPROTO_IPIP; 488 sprintf(p.name, "dvmrp%d", v->vifc_vifi); 489 ifr.ifr_ifru.ifru_data = (__force void __user *)&p; 490 491 if (ops->ndo_do_ioctl) { 492 mm_segment_t oldfs = get_fs(); 493 494 set_fs(KERNEL_DS); 495 err = ops->ndo_do_ioctl(dev, &ifr, SIOCADDTUNNEL); 496 set_fs(oldfs); 497 } else { 498 err = -EOPNOTSUPP; 499 } 500 dev = NULL; 501 502 if (err == 0 && 503 (dev = __dev_get_by_name(net, p.name)) != NULL) { 504 dev->flags |= IFF_MULTICAST; 505 if (!ipmr_init_vif_indev(dev)) 506 goto failure; 507 if (dev_open(dev)) 508 goto failure; 509 dev_hold(dev); 510 } 511 } 512 return dev; 513 514 failure: 515 unregister_netdevice(dev); 516 return NULL; 517 } 518 519 #if defined(CONFIG_IP_PIMSM_V1) || defined(CONFIG_IP_PIMSM_V2) 520 static netdev_tx_t reg_vif_xmit(struct sk_buff *skb, struct net_device *dev) 521 { 522 struct net *net = dev_net(dev); 523 struct mr_table *mrt; 524 struct flowi4 fl4 = { 525 .flowi4_oif = dev->ifindex, 526 .flowi4_iif = skb->skb_iif ? : LOOPBACK_IFINDEX, 527 .flowi4_mark = skb->mark, 528 }; 529 int err; 530 531 err = ipmr_fib_lookup(net, &fl4, &mrt); 532 if (err < 0) { 533 kfree_skb(skb); 534 return err; 535 } 536 537 read_lock(&mrt_lock); 538 dev->stats.tx_bytes += skb->len; 539 dev->stats.tx_packets++; 540 ipmr_cache_report(mrt, skb, mrt->mroute_reg_vif_num, IGMPMSG_WHOLEPKT); 541 read_unlock(&mrt_lock); 542 kfree_skb(skb); 543 return NETDEV_TX_OK; 544 } 545 546 static int reg_vif_get_iflink(const struct net_device *dev) 547 { 548 return 0; 549 } 550 551 static const struct net_device_ops reg_vif_netdev_ops = { 552 .ndo_start_xmit = reg_vif_xmit, 553 .ndo_get_iflink = reg_vif_get_iflink, 554 }; 555 556 static void reg_vif_setup(struct net_device *dev) 557 { 558 dev->type = ARPHRD_PIMREG; 559 dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr) - 8; 560 dev->flags = IFF_NOARP; 561 dev->netdev_ops = ®_vif_netdev_ops; 562 dev->needs_free_netdev = true; 563 dev->features |= NETIF_F_NETNS_LOCAL; 564 } 565 566 static struct net_device *ipmr_reg_vif(struct net *net, struct mr_table *mrt) 567 { 568 struct net_device *dev; 569 char name[IFNAMSIZ]; 570 571 if (mrt->id == RT_TABLE_DEFAULT) 572 sprintf(name, "pimreg"); 573 else 574 sprintf(name, "pimreg%u", mrt->id); 575 576 dev = alloc_netdev(0, name, NET_NAME_UNKNOWN, reg_vif_setup); 577 578 if (!dev) 579 return NULL; 580 581 dev_net_set(dev, net); 582 583 if (register_netdevice(dev)) { 584 free_netdev(dev); 585 return NULL; 586 } 587 588 if (!ipmr_init_vif_indev(dev)) 589 goto failure; 590 if (dev_open(dev)) 591 goto failure; 592 593 dev_hold(dev); 594 595 return dev; 596 597 failure: 598 unregister_netdevice(dev); 599 return NULL; 600 } 601 602 /* called with rcu_read_lock() */ 603 static int __pim_rcv(struct mr_table *mrt, struct sk_buff *skb, 604 unsigned int pimlen) 605 { 606 struct net_device *reg_dev = NULL; 607 struct iphdr *encap; 608 609 encap = (struct iphdr *)(skb_transport_header(skb) + pimlen); 610 /* Check that: 611 * a. packet is really sent to a multicast group 612 * b. packet is not a NULL-REGISTER 613 * c. packet is not truncated 614 */ 615 if (!ipv4_is_multicast(encap->daddr) || 616 encap->tot_len == 0 || 617 ntohs(encap->tot_len) + pimlen > skb->len) 618 return 1; 619 620 read_lock(&mrt_lock); 621 if (mrt->mroute_reg_vif_num >= 0) 622 reg_dev = mrt->vif_table[mrt->mroute_reg_vif_num].dev; 623 read_unlock(&mrt_lock); 624 625 if (!reg_dev) 626 return 1; 627 628 skb->mac_header = skb->network_header; 629 skb_pull(skb, (u8 *)encap - skb->data); 630 skb_reset_network_header(skb); 631 skb->protocol = htons(ETH_P_IP); 632 skb->ip_summed = CHECKSUM_NONE; 633 634 skb_tunnel_rx(skb, reg_dev, dev_net(reg_dev)); 635 636 netif_rx(skb); 637 638 return NET_RX_SUCCESS; 639 } 640 #else 641 static struct net_device *ipmr_reg_vif(struct net *net, struct mr_table *mrt) 642 { 643 return NULL; 644 } 645 #endif 646 647 static int call_ipmr_vif_entry_notifiers(struct net *net, 648 enum fib_event_type event_type, 649 struct vif_device *vif, 650 vifi_t vif_index, u32 tb_id) 651 { 652 return mr_call_vif_notifiers(net, RTNL_FAMILY_IPMR, event_type, 653 vif, vif_index, tb_id, 654 &net->ipv4.ipmr_seq); 655 } 656 657 static int call_ipmr_mfc_entry_notifiers(struct net *net, 658 enum fib_event_type event_type, 659 struct mfc_cache *mfc, u32 tb_id) 660 { 661 return mr_call_mfc_notifiers(net, RTNL_FAMILY_IPMR, event_type, 662 &mfc->_c, tb_id, &net->ipv4.ipmr_seq); 663 } 664 665 /** 666 * vif_delete - Delete a VIF entry 667 * @notify: Set to 1, if the caller is a notifier_call 668 */ 669 static int vif_delete(struct mr_table *mrt, int vifi, int notify, 670 struct list_head *head) 671 { 672 struct net *net = read_pnet(&mrt->net); 673 struct vif_device *v; 674 struct net_device *dev; 675 struct in_device *in_dev; 676 677 if (vifi < 0 || vifi >= mrt->maxvif) 678 return -EADDRNOTAVAIL; 679 680 v = &mrt->vif_table[vifi]; 681 682 if (VIF_EXISTS(mrt, vifi)) 683 call_ipmr_vif_entry_notifiers(net, FIB_EVENT_VIF_DEL, v, vifi, 684 mrt->id); 685 686 write_lock_bh(&mrt_lock); 687 dev = v->dev; 688 v->dev = NULL; 689 690 if (!dev) { 691 write_unlock_bh(&mrt_lock); 692 return -EADDRNOTAVAIL; 693 } 694 695 if (vifi == mrt->mroute_reg_vif_num) 696 mrt->mroute_reg_vif_num = -1; 697 698 if (vifi + 1 == mrt->maxvif) { 699 int tmp; 700 701 for (tmp = vifi - 1; tmp >= 0; tmp--) { 702 if (VIF_EXISTS(mrt, tmp)) 703 break; 704 } 705 mrt->maxvif = tmp+1; 706 } 707 708 write_unlock_bh(&mrt_lock); 709 710 dev_set_allmulti(dev, -1); 711 712 in_dev = __in_dev_get_rtnl(dev); 713 if (in_dev) { 714 IPV4_DEVCONF(in_dev->cnf, MC_FORWARDING)--; 715 inet_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF, 716 NETCONFA_MC_FORWARDING, 717 dev->ifindex, &in_dev->cnf); 718 ip_rt_multicast_event(in_dev); 719 } 720 721 if (v->flags & (VIFF_TUNNEL | VIFF_REGISTER) && !notify) 722 unregister_netdevice_queue(dev, head); 723 724 dev_put(dev); 725 return 0; 726 } 727 728 static void ipmr_cache_free_rcu(struct rcu_head *head) 729 { 730 struct mr_mfc *c = container_of(head, struct mr_mfc, rcu); 731 732 kmem_cache_free(mrt_cachep, (struct mfc_cache *)c); 733 } 734 735 static void ipmr_cache_free(struct mfc_cache *c) 736 { 737 call_rcu(&c->_c.rcu, ipmr_cache_free_rcu); 738 } 739 740 /* Destroy an unresolved cache entry, killing queued skbs 741 * and reporting error to netlink readers. 742 */ 743 static void ipmr_destroy_unres(struct mr_table *mrt, struct mfc_cache *c) 744 { 745 struct net *net = read_pnet(&mrt->net); 746 struct sk_buff *skb; 747 struct nlmsgerr *e; 748 749 atomic_dec(&mrt->cache_resolve_queue_len); 750 751 while ((skb = skb_dequeue(&c->_c.mfc_un.unres.unresolved))) { 752 if (ip_hdr(skb)->version == 0) { 753 struct nlmsghdr *nlh = skb_pull(skb, 754 sizeof(struct iphdr)); 755 nlh->nlmsg_type = NLMSG_ERROR; 756 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr)); 757 skb_trim(skb, nlh->nlmsg_len); 758 e = nlmsg_data(nlh); 759 e->error = -ETIMEDOUT; 760 memset(&e->msg, 0, sizeof(e->msg)); 761 762 rtnl_unicast(skb, net, NETLINK_CB(skb).portid); 763 } else { 764 kfree_skb(skb); 765 } 766 } 767 768 ipmr_cache_free(c); 769 } 770 771 /* Timer process for the unresolved queue. */ 772 static void ipmr_expire_process(struct timer_list *t) 773 { 774 struct mr_table *mrt = from_timer(mrt, t, ipmr_expire_timer); 775 struct mr_mfc *c, *next; 776 unsigned long expires; 777 unsigned long now; 778 779 if (!spin_trylock(&mfc_unres_lock)) { 780 mod_timer(&mrt->ipmr_expire_timer, jiffies+HZ/10); 781 return; 782 } 783 784 if (list_empty(&mrt->mfc_unres_queue)) 785 goto out; 786 787 now = jiffies; 788 expires = 10*HZ; 789 790 list_for_each_entry_safe(c, next, &mrt->mfc_unres_queue, list) { 791 if (time_after(c->mfc_un.unres.expires, now)) { 792 unsigned long interval = c->mfc_un.unres.expires - now; 793 if (interval < expires) 794 expires = interval; 795 continue; 796 } 797 798 list_del(&c->list); 799 mroute_netlink_event(mrt, (struct mfc_cache *)c, RTM_DELROUTE); 800 ipmr_destroy_unres(mrt, (struct mfc_cache *)c); 801 } 802 803 if (!list_empty(&mrt->mfc_unres_queue)) 804 mod_timer(&mrt->ipmr_expire_timer, jiffies + expires); 805 806 out: 807 spin_unlock(&mfc_unres_lock); 808 } 809 810 /* Fill oifs list. It is called under write locked mrt_lock. */ 811 static void ipmr_update_thresholds(struct mr_table *mrt, struct mr_mfc *cache, 812 unsigned char *ttls) 813 { 814 int vifi; 815 816 cache->mfc_un.res.minvif = MAXVIFS; 817 cache->mfc_un.res.maxvif = 0; 818 memset(cache->mfc_un.res.ttls, 255, MAXVIFS); 819 820 for (vifi = 0; vifi < mrt->maxvif; vifi++) { 821 if (VIF_EXISTS(mrt, vifi) && 822 ttls[vifi] && ttls[vifi] < 255) { 823 cache->mfc_un.res.ttls[vifi] = ttls[vifi]; 824 if (cache->mfc_un.res.minvif > vifi) 825 cache->mfc_un.res.minvif = vifi; 826 if (cache->mfc_un.res.maxvif <= vifi) 827 cache->mfc_un.res.maxvif = vifi + 1; 828 } 829 } 830 cache->mfc_un.res.lastuse = jiffies; 831 } 832 833 static int vif_add(struct net *net, struct mr_table *mrt, 834 struct vifctl *vifc, int mrtsock) 835 { 836 int vifi = vifc->vifc_vifi; 837 struct switchdev_attr attr = { 838 .id = SWITCHDEV_ATTR_ID_PORT_PARENT_ID, 839 }; 840 struct vif_device *v = &mrt->vif_table[vifi]; 841 struct net_device *dev; 842 struct in_device *in_dev; 843 int err; 844 845 /* Is vif busy ? */ 846 if (VIF_EXISTS(mrt, vifi)) 847 return -EADDRINUSE; 848 849 switch (vifc->vifc_flags) { 850 case VIFF_REGISTER: 851 if (!ipmr_pimsm_enabled()) 852 return -EINVAL; 853 /* Special Purpose VIF in PIM 854 * All the packets will be sent to the daemon 855 */ 856 if (mrt->mroute_reg_vif_num >= 0) 857 return -EADDRINUSE; 858 dev = ipmr_reg_vif(net, mrt); 859 if (!dev) 860 return -ENOBUFS; 861 err = dev_set_allmulti(dev, 1); 862 if (err) { 863 unregister_netdevice(dev); 864 dev_put(dev); 865 return err; 866 } 867 break; 868 case VIFF_TUNNEL: 869 dev = ipmr_new_tunnel(net, vifc); 870 if (!dev) 871 return -ENOBUFS; 872 err = dev_set_allmulti(dev, 1); 873 if (err) { 874 ipmr_del_tunnel(dev, vifc); 875 dev_put(dev); 876 return err; 877 } 878 break; 879 case VIFF_USE_IFINDEX: 880 case 0: 881 if (vifc->vifc_flags == VIFF_USE_IFINDEX) { 882 dev = dev_get_by_index(net, vifc->vifc_lcl_ifindex); 883 if (dev && !__in_dev_get_rtnl(dev)) { 884 dev_put(dev); 885 return -EADDRNOTAVAIL; 886 } 887 } else { 888 dev = ip_dev_find(net, vifc->vifc_lcl_addr.s_addr); 889 } 890 if (!dev) 891 return -EADDRNOTAVAIL; 892 err = dev_set_allmulti(dev, 1); 893 if (err) { 894 dev_put(dev); 895 return err; 896 } 897 break; 898 default: 899 return -EINVAL; 900 } 901 902 in_dev = __in_dev_get_rtnl(dev); 903 if (!in_dev) { 904 dev_put(dev); 905 return -EADDRNOTAVAIL; 906 } 907 IPV4_DEVCONF(in_dev->cnf, MC_FORWARDING)++; 908 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, NETCONFA_MC_FORWARDING, 909 dev->ifindex, &in_dev->cnf); 910 ip_rt_multicast_event(in_dev); 911 912 /* Fill in the VIF structures */ 913 vif_device_init(v, dev, vifc->vifc_rate_limit, 914 vifc->vifc_threshold, 915 vifc->vifc_flags | (!mrtsock ? VIFF_STATIC : 0), 916 (VIFF_TUNNEL | VIFF_REGISTER)); 917 918 attr.orig_dev = dev; 919 if (!switchdev_port_attr_get(dev, &attr)) { 920 memcpy(v->dev_parent_id.id, attr.u.ppid.id, attr.u.ppid.id_len); 921 v->dev_parent_id.id_len = attr.u.ppid.id_len; 922 } else { 923 v->dev_parent_id.id_len = 0; 924 } 925 926 v->local = vifc->vifc_lcl_addr.s_addr; 927 v->remote = vifc->vifc_rmt_addr.s_addr; 928 929 /* And finish update writing critical data */ 930 write_lock_bh(&mrt_lock); 931 v->dev = dev; 932 if (v->flags & VIFF_REGISTER) 933 mrt->mroute_reg_vif_num = vifi; 934 if (vifi+1 > mrt->maxvif) 935 mrt->maxvif = vifi+1; 936 write_unlock_bh(&mrt_lock); 937 call_ipmr_vif_entry_notifiers(net, FIB_EVENT_VIF_ADD, v, vifi, mrt->id); 938 return 0; 939 } 940 941 /* called with rcu_read_lock() */ 942 static struct mfc_cache *ipmr_cache_find(struct mr_table *mrt, 943 __be32 origin, 944 __be32 mcastgrp) 945 { 946 struct mfc_cache_cmp_arg arg = { 947 .mfc_mcastgrp = mcastgrp, 948 .mfc_origin = origin 949 }; 950 951 return mr_mfc_find(mrt, &arg); 952 } 953 954 /* Look for a (*,G) entry */ 955 static struct mfc_cache *ipmr_cache_find_any(struct mr_table *mrt, 956 __be32 mcastgrp, int vifi) 957 { 958 struct mfc_cache_cmp_arg arg = { 959 .mfc_mcastgrp = mcastgrp, 960 .mfc_origin = htonl(INADDR_ANY) 961 }; 962 963 if (mcastgrp == htonl(INADDR_ANY)) 964 return mr_mfc_find_any_parent(mrt, vifi); 965 return mr_mfc_find_any(mrt, vifi, &arg); 966 } 967 968 /* Look for a (S,G,iif) entry if parent != -1 */ 969 static struct mfc_cache *ipmr_cache_find_parent(struct mr_table *mrt, 970 __be32 origin, __be32 mcastgrp, 971 int parent) 972 { 973 struct mfc_cache_cmp_arg arg = { 974 .mfc_mcastgrp = mcastgrp, 975 .mfc_origin = origin, 976 }; 977 978 return mr_mfc_find_parent(mrt, &arg, parent); 979 } 980 981 /* Allocate a multicast cache entry */ 982 static struct mfc_cache *ipmr_cache_alloc(void) 983 { 984 struct mfc_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_KERNEL); 985 986 if (c) { 987 c->_c.mfc_un.res.last_assert = jiffies - MFC_ASSERT_THRESH - 1; 988 c->_c.mfc_un.res.minvif = MAXVIFS; 989 c->_c.free = ipmr_cache_free_rcu; 990 refcount_set(&c->_c.mfc_un.res.refcount, 1); 991 } 992 return c; 993 } 994 995 static struct mfc_cache *ipmr_cache_alloc_unres(void) 996 { 997 struct mfc_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_ATOMIC); 998 999 if (c) { 1000 skb_queue_head_init(&c->_c.mfc_un.unres.unresolved); 1001 c->_c.mfc_un.unres.expires = jiffies + 10 * HZ; 1002 } 1003 return c; 1004 } 1005 1006 /* A cache entry has gone into a resolved state from queued */ 1007 static void ipmr_cache_resolve(struct net *net, struct mr_table *mrt, 1008 struct mfc_cache *uc, struct mfc_cache *c) 1009 { 1010 struct sk_buff *skb; 1011 struct nlmsgerr *e; 1012 1013 /* Play the pending entries through our router */ 1014 while ((skb = __skb_dequeue(&uc->_c.mfc_un.unres.unresolved))) { 1015 if (ip_hdr(skb)->version == 0) { 1016 struct nlmsghdr *nlh = skb_pull(skb, 1017 sizeof(struct iphdr)); 1018 1019 if (mr_fill_mroute(mrt, skb, &c->_c, 1020 nlmsg_data(nlh)) > 0) { 1021 nlh->nlmsg_len = skb_tail_pointer(skb) - 1022 (u8 *)nlh; 1023 } else { 1024 nlh->nlmsg_type = NLMSG_ERROR; 1025 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr)); 1026 skb_trim(skb, nlh->nlmsg_len); 1027 e = nlmsg_data(nlh); 1028 e->error = -EMSGSIZE; 1029 memset(&e->msg, 0, sizeof(e->msg)); 1030 } 1031 1032 rtnl_unicast(skb, net, NETLINK_CB(skb).portid); 1033 } else { 1034 ip_mr_forward(net, mrt, skb->dev, skb, c, 0); 1035 } 1036 } 1037 } 1038 1039 /* Bounce a cache query up to mrouted and netlink. 1040 * 1041 * Called under mrt_lock. 1042 */ 1043 static int ipmr_cache_report(struct mr_table *mrt, 1044 struct sk_buff *pkt, vifi_t vifi, int assert) 1045 { 1046 const int ihl = ip_hdrlen(pkt); 1047 struct sock *mroute_sk; 1048 struct igmphdr *igmp; 1049 struct igmpmsg *msg; 1050 struct sk_buff *skb; 1051 int ret; 1052 1053 if (assert == IGMPMSG_WHOLEPKT) 1054 skb = skb_realloc_headroom(pkt, sizeof(struct iphdr)); 1055 else 1056 skb = alloc_skb(128, GFP_ATOMIC); 1057 1058 if (!skb) 1059 return -ENOBUFS; 1060 1061 if (assert == IGMPMSG_WHOLEPKT) { 1062 /* Ugly, but we have no choice with this interface. 1063 * Duplicate old header, fix ihl, length etc. 1064 * And all this only to mangle msg->im_msgtype and 1065 * to set msg->im_mbz to "mbz" :-) 1066 */ 1067 skb_push(skb, sizeof(struct iphdr)); 1068 skb_reset_network_header(skb); 1069 skb_reset_transport_header(skb); 1070 msg = (struct igmpmsg *)skb_network_header(skb); 1071 memcpy(msg, skb_network_header(pkt), sizeof(struct iphdr)); 1072 msg->im_msgtype = IGMPMSG_WHOLEPKT; 1073 msg->im_mbz = 0; 1074 msg->im_vif = mrt->mroute_reg_vif_num; 1075 ip_hdr(skb)->ihl = sizeof(struct iphdr) >> 2; 1076 ip_hdr(skb)->tot_len = htons(ntohs(ip_hdr(pkt)->tot_len) + 1077 sizeof(struct iphdr)); 1078 } else { 1079 /* Copy the IP header */ 1080 skb_set_network_header(skb, skb->len); 1081 skb_put(skb, ihl); 1082 skb_copy_to_linear_data(skb, pkt->data, ihl); 1083 /* Flag to the kernel this is a route add */ 1084 ip_hdr(skb)->protocol = 0; 1085 msg = (struct igmpmsg *)skb_network_header(skb); 1086 msg->im_vif = vifi; 1087 skb_dst_set(skb, dst_clone(skb_dst(pkt))); 1088 /* Add our header */ 1089 igmp = skb_put(skb, sizeof(struct igmphdr)); 1090 igmp->type = assert; 1091 msg->im_msgtype = assert; 1092 igmp->code = 0; 1093 ip_hdr(skb)->tot_len = htons(skb->len); /* Fix the length */ 1094 skb->transport_header = skb->network_header; 1095 } 1096 1097 rcu_read_lock(); 1098 mroute_sk = rcu_dereference(mrt->mroute_sk); 1099 if (!mroute_sk) { 1100 rcu_read_unlock(); 1101 kfree_skb(skb); 1102 return -EINVAL; 1103 } 1104 1105 igmpmsg_netlink_event(mrt, skb); 1106 1107 /* Deliver to mrouted */ 1108 ret = sock_queue_rcv_skb(mroute_sk, skb); 1109 rcu_read_unlock(); 1110 if (ret < 0) { 1111 net_warn_ratelimited("mroute: pending queue full, dropping entries\n"); 1112 kfree_skb(skb); 1113 } 1114 1115 return ret; 1116 } 1117 1118 /* Queue a packet for resolution. It gets locked cache entry! */ 1119 static int ipmr_cache_unresolved(struct mr_table *mrt, vifi_t vifi, 1120 struct sk_buff *skb, struct net_device *dev) 1121 { 1122 const struct iphdr *iph = ip_hdr(skb); 1123 struct mfc_cache *c; 1124 bool found = false; 1125 int err; 1126 1127 spin_lock_bh(&mfc_unres_lock); 1128 list_for_each_entry(c, &mrt->mfc_unres_queue, _c.list) { 1129 if (c->mfc_mcastgrp == iph->daddr && 1130 c->mfc_origin == iph->saddr) { 1131 found = true; 1132 break; 1133 } 1134 } 1135 1136 if (!found) { 1137 /* Create a new entry if allowable */ 1138 if (atomic_read(&mrt->cache_resolve_queue_len) >= 10 || 1139 (c = ipmr_cache_alloc_unres()) == NULL) { 1140 spin_unlock_bh(&mfc_unres_lock); 1141 1142 kfree_skb(skb); 1143 return -ENOBUFS; 1144 } 1145 1146 /* Fill in the new cache entry */ 1147 c->_c.mfc_parent = -1; 1148 c->mfc_origin = iph->saddr; 1149 c->mfc_mcastgrp = iph->daddr; 1150 1151 /* Reflect first query at mrouted. */ 1152 err = ipmr_cache_report(mrt, skb, vifi, IGMPMSG_NOCACHE); 1153 1154 if (err < 0) { 1155 /* If the report failed throw the cache entry 1156 out - Brad Parker 1157 */ 1158 spin_unlock_bh(&mfc_unres_lock); 1159 1160 ipmr_cache_free(c); 1161 kfree_skb(skb); 1162 return err; 1163 } 1164 1165 atomic_inc(&mrt->cache_resolve_queue_len); 1166 list_add(&c->_c.list, &mrt->mfc_unres_queue); 1167 mroute_netlink_event(mrt, c, RTM_NEWROUTE); 1168 1169 if (atomic_read(&mrt->cache_resolve_queue_len) == 1) 1170 mod_timer(&mrt->ipmr_expire_timer, 1171 c->_c.mfc_un.unres.expires); 1172 } 1173 1174 /* See if we can append the packet */ 1175 if (c->_c.mfc_un.unres.unresolved.qlen > 3) { 1176 kfree_skb(skb); 1177 err = -ENOBUFS; 1178 } else { 1179 if (dev) { 1180 skb->dev = dev; 1181 skb->skb_iif = dev->ifindex; 1182 } 1183 skb_queue_tail(&c->_c.mfc_un.unres.unresolved, skb); 1184 err = 0; 1185 } 1186 1187 spin_unlock_bh(&mfc_unres_lock); 1188 return err; 1189 } 1190 1191 /* MFC cache manipulation by user space mroute daemon */ 1192 1193 static int ipmr_mfc_delete(struct mr_table *mrt, struct mfcctl *mfc, int parent) 1194 { 1195 struct net *net = read_pnet(&mrt->net); 1196 struct mfc_cache *c; 1197 1198 /* The entries are added/deleted only under RTNL */ 1199 rcu_read_lock(); 1200 c = ipmr_cache_find_parent(mrt, mfc->mfcc_origin.s_addr, 1201 mfc->mfcc_mcastgrp.s_addr, parent); 1202 rcu_read_unlock(); 1203 if (!c) 1204 return -ENOENT; 1205 rhltable_remove(&mrt->mfc_hash, &c->_c.mnode, ipmr_rht_params); 1206 list_del_rcu(&c->_c.list); 1207 call_ipmr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_DEL, c, mrt->id); 1208 mroute_netlink_event(mrt, c, RTM_DELROUTE); 1209 mr_cache_put(&c->_c); 1210 1211 return 0; 1212 } 1213 1214 static int ipmr_mfc_add(struct net *net, struct mr_table *mrt, 1215 struct mfcctl *mfc, int mrtsock, int parent) 1216 { 1217 struct mfc_cache *uc, *c; 1218 struct mr_mfc *_uc; 1219 bool found; 1220 int ret; 1221 1222 if (mfc->mfcc_parent >= MAXVIFS) 1223 return -ENFILE; 1224 1225 /* The entries are added/deleted only under RTNL */ 1226 rcu_read_lock(); 1227 c = ipmr_cache_find_parent(mrt, mfc->mfcc_origin.s_addr, 1228 mfc->mfcc_mcastgrp.s_addr, parent); 1229 rcu_read_unlock(); 1230 if (c) { 1231 write_lock_bh(&mrt_lock); 1232 c->_c.mfc_parent = mfc->mfcc_parent; 1233 ipmr_update_thresholds(mrt, &c->_c, mfc->mfcc_ttls); 1234 if (!mrtsock) 1235 c->_c.mfc_flags |= MFC_STATIC; 1236 write_unlock_bh(&mrt_lock); 1237 call_ipmr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_REPLACE, c, 1238 mrt->id); 1239 mroute_netlink_event(mrt, c, RTM_NEWROUTE); 1240 return 0; 1241 } 1242 1243 if (mfc->mfcc_mcastgrp.s_addr != htonl(INADDR_ANY) && 1244 !ipv4_is_multicast(mfc->mfcc_mcastgrp.s_addr)) 1245 return -EINVAL; 1246 1247 c = ipmr_cache_alloc(); 1248 if (!c) 1249 return -ENOMEM; 1250 1251 c->mfc_origin = mfc->mfcc_origin.s_addr; 1252 c->mfc_mcastgrp = mfc->mfcc_mcastgrp.s_addr; 1253 c->_c.mfc_parent = mfc->mfcc_parent; 1254 ipmr_update_thresholds(mrt, &c->_c, mfc->mfcc_ttls); 1255 if (!mrtsock) 1256 c->_c.mfc_flags |= MFC_STATIC; 1257 1258 ret = rhltable_insert_key(&mrt->mfc_hash, &c->cmparg, &c->_c.mnode, 1259 ipmr_rht_params); 1260 if (ret) { 1261 pr_err("ipmr: rhtable insert error %d\n", ret); 1262 ipmr_cache_free(c); 1263 return ret; 1264 } 1265 list_add_tail_rcu(&c->_c.list, &mrt->mfc_cache_list); 1266 /* Check to see if we resolved a queued list. If so we 1267 * need to send on the frames and tidy up. 1268 */ 1269 found = false; 1270 spin_lock_bh(&mfc_unres_lock); 1271 list_for_each_entry(_uc, &mrt->mfc_unres_queue, list) { 1272 uc = (struct mfc_cache *)_uc; 1273 if (uc->mfc_origin == c->mfc_origin && 1274 uc->mfc_mcastgrp == c->mfc_mcastgrp) { 1275 list_del(&_uc->list); 1276 atomic_dec(&mrt->cache_resolve_queue_len); 1277 found = true; 1278 break; 1279 } 1280 } 1281 if (list_empty(&mrt->mfc_unres_queue)) 1282 del_timer(&mrt->ipmr_expire_timer); 1283 spin_unlock_bh(&mfc_unres_lock); 1284 1285 if (found) { 1286 ipmr_cache_resolve(net, mrt, uc, c); 1287 ipmr_cache_free(uc); 1288 } 1289 call_ipmr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_ADD, c, mrt->id); 1290 mroute_netlink_event(mrt, c, RTM_NEWROUTE); 1291 return 0; 1292 } 1293 1294 /* Close the multicast socket, and clear the vif tables etc */ 1295 static void mroute_clean_tables(struct mr_table *mrt, bool all) 1296 { 1297 struct net *net = read_pnet(&mrt->net); 1298 struct mr_mfc *c, *tmp; 1299 struct mfc_cache *cache; 1300 LIST_HEAD(list); 1301 int i; 1302 1303 /* Shut down all active vif entries */ 1304 for (i = 0; i < mrt->maxvif; i++) { 1305 if (!all && (mrt->vif_table[i].flags & VIFF_STATIC)) 1306 continue; 1307 vif_delete(mrt, i, 0, &list); 1308 } 1309 unregister_netdevice_many(&list); 1310 1311 /* Wipe the cache */ 1312 list_for_each_entry_safe(c, tmp, &mrt->mfc_cache_list, list) { 1313 if (!all && (c->mfc_flags & MFC_STATIC)) 1314 continue; 1315 rhltable_remove(&mrt->mfc_hash, &c->mnode, ipmr_rht_params); 1316 list_del_rcu(&c->list); 1317 cache = (struct mfc_cache *)c; 1318 call_ipmr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_DEL, cache, 1319 mrt->id); 1320 mroute_netlink_event(mrt, cache, RTM_DELROUTE); 1321 mr_cache_put(c); 1322 } 1323 1324 if (atomic_read(&mrt->cache_resolve_queue_len) != 0) { 1325 spin_lock_bh(&mfc_unres_lock); 1326 list_for_each_entry_safe(c, tmp, &mrt->mfc_unres_queue, list) { 1327 list_del(&c->list); 1328 cache = (struct mfc_cache *)c; 1329 mroute_netlink_event(mrt, cache, RTM_DELROUTE); 1330 ipmr_destroy_unres(mrt, cache); 1331 } 1332 spin_unlock_bh(&mfc_unres_lock); 1333 } 1334 } 1335 1336 /* called from ip_ra_control(), before an RCU grace period, 1337 * we dont need to call synchronize_rcu() here 1338 */ 1339 static void mrtsock_destruct(struct sock *sk) 1340 { 1341 struct net *net = sock_net(sk); 1342 struct mr_table *mrt; 1343 1344 rtnl_lock(); 1345 ipmr_for_each_table(mrt, net) { 1346 if (sk == rtnl_dereference(mrt->mroute_sk)) { 1347 IPV4_DEVCONF_ALL(net, MC_FORWARDING)--; 1348 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 1349 NETCONFA_MC_FORWARDING, 1350 NETCONFA_IFINDEX_ALL, 1351 net->ipv4.devconf_all); 1352 RCU_INIT_POINTER(mrt->mroute_sk, NULL); 1353 mroute_clean_tables(mrt, false); 1354 } 1355 } 1356 rtnl_unlock(); 1357 } 1358 1359 /* Socket options and virtual interface manipulation. The whole 1360 * virtual interface system is a complete heap, but unfortunately 1361 * that's how BSD mrouted happens to think. Maybe one day with a proper 1362 * MOSPF/PIM router set up we can clean this up. 1363 */ 1364 1365 int ip_mroute_setsockopt(struct sock *sk, int optname, char __user *optval, 1366 unsigned int optlen) 1367 { 1368 struct net *net = sock_net(sk); 1369 int val, ret = 0, parent = 0; 1370 struct mr_table *mrt; 1371 struct vifctl vif; 1372 struct mfcctl mfc; 1373 u32 uval; 1374 1375 /* There's one exception to the lock - MRT_DONE which needs to unlock */ 1376 rtnl_lock(); 1377 if (sk->sk_type != SOCK_RAW || 1378 inet_sk(sk)->inet_num != IPPROTO_IGMP) { 1379 ret = -EOPNOTSUPP; 1380 goto out_unlock; 1381 } 1382 1383 mrt = ipmr_get_table(net, raw_sk(sk)->ipmr_table ? : RT_TABLE_DEFAULT); 1384 if (!mrt) { 1385 ret = -ENOENT; 1386 goto out_unlock; 1387 } 1388 if (optname != MRT_INIT) { 1389 if (sk != rcu_access_pointer(mrt->mroute_sk) && 1390 !ns_capable(net->user_ns, CAP_NET_ADMIN)) { 1391 ret = -EACCES; 1392 goto out_unlock; 1393 } 1394 } 1395 1396 switch (optname) { 1397 case MRT_INIT: 1398 if (optlen != sizeof(int)) { 1399 ret = -EINVAL; 1400 break; 1401 } 1402 if (rtnl_dereference(mrt->mroute_sk)) { 1403 ret = -EADDRINUSE; 1404 break; 1405 } 1406 1407 ret = ip_ra_control(sk, 1, mrtsock_destruct); 1408 if (ret == 0) { 1409 rcu_assign_pointer(mrt->mroute_sk, sk); 1410 IPV4_DEVCONF_ALL(net, MC_FORWARDING)++; 1411 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 1412 NETCONFA_MC_FORWARDING, 1413 NETCONFA_IFINDEX_ALL, 1414 net->ipv4.devconf_all); 1415 } 1416 break; 1417 case MRT_DONE: 1418 if (sk != rcu_access_pointer(mrt->mroute_sk)) { 1419 ret = -EACCES; 1420 } else { 1421 /* We need to unlock here because mrtsock_destruct takes 1422 * care of rtnl itself and we can't change that due to 1423 * the IP_ROUTER_ALERT setsockopt which runs without it. 1424 */ 1425 rtnl_unlock(); 1426 ret = ip_ra_control(sk, 0, NULL); 1427 goto out; 1428 } 1429 break; 1430 case MRT_ADD_VIF: 1431 case MRT_DEL_VIF: 1432 if (optlen != sizeof(vif)) { 1433 ret = -EINVAL; 1434 break; 1435 } 1436 if (copy_from_user(&vif, optval, sizeof(vif))) { 1437 ret = -EFAULT; 1438 break; 1439 } 1440 if (vif.vifc_vifi >= MAXVIFS) { 1441 ret = -ENFILE; 1442 break; 1443 } 1444 if (optname == MRT_ADD_VIF) { 1445 ret = vif_add(net, mrt, &vif, 1446 sk == rtnl_dereference(mrt->mroute_sk)); 1447 } else { 1448 ret = vif_delete(mrt, vif.vifc_vifi, 0, NULL); 1449 } 1450 break; 1451 /* Manipulate the forwarding caches. These live 1452 * in a sort of kernel/user symbiosis. 1453 */ 1454 case MRT_ADD_MFC: 1455 case MRT_DEL_MFC: 1456 parent = -1; 1457 /* fall through */ 1458 case MRT_ADD_MFC_PROXY: 1459 case MRT_DEL_MFC_PROXY: 1460 if (optlen != sizeof(mfc)) { 1461 ret = -EINVAL; 1462 break; 1463 } 1464 if (copy_from_user(&mfc, optval, sizeof(mfc))) { 1465 ret = -EFAULT; 1466 break; 1467 } 1468 if (parent == 0) 1469 parent = mfc.mfcc_parent; 1470 if (optname == MRT_DEL_MFC || optname == MRT_DEL_MFC_PROXY) 1471 ret = ipmr_mfc_delete(mrt, &mfc, parent); 1472 else 1473 ret = ipmr_mfc_add(net, mrt, &mfc, 1474 sk == rtnl_dereference(mrt->mroute_sk), 1475 parent); 1476 break; 1477 /* Control PIM assert. */ 1478 case MRT_ASSERT: 1479 if (optlen != sizeof(val)) { 1480 ret = -EINVAL; 1481 break; 1482 } 1483 if (get_user(val, (int __user *)optval)) { 1484 ret = -EFAULT; 1485 break; 1486 } 1487 mrt->mroute_do_assert = val; 1488 break; 1489 case MRT_PIM: 1490 if (!ipmr_pimsm_enabled()) { 1491 ret = -ENOPROTOOPT; 1492 break; 1493 } 1494 if (optlen != sizeof(val)) { 1495 ret = -EINVAL; 1496 break; 1497 } 1498 if (get_user(val, (int __user *)optval)) { 1499 ret = -EFAULT; 1500 break; 1501 } 1502 1503 val = !!val; 1504 if (val != mrt->mroute_do_pim) { 1505 mrt->mroute_do_pim = val; 1506 mrt->mroute_do_assert = val; 1507 } 1508 break; 1509 case MRT_TABLE: 1510 if (!IS_BUILTIN(CONFIG_IP_MROUTE_MULTIPLE_TABLES)) { 1511 ret = -ENOPROTOOPT; 1512 break; 1513 } 1514 if (optlen != sizeof(uval)) { 1515 ret = -EINVAL; 1516 break; 1517 } 1518 if (get_user(uval, (u32 __user *)optval)) { 1519 ret = -EFAULT; 1520 break; 1521 } 1522 1523 if (sk == rtnl_dereference(mrt->mroute_sk)) { 1524 ret = -EBUSY; 1525 } else { 1526 mrt = ipmr_new_table(net, uval); 1527 if (IS_ERR(mrt)) 1528 ret = PTR_ERR(mrt); 1529 else 1530 raw_sk(sk)->ipmr_table = uval; 1531 } 1532 break; 1533 /* Spurious command, or MRT_VERSION which you cannot set. */ 1534 default: 1535 ret = -ENOPROTOOPT; 1536 } 1537 out_unlock: 1538 rtnl_unlock(); 1539 out: 1540 return ret; 1541 } 1542 1543 /* Getsock opt support for the multicast routing system. */ 1544 int ip_mroute_getsockopt(struct sock *sk, int optname, char __user *optval, int __user *optlen) 1545 { 1546 int olr; 1547 int val; 1548 struct net *net = sock_net(sk); 1549 struct mr_table *mrt; 1550 1551 if (sk->sk_type != SOCK_RAW || 1552 inet_sk(sk)->inet_num != IPPROTO_IGMP) 1553 return -EOPNOTSUPP; 1554 1555 mrt = ipmr_get_table(net, raw_sk(sk)->ipmr_table ? : RT_TABLE_DEFAULT); 1556 if (!mrt) 1557 return -ENOENT; 1558 1559 switch (optname) { 1560 case MRT_VERSION: 1561 val = 0x0305; 1562 break; 1563 case MRT_PIM: 1564 if (!ipmr_pimsm_enabled()) 1565 return -ENOPROTOOPT; 1566 val = mrt->mroute_do_pim; 1567 break; 1568 case MRT_ASSERT: 1569 val = mrt->mroute_do_assert; 1570 break; 1571 default: 1572 return -ENOPROTOOPT; 1573 } 1574 1575 if (get_user(olr, optlen)) 1576 return -EFAULT; 1577 olr = min_t(unsigned int, olr, sizeof(int)); 1578 if (olr < 0) 1579 return -EINVAL; 1580 if (put_user(olr, optlen)) 1581 return -EFAULT; 1582 if (copy_to_user(optval, &val, olr)) 1583 return -EFAULT; 1584 return 0; 1585 } 1586 1587 /* The IP multicast ioctl support routines. */ 1588 int ipmr_ioctl(struct sock *sk, int cmd, void __user *arg) 1589 { 1590 struct sioc_sg_req sr; 1591 struct sioc_vif_req vr; 1592 struct vif_device *vif; 1593 struct mfc_cache *c; 1594 struct net *net = sock_net(sk); 1595 struct mr_table *mrt; 1596 1597 mrt = ipmr_get_table(net, raw_sk(sk)->ipmr_table ? : RT_TABLE_DEFAULT); 1598 if (!mrt) 1599 return -ENOENT; 1600 1601 switch (cmd) { 1602 case SIOCGETVIFCNT: 1603 if (copy_from_user(&vr, arg, sizeof(vr))) 1604 return -EFAULT; 1605 if (vr.vifi >= mrt->maxvif) 1606 return -EINVAL; 1607 read_lock(&mrt_lock); 1608 vif = &mrt->vif_table[vr.vifi]; 1609 if (VIF_EXISTS(mrt, vr.vifi)) { 1610 vr.icount = vif->pkt_in; 1611 vr.ocount = vif->pkt_out; 1612 vr.ibytes = vif->bytes_in; 1613 vr.obytes = vif->bytes_out; 1614 read_unlock(&mrt_lock); 1615 1616 if (copy_to_user(arg, &vr, sizeof(vr))) 1617 return -EFAULT; 1618 return 0; 1619 } 1620 read_unlock(&mrt_lock); 1621 return -EADDRNOTAVAIL; 1622 case SIOCGETSGCNT: 1623 if (copy_from_user(&sr, arg, sizeof(sr))) 1624 return -EFAULT; 1625 1626 rcu_read_lock(); 1627 c = ipmr_cache_find(mrt, sr.src.s_addr, sr.grp.s_addr); 1628 if (c) { 1629 sr.pktcnt = c->_c.mfc_un.res.pkt; 1630 sr.bytecnt = c->_c.mfc_un.res.bytes; 1631 sr.wrong_if = c->_c.mfc_un.res.wrong_if; 1632 rcu_read_unlock(); 1633 1634 if (copy_to_user(arg, &sr, sizeof(sr))) 1635 return -EFAULT; 1636 return 0; 1637 } 1638 rcu_read_unlock(); 1639 return -EADDRNOTAVAIL; 1640 default: 1641 return -ENOIOCTLCMD; 1642 } 1643 } 1644 1645 #ifdef CONFIG_COMPAT 1646 struct compat_sioc_sg_req { 1647 struct in_addr src; 1648 struct in_addr grp; 1649 compat_ulong_t pktcnt; 1650 compat_ulong_t bytecnt; 1651 compat_ulong_t wrong_if; 1652 }; 1653 1654 struct compat_sioc_vif_req { 1655 vifi_t vifi; /* Which iface */ 1656 compat_ulong_t icount; 1657 compat_ulong_t ocount; 1658 compat_ulong_t ibytes; 1659 compat_ulong_t obytes; 1660 }; 1661 1662 int ipmr_compat_ioctl(struct sock *sk, unsigned int cmd, void __user *arg) 1663 { 1664 struct compat_sioc_sg_req sr; 1665 struct compat_sioc_vif_req vr; 1666 struct vif_device *vif; 1667 struct mfc_cache *c; 1668 struct net *net = sock_net(sk); 1669 struct mr_table *mrt; 1670 1671 mrt = ipmr_get_table(net, raw_sk(sk)->ipmr_table ? : RT_TABLE_DEFAULT); 1672 if (!mrt) 1673 return -ENOENT; 1674 1675 switch (cmd) { 1676 case SIOCGETVIFCNT: 1677 if (copy_from_user(&vr, arg, sizeof(vr))) 1678 return -EFAULT; 1679 if (vr.vifi >= mrt->maxvif) 1680 return -EINVAL; 1681 read_lock(&mrt_lock); 1682 vif = &mrt->vif_table[vr.vifi]; 1683 if (VIF_EXISTS(mrt, vr.vifi)) { 1684 vr.icount = vif->pkt_in; 1685 vr.ocount = vif->pkt_out; 1686 vr.ibytes = vif->bytes_in; 1687 vr.obytes = vif->bytes_out; 1688 read_unlock(&mrt_lock); 1689 1690 if (copy_to_user(arg, &vr, sizeof(vr))) 1691 return -EFAULT; 1692 return 0; 1693 } 1694 read_unlock(&mrt_lock); 1695 return -EADDRNOTAVAIL; 1696 case SIOCGETSGCNT: 1697 if (copy_from_user(&sr, arg, sizeof(sr))) 1698 return -EFAULT; 1699 1700 rcu_read_lock(); 1701 c = ipmr_cache_find(mrt, sr.src.s_addr, sr.grp.s_addr); 1702 if (c) { 1703 sr.pktcnt = c->_c.mfc_un.res.pkt; 1704 sr.bytecnt = c->_c.mfc_un.res.bytes; 1705 sr.wrong_if = c->_c.mfc_un.res.wrong_if; 1706 rcu_read_unlock(); 1707 1708 if (copy_to_user(arg, &sr, sizeof(sr))) 1709 return -EFAULT; 1710 return 0; 1711 } 1712 rcu_read_unlock(); 1713 return -EADDRNOTAVAIL; 1714 default: 1715 return -ENOIOCTLCMD; 1716 } 1717 } 1718 #endif 1719 1720 static int ipmr_device_event(struct notifier_block *this, unsigned long event, void *ptr) 1721 { 1722 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 1723 struct net *net = dev_net(dev); 1724 struct mr_table *mrt; 1725 struct vif_device *v; 1726 int ct; 1727 1728 if (event != NETDEV_UNREGISTER) 1729 return NOTIFY_DONE; 1730 1731 ipmr_for_each_table(mrt, net) { 1732 v = &mrt->vif_table[0]; 1733 for (ct = 0; ct < mrt->maxvif; ct++, v++) { 1734 if (v->dev == dev) 1735 vif_delete(mrt, ct, 1, NULL); 1736 } 1737 } 1738 return NOTIFY_DONE; 1739 } 1740 1741 static struct notifier_block ip_mr_notifier = { 1742 .notifier_call = ipmr_device_event, 1743 }; 1744 1745 /* Encapsulate a packet by attaching a valid IPIP header to it. 1746 * This avoids tunnel drivers and other mess and gives us the speed so 1747 * important for multicast video. 1748 */ 1749 static void ip_encap(struct net *net, struct sk_buff *skb, 1750 __be32 saddr, __be32 daddr) 1751 { 1752 struct iphdr *iph; 1753 const struct iphdr *old_iph = ip_hdr(skb); 1754 1755 skb_push(skb, sizeof(struct iphdr)); 1756 skb->transport_header = skb->network_header; 1757 skb_reset_network_header(skb); 1758 iph = ip_hdr(skb); 1759 1760 iph->version = 4; 1761 iph->tos = old_iph->tos; 1762 iph->ttl = old_iph->ttl; 1763 iph->frag_off = 0; 1764 iph->daddr = daddr; 1765 iph->saddr = saddr; 1766 iph->protocol = IPPROTO_IPIP; 1767 iph->ihl = 5; 1768 iph->tot_len = htons(skb->len); 1769 ip_select_ident(net, skb, NULL); 1770 ip_send_check(iph); 1771 1772 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt)); 1773 nf_reset(skb); 1774 } 1775 1776 static inline int ipmr_forward_finish(struct net *net, struct sock *sk, 1777 struct sk_buff *skb) 1778 { 1779 struct ip_options *opt = &(IPCB(skb)->opt); 1780 1781 IP_INC_STATS(net, IPSTATS_MIB_OUTFORWDATAGRAMS); 1782 IP_ADD_STATS(net, IPSTATS_MIB_OUTOCTETS, skb->len); 1783 1784 if (unlikely(opt->optlen)) 1785 ip_forward_options(skb); 1786 1787 return dst_output(net, sk, skb); 1788 } 1789 1790 #ifdef CONFIG_NET_SWITCHDEV 1791 static bool ipmr_forward_offloaded(struct sk_buff *skb, struct mr_table *mrt, 1792 int in_vifi, int out_vifi) 1793 { 1794 struct vif_device *out_vif = &mrt->vif_table[out_vifi]; 1795 struct vif_device *in_vif = &mrt->vif_table[in_vifi]; 1796 1797 if (!skb->offload_mr_fwd_mark) 1798 return false; 1799 if (!out_vif->dev_parent_id.id_len || !in_vif->dev_parent_id.id_len) 1800 return false; 1801 return netdev_phys_item_id_same(&out_vif->dev_parent_id, 1802 &in_vif->dev_parent_id); 1803 } 1804 #else 1805 static bool ipmr_forward_offloaded(struct sk_buff *skb, struct mr_table *mrt, 1806 int in_vifi, int out_vifi) 1807 { 1808 return false; 1809 } 1810 #endif 1811 1812 /* Processing handlers for ipmr_forward */ 1813 1814 static void ipmr_queue_xmit(struct net *net, struct mr_table *mrt, 1815 int in_vifi, struct sk_buff *skb, 1816 struct mfc_cache *c, int vifi) 1817 { 1818 const struct iphdr *iph = ip_hdr(skb); 1819 struct vif_device *vif = &mrt->vif_table[vifi]; 1820 struct net_device *dev; 1821 struct rtable *rt; 1822 struct flowi4 fl4; 1823 int encap = 0; 1824 1825 if (!vif->dev) 1826 goto out_free; 1827 1828 if (vif->flags & VIFF_REGISTER) { 1829 vif->pkt_out++; 1830 vif->bytes_out += skb->len; 1831 vif->dev->stats.tx_bytes += skb->len; 1832 vif->dev->stats.tx_packets++; 1833 ipmr_cache_report(mrt, skb, vifi, IGMPMSG_WHOLEPKT); 1834 goto out_free; 1835 } 1836 1837 if (ipmr_forward_offloaded(skb, mrt, in_vifi, vifi)) 1838 goto out_free; 1839 1840 if (vif->flags & VIFF_TUNNEL) { 1841 rt = ip_route_output_ports(net, &fl4, NULL, 1842 vif->remote, vif->local, 1843 0, 0, 1844 IPPROTO_IPIP, 1845 RT_TOS(iph->tos), vif->link); 1846 if (IS_ERR(rt)) 1847 goto out_free; 1848 encap = sizeof(struct iphdr); 1849 } else { 1850 rt = ip_route_output_ports(net, &fl4, NULL, iph->daddr, 0, 1851 0, 0, 1852 IPPROTO_IPIP, 1853 RT_TOS(iph->tos), vif->link); 1854 if (IS_ERR(rt)) 1855 goto out_free; 1856 } 1857 1858 dev = rt->dst.dev; 1859 1860 if (skb->len+encap > dst_mtu(&rt->dst) && (ntohs(iph->frag_off) & IP_DF)) { 1861 /* Do not fragment multicasts. Alas, IPv4 does not 1862 * allow to send ICMP, so that packets will disappear 1863 * to blackhole. 1864 */ 1865 IP_INC_STATS(net, IPSTATS_MIB_FRAGFAILS); 1866 ip_rt_put(rt); 1867 goto out_free; 1868 } 1869 1870 encap += LL_RESERVED_SPACE(dev) + rt->dst.header_len; 1871 1872 if (skb_cow(skb, encap)) { 1873 ip_rt_put(rt); 1874 goto out_free; 1875 } 1876 1877 vif->pkt_out++; 1878 vif->bytes_out += skb->len; 1879 1880 skb_dst_drop(skb); 1881 skb_dst_set(skb, &rt->dst); 1882 ip_decrease_ttl(ip_hdr(skb)); 1883 1884 /* FIXME: forward and output firewalls used to be called here. 1885 * What do we do with netfilter? -- RR 1886 */ 1887 if (vif->flags & VIFF_TUNNEL) { 1888 ip_encap(net, skb, vif->local, vif->remote); 1889 /* FIXME: extra output firewall step used to be here. --RR */ 1890 vif->dev->stats.tx_packets++; 1891 vif->dev->stats.tx_bytes += skb->len; 1892 } 1893 1894 IPCB(skb)->flags |= IPSKB_FORWARDED; 1895 1896 /* RFC1584 teaches, that DVMRP/PIM router must deliver packets locally 1897 * not only before forwarding, but after forwarding on all output 1898 * interfaces. It is clear, if mrouter runs a multicasting 1899 * program, it should receive packets not depending to what interface 1900 * program is joined. 1901 * If we will not make it, the program will have to join on all 1902 * interfaces. On the other hand, multihoming host (or router, but 1903 * not mrouter) cannot join to more than one interface - it will 1904 * result in receiving multiple packets. 1905 */ 1906 NF_HOOK(NFPROTO_IPV4, NF_INET_FORWARD, 1907 net, NULL, skb, skb->dev, dev, 1908 ipmr_forward_finish); 1909 return; 1910 1911 out_free: 1912 kfree_skb(skb); 1913 } 1914 1915 static int ipmr_find_vif(struct mr_table *mrt, struct net_device *dev) 1916 { 1917 int ct; 1918 1919 for (ct = mrt->maxvif-1; ct >= 0; ct--) { 1920 if (mrt->vif_table[ct].dev == dev) 1921 break; 1922 } 1923 return ct; 1924 } 1925 1926 /* "local" means that we should preserve one skb (for local delivery) */ 1927 static void ip_mr_forward(struct net *net, struct mr_table *mrt, 1928 struct net_device *dev, struct sk_buff *skb, 1929 struct mfc_cache *c, int local) 1930 { 1931 int true_vifi = ipmr_find_vif(mrt, dev); 1932 int psend = -1; 1933 int vif, ct; 1934 1935 vif = c->_c.mfc_parent; 1936 c->_c.mfc_un.res.pkt++; 1937 c->_c.mfc_un.res.bytes += skb->len; 1938 c->_c.mfc_un.res.lastuse = jiffies; 1939 1940 if (c->mfc_origin == htonl(INADDR_ANY) && true_vifi >= 0) { 1941 struct mfc_cache *cache_proxy; 1942 1943 /* For an (*,G) entry, we only check that the incomming 1944 * interface is part of the static tree. 1945 */ 1946 cache_proxy = mr_mfc_find_any_parent(mrt, vif); 1947 if (cache_proxy && 1948 cache_proxy->_c.mfc_un.res.ttls[true_vifi] < 255) 1949 goto forward; 1950 } 1951 1952 /* Wrong interface: drop packet and (maybe) send PIM assert. */ 1953 if (mrt->vif_table[vif].dev != dev) { 1954 if (rt_is_output_route(skb_rtable(skb))) { 1955 /* It is our own packet, looped back. 1956 * Very complicated situation... 1957 * 1958 * The best workaround until routing daemons will be 1959 * fixed is not to redistribute packet, if it was 1960 * send through wrong interface. It means, that 1961 * multicast applications WILL NOT work for 1962 * (S,G), which have default multicast route pointing 1963 * to wrong oif. In any case, it is not a good 1964 * idea to use multicasting applications on router. 1965 */ 1966 goto dont_forward; 1967 } 1968 1969 c->_c.mfc_un.res.wrong_if++; 1970 1971 if (true_vifi >= 0 && mrt->mroute_do_assert && 1972 /* pimsm uses asserts, when switching from RPT to SPT, 1973 * so that we cannot check that packet arrived on an oif. 1974 * It is bad, but otherwise we would need to move pretty 1975 * large chunk of pimd to kernel. Ough... --ANK 1976 */ 1977 (mrt->mroute_do_pim || 1978 c->_c.mfc_un.res.ttls[true_vifi] < 255) && 1979 time_after(jiffies, 1980 c->_c.mfc_un.res.last_assert + 1981 MFC_ASSERT_THRESH)) { 1982 c->_c.mfc_un.res.last_assert = jiffies; 1983 ipmr_cache_report(mrt, skb, true_vifi, IGMPMSG_WRONGVIF); 1984 } 1985 goto dont_forward; 1986 } 1987 1988 forward: 1989 mrt->vif_table[vif].pkt_in++; 1990 mrt->vif_table[vif].bytes_in += skb->len; 1991 1992 /* Forward the frame */ 1993 if (c->mfc_origin == htonl(INADDR_ANY) && 1994 c->mfc_mcastgrp == htonl(INADDR_ANY)) { 1995 if (true_vifi >= 0 && 1996 true_vifi != c->_c.mfc_parent && 1997 ip_hdr(skb)->ttl > 1998 c->_c.mfc_un.res.ttls[c->_c.mfc_parent]) { 1999 /* It's an (*,*) entry and the packet is not coming from 2000 * the upstream: forward the packet to the upstream 2001 * only. 2002 */ 2003 psend = c->_c.mfc_parent; 2004 goto last_forward; 2005 } 2006 goto dont_forward; 2007 } 2008 for (ct = c->_c.mfc_un.res.maxvif - 1; 2009 ct >= c->_c.mfc_un.res.minvif; ct--) { 2010 /* For (*,G) entry, don't forward to the incoming interface */ 2011 if ((c->mfc_origin != htonl(INADDR_ANY) || 2012 ct != true_vifi) && 2013 ip_hdr(skb)->ttl > c->_c.mfc_un.res.ttls[ct]) { 2014 if (psend != -1) { 2015 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC); 2016 2017 if (skb2) 2018 ipmr_queue_xmit(net, mrt, true_vifi, 2019 skb2, c, psend); 2020 } 2021 psend = ct; 2022 } 2023 } 2024 last_forward: 2025 if (psend != -1) { 2026 if (local) { 2027 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC); 2028 2029 if (skb2) 2030 ipmr_queue_xmit(net, mrt, true_vifi, skb2, 2031 c, psend); 2032 } else { 2033 ipmr_queue_xmit(net, mrt, true_vifi, skb, c, psend); 2034 return; 2035 } 2036 } 2037 2038 dont_forward: 2039 if (!local) 2040 kfree_skb(skb); 2041 } 2042 2043 static struct mr_table *ipmr_rt_fib_lookup(struct net *net, struct sk_buff *skb) 2044 { 2045 struct rtable *rt = skb_rtable(skb); 2046 struct iphdr *iph = ip_hdr(skb); 2047 struct flowi4 fl4 = { 2048 .daddr = iph->daddr, 2049 .saddr = iph->saddr, 2050 .flowi4_tos = RT_TOS(iph->tos), 2051 .flowi4_oif = (rt_is_output_route(rt) ? 2052 skb->dev->ifindex : 0), 2053 .flowi4_iif = (rt_is_output_route(rt) ? 2054 LOOPBACK_IFINDEX : 2055 skb->dev->ifindex), 2056 .flowi4_mark = skb->mark, 2057 }; 2058 struct mr_table *mrt; 2059 int err; 2060 2061 err = ipmr_fib_lookup(net, &fl4, &mrt); 2062 if (err) 2063 return ERR_PTR(err); 2064 return mrt; 2065 } 2066 2067 /* Multicast packets for forwarding arrive here 2068 * Called with rcu_read_lock(); 2069 */ 2070 int ip_mr_input(struct sk_buff *skb) 2071 { 2072 struct mfc_cache *cache; 2073 struct net *net = dev_net(skb->dev); 2074 int local = skb_rtable(skb)->rt_flags & RTCF_LOCAL; 2075 struct mr_table *mrt; 2076 struct net_device *dev; 2077 2078 /* skb->dev passed in is the loX master dev for vrfs. 2079 * As there are no vifs associated with loopback devices, 2080 * get the proper interface that does have a vif associated with it. 2081 */ 2082 dev = skb->dev; 2083 if (netif_is_l3_master(skb->dev)) { 2084 dev = dev_get_by_index_rcu(net, IPCB(skb)->iif); 2085 if (!dev) { 2086 kfree_skb(skb); 2087 return -ENODEV; 2088 } 2089 } 2090 2091 /* Packet is looped back after forward, it should not be 2092 * forwarded second time, but still can be delivered locally. 2093 */ 2094 if (IPCB(skb)->flags & IPSKB_FORWARDED) 2095 goto dont_forward; 2096 2097 mrt = ipmr_rt_fib_lookup(net, skb); 2098 if (IS_ERR(mrt)) { 2099 kfree_skb(skb); 2100 return PTR_ERR(mrt); 2101 } 2102 if (!local) { 2103 if (IPCB(skb)->opt.router_alert) { 2104 if (ip_call_ra_chain(skb)) 2105 return 0; 2106 } else if (ip_hdr(skb)->protocol == IPPROTO_IGMP) { 2107 /* IGMPv1 (and broken IGMPv2 implementations sort of 2108 * Cisco IOS <= 11.2(8)) do not put router alert 2109 * option to IGMP packets destined to routable 2110 * groups. It is very bad, because it means 2111 * that we can forward NO IGMP messages. 2112 */ 2113 struct sock *mroute_sk; 2114 2115 mroute_sk = rcu_dereference(mrt->mroute_sk); 2116 if (mroute_sk) { 2117 nf_reset(skb); 2118 raw_rcv(mroute_sk, skb); 2119 return 0; 2120 } 2121 } 2122 } 2123 2124 /* already under rcu_read_lock() */ 2125 cache = ipmr_cache_find(mrt, ip_hdr(skb)->saddr, ip_hdr(skb)->daddr); 2126 if (!cache) { 2127 int vif = ipmr_find_vif(mrt, dev); 2128 2129 if (vif >= 0) 2130 cache = ipmr_cache_find_any(mrt, ip_hdr(skb)->daddr, 2131 vif); 2132 } 2133 2134 /* No usable cache entry */ 2135 if (!cache) { 2136 int vif; 2137 2138 if (local) { 2139 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC); 2140 ip_local_deliver(skb); 2141 if (!skb2) 2142 return -ENOBUFS; 2143 skb = skb2; 2144 } 2145 2146 read_lock(&mrt_lock); 2147 vif = ipmr_find_vif(mrt, dev); 2148 if (vif >= 0) { 2149 int err2 = ipmr_cache_unresolved(mrt, vif, skb, dev); 2150 read_unlock(&mrt_lock); 2151 2152 return err2; 2153 } 2154 read_unlock(&mrt_lock); 2155 kfree_skb(skb); 2156 return -ENODEV; 2157 } 2158 2159 read_lock(&mrt_lock); 2160 ip_mr_forward(net, mrt, dev, skb, cache, local); 2161 read_unlock(&mrt_lock); 2162 2163 if (local) 2164 return ip_local_deliver(skb); 2165 2166 return 0; 2167 2168 dont_forward: 2169 if (local) 2170 return ip_local_deliver(skb); 2171 kfree_skb(skb); 2172 return 0; 2173 } 2174 2175 #ifdef CONFIG_IP_PIMSM_V1 2176 /* Handle IGMP messages of PIMv1 */ 2177 int pim_rcv_v1(struct sk_buff *skb) 2178 { 2179 struct igmphdr *pim; 2180 struct net *net = dev_net(skb->dev); 2181 struct mr_table *mrt; 2182 2183 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(struct iphdr))) 2184 goto drop; 2185 2186 pim = igmp_hdr(skb); 2187 2188 mrt = ipmr_rt_fib_lookup(net, skb); 2189 if (IS_ERR(mrt)) 2190 goto drop; 2191 if (!mrt->mroute_do_pim || 2192 pim->group != PIM_V1_VERSION || pim->code != PIM_V1_REGISTER) 2193 goto drop; 2194 2195 if (__pim_rcv(mrt, skb, sizeof(*pim))) { 2196 drop: 2197 kfree_skb(skb); 2198 } 2199 return 0; 2200 } 2201 #endif 2202 2203 #ifdef CONFIG_IP_PIMSM_V2 2204 static int pim_rcv(struct sk_buff *skb) 2205 { 2206 struct pimreghdr *pim; 2207 struct net *net = dev_net(skb->dev); 2208 struct mr_table *mrt; 2209 2210 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(struct iphdr))) 2211 goto drop; 2212 2213 pim = (struct pimreghdr *)skb_transport_header(skb); 2214 if (pim->type != ((PIM_VERSION << 4) | (PIM_TYPE_REGISTER)) || 2215 (pim->flags & PIM_NULL_REGISTER) || 2216 (ip_compute_csum((void *)pim, sizeof(*pim)) != 0 && 2217 csum_fold(skb_checksum(skb, 0, skb->len, 0)))) 2218 goto drop; 2219 2220 mrt = ipmr_rt_fib_lookup(net, skb); 2221 if (IS_ERR(mrt)) 2222 goto drop; 2223 if (__pim_rcv(mrt, skb, sizeof(*pim))) { 2224 drop: 2225 kfree_skb(skb); 2226 } 2227 return 0; 2228 } 2229 #endif 2230 2231 int ipmr_get_route(struct net *net, struct sk_buff *skb, 2232 __be32 saddr, __be32 daddr, 2233 struct rtmsg *rtm, u32 portid) 2234 { 2235 struct mfc_cache *cache; 2236 struct mr_table *mrt; 2237 int err; 2238 2239 mrt = ipmr_get_table(net, RT_TABLE_DEFAULT); 2240 if (!mrt) 2241 return -ENOENT; 2242 2243 rcu_read_lock(); 2244 cache = ipmr_cache_find(mrt, saddr, daddr); 2245 if (!cache && skb->dev) { 2246 int vif = ipmr_find_vif(mrt, skb->dev); 2247 2248 if (vif >= 0) 2249 cache = ipmr_cache_find_any(mrt, daddr, vif); 2250 } 2251 if (!cache) { 2252 struct sk_buff *skb2; 2253 struct iphdr *iph; 2254 struct net_device *dev; 2255 int vif = -1; 2256 2257 dev = skb->dev; 2258 read_lock(&mrt_lock); 2259 if (dev) 2260 vif = ipmr_find_vif(mrt, dev); 2261 if (vif < 0) { 2262 read_unlock(&mrt_lock); 2263 rcu_read_unlock(); 2264 return -ENODEV; 2265 } 2266 skb2 = skb_clone(skb, GFP_ATOMIC); 2267 if (!skb2) { 2268 read_unlock(&mrt_lock); 2269 rcu_read_unlock(); 2270 return -ENOMEM; 2271 } 2272 2273 NETLINK_CB(skb2).portid = portid; 2274 skb_push(skb2, sizeof(struct iphdr)); 2275 skb_reset_network_header(skb2); 2276 iph = ip_hdr(skb2); 2277 iph->ihl = sizeof(struct iphdr) >> 2; 2278 iph->saddr = saddr; 2279 iph->daddr = daddr; 2280 iph->version = 0; 2281 err = ipmr_cache_unresolved(mrt, vif, skb2, dev); 2282 read_unlock(&mrt_lock); 2283 rcu_read_unlock(); 2284 return err; 2285 } 2286 2287 read_lock(&mrt_lock); 2288 err = mr_fill_mroute(mrt, skb, &cache->_c, rtm); 2289 read_unlock(&mrt_lock); 2290 rcu_read_unlock(); 2291 return err; 2292 } 2293 2294 static int ipmr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb, 2295 u32 portid, u32 seq, struct mfc_cache *c, int cmd, 2296 int flags) 2297 { 2298 struct nlmsghdr *nlh; 2299 struct rtmsg *rtm; 2300 int err; 2301 2302 nlh = nlmsg_put(skb, portid, seq, cmd, sizeof(*rtm), flags); 2303 if (!nlh) 2304 return -EMSGSIZE; 2305 2306 rtm = nlmsg_data(nlh); 2307 rtm->rtm_family = RTNL_FAMILY_IPMR; 2308 rtm->rtm_dst_len = 32; 2309 rtm->rtm_src_len = 32; 2310 rtm->rtm_tos = 0; 2311 rtm->rtm_table = mrt->id; 2312 if (nla_put_u32(skb, RTA_TABLE, mrt->id)) 2313 goto nla_put_failure; 2314 rtm->rtm_type = RTN_MULTICAST; 2315 rtm->rtm_scope = RT_SCOPE_UNIVERSE; 2316 if (c->_c.mfc_flags & MFC_STATIC) 2317 rtm->rtm_protocol = RTPROT_STATIC; 2318 else 2319 rtm->rtm_protocol = RTPROT_MROUTED; 2320 rtm->rtm_flags = 0; 2321 2322 if (nla_put_in_addr(skb, RTA_SRC, c->mfc_origin) || 2323 nla_put_in_addr(skb, RTA_DST, c->mfc_mcastgrp)) 2324 goto nla_put_failure; 2325 err = mr_fill_mroute(mrt, skb, &c->_c, rtm); 2326 /* do not break the dump if cache is unresolved */ 2327 if (err < 0 && err != -ENOENT) 2328 goto nla_put_failure; 2329 2330 nlmsg_end(skb, nlh); 2331 return 0; 2332 2333 nla_put_failure: 2334 nlmsg_cancel(skb, nlh); 2335 return -EMSGSIZE; 2336 } 2337 2338 static int _ipmr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb, 2339 u32 portid, u32 seq, struct mr_mfc *c, int cmd, 2340 int flags) 2341 { 2342 return ipmr_fill_mroute(mrt, skb, portid, seq, (struct mfc_cache *)c, 2343 cmd, flags); 2344 } 2345 2346 static size_t mroute_msgsize(bool unresolved, int maxvif) 2347 { 2348 size_t len = 2349 NLMSG_ALIGN(sizeof(struct rtmsg)) 2350 + nla_total_size(4) /* RTA_TABLE */ 2351 + nla_total_size(4) /* RTA_SRC */ 2352 + nla_total_size(4) /* RTA_DST */ 2353 ; 2354 2355 if (!unresolved) 2356 len = len 2357 + nla_total_size(4) /* RTA_IIF */ 2358 + nla_total_size(0) /* RTA_MULTIPATH */ 2359 + maxvif * NLA_ALIGN(sizeof(struct rtnexthop)) 2360 /* RTA_MFC_STATS */ 2361 + nla_total_size_64bit(sizeof(struct rta_mfc_stats)) 2362 ; 2363 2364 return len; 2365 } 2366 2367 static void mroute_netlink_event(struct mr_table *mrt, struct mfc_cache *mfc, 2368 int cmd) 2369 { 2370 struct net *net = read_pnet(&mrt->net); 2371 struct sk_buff *skb; 2372 int err = -ENOBUFS; 2373 2374 skb = nlmsg_new(mroute_msgsize(mfc->_c.mfc_parent >= MAXVIFS, 2375 mrt->maxvif), 2376 GFP_ATOMIC); 2377 if (!skb) 2378 goto errout; 2379 2380 err = ipmr_fill_mroute(mrt, skb, 0, 0, mfc, cmd, 0); 2381 if (err < 0) 2382 goto errout; 2383 2384 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_MROUTE, NULL, GFP_ATOMIC); 2385 return; 2386 2387 errout: 2388 kfree_skb(skb); 2389 if (err < 0) 2390 rtnl_set_sk_err(net, RTNLGRP_IPV4_MROUTE, err); 2391 } 2392 2393 static size_t igmpmsg_netlink_msgsize(size_t payloadlen) 2394 { 2395 size_t len = 2396 NLMSG_ALIGN(sizeof(struct rtgenmsg)) 2397 + nla_total_size(1) /* IPMRA_CREPORT_MSGTYPE */ 2398 + nla_total_size(4) /* IPMRA_CREPORT_VIF_ID */ 2399 + nla_total_size(4) /* IPMRA_CREPORT_SRC_ADDR */ 2400 + nla_total_size(4) /* IPMRA_CREPORT_DST_ADDR */ 2401 /* IPMRA_CREPORT_PKT */ 2402 + nla_total_size(payloadlen) 2403 ; 2404 2405 return len; 2406 } 2407 2408 static void igmpmsg_netlink_event(struct mr_table *mrt, struct sk_buff *pkt) 2409 { 2410 struct net *net = read_pnet(&mrt->net); 2411 struct nlmsghdr *nlh; 2412 struct rtgenmsg *rtgenm; 2413 struct igmpmsg *msg; 2414 struct sk_buff *skb; 2415 struct nlattr *nla; 2416 int payloadlen; 2417 2418 payloadlen = pkt->len - sizeof(struct igmpmsg); 2419 msg = (struct igmpmsg *)skb_network_header(pkt); 2420 2421 skb = nlmsg_new(igmpmsg_netlink_msgsize(payloadlen), GFP_ATOMIC); 2422 if (!skb) 2423 goto errout; 2424 2425 nlh = nlmsg_put(skb, 0, 0, RTM_NEWCACHEREPORT, 2426 sizeof(struct rtgenmsg), 0); 2427 if (!nlh) 2428 goto errout; 2429 rtgenm = nlmsg_data(nlh); 2430 rtgenm->rtgen_family = RTNL_FAMILY_IPMR; 2431 if (nla_put_u8(skb, IPMRA_CREPORT_MSGTYPE, msg->im_msgtype) || 2432 nla_put_u32(skb, IPMRA_CREPORT_VIF_ID, msg->im_vif) || 2433 nla_put_in_addr(skb, IPMRA_CREPORT_SRC_ADDR, 2434 msg->im_src.s_addr) || 2435 nla_put_in_addr(skb, IPMRA_CREPORT_DST_ADDR, 2436 msg->im_dst.s_addr)) 2437 goto nla_put_failure; 2438 2439 nla = nla_reserve(skb, IPMRA_CREPORT_PKT, payloadlen); 2440 if (!nla || skb_copy_bits(pkt, sizeof(struct igmpmsg), 2441 nla_data(nla), payloadlen)) 2442 goto nla_put_failure; 2443 2444 nlmsg_end(skb, nlh); 2445 2446 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_MROUTE_R, NULL, GFP_ATOMIC); 2447 return; 2448 2449 nla_put_failure: 2450 nlmsg_cancel(skb, nlh); 2451 errout: 2452 kfree_skb(skb); 2453 rtnl_set_sk_err(net, RTNLGRP_IPV4_MROUTE_R, -ENOBUFS); 2454 } 2455 2456 static int ipmr_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh, 2457 struct netlink_ext_ack *extack) 2458 { 2459 struct net *net = sock_net(in_skb->sk); 2460 struct nlattr *tb[RTA_MAX + 1]; 2461 struct sk_buff *skb = NULL; 2462 struct mfc_cache *cache; 2463 struct mr_table *mrt; 2464 struct rtmsg *rtm; 2465 __be32 src, grp; 2466 u32 tableid; 2467 int err; 2468 2469 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, 2470 rtm_ipv4_policy, extack); 2471 if (err < 0) 2472 goto errout; 2473 2474 rtm = nlmsg_data(nlh); 2475 2476 src = tb[RTA_SRC] ? nla_get_in_addr(tb[RTA_SRC]) : 0; 2477 grp = tb[RTA_DST] ? nla_get_in_addr(tb[RTA_DST]) : 0; 2478 tableid = tb[RTA_TABLE] ? nla_get_u32(tb[RTA_TABLE]) : 0; 2479 2480 mrt = ipmr_get_table(net, tableid ? tableid : RT_TABLE_DEFAULT); 2481 if (!mrt) { 2482 err = -ENOENT; 2483 goto errout_free; 2484 } 2485 2486 /* entries are added/deleted only under RTNL */ 2487 rcu_read_lock(); 2488 cache = ipmr_cache_find(mrt, src, grp); 2489 rcu_read_unlock(); 2490 if (!cache) { 2491 err = -ENOENT; 2492 goto errout_free; 2493 } 2494 2495 skb = nlmsg_new(mroute_msgsize(false, mrt->maxvif), GFP_KERNEL); 2496 if (!skb) { 2497 err = -ENOBUFS; 2498 goto errout_free; 2499 } 2500 2501 err = ipmr_fill_mroute(mrt, skb, NETLINK_CB(in_skb).portid, 2502 nlh->nlmsg_seq, cache, 2503 RTM_NEWROUTE, 0); 2504 if (err < 0) 2505 goto errout_free; 2506 2507 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid); 2508 2509 errout: 2510 return err; 2511 2512 errout_free: 2513 kfree_skb(skb); 2514 goto errout; 2515 } 2516 2517 static int ipmr_rtm_dumproute(struct sk_buff *skb, struct netlink_callback *cb) 2518 { 2519 return mr_rtm_dumproute(skb, cb, ipmr_mr_table_iter, 2520 _ipmr_fill_mroute, &mfc_unres_lock); 2521 } 2522 2523 static const struct nla_policy rtm_ipmr_policy[RTA_MAX + 1] = { 2524 [RTA_SRC] = { .type = NLA_U32 }, 2525 [RTA_DST] = { .type = NLA_U32 }, 2526 [RTA_IIF] = { .type = NLA_U32 }, 2527 [RTA_TABLE] = { .type = NLA_U32 }, 2528 [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) }, 2529 }; 2530 2531 static bool ipmr_rtm_validate_proto(unsigned char rtm_protocol) 2532 { 2533 switch (rtm_protocol) { 2534 case RTPROT_STATIC: 2535 case RTPROT_MROUTED: 2536 return true; 2537 } 2538 return false; 2539 } 2540 2541 static int ipmr_nla_get_ttls(const struct nlattr *nla, struct mfcctl *mfcc) 2542 { 2543 struct rtnexthop *rtnh = nla_data(nla); 2544 int remaining = nla_len(nla), vifi = 0; 2545 2546 while (rtnh_ok(rtnh, remaining)) { 2547 mfcc->mfcc_ttls[vifi] = rtnh->rtnh_hops; 2548 if (++vifi == MAXVIFS) 2549 break; 2550 rtnh = rtnh_next(rtnh, &remaining); 2551 } 2552 2553 return remaining > 0 ? -EINVAL : vifi; 2554 } 2555 2556 /* returns < 0 on error, 0 for ADD_MFC and 1 for ADD_MFC_PROXY */ 2557 static int rtm_to_ipmr_mfcc(struct net *net, struct nlmsghdr *nlh, 2558 struct mfcctl *mfcc, int *mrtsock, 2559 struct mr_table **mrtret, 2560 struct netlink_ext_ack *extack) 2561 { 2562 struct net_device *dev = NULL; 2563 u32 tblid = RT_TABLE_DEFAULT; 2564 struct mr_table *mrt; 2565 struct nlattr *attr; 2566 struct rtmsg *rtm; 2567 int ret, rem; 2568 2569 ret = nlmsg_validate(nlh, sizeof(*rtm), RTA_MAX, rtm_ipmr_policy, 2570 extack); 2571 if (ret < 0) 2572 goto out; 2573 rtm = nlmsg_data(nlh); 2574 2575 ret = -EINVAL; 2576 if (rtm->rtm_family != RTNL_FAMILY_IPMR || rtm->rtm_dst_len != 32 || 2577 rtm->rtm_type != RTN_MULTICAST || 2578 rtm->rtm_scope != RT_SCOPE_UNIVERSE || 2579 !ipmr_rtm_validate_proto(rtm->rtm_protocol)) 2580 goto out; 2581 2582 memset(mfcc, 0, sizeof(*mfcc)); 2583 mfcc->mfcc_parent = -1; 2584 ret = 0; 2585 nlmsg_for_each_attr(attr, nlh, sizeof(struct rtmsg), rem) { 2586 switch (nla_type(attr)) { 2587 case RTA_SRC: 2588 mfcc->mfcc_origin.s_addr = nla_get_be32(attr); 2589 break; 2590 case RTA_DST: 2591 mfcc->mfcc_mcastgrp.s_addr = nla_get_be32(attr); 2592 break; 2593 case RTA_IIF: 2594 dev = __dev_get_by_index(net, nla_get_u32(attr)); 2595 if (!dev) { 2596 ret = -ENODEV; 2597 goto out; 2598 } 2599 break; 2600 case RTA_MULTIPATH: 2601 if (ipmr_nla_get_ttls(attr, mfcc) < 0) { 2602 ret = -EINVAL; 2603 goto out; 2604 } 2605 break; 2606 case RTA_PREFSRC: 2607 ret = 1; 2608 break; 2609 case RTA_TABLE: 2610 tblid = nla_get_u32(attr); 2611 break; 2612 } 2613 } 2614 mrt = ipmr_get_table(net, tblid); 2615 if (!mrt) { 2616 ret = -ENOENT; 2617 goto out; 2618 } 2619 *mrtret = mrt; 2620 *mrtsock = rtm->rtm_protocol == RTPROT_MROUTED ? 1 : 0; 2621 if (dev) 2622 mfcc->mfcc_parent = ipmr_find_vif(mrt, dev); 2623 2624 out: 2625 return ret; 2626 } 2627 2628 /* takes care of both newroute and delroute */ 2629 static int ipmr_rtm_route(struct sk_buff *skb, struct nlmsghdr *nlh, 2630 struct netlink_ext_ack *extack) 2631 { 2632 struct net *net = sock_net(skb->sk); 2633 int ret, mrtsock, parent; 2634 struct mr_table *tbl; 2635 struct mfcctl mfcc; 2636 2637 mrtsock = 0; 2638 tbl = NULL; 2639 ret = rtm_to_ipmr_mfcc(net, nlh, &mfcc, &mrtsock, &tbl, extack); 2640 if (ret < 0) 2641 return ret; 2642 2643 parent = ret ? mfcc.mfcc_parent : -1; 2644 if (nlh->nlmsg_type == RTM_NEWROUTE) 2645 return ipmr_mfc_add(net, tbl, &mfcc, mrtsock, parent); 2646 else 2647 return ipmr_mfc_delete(tbl, &mfcc, parent); 2648 } 2649 2650 static bool ipmr_fill_table(struct mr_table *mrt, struct sk_buff *skb) 2651 { 2652 u32 queue_len = atomic_read(&mrt->cache_resolve_queue_len); 2653 2654 if (nla_put_u32(skb, IPMRA_TABLE_ID, mrt->id) || 2655 nla_put_u32(skb, IPMRA_TABLE_CACHE_RES_QUEUE_LEN, queue_len) || 2656 nla_put_s32(skb, IPMRA_TABLE_MROUTE_REG_VIF_NUM, 2657 mrt->mroute_reg_vif_num) || 2658 nla_put_u8(skb, IPMRA_TABLE_MROUTE_DO_ASSERT, 2659 mrt->mroute_do_assert) || 2660 nla_put_u8(skb, IPMRA_TABLE_MROUTE_DO_PIM, mrt->mroute_do_pim)) 2661 return false; 2662 2663 return true; 2664 } 2665 2666 static bool ipmr_fill_vif(struct mr_table *mrt, u32 vifid, struct sk_buff *skb) 2667 { 2668 struct nlattr *vif_nest; 2669 struct vif_device *vif; 2670 2671 /* if the VIF doesn't exist just continue */ 2672 if (!VIF_EXISTS(mrt, vifid)) 2673 return true; 2674 2675 vif = &mrt->vif_table[vifid]; 2676 vif_nest = nla_nest_start(skb, IPMRA_VIF); 2677 if (!vif_nest) 2678 return false; 2679 if (nla_put_u32(skb, IPMRA_VIFA_IFINDEX, vif->dev->ifindex) || 2680 nla_put_u32(skb, IPMRA_VIFA_VIF_ID, vifid) || 2681 nla_put_u16(skb, IPMRA_VIFA_FLAGS, vif->flags) || 2682 nla_put_u64_64bit(skb, IPMRA_VIFA_BYTES_IN, vif->bytes_in, 2683 IPMRA_VIFA_PAD) || 2684 nla_put_u64_64bit(skb, IPMRA_VIFA_BYTES_OUT, vif->bytes_out, 2685 IPMRA_VIFA_PAD) || 2686 nla_put_u64_64bit(skb, IPMRA_VIFA_PACKETS_IN, vif->pkt_in, 2687 IPMRA_VIFA_PAD) || 2688 nla_put_u64_64bit(skb, IPMRA_VIFA_PACKETS_OUT, vif->pkt_out, 2689 IPMRA_VIFA_PAD) || 2690 nla_put_be32(skb, IPMRA_VIFA_LOCAL_ADDR, vif->local) || 2691 nla_put_be32(skb, IPMRA_VIFA_REMOTE_ADDR, vif->remote)) { 2692 nla_nest_cancel(skb, vif_nest); 2693 return false; 2694 } 2695 nla_nest_end(skb, vif_nest); 2696 2697 return true; 2698 } 2699 2700 static int ipmr_rtm_dumplink(struct sk_buff *skb, struct netlink_callback *cb) 2701 { 2702 struct net *net = sock_net(skb->sk); 2703 struct nlmsghdr *nlh = NULL; 2704 unsigned int t = 0, s_t; 2705 unsigned int e = 0, s_e; 2706 struct mr_table *mrt; 2707 2708 s_t = cb->args[0]; 2709 s_e = cb->args[1]; 2710 2711 ipmr_for_each_table(mrt, net) { 2712 struct nlattr *vifs, *af; 2713 struct ifinfomsg *hdr; 2714 u32 i; 2715 2716 if (t < s_t) 2717 goto skip_table; 2718 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, 2719 cb->nlh->nlmsg_seq, RTM_NEWLINK, 2720 sizeof(*hdr), NLM_F_MULTI); 2721 if (!nlh) 2722 break; 2723 2724 hdr = nlmsg_data(nlh); 2725 memset(hdr, 0, sizeof(*hdr)); 2726 hdr->ifi_family = RTNL_FAMILY_IPMR; 2727 2728 af = nla_nest_start(skb, IFLA_AF_SPEC); 2729 if (!af) { 2730 nlmsg_cancel(skb, nlh); 2731 goto out; 2732 } 2733 2734 if (!ipmr_fill_table(mrt, skb)) { 2735 nlmsg_cancel(skb, nlh); 2736 goto out; 2737 } 2738 2739 vifs = nla_nest_start(skb, IPMRA_TABLE_VIFS); 2740 if (!vifs) { 2741 nla_nest_end(skb, af); 2742 nlmsg_end(skb, nlh); 2743 goto out; 2744 } 2745 for (i = 0; i < mrt->maxvif; i++) { 2746 if (e < s_e) 2747 goto skip_entry; 2748 if (!ipmr_fill_vif(mrt, i, skb)) { 2749 nla_nest_end(skb, vifs); 2750 nla_nest_end(skb, af); 2751 nlmsg_end(skb, nlh); 2752 goto out; 2753 } 2754 skip_entry: 2755 e++; 2756 } 2757 s_e = 0; 2758 e = 0; 2759 nla_nest_end(skb, vifs); 2760 nla_nest_end(skb, af); 2761 nlmsg_end(skb, nlh); 2762 skip_table: 2763 t++; 2764 } 2765 2766 out: 2767 cb->args[1] = e; 2768 cb->args[0] = t; 2769 2770 return skb->len; 2771 } 2772 2773 #ifdef CONFIG_PROC_FS 2774 /* The /proc interfaces to multicast routing : 2775 * /proc/net/ip_mr_cache & /proc/net/ip_mr_vif 2776 */ 2777 2778 static void *ipmr_vif_seq_start(struct seq_file *seq, loff_t *pos) 2779 __acquires(mrt_lock) 2780 { 2781 struct mr_vif_iter *iter = seq->private; 2782 struct net *net = seq_file_net(seq); 2783 struct mr_table *mrt; 2784 2785 mrt = ipmr_get_table(net, RT_TABLE_DEFAULT); 2786 if (!mrt) 2787 return ERR_PTR(-ENOENT); 2788 2789 iter->mrt = mrt; 2790 2791 read_lock(&mrt_lock); 2792 return mr_vif_seq_start(seq, pos); 2793 } 2794 2795 static void ipmr_vif_seq_stop(struct seq_file *seq, void *v) 2796 __releases(mrt_lock) 2797 { 2798 read_unlock(&mrt_lock); 2799 } 2800 2801 static int ipmr_vif_seq_show(struct seq_file *seq, void *v) 2802 { 2803 struct mr_vif_iter *iter = seq->private; 2804 struct mr_table *mrt = iter->mrt; 2805 2806 if (v == SEQ_START_TOKEN) { 2807 seq_puts(seq, 2808 "Interface BytesIn PktsIn BytesOut PktsOut Flags Local Remote\n"); 2809 } else { 2810 const struct vif_device *vif = v; 2811 const char *name = vif->dev ? 2812 vif->dev->name : "none"; 2813 2814 seq_printf(seq, 2815 "%2td %-10s %8ld %7ld %8ld %7ld %05X %08X %08X\n", 2816 vif - mrt->vif_table, 2817 name, vif->bytes_in, vif->pkt_in, 2818 vif->bytes_out, vif->pkt_out, 2819 vif->flags, vif->local, vif->remote); 2820 } 2821 return 0; 2822 } 2823 2824 static const struct seq_operations ipmr_vif_seq_ops = { 2825 .start = ipmr_vif_seq_start, 2826 .next = mr_vif_seq_next, 2827 .stop = ipmr_vif_seq_stop, 2828 .show = ipmr_vif_seq_show, 2829 }; 2830 2831 static int ipmr_vif_open(struct inode *inode, struct file *file) 2832 { 2833 return seq_open_net(inode, file, &ipmr_vif_seq_ops, 2834 sizeof(struct mr_vif_iter)); 2835 } 2836 2837 static const struct file_operations ipmr_vif_fops = { 2838 .open = ipmr_vif_open, 2839 .read = seq_read, 2840 .llseek = seq_lseek, 2841 .release = seq_release_net, 2842 }; 2843 2844 static void *ipmr_mfc_seq_start(struct seq_file *seq, loff_t *pos) 2845 { 2846 struct net *net = seq_file_net(seq); 2847 struct mr_table *mrt; 2848 2849 mrt = ipmr_get_table(net, RT_TABLE_DEFAULT); 2850 if (!mrt) 2851 return ERR_PTR(-ENOENT); 2852 2853 return mr_mfc_seq_start(seq, pos, mrt, &mfc_unres_lock); 2854 } 2855 2856 static int ipmr_mfc_seq_show(struct seq_file *seq, void *v) 2857 { 2858 int n; 2859 2860 if (v == SEQ_START_TOKEN) { 2861 seq_puts(seq, 2862 "Group Origin Iif Pkts Bytes Wrong Oifs\n"); 2863 } else { 2864 const struct mfc_cache *mfc = v; 2865 const struct mr_mfc_iter *it = seq->private; 2866 const struct mr_table *mrt = it->mrt; 2867 2868 seq_printf(seq, "%08X %08X %-3hd", 2869 (__force u32) mfc->mfc_mcastgrp, 2870 (__force u32) mfc->mfc_origin, 2871 mfc->_c.mfc_parent); 2872 2873 if (it->cache != &mrt->mfc_unres_queue) { 2874 seq_printf(seq, " %8lu %8lu %8lu", 2875 mfc->_c.mfc_un.res.pkt, 2876 mfc->_c.mfc_un.res.bytes, 2877 mfc->_c.mfc_un.res.wrong_if); 2878 for (n = mfc->_c.mfc_un.res.minvif; 2879 n < mfc->_c.mfc_un.res.maxvif; n++) { 2880 if (VIF_EXISTS(mrt, n) && 2881 mfc->_c.mfc_un.res.ttls[n] < 255) 2882 seq_printf(seq, 2883 " %2d:%-3d", 2884 n, mfc->_c.mfc_un.res.ttls[n]); 2885 } 2886 } else { 2887 /* unresolved mfc_caches don't contain 2888 * pkt, bytes and wrong_if values 2889 */ 2890 seq_printf(seq, " %8lu %8lu %8lu", 0ul, 0ul, 0ul); 2891 } 2892 seq_putc(seq, '\n'); 2893 } 2894 return 0; 2895 } 2896 2897 static const struct seq_operations ipmr_mfc_seq_ops = { 2898 .start = ipmr_mfc_seq_start, 2899 .next = mr_mfc_seq_next, 2900 .stop = mr_mfc_seq_stop, 2901 .show = ipmr_mfc_seq_show, 2902 }; 2903 2904 static int ipmr_mfc_open(struct inode *inode, struct file *file) 2905 { 2906 return seq_open_net(inode, file, &ipmr_mfc_seq_ops, 2907 sizeof(struct mr_mfc_iter)); 2908 } 2909 2910 static const struct file_operations ipmr_mfc_fops = { 2911 .open = ipmr_mfc_open, 2912 .read = seq_read, 2913 .llseek = seq_lseek, 2914 .release = seq_release_net, 2915 }; 2916 #endif 2917 2918 #ifdef CONFIG_IP_PIMSM_V2 2919 static const struct net_protocol pim_protocol = { 2920 .handler = pim_rcv, 2921 .netns_ok = 1, 2922 }; 2923 #endif 2924 2925 static unsigned int ipmr_seq_read(struct net *net) 2926 { 2927 ASSERT_RTNL(); 2928 2929 return net->ipv4.ipmr_seq + ipmr_rules_seq_read(net); 2930 } 2931 2932 static int ipmr_dump(struct net *net, struct notifier_block *nb) 2933 { 2934 return mr_dump(net, nb, RTNL_FAMILY_IPMR, ipmr_rules_dump, 2935 ipmr_mr_table_iter, &mrt_lock); 2936 } 2937 2938 static const struct fib_notifier_ops ipmr_notifier_ops_template = { 2939 .family = RTNL_FAMILY_IPMR, 2940 .fib_seq_read = ipmr_seq_read, 2941 .fib_dump = ipmr_dump, 2942 .owner = THIS_MODULE, 2943 }; 2944 2945 static int __net_init ipmr_notifier_init(struct net *net) 2946 { 2947 struct fib_notifier_ops *ops; 2948 2949 net->ipv4.ipmr_seq = 0; 2950 2951 ops = fib_notifier_ops_register(&ipmr_notifier_ops_template, net); 2952 if (IS_ERR(ops)) 2953 return PTR_ERR(ops); 2954 net->ipv4.ipmr_notifier_ops = ops; 2955 2956 return 0; 2957 } 2958 2959 static void __net_exit ipmr_notifier_exit(struct net *net) 2960 { 2961 fib_notifier_ops_unregister(net->ipv4.ipmr_notifier_ops); 2962 net->ipv4.ipmr_notifier_ops = NULL; 2963 } 2964 2965 /* Setup for IP multicast routing */ 2966 static int __net_init ipmr_net_init(struct net *net) 2967 { 2968 int err; 2969 2970 err = ipmr_notifier_init(net); 2971 if (err) 2972 goto ipmr_notifier_fail; 2973 2974 err = ipmr_rules_init(net); 2975 if (err < 0) 2976 goto ipmr_rules_fail; 2977 2978 #ifdef CONFIG_PROC_FS 2979 err = -ENOMEM; 2980 if (!proc_create("ip_mr_vif", 0, net->proc_net, &ipmr_vif_fops)) 2981 goto proc_vif_fail; 2982 if (!proc_create("ip_mr_cache", 0, net->proc_net, &ipmr_mfc_fops)) 2983 goto proc_cache_fail; 2984 #endif 2985 return 0; 2986 2987 #ifdef CONFIG_PROC_FS 2988 proc_cache_fail: 2989 remove_proc_entry("ip_mr_vif", net->proc_net); 2990 proc_vif_fail: 2991 ipmr_rules_exit(net); 2992 #endif 2993 ipmr_rules_fail: 2994 ipmr_notifier_exit(net); 2995 ipmr_notifier_fail: 2996 return err; 2997 } 2998 2999 static void __net_exit ipmr_net_exit(struct net *net) 3000 { 3001 #ifdef CONFIG_PROC_FS 3002 remove_proc_entry("ip_mr_cache", net->proc_net); 3003 remove_proc_entry("ip_mr_vif", net->proc_net); 3004 #endif 3005 ipmr_notifier_exit(net); 3006 ipmr_rules_exit(net); 3007 } 3008 3009 static struct pernet_operations ipmr_net_ops = { 3010 .init = ipmr_net_init, 3011 .exit = ipmr_net_exit, 3012 }; 3013 3014 int __init ip_mr_init(void) 3015 { 3016 int err; 3017 3018 mrt_cachep = kmem_cache_create("ip_mrt_cache", 3019 sizeof(struct mfc_cache), 3020 0, SLAB_HWCACHE_ALIGN | SLAB_PANIC, 3021 NULL); 3022 3023 err = register_pernet_subsys(&ipmr_net_ops); 3024 if (err) 3025 goto reg_pernet_fail; 3026 3027 err = register_netdevice_notifier(&ip_mr_notifier); 3028 if (err) 3029 goto reg_notif_fail; 3030 #ifdef CONFIG_IP_PIMSM_V2 3031 if (inet_add_protocol(&pim_protocol, IPPROTO_PIM) < 0) { 3032 pr_err("%s: can't add PIM protocol\n", __func__); 3033 err = -EAGAIN; 3034 goto add_proto_fail; 3035 } 3036 #endif 3037 rtnl_register(RTNL_FAMILY_IPMR, RTM_GETROUTE, 3038 ipmr_rtm_getroute, ipmr_rtm_dumproute, 0); 3039 rtnl_register(RTNL_FAMILY_IPMR, RTM_NEWROUTE, 3040 ipmr_rtm_route, NULL, 0); 3041 rtnl_register(RTNL_FAMILY_IPMR, RTM_DELROUTE, 3042 ipmr_rtm_route, NULL, 0); 3043 3044 rtnl_register(RTNL_FAMILY_IPMR, RTM_GETLINK, 3045 NULL, ipmr_rtm_dumplink, 0); 3046 return 0; 3047 3048 #ifdef CONFIG_IP_PIMSM_V2 3049 add_proto_fail: 3050 unregister_netdevice_notifier(&ip_mr_notifier); 3051 #endif 3052 reg_notif_fail: 3053 unregister_pernet_subsys(&ipmr_net_ops); 3054 reg_pernet_fail: 3055 kmem_cache_destroy(mrt_cachep); 3056 return err; 3057 } 3058