1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Linux IPv6 multicast routing support for BSD pim6sd 4 * Based on net/ipv4/ipmr.c. 5 * 6 * (c) 2004 Mickael Hoerdt, <hoerdt@clarinet.u-strasbg.fr> 7 * LSIIT Laboratory, Strasbourg, France 8 * (c) 2004 Jean-Philippe Andriot, <jean-philippe.andriot@6WIND.com> 9 * 6WIND, Paris, France 10 * Copyright (C)2007,2008 USAGI/WIDE Project 11 * YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> 12 */ 13 14 #include <linux/uaccess.h> 15 #include <linux/types.h> 16 #include <linux/sched.h> 17 #include <linux/errno.h> 18 #include <linux/mm.h> 19 #include <linux/kernel.h> 20 #include <linux/fcntl.h> 21 #include <linux/stat.h> 22 #include <linux/socket.h> 23 #include <linux/inet.h> 24 #include <linux/netdevice.h> 25 #include <linux/inetdevice.h> 26 #include <linux/proc_fs.h> 27 #include <linux/seq_file.h> 28 #include <linux/init.h> 29 #include <linux/compat.h> 30 #include <linux/rhashtable.h> 31 #include <net/protocol.h> 32 #include <linux/skbuff.h> 33 #include <net/raw.h> 34 #include <linux/notifier.h> 35 #include <linux/if_arp.h> 36 #include <net/checksum.h> 37 #include <net/netlink.h> 38 #include <net/fib_rules.h> 39 40 #include <net/ipv6.h> 41 #include <net/ip6_route.h> 42 #include <linux/mroute6.h> 43 #include <linux/pim.h> 44 #include <net/addrconf.h> 45 #include <linux/netfilter_ipv6.h> 46 #include <linux/export.h> 47 #include <net/ip6_checksum.h> 48 #include <linux/netconf.h> 49 #include <net/ip_tunnels.h> 50 51 #include <linux/nospec.h> 52 53 struct ip6mr_rule { 54 struct fib_rule common; 55 }; 56 57 struct ip6mr_result { 58 struct mr_table *mrt; 59 }; 60 61 /* Big lock, protecting vif table, mrt cache and mroute socket state. 62 Note that the changes are semaphored via rtnl_lock. 63 */ 64 65 static DEFINE_RWLOCK(mrt_lock); 66 67 /* Multicast router control variables */ 68 69 /* Special spinlock for queue of unresolved entries */ 70 static DEFINE_SPINLOCK(mfc_unres_lock); 71 72 /* We return to original Alan's scheme. Hash table of resolved 73 entries is changed only in process context and protected 74 with weak lock mrt_lock. Queue of unresolved entries is protected 75 with strong spinlock mfc_unres_lock. 76 77 In this case data path is free of exclusive locks at all. 78 */ 79 80 static struct kmem_cache *mrt_cachep __read_mostly; 81 82 static struct mr_table *ip6mr_new_table(struct net *net, u32 id); 83 static void ip6mr_free_table(struct mr_table *mrt); 84 85 static void ip6_mr_forward(struct net *net, struct mr_table *mrt, 86 struct net_device *dev, struct sk_buff *skb, 87 struct mfc6_cache *cache); 88 static int ip6mr_cache_report(struct mr_table *mrt, struct sk_buff *pkt, 89 mifi_t mifi, int assert); 90 static void mr6_netlink_event(struct mr_table *mrt, struct mfc6_cache *mfc, 91 int cmd); 92 static void mrt6msg_netlink_event(struct mr_table *mrt, struct sk_buff *pkt); 93 static int ip6mr_rtm_dumproute(struct sk_buff *skb, 94 struct netlink_callback *cb); 95 static void mroute_clean_tables(struct mr_table *mrt, int flags); 96 static void ipmr_expire_process(struct timer_list *t); 97 98 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES 99 #define ip6mr_for_each_table(mrt, net) \ 100 list_for_each_entry_rcu(mrt, &net->ipv6.mr6_tables, list, \ 101 lockdep_rtnl_is_held() || \ 102 list_empty(&net->ipv6.mr6_tables)) 103 104 static struct mr_table *ip6mr_mr_table_iter(struct net *net, 105 struct mr_table *mrt) 106 { 107 struct mr_table *ret; 108 109 if (!mrt) 110 ret = list_entry_rcu(net->ipv6.mr6_tables.next, 111 struct mr_table, list); 112 else 113 ret = list_entry_rcu(mrt->list.next, 114 struct mr_table, list); 115 116 if (&ret->list == &net->ipv6.mr6_tables) 117 return NULL; 118 return ret; 119 } 120 121 static struct mr_table *ip6mr_get_table(struct net *net, u32 id) 122 { 123 struct mr_table *mrt; 124 125 ip6mr_for_each_table(mrt, net) { 126 if (mrt->id == id) 127 return mrt; 128 } 129 return NULL; 130 } 131 132 static int ip6mr_fib_lookup(struct net *net, struct flowi6 *flp6, 133 struct mr_table **mrt) 134 { 135 int err; 136 struct ip6mr_result res; 137 struct fib_lookup_arg arg = { 138 .result = &res, 139 .flags = FIB_LOOKUP_NOREF, 140 }; 141 142 /* update flow if oif or iif point to device enslaved to l3mdev */ 143 l3mdev_update_flow(net, flowi6_to_flowi(flp6)); 144 145 err = fib_rules_lookup(net->ipv6.mr6_rules_ops, 146 flowi6_to_flowi(flp6), 0, &arg); 147 if (err < 0) 148 return err; 149 *mrt = res.mrt; 150 return 0; 151 } 152 153 static int ip6mr_rule_action(struct fib_rule *rule, struct flowi *flp, 154 int flags, struct fib_lookup_arg *arg) 155 { 156 struct ip6mr_result *res = arg->result; 157 struct mr_table *mrt; 158 159 switch (rule->action) { 160 case FR_ACT_TO_TBL: 161 break; 162 case FR_ACT_UNREACHABLE: 163 return -ENETUNREACH; 164 case FR_ACT_PROHIBIT: 165 return -EACCES; 166 case FR_ACT_BLACKHOLE: 167 default: 168 return -EINVAL; 169 } 170 171 arg->table = fib_rule_get_table(rule, arg); 172 173 mrt = ip6mr_get_table(rule->fr_net, arg->table); 174 if (!mrt) 175 return -EAGAIN; 176 res->mrt = mrt; 177 return 0; 178 } 179 180 static int ip6mr_rule_match(struct fib_rule *rule, struct flowi *flp, int flags) 181 { 182 return 1; 183 } 184 185 static int ip6mr_rule_configure(struct fib_rule *rule, struct sk_buff *skb, 186 struct fib_rule_hdr *frh, struct nlattr **tb, 187 struct netlink_ext_ack *extack) 188 { 189 return 0; 190 } 191 192 static int ip6mr_rule_compare(struct fib_rule *rule, struct fib_rule_hdr *frh, 193 struct nlattr **tb) 194 { 195 return 1; 196 } 197 198 static int ip6mr_rule_fill(struct fib_rule *rule, struct sk_buff *skb, 199 struct fib_rule_hdr *frh) 200 { 201 frh->dst_len = 0; 202 frh->src_len = 0; 203 frh->tos = 0; 204 return 0; 205 } 206 207 static const struct fib_rules_ops __net_initconst ip6mr_rules_ops_template = { 208 .family = RTNL_FAMILY_IP6MR, 209 .rule_size = sizeof(struct ip6mr_rule), 210 .addr_size = sizeof(struct in6_addr), 211 .action = ip6mr_rule_action, 212 .match = ip6mr_rule_match, 213 .configure = ip6mr_rule_configure, 214 .compare = ip6mr_rule_compare, 215 .fill = ip6mr_rule_fill, 216 .nlgroup = RTNLGRP_IPV6_RULE, 217 .owner = THIS_MODULE, 218 }; 219 220 static int __net_init ip6mr_rules_init(struct net *net) 221 { 222 struct fib_rules_ops *ops; 223 struct mr_table *mrt; 224 int err; 225 226 ops = fib_rules_register(&ip6mr_rules_ops_template, net); 227 if (IS_ERR(ops)) 228 return PTR_ERR(ops); 229 230 INIT_LIST_HEAD(&net->ipv6.mr6_tables); 231 232 mrt = ip6mr_new_table(net, RT6_TABLE_DFLT); 233 if (IS_ERR(mrt)) { 234 err = PTR_ERR(mrt); 235 goto err1; 236 } 237 238 err = fib_default_rule_add(ops, 0x7fff, RT6_TABLE_DFLT, 0); 239 if (err < 0) 240 goto err2; 241 242 net->ipv6.mr6_rules_ops = ops; 243 return 0; 244 245 err2: 246 rtnl_lock(); 247 ip6mr_free_table(mrt); 248 rtnl_unlock(); 249 err1: 250 fib_rules_unregister(ops); 251 return err; 252 } 253 254 static void __net_exit ip6mr_rules_exit(struct net *net) 255 { 256 struct mr_table *mrt, *next; 257 258 rtnl_lock(); 259 list_for_each_entry_safe(mrt, next, &net->ipv6.mr6_tables, list) { 260 list_del(&mrt->list); 261 ip6mr_free_table(mrt); 262 } 263 fib_rules_unregister(net->ipv6.mr6_rules_ops); 264 rtnl_unlock(); 265 } 266 267 static int ip6mr_rules_dump(struct net *net, struct notifier_block *nb, 268 struct netlink_ext_ack *extack) 269 { 270 return fib_rules_dump(net, nb, RTNL_FAMILY_IP6MR, extack); 271 } 272 273 static unsigned int ip6mr_rules_seq_read(struct net *net) 274 { 275 return fib_rules_seq_read(net, RTNL_FAMILY_IP6MR); 276 } 277 278 bool ip6mr_rule_default(const struct fib_rule *rule) 279 { 280 return fib_rule_matchall(rule) && rule->action == FR_ACT_TO_TBL && 281 rule->table == RT6_TABLE_DFLT && !rule->l3mdev; 282 } 283 EXPORT_SYMBOL(ip6mr_rule_default); 284 #else 285 #define ip6mr_for_each_table(mrt, net) \ 286 for (mrt = net->ipv6.mrt6; mrt; mrt = NULL) 287 288 static struct mr_table *ip6mr_mr_table_iter(struct net *net, 289 struct mr_table *mrt) 290 { 291 if (!mrt) 292 return net->ipv6.mrt6; 293 return NULL; 294 } 295 296 static struct mr_table *ip6mr_get_table(struct net *net, u32 id) 297 { 298 return net->ipv6.mrt6; 299 } 300 301 static int ip6mr_fib_lookup(struct net *net, struct flowi6 *flp6, 302 struct mr_table **mrt) 303 { 304 *mrt = net->ipv6.mrt6; 305 return 0; 306 } 307 308 static int __net_init ip6mr_rules_init(struct net *net) 309 { 310 struct mr_table *mrt; 311 312 mrt = ip6mr_new_table(net, RT6_TABLE_DFLT); 313 if (IS_ERR(mrt)) 314 return PTR_ERR(mrt); 315 net->ipv6.mrt6 = mrt; 316 return 0; 317 } 318 319 static void __net_exit ip6mr_rules_exit(struct net *net) 320 { 321 rtnl_lock(); 322 ip6mr_free_table(net->ipv6.mrt6); 323 net->ipv6.mrt6 = NULL; 324 rtnl_unlock(); 325 } 326 327 static int ip6mr_rules_dump(struct net *net, struct notifier_block *nb, 328 struct netlink_ext_ack *extack) 329 { 330 return 0; 331 } 332 333 static unsigned int ip6mr_rules_seq_read(struct net *net) 334 { 335 return 0; 336 } 337 #endif 338 339 static int ip6mr_hash_cmp(struct rhashtable_compare_arg *arg, 340 const void *ptr) 341 { 342 const struct mfc6_cache_cmp_arg *cmparg = arg->key; 343 struct mfc6_cache *c = (struct mfc6_cache *)ptr; 344 345 return !ipv6_addr_equal(&c->mf6c_mcastgrp, &cmparg->mf6c_mcastgrp) || 346 !ipv6_addr_equal(&c->mf6c_origin, &cmparg->mf6c_origin); 347 } 348 349 static const struct rhashtable_params ip6mr_rht_params = { 350 .head_offset = offsetof(struct mr_mfc, mnode), 351 .key_offset = offsetof(struct mfc6_cache, cmparg), 352 .key_len = sizeof(struct mfc6_cache_cmp_arg), 353 .nelem_hint = 3, 354 .obj_cmpfn = ip6mr_hash_cmp, 355 .automatic_shrinking = true, 356 }; 357 358 static void ip6mr_new_table_set(struct mr_table *mrt, 359 struct net *net) 360 { 361 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES 362 list_add_tail_rcu(&mrt->list, &net->ipv6.mr6_tables); 363 #endif 364 } 365 366 static struct mfc6_cache_cmp_arg ip6mr_mr_table_ops_cmparg_any = { 367 .mf6c_origin = IN6ADDR_ANY_INIT, 368 .mf6c_mcastgrp = IN6ADDR_ANY_INIT, 369 }; 370 371 static struct mr_table_ops ip6mr_mr_table_ops = { 372 .rht_params = &ip6mr_rht_params, 373 .cmparg_any = &ip6mr_mr_table_ops_cmparg_any, 374 }; 375 376 static struct mr_table *ip6mr_new_table(struct net *net, u32 id) 377 { 378 struct mr_table *mrt; 379 380 mrt = ip6mr_get_table(net, id); 381 if (mrt) 382 return mrt; 383 384 return mr_table_alloc(net, id, &ip6mr_mr_table_ops, 385 ipmr_expire_process, ip6mr_new_table_set); 386 } 387 388 static void ip6mr_free_table(struct mr_table *mrt) 389 { 390 del_timer_sync(&mrt->ipmr_expire_timer); 391 mroute_clean_tables(mrt, MRT6_FLUSH_MIFS | MRT6_FLUSH_MIFS_STATIC | 392 MRT6_FLUSH_MFC | MRT6_FLUSH_MFC_STATIC); 393 rhltable_destroy(&mrt->mfc_hash); 394 kfree(mrt); 395 } 396 397 #ifdef CONFIG_PROC_FS 398 /* The /proc interfaces to multicast routing 399 * /proc/ip6_mr_cache /proc/ip6_mr_vif 400 */ 401 402 static void *ip6mr_vif_seq_start(struct seq_file *seq, loff_t *pos) 403 __acquires(mrt_lock) 404 { 405 struct mr_vif_iter *iter = seq->private; 406 struct net *net = seq_file_net(seq); 407 struct mr_table *mrt; 408 409 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT); 410 if (!mrt) 411 return ERR_PTR(-ENOENT); 412 413 iter->mrt = mrt; 414 415 read_lock(&mrt_lock); 416 return mr_vif_seq_start(seq, pos); 417 } 418 419 static void ip6mr_vif_seq_stop(struct seq_file *seq, void *v) 420 __releases(mrt_lock) 421 { 422 read_unlock(&mrt_lock); 423 } 424 425 static int ip6mr_vif_seq_show(struct seq_file *seq, void *v) 426 { 427 struct mr_vif_iter *iter = seq->private; 428 struct mr_table *mrt = iter->mrt; 429 430 if (v == SEQ_START_TOKEN) { 431 seq_puts(seq, 432 "Interface BytesIn PktsIn BytesOut PktsOut Flags\n"); 433 } else { 434 const struct vif_device *vif = v; 435 const char *name = vif->dev ? vif->dev->name : "none"; 436 437 seq_printf(seq, 438 "%2td %-10s %8ld %7ld %8ld %7ld %05X\n", 439 vif - mrt->vif_table, 440 name, vif->bytes_in, vif->pkt_in, 441 vif->bytes_out, vif->pkt_out, 442 vif->flags); 443 } 444 return 0; 445 } 446 447 static const struct seq_operations ip6mr_vif_seq_ops = { 448 .start = ip6mr_vif_seq_start, 449 .next = mr_vif_seq_next, 450 .stop = ip6mr_vif_seq_stop, 451 .show = ip6mr_vif_seq_show, 452 }; 453 454 static void *ipmr_mfc_seq_start(struct seq_file *seq, loff_t *pos) 455 { 456 struct net *net = seq_file_net(seq); 457 struct mr_table *mrt; 458 459 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT); 460 if (!mrt) 461 return ERR_PTR(-ENOENT); 462 463 return mr_mfc_seq_start(seq, pos, mrt, &mfc_unres_lock); 464 } 465 466 static int ipmr_mfc_seq_show(struct seq_file *seq, void *v) 467 { 468 int n; 469 470 if (v == SEQ_START_TOKEN) { 471 seq_puts(seq, 472 "Group " 473 "Origin " 474 "Iif Pkts Bytes Wrong Oifs\n"); 475 } else { 476 const struct mfc6_cache *mfc = v; 477 const struct mr_mfc_iter *it = seq->private; 478 struct mr_table *mrt = it->mrt; 479 480 seq_printf(seq, "%pI6 %pI6 %-3hd", 481 &mfc->mf6c_mcastgrp, &mfc->mf6c_origin, 482 mfc->_c.mfc_parent); 483 484 if (it->cache != &mrt->mfc_unres_queue) { 485 seq_printf(seq, " %8lu %8lu %8lu", 486 mfc->_c.mfc_un.res.pkt, 487 mfc->_c.mfc_un.res.bytes, 488 mfc->_c.mfc_un.res.wrong_if); 489 for (n = mfc->_c.mfc_un.res.minvif; 490 n < mfc->_c.mfc_un.res.maxvif; n++) { 491 if (VIF_EXISTS(mrt, n) && 492 mfc->_c.mfc_un.res.ttls[n] < 255) 493 seq_printf(seq, 494 " %2d:%-3d", n, 495 mfc->_c.mfc_un.res.ttls[n]); 496 } 497 } else { 498 /* unresolved mfc_caches don't contain 499 * pkt, bytes and wrong_if values 500 */ 501 seq_printf(seq, " %8lu %8lu %8lu", 0ul, 0ul, 0ul); 502 } 503 seq_putc(seq, '\n'); 504 } 505 return 0; 506 } 507 508 static const struct seq_operations ipmr_mfc_seq_ops = { 509 .start = ipmr_mfc_seq_start, 510 .next = mr_mfc_seq_next, 511 .stop = mr_mfc_seq_stop, 512 .show = ipmr_mfc_seq_show, 513 }; 514 #endif 515 516 #ifdef CONFIG_IPV6_PIMSM_V2 517 518 static int pim6_rcv(struct sk_buff *skb) 519 { 520 struct pimreghdr *pim; 521 struct ipv6hdr *encap; 522 struct net_device *reg_dev = NULL; 523 struct net *net = dev_net(skb->dev); 524 struct mr_table *mrt; 525 struct flowi6 fl6 = { 526 .flowi6_iif = skb->dev->ifindex, 527 .flowi6_mark = skb->mark, 528 }; 529 int reg_vif_num; 530 531 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(*encap))) 532 goto drop; 533 534 pim = (struct pimreghdr *)skb_transport_header(skb); 535 if (pim->type != ((PIM_VERSION << 4) | PIM_TYPE_REGISTER) || 536 (pim->flags & PIM_NULL_REGISTER) || 537 (csum_ipv6_magic(&ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr, 538 sizeof(*pim), IPPROTO_PIM, 539 csum_partial((void *)pim, sizeof(*pim), 0)) && 540 csum_fold(skb_checksum(skb, 0, skb->len, 0)))) 541 goto drop; 542 543 /* check if the inner packet is destined to mcast group */ 544 encap = (struct ipv6hdr *)(skb_transport_header(skb) + 545 sizeof(*pim)); 546 547 if (!ipv6_addr_is_multicast(&encap->daddr) || 548 encap->payload_len == 0 || 549 ntohs(encap->payload_len) + sizeof(*pim) > skb->len) 550 goto drop; 551 552 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0) 553 goto drop; 554 reg_vif_num = mrt->mroute_reg_vif_num; 555 556 read_lock(&mrt_lock); 557 if (reg_vif_num >= 0) 558 reg_dev = mrt->vif_table[reg_vif_num].dev; 559 dev_hold(reg_dev); 560 read_unlock(&mrt_lock); 561 562 if (!reg_dev) 563 goto drop; 564 565 skb->mac_header = skb->network_header; 566 skb_pull(skb, (u8 *)encap - skb->data); 567 skb_reset_network_header(skb); 568 skb->protocol = htons(ETH_P_IPV6); 569 skb->ip_summed = CHECKSUM_NONE; 570 571 skb_tunnel_rx(skb, reg_dev, dev_net(reg_dev)); 572 573 netif_rx(skb); 574 575 dev_put(reg_dev); 576 return 0; 577 drop: 578 kfree_skb(skb); 579 return 0; 580 } 581 582 static const struct inet6_protocol pim6_protocol = { 583 .handler = pim6_rcv, 584 }; 585 586 /* Service routines creating virtual interfaces: PIMREG */ 587 588 static netdev_tx_t reg_vif_xmit(struct sk_buff *skb, 589 struct net_device *dev) 590 { 591 struct net *net = dev_net(dev); 592 struct mr_table *mrt; 593 struct flowi6 fl6 = { 594 .flowi6_oif = dev->ifindex, 595 .flowi6_iif = skb->skb_iif ? : LOOPBACK_IFINDEX, 596 .flowi6_mark = skb->mark, 597 }; 598 599 if (!pskb_inet_may_pull(skb)) 600 goto tx_err; 601 602 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0) 603 goto tx_err; 604 605 read_lock(&mrt_lock); 606 dev->stats.tx_bytes += skb->len; 607 dev->stats.tx_packets++; 608 ip6mr_cache_report(mrt, skb, mrt->mroute_reg_vif_num, MRT6MSG_WHOLEPKT); 609 read_unlock(&mrt_lock); 610 kfree_skb(skb); 611 return NETDEV_TX_OK; 612 613 tx_err: 614 dev->stats.tx_errors++; 615 kfree_skb(skb); 616 return NETDEV_TX_OK; 617 } 618 619 static int reg_vif_get_iflink(const struct net_device *dev) 620 { 621 return 0; 622 } 623 624 static const struct net_device_ops reg_vif_netdev_ops = { 625 .ndo_start_xmit = reg_vif_xmit, 626 .ndo_get_iflink = reg_vif_get_iflink, 627 }; 628 629 static void reg_vif_setup(struct net_device *dev) 630 { 631 dev->type = ARPHRD_PIMREG; 632 dev->mtu = 1500 - sizeof(struct ipv6hdr) - 8; 633 dev->flags = IFF_NOARP; 634 dev->netdev_ops = ®_vif_netdev_ops; 635 dev->needs_free_netdev = true; 636 dev->features |= NETIF_F_NETNS_LOCAL; 637 } 638 639 static struct net_device *ip6mr_reg_vif(struct net *net, struct mr_table *mrt) 640 { 641 struct net_device *dev; 642 char name[IFNAMSIZ]; 643 644 if (mrt->id == RT6_TABLE_DFLT) 645 sprintf(name, "pim6reg"); 646 else 647 sprintf(name, "pim6reg%u", mrt->id); 648 649 dev = alloc_netdev(0, name, NET_NAME_UNKNOWN, reg_vif_setup); 650 if (!dev) 651 return NULL; 652 653 dev_net_set(dev, net); 654 655 if (register_netdevice(dev)) { 656 free_netdev(dev); 657 return NULL; 658 } 659 660 if (dev_open(dev, NULL)) 661 goto failure; 662 663 dev_hold(dev); 664 return dev; 665 666 failure: 667 unregister_netdevice(dev); 668 return NULL; 669 } 670 #endif 671 672 static int call_ip6mr_vif_entry_notifiers(struct net *net, 673 enum fib_event_type event_type, 674 struct vif_device *vif, 675 mifi_t vif_index, u32 tb_id) 676 { 677 return mr_call_vif_notifiers(net, RTNL_FAMILY_IP6MR, event_type, 678 vif, vif_index, tb_id, 679 &net->ipv6.ipmr_seq); 680 } 681 682 static int call_ip6mr_mfc_entry_notifiers(struct net *net, 683 enum fib_event_type event_type, 684 struct mfc6_cache *mfc, u32 tb_id) 685 { 686 return mr_call_mfc_notifiers(net, RTNL_FAMILY_IP6MR, event_type, 687 &mfc->_c, tb_id, &net->ipv6.ipmr_seq); 688 } 689 690 /* Delete a VIF entry */ 691 static int mif6_delete(struct mr_table *mrt, int vifi, int notify, 692 struct list_head *head) 693 { 694 struct vif_device *v; 695 struct net_device *dev; 696 struct inet6_dev *in6_dev; 697 698 if (vifi < 0 || vifi >= mrt->maxvif) 699 return -EADDRNOTAVAIL; 700 701 v = &mrt->vif_table[vifi]; 702 703 if (VIF_EXISTS(mrt, vifi)) 704 call_ip6mr_vif_entry_notifiers(read_pnet(&mrt->net), 705 FIB_EVENT_VIF_DEL, v, vifi, 706 mrt->id); 707 708 write_lock_bh(&mrt_lock); 709 dev = v->dev; 710 v->dev = NULL; 711 712 if (!dev) { 713 write_unlock_bh(&mrt_lock); 714 return -EADDRNOTAVAIL; 715 } 716 717 #ifdef CONFIG_IPV6_PIMSM_V2 718 if (vifi == mrt->mroute_reg_vif_num) 719 mrt->mroute_reg_vif_num = -1; 720 #endif 721 722 if (vifi + 1 == mrt->maxvif) { 723 int tmp; 724 for (tmp = vifi - 1; tmp >= 0; tmp--) { 725 if (VIF_EXISTS(mrt, tmp)) 726 break; 727 } 728 mrt->maxvif = tmp + 1; 729 } 730 731 write_unlock_bh(&mrt_lock); 732 733 dev_set_allmulti(dev, -1); 734 735 in6_dev = __in6_dev_get(dev); 736 if (in6_dev) { 737 in6_dev->cnf.mc_forwarding--; 738 inet6_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF, 739 NETCONFA_MC_FORWARDING, 740 dev->ifindex, &in6_dev->cnf); 741 } 742 743 if ((v->flags & MIFF_REGISTER) && !notify) 744 unregister_netdevice_queue(dev, head); 745 746 dev_put_track(dev, &v->dev_tracker); 747 return 0; 748 } 749 750 static inline void ip6mr_cache_free_rcu(struct rcu_head *head) 751 { 752 struct mr_mfc *c = container_of(head, struct mr_mfc, rcu); 753 754 kmem_cache_free(mrt_cachep, (struct mfc6_cache *)c); 755 } 756 757 static inline void ip6mr_cache_free(struct mfc6_cache *c) 758 { 759 call_rcu(&c->_c.rcu, ip6mr_cache_free_rcu); 760 } 761 762 /* Destroy an unresolved cache entry, killing queued skbs 763 and reporting error to netlink readers. 764 */ 765 766 static void ip6mr_destroy_unres(struct mr_table *mrt, struct mfc6_cache *c) 767 { 768 struct net *net = read_pnet(&mrt->net); 769 struct sk_buff *skb; 770 771 atomic_dec(&mrt->cache_resolve_queue_len); 772 773 while ((skb = skb_dequeue(&c->_c.mfc_un.unres.unresolved)) != NULL) { 774 if (ipv6_hdr(skb)->version == 0) { 775 struct nlmsghdr *nlh = skb_pull(skb, 776 sizeof(struct ipv6hdr)); 777 nlh->nlmsg_type = NLMSG_ERROR; 778 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr)); 779 skb_trim(skb, nlh->nlmsg_len); 780 ((struct nlmsgerr *)nlmsg_data(nlh))->error = -ETIMEDOUT; 781 rtnl_unicast(skb, net, NETLINK_CB(skb).portid); 782 } else 783 kfree_skb(skb); 784 } 785 786 ip6mr_cache_free(c); 787 } 788 789 790 /* Timer process for all the unresolved queue. */ 791 792 static void ipmr_do_expire_process(struct mr_table *mrt) 793 { 794 unsigned long now = jiffies; 795 unsigned long expires = 10 * HZ; 796 struct mr_mfc *c, *next; 797 798 list_for_each_entry_safe(c, next, &mrt->mfc_unres_queue, list) { 799 if (time_after(c->mfc_un.unres.expires, now)) { 800 /* not yet... */ 801 unsigned long interval = c->mfc_un.unres.expires - now; 802 if (interval < expires) 803 expires = interval; 804 continue; 805 } 806 807 list_del(&c->list); 808 mr6_netlink_event(mrt, (struct mfc6_cache *)c, RTM_DELROUTE); 809 ip6mr_destroy_unres(mrt, (struct mfc6_cache *)c); 810 } 811 812 if (!list_empty(&mrt->mfc_unres_queue)) 813 mod_timer(&mrt->ipmr_expire_timer, jiffies + expires); 814 } 815 816 static void ipmr_expire_process(struct timer_list *t) 817 { 818 struct mr_table *mrt = from_timer(mrt, t, ipmr_expire_timer); 819 820 if (!spin_trylock(&mfc_unres_lock)) { 821 mod_timer(&mrt->ipmr_expire_timer, jiffies + 1); 822 return; 823 } 824 825 if (!list_empty(&mrt->mfc_unres_queue)) 826 ipmr_do_expire_process(mrt); 827 828 spin_unlock(&mfc_unres_lock); 829 } 830 831 /* Fill oifs list. It is called under write locked mrt_lock. */ 832 833 static void ip6mr_update_thresholds(struct mr_table *mrt, 834 struct mr_mfc *cache, 835 unsigned char *ttls) 836 { 837 int vifi; 838 839 cache->mfc_un.res.minvif = MAXMIFS; 840 cache->mfc_un.res.maxvif = 0; 841 memset(cache->mfc_un.res.ttls, 255, MAXMIFS); 842 843 for (vifi = 0; vifi < mrt->maxvif; vifi++) { 844 if (VIF_EXISTS(mrt, vifi) && 845 ttls[vifi] && ttls[vifi] < 255) { 846 cache->mfc_un.res.ttls[vifi] = ttls[vifi]; 847 if (cache->mfc_un.res.minvif > vifi) 848 cache->mfc_un.res.minvif = vifi; 849 if (cache->mfc_un.res.maxvif <= vifi) 850 cache->mfc_un.res.maxvif = vifi + 1; 851 } 852 } 853 cache->mfc_un.res.lastuse = jiffies; 854 } 855 856 static int mif6_add(struct net *net, struct mr_table *mrt, 857 struct mif6ctl *vifc, int mrtsock) 858 { 859 int vifi = vifc->mif6c_mifi; 860 struct vif_device *v = &mrt->vif_table[vifi]; 861 struct net_device *dev; 862 struct inet6_dev *in6_dev; 863 int err; 864 865 /* Is vif busy ? */ 866 if (VIF_EXISTS(mrt, vifi)) 867 return -EADDRINUSE; 868 869 switch (vifc->mif6c_flags) { 870 #ifdef CONFIG_IPV6_PIMSM_V2 871 case MIFF_REGISTER: 872 /* 873 * Special Purpose VIF in PIM 874 * All the packets will be sent to the daemon 875 */ 876 if (mrt->mroute_reg_vif_num >= 0) 877 return -EADDRINUSE; 878 dev = ip6mr_reg_vif(net, mrt); 879 if (!dev) 880 return -ENOBUFS; 881 err = dev_set_allmulti(dev, 1); 882 if (err) { 883 unregister_netdevice(dev); 884 dev_put(dev); 885 return err; 886 } 887 break; 888 #endif 889 case 0: 890 dev = dev_get_by_index(net, vifc->mif6c_pifi); 891 if (!dev) 892 return -EADDRNOTAVAIL; 893 err = dev_set_allmulti(dev, 1); 894 if (err) { 895 dev_put(dev); 896 return err; 897 } 898 break; 899 default: 900 return -EINVAL; 901 } 902 903 in6_dev = __in6_dev_get(dev); 904 if (in6_dev) { 905 in6_dev->cnf.mc_forwarding++; 906 inet6_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF, 907 NETCONFA_MC_FORWARDING, 908 dev->ifindex, &in6_dev->cnf); 909 } 910 911 /* Fill in the VIF structures */ 912 vif_device_init(v, dev, vifc->vifc_rate_limit, vifc->vifc_threshold, 913 vifc->mif6c_flags | (!mrtsock ? VIFF_STATIC : 0), 914 MIFF_REGISTER); 915 916 /* And finish update writing critical data */ 917 write_lock_bh(&mrt_lock); 918 v->dev = dev; 919 netdev_tracker_alloc(dev, &v->dev_tracker, GFP_ATOMIC); 920 #ifdef CONFIG_IPV6_PIMSM_V2 921 if (v->flags & MIFF_REGISTER) 922 mrt->mroute_reg_vif_num = vifi; 923 #endif 924 if (vifi + 1 > mrt->maxvif) 925 mrt->maxvif = vifi + 1; 926 write_unlock_bh(&mrt_lock); 927 call_ip6mr_vif_entry_notifiers(net, FIB_EVENT_VIF_ADD, 928 v, vifi, mrt->id); 929 return 0; 930 } 931 932 static struct mfc6_cache *ip6mr_cache_find(struct mr_table *mrt, 933 const struct in6_addr *origin, 934 const struct in6_addr *mcastgrp) 935 { 936 struct mfc6_cache_cmp_arg arg = { 937 .mf6c_origin = *origin, 938 .mf6c_mcastgrp = *mcastgrp, 939 }; 940 941 return mr_mfc_find(mrt, &arg); 942 } 943 944 /* Look for a (*,G) entry */ 945 static struct mfc6_cache *ip6mr_cache_find_any(struct mr_table *mrt, 946 struct in6_addr *mcastgrp, 947 mifi_t mifi) 948 { 949 struct mfc6_cache_cmp_arg arg = { 950 .mf6c_origin = in6addr_any, 951 .mf6c_mcastgrp = *mcastgrp, 952 }; 953 954 if (ipv6_addr_any(mcastgrp)) 955 return mr_mfc_find_any_parent(mrt, mifi); 956 return mr_mfc_find_any(mrt, mifi, &arg); 957 } 958 959 /* Look for a (S,G,iif) entry if parent != -1 */ 960 static struct mfc6_cache * 961 ip6mr_cache_find_parent(struct mr_table *mrt, 962 const struct in6_addr *origin, 963 const struct in6_addr *mcastgrp, 964 int parent) 965 { 966 struct mfc6_cache_cmp_arg arg = { 967 .mf6c_origin = *origin, 968 .mf6c_mcastgrp = *mcastgrp, 969 }; 970 971 return mr_mfc_find_parent(mrt, &arg, parent); 972 } 973 974 /* Allocate a multicast cache entry */ 975 static struct mfc6_cache *ip6mr_cache_alloc(void) 976 { 977 struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_KERNEL); 978 if (!c) 979 return NULL; 980 c->_c.mfc_un.res.last_assert = jiffies - MFC_ASSERT_THRESH - 1; 981 c->_c.mfc_un.res.minvif = MAXMIFS; 982 c->_c.free = ip6mr_cache_free_rcu; 983 refcount_set(&c->_c.mfc_un.res.refcount, 1); 984 return c; 985 } 986 987 static struct mfc6_cache *ip6mr_cache_alloc_unres(void) 988 { 989 struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_ATOMIC); 990 if (!c) 991 return NULL; 992 skb_queue_head_init(&c->_c.mfc_un.unres.unresolved); 993 c->_c.mfc_un.unres.expires = jiffies + 10 * HZ; 994 return c; 995 } 996 997 /* 998 * A cache entry has gone into a resolved state from queued 999 */ 1000 1001 static void ip6mr_cache_resolve(struct net *net, struct mr_table *mrt, 1002 struct mfc6_cache *uc, struct mfc6_cache *c) 1003 { 1004 struct sk_buff *skb; 1005 1006 /* 1007 * Play the pending entries through our router 1008 */ 1009 1010 while ((skb = __skb_dequeue(&uc->_c.mfc_un.unres.unresolved))) { 1011 if (ipv6_hdr(skb)->version == 0) { 1012 struct nlmsghdr *nlh = skb_pull(skb, 1013 sizeof(struct ipv6hdr)); 1014 1015 if (mr_fill_mroute(mrt, skb, &c->_c, 1016 nlmsg_data(nlh)) > 0) { 1017 nlh->nlmsg_len = skb_tail_pointer(skb) - (u8 *)nlh; 1018 } else { 1019 nlh->nlmsg_type = NLMSG_ERROR; 1020 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr)); 1021 skb_trim(skb, nlh->nlmsg_len); 1022 ((struct nlmsgerr *)nlmsg_data(nlh))->error = -EMSGSIZE; 1023 } 1024 rtnl_unicast(skb, net, NETLINK_CB(skb).portid); 1025 } else 1026 ip6_mr_forward(net, mrt, skb->dev, skb, c); 1027 } 1028 } 1029 1030 /* 1031 * Bounce a cache query up to pim6sd and netlink. 1032 * 1033 * Called under mrt_lock. 1034 */ 1035 1036 static int ip6mr_cache_report(struct mr_table *mrt, struct sk_buff *pkt, 1037 mifi_t mifi, int assert) 1038 { 1039 struct sock *mroute6_sk; 1040 struct sk_buff *skb; 1041 struct mrt6msg *msg; 1042 int ret; 1043 1044 #ifdef CONFIG_IPV6_PIMSM_V2 1045 if (assert == MRT6MSG_WHOLEPKT) 1046 skb = skb_realloc_headroom(pkt, -skb_network_offset(pkt) 1047 +sizeof(*msg)); 1048 else 1049 #endif 1050 skb = alloc_skb(sizeof(struct ipv6hdr) + sizeof(*msg), GFP_ATOMIC); 1051 1052 if (!skb) 1053 return -ENOBUFS; 1054 1055 /* I suppose that internal messages 1056 * do not require checksums */ 1057 1058 skb->ip_summed = CHECKSUM_UNNECESSARY; 1059 1060 #ifdef CONFIG_IPV6_PIMSM_V2 1061 if (assert == MRT6MSG_WHOLEPKT) { 1062 /* Ugly, but we have no choice with this interface. 1063 Duplicate old header, fix length etc. 1064 And all this only to mangle msg->im6_msgtype and 1065 to set msg->im6_mbz to "mbz" :-) 1066 */ 1067 skb_push(skb, -skb_network_offset(pkt)); 1068 1069 skb_push(skb, sizeof(*msg)); 1070 skb_reset_transport_header(skb); 1071 msg = (struct mrt6msg *)skb_transport_header(skb); 1072 msg->im6_mbz = 0; 1073 msg->im6_msgtype = MRT6MSG_WHOLEPKT; 1074 msg->im6_mif = mrt->mroute_reg_vif_num; 1075 msg->im6_pad = 0; 1076 msg->im6_src = ipv6_hdr(pkt)->saddr; 1077 msg->im6_dst = ipv6_hdr(pkt)->daddr; 1078 1079 skb->ip_summed = CHECKSUM_UNNECESSARY; 1080 } else 1081 #endif 1082 { 1083 /* 1084 * Copy the IP header 1085 */ 1086 1087 skb_put(skb, sizeof(struct ipv6hdr)); 1088 skb_reset_network_header(skb); 1089 skb_copy_to_linear_data(skb, ipv6_hdr(pkt), sizeof(struct ipv6hdr)); 1090 1091 /* 1092 * Add our header 1093 */ 1094 skb_put(skb, sizeof(*msg)); 1095 skb_reset_transport_header(skb); 1096 msg = (struct mrt6msg *)skb_transport_header(skb); 1097 1098 msg->im6_mbz = 0; 1099 msg->im6_msgtype = assert; 1100 msg->im6_mif = mifi; 1101 msg->im6_pad = 0; 1102 msg->im6_src = ipv6_hdr(pkt)->saddr; 1103 msg->im6_dst = ipv6_hdr(pkt)->daddr; 1104 1105 skb_dst_set(skb, dst_clone(skb_dst(pkt))); 1106 skb->ip_summed = CHECKSUM_UNNECESSARY; 1107 } 1108 1109 rcu_read_lock(); 1110 mroute6_sk = rcu_dereference(mrt->mroute_sk); 1111 if (!mroute6_sk) { 1112 rcu_read_unlock(); 1113 kfree_skb(skb); 1114 return -EINVAL; 1115 } 1116 1117 mrt6msg_netlink_event(mrt, skb); 1118 1119 /* Deliver to user space multicast routing algorithms */ 1120 ret = sock_queue_rcv_skb(mroute6_sk, skb); 1121 rcu_read_unlock(); 1122 if (ret < 0) { 1123 net_warn_ratelimited("mroute6: pending queue full, dropping entries\n"); 1124 kfree_skb(skb); 1125 } 1126 1127 return ret; 1128 } 1129 1130 /* Queue a packet for resolution. It gets locked cache entry! */ 1131 static int ip6mr_cache_unresolved(struct mr_table *mrt, mifi_t mifi, 1132 struct sk_buff *skb, struct net_device *dev) 1133 { 1134 struct mfc6_cache *c; 1135 bool found = false; 1136 int err; 1137 1138 spin_lock_bh(&mfc_unres_lock); 1139 list_for_each_entry(c, &mrt->mfc_unres_queue, _c.list) { 1140 if (ipv6_addr_equal(&c->mf6c_mcastgrp, &ipv6_hdr(skb)->daddr) && 1141 ipv6_addr_equal(&c->mf6c_origin, &ipv6_hdr(skb)->saddr)) { 1142 found = true; 1143 break; 1144 } 1145 } 1146 1147 if (!found) { 1148 /* 1149 * Create a new entry if allowable 1150 */ 1151 1152 c = ip6mr_cache_alloc_unres(); 1153 if (!c) { 1154 spin_unlock_bh(&mfc_unres_lock); 1155 1156 kfree_skb(skb); 1157 return -ENOBUFS; 1158 } 1159 1160 /* Fill in the new cache entry */ 1161 c->_c.mfc_parent = -1; 1162 c->mf6c_origin = ipv6_hdr(skb)->saddr; 1163 c->mf6c_mcastgrp = ipv6_hdr(skb)->daddr; 1164 1165 /* 1166 * Reflect first query at pim6sd 1167 */ 1168 err = ip6mr_cache_report(mrt, skb, mifi, MRT6MSG_NOCACHE); 1169 if (err < 0) { 1170 /* If the report failed throw the cache entry 1171 out - Brad Parker 1172 */ 1173 spin_unlock_bh(&mfc_unres_lock); 1174 1175 ip6mr_cache_free(c); 1176 kfree_skb(skb); 1177 return err; 1178 } 1179 1180 atomic_inc(&mrt->cache_resolve_queue_len); 1181 list_add(&c->_c.list, &mrt->mfc_unres_queue); 1182 mr6_netlink_event(mrt, c, RTM_NEWROUTE); 1183 1184 ipmr_do_expire_process(mrt); 1185 } 1186 1187 /* See if we can append the packet */ 1188 if (c->_c.mfc_un.unres.unresolved.qlen > 3) { 1189 kfree_skb(skb); 1190 err = -ENOBUFS; 1191 } else { 1192 if (dev) { 1193 skb->dev = dev; 1194 skb->skb_iif = dev->ifindex; 1195 } 1196 skb_queue_tail(&c->_c.mfc_un.unres.unresolved, skb); 1197 err = 0; 1198 } 1199 1200 spin_unlock_bh(&mfc_unres_lock); 1201 return err; 1202 } 1203 1204 /* 1205 * MFC6 cache manipulation by user space 1206 */ 1207 1208 static int ip6mr_mfc_delete(struct mr_table *mrt, struct mf6cctl *mfc, 1209 int parent) 1210 { 1211 struct mfc6_cache *c; 1212 1213 /* The entries are added/deleted only under RTNL */ 1214 rcu_read_lock(); 1215 c = ip6mr_cache_find_parent(mrt, &mfc->mf6cc_origin.sin6_addr, 1216 &mfc->mf6cc_mcastgrp.sin6_addr, parent); 1217 rcu_read_unlock(); 1218 if (!c) 1219 return -ENOENT; 1220 rhltable_remove(&mrt->mfc_hash, &c->_c.mnode, ip6mr_rht_params); 1221 list_del_rcu(&c->_c.list); 1222 1223 call_ip6mr_mfc_entry_notifiers(read_pnet(&mrt->net), 1224 FIB_EVENT_ENTRY_DEL, c, mrt->id); 1225 mr6_netlink_event(mrt, c, RTM_DELROUTE); 1226 mr_cache_put(&c->_c); 1227 return 0; 1228 } 1229 1230 static int ip6mr_device_event(struct notifier_block *this, 1231 unsigned long event, void *ptr) 1232 { 1233 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 1234 struct net *net = dev_net(dev); 1235 struct mr_table *mrt; 1236 struct vif_device *v; 1237 int ct; 1238 1239 if (event != NETDEV_UNREGISTER) 1240 return NOTIFY_DONE; 1241 1242 ip6mr_for_each_table(mrt, net) { 1243 v = &mrt->vif_table[0]; 1244 for (ct = 0; ct < mrt->maxvif; ct++, v++) { 1245 if (v->dev == dev) 1246 mif6_delete(mrt, ct, 1, NULL); 1247 } 1248 } 1249 1250 return NOTIFY_DONE; 1251 } 1252 1253 static unsigned int ip6mr_seq_read(struct net *net) 1254 { 1255 ASSERT_RTNL(); 1256 1257 return net->ipv6.ipmr_seq + ip6mr_rules_seq_read(net); 1258 } 1259 1260 static int ip6mr_dump(struct net *net, struct notifier_block *nb, 1261 struct netlink_ext_ack *extack) 1262 { 1263 return mr_dump(net, nb, RTNL_FAMILY_IP6MR, ip6mr_rules_dump, 1264 ip6mr_mr_table_iter, &mrt_lock, extack); 1265 } 1266 1267 static struct notifier_block ip6_mr_notifier = { 1268 .notifier_call = ip6mr_device_event 1269 }; 1270 1271 static const struct fib_notifier_ops ip6mr_notifier_ops_template = { 1272 .family = RTNL_FAMILY_IP6MR, 1273 .fib_seq_read = ip6mr_seq_read, 1274 .fib_dump = ip6mr_dump, 1275 .owner = THIS_MODULE, 1276 }; 1277 1278 static int __net_init ip6mr_notifier_init(struct net *net) 1279 { 1280 struct fib_notifier_ops *ops; 1281 1282 net->ipv6.ipmr_seq = 0; 1283 1284 ops = fib_notifier_ops_register(&ip6mr_notifier_ops_template, net); 1285 if (IS_ERR(ops)) 1286 return PTR_ERR(ops); 1287 1288 net->ipv6.ip6mr_notifier_ops = ops; 1289 1290 return 0; 1291 } 1292 1293 static void __net_exit ip6mr_notifier_exit(struct net *net) 1294 { 1295 fib_notifier_ops_unregister(net->ipv6.ip6mr_notifier_ops); 1296 net->ipv6.ip6mr_notifier_ops = NULL; 1297 } 1298 1299 /* Setup for IP multicast routing */ 1300 static int __net_init ip6mr_net_init(struct net *net) 1301 { 1302 int err; 1303 1304 err = ip6mr_notifier_init(net); 1305 if (err) 1306 return err; 1307 1308 err = ip6mr_rules_init(net); 1309 if (err < 0) 1310 goto ip6mr_rules_fail; 1311 1312 #ifdef CONFIG_PROC_FS 1313 err = -ENOMEM; 1314 if (!proc_create_net("ip6_mr_vif", 0, net->proc_net, &ip6mr_vif_seq_ops, 1315 sizeof(struct mr_vif_iter))) 1316 goto proc_vif_fail; 1317 if (!proc_create_net("ip6_mr_cache", 0, net->proc_net, &ipmr_mfc_seq_ops, 1318 sizeof(struct mr_mfc_iter))) 1319 goto proc_cache_fail; 1320 #endif 1321 1322 return 0; 1323 1324 #ifdef CONFIG_PROC_FS 1325 proc_cache_fail: 1326 remove_proc_entry("ip6_mr_vif", net->proc_net); 1327 proc_vif_fail: 1328 ip6mr_rules_exit(net); 1329 #endif 1330 ip6mr_rules_fail: 1331 ip6mr_notifier_exit(net); 1332 return err; 1333 } 1334 1335 static void __net_exit ip6mr_net_exit(struct net *net) 1336 { 1337 #ifdef CONFIG_PROC_FS 1338 remove_proc_entry("ip6_mr_cache", net->proc_net); 1339 remove_proc_entry("ip6_mr_vif", net->proc_net); 1340 #endif 1341 ip6mr_rules_exit(net); 1342 ip6mr_notifier_exit(net); 1343 } 1344 1345 static struct pernet_operations ip6mr_net_ops = { 1346 .init = ip6mr_net_init, 1347 .exit = ip6mr_net_exit, 1348 }; 1349 1350 int __init ip6_mr_init(void) 1351 { 1352 int err; 1353 1354 mrt_cachep = kmem_cache_create("ip6_mrt_cache", 1355 sizeof(struct mfc6_cache), 1356 0, SLAB_HWCACHE_ALIGN, 1357 NULL); 1358 if (!mrt_cachep) 1359 return -ENOMEM; 1360 1361 err = register_pernet_subsys(&ip6mr_net_ops); 1362 if (err) 1363 goto reg_pernet_fail; 1364 1365 err = register_netdevice_notifier(&ip6_mr_notifier); 1366 if (err) 1367 goto reg_notif_fail; 1368 #ifdef CONFIG_IPV6_PIMSM_V2 1369 if (inet6_add_protocol(&pim6_protocol, IPPROTO_PIM) < 0) { 1370 pr_err("%s: can't add PIM protocol\n", __func__); 1371 err = -EAGAIN; 1372 goto add_proto_fail; 1373 } 1374 #endif 1375 err = rtnl_register_module(THIS_MODULE, RTNL_FAMILY_IP6MR, RTM_GETROUTE, 1376 NULL, ip6mr_rtm_dumproute, 0); 1377 if (err == 0) 1378 return 0; 1379 1380 #ifdef CONFIG_IPV6_PIMSM_V2 1381 inet6_del_protocol(&pim6_protocol, IPPROTO_PIM); 1382 add_proto_fail: 1383 unregister_netdevice_notifier(&ip6_mr_notifier); 1384 #endif 1385 reg_notif_fail: 1386 unregister_pernet_subsys(&ip6mr_net_ops); 1387 reg_pernet_fail: 1388 kmem_cache_destroy(mrt_cachep); 1389 return err; 1390 } 1391 1392 void ip6_mr_cleanup(void) 1393 { 1394 rtnl_unregister(RTNL_FAMILY_IP6MR, RTM_GETROUTE); 1395 #ifdef CONFIG_IPV6_PIMSM_V2 1396 inet6_del_protocol(&pim6_protocol, IPPROTO_PIM); 1397 #endif 1398 unregister_netdevice_notifier(&ip6_mr_notifier); 1399 unregister_pernet_subsys(&ip6mr_net_ops); 1400 kmem_cache_destroy(mrt_cachep); 1401 } 1402 1403 static int ip6mr_mfc_add(struct net *net, struct mr_table *mrt, 1404 struct mf6cctl *mfc, int mrtsock, int parent) 1405 { 1406 unsigned char ttls[MAXMIFS]; 1407 struct mfc6_cache *uc, *c; 1408 struct mr_mfc *_uc; 1409 bool found; 1410 int i, err; 1411 1412 if (mfc->mf6cc_parent >= MAXMIFS) 1413 return -ENFILE; 1414 1415 memset(ttls, 255, MAXMIFS); 1416 for (i = 0; i < MAXMIFS; i++) { 1417 if (IF_ISSET(i, &mfc->mf6cc_ifset)) 1418 ttls[i] = 1; 1419 } 1420 1421 /* The entries are added/deleted only under RTNL */ 1422 rcu_read_lock(); 1423 c = ip6mr_cache_find_parent(mrt, &mfc->mf6cc_origin.sin6_addr, 1424 &mfc->mf6cc_mcastgrp.sin6_addr, parent); 1425 rcu_read_unlock(); 1426 if (c) { 1427 write_lock_bh(&mrt_lock); 1428 c->_c.mfc_parent = mfc->mf6cc_parent; 1429 ip6mr_update_thresholds(mrt, &c->_c, ttls); 1430 if (!mrtsock) 1431 c->_c.mfc_flags |= MFC_STATIC; 1432 write_unlock_bh(&mrt_lock); 1433 call_ip6mr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_REPLACE, 1434 c, mrt->id); 1435 mr6_netlink_event(mrt, c, RTM_NEWROUTE); 1436 return 0; 1437 } 1438 1439 if (!ipv6_addr_any(&mfc->mf6cc_mcastgrp.sin6_addr) && 1440 !ipv6_addr_is_multicast(&mfc->mf6cc_mcastgrp.sin6_addr)) 1441 return -EINVAL; 1442 1443 c = ip6mr_cache_alloc(); 1444 if (!c) 1445 return -ENOMEM; 1446 1447 c->mf6c_origin = mfc->mf6cc_origin.sin6_addr; 1448 c->mf6c_mcastgrp = mfc->mf6cc_mcastgrp.sin6_addr; 1449 c->_c.mfc_parent = mfc->mf6cc_parent; 1450 ip6mr_update_thresholds(mrt, &c->_c, ttls); 1451 if (!mrtsock) 1452 c->_c.mfc_flags |= MFC_STATIC; 1453 1454 err = rhltable_insert_key(&mrt->mfc_hash, &c->cmparg, &c->_c.mnode, 1455 ip6mr_rht_params); 1456 if (err) { 1457 pr_err("ip6mr: rhtable insert error %d\n", err); 1458 ip6mr_cache_free(c); 1459 return err; 1460 } 1461 list_add_tail_rcu(&c->_c.list, &mrt->mfc_cache_list); 1462 1463 /* Check to see if we resolved a queued list. If so we 1464 * need to send on the frames and tidy up. 1465 */ 1466 found = false; 1467 spin_lock_bh(&mfc_unres_lock); 1468 list_for_each_entry(_uc, &mrt->mfc_unres_queue, list) { 1469 uc = (struct mfc6_cache *)_uc; 1470 if (ipv6_addr_equal(&uc->mf6c_origin, &c->mf6c_origin) && 1471 ipv6_addr_equal(&uc->mf6c_mcastgrp, &c->mf6c_mcastgrp)) { 1472 list_del(&_uc->list); 1473 atomic_dec(&mrt->cache_resolve_queue_len); 1474 found = true; 1475 break; 1476 } 1477 } 1478 if (list_empty(&mrt->mfc_unres_queue)) 1479 del_timer(&mrt->ipmr_expire_timer); 1480 spin_unlock_bh(&mfc_unres_lock); 1481 1482 if (found) { 1483 ip6mr_cache_resolve(net, mrt, uc, c); 1484 ip6mr_cache_free(uc); 1485 } 1486 call_ip6mr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_ADD, 1487 c, mrt->id); 1488 mr6_netlink_event(mrt, c, RTM_NEWROUTE); 1489 return 0; 1490 } 1491 1492 /* 1493 * Close the multicast socket, and clear the vif tables etc 1494 */ 1495 1496 static void mroute_clean_tables(struct mr_table *mrt, int flags) 1497 { 1498 struct mr_mfc *c, *tmp; 1499 LIST_HEAD(list); 1500 int i; 1501 1502 /* Shut down all active vif entries */ 1503 if (flags & (MRT6_FLUSH_MIFS | MRT6_FLUSH_MIFS_STATIC)) { 1504 for (i = 0; i < mrt->maxvif; i++) { 1505 if (((mrt->vif_table[i].flags & VIFF_STATIC) && 1506 !(flags & MRT6_FLUSH_MIFS_STATIC)) || 1507 (!(mrt->vif_table[i].flags & VIFF_STATIC) && !(flags & MRT6_FLUSH_MIFS))) 1508 continue; 1509 mif6_delete(mrt, i, 0, &list); 1510 } 1511 unregister_netdevice_many(&list); 1512 } 1513 1514 /* Wipe the cache */ 1515 if (flags & (MRT6_FLUSH_MFC | MRT6_FLUSH_MFC_STATIC)) { 1516 list_for_each_entry_safe(c, tmp, &mrt->mfc_cache_list, list) { 1517 if (((c->mfc_flags & MFC_STATIC) && !(flags & MRT6_FLUSH_MFC_STATIC)) || 1518 (!(c->mfc_flags & MFC_STATIC) && !(flags & MRT6_FLUSH_MFC))) 1519 continue; 1520 rhltable_remove(&mrt->mfc_hash, &c->mnode, ip6mr_rht_params); 1521 list_del_rcu(&c->list); 1522 call_ip6mr_mfc_entry_notifiers(read_pnet(&mrt->net), 1523 FIB_EVENT_ENTRY_DEL, 1524 (struct mfc6_cache *)c, mrt->id); 1525 mr6_netlink_event(mrt, (struct mfc6_cache *)c, RTM_DELROUTE); 1526 mr_cache_put(c); 1527 } 1528 } 1529 1530 if (flags & MRT6_FLUSH_MFC) { 1531 if (atomic_read(&mrt->cache_resolve_queue_len) != 0) { 1532 spin_lock_bh(&mfc_unres_lock); 1533 list_for_each_entry_safe(c, tmp, &mrt->mfc_unres_queue, list) { 1534 list_del(&c->list); 1535 mr6_netlink_event(mrt, (struct mfc6_cache *)c, 1536 RTM_DELROUTE); 1537 ip6mr_destroy_unres(mrt, (struct mfc6_cache *)c); 1538 } 1539 spin_unlock_bh(&mfc_unres_lock); 1540 } 1541 } 1542 } 1543 1544 static int ip6mr_sk_init(struct mr_table *mrt, struct sock *sk) 1545 { 1546 int err = 0; 1547 struct net *net = sock_net(sk); 1548 1549 rtnl_lock(); 1550 write_lock_bh(&mrt_lock); 1551 if (rtnl_dereference(mrt->mroute_sk)) { 1552 err = -EADDRINUSE; 1553 } else { 1554 rcu_assign_pointer(mrt->mroute_sk, sk); 1555 sock_set_flag(sk, SOCK_RCU_FREE); 1556 net->ipv6.devconf_all->mc_forwarding++; 1557 } 1558 write_unlock_bh(&mrt_lock); 1559 1560 if (!err) 1561 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF, 1562 NETCONFA_MC_FORWARDING, 1563 NETCONFA_IFINDEX_ALL, 1564 net->ipv6.devconf_all); 1565 rtnl_unlock(); 1566 1567 return err; 1568 } 1569 1570 int ip6mr_sk_done(struct sock *sk) 1571 { 1572 int err = -EACCES; 1573 struct net *net = sock_net(sk); 1574 struct mr_table *mrt; 1575 1576 if (sk->sk_type != SOCK_RAW || 1577 inet_sk(sk)->inet_num != IPPROTO_ICMPV6) 1578 return err; 1579 1580 rtnl_lock(); 1581 ip6mr_for_each_table(mrt, net) { 1582 if (sk == rtnl_dereference(mrt->mroute_sk)) { 1583 write_lock_bh(&mrt_lock); 1584 RCU_INIT_POINTER(mrt->mroute_sk, NULL); 1585 /* Note that mroute_sk had SOCK_RCU_FREE set, 1586 * so the RCU grace period before sk freeing 1587 * is guaranteed by sk_destruct() 1588 */ 1589 net->ipv6.devconf_all->mc_forwarding--; 1590 write_unlock_bh(&mrt_lock); 1591 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF, 1592 NETCONFA_MC_FORWARDING, 1593 NETCONFA_IFINDEX_ALL, 1594 net->ipv6.devconf_all); 1595 1596 mroute_clean_tables(mrt, MRT6_FLUSH_MIFS | MRT6_FLUSH_MFC); 1597 err = 0; 1598 break; 1599 } 1600 } 1601 rtnl_unlock(); 1602 1603 return err; 1604 } 1605 1606 bool mroute6_is_socket(struct net *net, struct sk_buff *skb) 1607 { 1608 struct mr_table *mrt; 1609 struct flowi6 fl6 = { 1610 .flowi6_iif = skb->skb_iif ? : LOOPBACK_IFINDEX, 1611 .flowi6_oif = skb->dev->ifindex, 1612 .flowi6_mark = skb->mark, 1613 }; 1614 1615 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0) 1616 return NULL; 1617 1618 return rcu_access_pointer(mrt->mroute_sk); 1619 } 1620 EXPORT_SYMBOL(mroute6_is_socket); 1621 1622 /* 1623 * Socket options and virtual interface manipulation. The whole 1624 * virtual interface system is a complete heap, but unfortunately 1625 * that's how BSD mrouted happens to think. Maybe one day with a proper 1626 * MOSPF/PIM router set up we can clean this up. 1627 */ 1628 1629 int ip6_mroute_setsockopt(struct sock *sk, int optname, sockptr_t optval, 1630 unsigned int optlen) 1631 { 1632 int ret, parent = 0; 1633 struct mif6ctl vif; 1634 struct mf6cctl mfc; 1635 mifi_t mifi; 1636 struct net *net = sock_net(sk); 1637 struct mr_table *mrt; 1638 1639 if (sk->sk_type != SOCK_RAW || 1640 inet_sk(sk)->inet_num != IPPROTO_ICMPV6) 1641 return -EOPNOTSUPP; 1642 1643 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT); 1644 if (!mrt) 1645 return -ENOENT; 1646 1647 if (optname != MRT6_INIT) { 1648 if (sk != rcu_access_pointer(mrt->mroute_sk) && 1649 !ns_capable(net->user_ns, CAP_NET_ADMIN)) 1650 return -EACCES; 1651 } 1652 1653 switch (optname) { 1654 case MRT6_INIT: 1655 if (optlen < sizeof(int)) 1656 return -EINVAL; 1657 1658 return ip6mr_sk_init(mrt, sk); 1659 1660 case MRT6_DONE: 1661 return ip6mr_sk_done(sk); 1662 1663 case MRT6_ADD_MIF: 1664 if (optlen < sizeof(vif)) 1665 return -EINVAL; 1666 if (copy_from_sockptr(&vif, optval, sizeof(vif))) 1667 return -EFAULT; 1668 if (vif.mif6c_mifi >= MAXMIFS) 1669 return -ENFILE; 1670 rtnl_lock(); 1671 ret = mif6_add(net, mrt, &vif, 1672 sk == rtnl_dereference(mrt->mroute_sk)); 1673 rtnl_unlock(); 1674 return ret; 1675 1676 case MRT6_DEL_MIF: 1677 if (optlen < sizeof(mifi_t)) 1678 return -EINVAL; 1679 if (copy_from_sockptr(&mifi, optval, sizeof(mifi_t))) 1680 return -EFAULT; 1681 rtnl_lock(); 1682 ret = mif6_delete(mrt, mifi, 0, NULL); 1683 rtnl_unlock(); 1684 return ret; 1685 1686 /* 1687 * Manipulate the forwarding caches. These live 1688 * in a sort of kernel/user symbiosis. 1689 */ 1690 case MRT6_ADD_MFC: 1691 case MRT6_DEL_MFC: 1692 parent = -1; 1693 fallthrough; 1694 case MRT6_ADD_MFC_PROXY: 1695 case MRT6_DEL_MFC_PROXY: 1696 if (optlen < sizeof(mfc)) 1697 return -EINVAL; 1698 if (copy_from_sockptr(&mfc, optval, sizeof(mfc))) 1699 return -EFAULT; 1700 if (parent == 0) 1701 parent = mfc.mf6cc_parent; 1702 rtnl_lock(); 1703 if (optname == MRT6_DEL_MFC || optname == MRT6_DEL_MFC_PROXY) 1704 ret = ip6mr_mfc_delete(mrt, &mfc, parent); 1705 else 1706 ret = ip6mr_mfc_add(net, mrt, &mfc, 1707 sk == 1708 rtnl_dereference(mrt->mroute_sk), 1709 parent); 1710 rtnl_unlock(); 1711 return ret; 1712 1713 case MRT6_FLUSH: 1714 { 1715 int flags; 1716 1717 if (optlen != sizeof(flags)) 1718 return -EINVAL; 1719 if (copy_from_sockptr(&flags, optval, sizeof(flags))) 1720 return -EFAULT; 1721 rtnl_lock(); 1722 mroute_clean_tables(mrt, flags); 1723 rtnl_unlock(); 1724 return 0; 1725 } 1726 1727 /* 1728 * Control PIM assert (to activate pim will activate assert) 1729 */ 1730 case MRT6_ASSERT: 1731 { 1732 int v; 1733 1734 if (optlen != sizeof(v)) 1735 return -EINVAL; 1736 if (copy_from_sockptr(&v, optval, sizeof(v))) 1737 return -EFAULT; 1738 mrt->mroute_do_assert = v; 1739 return 0; 1740 } 1741 1742 #ifdef CONFIG_IPV6_PIMSM_V2 1743 case MRT6_PIM: 1744 { 1745 int v; 1746 1747 if (optlen != sizeof(v)) 1748 return -EINVAL; 1749 if (copy_from_sockptr(&v, optval, sizeof(v))) 1750 return -EFAULT; 1751 v = !!v; 1752 rtnl_lock(); 1753 ret = 0; 1754 if (v != mrt->mroute_do_pim) { 1755 mrt->mroute_do_pim = v; 1756 mrt->mroute_do_assert = v; 1757 } 1758 rtnl_unlock(); 1759 return ret; 1760 } 1761 1762 #endif 1763 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES 1764 case MRT6_TABLE: 1765 { 1766 u32 v; 1767 1768 if (optlen != sizeof(u32)) 1769 return -EINVAL; 1770 if (copy_from_sockptr(&v, optval, sizeof(v))) 1771 return -EFAULT; 1772 /* "pim6reg%u" should not exceed 16 bytes (IFNAMSIZ) */ 1773 if (v != RT_TABLE_DEFAULT && v >= 100000000) 1774 return -EINVAL; 1775 if (sk == rcu_access_pointer(mrt->mroute_sk)) 1776 return -EBUSY; 1777 1778 rtnl_lock(); 1779 ret = 0; 1780 mrt = ip6mr_new_table(net, v); 1781 if (IS_ERR(mrt)) 1782 ret = PTR_ERR(mrt); 1783 else 1784 raw6_sk(sk)->ip6mr_table = v; 1785 rtnl_unlock(); 1786 return ret; 1787 } 1788 #endif 1789 /* 1790 * Spurious command, or MRT6_VERSION which you cannot 1791 * set. 1792 */ 1793 default: 1794 return -ENOPROTOOPT; 1795 } 1796 } 1797 1798 /* 1799 * Getsock opt support for the multicast routing system. 1800 */ 1801 1802 int ip6_mroute_getsockopt(struct sock *sk, int optname, char __user *optval, 1803 int __user *optlen) 1804 { 1805 int olr; 1806 int val; 1807 struct net *net = sock_net(sk); 1808 struct mr_table *mrt; 1809 1810 if (sk->sk_type != SOCK_RAW || 1811 inet_sk(sk)->inet_num != IPPROTO_ICMPV6) 1812 return -EOPNOTSUPP; 1813 1814 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT); 1815 if (!mrt) 1816 return -ENOENT; 1817 1818 switch (optname) { 1819 case MRT6_VERSION: 1820 val = 0x0305; 1821 break; 1822 #ifdef CONFIG_IPV6_PIMSM_V2 1823 case MRT6_PIM: 1824 val = mrt->mroute_do_pim; 1825 break; 1826 #endif 1827 case MRT6_ASSERT: 1828 val = mrt->mroute_do_assert; 1829 break; 1830 default: 1831 return -ENOPROTOOPT; 1832 } 1833 1834 if (get_user(olr, optlen)) 1835 return -EFAULT; 1836 1837 olr = min_t(int, olr, sizeof(int)); 1838 if (olr < 0) 1839 return -EINVAL; 1840 1841 if (put_user(olr, optlen)) 1842 return -EFAULT; 1843 if (copy_to_user(optval, &val, olr)) 1844 return -EFAULT; 1845 return 0; 1846 } 1847 1848 /* 1849 * The IP multicast ioctl support routines. 1850 */ 1851 1852 int ip6mr_ioctl(struct sock *sk, int cmd, void __user *arg) 1853 { 1854 struct sioc_sg_req6 sr; 1855 struct sioc_mif_req6 vr; 1856 struct vif_device *vif; 1857 struct mfc6_cache *c; 1858 struct net *net = sock_net(sk); 1859 struct mr_table *mrt; 1860 1861 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT); 1862 if (!mrt) 1863 return -ENOENT; 1864 1865 switch (cmd) { 1866 case SIOCGETMIFCNT_IN6: 1867 if (copy_from_user(&vr, arg, sizeof(vr))) 1868 return -EFAULT; 1869 if (vr.mifi >= mrt->maxvif) 1870 return -EINVAL; 1871 vr.mifi = array_index_nospec(vr.mifi, mrt->maxvif); 1872 read_lock(&mrt_lock); 1873 vif = &mrt->vif_table[vr.mifi]; 1874 if (VIF_EXISTS(mrt, vr.mifi)) { 1875 vr.icount = vif->pkt_in; 1876 vr.ocount = vif->pkt_out; 1877 vr.ibytes = vif->bytes_in; 1878 vr.obytes = vif->bytes_out; 1879 read_unlock(&mrt_lock); 1880 1881 if (copy_to_user(arg, &vr, sizeof(vr))) 1882 return -EFAULT; 1883 return 0; 1884 } 1885 read_unlock(&mrt_lock); 1886 return -EADDRNOTAVAIL; 1887 case SIOCGETSGCNT_IN6: 1888 if (copy_from_user(&sr, arg, sizeof(sr))) 1889 return -EFAULT; 1890 1891 rcu_read_lock(); 1892 c = ip6mr_cache_find(mrt, &sr.src.sin6_addr, &sr.grp.sin6_addr); 1893 if (c) { 1894 sr.pktcnt = c->_c.mfc_un.res.pkt; 1895 sr.bytecnt = c->_c.mfc_un.res.bytes; 1896 sr.wrong_if = c->_c.mfc_un.res.wrong_if; 1897 rcu_read_unlock(); 1898 1899 if (copy_to_user(arg, &sr, sizeof(sr))) 1900 return -EFAULT; 1901 return 0; 1902 } 1903 rcu_read_unlock(); 1904 return -EADDRNOTAVAIL; 1905 default: 1906 return -ENOIOCTLCMD; 1907 } 1908 } 1909 1910 #ifdef CONFIG_COMPAT 1911 struct compat_sioc_sg_req6 { 1912 struct sockaddr_in6 src; 1913 struct sockaddr_in6 grp; 1914 compat_ulong_t pktcnt; 1915 compat_ulong_t bytecnt; 1916 compat_ulong_t wrong_if; 1917 }; 1918 1919 struct compat_sioc_mif_req6 { 1920 mifi_t mifi; 1921 compat_ulong_t icount; 1922 compat_ulong_t ocount; 1923 compat_ulong_t ibytes; 1924 compat_ulong_t obytes; 1925 }; 1926 1927 int ip6mr_compat_ioctl(struct sock *sk, unsigned int cmd, void __user *arg) 1928 { 1929 struct compat_sioc_sg_req6 sr; 1930 struct compat_sioc_mif_req6 vr; 1931 struct vif_device *vif; 1932 struct mfc6_cache *c; 1933 struct net *net = sock_net(sk); 1934 struct mr_table *mrt; 1935 1936 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT); 1937 if (!mrt) 1938 return -ENOENT; 1939 1940 switch (cmd) { 1941 case SIOCGETMIFCNT_IN6: 1942 if (copy_from_user(&vr, arg, sizeof(vr))) 1943 return -EFAULT; 1944 if (vr.mifi >= mrt->maxvif) 1945 return -EINVAL; 1946 vr.mifi = array_index_nospec(vr.mifi, mrt->maxvif); 1947 read_lock(&mrt_lock); 1948 vif = &mrt->vif_table[vr.mifi]; 1949 if (VIF_EXISTS(mrt, vr.mifi)) { 1950 vr.icount = vif->pkt_in; 1951 vr.ocount = vif->pkt_out; 1952 vr.ibytes = vif->bytes_in; 1953 vr.obytes = vif->bytes_out; 1954 read_unlock(&mrt_lock); 1955 1956 if (copy_to_user(arg, &vr, sizeof(vr))) 1957 return -EFAULT; 1958 return 0; 1959 } 1960 read_unlock(&mrt_lock); 1961 return -EADDRNOTAVAIL; 1962 case SIOCGETSGCNT_IN6: 1963 if (copy_from_user(&sr, arg, sizeof(sr))) 1964 return -EFAULT; 1965 1966 rcu_read_lock(); 1967 c = ip6mr_cache_find(mrt, &sr.src.sin6_addr, &sr.grp.sin6_addr); 1968 if (c) { 1969 sr.pktcnt = c->_c.mfc_un.res.pkt; 1970 sr.bytecnt = c->_c.mfc_un.res.bytes; 1971 sr.wrong_if = c->_c.mfc_un.res.wrong_if; 1972 rcu_read_unlock(); 1973 1974 if (copy_to_user(arg, &sr, sizeof(sr))) 1975 return -EFAULT; 1976 return 0; 1977 } 1978 rcu_read_unlock(); 1979 return -EADDRNOTAVAIL; 1980 default: 1981 return -ENOIOCTLCMD; 1982 } 1983 } 1984 #endif 1985 1986 static inline int ip6mr_forward2_finish(struct net *net, struct sock *sk, struct sk_buff *skb) 1987 { 1988 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), 1989 IPSTATS_MIB_OUTFORWDATAGRAMS); 1990 IP6_ADD_STATS(net, ip6_dst_idev(skb_dst(skb)), 1991 IPSTATS_MIB_OUTOCTETS, skb->len); 1992 return dst_output(net, sk, skb); 1993 } 1994 1995 /* 1996 * Processing handlers for ip6mr_forward 1997 */ 1998 1999 static int ip6mr_forward2(struct net *net, struct mr_table *mrt, 2000 struct sk_buff *skb, int vifi) 2001 { 2002 struct ipv6hdr *ipv6h; 2003 struct vif_device *vif = &mrt->vif_table[vifi]; 2004 struct net_device *dev; 2005 struct dst_entry *dst; 2006 struct flowi6 fl6; 2007 2008 if (!vif->dev) 2009 goto out_free; 2010 2011 #ifdef CONFIG_IPV6_PIMSM_V2 2012 if (vif->flags & MIFF_REGISTER) { 2013 vif->pkt_out++; 2014 vif->bytes_out += skb->len; 2015 vif->dev->stats.tx_bytes += skb->len; 2016 vif->dev->stats.tx_packets++; 2017 ip6mr_cache_report(mrt, skb, vifi, MRT6MSG_WHOLEPKT); 2018 goto out_free; 2019 } 2020 #endif 2021 2022 ipv6h = ipv6_hdr(skb); 2023 2024 fl6 = (struct flowi6) { 2025 .flowi6_oif = vif->link, 2026 .daddr = ipv6h->daddr, 2027 }; 2028 2029 dst = ip6_route_output(net, NULL, &fl6); 2030 if (dst->error) { 2031 dst_release(dst); 2032 goto out_free; 2033 } 2034 2035 skb_dst_drop(skb); 2036 skb_dst_set(skb, dst); 2037 2038 /* 2039 * RFC1584 teaches, that DVMRP/PIM router must deliver packets locally 2040 * not only before forwarding, but after forwarding on all output 2041 * interfaces. It is clear, if mrouter runs a multicasting 2042 * program, it should receive packets not depending to what interface 2043 * program is joined. 2044 * If we will not make it, the program will have to join on all 2045 * interfaces. On the other hand, multihoming host (or router, but 2046 * not mrouter) cannot join to more than one interface - it will 2047 * result in receiving multiple packets. 2048 */ 2049 dev = vif->dev; 2050 skb->dev = dev; 2051 vif->pkt_out++; 2052 vif->bytes_out += skb->len; 2053 2054 /* We are about to write */ 2055 /* XXX: extension headers? */ 2056 if (skb_cow(skb, sizeof(*ipv6h) + LL_RESERVED_SPACE(dev))) 2057 goto out_free; 2058 2059 ipv6h = ipv6_hdr(skb); 2060 ipv6h->hop_limit--; 2061 2062 IP6CB(skb)->flags |= IP6SKB_FORWARDED; 2063 2064 return NF_HOOK(NFPROTO_IPV6, NF_INET_FORWARD, 2065 net, NULL, skb, skb->dev, dev, 2066 ip6mr_forward2_finish); 2067 2068 out_free: 2069 kfree_skb(skb); 2070 return 0; 2071 } 2072 2073 static int ip6mr_find_vif(struct mr_table *mrt, struct net_device *dev) 2074 { 2075 int ct; 2076 2077 for (ct = mrt->maxvif - 1; ct >= 0; ct--) { 2078 if (mrt->vif_table[ct].dev == dev) 2079 break; 2080 } 2081 return ct; 2082 } 2083 2084 static void ip6_mr_forward(struct net *net, struct mr_table *mrt, 2085 struct net_device *dev, struct sk_buff *skb, 2086 struct mfc6_cache *c) 2087 { 2088 int psend = -1; 2089 int vif, ct; 2090 int true_vifi = ip6mr_find_vif(mrt, dev); 2091 2092 vif = c->_c.mfc_parent; 2093 c->_c.mfc_un.res.pkt++; 2094 c->_c.mfc_un.res.bytes += skb->len; 2095 c->_c.mfc_un.res.lastuse = jiffies; 2096 2097 if (ipv6_addr_any(&c->mf6c_origin) && true_vifi >= 0) { 2098 struct mfc6_cache *cache_proxy; 2099 2100 /* For an (*,G) entry, we only check that the incoming 2101 * interface is part of the static tree. 2102 */ 2103 rcu_read_lock(); 2104 cache_proxy = mr_mfc_find_any_parent(mrt, vif); 2105 if (cache_proxy && 2106 cache_proxy->_c.mfc_un.res.ttls[true_vifi] < 255) { 2107 rcu_read_unlock(); 2108 goto forward; 2109 } 2110 rcu_read_unlock(); 2111 } 2112 2113 /* 2114 * Wrong interface: drop packet and (maybe) send PIM assert. 2115 */ 2116 if (mrt->vif_table[vif].dev != dev) { 2117 c->_c.mfc_un.res.wrong_if++; 2118 2119 if (true_vifi >= 0 && mrt->mroute_do_assert && 2120 /* pimsm uses asserts, when switching from RPT to SPT, 2121 so that we cannot check that packet arrived on an oif. 2122 It is bad, but otherwise we would need to move pretty 2123 large chunk of pimd to kernel. Ough... --ANK 2124 */ 2125 (mrt->mroute_do_pim || 2126 c->_c.mfc_un.res.ttls[true_vifi] < 255) && 2127 time_after(jiffies, 2128 c->_c.mfc_un.res.last_assert + 2129 MFC_ASSERT_THRESH)) { 2130 c->_c.mfc_un.res.last_assert = jiffies; 2131 ip6mr_cache_report(mrt, skb, true_vifi, MRT6MSG_WRONGMIF); 2132 } 2133 goto dont_forward; 2134 } 2135 2136 forward: 2137 mrt->vif_table[vif].pkt_in++; 2138 mrt->vif_table[vif].bytes_in += skb->len; 2139 2140 /* 2141 * Forward the frame 2142 */ 2143 if (ipv6_addr_any(&c->mf6c_origin) && 2144 ipv6_addr_any(&c->mf6c_mcastgrp)) { 2145 if (true_vifi >= 0 && 2146 true_vifi != c->_c.mfc_parent && 2147 ipv6_hdr(skb)->hop_limit > 2148 c->_c.mfc_un.res.ttls[c->_c.mfc_parent]) { 2149 /* It's an (*,*) entry and the packet is not coming from 2150 * the upstream: forward the packet to the upstream 2151 * only. 2152 */ 2153 psend = c->_c.mfc_parent; 2154 goto last_forward; 2155 } 2156 goto dont_forward; 2157 } 2158 for (ct = c->_c.mfc_un.res.maxvif - 1; 2159 ct >= c->_c.mfc_un.res.minvif; ct--) { 2160 /* For (*,G) entry, don't forward to the incoming interface */ 2161 if ((!ipv6_addr_any(&c->mf6c_origin) || ct != true_vifi) && 2162 ipv6_hdr(skb)->hop_limit > c->_c.mfc_un.res.ttls[ct]) { 2163 if (psend != -1) { 2164 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC); 2165 if (skb2) 2166 ip6mr_forward2(net, mrt, skb2, psend); 2167 } 2168 psend = ct; 2169 } 2170 } 2171 last_forward: 2172 if (psend != -1) { 2173 ip6mr_forward2(net, mrt, skb, psend); 2174 return; 2175 } 2176 2177 dont_forward: 2178 kfree_skb(skb); 2179 } 2180 2181 2182 /* 2183 * Multicast packets for forwarding arrive here 2184 */ 2185 2186 int ip6_mr_input(struct sk_buff *skb) 2187 { 2188 struct mfc6_cache *cache; 2189 struct net *net = dev_net(skb->dev); 2190 struct mr_table *mrt; 2191 struct flowi6 fl6 = { 2192 .flowi6_iif = skb->dev->ifindex, 2193 .flowi6_mark = skb->mark, 2194 }; 2195 int err; 2196 struct net_device *dev; 2197 2198 /* skb->dev passed in is the master dev for vrfs. 2199 * Get the proper interface that does have a vif associated with it. 2200 */ 2201 dev = skb->dev; 2202 if (netif_is_l3_master(skb->dev)) { 2203 dev = dev_get_by_index_rcu(net, IPCB(skb)->iif); 2204 if (!dev) { 2205 kfree_skb(skb); 2206 return -ENODEV; 2207 } 2208 } 2209 2210 err = ip6mr_fib_lookup(net, &fl6, &mrt); 2211 if (err < 0) { 2212 kfree_skb(skb); 2213 return err; 2214 } 2215 2216 read_lock(&mrt_lock); 2217 cache = ip6mr_cache_find(mrt, 2218 &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr); 2219 if (!cache) { 2220 int vif = ip6mr_find_vif(mrt, dev); 2221 2222 if (vif >= 0) 2223 cache = ip6mr_cache_find_any(mrt, 2224 &ipv6_hdr(skb)->daddr, 2225 vif); 2226 } 2227 2228 /* 2229 * No usable cache entry 2230 */ 2231 if (!cache) { 2232 int vif; 2233 2234 vif = ip6mr_find_vif(mrt, dev); 2235 if (vif >= 0) { 2236 int err = ip6mr_cache_unresolved(mrt, vif, skb, dev); 2237 read_unlock(&mrt_lock); 2238 2239 return err; 2240 } 2241 read_unlock(&mrt_lock); 2242 kfree_skb(skb); 2243 return -ENODEV; 2244 } 2245 2246 ip6_mr_forward(net, mrt, dev, skb, cache); 2247 2248 read_unlock(&mrt_lock); 2249 2250 return 0; 2251 } 2252 2253 int ip6mr_get_route(struct net *net, struct sk_buff *skb, struct rtmsg *rtm, 2254 u32 portid) 2255 { 2256 int err; 2257 struct mr_table *mrt; 2258 struct mfc6_cache *cache; 2259 struct rt6_info *rt = (struct rt6_info *)skb_dst(skb); 2260 2261 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT); 2262 if (!mrt) 2263 return -ENOENT; 2264 2265 read_lock(&mrt_lock); 2266 cache = ip6mr_cache_find(mrt, &rt->rt6i_src.addr, &rt->rt6i_dst.addr); 2267 if (!cache && skb->dev) { 2268 int vif = ip6mr_find_vif(mrt, skb->dev); 2269 2270 if (vif >= 0) 2271 cache = ip6mr_cache_find_any(mrt, &rt->rt6i_dst.addr, 2272 vif); 2273 } 2274 2275 if (!cache) { 2276 struct sk_buff *skb2; 2277 struct ipv6hdr *iph; 2278 struct net_device *dev; 2279 int vif; 2280 2281 dev = skb->dev; 2282 if (!dev || (vif = ip6mr_find_vif(mrt, dev)) < 0) { 2283 read_unlock(&mrt_lock); 2284 return -ENODEV; 2285 } 2286 2287 /* really correct? */ 2288 skb2 = alloc_skb(sizeof(struct ipv6hdr), GFP_ATOMIC); 2289 if (!skb2) { 2290 read_unlock(&mrt_lock); 2291 return -ENOMEM; 2292 } 2293 2294 NETLINK_CB(skb2).portid = portid; 2295 skb_reset_transport_header(skb2); 2296 2297 skb_put(skb2, sizeof(struct ipv6hdr)); 2298 skb_reset_network_header(skb2); 2299 2300 iph = ipv6_hdr(skb2); 2301 iph->version = 0; 2302 iph->priority = 0; 2303 iph->flow_lbl[0] = 0; 2304 iph->flow_lbl[1] = 0; 2305 iph->flow_lbl[2] = 0; 2306 iph->payload_len = 0; 2307 iph->nexthdr = IPPROTO_NONE; 2308 iph->hop_limit = 0; 2309 iph->saddr = rt->rt6i_src.addr; 2310 iph->daddr = rt->rt6i_dst.addr; 2311 2312 err = ip6mr_cache_unresolved(mrt, vif, skb2, dev); 2313 read_unlock(&mrt_lock); 2314 2315 return err; 2316 } 2317 2318 err = mr_fill_mroute(mrt, skb, &cache->_c, rtm); 2319 read_unlock(&mrt_lock); 2320 return err; 2321 } 2322 2323 static int ip6mr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb, 2324 u32 portid, u32 seq, struct mfc6_cache *c, int cmd, 2325 int flags) 2326 { 2327 struct nlmsghdr *nlh; 2328 struct rtmsg *rtm; 2329 int err; 2330 2331 nlh = nlmsg_put(skb, portid, seq, cmd, sizeof(*rtm), flags); 2332 if (!nlh) 2333 return -EMSGSIZE; 2334 2335 rtm = nlmsg_data(nlh); 2336 rtm->rtm_family = RTNL_FAMILY_IP6MR; 2337 rtm->rtm_dst_len = 128; 2338 rtm->rtm_src_len = 128; 2339 rtm->rtm_tos = 0; 2340 rtm->rtm_table = mrt->id; 2341 if (nla_put_u32(skb, RTA_TABLE, mrt->id)) 2342 goto nla_put_failure; 2343 rtm->rtm_type = RTN_MULTICAST; 2344 rtm->rtm_scope = RT_SCOPE_UNIVERSE; 2345 if (c->_c.mfc_flags & MFC_STATIC) 2346 rtm->rtm_protocol = RTPROT_STATIC; 2347 else 2348 rtm->rtm_protocol = RTPROT_MROUTED; 2349 rtm->rtm_flags = 0; 2350 2351 if (nla_put_in6_addr(skb, RTA_SRC, &c->mf6c_origin) || 2352 nla_put_in6_addr(skb, RTA_DST, &c->mf6c_mcastgrp)) 2353 goto nla_put_failure; 2354 err = mr_fill_mroute(mrt, skb, &c->_c, rtm); 2355 /* do not break the dump if cache is unresolved */ 2356 if (err < 0 && err != -ENOENT) 2357 goto nla_put_failure; 2358 2359 nlmsg_end(skb, nlh); 2360 return 0; 2361 2362 nla_put_failure: 2363 nlmsg_cancel(skb, nlh); 2364 return -EMSGSIZE; 2365 } 2366 2367 static int _ip6mr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb, 2368 u32 portid, u32 seq, struct mr_mfc *c, 2369 int cmd, int flags) 2370 { 2371 return ip6mr_fill_mroute(mrt, skb, portid, seq, (struct mfc6_cache *)c, 2372 cmd, flags); 2373 } 2374 2375 static int mr6_msgsize(bool unresolved, int maxvif) 2376 { 2377 size_t len = 2378 NLMSG_ALIGN(sizeof(struct rtmsg)) 2379 + nla_total_size(4) /* RTA_TABLE */ 2380 + nla_total_size(sizeof(struct in6_addr)) /* RTA_SRC */ 2381 + nla_total_size(sizeof(struct in6_addr)) /* RTA_DST */ 2382 ; 2383 2384 if (!unresolved) 2385 len = len 2386 + nla_total_size(4) /* RTA_IIF */ 2387 + nla_total_size(0) /* RTA_MULTIPATH */ 2388 + maxvif * NLA_ALIGN(sizeof(struct rtnexthop)) 2389 /* RTA_MFC_STATS */ 2390 + nla_total_size_64bit(sizeof(struct rta_mfc_stats)) 2391 ; 2392 2393 return len; 2394 } 2395 2396 static void mr6_netlink_event(struct mr_table *mrt, struct mfc6_cache *mfc, 2397 int cmd) 2398 { 2399 struct net *net = read_pnet(&mrt->net); 2400 struct sk_buff *skb; 2401 int err = -ENOBUFS; 2402 2403 skb = nlmsg_new(mr6_msgsize(mfc->_c.mfc_parent >= MAXMIFS, mrt->maxvif), 2404 GFP_ATOMIC); 2405 if (!skb) 2406 goto errout; 2407 2408 err = ip6mr_fill_mroute(mrt, skb, 0, 0, mfc, cmd, 0); 2409 if (err < 0) 2410 goto errout; 2411 2412 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_MROUTE, NULL, GFP_ATOMIC); 2413 return; 2414 2415 errout: 2416 kfree_skb(skb); 2417 if (err < 0) 2418 rtnl_set_sk_err(net, RTNLGRP_IPV6_MROUTE, err); 2419 } 2420 2421 static size_t mrt6msg_netlink_msgsize(size_t payloadlen) 2422 { 2423 size_t len = 2424 NLMSG_ALIGN(sizeof(struct rtgenmsg)) 2425 + nla_total_size(1) /* IP6MRA_CREPORT_MSGTYPE */ 2426 + nla_total_size(4) /* IP6MRA_CREPORT_MIF_ID */ 2427 /* IP6MRA_CREPORT_SRC_ADDR */ 2428 + nla_total_size(sizeof(struct in6_addr)) 2429 /* IP6MRA_CREPORT_DST_ADDR */ 2430 + nla_total_size(sizeof(struct in6_addr)) 2431 /* IP6MRA_CREPORT_PKT */ 2432 + nla_total_size(payloadlen) 2433 ; 2434 2435 return len; 2436 } 2437 2438 static void mrt6msg_netlink_event(struct mr_table *mrt, struct sk_buff *pkt) 2439 { 2440 struct net *net = read_pnet(&mrt->net); 2441 struct nlmsghdr *nlh; 2442 struct rtgenmsg *rtgenm; 2443 struct mrt6msg *msg; 2444 struct sk_buff *skb; 2445 struct nlattr *nla; 2446 int payloadlen; 2447 2448 payloadlen = pkt->len - sizeof(struct mrt6msg); 2449 msg = (struct mrt6msg *)skb_transport_header(pkt); 2450 2451 skb = nlmsg_new(mrt6msg_netlink_msgsize(payloadlen), GFP_ATOMIC); 2452 if (!skb) 2453 goto errout; 2454 2455 nlh = nlmsg_put(skb, 0, 0, RTM_NEWCACHEREPORT, 2456 sizeof(struct rtgenmsg), 0); 2457 if (!nlh) 2458 goto errout; 2459 rtgenm = nlmsg_data(nlh); 2460 rtgenm->rtgen_family = RTNL_FAMILY_IP6MR; 2461 if (nla_put_u8(skb, IP6MRA_CREPORT_MSGTYPE, msg->im6_msgtype) || 2462 nla_put_u32(skb, IP6MRA_CREPORT_MIF_ID, msg->im6_mif) || 2463 nla_put_in6_addr(skb, IP6MRA_CREPORT_SRC_ADDR, 2464 &msg->im6_src) || 2465 nla_put_in6_addr(skb, IP6MRA_CREPORT_DST_ADDR, 2466 &msg->im6_dst)) 2467 goto nla_put_failure; 2468 2469 nla = nla_reserve(skb, IP6MRA_CREPORT_PKT, payloadlen); 2470 if (!nla || skb_copy_bits(pkt, sizeof(struct mrt6msg), 2471 nla_data(nla), payloadlen)) 2472 goto nla_put_failure; 2473 2474 nlmsg_end(skb, nlh); 2475 2476 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_MROUTE_R, NULL, GFP_ATOMIC); 2477 return; 2478 2479 nla_put_failure: 2480 nlmsg_cancel(skb, nlh); 2481 errout: 2482 kfree_skb(skb); 2483 rtnl_set_sk_err(net, RTNLGRP_IPV6_MROUTE_R, -ENOBUFS); 2484 } 2485 2486 static int ip6mr_rtm_dumproute(struct sk_buff *skb, struct netlink_callback *cb) 2487 { 2488 const struct nlmsghdr *nlh = cb->nlh; 2489 struct fib_dump_filter filter = {}; 2490 int err; 2491 2492 if (cb->strict_check) { 2493 err = ip_valid_fib_dump_req(sock_net(skb->sk), nlh, 2494 &filter, cb); 2495 if (err < 0) 2496 return err; 2497 } 2498 2499 if (filter.table_id) { 2500 struct mr_table *mrt; 2501 2502 mrt = ip6mr_get_table(sock_net(skb->sk), filter.table_id); 2503 if (!mrt) { 2504 if (rtnl_msg_family(cb->nlh) != RTNL_FAMILY_IP6MR) 2505 return skb->len; 2506 2507 NL_SET_ERR_MSG_MOD(cb->extack, "MR table does not exist"); 2508 return -ENOENT; 2509 } 2510 err = mr_table_dump(mrt, skb, cb, _ip6mr_fill_mroute, 2511 &mfc_unres_lock, &filter); 2512 return skb->len ? : err; 2513 } 2514 2515 return mr_rtm_dumproute(skb, cb, ip6mr_mr_table_iter, 2516 _ip6mr_fill_mroute, &mfc_unres_lock, &filter); 2517 } 2518