1 /* 2 * Linux IPv6 multicast routing support for BSD pim6sd 3 * Based on net/ipv4/ipmr.c. 4 * 5 * (c) 2004 Mickael Hoerdt, <hoerdt@clarinet.u-strasbg.fr> 6 * LSIIT Laboratory, Strasbourg, France 7 * (c) 2004 Jean-Philippe Andriot, <jean-philippe.andriot@6WIND.com> 8 * 6WIND, Paris, France 9 * Copyright (C)2007,2008 USAGI/WIDE Project 10 * YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> 11 * 12 * This program is free software; you can redistribute it and/or 13 * modify it under the terms of the GNU General Public License 14 * as published by the Free Software Foundation; either version 15 * 2 of the License, or (at your option) any later version. 16 * 17 */ 18 19 #include <linux/uaccess.h> 20 #include <linux/types.h> 21 #include <linux/sched.h> 22 #include <linux/errno.h> 23 #include <linux/timer.h> 24 #include <linux/mm.h> 25 #include <linux/kernel.h> 26 #include <linux/fcntl.h> 27 #include <linux/stat.h> 28 #include <linux/socket.h> 29 #include <linux/inet.h> 30 #include <linux/netdevice.h> 31 #include <linux/inetdevice.h> 32 #include <linux/proc_fs.h> 33 #include <linux/seq_file.h> 34 #include <linux/init.h> 35 #include <linux/slab.h> 36 #include <linux/compat.h> 37 #include <net/protocol.h> 38 #include <linux/skbuff.h> 39 #include <net/sock.h> 40 #include <net/raw.h> 41 #include <linux/notifier.h> 42 #include <linux/if_arp.h> 43 #include <net/checksum.h> 44 #include <net/netlink.h> 45 #include <net/fib_rules.h> 46 47 #include <net/ipv6.h> 48 #include <net/ip6_route.h> 49 #include <linux/mroute6.h> 50 #include <linux/pim.h> 51 #include <net/addrconf.h> 52 #include <linux/netfilter_ipv6.h> 53 #include <linux/export.h> 54 #include <net/ip6_checksum.h> 55 #include <linux/netconf.h> 56 57 struct mr6_table { 58 struct list_head list; 59 possible_net_t net; 60 u32 id; 61 struct sock *mroute6_sk; 62 struct timer_list ipmr_expire_timer; 63 struct list_head mfc6_unres_queue; 64 struct list_head mfc6_cache_array[MFC6_LINES]; 65 struct mif_device vif6_table[MAXMIFS]; 66 int maxvif; 67 atomic_t cache_resolve_queue_len; 68 bool mroute_do_assert; 69 bool mroute_do_pim; 70 #ifdef CONFIG_IPV6_PIMSM_V2 71 int mroute_reg_vif_num; 72 #endif 73 }; 74 75 struct ip6mr_rule { 76 struct fib_rule common; 77 }; 78 79 struct ip6mr_result { 80 struct mr6_table *mrt; 81 }; 82 83 /* Big lock, protecting vif table, mrt cache and mroute socket state. 84 Note that the changes are semaphored via rtnl_lock. 85 */ 86 87 static DEFINE_RWLOCK(mrt_lock); 88 89 /* 90 * Multicast router control variables 91 */ 92 93 #define MIF_EXISTS(_mrt, _idx) ((_mrt)->vif6_table[_idx].dev != NULL) 94 95 /* Special spinlock for queue of unresolved entries */ 96 static DEFINE_SPINLOCK(mfc_unres_lock); 97 98 /* We return to original Alan's scheme. Hash table of resolved 99 entries is changed only in process context and protected 100 with weak lock mrt_lock. Queue of unresolved entries is protected 101 with strong spinlock mfc_unres_lock. 102 103 In this case data path is free of exclusive locks at all. 104 */ 105 106 static struct kmem_cache *mrt_cachep __read_mostly; 107 108 static struct mr6_table *ip6mr_new_table(struct net *net, u32 id); 109 static void ip6mr_free_table(struct mr6_table *mrt); 110 111 static void ip6_mr_forward(struct net *net, struct mr6_table *mrt, 112 struct sk_buff *skb, struct mfc6_cache *cache); 113 static int ip6mr_cache_report(struct mr6_table *mrt, struct sk_buff *pkt, 114 mifi_t mifi, int assert); 115 static int __ip6mr_fill_mroute(struct mr6_table *mrt, struct sk_buff *skb, 116 struct mfc6_cache *c, struct rtmsg *rtm); 117 static void mr6_netlink_event(struct mr6_table *mrt, struct mfc6_cache *mfc, 118 int cmd); 119 static int ip6mr_rtm_dumproute(struct sk_buff *skb, 120 struct netlink_callback *cb); 121 static void mroute_clean_tables(struct mr6_table *mrt, bool all); 122 static void ipmr_expire_process(unsigned long arg); 123 124 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES 125 #define ip6mr_for_each_table(mrt, net) \ 126 list_for_each_entry_rcu(mrt, &net->ipv6.mr6_tables, list) 127 128 static struct mr6_table *ip6mr_get_table(struct net *net, u32 id) 129 { 130 struct mr6_table *mrt; 131 132 ip6mr_for_each_table(mrt, net) { 133 if (mrt->id == id) 134 return mrt; 135 } 136 return NULL; 137 } 138 139 static int ip6mr_fib_lookup(struct net *net, struct flowi6 *flp6, 140 struct mr6_table **mrt) 141 { 142 int err; 143 struct ip6mr_result res; 144 struct fib_lookup_arg arg = { 145 .result = &res, 146 .flags = FIB_LOOKUP_NOREF, 147 }; 148 149 err = fib_rules_lookup(net->ipv6.mr6_rules_ops, 150 flowi6_to_flowi(flp6), 0, &arg); 151 if (err < 0) 152 return err; 153 *mrt = res.mrt; 154 return 0; 155 } 156 157 static int ip6mr_rule_action(struct fib_rule *rule, struct flowi *flp, 158 int flags, struct fib_lookup_arg *arg) 159 { 160 struct ip6mr_result *res = arg->result; 161 struct mr6_table *mrt; 162 163 switch (rule->action) { 164 case FR_ACT_TO_TBL: 165 break; 166 case FR_ACT_UNREACHABLE: 167 return -ENETUNREACH; 168 case FR_ACT_PROHIBIT: 169 return -EACCES; 170 case FR_ACT_BLACKHOLE: 171 default: 172 return -EINVAL; 173 } 174 175 mrt = ip6mr_get_table(rule->fr_net, rule->table); 176 if (!mrt) 177 return -EAGAIN; 178 res->mrt = mrt; 179 return 0; 180 } 181 182 static int ip6mr_rule_match(struct fib_rule *rule, struct flowi *flp, int flags) 183 { 184 return 1; 185 } 186 187 static const struct nla_policy ip6mr_rule_policy[FRA_MAX + 1] = { 188 FRA_GENERIC_POLICY, 189 }; 190 191 static int ip6mr_rule_configure(struct fib_rule *rule, struct sk_buff *skb, 192 struct fib_rule_hdr *frh, struct nlattr **tb) 193 { 194 return 0; 195 } 196 197 static int ip6mr_rule_compare(struct fib_rule *rule, struct fib_rule_hdr *frh, 198 struct nlattr **tb) 199 { 200 return 1; 201 } 202 203 static int ip6mr_rule_fill(struct fib_rule *rule, struct sk_buff *skb, 204 struct fib_rule_hdr *frh) 205 { 206 frh->dst_len = 0; 207 frh->src_len = 0; 208 frh->tos = 0; 209 return 0; 210 } 211 212 static const struct fib_rules_ops __net_initconst ip6mr_rules_ops_template = { 213 .family = RTNL_FAMILY_IP6MR, 214 .rule_size = sizeof(struct ip6mr_rule), 215 .addr_size = sizeof(struct in6_addr), 216 .action = ip6mr_rule_action, 217 .match = ip6mr_rule_match, 218 .configure = ip6mr_rule_configure, 219 .compare = ip6mr_rule_compare, 220 .fill = ip6mr_rule_fill, 221 .nlgroup = RTNLGRP_IPV6_RULE, 222 .policy = ip6mr_rule_policy, 223 .owner = THIS_MODULE, 224 }; 225 226 static int __net_init ip6mr_rules_init(struct net *net) 227 { 228 struct fib_rules_ops *ops; 229 struct mr6_table *mrt; 230 int err; 231 232 ops = fib_rules_register(&ip6mr_rules_ops_template, net); 233 if (IS_ERR(ops)) 234 return PTR_ERR(ops); 235 236 INIT_LIST_HEAD(&net->ipv6.mr6_tables); 237 238 mrt = ip6mr_new_table(net, RT6_TABLE_DFLT); 239 if (!mrt) { 240 err = -ENOMEM; 241 goto err1; 242 } 243 244 err = fib_default_rule_add(ops, 0x7fff, RT6_TABLE_DFLT, 0); 245 if (err < 0) 246 goto err2; 247 248 net->ipv6.mr6_rules_ops = ops; 249 return 0; 250 251 err2: 252 ip6mr_free_table(mrt); 253 err1: 254 fib_rules_unregister(ops); 255 return err; 256 } 257 258 static void __net_exit ip6mr_rules_exit(struct net *net) 259 { 260 struct mr6_table *mrt, *next; 261 262 rtnl_lock(); 263 list_for_each_entry_safe(mrt, next, &net->ipv6.mr6_tables, list) { 264 list_del(&mrt->list); 265 ip6mr_free_table(mrt); 266 } 267 fib_rules_unregister(net->ipv6.mr6_rules_ops); 268 rtnl_unlock(); 269 } 270 #else 271 #define ip6mr_for_each_table(mrt, net) \ 272 for (mrt = net->ipv6.mrt6; mrt; mrt = NULL) 273 274 static struct mr6_table *ip6mr_get_table(struct net *net, u32 id) 275 { 276 return net->ipv6.mrt6; 277 } 278 279 static int ip6mr_fib_lookup(struct net *net, struct flowi6 *flp6, 280 struct mr6_table **mrt) 281 { 282 *mrt = net->ipv6.mrt6; 283 return 0; 284 } 285 286 static int __net_init ip6mr_rules_init(struct net *net) 287 { 288 net->ipv6.mrt6 = ip6mr_new_table(net, RT6_TABLE_DFLT); 289 return net->ipv6.mrt6 ? 0 : -ENOMEM; 290 } 291 292 static void __net_exit ip6mr_rules_exit(struct net *net) 293 { 294 rtnl_lock(); 295 ip6mr_free_table(net->ipv6.mrt6); 296 net->ipv6.mrt6 = NULL; 297 rtnl_unlock(); 298 } 299 #endif 300 301 static struct mr6_table *ip6mr_new_table(struct net *net, u32 id) 302 { 303 struct mr6_table *mrt; 304 unsigned int i; 305 306 mrt = ip6mr_get_table(net, id); 307 if (mrt) 308 return mrt; 309 310 mrt = kzalloc(sizeof(*mrt), GFP_KERNEL); 311 if (!mrt) 312 return NULL; 313 mrt->id = id; 314 write_pnet(&mrt->net, net); 315 316 /* Forwarding cache */ 317 for (i = 0; i < MFC6_LINES; i++) 318 INIT_LIST_HEAD(&mrt->mfc6_cache_array[i]); 319 320 INIT_LIST_HEAD(&mrt->mfc6_unres_queue); 321 322 setup_timer(&mrt->ipmr_expire_timer, ipmr_expire_process, 323 (unsigned long)mrt); 324 325 #ifdef CONFIG_IPV6_PIMSM_V2 326 mrt->mroute_reg_vif_num = -1; 327 #endif 328 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES 329 list_add_tail_rcu(&mrt->list, &net->ipv6.mr6_tables); 330 #endif 331 return mrt; 332 } 333 334 static void ip6mr_free_table(struct mr6_table *mrt) 335 { 336 del_timer_sync(&mrt->ipmr_expire_timer); 337 mroute_clean_tables(mrt, true); 338 kfree(mrt); 339 } 340 341 #ifdef CONFIG_PROC_FS 342 343 struct ipmr_mfc_iter { 344 struct seq_net_private p; 345 struct mr6_table *mrt; 346 struct list_head *cache; 347 int ct; 348 }; 349 350 351 static struct mfc6_cache *ipmr_mfc_seq_idx(struct net *net, 352 struct ipmr_mfc_iter *it, loff_t pos) 353 { 354 struct mr6_table *mrt = it->mrt; 355 struct mfc6_cache *mfc; 356 357 read_lock(&mrt_lock); 358 for (it->ct = 0; it->ct < MFC6_LINES; it->ct++) { 359 it->cache = &mrt->mfc6_cache_array[it->ct]; 360 list_for_each_entry(mfc, it->cache, list) 361 if (pos-- == 0) 362 return mfc; 363 } 364 read_unlock(&mrt_lock); 365 366 spin_lock_bh(&mfc_unres_lock); 367 it->cache = &mrt->mfc6_unres_queue; 368 list_for_each_entry(mfc, it->cache, list) 369 if (pos-- == 0) 370 return mfc; 371 spin_unlock_bh(&mfc_unres_lock); 372 373 it->cache = NULL; 374 return NULL; 375 } 376 377 /* 378 * The /proc interfaces to multicast routing /proc/ip6_mr_cache /proc/ip6_mr_vif 379 */ 380 381 struct ipmr_vif_iter { 382 struct seq_net_private p; 383 struct mr6_table *mrt; 384 int ct; 385 }; 386 387 static struct mif_device *ip6mr_vif_seq_idx(struct net *net, 388 struct ipmr_vif_iter *iter, 389 loff_t pos) 390 { 391 struct mr6_table *mrt = iter->mrt; 392 393 for (iter->ct = 0; iter->ct < mrt->maxvif; ++iter->ct) { 394 if (!MIF_EXISTS(mrt, iter->ct)) 395 continue; 396 if (pos-- == 0) 397 return &mrt->vif6_table[iter->ct]; 398 } 399 return NULL; 400 } 401 402 static void *ip6mr_vif_seq_start(struct seq_file *seq, loff_t *pos) 403 __acquires(mrt_lock) 404 { 405 struct ipmr_vif_iter *iter = seq->private; 406 struct net *net = seq_file_net(seq); 407 struct mr6_table *mrt; 408 409 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT); 410 if (!mrt) 411 return ERR_PTR(-ENOENT); 412 413 iter->mrt = mrt; 414 415 read_lock(&mrt_lock); 416 return *pos ? ip6mr_vif_seq_idx(net, seq->private, *pos - 1) 417 : SEQ_START_TOKEN; 418 } 419 420 static void *ip6mr_vif_seq_next(struct seq_file *seq, void *v, loff_t *pos) 421 { 422 struct ipmr_vif_iter *iter = seq->private; 423 struct net *net = seq_file_net(seq); 424 struct mr6_table *mrt = iter->mrt; 425 426 ++*pos; 427 if (v == SEQ_START_TOKEN) 428 return ip6mr_vif_seq_idx(net, iter, 0); 429 430 while (++iter->ct < mrt->maxvif) { 431 if (!MIF_EXISTS(mrt, iter->ct)) 432 continue; 433 return &mrt->vif6_table[iter->ct]; 434 } 435 return NULL; 436 } 437 438 static void ip6mr_vif_seq_stop(struct seq_file *seq, void *v) 439 __releases(mrt_lock) 440 { 441 read_unlock(&mrt_lock); 442 } 443 444 static int ip6mr_vif_seq_show(struct seq_file *seq, void *v) 445 { 446 struct ipmr_vif_iter *iter = seq->private; 447 struct mr6_table *mrt = iter->mrt; 448 449 if (v == SEQ_START_TOKEN) { 450 seq_puts(seq, 451 "Interface BytesIn PktsIn BytesOut PktsOut Flags\n"); 452 } else { 453 const struct mif_device *vif = v; 454 const char *name = vif->dev ? vif->dev->name : "none"; 455 456 seq_printf(seq, 457 "%2td %-10s %8ld %7ld %8ld %7ld %05X\n", 458 vif - mrt->vif6_table, 459 name, vif->bytes_in, vif->pkt_in, 460 vif->bytes_out, vif->pkt_out, 461 vif->flags); 462 } 463 return 0; 464 } 465 466 static const struct seq_operations ip6mr_vif_seq_ops = { 467 .start = ip6mr_vif_seq_start, 468 .next = ip6mr_vif_seq_next, 469 .stop = ip6mr_vif_seq_stop, 470 .show = ip6mr_vif_seq_show, 471 }; 472 473 static int ip6mr_vif_open(struct inode *inode, struct file *file) 474 { 475 return seq_open_net(inode, file, &ip6mr_vif_seq_ops, 476 sizeof(struct ipmr_vif_iter)); 477 } 478 479 static const struct file_operations ip6mr_vif_fops = { 480 .owner = THIS_MODULE, 481 .open = ip6mr_vif_open, 482 .read = seq_read, 483 .llseek = seq_lseek, 484 .release = seq_release_net, 485 }; 486 487 static void *ipmr_mfc_seq_start(struct seq_file *seq, loff_t *pos) 488 { 489 struct ipmr_mfc_iter *it = seq->private; 490 struct net *net = seq_file_net(seq); 491 struct mr6_table *mrt; 492 493 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT); 494 if (!mrt) 495 return ERR_PTR(-ENOENT); 496 497 it->mrt = mrt; 498 return *pos ? ipmr_mfc_seq_idx(net, seq->private, *pos - 1) 499 : SEQ_START_TOKEN; 500 } 501 502 static void *ipmr_mfc_seq_next(struct seq_file *seq, void *v, loff_t *pos) 503 { 504 struct mfc6_cache *mfc = v; 505 struct ipmr_mfc_iter *it = seq->private; 506 struct net *net = seq_file_net(seq); 507 struct mr6_table *mrt = it->mrt; 508 509 ++*pos; 510 511 if (v == SEQ_START_TOKEN) 512 return ipmr_mfc_seq_idx(net, seq->private, 0); 513 514 if (mfc->list.next != it->cache) 515 return list_entry(mfc->list.next, struct mfc6_cache, list); 516 517 if (it->cache == &mrt->mfc6_unres_queue) 518 goto end_of_list; 519 520 BUG_ON(it->cache != &mrt->mfc6_cache_array[it->ct]); 521 522 while (++it->ct < MFC6_LINES) { 523 it->cache = &mrt->mfc6_cache_array[it->ct]; 524 if (list_empty(it->cache)) 525 continue; 526 return list_first_entry(it->cache, struct mfc6_cache, list); 527 } 528 529 /* exhausted cache_array, show unresolved */ 530 read_unlock(&mrt_lock); 531 it->cache = &mrt->mfc6_unres_queue; 532 it->ct = 0; 533 534 spin_lock_bh(&mfc_unres_lock); 535 if (!list_empty(it->cache)) 536 return list_first_entry(it->cache, struct mfc6_cache, list); 537 538 end_of_list: 539 spin_unlock_bh(&mfc_unres_lock); 540 it->cache = NULL; 541 542 return NULL; 543 } 544 545 static void ipmr_mfc_seq_stop(struct seq_file *seq, void *v) 546 { 547 struct ipmr_mfc_iter *it = seq->private; 548 struct mr6_table *mrt = it->mrt; 549 550 if (it->cache == &mrt->mfc6_unres_queue) 551 spin_unlock_bh(&mfc_unres_lock); 552 else if (it->cache == &mrt->mfc6_cache_array[it->ct]) 553 read_unlock(&mrt_lock); 554 } 555 556 static int ipmr_mfc_seq_show(struct seq_file *seq, void *v) 557 { 558 int n; 559 560 if (v == SEQ_START_TOKEN) { 561 seq_puts(seq, 562 "Group " 563 "Origin " 564 "Iif Pkts Bytes Wrong Oifs\n"); 565 } else { 566 const struct mfc6_cache *mfc = v; 567 const struct ipmr_mfc_iter *it = seq->private; 568 struct mr6_table *mrt = it->mrt; 569 570 seq_printf(seq, "%pI6 %pI6 %-3hd", 571 &mfc->mf6c_mcastgrp, &mfc->mf6c_origin, 572 mfc->mf6c_parent); 573 574 if (it->cache != &mrt->mfc6_unres_queue) { 575 seq_printf(seq, " %8lu %8lu %8lu", 576 mfc->mfc_un.res.pkt, 577 mfc->mfc_un.res.bytes, 578 mfc->mfc_un.res.wrong_if); 579 for (n = mfc->mfc_un.res.minvif; 580 n < mfc->mfc_un.res.maxvif; n++) { 581 if (MIF_EXISTS(mrt, n) && 582 mfc->mfc_un.res.ttls[n] < 255) 583 seq_printf(seq, 584 " %2d:%-3d", 585 n, mfc->mfc_un.res.ttls[n]); 586 } 587 } else { 588 /* unresolved mfc_caches don't contain 589 * pkt, bytes and wrong_if values 590 */ 591 seq_printf(seq, " %8lu %8lu %8lu", 0ul, 0ul, 0ul); 592 } 593 seq_putc(seq, '\n'); 594 } 595 return 0; 596 } 597 598 static const struct seq_operations ipmr_mfc_seq_ops = { 599 .start = ipmr_mfc_seq_start, 600 .next = ipmr_mfc_seq_next, 601 .stop = ipmr_mfc_seq_stop, 602 .show = ipmr_mfc_seq_show, 603 }; 604 605 static int ipmr_mfc_open(struct inode *inode, struct file *file) 606 { 607 return seq_open_net(inode, file, &ipmr_mfc_seq_ops, 608 sizeof(struct ipmr_mfc_iter)); 609 } 610 611 static const struct file_operations ip6mr_mfc_fops = { 612 .owner = THIS_MODULE, 613 .open = ipmr_mfc_open, 614 .read = seq_read, 615 .llseek = seq_lseek, 616 .release = seq_release_net, 617 }; 618 #endif 619 620 #ifdef CONFIG_IPV6_PIMSM_V2 621 622 static int pim6_rcv(struct sk_buff *skb) 623 { 624 struct pimreghdr *pim; 625 struct ipv6hdr *encap; 626 struct net_device *reg_dev = NULL; 627 struct net *net = dev_net(skb->dev); 628 struct mr6_table *mrt; 629 struct flowi6 fl6 = { 630 .flowi6_iif = skb->dev->ifindex, 631 .flowi6_mark = skb->mark, 632 }; 633 int reg_vif_num; 634 635 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(*encap))) 636 goto drop; 637 638 pim = (struct pimreghdr *)skb_transport_header(skb); 639 if (pim->type != ((PIM_VERSION << 4) | PIM_TYPE_REGISTER) || 640 (pim->flags & PIM_NULL_REGISTER) || 641 (csum_ipv6_magic(&ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr, 642 sizeof(*pim), IPPROTO_PIM, 643 csum_partial((void *)pim, sizeof(*pim), 0)) && 644 csum_fold(skb_checksum(skb, 0, skb->len, 0)))) 645 goto drop; 646 647 /* check if the inner packet is destined to mcast group */ 648 encap = (struct ipv6hdr *)(skb_transport_header(skb) + 649 sizeof(*pim)); 650 651 if (!ipv6_addr_is_multicast(&encap->daddr) || 652 encap->payload_len == 0 || 653 ntohs(encap->payload_len) + sizeof(*pim) > skb->len) 654 goto drop; 655 656 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0) 657 goto drop; 658 reg_vif_num = mrt->mroute_reg_vif_num; 659 660 read_lock(&mrt_lock); 661 if (reg_vif_num >= 0) 662 reg_dev = mrt->vif6_table[reg_vif_num].dev; 663 if (reg_dev) 664 dev_hold(reg_dev); 665 read_unlock(&mrt_lock); 666 667 if (!reg_dev) 668 goto drop; 669 670 skb->mac_header = skb->network_header; 671 skb_pull(skb, (u8 *)encap - skb->data); 672 skb_reset_network_header(skb); 673 skb->protocol = htons(ETH_P_IPV6); 674 skb->ip_summed = CHECKSUM_NONE; 675 676 skb_tunnel_rx(skb, reg_dev, dev_net(reg_dev)); 677 678 netif_rx(skb); 679 680 dev_put(reg_dev); 681 return 0; 682 drop: 683 kfree_skb(skb); 684 return 0; 685 } 686 687 static const struct inet6_protocol pim6_protocol = { 688 .handler = pim6_rcv, 689 }; 690 691 /* Service routines creating virtual interfaces: PIMREG */ 692 693 static netdev_tx_t reg_vif_xmit(struct sk_buff *skb, 694 struct net_device *dev) 695 { 696 struct net *net = dev_net(dev); 697 struct mr6_table *mrt; 698 struct flowi6 fl6 = { 699 .flowi6_oif = dev->ifindex, 700 .flowi6_iif = skb->skb_iif ? : LOOPBACK_IFINDEX, 701 .flowi6_mark = skb->mark, 702 }; 703 int err; 704 705 err = ip6mr_fib_lookup(net, &fl6, &mrt); 706 if (err < 0) { 707 kfree_skb(skb); 708 return err; 709 } 710 711 read_lock(&mrt_lock); 712 dev->stats.tx_bytes += skb->len; 713 dev->stats.tx_packets++; 714 ip6mr_cache_report(mrt, skb, mrt->mroute_reg_vif_num, MRT6MSG_WHOLEPKT); 715 read_unlock(&mrt_lock); 716 kfree_skb(skb); 717 return NETDEV_TX_OK; 718 } 719 720 static int reg_vif_get_iflink(const struct net_device *dev) 721 { 722 return 0; 723 } 724 725 static const struct net_device_ops reg_vif_netdev_ops = { 726 .ndo_start_xmit = reg_vif_xmit, 727 .ndo_get_iflink = reg_vif_get_iflink, 728 }; 729 730 static void reg_vif_setup(struct net_device *dev) 731 { 732 dev->type = ARPHRD_PIMREG; 733 dev->mtu = 1500 - sizeof(struct ipv6hdr) - 8; 734 dev->flags = IFF_NOARP; 735 dev->netdev_ops = ®_vif_netdev_ops; 736 dev->destructor = free_netdev; 737 dev->features |= NETIF_F_NETNS_LOCAL; 738 } 739 740 static struct net_device *ip6mr_reg_vif(struct net *net, struct mr6_table *mrt) 741 { 742 struct net_device *dev; 743 char name[IFNAMSIZ]; 744 745 if (mrt->id == RT6_TABLE_DFLT) 746 sprintf(name, "pim6reg"); 747 else 748 sprintf(name, "pim6reg%u", mrt->id); 749 750 dev = alloc_netdev(0, name, NET_NAME_UNKNOWN, reg_vif_setup); 751 if (!dev) 752 return NULL; 753 754 dev_net_set(dev, net); 755 756 if (register_netdevice(dev)) { 757 free_netdev(dev); 758 return NULL; 759 } 760 761 if (dev_open(dev)) 762 goto failure; 763 764 dev_hold(dev); 765 return dev; 766 767 failure: 768 unregister_netdevice(dev); 769 return NULL; 770 } 771 #endif 772 773 /* 774 * Delete a VIF entry 775 */ 776 777 static int mif6_delete(struct mr6_table *mrt, int vifi, int notify, 778 struct list_head *head) 779 { 780 struct mif_device *v; 781 struct net_device *dev; 782 struct inet6_dev *in6_dev; 783 784 if (vifi < 0 || vifi >= mrt->maxvif) 785 return -EADDRNOTAVAIL; 786 787 v = &mrt->vif6_table[vifi]; 788 789 write_lock_bh(&mrt_lock); 790 dev = v->dev; 791 v->dev = NULL; 792 793 if (!dev) { 794 write_unlock_bh(&mrt_lock); 795 return -EADDRNOTAVAIL; 796 } 797 798 #ifdef CONFIG_IPV6_PIMSM_V2 799 if (vifi == mrt->mroute_reg_vif_num) 800 mrt->mroute_reg_vif_num = -1; 801 #endif 802 803 if (vifi + 1 == mrt->maxvif) { 804 int tmp; 805 for (tmp = vifi - 1; tmp >= 0; tmp--) { 806 if (MIF_EXISTS(mrt, tmp)) 807 break; 808 } 809 mrt->maxvif = tmp + 1; 810 } 811 812 write_unlock_bh(&mrt_lock); 813 814 dev_set_allmulti(dev, -1); 815 816 in6_dev = __in6_dev_get(dev); 817 if (in6_dev) { 818 in6_dev->cnf.mc_forwarding--; 819 inet6_netconf_notify_devconf(dev_net(dev), 820 NETCONFA_MC_FORWARDING, 821 dev->ifindex, &in6_dev->cnf); 822 } 823 824 if ((v->flags & MIFF_REGISTER) && !notify) 825 unregister_netdevice_queue(dev, head); 826 827 dev_put(dev); 828 return 0; 829 } 830 831 static inline void ip6mr_cache_free(struct mfc6_cache *c) 832 { 833 kmem_cache_free(mrt_cachep, c); 834 } 835 836 /* Destroy an unresolved cache entry, killing queued skbs 837 and reporting error to netlink readers. 838 */ 839 840 static void ip6mr_destroy_unres(struct mr6_table *mrt, struct mfc6_cache *c) 841 { 842 struct net *net = read_pnet(&mrt->net); 843 struct sk_buff *skb; 844 845 atomic_dec(&mrt->cache_resolve_queue_len); 846 847 while ((skb = skb_dequeue(&c->mfc_un.unres.unresolved)) != NULL) { 848 if (ipv6_hdr(skb)->version == 0) { 849 struct nlmsghdr *nlh = (struct nlmsghdr *)skb_pull(skb, sizeof(struct ipv6hdr)); 850 nlh->nlmsg_type = NLMSG_ERROR; 851 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr)); 852 skb_trim(skb, nlh->nlmsg_len); 853 ((struct nlmsgerr *)nlmsg_data(nlh))->error = -ETIMEDOUT; 854 rtnl_unicast(skb, net, NETLINK_CB(skb).portid); 855 } else 856 kfree_skb(skb); 857 } 858 859 ip6mr_cache_free(c); 860 } 861 862 863 /* Timer process for all the unresolved queue. */ 864 865 static void ipmr_do_expire_process(struct mr6_table *mrt) 866 { 867 unsigned long now = jiffies; 868 unsigned long expires = 10 * HZ; 869 struct mfc6_cache *c, *next; 870 871 list_for_each_entry_safe(c, next, &mrt->mfc6_unres_queue, list) { 872 if (time_after(c->mfc_un.unres.expires, now)) { 873 /* not yet... */ 874 unsigned long interval = c->mfc_un.unres.expires - now; 875 if (interval < expires) 876 expires = interval; 877 continue; 878 } 879 880 list_del(&c->list); 881 mr6_netlink_event(mrt, c, RTM_DELROUTE); 882 ip6mr_destroy_unres(mrt, c); 883 } 884 885 if (!list_empty(&mrt->mfc6_unres_queue)) 886 mod_timer(&mrt->ipmr_expire_timer, jiffies + expires); 887 } 888 889 static void ipmr_expire_process(unsigned long arg) 890 { 891 struct mr6_table *mrt = (struct mr6_table *)arg; 892 893 if (!spin_trylock(&mfc_unres_lock)) { 894 mod_timer(&mrt->ipmr_expire_timer, jiffies + 1); 895 return; 896 } 897 898 if (!list_empty(&mrt->mfc6_unres_queue)) 899 ipmr_do_expire_process(mrt); 900 901 spin_unlock(&mfc_unres_lock); 902 } 903 904 /* Fill oifs list. It is called under write locked mrt_lock. */ 905 906 static void ip6mr_update_thresholds(struct mr6_table *mrt, struct mfc6_cache *cache, 907 unsigned char *ttls) 908 { 909 int vifi; 910 911 cache->mfc_un.res.minvif = MAXMIFS; 912 cache->mfc_un.res.maxvif = 0; 913 memset(cache->mfc_un.res.ttls, 255, MAXMIFS); 914 915 for (vifi = 0; vifi < mrt->maxvif; vifi++) { 916 if (MIF_EXISTS(mrt, vifi) && 917 ttls[vifi] && ttls[vifi] < 255) { 918 cache->mfc_un.res.ttls[vifi] = ttls[vifi]; 919 if (cache->mfc_un.res.minvif > vifi) 920 cache->mfc_un.res.minvif = vifi; 921 if (cache->mfc_un.res.maxvif <= vifi) 922 cache->mfc_un.res.maxvif = vifi + 1; 923 } 924 } 925 cache->mfc_un.res.lastuse = jiffies; 926 } 927 928 static int mif6_add(struct net *net, struct mr6_table *mrt, 929 struct mif6ctl *vifc, int mrtsock) 930 { 931 int vifi = vifc->mif6c_mifi; 932 struct mif_device *v = &mrt->vif6_table[vifi]; 933 struct net_device *dev; 934 struct inet6_dev *in6_dev; 935 int err; 936 937 /* Is vif busy ? */ 938 if (MIF_EXISTS(mrt, vifi)) 939 return -EADDRINUSE; 940 941 switch (vifc->mif6c_flags) { 942 #ifdef CONFIG_IPV6_PIMSM_V2 943 case MIFF_REGISTER: 944 /* 945 * Special Purpose VIF in PIM 946 * All the packets will be sent to the daemon 947 */ 948 if (mrt->mroute_reg_vif_num >= 0) 949 return -EADDRINUSE; 950 dev = ip6mr_reg_vif(net, mrt); 951 if (!dev) 952 return -ENOBUFS; 953 err = dev_set_allmulti(dev, 1); 954 if (err) { 955 unregister_netdevice(dev); 956 dev_put(dev); 957 return err; 958 } 959 break; 960 #endif 961 case 0: 962 dev = dev_get_by_index(net, vifc->mif6c_pifi); 963 if (!dev) 964 return -EADDRNOTAVAIL; 965 err = dev_set_allmulti(dev, 1); 966 if (err) { 967 dev_put(dev); 968 return err; 969 } 970 break; 971 default: 972 return -EINVAL; 973 } 974 975 in6_dev = __in6_dev_get(dev); 976 if (in6_dev) { 977 in6_dev->cnf.mc_forwarding++; 978 inet6_netconf_notify_devconf(dev_net(dev), 979 NETCONFA_MC_FORWARDING, 980 dev->ifindex, &in6_dev->cnf); 981 } 982 983 /* 984 * Fill in the VIF structures 985 */ 986 v->rate_limit = vifc->vifc_rate_limit; 987 v->flags = vifc->mif6c_flags; 988 if (!mrtsock) 989 v->flags |= VIFF_STATIC; 990 v->threshold = vifc->vifc_threshold; 991 v->bytes_in = 0; 992 v->bytes_out = 0; 993 v->pkt_in = 0; 994 v->pkt_out = 0; 995 v->link = dev->ifindex; 996 if (v->flags & MIFF_REGISTER) 997 v->link = dev_get_iflink(dev); 998 999 /* And finish update writing critical data */ 1000 write_lock_bh(&mrt_lock); 1001 v->dev = dev; 1002 #ifdef CONFIG_IPV6_PIMSM_V2 1003 if (v->flags & MIFF_REGISTER) 1004 mrt->mroute_reg_vif_num = vifi; 1005 #endif 1006 if (vifi + 1 > mrt->maxvif) 1007 mrt->maxvif = vifi + 1; 1008 write_unlock_bh(&mrt_lock); 1009 return 0; 1010 } 1011 1012 static struct mfc6_cache *ip6mr_cache_find(struct mr6_table *mrt, 1013 const struct in6_addr *origin, 1014 const struct in6_addr *mcastgrp) 1015 { 1016 int line = MFC6_HASH(mcastgrp, origin); 1017 struct mfc6_cache *c; 1018 1019 list_for_each_entry(c, &mrt->mfc6_cache_array[line], list) { 1020 if (ipv6_addr_equal(&c->mf6c_origin, origin) && 1021 ipv6_addr_equal(&c->mf6c_mcastgrp, mcastgrp)) 1022 return c; 1023 } 1024 return NULL; 1025 } 1026 1027 /* Look for a (*,*,oif) entry */ 1028 static struct mfc6_cache *ip6mr_cache_find_any_parent(struct mr6_table *mrt, 1029 mifi_t mifi) 1030 { 1031 int line = MFC6_HASH(&in6addr_any, &in6addr_any); 1032 struct mfc6_cache *c; 1033 1034 list_for_each_entry(c, &mrt->mfc6_cache_array[line], list) 1035 if (ipv6_addr_any(&c->mf6c_origin) && 1036 ipv6_addr_any(&c->mf6c_mcastgrp) && 1037 (c->mfc_un.res.ttls[mifi] < 255)) 1038 return c; 1039 1040 return NULL; 1041 } 1042 1043 /* Look for a (*,G) entry */ 1044 static struct mfc6_cache *ip6mr_cache_find_any(struct mr6_table *mrt, 1045 struct in6_addr *mcastgrp, 1046 mifi_t mifi) 1047 { 1048 int line = MFC6_HASH(mcastgrp, &in6addr_any); 1049 struct mfc6_cache *c, *proxy; 1050 1051 if (ipv6_addr_any(mcastgrp)) 1052 goto skip; 1053 1054 list_for_each_entry(c, &mrt->mfc6_cache_array[line], list) 1055 if (ipv6_addr_any(&c->mf6c_origin) && 1056 ipv6_addr_equal(&c->mf6c_mcastgrp, mcastgrp)) { 1057 if (c->mfc_un.res.ttls[mifi] < 255) 1058 return c; 1059 1060 /* It's ok if the mifi is part of the static tree */ 1061 proxy = ip6mr_cache_find_any_parent(mrt, 1062 c->mf6c_parent); 1063 if (proxy && proxy->mfc_un.res.ttls[mifi] < 255) 1064 return c; 1065 } 1066 1067 skip: 1068 return ip6mr_cache_find_any_parent(mrt, mifi); 1069 } 1070 1071 /* 1072 * Allocate a multicast cache entry 1073 */ 1074 static struct mfc6_cache *ip6mr_cache_alloc(void) 1075 { 1076 struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_KERNEL); 1077 if (!c) 1078 return NULL; 1079 c->mfc_un.res.last_assert = jiffies - MFC_ASSERT_THRESH - 1; 1080 c->mfc_un.res.minvif = MAXMIFS; 1081 return c; 1082 } 1083 1084 static struct mfc6_cache *ip6mr_cache_alloc_unres(void) 1085 { 1086 struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_ATOMIC); 1087 if (!c) 1088 return NULL; 1089 skb_queue_head_init(&c->mfc_un.unres.unresolved); 1090 c->mfc_un.unres.expires = jiffies + 10 * HZ; 1091 return c; 1092 } 1093 1094 /* 1095 * A cache entry has gone into a resolved state from queued 1096 */ 1097 1098 static void ip6mr_cache_resolve(struct net *net, struct mr6_table *mrt, 1099 struct mfc6_cache *uc, struct mfc6_cache *c) 1100 { 1101 struct sk_buff *skb; 1102 1103 /* 1104 * Play the pending entries through our router 1105 */ 1106 1107 while ((skb = __skb_dequeue(&uc->mfc_un.unres.unresolved))) { 1108 if (ipv6_hdr(skb)->version == 0) { 1109 struct nlmsghdr *nlh = (struct nlmsghdr *)skb_pull(skb, sizeof(struct ipv6hdr)); 1110 1111 if (__ip6mr_fill_mroute(mrt, skb, c, nlmsg_data(nlh)) > 0) { 1112 nlh->nlmsg_len = skb_tail_pointer(skb) - (u8 *)nlh; 1113 } else { 1114 nlh->nlmsg_type = NLMSG_ERROR; 1115 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr)); 1116 skb_trim(skb, nlh->nlmsg_len); 1117 ((struct nlmsgerr *)nlmsg_data(nlh))->error = -EMSGSIZE; 1118 } 1119 rtnl_unicast(skb, net, NETLINK_CB(skb).portid); 1120 } else 1121 ip6_mr_forward(net, mrt, skb, c); 1122 } 1123 } 1124 1125 /* 1126 * Bounce a cache query up to pim6sd. We could use netlink for this but pim6sd 1127 * expects the following bizarre scheme. 1128 * 1129 * Called under mrt_lock. 1130 */ 1131 1132 static int ip6mr_cache_report(struct mr6_table *mrt, struct sk_buff *pkt, 1133 mifi_t mifi, int assert) 1134 { 1135 struct sk_buff *skb; 1136 struct mrt6msg *msg; 1137 int ret; 1138 1139 #ifdef CONFIG_IPV6_PIMSM_V2 1140 if (assert == MRT6MSG_WHOLEPKT) 1141 skb = skb_realloc_headroom(pkt, -skb_network_offset(pkt) 1142 +sizeof(*msg)); 1143 else 1144 #endif 1145 skb = alloc_skb(sizeof(struct ipv6hdr) + sizeof(*msg), GFP_ATOMIC); 1146 1147 if (!skb) 1148 return -ENOBUFS; 1149 1150 /* I suppose that internal messages 1151 * do not require checksums */ 1152 1153 skb->ip_summed = CHECKSUM_UNNECESSARY; 1154 1155 #ifdef CONFIG_IPV6_PIMSM_V2 1156 if (assert == MRT6MSG_WHOLEPKT) { 1157 /* Ugly, but we have no choice with this interface. 1158 Duplicate old header, fix length etc. 1159 And all this only to mangle msg->im6_msgtype and 1160 to set msg->im6_mbz to "mbz" :-) 1161 */ 1162 skb_push(skb, -skb_network_offset(pkt)); 1163 1164 skb_push(skb, sizeof(*msg)); 1165 skb_reset_transport_header(skb); 1166 msg = (struct mrt6msg *)skb_transport_header(skb); 1167 msg->im6_mbz = 0; 1168 msg->im6_msgtype = MRT6MSG_WHOLEPKT; 1169 msg->im6_mif = mrt->mroute_reg_vif_num; 1170 msg->im6_pad = 0; 1171 msg->im6_src = ipv6_hdr(pkt)->saddr; 1172 msg->im6_dst = ipv6_hdr(pkt)->daddr; 1173 1174 skb->ip_summed = CHECKSUM_UNNECESSARY; 1175 } else 1176 #endif 1177 { 1178 /* 1179 * Copy the IP header 1180 */ 1181 1182 skb_put(skb, sizeof(struct ipv6hdr)); 1183 skb_reset_network_header(skb); 1184 skb_copy_to_linear_data(skb, ipv6_hdr(pkt), sizeof(struct ipv6hdr)); 1185 1186 /* 1187 * Add our header 1188 */ 1189 skb_put(skb, sizeof(*msg)); 1190 skb_reset_transport_header(skb); 1191 msg = (struct mrt6msg *)skb_transport_header(skb); 1192 1193 msg->im6_mbz = 0; 1194 msg->im6_msgtype = assert; 1195 msg->im6_mif = mifi; 1196 msg->im6_pad = 0; 1197 msg->im6_src = ipv6_hdr(pkt)->saddr; 1198 msg->im6_dst = ipv6_hdr(pkt)->daddr; 1199 1200 skb_dst_set(skb, dst_clone(skb_dst(pkt))); 1201 skb->ip_summed = CHECKSUM_UNNECESSARY; 1202 } 1203 1204 if (!mrt->mroute6_sk) { 1205 kfree_skb(skb); 1206 return -EINVAL; 1207 } 1208 1209 /* 1210 * Deliver to user space multicast routing algorithms 1211 */ 1212 ret = sock_queue_rcv_skb(mrt->mroute6_sk, skb); 1213 if (ret < 0) { 1214 net_warn_ratelimited("mroute6: pending queue full, dropping entries\n"); 1215 kfree_skb(skb); 1216 } 1217 1218 return ret; 1219 } 1220 1221 /* 1222 * Queue a packet for resolution. It gets locked cache entry! 1223 */ 1224 1225 static int 1226 ip6mr_cache_unresolved(struct mr6_table *mrt, mifi_t mifi, struct sk_buff *skb) 1227 { 1228 bool found = false; 1229 int err; 1230 struct mfc6_cache *c; 1231 1232 spin_lock_bh(&mfc_unres_lock); 1233 list_for_each_entry(c, &mrt->mfc6_unres_queue, list) { 1234 if (ipv6_addr_equal(&c->mf6c_mcastgrp, &ipv6_hdr(skb)->daddr) && 1235 ipv6_addr_equal(&c->mf6c_origin, &ipv6_hdr(skb)->saddr)) { 1236 found = true; 1237 break; 1238 } 1239 } 1240 1241 if (!found) { 1242 /* 1243 * Create a new entry if allowable 1244 */ 1245 1246 if (atomic_read(&mrt->cache_resolve_queue_len) >= 10 || 1247 (c = ip6mr_cache_alloc_unres()) == NULL) { 1248 spin_unlock_bh(&mfc_unres_lock); 1249 1250 kfree_skb(skb); 1251 return -ENOBUFS; 1252 } 1253 1254 /* 1255 * Fill in the new cache entry 1256 */ 1257 c->mf6c_parent = -1; 1258 c->mf6c_origin = ipv6_hdr(skb)->saddr; 1259 c->mf6c_mcastgrp = ipv6_hdr(skb)->daddr; 1260 1261 /* 1262 * Reflect first query at pim6sd 1263 */ 1264 err = ip6mr_cache_report(mrt, skb, mifi, MRT6MSG_NOCACHE); 1265 if (err < 0) { 1266 /* If the report failed throw the cache entry 1267 out - Brad Parker 1268 */ 1269 spin_unlock_bh(&mfc_unres_lock); 1270 1271 ip6mr_cache_free(c); 1272 kfree_skb(skb); 1273 return err; 1274 } 1275 1276 atomic_inc(&mrt->cache_resolve_queue_len); 1277 list_add(&c->list, &mrt->mfc6_unres_queue); 1278 mr6_netlink_event(mrt, c, RTM_NEWROUTE); 1279 1280 ipmr_do_expire_process(mrt); 1281 } 1282 1283 /* 1284 * See if we can append the packet 1285 */ 1286 if (c->mfc_un.unres.unresolved.qlen > 3) { 1287 kfree_skb(skb); 1288 err = -ENOBUFS; 1289 } else { 1290 skb_queue_tail(&c->mfc_un.unres.unresolved, skb); 1291 err = 0; 1292 } 1293 1294 spin_unlock_bh(&mfc_unres_lock); 1295 return err; 1296 } 1297 1298 /* 1299 * MFC6 cache manipulation by user space 1300 */ 1301 1302 static int ip6mr_mfc_delete(struct mr6_table *mrt, struct mf6cctl *mfc, 1303 int parent) 1304 { 1305 int line; 1306 struct mfc6_cache *c, *next; 1307 1308 line = MFC6_HASH(&mfc->mf6cc_mcastgrp.sin6_addr, &mfc->mf6cc_origin.sin6_addr); 1309 1310 list_for_each_entry_safe(c, next, &mrt->mfc6_cache_array[line], list) { 1311 if (ipv6_addr_equal(&c->mf6c_origin, &mfc->mf6cc_origin.sin6_addr) && 1312 ipv6_addr_equal(&c->mf6c_mcastgrp, 1313 &mfc->mf6cc_mcastgrp.sin6_addr) && 1314 (parent == -1 || parent == c->mf6c_parent)) { 1315 write_lock_bh(&mrt_lock); 1316 list_del(&c->list); 1317 write_unlock_bh(&mrt_lock); 1318 1319 mr6_netlink_event(mrt, c, RTM_DELROUTE); 1320 ip6mr_cache_free(c); 1321 return 0; 1322 } 1323 } 1324 return -ENOENT; 1325 } 1326 1327 static int ip6mr_device_event(struct notifier_block *this, 1328 unsigned long event, void *ptr) 1329 { 1330 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 1331 struct net *net = dev_net(dev); 1332 struct mr6_table *mrt; 1333 struct mif_device *v; 1334 int ct; 1335 1336 if (event != NETDEV_UNREGISTER) 1337 return NOTIFY_DONE; 1338 1339 ip6mr_for_each_table(mrt, net) { 1340 v = &mrt->vif6_table[0]; 1341 for (ct = 0; ct < mrt->maxvif; ct++, v++) { 1342 if (v->dev == dev) 1343 mif6_delete(mrt, ct, 1, NULL); 1344 } 1345 } 1346 1347 return NOTIFY_DONE; 1348 } 1349 1350 static struct notifier_block ip6_mr_notifier = { 1351 .notifier_call = ip6mr_device_event 1352 }; 1353 1354 /* 1355 * Setup for IP multicast routing 1356 */ 1357 1358 static int __net_init ip6mr_net_init(struct net *net) 1359 { 1360 int err; 1361 1362 err = ip6mr_rules_init(net); 1363 if (err < 0) 1364 goto fail; 1365 1366 #ifdef CONFIG_PROC_FS 1367 err = -ENOMEM; 1368 if (!proc_create("ip6_mr_vif", 0, net->proc_net, &ip6mr_vif_fops)) 1369 goto proc_vif_fail; 1370 if (!proc_create("ip6_mr_cache", 0, net->proc_net, &ip6mr_mfc_fops)) 1371 goto proc_cache_fail; 1372 #endif 1373 1374 return 0; 1375 1376 #ifdef CONFIG_PROC_FS 1377 proc_cache_fail: 1378 remove_proc_entry("ip6_mr_vif", net->proc_net); 1379 proc_vif_fail: 1380 ip6mr_rules_exit(net); 1381 #endif 1382 fail: 1383 return err; 1384 } 1385 1386 static void __net_exit ip6mr_net_exit(struct net *net) 1387 { 1388 #ifdef CONFIG_PROC_FS 1389 remove_proc_entry("ip6_mr_cache", net->proc_net); 1390 remove_proc_entry("ip6_mr_vif", net->proc_net); 1391 #endif 1392 ip6mr_rules_exit(net); 1393 } 1394 1395 static struct pernet_operations ip6mr_net_ops = { 1396 .init = ip6mr_net_init, 1397 .exit = ip6mr_net_exit, 1398 }; 1399 1400 int __init ip6_mr_init(void) 1401 { 1402 int err; 1403 1404 mrt_cachep = kmem_cache_create("ip6_mrt_cache", 1405 sizeof(struct mfc6_cache), 1406 0, SLAB_HWCACHE_ALIGN, 1407 NULL); 1408 if (!mrt_cachep) 1409 return -ENOMEM; 1410 1411 err = register_pernet_subsys(&ip6mr_net_ops); 1412 if (err) 1413 goto reg_pernet_fail; 1414 1415 err = register_netdevice_notifier(&ip6_mr_notifier); 1416 if (err) 1417 goto reg_notif_fail; 1418 #ifdef CONFIG_IPV6_PIMSM_V2 1419 if (inet6_add_protocol(&pim6_protocol, IPPROTO_PIM) < 0) { 1420 pr_err("%s: can't add PIM protocol\n", __func__); 1421 err = -EAGAIN; 1422 goto add_proto_fail; 1423 } 1424 #endif 1425 rtnl_register(RTNL_FAMILY_IP6MR, RTM_GETROUTE, NULL, 1426 ip6mr_rtm_dumproute, NULL); 1427 return 0; 1428 #ifdef CONFIG_IPV6_PIMSM_V2 1429 add_proto_fail: 1430 unregister_netdevice_notifier(&ip6_mr_notifier); 1431 #endif 1432 reg_notif_fail: 1433 unregister_pernet_subsys(&ip6mr_net_ops); 1434 reg_pernet_fail: 1435 kmem_cache_destroy(mrt_cachep); 1436 return err; 1437 } 1438 1439 void ip6_mr_cleanup(void) 1440 { 1441 rtnl_unregister(RTNL_FAMILY_IP6MR, RTM_GETROUTE); 1442 #ifdef CONFIG_IPV6_PIMSM_V2 1443 inet6_del_protocol(&pim6_protocol, IPPROTO_PIM); 1444 #endif 1445 unregister_netdevice_notifier(&ip6_mr_notifier); 1446 unregister_pernet_subsys(&ip6mr_net_ops); 1447 kmem_cache_destroy(mrt_cachep); 1448 } 1449 1450 static int ip6mr_mfc_add(struct net *net, struct mr6_table *mrt, 1451 struct mf6cctl *mfc, int mrtsock, int parent) 1452 { 1453 bool found = false; 1454 int line; 1455 struct mfc6_cache *uc, *c; 1456 unsigned char ttls[MAXMIFS]; 1457 int i; 1458 1459 if (mfc->mf6cc_parent >= MAXMIFS) 1460 return -ENFILE; 1461 1462 memset(ttls, 255, MAXMIFS); 1463 for (i = 0; i < MAXMIFS; i++) { 1464 if (IF_ISSET(i, &mfc->mf6cc_ifset)) 1465 ttls[i] = 1; 1466 1467 } 1468 1469 line = MFC6_HASH(&mfc->mf6cc_mcastgrp.sin6_addr, &mfc->mf6cc_origin.sin6_addr); 1470 1471 list_for_each_entry(c, &mrt->mfc6_cache_array[line], list) { 1472 if (ipv6_addr_equal(&c->mf6c_origin, &mfc->mf6cc_origin.sin6_addr) && 1473 ipv6_addr_equal(&c->mf6c_mcastgrp, 1474 &mfc->mf6cc_mcastgrp.sin6_addr) && 1475 (parent == -1 || parent == mfc->mf6cc_parent)) { 1476 found = true; 1477 break; 1478 } 1479 } 1480 1481 if (found) { 1482 write_lock_bh(&mrt_lock); 1483 c->mf6c_parent = mfc->mf6cc_parent; 1484 ip6mr_update_thresholds(mrt, c, ttls); 1485 if (!mrtsock) 1486 c->mfc_flags |= MFC_STATIC; 1487 write_unlock_bh(&mrt_lock); 1488 mr6_netlink_event(mrt, c, RTM_NEWROUTE); 1489 return 0; 1490 } 1491 1492 if (!ipv6_addr_any(&mfc->mf6cc_mcastgrp.sin6_addr) && 1493 !ipv6_addr_is_multicast(&mfc->mf6cc_mcastgrp.sin6_addr)) 1494 return -EINVAL; 1495 1496 c = ip6mr_cache_alloc(); 1497 if (!c) 1498 return -ENOMEM; 1499 1500 c->mf6c_origin = mfc->mf6cc_origin.sin6_addr; 1501 c->mf6c_mcastgrp = mfc->mf6cc_mcastgrp.sin6_addr; 1502 c->mf6c_parent = mfc->mf6cc_parent; 1503 ip6mr_update_thresholds(mrt, c, ttls); 1504 if (!mrtsock) 1505 c->mfc_flags |= MFC_STATIC; 1506 1507 write_lock_bh(&mrt_lock); 1508 list_add(&c->list, &mrt->mfc6_cache_array[line]); 1509 write_unlock_bh(&mrt_lock); 1510 1511 /* 1512 * Check to see if we resolved a queued list. If so we 1513 * need to send on the frames and tidy up. 1514 */ 1515 found = false; 1516 spin_lock_bh(&mfc_unres_lock); 1517 list_for_each_entry(uc, &mrt->mfc6_unres_queue, list) { 1518 if (ipv6_addr_equal(&uc->mf6c_origin, &c->mf6c_origin) && 1519 ipv6_addr_equal(&uc->mf6c_mcastgrp, &c->mf6c_mcastgrp)) { 1520 list_del(&uc->list); 1521 atomic_dec(&mrt->cache_resolve_queue_len); 1522 found = true; 1523 break; 1524 } 1525 } 1526 if (list_empty(&mrt->mfc6_unres_queue)) 1527 del_timer(&mrt->ipmr_expire_timer); 1528 spin_unlock_bh(&mfc_unres_lock); 1529 1530 if (found) { 1531 ip6mr_cache_resolve(net, mrt, uc, c); 1532 ip6mr_cache_free(uc); 1533 } 1534 mr6_netlink_event(mrt, c, RTM_NEWROUTE); 1535 return 0; 1536 } 1537 1538 /* 1539 * Close the multicast socket, and clear the vif tables etc 1540 */ 1541 1542 static void mroute_clean_tables(struct mr6_table *mrt, bool all) 1543 { 1544 int i; 1545 LIST_HEAD(list); 1546 struct mfc6_cache *c, *next; 1547 1548 /* 1549 * Shut down all active vif entries 1550 */ 1551 for (i = 0; i < mrt->maxvif; i++) { 1552 if (!all && (mrt->vif6_table[i].flags & VIFF_STATIC)) 1553 continue; 1554 mif6_delete(mrt, i, 0, &list); 1555 } 1556 unregister_netdevice_many(&list); 1557 1558 /* 1559 * Wipe the cache 1560 */ 1561 for (i = 0; i < MFC6_LINES; i++) { 1562 list_for_each_entry_safe(c, next, &mrt->mfc6_cache_array[i], list) { 1563 if (!all && (c->mfc_flags & MFC_STATIC)) 1564 continue; 1565 write_lock_bh(&mrt_lock); 1566 list_del(&c->list); 1567 write_unlock_bh(&mrt_lock); 1568 1569 mr6_netlink_event(mrt, c, RTM_DELROUTE); 1570 ip6mr_cache_free(c); 1571 } 1572 } 1573 1574 if (atomic_read(&mrt->cache_resolve_queue_len) != 0) { 1575 spin_lock_bh(&mfc_unres_lock); 1576 list_for_each_entry_safe(c, next, &mrt->mfc6_unres_queue, list) { 1577 list_del(&c->list); 1578 mr6_netlink_event(mrt, c, RTM_DELROUTE); 1579 ip6mr_destroy_unres(mrt, c); 1580 } 1581 spin_unlock_bh(&mfc_unres_lock); 1582 } 1583 } 1584 1585 static int ip6mr_sk_init(struct mr6_table *mrt, struct sock *sk) 1586 { 1587 int err = 0; 1588 struct net *net = sock_net(sk); 1589 1590 rtnl_lock(); 1591 write_lock_bh(&mrt_lock); 1592 if (likely(mrt->mroute6_sk == NULL)) { 1593 mrt->mroute6_sk = sk; 1594 net->ipv6.devconf_all->mc_forwarding++; 1595 } else { 1596 err = -EADDRINUSE; 1597 } 1598 write_unlock_bh(&mrt_lock); 1599 1600 if (!err) 1601 inet6_netconf_notify_devconf(net, NETCONFA_MC_FORWARDING, 1602 NETCONFA_IFINDEX_ALL, 1603 net->ipv6.devconf_all); 1604 rtnl_unlock(); 1605 1606 return err; 1607 } 1608 1609 int ip6mr_sk_done(struct sock *sk) 1610 { 1611 int err = -EACCES; 1612 struct net *net = sock_net(sk); 1613 struct mr6_table *mrt; 1614 1615 rtnl_lock(); 1616 ip6mr_for_each_table(mrt, net) { 1617 if (sk == mrt->mroute6_sk) { 1618 write_lock_bh(&mrt_lock); 1619 mrt->mroute6_sk = NULL; 1620 net->ipv6.devconf_all->mc_forwarding--; 1621 write_unlock_bh(&mrt_lock); 1622 inet6_netconf_notify_devconf(net, 1623 NETCONFA_MC_FORWARDING, 1624 NETCONFA_IFINDEX_ALL, 1625 net->ipv6.devconf_all); 1626 1627 mroute_clean_tables(mrt, false); 1628 err = 0; 1629 break; 1630 } 1631 } 1632 rtnl_unlock(); 1633 1634 return err; 1635 } 1636 1637 struct sock *mroute6_socket(struct net *net, struct sk_buff *skb) 1638 { 1639 struct mr6_table *mrt; 1640 struct flowi6 fl6 = { 1641 .flowi6_iif = skb->skb_iif ? : LOOPBACK_IFINDEX, 1642 .flowi6_oif = skb->dev->ifindex, 1643 .flowi6_mark = skb->mark, 1644 }; 1645 1646 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0) 1647 return NULL; 1648 1649 return mrt->mroute6_sk; 1650 } 1651 1652 /* 1653 * Socket options and virtual interface manipulation. The whole 1654 * virtual interface system is a complete heap, but unfortunately 1655 * that's how BSD mrouted happens to think. Maybe one day with a proper 1656 * MOSPF/PIM router set up we can clean this up. 1657 */ 1658 1659 int ip6_mroute_setsockopt(struct sock *sk, int optname, char __user *optval, unsigned int optlen) 1660 { 1661 int ret, parent = 0; 1662 struct mif6ctl vif; 1663 struct mf6cctl mfc; 1664 mifi_t mifi; 1665 struct net *net = sock_net(sk); 1666 struct mr6_table *mrt; 1667 1668 if (sk->sk_type != SOCK_RAW || 1669 inet_sk(sk)->inet_num != IPPROTO_ICMPV6) 1670 return -EOPNOTSUPP; 1671 1672 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT); 1673 if (!mrt) 1674 return -ENOENT; 1675 1676 if (optname != MRT6_INIT) { 1677 if (sk != mrt->mroute6_sk && !ns_capable(net->user_ns, CAP_NET_ADMIN)) 1678 return -EACCES; 1679 } 1680 1681 switch (optname) { 1682 case MRT6_INIT: 1683 if (optlen < sizeof(int)) 1684 return -EINVAL; 1685 1686 return ip6mr_sk_init(mrt, sk); 1687 1688 case MRT6_DONE: 1689 return ip6mr_sk_done(sk); 1690 1691 case MRT6_ADD_MIF: 1692 if (optlen < sizeof(vif)) 1693 return -EINVAL; 1694 if (copy_from_user(&vif, optval, sizeof(vif))) 1695 return -EFAULT; 1696 if (vif.mif6c_mifi >= MAXMIFS) 1697 return -ENFILE; 1698 rtnl_lock(); 1699 ret = mif6_add(net, mrt, &vif, sk == mrt->mroute6_sk); 1700 rtnl_unlock(); 1701 return ret; 1702 1703 case MRT6_DEL_MIF: 1704 if (optlen < sizeof(mifi_t)) 1705 return -EINVAL; 1706 if (copy_from_user(&mifi, optval, sizeof(mifi_t))) 1707 return -EFAULT; 1708 rtnl_lock(); 1709 ret = mif6_delete(mrt, mifi, 0, NULL); 1710 rtnl_unlock(); 1711 return ret; 1712 1713 /* 1714 * Manipulate the forwarding caches. These live 1715 * in a sort of kernel/user symbiosis. 1716 */ 1717 case MRT6_ADD_MFC: 1718 case MRT6_DEL_MFC: 1719 parent = -1; 1720 case MRT6_ADD_MFC_PROXY: 1721 case MRT6_DEL_MFC_PROXY: 1722 if (optlen < sizeof(mfc)) 1723 return -EINVAL; 1724 if (copy_from_user(&mfc, optval, sizeof(mfc))) 1725 return -EFAULT; 1726 if (parent == 0) 1727 parent = mfc.mf6cc_parent; 1728 rtnl_lock(); 1729 if (optname == MRT6_DEL_MFC || optname == MRT6_DEL_MFC_PROXY) 1730 ret = ip6mr_mfc_delete(mrt, &mfc, parent); 1731 else 1732 ret = ip6mr_mfc_add(net, mrt, &mfc, 1733 sk == mrt->mroute6_sk, parent); 1734 rtnl_unlock(); 1735 return ret; 1736 1737 /* 1738 * Control PIM assert (to activate pim will activate assert) 1739 */ 1740 case MRT6_ASSERT: 1741 { 1742 int v; 1743 1744 if (optlen != sizeof(v)) 1745 return -EINVAL; 1746 if (get_user(v, (int __user *)optval)) 1747 return -EFAULT; 1748 mrt->mroute_do_assert = v; 1749 return 0; 1750 } 1751 1752 #ifdef CONFIG_IPV6_PIMSM_V2 1753 case MRT6_PIM: 1754 { 1755 int v; 1756 1757 if (optlen != sizeof(v)) 1758 return -EINVAL; 1759 if (get_user(v, (int __user *)optval)) 1760 return -EFAULT; 1761 v = !!v; 1762 rtnl_lock(); 1763 ret = 0; 1764 if (v != mrt->mroute_do_pim) { 1765 mrt->mroute_do_pim = v; 1766 mrt->mroute_do_assert = v; 1767 } 1768 rtnl_unlock(); 1769 return ret; 1770 } 1771 1772 #endif 1773 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES 1774 case MRT6_TABLE: 1775 { 1776 u32 v; 1777 1778 if (optlen != sizeof(u32)) 1779 return -EINVAL; 1780 if (get_user(v, (u32 __user *)optval)) 1781 return -EFAULT; 1782 /* "pim6reg%u" should not exceed 16 bytes (IFNAMSIZ) */ 1783 if (v != RT_TABLE_DEFAULT && v >= 100000000) 1784 return -EINVAL; 1785 if (sk == mrt->mroute6_sk) 1786 return -EBUSY; 1787 1788 rtnl_lock(); 1789 ret = 0; 1790 if (!ip6mr_new_table(net, v)) 1791 ret = -ENOMEM; 1792 raw6_sk(sk)->ip6mr_table = v; 1793 rtnl_unlock(); 1794 return ret; 1795 } 1796 #endif 1797 /* 1798 * Spurious command, or MRT6_VERSION which you cannot 1799 * set. 1800 */ 1801 default: 1802 return -ENOPROTOOPT; 1803 } 1804 } 1805 1806 /* 1807 * Getsock opt support for the multicast routing system. 1808 */ 1809 1810 int ip6_mroute_getsockopt(struct sock *sk, int optname, char __user *optval, 1811 int __user *optlen) 1812 { 1813 int olr; 1814 int val; 1815 struct net *net = sock_net(sk); 1816 struct mr6_table *mrt; 1817 1818 if (sk->sk_type != SOCK_RAW || 1819 inet_sk(sk)->inet_num != IPPROTO_ICMPV6) 1820 return -EOPNOTSUPP; 1821 1822 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT); 1823 if (!mrt) 1824 return -ENOENT; 1825 1826 switch (optname) { 1827 case MRT6_VERSION: 1828 val = 0x0305; 1829 break; 1830 #ifdef CONFIG_IPV6_PIMSM_V2 1831 case MRT6_PIM: 1832 val = mrt->mroute_do_pim; 1833 break; 1834 #endif 1835 case MRT6_ASSERT: 1836 val = mrt->mroute_do_assert; 1837 break; 1838 default: 1839 return -ENOPROTOOPT; 1840 } 1841 1842 if (get_user(olr, optlen)) 1843 return -EFAULT; 1844 1845 olr = min_t(int, olr, sizeof(int)); 1846 if (olr < 0) 1847 return -EINVAL; 1848 1849 if (put_user(olr, optlen)) 1850 return -EFAULT; 1851 if (copy_to_user(optval, &val, olr)) 1852 return -EFAULT; 1853 return 0; 1854 } 1855 1856 /* 1857 * The IP multicast ioctl support routines. 1858 */ 1859 1860 int ip6mr_ioctl(struct sock *sk, int cmd, void __user *arg) 1861 { 1862 struct sioc_sg_req6 sr; 1863 struct sioc_mif_req6 vr; 1864 struct mif_device *vif; 1865 struct mfc6_cache *c; 1866 struct net *net = sock_net(sk); 1867 struct mr6_table *mrt; 1868 1869 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT); 1870 if (!mrt) 1871 return -ENOENT; 1872 1873 switch (cmd) { 1874 case SIOCGETMIFCNT_IN6: 1875 if (copy_from_user(&vr, arg, sizeof(vr))) 1876 return -EFAULT; 1877 if (vr.mifi >= mrt->maxvif) 1878 return -EINVAL; 1879 read_lock(&mrt_lock); 1880 vif = &mrt->vif6_table[vr.mifi]; 1881 if (MIF_EXISTS(mrt, vr.mifi)) { 1882 vr.icount = vif->pkt_in; 1883 vr.ocount = vif->pkt_out; 1884 vr.ibytes = vif->bytes_in; 1885 vr.obytes = vif->bytes_out; 1886 read_unlock(&mrt_lock); 1887 1888 if (copy_to_user(arg, &vr, sizeof(vr))) 1889 return -EFAULT; 1890 return 0; 1891 } 1892 read_unlock(&mrt_lock); 1893 return -EADDRNOTAVAIL; 1894 case SIOCGETSGCNT_IN6: 1895 if (copy_from_user(&sr, arg, sizeof(sr))) 1896 return -EFAULT; 1897 1898 read_lock(&mrt_lock); 1899 c = ip6mr_cache_find(mrt, &sr.src.sin6_addr, &sr.grp.sin6_addr); 1900 if (c) { 1901 sr.pktcnt = c->mfc_un.res.pkt; 1902 sr.bytecnt = c->mfc_un.res.bytes; 1903 sr.wrong_if = c->mfc_un.res.wrong_if; 1904 read_unlock(&mrt_lock); 1905 1906 if (copy_to_user(arg, &sr, sizeof(sr))) 1907 return -EFAULT; 1908 return 0; 1909 } 1910 read_unlock(&mrt_lock); 1911 return -EADDRNOTAVAIL; 1912 default: 1913 return -ENOIOCTLCMD; 1914 } 1915 } 1916 1917 #ifdef CONFIG_COMPAT 1918 struct compat_sioc_sg_req6 { 1919 struct sockaddr_in6 src; 1920 struct sockaddr_in6 grp; 1921 compat_ulong_t pktcnt; 1922 compat_ulong_t bytecnt; 1923 compat_ulong_t wrong_if; 1924 }; 1925 1926 struct compat_sioc_mif_req6 { 1927 mifi_t mifi; 1928 compat_ulong_t icount; 1929 compat_ulong_t ocount; 1930 compat_ulong_t ibytes; 1931 compat_ulong_t obytes; 1932 }; 1933 1934 int ip6mr_compat_ioctl(struct sock *sk, unsigned int cmd, void __user *arg) 1935 { 1936 struct compat_sioc_sg_req6 sr; 1937 struct compat_sioc_mif_req6 vr; 1938 struct mif_device *vif; 1939 struct mfc6_cache *c; 1940 struct net *net = sock_net(sk); 1941 struct mr6_table *mrt; 1942 1943 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT); 1944 if (!mrt) 1945 return -ENOENT; 1946 1947 switch (cmd) { 1948 case SIOCGETMIFCNT_IN6: 1949 if (copy_from_user(&vr, arg, sizeof(vr))) 1950 return -EFAULT; 1951 if (vr.mifi >= mrt->maxvif) 1952 return -EINVAL; 1953 read_lock(&mrt_lock); 1954 vif = &mrt->vif6_table[vr.mifi]; 1955 if (MIF_EXISTS(mrt, vr.mifi)) { 1956 vr.icount = vif->pkt_in; 1957 vr.ocount = vif->pkt_out; 1958 vr.ibytes = vif->bytes_in; 1959 vr.obytes = vif->bytes_out; 1960 read_unlock(&mrt_lock); 1961 1962 if (copy_to_user(arg, &vr, sizeof(vr))) 1963 return -EFAULT; 1964 return 0; 1965 } 1966 read_unlock(&mrt_lock); 1967 return -EADDRNOTAVAIL; 1968 case SIOCGETSGCNT_IN6: 1969 if (copy_from_user(&sr, arg, sizeof(sr))) 1970 return -EFAULT; 1971 1972 read_lock(&mrt_lock); 1973 c = ip6mr_cache_find(mrt, &sr.src.sin6_addr, &sr.grp.sin6_addr); 1974 if (c) { 1975 sr.pktcnt = c->mfc_un.res.pkt; 1976 sr.bytecnt = c->mfc_un.res.bytes; 1977 sr.wrong_if = c->mfc_un.res.wrong_if; 1978 read_unlock(&mrt_lock); 1979 1980 if (copy_to_user(arg, &sr, sizeof(sr))) 1981 return -EFAULT; 1982 return 0; 1983 } 1984 read_unlock(&mrt_lock); 1985 return -EADDRNOTAVAIL; 1986 default: 1987 return -ENOIOCTLCMD; 1988 } 1989 } 1990 #endif 1991 1992 static inline int ip6mr_forward2_finish(struct net *net, struct sock *sk, struct sk_buff *skb) 1993 { 1994 __IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), 1995 IPSTATS_MIB_OUTFORWDATAGRAMS); 1996 __IP6_ADD_STATS(net, ip6_dst_idev(skb_dst(skb)), 1997 IPSTATS_MIB_OUTOCTETS, skb->len); 1998 return dst_output(net, sk, skb); 1999 } 2000 2001 /* 2002 * Processing handlers for ip6mr_forward 2003 */ 2004 2005 static int ip6mr_forward2(struct net *net, struct mr6_table *mrt, 2006 struct sk_buff *skb, struct mfc6_cache *c, int vifi) 2007 { 2008 struct ipv6hdr *ipv6h; 2009 struct mif_device *vif = &mrt->vif6_table[vifi]; 2010 struct net_device *dev; 2011 struct dst_entry *dst; 2012 struct flowi6 fl6; 2013 2014 if (!vif->dev) 2015 goto out_free; 2016 2017 #ifdef CONFIG_IPV6_PIMSM_V2 2018 if (vif->flags & MIFF_REGISTER) { 2019 vif->pkt_out++; 2020 vif->bytes_out += skb->len; 2021 vif->dev->stats.tx_bytes += skb->len; 2022 vif->dev->stats.tx_packets++; 2023 ip6mr_cache_report(mrt, skb, vifi, MRT6MSG_WHOLEPKT); 2024 goto out_free; 2025 } 2026 #endif 2027 2028 ipv6h = ipv6_hdr(skb); 2029 2030 fl6 = (struct flowi6) { 2031 .flowi6_oif = vif->link, 2032 .daddr = ipv6h->daddr, 2033 }; 2034 2035 dst = ip6_route_output(net, NULL, &fl6); 2036 if (dst->error) { 2037 dst_release(dst); 2038 goto out_free; 2039 } 2040 2041 skb_dst_drop(skb); 2042 skb_dst_set(skb, dst); 2043 2044 /* 2045 * RFC1584 teaches, that DVMRP/PIM router must deliver packets locally 2046 * not only before forwarding, but after forwarding on all output 2047 * interfaces. It is clear, if mrouter runs a multicasting 2048 * program, it should receive packets not depending to what interface 2049 * program is joined. 2050 * If we will not make it, the program will have to join on all 2051 * interfaces. On the other hand, multihoming host (or router, but 2052 * not mrouter) cannot join to more than one interface - it will 2053 * result in receiving multiple packets. 2054 */ 2055 dev = vif->dev; 2056 skb->dev = dev; 2057 vif->pkt_out++; 2058 vif->bytes_out += skb->len; 2059 2060 /* We are about to write */ 2061 /* XXX: extension headers? */ 2062 if (skb_cow(skb, sizeof(*ipv6h) + LL_RESERVED_SPACE(dev))) 2063 goto out_free; 2064 2065 ipv6h = ipv6_hdr(skb); 2066 ipv6h->hop_limit--; 2067 2068 IP6CB(skb)->flags |= IP6SKB_FORWARDED; 2069 2070 return NF_HOOK(NFPROTO_IPV6, NF_INET_FORWARD, 2071 net, NULL, skb, skb->dev, dev, 2072 ip6mr_forward2_finish); 2073 2074 out_free: 2075 kfree_skb(skb); 2076 return 0; 2077 } 2078 2079 static int ip6mr_find_vif(struct mr6_table *mrt, struct net_device *dev) 2080 { 2081 int ct; 2082 2083 for (ct = mrt->maxvif - 1; ct >= 0; ct--) { 2084 if (mrt->vif6_table[ct].dev == dev) 2085 break; 2086 } 2087 return ct; 2088 } 2089 2090 static void ip6_mr_forward(struct net *net, struct mr6_table *mrt, 2091 struct sk_buff *skb, struct mfc6_cache *cache) 2092 { 2093 int psend = -1; 2094 int vif, ct; 2095 int true_vifi = ip6mr_find_vif(mrt, skb->dev); 2096 2097 vif = cache->mf6c_parent; 2098 cache->mfc_un.res.pkt++; 2099 cache->mfc_un.res.bytes += skb->len; 2100 cache->mfc_un.res.lastuse = jiffies; 2101 2102 if (ipv6_addr_any(&cache->mf6c_origin) && true_vifi >= 0) { 2103 struct mfc6_cache *cache_proxy; 2104 2105 /* For an (*,G) entry, we only check that the incoming 2106 * interface is part of the static tree. 2107 */ 2108 cache_proxy = ip6mr_cache_find_any_parent(mrt, vif); 2109 if (cache_proxy && 2110 cache_proxy->mfc_un.res.ttls[true_vifi] < 255) 2111 goto forward; 2112 } 2113 2114 /* 2115 * Wrong interface: drop packet and (maybe) send PIM assert. 2116 */ 2117 if (mrt->vif6_table[vif].dev != skb->dev) { 2118 cache->mfc_un.res.wrong_if++; 2119 2120 if (true_vifi >= 0 && mrt->mroute_do_assert && 2121 /* pimsm uses asserts, when switching from RPT to SPT, 2122 so that we cannot check that packet arrived on an oif. 2123 It is bad, but otherwise we would need to move pretty 2124 large chunk of pimd to kernel. Ough... --ANK 2125 */ 2126 (mrt->mroute_do_pim || 2127 cache->mfc_un.res.ttls[true_vifi] < 255) && 2128 time_after(jiffies, 2129 cache->mfc_un.res.last_assert + MFC_ASSERT_THRESH)) { 2130 cache->mfc_un.res.last_assert = jiffies; 2131 ip6mr_cache_report(mrt, skb, true_vifi, MRT6MSG_WRONGMIF); 2132 } 2133 goto dont_forward; 2134 } 2135 2136 forward: 2137 mrt->vif6_table[vif].pkt_in++; 2138 mrt->vif6_table[vif].bytes_in += skb->len; 2139 2140 /* 2141 * Forward the frame 2142 */ 2143 if (ipv6_addr_any(&cache->mf6c_origin) && 2144 ipv6_addr_any(&cache->mf6c_mcastgrp)) { 2145 if (true_vifi >= 0 && 2146 true_vifi != cache->mf6c_parent && 2147 ipv6_hdr(skb)->hop_limit > 2148 cache->mfc_un.res.ttls[cache->mf6c_parent]) { 2149 /* It's an (*,*) entry and the packet is not coming from 2150 * the upstream: forward the packet to the upstream 2151 * only. 2152 */ 2153 psend = cache->mf6c_parent; 2154 goto last_forward; 2155 } 2156 goto dont_forward; 2157 } 2158 for (ct = cache->mfc_un.res.maxvif - 1; ct >= cache->mfc_un.res.minvif; ct--) { 2159 /* For (*,G) entry, don't forward to the incoming interface */ 2160 if ((!ipv6_addr_any(&cache->mf6c_origin) || ct != true_vifi) && 2161 ipv6_hdr(skb)->hop_limit > cache->mfc_un.res.ttls[ct]) { 2162 if (psend != -1) { 2163 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC); 2164 if (skb2) 2165 ip6mr_forward2(net, mrt, skb2, cache, psend); 2166 } 2167 psend = ct; 2168 } 2169 } 2170 last_forward: 2171 if (psend != -1) { 2172 ip6mr_forward2(net, mrt, skb, cache, psend); 2173 return; 2174 } 2175 2176 dont_forward: 2177 kfree_skb(skb); 2178 } 2179 2180 2181 /* 2182 * Multicast packets for forwarding arrive here 2183 */ 2184 2185 int ip6_mr_input(struct sk_buff *skb) 2186 { 2187 struct mfc6_cache *cache; 2188 struct net *net = dev_net(skb->dev); 2189 struct mr6_table *mrt; 2190 struct flowi6 fl6 = { 2191 .flowi6_iif = skb->dev->ifindex, 2192 .flowi6_mark = skb->mark, 2193 }; 2194 int err; 2195 2196 err = ip6mr_fib_lookup(net, &fl6, &mrt); 2197 if (err < 0) { 2198 kfree_skb(skb); 2199 return err; 2200 } 2201 2202 read_lock(&mrt_lock); 2203 cache = ip6mr_cache_find(mrt, 2204 &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr); 2205 if (!cache) { 2206 int vif = ip6mr_find_vif(mrt, skb->dev); 2207 2208 if (vif >= 0) 2209 cache = ip6mr_cache_find_any(mrt, 2210 &ipv6_hdr(skb)->daddr, 2211 vif); 2212 } 2213 2214 /* 2215 * No usable cache entry 2216 */ 2217 if (!cache) { 2218 int vif; 2219 2220 vif = ip6mr_find_vif(mrt, skb->dev); 2221 if (vif >= 0) { 2222 int err = ip6mr_cache_unresolved(mrt, vif, skb); 2223 read_unlock(&mrt_lock); 2224 2225 return err; 2226 } 2227 read_unlock(&mrt_lock); 2228 kfree_skb(skb); 2229 return -ENODEV; 2230 } 2231 2232 ip6_mr_forward(net, mrt, skb, cache); 2233 2234 read_unlock(&mrt_lock); 2235 2236 return 0; 2237 } 2238 2239 2240 static int __ip6mr_fill_mroute(struct mr6_table *mrt, struct sk_buff *skb, 2241 struct mfc6_cache *c, struct rtmsg *rtm) 2242 { 2243 struct rta_mfc_stats mfcs; 2244 struct nlattr *mp_attr; 2245 struct rtnexthop *nhp; 2246 unsigned long lastuse; 2247 int ct; 2248 2249 /* If cache is unresolved, don't try to parse IIF and OIF */ 2250 if (c->mf6c_parent >= MAXMIFS) { 2251 rtm->rtm_flags |= RTNH_F_UNRESOLVED; 2252 return -ENOENT; 2253 } 2254 2255 if (MIF_EXISTS(mrt, c->mf6c_parent) && 2256 nla_put_u32(skb, RTA_IIF, mrt->vif6_table[c->mf6c_parent].dev->ifindex) < 0) 2257 return -EMSGSIZE; 2258 mp_attr = nla_nest_start(skb, RTA_MULTIPATH); 2259 if (!mp_attr) 2260 return -EMSGSIZE; 2261 2262 for (ct = c->mfc_un.res.minvif; ct < c->mfc_un.res.maxvif; ct++) { 2263 if (MIF_EXISTS(mrt, ct) && c->mfc_un.res.ttls[ct] < 255) { 2264 nhp = nla_reserve_nohdr(skb, sizeof(*nhp)); 2265 if (!nhp) { 2266 nla_nest_cancel(skb, mp_attr); 2267 return -EMSGSIZE; 2268 } 2269 2270 nhp->rtnh_flags = 0; 2271 nhp->rtnh_hops = c->mfc_un.res.ttls[ct]; 2272 nhp->rtnh_ifindex = mrt->vif6_table[ct].dev->ifindex; 2273 nhp->rtnh_len = sizeof(*nhp); 2274 } 2275 } 2276 2277 nla_nest_end(skb, mp_attr); 2278 2279 lastuse = READ_ONCE(c->mfc_un.res.lastuse); 2280 lastuse = time_after_eq(jiffies, lastuse) ? jiffies - lastuse : 0; 2281 2282 mfcs.mfcs_packets = c->mfc_un.res.pkt; 2283 mfcs.mfcs_bytes = c->mfc_un.res.bytes; 2284 mfcs.mfcs_wrong_if = c->mfc_un.res.wrong_if; 2285 if (nla_put_64bit(skb, RTA_MFC_STATS, sizeof(mfcs), &mfcs, RTA_PAD) || 2286 nla_put_u64_64bit(skb, RTA_EXPIRES, jiffies_to_clock_t(lastuse), 2287 RTA_PAD)) 2288 return -EMSGSIZE; 2289 2290 rtm->rtm_type = RTN_MULTICAST; 2291 return 1; 2292 } 2293 2294 int ip6mr_get_route(struct net *net, struct sk_buff *skb, struct rtmsg *rtm, 2295 u32 portid) 2296 { 2297 int err; 2298 struct mr6_table *mrt; 2299 struct mfc6_cache *cache; 2300 struct rt6_info *rt = (struct rt6_info *)skb_dst(skb); 2301 2302 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT); 2303 if (!mrt) 2304 return -ENOENT; 2305 2306 read_lock(&mrt_lock); 2307 cache = ip6mr_cache_find(mrt, &rt->rt6i_src.addr, &rt->rt6i_dst.addr); 2308 if (!cache && skb->dev) { 2309 int vif = ip6mr_find_vif(mrt, skb->dev); 2310 2311 if (vif >= 0) 2312 cache = ip6mr_cache_find_any(mrt, &rt->rt6i_dst.addr, 2313 vif); 2314 } 2315 2316 if (!cache) { 2317 struct sk_buff *skb2; 2318 struct ipv6hdr *iph; 2319 struct net_device *dev; 2320 int vif; 2321 2322 dev = skb->dev; 2323 if (!dev || (vif = ip6mr_find_vif(mrt, dev)) < 0) { 2324 read_unlock(&mrt_lock); 2325 return -ENODEV; 2326 } 2327 2328 /* really correct? */ 2329 skb2 = alloc_skb(sizeof(struct ipv6hdr), GFP_ATOMIC); 2330 if (!skb2) { 2331 read_unlock(&mrt_lock); 2332 return -ENOMEM; 2333 } 2334 2335 NETLINK_CB(skb2).portid = portid; 2336 skb_reset_transport_header(skb2); 2337 2338 skb_put(skb2, sizeof(struct ipv6hdr)); 2339 skb_reset_network_header(skb2); 2340 2341 iph = ipv6_hdr(skb2); 2342 iph->version = 0; 2343 iph->priority = 0; 2344 iph->flow_lbl[0] = 0; 2345 iph->flow_lbl[1] = 0; 2346 iph->flow_lbl[2] = 0; 2347 iph->payload_len = 0; 2348 iph->nexthdr = IPPROTO_NONE; 2349 iph->hop_limit = 0; 2350 iph->saddr = rt->rt6i_src.addr; 2351 iph->daddr = rt->rt6i_dst.addr; 2352 2353 err = ip6mr_cache_unresolved(mrt, vif, skb2); 2354 read_unlock(&mrt_lock); 2355 2356 return err; 2357 } 2358 2359 if (rtm->rtm_flags & RTM_F_NOTIFY) 2360 cache->mfc_flags |= MFC_NOTIFY; 2361 2362 err = __ip6mr_fill_mroute(mrt, skb, cache, rtm); 2363 read_unlock(&mrt_lock); 2364 return err; 2365 } 2366 2367 static int ip6mr_fill_mroute(struct mr6_table *mrt, struct sk_buff *skb, 2368 u32 portid, u32 seq, struct mfc6_cache *c, int cmd, 2369 int flags) 2370 { 2371 struct nlmsghdr *nlh; 2372 struct rtmsg *rtm; 2373 int err; 2374 2375 nlh = nlmsg_put(skb, portid, seq, cmd, sizeof(*rtm), flags); 2376 if (!nlh) 2377 return -EMSGSIZE; 2378 2379 rtm = nlmsg_data(nlh); 2380 rtm->rtm_family = RTNL_FAMILY_IP6MR; 2381 rtm->rtm_dst_len = 128; 2382 rtm->rtm_src_len = 128; 2383 rtm->rtm_tos = 0; 2384 rtm->rtm_table = mrt->id; 2385 if (nla_put_u32(skb, RTA_TABLE, mrt->id)) 2386 goto nla_put_failure; 2387 rtm->rtm_type = RTN_MULTICAST; 2388 rtm->rtm_scope = RT_SCOPE_UNIVERSE; 2389 if (c->mfc_flags & MFC_STATIC) 2390 rtm->rtm_protocol = RTPROT_STATIC; 2391 else 2392 rtm->rtm_protocol = RTPROT_MROUTED; 2393 rtm->rtm_flags = 0; 2394 2395 if (nla_put_in6_addr(skb, RTA_SRC, &c->mf6c_origin) || 2396 nla_put_in6_addr(skb, RTA_DST, &c->mf6c_mcastgrp)) 2397 goto nla_put_failure; 2398 err = __ip6mr_fill_mroute(mrt, skb, c, rtm); 2399 /* do not break the dump if cache is unresolved */ 2400 if (err < 0 && err != -ENOENT) 2401 goto nla_put_failure; 2402 2403 nlmsg_end(skb, nlh); 2404 return 0; 2405 2406 nla_put_failure: 2407 nlmsg_cancel(skb, nlh); 2408 return -EMSGSIZE; 2409 } 2410 2411 static int mr6_msgsize(bool unresolved, int maxvif) 2412 { 2413 size_t len = 2414 NLMSG_ALIGN(sizeof(struct rtmsg)) 2415 + nla_total_size(4) /* RTA_TABLE */ 2416 + nla_total_size(sizeof(struct in6_addr)) /* RTA_SRC */ 2417 + nla_total_size(sizeof(struct in6_addr)) /* RTA_DST */ 2418 ; 2419 2420 if (!unresolved) 2421 len = len 2422 + nla_total_size(4) /* RTA_IIF */ 2423 + nla_total_size(0) /* RTA_MULTIPATH */ 2424 + maxvif * NLA_ALIGN(sizeof(struct rtnexthop)) 2425 /* RTA_MFC_STATS */ 2426 + nla_total_size_64bit(sizeof(struct rta_mfc_stats)) 2427 ; 2428 2429 return len; 2430 } 2431 2432 static void mr6_netlink_event(struct mr6_table *mrt, struct mfc6_cache *mfc, 2433 int cmd) 2434 { 2435 struct net *net = read_pnet(&mrt->net); 2436 struct sk_buff *skb; 2437 int err = -ENOBUFS; 2438 2439 skb = nlmsg_new(mr6_msgsize(mfc->mf6c_parent >= MAXMIFS, mrt->maxvif), 2440 GFP_ATOMIC); 2441 if (!skb) 2442 goto errout; 2443 2444 err = ip6mr_fill_mroute(mrt, skb, 0, 0, mfc, cmd, 0); 2445 if (err < 0) 2446 goto errout; 2447 2448 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_MROUTE, NULL, GFP_ATOMIC); 2449 return; 2450 2451 errout: 2452 kfree_skb(skb); 2453 if (err < 0) 2454 rtnl_set_sk_err(net, RTNLGRP_IPV6_MROUTE, err); 2455 } 2456 2457 static int ip6mr_rtm_dumproute(struct sk_buff *skb, struct netlink_callback *cb) 2458 { 2459 struct net *net = sock_net(skb->sk); 2460 struct mr6_table *mrt; 2461 struct mfc6_cache *mfc; 2462 unsigned int t = 0, s_t; 2463 unsigned int h = 0, s_h; 2464 unsigned int e = 0, s_e; 2465 2466 s_t = cb->args[0]; 2467 s_h = cb->args[1]; 2468 s_e = cb->args[2]; 2469 2470 read_lock(&mrt_lock); 2471 ip6mr_for_each_table(mrt, net) { 2472 if (t < s_t) 2473 goto next_table; 2474 if (t > s_t) 2475 s_h = 0; 2476 for (h = s_h; h < MFC6_LINES; h++) { 2477 list_for_each_entry(mfc, &mrt->mfc6_cache_array[h], list) { 2478 if (e < s_e) 2479 goto next_entry; 2480 if (ip6mr_fill_mroute(mrt, skb, 2481 NETLINK_CB(cb->skb).portid, 2482 cb->nlh->nlmsg_seq, 2483 mfc, RTM_NEWROUTE, 2484 NLM_F_MULTI) < 0) 2485 goto done; 2486 next_entry: 2487 e++; 2488 } 2489 e = s_e = 0; 2490 } 2491 spin_lock_bh(&mfc_unres_lock); 2492 list_for_each_entry(mfc, &mrt->mfc6_unres_queue, list) { 2493 if (e < s_e) 2494 goto next_entry2; 2495 if (ip6mr_fill_mroute(mrt, skb, 2496 NETLINK_CB(cb->skb).portid, 2497 cb->nlh->nlmsg_seq, 2498 mfc, RTM_NEWROUTE, 2499 NLM_F_MULTI) < 0) { 2500 spin_unlock_bh(&mfc_unres_lock); 2501 goto done; 2502 } 2503 next_entry2: 2504 e++; 2505 } 2506 spin_unlock_bh(&mfc_unres_lock); 2507 e = s_e = 0; 2508 s_h = 0; 2509 next_table: 2510 t++; 2511 } 2512 done: 2513 read_unlock(&mrt_lock); 2514 2515 cb->args[2] = e; 2516 cb->args[1] = h; 2517 cb->args[0] = t; 2518 2519 return skb->len; 2520 } 2521