1 /* 2 * Linux IPv6 multicast routing support for BSD pim6sd 3 * Based on net/ipv4/ipmr.c. 4 * 5 * (c) 2004 Mickael Hoerdt, <hoerdt@clarinet.u-strasbg.fr> 6 * LSIIT Laboratory, Strasbourg, France 7 * (c) 2004 Jean-Philippe Andriot, <jean-philippe.andriot@6WIND.com> 8 * 6WIND, Paris, France 9 * Copyright (C)2007,2008 USAGI/WIDE Project 10 * YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> 11 * 12 * This program is free software; you can redistribute it and/or 13 * modify it under the terms of the GNU General Public License 14 * as published by the Free Software Foundation; either version 15 * 2 of the License, or (at your option) any later version. 16 * 17 */ 18 19 #include <linux/uaccess.h> 20 #include <linux/types.h> 21 #include <linux/sched.h> 22 #include <linux/errno.h> 23 #include <linux/mm.h> 24 #include <linux/kernel.h> 25 #include <linux/fcntl.h> 26 #include <linux/stat.h> 27 #include <linux/socket.h> 28 #include <linux/inet.h> 29 #include <linux/netdevice.h> 30 #include <linux/inetdevice.h> 31 #include <linux/proc_fs.h> 32 #include <linux/seq_file.h> 33 #include <linux/init.h> 34 #include <linux/compat.h> 35 #include <linux/rhashtable.h> 36 #include <net/protocol.h> 37 #include <linux/skbuff.h> 38 #include <net/raw.h> 39 #include <linux/notifier.h> 40 #include <linux/if_arp.h> 41 #include <net/checksum.h> 42 #include <net/netlink.h> 43 #include <net/fib_rules.h> 44 45 #include <net/ipv6.h> 46 #include <net/ip6_route.h> 47 #include <linux/mroute6.h> 48 #include <linux/pim.h> 49 #include <net/addrconf.h> 50 #include <linux/netfilter_ipv6.h> 51 #include <linux/export.h> 52 #include <net/ip6_checksum.h> 53 #include <linux/netconf.h> 54 #include <net/ip_tunnels.h> 55 56 #include <linux/nospec.h> 57 58 struct ip6mr_rule { 59 struct fib_rule common; 60 }; 61 62 struct ip6mr_result { 63 struct mr_table *mrt; 64 }; 65 66 /* Big lock, protecting vif table, mrt cache and mroute socket state. 67 Note that the changes are semaphored via rtnl_lock. 68 */ 69 70 static DEFINE_RWLOCK(mrt_lock); 71 72 /* Multicast router control variables */ 73 74 /* Special spinlock for queue of unresolved entries */ 75 static DEFINE_SPINLOCK(mfc_unres_lock); 76 77 /* We return to original Alan's scheme. Hash table of resolved 78 entries is changed only in process context and protected 79 with weak lock mrt_lock. Queue of unresolved entries is protected 80 with strong spinlock mfc_unres_lock. 81 82 In this case data path is free of exclusive locks at all. 83 */ 84 85 static struct kmem_cache *mrt_cachep __read_mostly; 86 87 static struct mr_table *ip6mr_new_table(struct net *net, u32 id); 88 static void ip6mr_free_table(struct mr_table *mrt); 89 90 static void ip6_mr_forward(struct net *net, struct mr_table *mrt, 91 struct net_device *dev, struct sk_buff *skb, 92 struct mfc6_cache *cache); 93 static int ip6mr_cache_report(struct mr_table *mrt, struct sk_buff *pkt, 94 mifi_t mifi, int assert); 95 static void mr6_netlink_event(struct mr_table *mrt, struct mfc6_cache *mfc, 96 int cmd); 97 static void mrt6msg_netlink_event(struct mr_table *mrt, struct sk_buff *pkt); 98 static int ip6mr_rtm_dumproute(struct sk_buff *skb, 99 struct netlink_callback *cb); 100 static void mroute_clean_tables(struct mr_table *mrt, int flags); 101 static void ipmr_expire_process(struct timer_list *t); 102 103 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES 104 #define ip6mr_for_each_table(mrt, net) \ 105 list_for_each_entry_rcu(mrt, &net->ipv6.mr6_tables, list) 106 107 static struct mr_table *ip6mr_mr_table_iter(struct net *net, 108 struct mr_table *mrt) 109 { 110 struct mr_table *ret; 111 112 if (!mrt) 113 ret = list_entry_rcu(net->ipv6.mr6_tables.next, 114 struct mr_table, list); 115 else 116 ret = list_entry_rcu(mrt->list.next, 117 struct mr_table, list); 118 119 if (&ret->list == &net->ipv6.mr6_tables) 120 return NULL; 121 return ret; 122 } 123 124 static struct mr_table *ip6mr_get_table(struct net *net, u32 id) 125 { 126 struct mr_table *mrt; 127 128 ip6mr_for_each_table(mrt, net) { 129 if (mrt->id == id) 130 return mrt; 131 } 132 return NULL; 133 } 134 135 static int ip6mr_fib_lookup(struct net *net, struct flowi6 *flp6, 136 struct mr_table **mrt) 137 { 138 int err; 139 struct ip6mr_result res; 140 struct fib_lookup_arg arg = { 141 .result = &res, 142 .flags = FIB_LOOKUP_NOREF, 143 }; 144 145 /* update flow if oif or iif point to device enslaved to l3mdev */ 146 l3mdev_update_flow(net, flowi6_to_flowi(flp6)); 147 148 err = fib_rules_lookup(net->ipv6.mr6_rules_ops, 149 flowi6_to_flowi(flp6), 0, &arg); 150 if (err < 0) 151 return err; 152 *mrt = res.mrt; 153 return 0; 154 } 155 156 static int ip6mr_rule_action(struct fib_rule *rule, struct flowi *flp, 157 int flags, struct fib_lookup_arg *arg) 158 { 159 struct ip6mr_result *res = arg->result; 160 struct mr_table *mrt; 161 162 switch (rule->action) { 163 case FR_ACT_TO_TBL: 164 break; 165 case FR_ACT_UNREACHABLE: 166 return -ENETUNREACH; 167 case FR_ACT_PROHIBIT: 168 return -EACCES; 169 case FR_ACT_BLACKHOLE: 170 default: 171 return -EINVAL; 172 } 173 174 arg->table = fib_rule_get_table(rule, arg); 175 176 mrt = ip6mr_get_table(rule->fr_net, arg->table); 177 if (!mrt) 178 return -EAGAIN; 179 res->mrt = mrt; 180 return 0; 181 } 182 183 static int ip6mr_rule_match(struct fib_rule *rule, struct flowi *flp, int flags) 184 { 185 return 1; 186 } 187 188 static const struct nla_policy ip6mr_rule_policy[FRA_MAX + 1] = { 189 FRA_GENERIC_POLICY, 190 }; 191 192 static int ip6mr_rule_configure(struct fib_rule *rule, struct sk_buff *skb, 193 struct fib_rule_hdr *frh, struct nlattr **tb, 194 struct netlink_ext_ack *extack) 195 { 196 return 0; 197 } 198 199 static int ip6mr_rule_compare(struct fib_rule *rule, struct fib_rule_hdr *frh, 200 struct nlattr **tb) 201 { 202 return 1; 203 } 204 205 static int ip6mr_rule_fill(struct fib_rule *rule, struct sk_buff *skb, 206 struct fib_rule_hdr *frh) 207 { 208 frh->dst_len = 0; 209 frh->src_len = 0; 210 frh->tos = 0; 211 return 0; 212 } 213 214 static const struct fib_rules_ops __net_initconst ip6mr_rules_ops_template = { 215 .family = RTNL_FAMILY_IP6MR, 216 .rule_size = sizeof(struct ip6mr_rule), 217 .addr_size = sizeof(struct in6_addr), 218 .action = ip6mr_rule_action, 219 .match = ip6mr_rule_match, 220 .configure = ip6mr_rule_configure, 221 .compare = ip6mr_rule_compare, 222 .fill = ip6mr_rule_fill, 223 .nlgroup = RTNLGRP_IPV6_RULE, 224 .policy = ip6mr_rule_policy, 225 .owner = THIS_MODULE, 226 }; 227 228 static int __net_init ip6mr_rules_init(struct net *net) 229 { 230 struct fib_rules_ops *ops; 231 struct mr_table *mrt; 232 int err; 233 234 ops = fib_rules_register(&ip6mr_rules_ops_template, net); 235 if (IS_ERR(ops)) 236 return PTR_ERR(ops); 237 238 INIT_LIST_HEAD(&net->ipv6.mr6_tables); 239 240 mrt = ip6mr_new_table(net, RT6_TABLE_DFLT); 241 if (IS_ERR(mrt)) { 242 err = PTR_ERR(mrt); 243 goto err1; 244 } 245 246 err = fib_default_rule_add(ops, 0x7fff, RT6_TABLE_DFLT, 0); 247 if (err < 0) 248 goto err2; 249 250 net->ipv6.mr6_rules_ops = ops; 251 return 0; 252 253 err2: 254 ip6mr_free_table(mrt); 255 err1: 256 fib_rules_unregister(ops); 257 return err; 258 } 259 260 static void __net_exit ip6mr_rules_exit(struct net *net) 261 { 262 struct mr_table *mrt, *next; 263 264 rtnl_lock(); 265 list_for_each_entry_safe(mrt, next, &net->ipv6.mr6_tables, list) { 266 list_del(&mrt->list); 267 ip6mr_free_table(mrt); 268 } 269 fib_rules_unregister(net->ipv6.mr6_rules_ops); 270 rtnl_unlock(); 271 } 272 273 static int ip6mr_rules_dump(struct net *net, struct notifier_block *nb) 274 { 275 return fib_rules_dump(net, nb, RTNL_FAMILY_IP6MR); 276 } 277 278 static unsigned int ip6mr_rules_seq_read(struct net *net) 279 { 280 return fib_rules_seq_read(net, RTNL_FAMILY_IP6MR); 281 } 282 283 bool ip6mr_rule_default(const struct fib_rule *rule) 284 { 285 return fib_rule_matchall(rule) && rule->action == FR_ACT_TO_TBL && 286 rule->table == RT6_TABLE_DFLT && !rule->l3mdev; 287 } 288 EXPORT_SYMBOL(ip6mr_rule_default); 289 #else 290 #define ip6mr_for_each_table(mrt, net) \ 291 for (mrt = net->ipv6.mrt6; mrt; mrt = NULL) 292 293 static struct mr_table *ip6mr_mr_table_iter(struct net *net, 294 struct mr_table *mrt) 295 { 296 if (!mrt) 297 return net->ipv6.mrt6; 298 return NULL; 299 } 300 301 static struct mr_table *ip6mr_get_table(struct net *net, u32 id) 302 { 303 return net->ipv6.mrt6; 304 } 305 306 static int ip6mr_fib_lookup(struct net *net, struct flowi6 *flp6, 307 struct mr_table **mrt) 308 { 309 *mrt = net->ipv6.mrt6; 310 return 0; 311 } 312 313 static int __net_init ip6mr_rules_init(struct net *net) 314 { 315 struct mr_table *mrt; 316 317 mrt = ip6mr_new_table(net, RT6_TABLE_DFLT); 318 if (IS_ERR(mrt)) 319 return PTR_ERR(mrt); 320 net->ipv6.mrt6 = mrt; 321 return 0; 322 } 323 324 static void __net_exit ip6mr_rules_exit(struct net *net) 325 { 326 rtnl_lock(); 327 ip6mr_free_table(net->ipv6.mrt6); 328 net->ipv6.mrt6 = NULL; 329 rtnl_unlock(); 330 } 331 332 static int ip6mr_rules_dump(struct net *net, struct notifier_block *nb) 333 { 334 return 0; 335 } 336 337 static unsigned int ip6mr_rules_seq_read(struct net *net) 338 { 339 return 0; 340 } 341 #endif 342 343 static int ip6mr_hash_cmp(struct rhashtable_compare_arg *arg, 344 const void *ptr) 345 { 346 const struct mfc6_cache_cmp_arg *cmparg = arg->key; 347 struct mfc6_cache *c = (struct mfc6_cache *)ptr; 348 349 return !ipv6_addr_equal(&c->mf6c_mcastgrp, &cmparg->mf6c_mcastgrp) || 350 !ipv6_addr_equal(&c->mf6c_origin, &cmparg->mf6c_origin); 351 } 352 353 static const struct rhashtable_params ip6mr_rht_params = { 354 .head_offset = offsetof(struct mr_mfc, mnode), 355 .key_offset = offsetof(struct mfc6_cache, cmparg), 356 .key_len = sizeof(struct mfc6_cache_cmp_arg), 357 .nelem_hint = 3, 358 .locks_mul = 1, 359 .obj_cmpfn = ip6mr_hash_cmp, 360 .automatic_shrinking = true, 361 }; 362 363 static void ip6mr_new_table_set(struct mr_table *mrt, 364 struct net *net) 365 { 366 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES 367 list_add_tail_rcu(&mrt->list, &net->ipv6.mr6_tables); 368 #endif 369 } 370 371 static struct mfc6_cache_cmp_arg ip6mr_mr_table_ops_cmparg_any = { 372 .mf6c_origin = IN6ADDR_ANY_INIT, 373 .mf6c_mcastgrp = IN6ADDR_ANY_INIT, 374 }; 375 376 static struct mr_table_ops ip6mr_mr_table_ops = { 377 .rht_params = &ip6mr_rht_params, 378 .cmparg_any = &ip6mr_mr_table_ops_cmparg_any, 379 }; 380 381 static struct mr_table *ip6mr_new_table(struct net *net, u32 id) 382 { 383 struct mr_table *mrt; 384 385 mrt = ip6mr_get_table(net, id); 386 if (mrt) 387 return mrt; 388 389 return mr_table_alloc(net, id, &ip6mr_mr_table_ops, 390 ipmr_expire_process, ip6mr_new_table_set); 391 } 392 393 static void ip6mr_free_table(struct mr_table *mrt) 394 { 395 del_timer_sync(&mrt->ipmr_expire_timer); 396 mroute_clean_tables(mrt, MRT6_FLUSH_MIFS | MRT6_FLUSH_MIFS_STATIC | 397 MRT6_FLUSH_MFC | MRT6_FLUSH_MFC_STATIC); 398 rhltable_destroy(&mrt->mfc_hash); 399 kfree(mrt); 400 } 401 402 #ifdef CONFIG_PROC_FS 403 /* The /proc interfaces to multicast routing 404 * /proc/ip6_mr_cache /proc/ip6_mr_vif 405 */ 406 407 static void *ip6mr_vif_seq_start(struct seq_file *seq, loff_t *pos) 408 __acquires(mrt_lock) 409 { 410 struct mr_vif_iter *iter = seq->private; 411 struct net *net = seq_file_net(seq); 412 struct mr_table *mrt; 413 414 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT); 415 if (!mrt) 416 return ERR_PTR(-ENOENT); 417 418 iter->mrt = mrt; 419 420 read_lock(&mrt_lock); 421 return mr_vif_seq_start(seq, pos); 422 } 423 424 static void ip6mr_vif_seq_stop(struct seq_file *seq, void *v) 425 __releases(mrt_lock) 426 { 427 read_unlock(&mrt_lock); 428 } 429 430 static int ip6mr_vif_seq_show(struct seq_file *seq, void *v) 431 { 432 struct mr_vif_iter *iter = seq->private; 433 struct mr_table *mrt = iter->mrt; 434 435 if (v == SEQ_START_TOKEN) { 436 seq_puts(seq, 437 "Interface BytesIn PktsIn BytesOut PktsOut Flags\n"); 438 } else { 439 const struct vif_device *vif = v; 440 const char *name = vif->dev ? vif->dev->name : "none"; 441 442 seq_printf(seq, 443 "%2td %-10s %8ld %7ld %8ld %7ld %05X\n", 444 vif - mrt->vif_table, 445 name, vif->bytes_in, vif->pkt_in, 446 vif->bytes_out, vif->pkt_out, 447 vif->flags); 448 } 449 return 0; 450 } 451 452 static const struct seq_operations ip6mr_vif_seq_ops = { 453 .start = ip6mr_vif_seq_start, 454 .next = mr_vif_seq_next, 455 .stop = ip6mr_vif_seq_stop, 456 .show = ip6mr_vif_seq_show, 457 }; 458 459 static void *ipmr_mfc_seq_start(struct seq_file *seq, loff_t *pos) 460 { 461 struct net *net = seq_file_net(seq); 462 struct mr_table *mrt; 463 464 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT); 465 if (!mrt) 466 return ERR_PTR(-ENOENT); 467 468 return mr_mfc_seq_start(seq, pos, mrt, &mfc_unres_lock); 469 } 470 471 static int ipmr_mfc_seq_show(struct seq_file *seq, void *v) 472 { 473 int n; 474 475 if (v == SEQ_START_TOKEN) { 476 seq_puts(seq, 477 "Group " 478 "Origin " 479 "Iif Pkts Bytes Wrong Oifs\n"); 480 } else { 481 const struct mfc6_cache *mfc = v; 482 const struct mr_mfc_iter *it = seq->private; 483 struct mr_table *mrt = it->mrt; 484 485 seq_printf(seq, "%pI6 %pI6 %-3hd", 486 &mfc->mf6c_mcastgrp, &mfc->mf6c_origin, 487 mfc->_c.mfc_parent); 488 489 if (it->cache != &mrt->mfc_unres_queue) { 490 seq_printf(seq, " %8lu %8lu %8lu", 491 mfc->_c.mfc_un.res.pkt, 492 mfc->_c.mfc_un.res.bytes, 493 mfc->_c.mfc_un.res.wrong_if); 494 for (n = mfc->_c.mfc_un.res.minvif; 495 n < mfc->_c.mfc_un.res.maxvif; n++) { 496 if (VIF_EXISTS(mrt, n) && 497 mfc->_c.mfc_un.res.ttls[n] < 255) 498 seq_printf(seq, 499 " %2d:%-3d", n, 500 mfc->_c.mfc_un.res.ttls[n]); 501 } 502 } else { 503 /* unresolved mfc_caches don't contain 504 * pkt, bytes and wrong_if values 505 */ 506 seq_printf(seq, " %8lu %8lu %8lu", 0ul, 0ul, 0ul); 507 } 508 seq_putc(seq, '\n'); 509 } 510 return 0; 511 } 512 513 static const struct seq_operations ipmr_mfc_seq_ops = { 514 .start = ipmr_mfc_seq_start, 515 .next = mr_mfc_seq_next, 516 .stop = mr_mfc_seq_stop, 517 .show = ipmr_mfc_seq_show, 518 }; 519 #endif 520 521 #ifdef CONFIG_IPV6_PIMSM_V2 522 523 static int pim6_rcv(struct sk_buff *skb) 524 { 525 struct pimreghdr *pim; 526 struct ipv6hdr *encap; 527 struct net_device *reg_dev = NULL; 528 struct net *net = dev_net(skb->dev); 529 struct mr_table *mrt; 530 struct flowi6 fl6 = { 531 .flowi6_iif = skb->dev->ifindex, 532 .flowi6_mark = skb->mark, 533 }; 534 int reg_vif_num; 535 536 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(*encap))) 537 goto drop; 538 539 pim = (struct pimreghdr *)skb_transport_header(skb); 540 if (pim->type != ((PIM_VERSION << 4) | PIM_TYPE_REGISTER) || 541 (pim->flags & PIM_NULL_REGISTER) || 542 (csum_ipv6_magic(&ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr, 543 sizeof(*pim), IPPROTO_PIM, 544 csum_partial((void *)pim, sizeof(*pim), 0)) && 545 csum_fold(skb_checksum(skb, 0, skb->len, 0)))) 546 goto drop; 547 548 /* check if the inner packet is destined to mcast group */ 549 encap = (struct ipv6hdr *)(skb_transport_header(skb) + 550 sizeof(*pim)); 551 552 if (!ipv6_addr_is_multicast(&encap->daddr) || 553 encap->payload_len == 0 || 554 ntohs(encap->payload_len) + sizeof(*pim) > skb->len) 555 goto drop; 556 557 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0) 558 goto drop; 559 reg_vif_num = mrt->mroute_reg_vif_num; 560 561 read_lock(&mrt_lock); 562 if (reg_vif_num >= 0) 563 reg_dev = mrt->vif_table[reg_vif_num].dev; 564 if (reg_dev) 565 dev_hold(reg_dev); 566 read_unlock(&mrt_lock); 567 568 if (!reg_dev) 569 goto drop; 570 571 skb->mac_header = skb->network_header; 572 skb_pull(skb, (u8 *)encap - skb->data); 573 skb_reset_network_header(skb); 574 skb->protocol = htons(ETH_P_IPV6); 575 skb->ip_summed = CHECKSUM_NONE; 576 577 skb_tunnel_rx(skb, reg_dev, dev_net(reg_dev)); 578 579 netif_rx(skb); 580 581 dev_put(reg_dev); 582 return 0; 583 drop: 584 kfree_skb(skb); 585 return 0; 586 } 587 588 static const struct inet6_protocol pim6_protocol = { 589 .handler = pim6_rcv, 590 }; 591 592 /* Service routines creating virtual interfaces: PIMREG */ 593 594 static netdev_tx_t reg_vif_xmit(struct sk_buff *skb, 595 struct net_device *dev) 596 { 597 struct net *net = dev_net(dev); 598 struct mr_table *mrt; 599 struct flowi6 fl6 = { 600 .flowi6_oif = dev->ifindex, 601 .flowi6_iif = skb->skb_iif ? : LOOPBACK_IFINDEX, 602 .flowi6_mark = skb->mark, 603 }; 604 605 if (!pskb_inet_may_pull(skb)) 606 goto tx_err; 607 608 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0) 609 goto tx_err; 610 611 read_lock(&mrt_lock); 612 dev->stats.tx_bytes += skb->len; 613 dev->stats.tx_packets++; 614 ip6mr_cache_report(mrt, skb, mrt->mroute_reg_vif_num, MRT6MSG_WHOLEPKT); 615 read_unlock(&mrt_lock); 616 kfree_skb(skb); 617 return NETDEV_TX_OK; 618 619 tx_err: 620 dev->stats.tx_errors++; 621 kfree_skb(skb); 622 return NETDEV_TX_OK; 623 } 624 625 static int reg_vif_get_iflink(const struct net_device *dev) 626 { 627 return 0; 628 } 629 630 static const struct net_device_ops reg_vif_netdev_ops = { 631 .ndo_start_xmit = reg_vif_xmit, 632 .ndo_get_iflink = reg_vif_get_iflink, 633 }; 634 635 static void reg_vif_setup(struct net_device *dev) 636 { 637 dev->type = ARPHRD_PIMREG; 638 dev->mtu = 1500 - sizeof(struct ipv6hdr) - 8; 639 dev->flags = IFF_NOARP; 640 dev->netdev_ops = ®_vif_netdev_ops; 641 dev->needs_free_netdev = true; 642 dev->features |= NETIF_F_NETNS_LOCAL; 643 } 644 645 static struct net_device *ip6mr_reg_vif(struct net *net, struct mr_table *mrt) 646 { 647 struct net_device *dev; 648 char name[IFNAMSIZ]; 649 650 if (mrt->id == RT6_TABLE_DFLT) 651 sprintf(name, "pim6reg"); 652 else 653 sprintf(name, "pim6reg%u", mrt->id); 654 655 dev = alloc_netdev(0, name, NET_NAME_UNKNOWN, reg_vif_setup); 656 if (!dev) 657 return NULL; 658 659 dev_net_set(dev, net); 660 661 if (register_netdevice(dev)) { 662 free_netdev(dev); 663 return NULL; 664 } 665 666 if (dev_open(dev, NULL)) 667 goto failure; 668 669 dev_hold(dev); 670 return dev; 671 672 failure: 673 unregister_netdevice(dev); 674 return NULL; 675 } 676 #endif 677 678 static int call_ip6mr_vif_entry_notifiers(struct net *net, 679 enum fib_event_type event_type, 680 struct vif_device *vif, 681 mifi_t vif_index, u32 tb_id) 682 { 683 return mr_call_vif_notifiers(net, RTNL_FAMILY_IP6MR, event_type, 684 vif, vif_index, tb_id, 685 &net->ipv6.ipmr_seq); 686 } 687 688 static int call_ip6mr_mfc_entry_notifiers(struct net *net, 689 enum fib_event_type event_type, 690 struct mfc6_cache *mfc, u32 tb_id) 691 { 692 return mr_call_mfc_notifiers(net, RTNL_FAMILY_IP6MR, event_type, 693 &mfc->_c, tb_id, &net->ipv6.ipmr_seq); 694 } 695 696 /* Delete a VIF entry */ 697 static int mif6_delete(struct mr_table *mrt, int vifi, int notify, 698 struct list_head *head) 699 { 700 struct vif_device *v; 701 struct net_device *dev; 702 struct inet6_dev *in6_dev; 703 704 if (vifi < 0 || vifi >= mrt->maxvif) 705 return -EADDRNOTAVAIL; 706 707 v = &mrt->vif_table[vifi]; 708 709 if (VIF_EXISTS(mrt, vifi)) 710 call_ip6mr_vif_entry_notifiers(read_pnet(&mrt->net), 711 FIB_EVENT_VIF_DEL, v, vifi, 712 mrt->id); 713 714 write_lock_bh(&mrt_lock); 715 dev = v->dev; 716 v->dev = NULL; 717 718 if (!dev) { 719 write_unlock_bh(&mrt_lock); 720 return -EADDRNOTAVAIL; 721 } 722 723 #ifdef CONFIG_IPV6_PIMSM_V2 724 if (vifi == mrt->mroute_reg_vif_num) 725 mrt->mroute_reg_vif_num = -1; 726 #endif 727 728 if (vifi + 1 == mrt->maxvif) { 729 int tmp; 730 for (tmp = vifi - 1; tmp >= 0; tmp--) { 731 if (VIF_EXISTS(mrt, tmp)) 732 break; 733 } 734 mrt->maxvif = tmp + 1; 735 } 736 737 write_unlock_bh(&mrt_lock); 738 739 dev_set_allmulti(dev, -1); 740 741 in6_dev = __in6_dev_get(dev); 742 if (in6_dev) { 743 in6_dev->cnf.mc_forwarding--; 744 inet6_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF, 745 NETCONFA_MC_FORWARDING, 746 dev->ifindex, &in6_dev->cnf); 747 } 748 749 if ((v->flags & MIFF_REGISTER) && !notify) 750 unregister_netdevice_queue(dev, head); 751 752 dev_put(dev); 753 return 0; 754 } 755 756 static inline void ip6mr_cache_free_rcu(struct rcu_head *head) 757 { 758 struct mr_mfc *c = container_of(head, struct mr_mfc, rcu); 759 760 kmem_cache_free(mrt_cachep, (struct mfc6_cache *)c); 761 } 762 763 static inline void ip6mr_cache_free(struct mfc6_cache *c) 764 { 765 call_rcu(&c->_c.rcu, ip6mr_cache_free_rcu); 766 } 767 768 /* Destroy an unresolved cache entry, killing queued skbs 769 and reporting error to netlink readers. 770 */ 771 772 static void ip6mr_destroy_unres(struct mr_table *mrt, struct mfc6_cache *c) 773 { 774 struct net *net = read_pnet(&mrt->net); 775 struct sk_buff *skb; 776 777 atomic_dec(&mrt->cache_resolve_queue_len); 778 779 while ((skb = skb_dequeue(&c->_c.mfc_un.unres.unresolved)) != NULL) { 780 if (ipv6_hdr(skb)->version == 0) { 781 struct nlmsghdr *nlh = skb_pull(skb, 782 sizeof(struct ipv6hdr)); 783 nlh->nlmsg_type = NLMSG_ERROR; 784 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr)); 785 skb_trim(skb, nlh->nlmsg_len); 786 ((struct nlmsgerr *)nlmsg_data(nlh))->error = -ETIMEDOUT; 787 rtnl_unicast(skb, net, NETLINK_CB(skb).portid); 788 } else 789 kfree_skb(skb); 790 } 791 792 ip6mr_cache_free(c); 793 } 794 795 796 /* Timer process for all the unresolved queue. */ 797 798 static void ipmr_do_expire_process(struct mr_table *mrt) 799 { 800 unsigned long now = jiffies; 801 unsigned long expires = 10 * HZ; 802 struct mr_mfc *c, *next; 803 804 list_for_each_entry_safe(c, next, &mrt->mfc_unres_queue, list) { 805 if (time_after(c->mfc_un.unres.expires, now)) { 806 /* not yet... */ 807 unsigned long interval = c->mfc_un.unres.expires - now; 808 if (interval < expires) 809 expires = interval; 810 continue; 811 } 812 813 list_del(&c->list); 814 mr6_netlink_event(mrt, (struct mfc6_cache *)c, RTM_DELROUTE); 815 ip6mr_destroy_unres(mrt, (struct mfc6_cache *)c); 816 } 817 818 if (!list_empty(&mrt->mfc_unres_queue)) 819 mod_timer(&mrt->ipmr_expire_timer, jiffies + expires); 820 } 821 822 static void ipmr_expire_process(struct timer_list *t) 823 { 824 struct mr_table *mrt = from_timer(mrt, t, ipmr_expire_timer); 825 826 if (!spin_trylock(&mfc_unres_lock)) { 827 mod_timer(&mrt->ipmr_expire_timer, jiffies + 1); 828 return; 829 } 830 831 if (!list_empty(&mrt->mfc_unres_queue)) 832 ipmr_do_expire_process(mrt); 833 834 spin_unlock(&mfc_unres_lock); 835 } 836 837 /* Fill oifs list. It is called under write locked mrt_lock. */ 838 839 static void ip6mr_update_thresholds(struct mr_table *mrt, 840 struct mr_mfc *cache, 841 unsigned char *ttls) 842 { 843 int vifi; 844 845 cache->mfc_un.res.minvif = MAXMIFS; 846 cache->mfc_un.res.maxvif = 0; 847 memset(cache->mfc_un.res.ttls, 255, MAXMIFS); 848 849 for (vifi = 0; vifi < mrt->maxvif; vifi++) { 850 if (VIF_EXISTS(mrt, vifi) && 851 ttls[vifi] && ttls[vifi] < 255) { 852 cache->mfc_un.res.ttls[vifi] = ttls[vifi]; 853 if (cache->mfc_un.res.minvif > vifi) 854 cache->mfc_un.res.minvif = vifi; 855 if (cache->mfc_un.res.maxvif <= vifi) 856 cache->mfc_un.res.maxvif = vifi + 1; 857 } 858 } 859 cache->mfc_un.res.lastuse = jiffies; 860 } 861 862 static int mif6_add(struct net *net, struct mr_table *mrt, 863 struct mif6ctl *vifc, int mrtsock) 864 { 865 int vifi = vifc->mif6c_mifi; 866 struct vif_device *v = &mrt->vif_table[vifi]; 867 struct net_device *dev; 868 struct inet6_dev *in6_dev; 869 int err; 870 871 /* Is vif busy ? */ 872 if (VIF_EXISTS(mrt, vifi)) 873 return -EADDRINUSE; 874 875 switch (vifc->mif6c_flags) { 876 #ifdef CONFIG_IPV6_PIMSM_V2 877 case MIFF_REGISTER: 878 /* 879 * Special Purpose VIF in PIM 880 * All the packets will be sent to the daemon 881 */ 882 if (mrt->mroute_reg_vif_num >= 0) 883 return -EADDRINUSE; 884 dev = ip6mr_reg_vif(net, mrt); 885 if (!dev) 886 return -ENOBUFS; 887 err = dev_set_allmulti(dev, 1); 888 if (err) { 889 unregister_netdevice(dev); 890 dev_put(dev); 891 return err; 892 } 893 break; 894 #endif 895 case 0: 896 dev = dev_get_by_index(net, vifc->mif6c_pifi); 897 if (!dev) 898 return -EADDRNOTAVAIL; 899 err = dev_set_allmulti(dev, 1); 900 if (err) { 901 dev_put(dev); 902 return err; 903 } 904 break; 905 default: 906 return -EINVAL; 907 } 908 909 in6_dev = __in6_dev_get(dev); 910 if (in6_dev) { 911 in6_dev->cnf.mc_forwarding++; 912 inet6_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF, 913 NETCONFA_MC_FORWARDING, 914 dev->ifindex, &in6_dev->cnf); 915 } 916 917 /* Fill in the VIF structures */ 918 vif_device_init(v, dev, vifc->vifc_rate_limit, vifc->vifc_threshold, 919 vifc->mif6c_flags | (!mrtsock ? VIFF_STATIC : 0), 920 MIFF_REGISTER); 921 922 /* And finish update writing critical data */ 923 write_lock_bh(&mrt_lock); 924 v->dev = dev; 925 #ifdef CONFIG_IPV6_PIMSM_V2 926 if (v->flags & MIFF_REGISTER) 927 mrt->mroute_reg_vif_num = vifi; 928 #endif 929 if (vifi + 1 > mrt->maxvif) 930 mrt->maxvif = vifi + 1; 931 write_unlock_bh(&mrt_lock); 932 call_ip6mr_vif_entry_notifiers(net, FIB_EVENT_VIF_ADD, 933 v, vifi, mrt->id); 934 return 0; 935 } 936 937 static struct mfc6_cache *ip6mr_cache_find(struct mr_table *mrt, 938 const struct in6_addr *origin, 939 const struct in6_addr *mcastgrp) 940 { 941 struct mfc6_cache_cmp_arg arg = { 942 .mf6c_origin = *origin, 943 .mf6c_mcastgrp = *mcastgrp, 944 }; 945 946 return mr_mfc_find(mrt, &arg); 947 } 948 949 /* Look for a (*,G) entry */ 950 static struct mfc6_cache *ip6mr_cache_find_any(struct mr_table *mrt, 951 struct in6_addr *mcastgrp, 952 mifi_t mifi) 953 { 954 struct mfc6_cache_cmp_arg arg = { 955 .mf6c_origin = in6addr_any, 956 .mf6c_mcastgrp = *mcastgrp, 957 }; 958 959 if (ipv6_addr_any(mcastgrp)) 960 return mr_mfc_find_any_parent(mrt, mifi); 961 return mr_mfc_find_any(mrt, mifi, &arg); 962 } 963 964 /* Look for a (S,G,iif) entry if parent != -1 */ 965 static struct mfc6_cache * 966 ip6mr_cache_find_parent(struct mr_table *mrt, 967 const struct in6_addr *origin, 968 const struct in6_addr *mcastgrp, 969 int parent) 970 { 971 struct mfc6_cache_cmp_arg arg = { 972 .mf6c_origin = *origin, 973 .mf6c_mcastgrp = *mcastgrp, 974 }; 975 976 return mr_mfc_find_parent(mrt, &arg, parent); 977 } 978 979 /* Allocate a multicast cache entry */ 980 static struct mfc6_cache *ip6mr_cache_alloc(void) 981 { 982 struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_KERNEL); 983 if (!c) 984 return NULL; 985 c->_c.mfc_un.res.last_assert = jiffies - MFC_ASSERT_THRESH - 1; 986 c->_c.mfc_un.res.minvif = MAXMIFS; 987 c->_c.free = ip6mr_cache_free_rcu; 988 refcount_set(&c->_c.mfc_un.res.refcount, 1); 989 return c; 990 } 991 992 static struct mfc6_cache *ip6mr_cache_alloc_unres(void) 993 { 994 struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_ATOMIC); 995 if (!c) 996 return NULL; 997 skb_queue_head_init(&c->_c.mfc_un.unres.unresolved); 998 c->_c.mfc_un.unres.expires = jiffies + 10 * HZ; 999 return c; 1000 } 1001 1002 /* 1003 * A cache entry has gone into a resolved state from queued 1004 */ 1005 1006 static void ip6mr_cache_resolve(struct net *net, struct mr_table *mrt, 1007 struct mfc6_cache *uc, struct mfc6_cache *c) 1008 { 1009 struct sk_buff *skb; 1010 1011 /* 1012 * Play the pending entries through our router 1013 */ 1014 1015 while ((skb = __skb_dequeue(&uc->_c.mfc_un.unres.unresolved))) { 1016 if (ipv6_hdr(skb)->version == 0) { 1017 struct nlmsghdr *nlh = skb_pull(skb, 1018 sizeof(struct ipv6hdr)); 1019 1020 if (mr_fill_mroute(mrt, skb, &c->_c, 1021 nlmsg_data(nlh)) > 0) { 1022 nlh->nlmsg_len = skb_tail_pointer(skb) - (u8 *)nlh; 1023 } else { 1024 nlh->nlmsg_type = NLMSG_ERROR; 1025 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr)); 1026 skb_trim(skb, nlh->nlmsg_len); 1027 ((struct nlmsgerr *)nlmsg_data(nlh))->error = -EMSGSIZE; 1028 } 1029 rtnl_unicast(skb, net, NETLINK_CB(skb).portid); 1030 } else 1031 ip6_mr_forward(net, mrt, skb->dev, skb, c); 1032 } 1033 } 1034 1035 /* 1036 * Bounce a cache query up to pim6sd and netlink. 1037 * 1038 * Called under mrt_lock. 1039 */ 1040 1041 static int ip6mr_cache_report(struct mr_table *mrt, struct sk_buff *pkt, 1042 mifi_t mifi, int assert) 1043 { 1044 struct sock *mroute6_sk; 1045 struct sk_buff *skb; 1046 struct mrt6msg *msg; 1047 int ret; 1048 1049 #ifdef CONFIG_IPV6_PIMSM_V2 1050 if (assert == MRT6MSG_WHOLEPKT) 1051 skb = skb_realloc_headroom(pkt, -skb_network_offset(pkt) 1052 +sizeof(*msg)); 1053 else 1054 #endif 1055 skb = alloc_skb(sizeof(struct ipv6hdr) + sizeof(*msg), GFP_ATOMIC); 1056 1057 if (!skb) 1058 return -ENOBUFS; 1059 1060 /* I suppose that internal messages 1061 * do not require checksums */ 1062 1063 skb->ip_summed = CHECKSUM_UNNECESSARY; 1064 1065 #ifdef CONFIG_IPV6_PIMSM_V2 1066 if (assert == MRT6MSG_WHOLEPKT) { 1067 /* Ugly, but we have no choice with this interface. 1068 Duplicate old header, fix length etc. 1069 And all this only to mangle msg->im6_msgtype and 1070 to set msg->im6_mbz to "mbz" :-) 1071 */ 1072 skb_push(skb, -skb_network_offset(pkt)); 1073 1074 skb_push(skb, sizeof(*msg)); 1075 skb_reset_transport_header(skb); 1076 msg = (struct mrt6msg *)skb_transport_header(skb); 1077 msg->im6_mbz = 0; 1078 msg->im6_msgtype = MRT6MSG_WHOLEPKT; 1079 msg->im6_mif = mrt->mroute_reg_vif_num; 1080 msg->im6_pad = 0; 1081 msg->im6_src = ipv6_hdr(pkt)->saddr; 1082 msg->im6_dst = ipv6_hdr(pkt)->daddr; 1083 1084 skb->ip_summed = CHECKSUM_UNNECESSARY; 1085 } else 1086 #endif 1087 { 1088 /* 1089 * Copy the IP header 1090 */ 1091 1092 skb_put(skb, sizeof(struct ipv6hdr)); 1093 skb_reset_network_header(skb); 1094 skb_copy_to_linear_data(skb, ipv6_hdr(pkt), sizeof(struct ipv6hdr)); 1095 1096 /* 1097 * Add our header 1098 */ 1099 skb_put(skb, sizeof(*msg)); 1100 skb_reset_transport_header(skb); 1101 msg = (struct mrt6msg *)skb_transport_header(skb); 1102 1103 msg->im6_mbz = 0; 1104 msg->im6_msgtype = assert; 1105 msg->im6_mif = mifi; 1106 msg->im6_pad = 0; 1107 msg->im6_src = ipv6_hdr(pkt)->saddr; 1108 msg->im6_dst = ipv6_hdr(pkt)->daddr; 1109 1110 skb_dst_set(skb, dst_clone(skb_dst(pkt))); 1111 skb->ip_summed = CHECKSUM_UNNECESSARY; 1112 } 1113 1114 rcu_read_lock(); 1115 mroute6_sk = rcu_dereference(mrt->mroute_sk); 1116 if (!mroute6_sk) { 1117 rcu_read_unlock(); 1118 kfree_skb(skb); 1119 return -EINVAL; 1120 } 1121 1122 mrt6msg_netlink_event(mrt, skb); 1123 1124 /* Deliver to user space multicast routing algorithms */ 1125 ret = sock_queue_rcv_skb(mroute6_sk, skb); 1126 rcu_read_unlock(); 1127 if (ret < 0) { 1128 net_warn_ratelimited("mroute6: pending queue full, dropping entries\n"); 1129 kfree_skb(skb); 1130 } 1131 1132 return ret; 1133 } 1134 1135 /* Queue a packet for resolution. It gets locked cache entry! */ 1136 static int ip6mr_cache_unresolved(struct mr_table *mrt, mifi_t mifi, 1137 struct sk_buff *skb, struct net_device *dev) 1138 { 1139 struct mfc6_cache *c; 1140 bool found = false; 1141 int err; 1142 1143 spin_lock_bh(&mfc_unres_lock); 1144 list_for_each_entry(c, &mrt->mfc_unres_queue, _c.list) { 1145 if (ipv6_addr_equal(&c->mf6c_mcastgrp, &ipv6_hdr(skb)->daddr) && 1146 ipv6_addr_equal(&c->mf6c_origin, &ipv6_hdr(skb)->saddr)) { 1147 found = true; 1148 break; 1149 } 1150 } 1151 1152 if (!found) { 1153 /* 1154 * Create a new entry if allowable 1155 */ 1156 1157 if (atomic_read(&mrt->cache_resolve_queue_len) >= 10 || 1158 (c = ip6mr_cache_alloc_unres()) == NULL) { 1159 spin_unlock_bh(&mfc_unres_lock); 1160 1161 kfree_skb(skb); 1162 return -ENOBUFS; 1163 } 1164 1165 /* Fill in the new cache entry */ 1166 c->_c.mfc_parent = -1; 1167 c->mf6c_origin = ipv6_hdr(skb)->saddr; 1168 c->mf6c_mcastgrp = ipv6_hdr(skb)->daddr; 1169 1170 /* 1171 * Reflect first query at pim6sd 1172 */ 1173 err = ip6mr_cache_report(mrt, skb, mifi, MRT6MSG_NOCACHE); 1174 if (err < 0) { 1175 /* If the report failed throw the cache entry 1176 out - Brad Parker 1177 */ 1178 spin_unlock_bh(&mfc_unres_lock); 1179 1180 ip6mr_cache_free(c); 1181 kfree_skb(skb); 1182 return err; 1183 } 1184 1185 atomic_inc(&mrt->cache_resolve_queue_len); 1186 list_add(&c->_c.list, &mrt->mfc_unres_queue); 1187 mr6_netlink_event(mrt, c, RTM_NEWROUTE); 1188 1189 ipmr_do_expire_process(mrt); 1190 } 1191 1192 /* See if we can append the packet */ 1193 if (c->_c.mfc_un.unres.unresolved.qlen > 3) { 1194 kfree_skb(skb); 1195 err = -ENOBUFS; 1196 } else { 1197 if (dev) { 1198 skb->dev = dev; 1199 skb->skb_iif = dev->ifindex; 1200 } 1201 skb_queue_tail(&c->_c.mfc_un.unres.unresolved, skb); 1202 err = 0; 1203 } 1204 1205 spin_unlock_bh(&mfc_unres_lock); 1206 return err; 1207 } 1208 1209 /* 1210 * MFC6 cache manipulation by user space 1211 */ 1212 1213 static int ip6mr_mfc_delete(struct mr_table *mrt, struct mf6cctl *mfc, 1214 int parent) 1215 { 1216 struct mfc6_cache *c; 1217 1218 /* The entries are added/deleted only under RTNL */ 1219 rcu_read_lock(); 1220 c = ip6mr_cache_find_parent(mrt, &mfc->mf6cc_origin.sin6_addr, 1221 &mfc->mf6cc_mcastgrp.sin6_addr, parent); 1222 rcu_read_unlock(); 1223 if (!c) 1224 return -ENOENT; 1225 rhltable_remove(&mrt->mfc_hash, &c->_c.mnode, ip6mr_rht_params); 1226 list_del_rcu(&c->_c.list); 1227 1228 call_ip6mr_mfc_entry_notifiers(read_pnet(&mrt->net), 1229 FIB_EVENT_ENTRY_DEL, c, mrt->id); 1230 mr6_netlink_event(mrt, c, RTM_DELROUTE); 1231 mr_cache_put(&c->_c); 1232 return 0; 1233 } 1234 1235 static int ip6mr_device_event(struct notifier_block *this, 1236 unsigned long event, void *ptr) 1237 { 1238 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 1239 struct net *net = dev_net(dev); 1240 struct mr_table *mrt; 1241 struct vif_device *v; 1242 int ct; 1243 1244 if (event != NETDEV_UNREGISTER) 1245 return NOTIFY_DONE; 1246 1247 ip6mr_for_each_table(mrt, net) { 1248 v = &mrt->vif_table[0]; 1249 for (ct = 0; ct < mrt->maxvif; ct++, v++) { 1250 if (v->dev == dev) 1251 mif6_delete(mrt, ct, 1, NULL); 1252 } 1253 } 1254 1255 return NOTIFY_DONE; 1256 } 1257 1258 static unsigned int ip6mr_seq_read(struct net *net) 1259 { 1260 ASSERT_RTNL(); 1261 1262 return net->ipv6.ipmr_seq + ip6mr_rules_seq_read(net); 1263 } 1264 1265 static int ip6mr_dump(struct net *net, struct notifier_block *nb) 1266 { 1267 return mr_dump(net, nb, RTNL_FAMILY_IP6MR, ip6mr_rules_dump, 1268 ip6mr_mr_table_iter, &mrt_lock); 1269 } 1270 1271 static struct notifier_block ip6_mr_notifier = { 1272 .notifier_call = ip6mr_device_event 1273 }; 1274 1275 static const struct fib_notifier_ops ip6mr_notifier_ops_template = { 1276 .family = RTNL_FAMILY_IP6MR, 1277 .fib_seq_read = ip6mr_seq_read, 1278 .fib_dump = ip6mr_dump, 1279 .owner = THIS_MODULE, 1280 }; 1281 1282 static int __net_init ip6mr_notifier_init(struct net *net) 1283 { 1284 struct fib_notifier_ops *ops; 1285 1286 net->ipv6.ipmr_seq = 0; 1287 1288 ops = fib_notifier_ops_register(&ip6mr_notifier_ops_template, net); 1289 if (IS_ERR(ops)) 1290 return PTR_ERR(ops); 1291 1292 net->ipv6.ip6mr_notifier_ops = ops; 1293 1294 return 0; 1295 } 1296 1297 static void __net_exit ip6mr_notifier_exit(struct net *net) 1298 { 1299 fib_notifier_ops_unregister(net->ipv6.ip6mr_notifier_ops); 1300 net->ipv6.ip6mr_notifier_ops = NULL; 1301 } 1302 1303 /* Setup for IP multicast routing */ 1304 static int __net_init ip6mr_net_init(struct net *net) 1305 { 1306 int err; 1307 1308 err = ip6mr_notifier_init(net); 1309 if (err) 1310 return err; 1311 1312 err = ip6mr_rules_init(net); 1313 if (err < 0) 1314 goto ip6mr_rules_fail; 1315 1316 #ifdef CONFIG_PROC_FS 1317 err = -ENOMEM; 1318 if (!proc_create_net("ip6_mr_vif", 0, net->proc_net, &ip6mr_vif_seq_ops, 1319 sizeof(struct mr_vif_iter))) 1320 goto proc_vif_fail; 1321 if (!proc_create_net("ip6_mr_cache", 0, net->proc_net, &ipmr_mfc_seq_ops, 1322 sizeof(struct mr_mfc_iter))) 1323 goto proc_cache_fail; 1324 #endif 1325 1326 return 0; 1327 1328 #ifdef CONFIG_PROC_FS 1329 proc_cache_fail: 1330 remove_proc_entry("ip6_mr_vif", net->proc_net); 1331 proc_vif_fail: 1332 ip6mr_rules_exit(net); 1333 #endif 1334 ip6mr_rules_fail: 1335 ip6mr_notifier_exit(net); 1336 return err; 1337 } 1338 1339 static void __net_exit ip6mr_net_exit(struct net *net) 1340 { 1341 #ifdef CONFIG_PROC_FS 1342 remove_proc_entry("ip6_mr_cache", net->proc_net); 1343 remove_proc_entry("ip6_mr_vif", net->proc_net); 1344 #endif 1345 ip6mr_rules_exit(net); 1346 ip6mr_notifier_exit(net); 1347 } 1348 1349 static struct pernet_operations ip6mr_net_ops = { 1350 .init = ip6mr_net_init, 1351 .exit = ip6mr_net_exit, 1352 }; 1353 1354 int __init ip6_mr_init(void) 1355 { 1356 int err; 1357 1358 mrt_cachep = kmem_cache_create("ip6_mrt_cache", 1359 sizeof(struct mfc6_cache), 1360 0, SLAB_HWCACHE_ALIGN, 1361 NULL); 1362 if (!mrt_cachep) 1363 return -ENOMEM; 1364 1365 err = register_pernet_subsys(&ip6mr_net_ops); 1366 if (err) 1367 goto reg_pernet_fail; 1368 1369 err = register_netdevice_notifier(&ip6_mr_notifier); 1370 if (err) 1371 goto reg_notif_fail; 1372 #ifdef CONFIG_IPV6_PIMSM_V2 1373 if (inet6_add_protocol(&pim6_protocol, IPPROTO_PIM) < 0) { 1374 pr_err("%s: can't add PIM protocol\n", __func__); 1375 err = -EAGAIN; 1376 goto add_proto_fail; 1377 } 1378 #endif 1379 err = rtnl_register_module(THIS_MODULE, RTNL_FAMILY_IP6MR, RTM_GETROUTE, 1380 NULL, ip6mr_rtm_dumproute, 0); 1381 if (err == 0) 1382 return 0; 1383 1384 #ifdef CONFIG_IPV6_PIMSM_V2 1385 inet6_del_protocol(&pim6_protocol, IPPROTO_PIM); 1386 add_proto_fail: 1387 unregister_netdevice_notifier(&ip6_mr_notifier); 1388 #endif 1389 reg_notif_fail: 1390 unregister_pernet_subsys(&ip6mr_net_ops); 1391 reg_pernet_fail: 1392 kmem_cache_destroy(mrt_cachep); 1393 return err; 1394 } 1395 1396 void ip6_mr_cleanup(void) 1397 { 1398 rtnl_unregister(RTNL_FAMILY_IP6MR, RTM_GETROUTE); 1399 #ifdef CONFIG_IPV6_PIMSM_V2 1400 inet6_del_protocol(&pim6_protocol, IPPROTO_PIM); 1401 #endif 1402 unregister_netdevice_notifier(&ip6_mr_notifier); 1403 unregister_pernet_subsys(&ip6mr_net_ops); 1404 kmem_cache_destroy(mrt_cachep); 1405 } 1406 1407 static int ip6mr_mfc_add(struct net *net, struct mr_table *mrt, 1408 struct mf6cctl *mfc, int mrtsock, int parent) 1409 { 1410 unsigned char ttls[MAXMIFS]; 1411 struct mfc6_cache *uc, *c; 1412 struct mr_mfc *_uc; 1413 bool found; 1414 int i, err; 1415 1416 if (mfc->mf6cc_parent >= MAXMIFS) 1417 return -ENFILE; 1418 1419 memset(ttls, 255, MAXMIFS); 1420 for (i = 0; i < MAXMIFS; i++) { 1421 if (IF_ISSET(i, &mfc->mf6cc_ifset)) 1422 ttls[i] = 1; 1423 } 1424 1425 /* The entries are added/deleted only under RTNL */ 1426 rcu_read_lock(); 1427 c = ip6mr_cache_find_parent(mrt, &mfc->mf6cc_origin.sin6_addr, 1428 &mfc->mf6cc_mcastgrp.sin6_addr, parent); 1429 rcu_read_unlock(); 1430 if (c) { 1431 write_lock_bh(&mrt_lock); 1432 c->_c.mfc_parent = mfc->mf6cc_parent; 1433 ip6mr_update_thresholds(mrt, &c->_c, ttls); 1434 if (!mrtsock) 1435 c->_c.mfc_flags |= MFC_STATIC; 1436 write_unlock_bh(&mrt_lock); 1437 call_ip6mr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_REPLACE, 1438 c, mrt->id); 1439 mr6_netlink_event(mrt, c, RTM_NEWROUTE); 1440 return 0; 1441 } 1442 1443 if (!ipv6_addr_any(&mfc->mf6cc_mcastgrp.sin6_addr) && 1444 !ipv6_addr_is_multicast(&mfc->mf6cc_mcastgrp.sin6_addr)) 1445 return -EINVAL; 1446 1447 c = ip6mr_cache_alloc(); 1448 if (!c) 1449 return -ENOMEM; 1450 1451 c->mf6c_origin = mfc->mf6cc_origin.sin6_addr; 1452 c->mf6c_mcastgrp = mfc->mf6cc_mcastgrp.sin6_addr; 1453 c->_c.mfc_parent = mfc->mf6cc_parent; 1454 ip6mr_update_thresholds(mrt, &c->_c, ttls); 1455 if (!mrtsock) 1456 c->_c.mfc_flags |= MFC_STATIC; 1457 1458 err = rhltable_insert_key(&mrt->mfc_hash, &c->cmparg, &c->_c.mnode, 1459 ip6mr_rht_params); 1460 if (err) { 1461 pr_err("ip6mr: rhtable insert error %d\n", err); 1462 ip6mr_cache_free(c); 1463 return err; 1464 } 1465 list_add_tail_rcu(&c->_c.list, &mrt->mfc_cache_list); 1466 1467 /* Check to see if we resolved a queued list. If so we 1468 * need to send on the frames and tidy up. 1469 */ 1470 found = false; 1471 spin_lock_bh(&mfc_unres_lock); 1472 list_for_each_entry(_uc, &mrt->mfc_unres_queue, list) { 1473 uc = (struct mfc6_cache *)_uc; 1474 if (ipv6_addr_equal(&uc->mf6c_origin, &c->mf6c_origin) && 1475 ipv6_addr_equal(&uc->mf6c_mcastgrp, &c->mf6c_mcastgrp)) { 1476 list_del(&_uc->list); 1477 atomic_dec(&mrt->cache_resolve_queue_len); 1478 found = true; 1479 break; 1480 } 1481 } 1482 if (list_empty(&mrt->mfc_unres_queue)) 1483 del_timer(&mrt->ipmr_expire_timer); 1484 spin_unlock_bh(&mfc_unres_lock); 1485 1486 if (found) { 1487 ip6mr_cache_resolve(net, mrt, uc, c); 1488 ip6mr_cache_free(uc); 1489 } 1490 call_ip6mr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_ADD, 1491 c, mrt->id); 1492 mr6_netlink_event(mrt, c, RTM_NEWROUTE); 1493 return 0; 1494 } 1495 1496 /* 1497 * Close the multicast socket, and clear the vif tables etc 1498 */ 1499 1500 static void mroute_clean_tables(struct mr_table *mrt, int flags) 1501 { 1502 struct mr_mfc *c, *tmp; 1503 LIST_HEAD(list); 1504 int i; 1505 1506 /* Shut down all active vif entries */ 1507 if (flags & (MRT6_FLUSH_MIFS | MRT6_FLUSH_MIFS_STATIC)) { 1508 for (i = 0; i < mrt->maxvif; i++) { 1509 if (((mrt->vif_table[i].flags & VIFF_STATIC) && 1510 !(flags & MRT6_FLUSH_MIFS_STATIC)) || 1511 (!(mrt->vif_table[i].flags & VIFF_STATIC) && !(flags & MRT6_FLUSH_MIFS))) 1512 continue; 1513 mif6_delete(mrt, i, 0, &list); 1514 } 1515 unregister_netdevice_many(&list); 1516 } 1517 1518 /* Wipe the cache */ 1519 if (flags & (MRT6_FLUSH_MFC | MRT6_FLUSH_MFC_STATIC)) { 1520 list_for_each_entry_safe(c, tmp, &mrt->mfc_cache_list, list) { 1521 if (((c->mfc_flags & MFC_STATIC) && !(flags & MRT6_FLUSH_MFC_STATIC)) || 1522 (!(c->mfc_flags & MFC_STATIC) && !(flags & MRT6_FLUSH_MFC))) 1523 continue; 1524 rhltable_remove(&mrt->mfc_hash, &c->mnode, ip6mr_rht_params); 1525 list_del_rcu(&c->list); 1526 call_ip6mr_mfc_entry_notifiers(read_pnet(&mrt->net), 1527 FIB_EVENT_ENTRY_DEL, 1528 (struct mfc6_cache *)c, mrt->id); 1529 mr6_netlink_event(mrt, (struct mfc6_cache *)c, RTM_DELROUTE); 1530 mr_cache_put(c); 1531 } 1532 } 1533 1534 if (flags & MRT6_FLUSH_MFC) { 1535 if (atomic_read(&mrt->cache_resolve_queue_len) != 0) { 1536 spin_lock_bh(&mfc_unres_lock); 1537 list_for_each_entry_safe(c, tmp, &mrt->mfc_unres_queue, list) { 1538 list_del(&c->list); 1539 mr6_netlink_event(mrt, (struct mfc6_cache *)c, 1540 RTM_DELROUTE); 1541 ip6mr_destroy_unres(mrt, (struct mfc6_cache *)c); 1542 } 1543 spin_unlock_bh(&mfc_unres_lock); 1544 } 1545 } 1546 } 1547 1548 static int ip6mr_sk_init(struct mr_table *mrt, struct sock *sk) 1549 { 1550 int err = 0; 1551 struct net *net = sock_net(sk); 1552 1553 rtnl_lock(); 1554 write_lock_bh(&mrt_lock); 1555 if (rtnl_dereference(mrt->mroute_sk)) { 1556 err = -EADDRINUSE; 1557 } else { 1558 rcu_assign_pointer(mrt->mroute_sk, sk); 1559 sock_set_flag(sk, SOCK_RCU_FREE); 1560 net->ipv6.devconf_all->mc_forwarding++; 1561 } 1562 write_unlock_bh(&mrt_lock); 1563 1564 if (!err) 1565 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF, 1566 NETCONFA_MC_FORWARDING, 1567 NETCONFA_IFINDEX_ALL, 1568 net->ipv6.devconf_all); 1569 rtnl_unlock(); 1570 1571 return err; 1572 } 1573 1574 int ip6mr_sk_done(struct sock *sk) 1575 { 1576 int err = -EACCES; 1577 struct net *net = sock_net(sk); 1578 struct mr_table *mrt; 1579 1580 if (sk->sk_type != SOCK_RAW || 1581 inet_sk(sk)->inet_num != IPPROTO_ICMPV6) 1582 return err; 1583 1584 rtnl_lock(); 1585 ip6mr_for_each_table(mrt, net) { 1586 if (sk == rtnl_dereference(mrt->mroute_sk)) { 1587 write_lock_bh(&mrt_lock); 1588 RCU_INIT_POINTER(mrt->mroute_sk, NULL); 1589 /* Note that mroute_sk had SOCK_RCU_FREE set, 1590 * so the RCU grace period before sk freeing 1591 * is guaranteed by sk_destruct() 1592 */ 1593 net->ipv6.devconf_all->mc_forwarding--; 1594 write_unlock_bh(&mrt_lock); 1595 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF, 1596 NETCONFA_MC_FORWARDING, 1597 NETCONFA_IFINDEX_ALL, 1598 net->ipv6.devconf_all); 1599 1600 mroute_clean_tables(mrt, MRT6_FLUSH_MIFS | MRT6_FLUSH_MFC); 1601 err = 0; 1602 break; 1603 } 1604 } 1605 rtnl_unlock(); 1606 1607 return err; 1608 } 1609 1610 bool mroute6_is_socket(struct net *net, struct sk_buff *skb) 1611 { 1612 struct mr_table *mrt; 1613 struct flowi6 fl6 = { 1614 .flowi6_iif = skb->skb_iif ? : LOOPBACK_IFINDEX, 1615 .flowi6_oif = skb->dev->ifindex, 1616 .flowi6_mark = skb->mark, 1617 }; 1618 1619 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0) 1620 return NULL; 1621 1622 return rcu_access_pointer(mrt->mroute_sk); 1623 } 1624 EXPORT_SYMBOL(mroute6_is_socket); 1625 1626 /* 1627 * Socket options and virtual interface manipulation. The whole 1628 * virtual interface system is a complete heap, but unfortunately 1629 * that's how BSD mrouted happens to think. Maybe one day with a proper 1630 * MOSPF/PIM router set up we can clean this up. 1631 */ 1632 1633 int ip6_mroute_setsockopt(struct sock *sk, int optname, char __user *optval, unsigned int optlen) 1634 { 1635 int ret, parent = 0; 1636 struct mif6ctl vif; 1637 struct mf6cctl mfc; 1638 mifi_t mifi; 1639 struct net *net = sock_net(sk); 1640 struct mr_table *mrt; 1641 1642 if (sk->sk_type != SOCK_RAW || 1643 inet_sk(sk)->inet_num != IPPROTO_ICMPV6) 1644 return -EOPNOTSUPP; 1645 1646 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT); 1647 if (!mrt) 1648 return -ENOENT; 1649 1650 if (optname != MRT6_INIT) { 1651 if (sk != rcu_access_pointer(mrt->mroute_sk) && 1652 !ns_capable(net->user_ns, CAP_NET_ADMIN)) 1653 return -EACCES; 1654 } 1655 1656 switch (optname) { 1657 case MRT6_INIT: 1658 if (optlen < sizeof(int)) 1659 return -EINVAL; 1660 1661 return ip6mr_sk_init(mrt, sk); 1662 1663 case MRT6_DONE: 1664 return ip6mr_sk_done(sk); 1665 1666 case MRT6_ADD_MIF: 1667 if (optlen < sizeof(vif)) 1668 return -EINVAL; 1669 if (copy_from_user(&vif, optval, sizeof(vif))) 1670 return -EFAULT; 1671 if (vif.mif6c_mifi >= MAXMIFS) 1672 return -ENFILE; 1673 rtnl_lock(); 1674 ret = mif6_add(net, mrt, &vif, 1675 sk == rtnl_dereference(mrt->mroute_sk)); 1676 rtnl_unlock(); 1677 return ret; 1678 1679 case MRT6_DEL_MIF: 1680 if (optlen < sizeof(mifi_t)) 1681 return -EINVAL; 1682 if (copy_from_user(&mifi, optval, sizeof(mifi_t))) 1683 return -EFAULT; 1684 rtnl_lock(); 1685 ret = mif6_delete(mrt, mifi, 0, NULL); 1686 rtnl_unlock(); 1687 return ret; 1688 1689 /* 1690 * Manipulate the forwarding caches. These live 1691 * in a sort of kernel/user symbiosis. 1692 */ 1693 case MRT6_ADD_MFC: 1694 case MRT6_DEL_MFC: 1695 parent = -1; 1696 /* fall through */ 1697 case MRT6_ADD_MFC_PROXY: 1698 case MRT6_DEL_MFC_PROXY: 1699 if (optlen < sizeof(mfc)) 1700 return -EINVAL; 1701 if (copy_from_user(&mfc, optval, sizeof(mfc))) 1702 return -EFAULT; 1703 if (parent == 0) 1704 parent = mfc.mf6cc_parent; 1705 rtnl_lock(); 1706 if (optname == MRT6_DEL_MFC || optname == MRT6_DEL_MFC_PROXY) 1707 ret = ip6mr_mfc_delete(mrt, &mfc, parent); 1708 else 1709 ret = ip6mr_mfc_add(net, mrt, &mfc, 1710 sk == 1711 rtnl_dereference(mrt->mroute_sk), 1712 parent); 1713 rtnl_unlock(); 1714 return ret; 1715 1716 case MRT6_FLUSH: 1717 { 1718 int flags; 1719 1720 if (optlen != sizeof(flags)) 1721 return -EINVAL; 1722 if (get_user(flags, (int __user *)optval)) 1723 return -EFAULT; 1724 rtnl_lock(); 1725 mroute_clean_tables(mrt, flags); 1726 rtnl_unlock(); 1727 return 0; 1728 } 1729 1730 /* 1731 * Control PIM assert (to activate pim will activate assert) 1732 */ 1733 case MRT6_ASSERT: 1734 { 1735 int v; 1736 1737 if (optlen != sizeof(v)) 1738 return -EINVAL; 1739 if (get_user(v, (int __user *)optval)) 1740 return -EFAULT; 1741 mrt->mroute_do_assert = v; 1742 return 0; 1743 } 1744 1745 #ifdef CONFIG_IPV6_PIMSM_V2 1746 case MRT6_PIM: 1747 { 1748 int v; 1749 1750 if (optlen != sizeof(v)) 1751 return -EINVAL; 1752 if (get_user(v, (int __user *)optval)) 1753 return -EFAULT; 1754 v = !!v; 1755 rtnl_lock(); 1756 ret = 0; 1757 if (v != mrt->mroute_do_pim) { 1758 mrt->mroute_do_pim = v; 1759 mrt->mroute_do_assert = v; 1760 } 1761 rtnl_unlock(); 1762 return ret; 1763 } 1764 1765 #endif 1766 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES 1767 case MRT6_TABLE: 1768 { 1769 u32 v; 1770 1771 if (optlen != sizeof(u32)) 1772 return -EINVAL; 1773 if (get_user(v, (u32 __user *)optval)) 1774 return -EFAULT; 1775 /* "pim6reg%u" should not exceed 16 bytes (IFNAMSIZ) */ 1776 if (v != RT_TABLE_DEFAULT && v >= 100000000) 1777 return -EINVAL; 1778 if (sk == rcu_access_pointer(mrt->mroute_sk)) 1779 return -EBUSY; 1780 1781 rtnl_lock(); 1782 ret = 0; 1783 mrt = ip6mr_new_table(net, v); 1784 if (IS_ERR(mrt)) 1785 ret = PTR_ERR(mrt); 1786 else 1787 raw6_sk(sk)->ip6mr_table = v; 1788 rtnl_unlock(); 1789 return ret; 1790 } 1791 #endif 1792 /* 1793 * Spurious command, or MRT6_VERSION which you cannot 1794 * set. 1795 */ 1796 default: 1797 return -ENOPROTOOPT; 1798 } 1799 } 1800 1801 /* 1802 * Getsock opt support for the multicast routing system. 1803 */ 1804 1805 int ip6_mroute_getsockopt(struct sock *sk, int optname, char __user *optval, 1806 int __user *optlen) 1807 { 1808 int olr; 1809 int val; 1810 struct net *net = sock_net(sk); 1811 struct mr_table *mrt; 1812 1813 if (sk->sk_type != SOCK_RAW || 1814 inet_sk(sk)->inet_num != IPPROTO_ICMPV6) 1815 return -EOPNOTSUPP; 1816 1817 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT); 1818 if (!mrt) 1819 return -ENOENT; 1820 1821 switch (optname) { 1822 case MRT6_VERSION: 1823 val = 0x0305; 1824 break; 1825 #ifdef CONFIG_IPV6_PIMSM_V2 1826 case MRT6_PIM: 1827 val = mrt->mroute_do_pim; 1828 break; 1829 #endif 1830 case MRT6_ASSERT: 1831 val = mrt->mroute_do_assert; 1832 break; 1833 default: 1834 return -ENOPROTOOPT; 1835 } 1836 1837 if (get_user(olr, optlen)) 1838 return -EFAULT; 1839 1840 olr = min_t(int, olr, sizeof(int)); 1841 if (olr < 0) 1842 return -EINVAL; 1843 1844 if (put_user(olr, optlen)) 1845 return -EFAULT; 1846 if (copy_to_user(optval, &val, olr)) 1847 return -EFAULT; 1848 return 0; 1849 } 1850 1851 /* 1852 * The IP multicast ioctl support routines. 1853 */ 1854 1855 int ip6mr_ioctl(struct sock *sk, int cmd, void __user *arg) 1856 { 1857 struct sioc_sg_req6 sr; 1858 struct sioc_mif_req6 vr; 1859 struct vif_device *vif; 1860 struct mfc6_cache *c; 1861 struct net *net = sock_net(sk); 1862 struct mr_table *mrt; 1863 1864 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT); 1865 if (!mrt) 1866 return -ENOENT; 1867 1868 switch (cmd) { 1869 case SIOCGETMIFCNT_IN6: 1870 if (copy_from_user(&vr, arg, sizeof(vr))) 1871 return -EFAULT; 1872 if (vr.mifi >= mrt->maxvif) 1873 return -EINVAL; 1874 vr.mifi = array_index_nospec(vr.mifi, mrt->maxvif); 1875 read_lock(&mrt_lock); 1876 vif = &mrt->vif_table[vr.mifi]; 1877 if (VIF_EXISTS(mrt, vr.mifi)) { 1878 vr.icount = vif->pkt_in; 1879 vr.ocount = vif->pkt_out; 1880 vr.ibytes = vif->bytes_in; 1881 vr.obytes = vif->bytes_out; 1882 read_unlock(&mrt_lock); 1883 1884 if (copy_to_user(arg, &vr, sizeof(vr))) 1885 return -EFAULT; 1886 return 0; 1887 } 1888 read_unlock(&mrt_lock); 1889 return -EADDRNOTAVAIL; 1890 case SIOCGETSGCNT_IN6: 1891 if (copy_from_user(&sr, arg, sizeof(sr))) 1892 return -EFAULT; 1893 1894 rcu_read_lock(); 1895 c = ip6mr_cache_find(mrt, &sr.src.sin6_addr, &sr.grp.sin6_addr); 1896 if (c) { 1897 sr.pktcnt = c->_c.mfc_un.res.pkt; 1898 sr.bytecnt = c->_c.mfc_un.res.bytes; 1899 sr.wrong_if = c->_c.mfc_un.res.wrong_if; 1900 rcu_read_unlock(); 1901 1902 if (copy_to_user(arg, &sr, sizeof(sr))) 1903 return -EFAULT; 1904 return 0; 1905 } 1906 rcu_read_unlock(); 1907 return -EADDRNOTAVAIL; 1908 default: 1909 return -ENOIOCTLCMD; 1910 } 1911 } 1912 1913 #ifdef CONFIG_COMPAT 1914 struct compat_sioc_sg_req6 { 1915 struct sockaddr_in6 src; 1916 struct sockaddr_in6 grp; 1917 compat_ulong_t pktcnt; 1918 compat_ulong_t bytecnt; 1919 compat_ulong_t wrong_if; 1920 }; 1921 1922 struct compat_sioc_mif_req6 { 1923 mifi_t mifi; 1924 compat_ulong_t icount; 1925 compat_ulong_t ocount; 1926 compat_ulong_t ibytes; 1927 compat_ulong_t obytes; 1928 }; 1929 1930 int ip6mr_compat_ioctl(struct sock *sk, unsigned int cmd, void __user *arg) 1931 { 1932 struct compat_sioc_sg_req6 sr; 1933 struct compat_sioc_mif_req6 vr; 1934 struct vif_device *vif; 1935 struct mfc6_cache *c; 1936 struct net *net = sock_net(sk); 1937 struct mr_table *mrt; 1938 1939 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT); 1940 if (!mrt) 1941 return -ENOENT; 1942 1943 switch (cmd) { 1944 case SIOCGETMIFCNT_IN6: 1945 if (copy_from_user(&vr, arg, sizeof(vr))) 1946 return -EFAULT; 1947 if (vr.mifi >= mrt->maxvif) 1948 return -EINVAL; 1949 vr.mifi = array_index_nospec(vr.mifi, mrt->maxvif); 1950 read_lock(&mrt_lock); 1951 vif = &mrt->vif_table[vr.mifi]; 1952 if (VIF_EXISTS(mrt, vr.mifi)) { 1953 vr.icount = vif->pkt_in; 1954 vr.ocount = vif->pkt_out; 1955 vr.ibytes = vif->bytes_in; 1956 vr.obytes = vif->bytes_out; 1957 read_unlock(&mrt_lock); 1958 1959 if (copy_to_user(arg, &vr, sizeof(vr))) 1960 return -EFAULT; 1961 return 0; 1962 } 1963 read_unlock(&mrt_lock); 1964 return -EADDRNOTAVAIL; 1965 case SIOCGETSGCNT_IN6: 1966 if (copy_from_user(&sr, arg, sizeof(sr))) 1967 return -EFAULT; 1968 1969 rcu_read_lock(); 1970 c = ip6mr_cache_find(mrt, &sr.src.sin6_addr, &sr.grp.sin6_addr); 1971 if (c) { 1972 sr.pktcnt = c->_c.mfc_un.res.pkt; 1973 sr.bytecnt = c->_c.mfc_un.res.bytes; 1974 sr.wrong_if = c->_c.mfc_un.res.wrong_if; 1975 rcu_read_unlock(); 1976 1977 if (copy_to_user(arg, &sr, sizeof(sr))) 1978 return -EFAULT; 1979 return 0; 1980 } 1981 rcu_read_unlock(); 1982 return -EADDRNOTAVAIL; 1983 default: 1984 return -ENOIOCTLCMD; 1985 } 1986 } 1987 #endif 1988 1989 static inline int ip6mr_forward2_finish(struct net *net, struct sock *sk, struct sk_buff *skb) 1990 { 1991 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), 1992 IPSTATS_MIB_OUTFORWDATAGRAMS); 1993 IP6_ADD_STATS(net, ip6_dst_idev(skb_dst(skb)), 1994 IPSTATS_MIB_OUTOCTETS, skb->len); 1995 return dst_output(net, sk, skb); 1996 } 1997 1998 /* 1999 * Processing handlers for ip6mr_forward 2000 */ 2001 2002 static int ip6mr_forward2(struct net *net, struct mr_table *mrt, 2003 struct sk_buff *skb, int vifi) 2004 { 2005 struct ipv6hdr *ipv6h; 2006 struct vif_device *vif = &mrt->vif_table[vifi]; 2007 struct net_device *dev; 2008 struct dst_entry *dst; 2009 struct flowi6 fl6; 2010 2011 if (!vif->dev) 2012 goto out_free; 2013 2014 #ifdef CONFIG_IPV6_PIMSM_V2 2015 if (vif->flags & MIFF_REGISTER) { 2016 vif->pkt_out++; 2017 vif->bytes_out += skb->len; 2018 vif->dev->stats.tx_bytes += skb->len; 2019 vif->dev->stats.tx_packets++; 2020 ip6mr_cache_report(mrt, skb, vifi, MRT6MSG_WHOLEPKT); 2021 goto out_free; 2022 } 2023 #endif 2024 2025 ipv6h = ipv6_hdr(skb); 2026 2027 fl6 = (struct flowi6) { 2028 .flowi6_oif = vif->link, 2029 .daddr = ipv6h->daddr, 2030 }; 2031 2032 dst = ip6_route_output(net, NULL, &fl6); 2033 if (dst->error) { 2034 dst_release(dst); 2035 goto out_free; 2036 } 2037 2038 skb_dst_drop(skb); 2039 skb_dst_set(skb, dst); 2040 2041 /* 2042 * RFC1584 teaches, that DVMRP/PIM router must deliver packets locally 2043 * not only before forwarding, but after forwarding on all output 2044 * interfaces. It is clear, if mrouter runs a multicasting 2045 * program, it should receive packets not depending to what interface 2046 * program is joined. 2047 * If we will not make it, the program will have to join on all 2048 * interfaces. On the other hand, multihoming host (or router, but 2049 * not mrouter) cannot join to more than one interface - it will 2050 * result in receiving multiple packets. 2051 */ 2052 dev = vif->dev; 2053 skb->dev = dev; 2054 vif->pkt_out++; 2055 vif->bytes_out += skb->len; 2056 2057 /* We are about to write */ 2058 /* XXX: extension headers? */ 2059 if (skb_cow(skb, sizeof(*ipv6h) + LL_RESERVED_SPACE(dev))) 2060 goto out_free; 2061 2062 ipv6h = ipv6_hdr(skb); 2063 ipv6h->hop_limit--; 2064 2065 IP6CB(skb)->flags |= IP6SKB_FORWARDED; 2066 2067 return NF_HOOK(NFPROTO_IPV6, NF_INET_FORWARD, 2068 net, NULL, skb, skb->dev, dev, 2069 ip6mr_forward2_finish); 2070 2071 out_free: 2072 kfree_skb(skb); 2073 return 0; 2074 } 2075 2076 static int ip6mr_find_vif(struct mr_table *mrt, struct net_device *dev) 2077 { 2078 int ct; 2079 2080 for (ct = mrt->maxvif - 1; ct >= 0; ct--) { 2081 if (mrt->vif_table[ct].dev == dev) 2082 break; 2083 } 2084 return ct; 2085 } 2086 2087 static void ip6_mr_forward(struct net *net, struct mr_table *mrt, 2088 struct net_device *dev, struct sk_buff *skb, 2089 struct mfc6_cache *c) 2090 { 2091 int psend = -1; 2092 int vif, ct; 2093 int true_vifi = ip6mr_find_vif(mrt, dev); 2094 2095 vif = c->_c.mfc_parent; 2096 c->_c.mfc_un.res.pkt++; 2097 c->_c.mfc_un.res.bytes += skb->len; 2098 c->_c.mfc_un.res.lastuse = jiffies; 2099 2100 if (ipv6_addr_any(&c->mf6c_origin) && true_vifi >= 0) { 2101 struct mfc6_cache *cache_proxy; 2102 2103 /* For an (*,G) entry, we only check that the incoming 2104 * interface is part of the static tree. 2105 */ 2106 rcu_read_lock(); 2107 cache_proxy = mr_mfc_find_any_parent(mrt, vif); 2108 if (cache_proxy && 2109 cache_proxy->_c.mfc_un.res.ttls[true_vifi] < 255) { 2110 rcu_read_unlock(); 2111 goto forward; 2112 } 2113 rcu_read_unlock(); 2114 } 2115 2116 /* 2117 * Wrong interface: drop packet and (maybe) send PIM assert. 2118 */ 2119 if (mrt->vif_table[vif].dev != dev) { 2120 c->_c.mfc_un.res.wrong_if++; 2121 2122 if (true_vifi >= 0 && mrt->mroute_do_assert && 2123 /* pimsm uses asserts, when switching from RPT to SPT, 2124 so that we cannot check that packet arrived on an oif. 2125 It is bad, but otherwise we would need to move pretty 2126 large chunk of pimd to kernel. Ough... --ANK 2127 */ 2128 (mrt->mroute_do_pim || 2129 c->_c.mfc_un.res.ttls[true_vifi] < 255) && 2130 time_after(jiffies, 2131 c->_c.mfc_un.res.last_assert + 2132 MFC_ASSERT_THRESH)) { 2133 c->_c.mfc_un.res.last_assert = jiffies; 2134 ip6mr_cache_report(mrt, skb, true_vifi, MRT6MSG_WRONGMIF); 2135 } 2136 goto dont_forward; 2137 } 2138 2139 forward: 2140 mrt->vif_table[vif].pkt_in++; 2141 mrt->vif_table[vif].bytes_in += skb->len; 2142 2143 /* 2144 * Forward the frame 2145 */ 2146 if (ipv6_addr_any(&c->mf6c_origin) && 2147 ipv6_addr_any(&c->mf6c_mcastgrp)) { 2148 if (true_vifi >= 0 && 2149 true_vifi != c->_c.mfc_parent && 2150 ipv6_hdr(skb)->hop_limit > 2151 c->_c.mfc_un.res.ttls[c->_c.mfc_parent]) { 2152 /* It's an (*,*) entry and the packet is not coming from 2153 * the upstream: forward the packet to the upstream 2154 * only. 2155 */ 2156 psend = c->_c.mfc_parent; 2157 goto last_forward; 2158 } 2159 goto dont_forward; 2160 } 2161 for (ct = c->_c.mfc_un.res.maxvif - 1; 2162 ct >= c->_c.mfc_un.res.minvif; ct--) { 2163 /* For (*,G) entry, don't forward to the incoming interface */ 2164 if ((!ipv6_addr_any(&c->mf6c_origin) || ct != true_vifi) && 2165 ipv6_hdr(skb)->hop_limit > c->_c.mfc_un.res.ttls[ct]) { 2166 if (psend != -1) { 2167 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC); 2168 if (skb2) 2169 ip6mr_forward2(net, mrt, skb2, psend); 2170 } 2171 psend = ct; 2172 } 2173 } 2174 last_forward: 2175 if (psend != -1) { 2176 ip6mr_forward2(net, mrt, skb, psend); 2177 return; 2178 } 2179 2180 dont_forward: 2181 kfree_skb(skb); 2182 } 2183 2184 2185 /* 2186 * Multicast packets for forwarding arrive here 2187 */ 2188 2189 int ip6_mr_input(struct sk_buff *skb) 2190 { 2191 struct mfc6_cache *cache; 2192 struct net *net = dev_net(skb->dev); 2193 struct mr_table *mrt; 2194 struct flowi6 fl6 = { 2195 .flowi6_iif = skb->dev->ifindex, 2196 .flowi6_mark = skb->mark, 2197 }; 2198 int err; 2199 struct net_device *dev; 2200 2201 /* skb->dev passed in is the master dev for vrfs. 2202 * Get the proper interface that does have a vif associated with it. 2203 */ 2204 dev = skb->dev; 2205 if (netif_is_l3_master(skb->dev)) { 2206 dev = dev_get_by_index_rcu(net, IPCB(skb)->iif); 2207 if (!dev) { 2208 kfree_skb(skb); 2209 return -ENODEV; 2210 } 2211 } 2212 2213 err = ip6mr_fib_lookup(net, &fl6, &mrt); 2214 if (err < 0) { 2215 kfree_skb(skb); 2216 return err; 2217 } 2218 2219 read_lock(&mrt_lock); 2220 cache = ip6mr_cache_find(mrt, 2221 &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr); 2222 if (!cache) { 2223 int vif = ip6mr_find_vif(mrt, dev); 2224 2225 if (vif >= 0) 2226 cache = ip6mr_cache_find_any(mrt, 2227 &ipv6_hdr(skb)->daddr, 2228 vif); 2229 } 2230 2231 /* 2232 * No usable cache entry 2233 */ 2234 if (!cache) { 2235 int vif; 2236 2237 vif = ip6mr_find_vif(mrt, dev); 2238 if (vif >= 0) { 2239 int err = ip6mr_cache_unresolved(mrt, vif, skb, dev); 2240 read_unlock(&mrt_lock); 2241 2242 return err; 2243 } 2244 read_unlock(&mrt_lock); 2245 kfree_skb(skb); 2246 return -ENODEV; 2247 } 2248 2249 ip6_mr_forward(net, mrt, dev, skb, cache); 2250 2251 read_unlock(&mrt_lock); 2252 2253 return 0; 2254 } 2255 2256 int ip6mr_get_route(struct net *net, struct sk_buff *skb, struct rtmsg *rtm, 2257 u32 portid) 2258 { 2259 int err; 2260 struct mr_table *mrt; 2261 struct mfc6_cache *cache; 2262 struct rt6_info *rt = (struct rt6_info *)skb_dst(skb); 2263 2264 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT); 2265 if (!mrt) 2266 return -ENOENT; 2267 2268 read_lock(&mrt_lock); 2269 cache = ip6mr_cache_find(mrt, &rt->rt6i_src.addr, &rt->rt6i_dst.addr); 2270 if (!cache && skb->dev) { 2271 int vif = ip6mr_find_vif(mrt, skb->dev); 2272 2273 if (vif >= 0) 2274 cache = ip6mr_cache_find_any(mrt, &rt->rt6i_dst.addr, 2275 vif); 2276 } 2277 2278 if (!cache) { 2279 struct sk_buff *skb2; 2280 struct ipv6hdr *iph; 2281 struct net_device *dev; 2282 int vif; 2283 2284 dev = skb->dev; 2285 if (!dev || (vif = ip6mr_find_vif(mrt, dev)) < 0) { 2286 read_unlock(&mrt_lock); 2287 return -ENODEV; 2288 } 2289 2290 /* really correct? */ 2291 skb2 = alloc_skb(sizeof(struct ipv6hdr), GFP_ATOMIC); 2292 if (!skb2) { 2293 read_unlock(&mrt_lock); 2294 return -ENOMEM; 2295 } 2296 2297 NETLINK_CB(skb2).portid = portid; 2298 skb_reset_transport_header(skb2); 2299 2300 skb_put(skb2, sizeof(struct ipv6hdr)); 2301 skb_reset_network_header(skb2); 2302 2303 iph = ipv6_hdr(skb2); 2304 iph->version = 0; 2305 iph->priority = 0; 2306 iph->flow_lbl[0] = 0; 2307 iph->flow_lbl[1] = 0; 2308 iph->flow_lbl[2] = 0; 2309 iph->payload_len = 0; 2310 iph->nexthdr = IPPROTO_NONE; 2311 iph->hop_limit = 0; 2312 iph->saddr = rt->rt6i_src.addr; 2313 iph->daddr = rt->rt6i_dst.addr; 2314 2315 err = ip6mr_cache_unresolved(mrt, vif, skb2, dev); 2316 read_unlock(&mrt_lock); 2317 2318 return err; 2319 } 2320 2321 err = mr_fill_mroute(mrt, skb, &cache->_c, rtm); 2322 read_unlock(&mrt_lock); 2323 return err; 2324 } 2325 2326 static int ip6mr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb, 2327 u32 portid, u32 seq, struct mfc6_cache *c, int cmd, 2328 int flags) 2329 { 2330 struct nlmsghdr *nlh; 2331 struct rtmsg *rtm; 2332 int err; 2333 2334 nlh = nlmsg_put(skb, portid, seq, cmd, sizeof(*rtm), flags); 2335 if (!nlh) 2336 return -EMSGSIZE; 2337 2338 rtm = nlmsg_data(nlh); 2339 rtm->rtm_family = RTNL_FAMILY_IP6MR; 2340 rtm->rtm_dst_len = 128; 2341 rtm->rtm_src_len = 128; 2342 rtm->rtm_tos = 0; 2343 rtm->rtm_table = mrt->id; 2344 if (nla_put_u32(skb, RTA_TABLE, mrt->id)) 2345 goto nla_put_failure; 2346 rtm->rtm_type = RTN_MULTICAST; 2347 rtm->rtm_scope = RT_SCOPE_UNIVERSE; 2348 if (c->_c.mfc_flags & MFC_STATIC) 2349 rtm->rtm_protocol = RTPROT_STATIC; 2350 else 2351 rtm->rtm_protocol = RTPROT_MROUTED; 2352 rtm->rtm_flags = 0; 2353 2354 if (nla_put_in6_addr(skb, RTA_SRC, &c->mf6c_origin) || 2355 nla_put_in6_addr(skb, RTA_DST, &c->mf6c_mcastgrp)) 2356 goto nla_put_failure; 2357 err = mr_fill_mroute(mrt, skb, &c->_c, rtm); 2358 /* do not break the dump if cache is unresolved */ 2359 if (err < 0 && err != -ENOENT) 2360 goto nla_put_failure; 2361 2362 nlmsg_end(skb, nlh); 2363 return 0; 2364 2365 nla_put_failure: 2366 nlmsg_cancel(skb, nlh); 2367 return -EMSGSIZE; 2368 } 2369 2370 static int _ip6mr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb, 2371 u32 portid, u32 seq, struct mr_mfc *c, 2372 int cmd, int flags) 2373 { 2374 return ip6mr_fill_mroute(mrt, skb, portid, seq, (struct mfc6_cache *)c, 2375 cmd, flags); 2376 } 2377 2378 static int mr6_msgsize(bool unresolved, int maxvif) 2379 { 2380 size_t len = 2381 NLMSG_ALIGN(sizeof(struct rtmsg)) 2382 + nla_total_size(4) /* RTA_TABLE */ 2383 + nla_total_size(sizeof(struct in6_addr)) /* RTA_SRC */ 2384 + nla_total_size(sizeof(struct in6_addr)) /* RTA_DST */ 2385 ; 2386 2387 if (!unresolved) 2388 len = len 2389 + nla_total_size(4) /* RTA_IIF */ 2390 + nla_total_size(0) /* RTA_MULTIPATH */ 2391 + maxvif * NLA_ALIGN(sizeof(struct rtnexthop)) 2392 /* RTA_MFC_STATS */ 2393 + nla_total_size_64bit(sizeof(struct rta_mfc_stats)) 2394 ; 2395 2396 return len; 2397 } 2398 2399 static void mr6_netlink_event(struct mr_table *mrt, struct mfc6_cache *mfc, 2400 int cmd) 2401 { 2402 struct net *net = read_pnet(&mrt->net); 2403 struct sk_buff *skb; 2404 int err = -ENOBUFS; 2405 2406 skb = nlmsg_new(mr6_msgsize(mfc->_c.mfc_parent >= MAXMIFS, mrt->maxvif), 2407 GFP_ATOMIC); 2408 if (!skb) 2409 goto errout; 2410 2411 err = ip6mr_fill_mroute(mrt, skb, 0, 0, mfc, cmd, 0); 2412 if (err < 0) 2413 goto errout; 2414 2415 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_MROUTE, NULL, GFP_ATOMIC); 2416 return; 2417 2418 errout: 2419 kfree_skb(skb); 2420 if (err < 0) 2421 rtnl_set_sk_err(net, RTNLGRP_IPV6_MROUTE, err); 2422 } 2423 2424 static size_t mrt6msg_netlink_msgsize(size_t payloadlen) 2425 { 2426 size_t len = 2427 NLMSG_ALIGN(sizeof(struct rtgenmsg)) 2428 + nla_total_size(1) /* IP6MRA_CREPORT_MSGTYPE */ 2429 + nla_total_size(4) /* IP6MRA_CREPORT_MIF_ID */ 2430 /* IP6MRA_CREPORT_SRC_ADDR */ 2431 + nla_total_size(sizeof(struct in6_addr)) 2432 /* IP6MRA_CREPORT_DST_ADDR */ 2433 + nla_total_size(sizeof(struct in6_addr)) 2434 /* IP6MRA_CREPORT_PKT */ 2435 + nla_total_size(payloadlen) 2436 ; 2437 2438 return len; 2439 } 2440 2441 static void mrt6msg_netlink_event(struct mr_table *mrt, struct sk_buff *pkt) 2442 { 2443 struct net *net = read_pnet(&mrt->net); 2444 struct nlmsghdr *nlh; 2445 struct rtgenmsg *rtgenm; 2446 struct mrt6msg *msg; 2447 struct sk_buff *skb; 2448 struct nlattr *nla; 2449 int payloadlen; 2450 2451 payloadlen = pkt->len - sizeof(struct mrt6msg); 2452 msg = (struct mrt6msg *)skb_transport_header(pkt); 2453 2454 skb = nlmsg_new(mrt6msg_netlink_msgsize(payloadlen), GFP_ATOMIC); 2455 if (!skb) 2456 goto errout; 2457 2458 nlh = nlmsg_put(skb, 0, 0, RTM_NEWCACHEREPORT, 2459 sizeof(struct rtgenmsg), 0); 2460 if (!nlh) 2461 goto errout; 2462 rtgenm = nlmsg_data(nlh); 2463 rtgenm->rtgen_family = RTNL_FAMILY_IP6MR; 2464 if (nla_put_u8(skb, IP6MRA_CREPORT_MSGTYPE, msg->im6_msgtype) || 2465 nla_put_u32(skb, IP6MRA_CREPORT_MIF_ID, msg->im6_mif) || 2466 nla_put_in6_addr(skb, IP6MRA_CREPORT_SRC_ADDR, 2467 &msg->im6_src) || 2468 nla_put_in6_addr(skb, IP6MRA_CREPORT_DST_ADDR, 2469 &msg->im6_dst)) 2470 goto nla_put_failure; 2471 2472 nla = nla_reserve(skb, IP6MRA_CREPORT_PKT, payloadlen); 2473 if (!nla || skb_copy_bits(pkt, sizeof(struct mrt6msg), 2474 nla_data(nla), payloadlen)) 2475 goto nla_put_failure; 2476 2477 nlmsg_end(skb, nlh); 2478 2479 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_MROUTE_R, NULL, GFP_ATOMIC); 2480 return; 2481 2482 nla_put_failure: 2483 nlmsg_cancel(skb, nlh); 2484 errout: 2485 kfree_skb(skb); 2486 rtnl_set_sk_err(net, RTNLGRP_IPV6_MROUTE_R, -ENOBUFS); 2487 } 2488 2489 static int ip6mr_rtm_dumproute(struct sk_buff *skb, struct netlink_callback *cb) 2490 { 2491 const struct nlmsghdr *nlh = cb->nlh; 2492 struct fib_dump_filter filter = {}; 2493 int err; 2494 2495 if (cb->strict_check) { 2496 err = ip_valid_fib_dump_req(sock_net(skb->sk), nlh, 2497 &filter, cb); 2498 if (err < 0) 2499 return err; 2500 } 2501 2502 if (filter.table_id) { 2503 struct mr_table *mrt; 2504 2505 mrt = ip6mr_get_table(sock_net(skb->sk), filter.table_id); 2506 if (!mrt) { 2507 if (filter.dump_all_families) 2508 return skb->len; 2509 2510 NL_SET_ERR_MSG_MOD(cb->extack, "MR table does not exist"); 2511 return -ENOENT; 2512 } 2513 err = mr_table_dump(mrt, skb, cb, _ip6mr_fill_mroute, 2514 &mfc_unres_lock, &filter); 2515 return skb->len ? : err; 2516 } 2517 2518 return mr_rtm_dumproute(skb, cb, ip6mr_mr_table_iter, 2519 _ip6mr_fill_mroute, &mfc_unres_lock, &filter); 2520 } 2521