1 #include <linux/types.h> 2 #include <linux/skbuff.h> 3 #include <linux/socket.h> 4 #include <linux/sysctl.h> 5 #include <linux/net.h> 6 #include <linux/module.h> 7 #include <linux/if_arp.h> 8 #include <linux/ipv6.h> 9 #include <linux/mpls.h> 10 #include <linux/vmalloc.h> 11 #include <net/ip.h> 12 #include <net/dst.h> 13 #include <net/sock.h> 14 #include <net/arp.h> 15 #include <net/ip_fib.h> 16 #include <net/netevent.h> 17 #include <net/netns/generic.h> 18 #include "internal.h" 19 20 #define LABEL_NOT_SPECIFIED (1<<20) 21 #define MAX_NEW_LABELS 2 22 23 /* This maximum ha length copied from the definition of struct neighbour */ 24 #define MAX_VIA_ALEN (ALIGN(MAX_ADDR_LEN, sizeof(unsigned long))) 25 26 struct mpls_route { /* next hop label forwarding entry */ 27 struct net_device __rcu *rt_dev; 28 struct rcu_head rt_rcu; 29 u32 rt_label[MAX_NEW_LABELS]; 30 u8 rt_protocol; /* routing protocol that set this entry */ 31 u8 rt_labels; 32 u8 rt_via_alen; 33 u8 rt_via_table; 34 u8 rt_via[0]; 35 }; 36 37 static int zero = 0; 38 static int label_limit = (1 << 20) - 1; 39 40 static void rtmsg_lfib(int event, u32 label, struct mpls_route *rt, 41 struct nlmsghdr *nlh, struct net *net, u32 portid, 42 unsigned int nlm_flags); 43 44 static struct mpls_route *mpls_route_input_rcu(struct net *net, unsigned index) 45 { 46 struct mpls_route *rt = NULL; 47 48 if (index < net->mpls.platform_labels) { 49 struct mpls_route __rcu **platform_label = 50 rcu_dereference(net->mpls.platform_label); 51 rt = rcu_dereference(platform_label[index]); 52 } 53 return rt; 54 } 55 56 static inline struct mpls_dev *mpls_dev_get(const struct net_device *dev) 57 { 58 return rcu_dereference_rtnl(dev->mpls_ptr); 59 } 60 61 static bool mpls_output_possible(const struct net_device *dev) 62 { 63 return dev && (dev->flags & IFF_UP) && netif_carrier_ok(dev); 64 } 65 66 static unsigned int mpls_rt_header_size(const struct mpls_route *rt) 67 { 68 /* The size of the layer 2.5 labels to be added for this route */ 69 return rt->rt_labels * sizeof(struct mpls_shim_hdr); 70 } 71 72 static unsigned int mpls_dev_mtu(const struct net_device *dev) 73 { 74 /* The amount of data the layer 2 frame can hold */ 75 return dev->mtu; 76 } 77 78 static bool mpls_pkt_too_big(const struct sk_buff *skb, unsigned int mtu) 79 { 80 if (skb->len <= mtu) 81 return false; 82 83 if (skb_is_gso(skb) && skb_gso_network_seglen(skb) <= mtu) 84 return false; 85 86 return true; 87 } 88 89 static bool mpls_egress(struct mpls_route *rt, struct sk_buff *skb, 90 struct mpls_entry_decoded dec) 91 { 92 /* RFC4385 and RFC5586 encode other packets in mpls such that 93 * they don't conflict with the ip version number, making 94 * decoding by examining the ip version correct in everything 95 * except for the strangest cases. 96 * 97 * The strange cases if we choose to support them will require 98 * manual configuration. 99 */ 100 struct iphdr *hdr4; 101 bool success = true; 102 103 /* The IPv4 code below accesses through the IPv4 header 104 * checksum, which is 12 bytes into the packet. 105 * The IPv6 code below accesses through the IPv6 hop limit 106 * which is 8 bytes into the packet. 107 * 108 * For all supported cases there should always be at least 12 109 * bytes of packet data present. The IPv4 header is 20 bytes 110 * without options and the IPv6 header is always 40 bytes 111 * long. 112 */ 113 if (!pskb_may_pull(skb, 12)) 114 return false; 115 116 /* Use ip_hdr to find the ip protocol version */ 117 hdr4 = ip_hdr(skb); 118 if (hdr4->version == 4) { 119 skb->protocol = htons(ETH_P_IP); 120 csum_replace2(&hdr4->check, 121 htons(hdr4->ttl << 8), 122 htons(dec.ttl << 8)); 123 hdr4->ttl = dec.ttl; 124 } 125 else if (hdr4->version == 6) { 126 struct ipv6hdr *hdr6 = ipv6_hdr(skb); 127 skb->protocol = htons(ETH_P_IPV6); 128 hdr6->hop_limit = dec.ttl; 129 } 130 else 131 /* version 0 and version 1 are used by pseudo wires */ 132 success = false; 133 return success; 134 } 135 136 static int mpls_forward(struct sk_buff *skb, struct net_device *dev, 137 struct packet_type *pt, struct net_device *orig_dev) 138 { 139 struct net *net = dev_net(dev); 140 struct mpls_shim_hdr *hdr; 141 struct mpls_route *rt; 142 struct mpls_entry_decoded dec; 143 struct net_device *out_dev; 144 struct mpls_dev *mdev; 145 unsigned int hh_len; 146 unsigned int new_header_size; 147 unsigned int mtu; 148 int err; 149 150 /* Careful this entire function runs inside of an rcu critical section */ 151 152 mdev = mpls_dev_get(dev); 153 if (!mdev || !mdev->input_enabled) 154 goto drop; 155 156 if (skb->pkt_type != PACKET_HOST) 157 goto drop; 158 159 if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL) 160 goto drop; 161 162 if (!pskb_may_pull(skb, sizeof(*hdr))) 163 goto drop; 164 165 /* Read and decode the label */ 166 hdr = mpls_hdr(skb); 167 dec = mpls_entry_decode(hdr); 168 169 /* Pop the label */ 170 skb_pull(skb, sizeof(*hdr)); 171 skb_reset_network_header(skb); 172 173 skb_orphan(skb); 174 175 rt = mpls_route_input_rcu(net, dec.label); 176 if (!rt) 177 goto drop; 178 179 /* Find the output device */ 180 out_dev = rcu_dereference(rt->rt_dev); 181 if (!mpls_output_possible(out_dev)) 182 goto drop; 183 184 if (skb_warn_if_lro(skb)) 185 goto drop; 186 187 skb_forward_csum(skb); 188 189 /* Verify ttl is valid */ 190 if (dec.ttl <= 1) 191 goto drop; 192 dec.ttl -= 1; 193 194 /* Verify the destination can hold the packet */ 195 new_header_size = mpls_rt_header_size(rt); 196 mtu = mpls_dev_mtu(out_dev); 197 if (mpls_pkt_too_big(skb, mtu - new_header_size)) 198 goto drop; 199 200 hh_len = LL_RESERVED_SPACE(out_dev); 201 if (!out_dev->header_ops) 202 hh_len = 0; 203 204 /* Ensure there is enough space for the headers in the skb */ 205 if (skb_cow(skb, hh_len + new_header_size)) 206 goto drop; 207 208 skb->dev = out_dev; 209 skb->protocol = htons(ETH_P_MPLS_UC); 210 211 if (unlikely(!new_header_size && dec.bos)) { 212 /* Penultimate hop popping */ 213 if (!mpls_egress(rt, skb, dec)) 214 goto drop; 215 } else { 216 bool bos; 217 int i; 218 skb_push(skb, new_header_size); 219 skb_reset_network_header(skb); 220 /* Push the new labels */ 221 hdr = mpls_hdr(skb); 222 bos = dec.bos; 223 for (i = rt->rt_labels - 1; i >= 0; i--) { 224 hdr[i] = mpls_entry_encode(rt->rt_label[i], dec.ttl, 0, bos); 225 bos = false; 226 } 227 } 228 229 err = neigh_xmit(rt->rt_via_table, out_dev, rt->rt_via, skb); 230 if (err) 231 net_dbg_ratelimited("%s: packet transmission failed: %d\n", 232 __func__, err); 233 return 0; 234 235 drop: 236 kfree_skb(skb); 237 return NET_RX_DROP; 238 } 239 240 static struct packet_type mpls_packet_type __read_mostly = { 241 .type = cpu_to_be16(ETH_P_MPLS_UC), 242 .func = mpls_forward, 243 }; 244 245 static const struct nla_policy rtm_mpls_policy[RTA_MAX+1] = { 246 [RTA_DST] = { .type = NLA_U32 }, 247 [RTA_OIF] = { .type = NLA_U32 }, 248 }; 249 250 struct mpls_route_config { 251 u32 rc_protocol; 252 u32 rc_ifindex; 253 u16 rc_via_table; 254 u16 rc_via_alen; 255 u8 rc_via[MAX_VIA_ALEN]; 256 u32 rc_label; 257 u32 rc_output_labels; 258 u32 rc_output_label[MAX_NEW_LABELS]; 259 u32 rc_nlflags; 260 struct nl_info rc_nlinfo; 261 }; 262 263 static struct mpls_route *mpls_rt_alloc(size_t alen) 264 { 265 struct mpls_route *rt; 266 267 rt = kzalloc(sizeof(*rt) + alen, GFP_KERNEL); 268 if (rt) 269 rt->rt_via_alen = alen; 270 return rt; 271 } 272 273 static void mpls_rt_free(struct mpls_route *rt) 274 { 275 if (rt) 276 kfree_rcu(rt, rt_rcu); 277 } 278 279 static void mpls_notify_route(struct net *net, unsigned index, 280 struct mpls_route *old, struct mpls_route *new, 281 const struct nl_info *info) 282 { 283 struct nlmsghdr *nlh = info ? info->nlh : NULL; 284 unsigned portid = info ? info->portid : 0; 285 int event = new ? RTM_NEWROUTE : RTM_DELROUTE; 286 struct mpls_route *rt = new ? new : old; 287 unsigned nlm_flags = (old && new) ? NLM_F_REPLACE : 0; 288 /* Ignore reserved labels for now */ 289 if (rt && (index >= 16)) 290 rtmsg_lfib(event, index, rt, nlh, net, portid, nlm_flags); 291 } 292 293 static void mpls_route_update(struct net *net, unsigned index, 294 struct net_device *dev, struct mpls_route *new, 295 const struct nl_info *info) 296 { 297 struct mpls_route __rcu **platform_label; 298 struct mpls_route *rt, *old = NULL; 299 300 ASSERT_RTNL(); 301 302 platform_label = rtnl_dereference(net->mpls.platform_label); 303 rt = rtnl_dereference(platform_label[index]); 304 if (!dev || (rt && (rtnl_dereference(rt->rt_dev) == dev))) { 305 rcu_assign_pointer(platform_label[index], new); 306 old = rt; 307 } 308 309 mpls_notify_route(net, index, old, new, info); 310 311 /* If we removed a route free it now */ 312 mpls_rt_free(old); 313 } 314 315 static unsigned find_free_label(struct net *net) 316 { 317 struct mpls_route __rcu **platform_label; 318 size_t platform_labels; 319 unsigned index; 320 321 platform_label = rtnl_dereference(net->mpls.platform_label); 322 platform_labels = net->mpls.platform_labels; 323 for (index = 16; index < platform_labels; index++) { 324 if (!rtnl_dereference(platform_label[index])) 325 return index; 326 } 327 return LABEL_NOT_SPECIFIED; 328 } 329 330 static int mpls_route_add(struct mpls_route_config *cfg) 331 { 332 struct mpls_route __rcu **platform_label; 333 struct net *net = cfg->rc_nlinfo.nl_net; 334 struct net_device *dev = NULL; 335 struct mpls_route *rt, *old; 336 unsigned index; 337 int i; 338 int err = -EINVAL; 339 340 index = cfg->rc_label; 341 342 /* If a label was not specified during insert pick one */ 343 if ((index == LABEL_NOT_SPECIFIED) && 344 (cfg->rc_nlflags & NLM_F_CREATE)) { 345 index = find_free_label(net); 346 } 347 348 /* The first 16 labels are reserved, and may not be set */ 349 if (index < 16) 350 goto errout; 351 352 /* The full 20 bit range may not be supported. */ 353 if (index >= net->mpls.platform_labels) 354 goto errout; 355 356 /* Ensure only a supported number of labels are present */ 357 if (cfg->rc_output_labels > MAX_NEW_LABELS) 358 goto errout; 359 360 err = -ENODEV; 361 dev = dev_get_by_index(net, cfg->rc_ifindex); 362 if (!dev) 363 goto errout; 364 365 /* Ensure this is a supported device */ 366 err = -EINVAL; 367 if (!mpls_dev_get(dev)) 368 goto errout; 369 370 err = -EINVAL; 371 if ((cfg->rc_via_table == NEIGH_LINK_TABLE) && 372 (dev->addr_len != cfg->rc_via_alen)) 373 goto errout; 374 375 /* Append makes no sense with mpls */ 376 err = -EOPNOTSUPP; 377 if (cfg->rc_nlflags & NLM_F_APPEND) 378 goto errout; 379 380 err = -EEXIST; 381 platform_label = rtnl_dereference(net->mpls.platform_label); 382 old = rtnl_dereference(platform_label[index]); 383 if ((cfg->rc_nlflags & NLM_F_EXCL) && old) 384 goto errout; 385 386 err = -EEXIST; 387 if (!(cfg->rc_nlflags & NLM_F_REPLACE) && old) 388 goto errout; 389 390 err = -ENOENT; 391 if (!(cfg->rc_nlflags & NLM_F_CREATE) && !old) 392 goto errout; 393 394 err = -ENOMEM; 395 rt = mpls_rt_alloc(cfg->rc_via_alen); 396 if (!rt) 397 goto errout; 398 399 rt->rt_labels = cfg->rc_output_labels; 400 for (i = 0; i < rt->rt_labels; i++) 401 rt->rt_label[i] = cfg->rc_output_label[i]; 402 rt->rt_protocol = cfg->rc_protocol; 403 RCU_INIT_POINTER(rt->rt_dev, dev); 404 rt->rt_via_table = cfg->rc_via_table; 405 memcpy(rt->rt_via, cfg->rc_via, cfg->rc_via_alen); 406 407 mpls_route_update(net, index, NULL, rt, &cfg->rc_nlinfo); 408 409 dev_put(dev); 410 return 0; 411 412 errout: 413 if (dev) 414 dev_put(dev); 415 return err; 416 } 417 418 static int mpls_route_del(struct mpls_route_config *cfg) 419 { 420 struct net *net = cfg->rc_nlinfo.nl_net; 421 unsigned index; 422 int err = -EINVAL; 423 424 index = cfg->rc_label; 425 426 /* The first 16 labels are reserved, and may not be removed */ 427 if (index < 16) 428 goto errout; 429 430 /* The full 20 bit range may not be supported */ 431 if (index >= net->mpls.platform_labels) 432 goto errout; 433 434 mpls_route_update(net, index, NULL, NULL, &cfg->rc_nlinfo); 435 436 err = 0; 437 errout: 438 return err; 439 } 440 441 #define MPLS_PERDEV_SYSCTL_OFFSET(field) \ 442 (&((struct mpls_dev *)0)->field) 443 444 static const struct ctl_table mpls_dev_table[] = { 445 { 446 .procname = "input", 447 .maxlen = sizeof(int), 448 .mode = 0644, 449 .proc_handler = proc_dointvec, 450 .data = MPLS_PERDEV_SYSCTL_OFFSET(input_enabled), 451 }, 452 { } 453 }; 454 455 static int mpls_dev_sysctl_register(struct net_device *dev, 456 struct mpls_dev *mdev) 457 { 458 char path[sizeof("net/mpls/conf/") + IFNAMSIZ]; 459 struct ctl_table *table; 460 int i; 461 462 table = kmemdup(&mpls_dev_table, sizeof(mpls_dev_table), GFP_KERNEL); 463 if (!table) 464 goto out; 465 466 /* Table data contains only offsets relative to the base of 467 * the mdev at this point, so make them absolute. 468 */ 469 for (i = 0; i < ARRAY_SIZE(mpls_dev_table); i++) 470 table[i].data = (char *)mdev + (uintptr_t)table[i].data; 471 472 snprintf(path, sizeof(path), "net/mpls/conf/%s", dev->name); 473 474 mdev->sysctl = register_net_sysctl(dev_net(dev), path, table); 475 if (!mdev->sysctl) 476 goto free; 477 478 return 0; 479 480 free: 481 kfree(table); 482 out: 483 return -ENOBUFS; 484 } 485 486 static void mpls_dev_sysctl_unregister(struct mpls_dev *mdev) 487 { 488 struct ctl_table *table; 489 490 table = mdev->sysctl->ctl_table_arg; 491 unregister_net_sysctl_table(mdev->sysctl); 492 kfree(table); 493 } 494 495 static struct mpls_dev *mpls_add_dev(struct net_device *dev) 496 { 497 struct mpls_dev *mdev; 498 int err = -ENOMEM; 499 500 ASSERT_RTNL(); 501 502 mdev = kzalloc(sizeof(*mdev), GFP_KERNEL); 503 if (!mdev) 504 return ERR_PTR(err); 505 506 err = mpls_dev_sysctl_register(dev, mdev); 507 if (err) 508 goto free; 509 510 rcu_assign_pointer(dev->mpls_ptr, mdev); 511 512 return mdev; 513 514 free: 515 kfree(mdev); 516 return ERR_PTR(err); 517 } 518 519 static void mpls_ifdown(struct net_device *dev) 520 { 521 struct mpls_route __rcu **platform_label; 522 struct net *net = dev_net(dev); 523 struct mpls_dev *mdev; 524 unsigned index; 525 526 platform_label = rtnl_dereference(net->mpls.platform_label); 527 for (index = 0; index < net->mpls.platform_labels; index++) { 528 struct mpls_route *rt = rtnl_dereference(platform_label[index]); 529 if (!rt) 530 continue; 531 if (rtnl_dereference(rt->rt_dev) != dev) 532 continue; 533 rt->rt_dev = NULL; 534 } 535 536 mdev = mpls_dev_get(dev); 537 if (!mdev) 538 return; 539 540 mpls_dev_sysctl_unregister(mdev); 541 542 RCU_INIT_POINTER(dev->mpls_ptr, NULL); 543 544 kfree(mdev); 545 } 546 547 static int mpls_dev_notify(struct notifier_block *this, unsigned long event, 548 void *ptr) 549 { 550 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 551 struct mpls_dev *mdev; 552 553 switch(event) { 554 case NETDEV_REGISTER: 555 /* For now just support ethernet devices */ 556 if ((dev->type == ARPHRD_ETHER) || 557 (dev->type == ARPHRD_LOOPBACK)) { 558 mdev = mpls_add_dev(dev); 559 if (IS_ERR(mdev)) 560 return notifier_from_errno(PTR_ERR(mdev)); 561 } 562 break; 563 564 case NETDEV_UNREGISTER: 565 mpls_ifdown(dev); 566 break; 567 } 568 return NOTIFY_OK; 569 } 570 571 static struct notifier_block mpls_dev_notifier = { 572 .notifier_call = mpls_dev_notify, 573 }; 574 575 static int nla_put_via(struct sk_buff *skb, 576 u8 table, const void *addr, int alen) 577 { 578 static const int table_to_family[NEIGH_NR_TABLES + 1] = { 579 AF_INET, AF_INET6, AF_DECnet, AF_PACKET, 580 }; 581 struct nlattr *nla; 582 struct rtvia *via; 583 int family = AF_UNSPEC; 584 585 nla = nla_reserve(skb, RTA_VIA, alen + 2); 586 if (!nla) 587 return -EMSGSIZE; 588 589 if (table <= NEIGH_NR_TABLES) 590 family = table_to_family[table]; 591 592 via = nla_data(nla); 593 via->rtvia_family = family; 594 memcpy(via->rtvia_addr, addr, alen); 595 return 0; 596 } 597 598 int nla_put_labels(struct sk_buff *skb, int attrtype, 599 u8 labels, const u32 label[]) 600 { 601 struct nlattr *nla; 602 struct mpls_shim_hdr *nla_label; 603 bool bos; 604 int i; 605 nla = nla_reserve(skb, attrtype, labels*4); 606 if (!nla) 607 return -EMSGSIZE; 608 609 nla_label = nla_data(nla); 610 bos = true; 611 for (i = labels - 1; i >= 0; i--) { 612 nla_label[i] = mpls_entry_encode(label[i], 0, 0, bos); 613 bos = false; 614 } 615 616 return 0; 617 } 618 619 int nla_get_labels(const struct nlattr *nla, 620 u32 max_labels, u32 *labels, u32 label[]) 621 { 622 unsigned len = nla_len(nla); 623 unsigned nla_labels; 624 struct mpls_shim_hdr *nla_label; 625 bool bos; 626 int i; 627 628 /* len needs to be an even multiple of 4 (the label size) */ 629 if (len & 3) 630 return -EINVAL; 631 632 /* Limit the number of new labels allowed */ 633 nla_labels = len/4; 634 if (nla_labels > max_labels) 635 return -EINVAL; 636 637 nla_label = nla_data(nla); 638 bos = true; 639 for (i = nla_labels - 1; i >= 0; i--, bos = false) { 640 struct mpls_entry_decoded dec; 641 dec = mpls_entry_decode(nla_label + i); 642 643 /* Ensure the bottom of stack flag is properly set 644 * and ttl and tc are both clear. 645 */ 646 if ((dec.bos != bos) || dec.ttl || dec.tc) 647 return -EINVAL; 648 649 switch (dec.label) { 650 case LABEL_IMPLICIT_NULL: 651 /* RFC3032: This is a label that an LSR may 652 * assign and distribute, but which never 653 * actually appears in the encapsulation. 654 */ 655 return -EINVAL; 656 } 657 658 label[i] = dec.label; 659 } 660 *labels = nla_labels; 661 return 0; 662 } 663 664 static int rtm_to_route_config(struct sk_buff *skb, struct nlmsghdr *nlh, 665 struct mpls_route_config *cfg) 666 { 667 struct rtmsg *rtm; 668 struct nlattr *tb[RTA_MAX+1]; 669 int index; 670 int err; 671 672 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_mpls_policy); 673 if (err < 0) 674 goto errout; 675 676 err = -EINVAL; 677 rtm = nlmsg_data(nlh); 678 memset(cfg, 0, sizeof(*cfg)); 679 680 if (rtm->rtm_family != AF_MPLS) 681 goto errout; 682 if (rtm->rtm_dst_len != 20) 683 goto errout; 684 if (rtm->rtm_src_len != 0) 685 goto errout; 686 if (rtm->rtm_tos != 0) 687 goto errout; 688 if (rtm->rtm_table != RT_TABLE_MAIN) 689 goto errout; 690 /* Any value is acceptable for rtm_protocol */ 691 692 /* As mpls uses destination specific addresses 693 * (or source specific address in the case of multicast) 694 * all addresses have universal scope. 695 */ 696 if (rtm->rtm_scope != RT_SCOPE_UNIVERSE) 697 goto errout; 698 if (rtm->rtm_type != RTN_UNICAST) 699 goto errout; 700 if (rtm->rtm_flags != 0) 701 goto errout; 702 703 cfg->rc_label = LABEL_NOT_SPECIFIED; 704 cfg->rc_protocol = rtm->rtm_protocol; 705 cfg->rc_nlflags = nlh->nlmsg_flags; 706 cfg->rc_nlinfo.portid = NETLINK_CB(skb).portid; 707 cfg->rc_nlinfo.nlh = nlh; 708 cfg->rc_nlinfo.nl_net = sock_net(skb->sk); 709 710 for (index = 0; index <= RTA_MAX; index++) { 711 struct nlattr *nla = tb[index]; 712 if (!nla) 713 continue; 714 715 switch(index) { 716 case RTA_OIF: 717 cfg->rc_ifindex = nla_get_u32(nla); 718 break; 719 case RTA_NEWDST: 720 if (nla_get_labels(nla, MAX_NEW_LABELS, 721 &cfg->rc_output_labels, 722 cfg->rc_output_label)) 723 goto errout; 724 break; 725 case RTA_DST: 726 { 727 u32 label_count; 728 if (nla_get_labels(nla, 1, &label_count, 729 &cfg->rc_label)) 730 goto errout; 731 732 /* The first 16 labels are reserved, and may not be set */ 733 if (cfg->rc_label < 16) 734 goto errout; 735 736 break; 737 } 738 case RTA_VIA: 739 { 740 struct rtvia *via = nla_data(nla); 741 if (nla_len(nla) < offsetof(struct rtvia, rtvia_addr)) 742 goto errout; 743 cfg->rc_via_alen = nla_len(nla) - 744 offsetof(struct rtvia, rtvia_addr); 745 if (cfg->rc_via_alen > MAX_VIA_ALEN) 746 goto errout; 747 748 /* Validate the address family */ 749 switch(via->rtvia_family) { 750 case AF_PACKET: 751 cfg->rc_via_table = NEIGH_LINK_TABLE; 752 break; 753 case AF_INET: 754 cfg->rc_via_table = NEIGH_ARP_TABLE; 755 if (cfg->rc_via_alen != 4) 756 goto errout; 757 break; 758 case AF_INET6: 759 cfg->rc_via_table = NEIGH_ND_TABLE; 760 if (cfg->rc_via_alen != 16) 761 goto errout; 762 break; 763 default: 764 /* Unsupported address family */ 765 goto errout; 766 } 767 768 memcpy(cfg->rc_via, via->rtvia_addr, cfg->rc_via_alen); 769 break; 770 } 771 default: 772 /* Unsupported attribute */ 773 goto errout; 774 } 775 } 776 777 err = 0; 778 errout: 779 return err; 780 } 781 782 static int mpls_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh) 783 { 784 struct mpls_route_config cfg; 785 int err; 786 787 err = rtm_to_route_config(skb, nlh, &cfg); 788 if (err < 0) 789 return err; 790 791 return mpls_route_del(&cfg); 792 } 793 794 795 static int mpls_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh) 796 { 797 struct mpls_route_config cfg; 798 int err; 799 800 err = rtm_to_route_config(skb, nlh, &cfg); 801 if (err < 0) 802 return err; 803 804 return mpls_route_add(&cfg); 805 } 806 807 static int mpls_dump_route(struct sk_buff *skb, u32 portid, u32 seq, int event, 808 u32 label, struct mpls_route *rt, int flags) 809 { 810 struct net_device *dev; 811 struct nlmsghdr *nlh; 812 struct rtmsg *rtm; 813 814 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*rtm), flags); 815 if (nlh == NULL) 816 return -EMSGSIZE; 817 818 rtm = nlmsg_data(nlh); 819 rtm->rtm_family = AF_MPLS; 820 rtm->rtm_dst_len = 20; 821 rtm->rtm_src_len = 0; 822 rtm->rtm_tos = 0; 823 rtm->rtm_table = RT_TABLE_MAIN; 824 rtm->rtm_protocol = rt->rt_protocol; 825 rtm->rtm_scope = RT_SCOPE_UNIVERSE; 826 rtm->rtm_type = RTN_UNICAST; 827 rtm->rtm_flags = 0; 828 829 if (rt->rt_labels && 830 nla_put_labels(skb, RTA_NEWDST, rt->rt_labels, rt->rt_label)) 831 goto nla_put_failure; 832 if (nla_put_via(skb, rt->rt_via_table, rt->rt_via, rt->rt_via_alen)) 833 goto nla_put_failure; 834 dev = rtnl_dereference(rt->rt_dev); 835 if (dev && nla_put_u32(skb, RTA_OIF, dev->ifindex)) 836 goto nla_put_failure; 837 if (nla_put_labels(skb, RTA_DST, 1, &label)) 838 goto nla_put_failure; 839 840 nlmsg_end(skb, nlh); 841 return 0; 842 843 nla_put_failure: 844 nlmsg_cancel(skb, nlh); 845 return -EMSGSIZE; 846 } 847 848 static int mpls_dump_routes(struct sk_buff *skb, struct netlink_callback *cb) 849 { 850 struct net *net = sock_net(skb->sk); 851 struct mpls_route __rcu **platform_label; 852 size_t platform_labels; 853 unsigned int index; 854 855 ASSERT_RTNL(); 856 857 index = cb->args[0]; 858 if (index < 16) 859 index = 16; 860 861 platform_label = rtnl_dereference(net->mpls.platform_label); 862 platform_labels = net->mpls.platform_labels; 863 for (; index < platform_labels; index++) { 864 struct mpls_route *rt; 865 rt = rtnl_dereference(platform_label[index]); 866 if (!rt) 867 continue; 868 869 if (mpls_dump_route(skb, NETLINK_CB(cb->skb).portid, 870 cb->nlh->nlmsg_seq, RTM_NEWROUTE, 871 index, rt, NLM_F_MULTI) < 0) 872 break; 873 } 874 cb->args[0] = index; 875 876 return skb->len; 877 } 878 879 static inline size_t lfib_nlmsg_size(struct mpls_route *rt) 880 { 881 size_t payload = 882 NLMSG_ALIGN(sizeof(struct rtmsg)) 883 + nla_total_size(2 + rt->rt_via_alen) /* RTA_VIA */ 884 + nla_total_size(4); /* RTA_DST */ 885 if (rt->rt_labels) /* RTA_NEWDST */ 886 payload += nla_total_size(rt->rt_labels * 4); 887 if (rt->rt_dev) /* RTA_OIF */ 888 payload += nla_total_size(4); 889 return payload; 890 } 891 892 static void rtmsg_lfib(int event, u32 label, struct mpls_route *rt, 893 struct nlmsghdr *nlh, struct net *net, u32 portid, 894 unsigned int nlm_flags) 895 { 896 struct sk_buff *skb; 897 u32 seq = nlh ? nlh->nlmsg_seq : 0; 898 int err = -ENOBUFS; 899 900 skb = nlmsg_new(lfib_nlmsg_size(rt), GFP_KERNEL); 901 if (skb == NULL) 902 goto errout; 903 904 err = mpls_dump_route(skb, portid, seq, event, label, rt, nlm_flags); 905 if (err < 0) { 906 /* -EMSGSIZE implies BUG in lfib_nlmsg_size */ 907 WARN_ON(err == -EMSGSIZE); 908 kfree_skb(skb); 909 goto errout; 910 } 911 rtnl_notify(skb, net, portid, RTNLGRP_MPLS_ROUTE, nlh, GFP_KERNEL); 912 913 return; 914 errout: 915 if (err < 0) 916 rtnl_set_sk_err(net, RTNLGRP_MPLS_ROUTE, err); 917 } 918 919 static int resize_platform_label_table(struct net *net, size_t limit) 920 { 921 size_t size = sizeof(struct mpls_route *) * limit; 922 size_t old_limit; 923 size_t cp_size; 924 struct mpls_route __rcu **labels = NULL, **old; 925 struct mpls_route *rt0 = NULL, *rt2 = NULL; 926 unsigned index; 927 928 if (size) { 929 labels = kzalloc(size, GFP_KERNEL | __GFP_NOWARN | __GFP_NORETRY); 930 if (!labels) 931 labels = vzalloc(size); 932 933 if (!labels) 934 goto nolabels; 935 } 936 937 /* In case the predefined labels need to be populated */ 938 if (limit > LABEL_IPV4_EXPLICIT_NULL) { 939 struct net_device *lo = net->loopback_dev; 940 rt0 = mpls_rt_alloc(lo->addr_len); 941 if (!rt0) 942 goto nort0; 943 RCU_INIT_POINTER(rt0->rt_dev, lo); 944 rt0->rt_protocol = RTPROT_KERNEL; 945 rt0->rt_via_table = NEIGH_LINK_TABLE; 946 memcpy(rt0->rt_via, lo->dev_addr, lo->addr_len); 947 } 948 if (limit > LABEL_IPV6_EXPLICIT_NULL) { 949 struct net_device *lo = net->loopback_dev; 950 rt2 = mpls_rt_alloc(lo->addr_len); 951 if (!rt2) 952 goto nort2; 953 RCU_INIT_POINTER(rt2->rt_dev, lo); 954 rt2->rt_protocol = RTPROT_KERNEL; 955 rt2->rt_via_table = NEIGH_LINK_TABLE; 956 memcpy(rt2->rt_via, lo->dev_addr, lo->addr_len); 957 } 958 959 rtnl_lock(); 960 /* Remember the original table */ 961 old = rtnl_dereference(net->mpls.platform_label); 962 old_limit = net->mpls.platform_labels; 963 964 /* Free any labels beyond the new table */ 965 for (index = limit; index < old_limit; index++) 966 mpls_route_update(net, index, NULL, NULL, NULL); 967 968 /* Copy over the old labels */ 969 cp_size = size; 970 if (old_limit < limit) 971 cp_size = old_limit * sizeof(struct mpls_route *); 972 973 memcpy(labels, old, cp_size); 974 975 /* If needed set the predefined labels */ 976 if ((old_limit <= LABEL_IPV6_EXPLICIT_NULL) && 977 (limit > LABEL_IPV6_EXPLICIT_NULL)) { 978 RCU_INIT_POINTER(labels[LABEL_IPV6_EXPLICIT_NULL], rt2); 979 rt2 = NULL; 980 } 981 982 if ((old_limit <= LABEL_IPV4_EXPLICIT_NULL) && 983 (limit > LABEL_IPV4_EXPLICIT_NULL)) { 984 RCU_INIT_POINTER(labels[LABEL_IPV4_EXPLICIT_NULL], rt0); 985 rt0 = NULL; 986 } 987 988 /* Update the global pointers */ 989 net->mpls.platform_labels = limit; 990 rcu_assign_pointer(net->mpls.platform_label, labels); 991 992 rtnl_unlock(); 993 994 mpls_rt_free(rt2); 995 mpls_rt_free(rt0); 996 997 if (old) { 998 synchronize_rcu(); 999 kvfree(old); 1000 } 1001 return 0; 1002 1003 nort2: 1004 mpls_rt_free(rt0); 1005 nort0: 1006 kvfree(labels); 1007 nolabels: 1008 return -ENOMEM; 1009 } 1010 1011 static int mpls_platform_labels(struct ctl_table *table, int write, 1012 void __user *buffer, size_t *lenp, loff_t *ppos) 1013 { 1014 struct net *net = table->data; 1015 int platform_labels = net->mpls.platform_labels; 1016 int ret; 1017 struct ctl_table tmp = { 1018 .procname = table->procname, 1019 .data = &platform_labels, 1020 .maxlen = sizeof(int), 1021 .mode = table->mode, 1022 .extra1 = &zero, 1023 .extra2 = &label_limit, 1024 }; 1025 1026 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos); 1027 1028 if (write && ret == 0) 1029 ret = resize_platform_label_table(net, platform_labels); 1030 1031 return ret; 1032 } 1033 1034 static const struct ctl_table mpls_table[] = { 1035 { 1036 .procname = "platform_labels", 1037 .data = NULL, 1038 .maxlen = sizeof(int), 1039 .mode = 0644, 1040 .proc_handler = mpls_platform_labels, 1041 }, 1042 { } 1043 }; 1044 1045 static int mpls_net_init(struct net *net) 1046 { 1047 struct ctl_table *table; 1048 1049 net->mpls.platform_labels = 0; 1050 net->mpls.platform_label = NULL; 1051 1052 table = kmemdup(mpls_table, sizeof(mpls_table), GFP_KERNEL); 1053 if (table == NULL) 1054 return -ENOMEM; 1055 1056 table[0].data = net; 1057 net->mpls.ctl = register_net_sysctl(net, "net/mpls", table); 1058 if (net->mpls.ctl == NULL) 1059 return -ENOMEM; 1060 1061 return 0; 1062 } 1063 1064 static void mpls_net_exit(struct net *net) 1065 { 1066 struct mpls_route __rcu **platform_label; 1067 size_t platform_labels; 1068 struct ctl_table *table; 1069 unsigned int index; 1070 1071 table = net->mpls.ctl->ctl_table_arg; 1072 unregister_net_sysctl_table(net->mpls.ctl); 1073 kfree(table); 1074 1075 /* An rcu grace period has passed since there was a device in 1076 * the network namespace (and thus the last in flight packet) 1077 * left this network namespace. This is because 1078 * unregister_netdevice_many and netdev_run_todo has completed 1079 * for each network device that was in this network namespace. 1080 * 1081 * As such no additional rcu synchronization is necessary when 1082 * freeing the platform_label table. 1083 */ 1084 rtnl_lock(); 1085 platform_label = rtnl_dereference(net->mpls.platform_label); 1086 platform_labels = net->mpls.platform_labels; 1087 for (index = 0; index < platform_labels; index++) { 1088 struct mpls_route *rt = rtnl_dereference(platform_label[index]); 1089 RCU_INIT_POINTER(platform_label[index], NULL); 1090 mpls_rt_free(rt); 1091 } 1092 rtnl_unlock(); 1093 1094 kvfree(platform_label); 1095 } 1096 1097 static struct pernet_operations mpls_net_ops = { 1098 .init = mpls_net_init, 1099 .exit = mpls_net_exit, 1100 }; 1101 1102 static int __init mpls_init(void) 1103 { 1104 int err; 1105 1106 BUILD_BUG_ON(sizeof(struct mpls_shim_hdr) != 4); 1107 1108 err = register_pernet_subsys(&mpls_net_ops); 1109 if (err) 1110 goto out; 1111 1112 err = register_netdevice_notifier(&mpls_dev_notifier); 1113 if (err) 1114 goto out_unregister_pernet; 1115 1116 dev_add_pack(&mpls_packet_type); 1117 1118 rtnl_register(PF_MPLS, RTM_NEWROUTE, mpls_rtm_newroute, NULL, NULL); 1119 rtnl_register(PF_MPLS, RTM_DELROUTE, mpls_rtm_delroute, NULL, NULL); 1120 rtnl_register(PF_MPLS, RTM_GETROUTE, NULL, mpls_dump_routes, NULL); 1121 err = 0; 1122 out: 1123 return err; 1124 1125 out_unregister_pernet: 1126 unregister_pernet_subsys(&mpls_net_ops); 1127 goto out; 1128 } 1129 module_init(mpls_init); 1130 1131 static void __exit mpls_exit(void) 1132 { 1133 rtnl_unregister_all(PF_MPLS); 1134 dev_remove_pack(&mpls_packet_type); 1135 unregister_netdevice_notifier(&mpls_dev_notifier); 1136 unregister_pernet_subsys(&mpls_net_ops); 1137 } 1138 module_exit(mpls_exit); 1139 1140 MODULE_DESCRIPTION("MultiProtocol Label Switching"); 1141 MODULE_LICENSE("GPL v2"); 1142 MODULE_ALIAS_NETPROTO(PF_MPLS); 1143