]> git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/blob - net/ipv6/ip6mr.c
projects / mirror_ubuntu-jammy-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge tag 'devicetree-fixes-for-5.7' of git://git.kernel.org/pub/scm/linux/kernel...
[mirror_ubuntu-jammy-kernel.git] / net / ipv6 / ip6mr.c
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Linux IPv6 multicast routing support for BSD pim6sd
4 * Based on net/ipv4/ipmr.c.
5 *
6 * (c) 2004 Mickael Hoerdt, <hoerdt@clarinet.u-strasbg.fr>
7 * LSIIT Laboratory, Strasbourg, France
8 * (c) 2004 Jean-Philippe Andriot, <jean-philippe.andriot@6WIND.com>
9 * 6WIND, Paris, France
10 * Copyright (C)2007,2008 USAGI/WIDE Project
11 * YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
12 */
13
14 #include <linux/uaccess.h>
15 #include <linux/types.h>
16 #include <linux/sched.h>
17 #include <linux/errno.h>
18 #include <linux/mm.h>
19 #include <linux/kernel.h>
20 #include <linux/fcntl.h>
21 #include <linux/stat.h>
22 #include <linux/socket.h>
23 #include <linux/inet.h>
24 #include <linux/netdevice.h>
25 #include <linux/inetdevice.h>
26 #include <linux/proc_fs.h>
27 #include <linux/seq_file.h>
28 #include <linux/init.h>
29 #include <linux/compat.h>
30 #include <linux/rhashtable.h>
31 #include <net/protocol.h>
32 #include <linux/skbuff.h>
33 #include <net/raw.h>
34 #include <linux/notifier.h>
35 #include <linux/if_arp.h>
36 #include <net/checksum.h>
37 #include <net/netlink.h>
38 #include <net/fib_rules.h>
39
40 #include <net/ipv6.h>
41 #include <net/ip6_route.h>
42 #include <linux/mroute6.h>
43 #include <linux/pim.h>
44 #include <net/addrconf.h>
45 #include <linux/netfilter_ipv6.h>
46 #include <linux/export.h>
47 #include <net/ip6_checksum.h>
48 #include <linux/netconf.h>
49 #include <net/ip_tunnels.h>
50
51 #include <linux/nospec.h>
52
53 struct ip6mr_rule {
54 struct fib_rule common;
55 };
56
57 struct ip6mr_result {
58 struct mr_table *mrt;
59 };
60
61 /* Big lock, protecting vif table, mrt cache and mroute socket state.
62 Note that the changes are semaphored via rtnl_lock.
63 */
64
65 static DEFINE_RWLOCK(mrt_lock);
66
67 /* Multicast router control variables */
68
69 /* Special spinlock for queue of unresolved entries */
70 static DEFINE_SPINLOCK(mfc_unres_lock);
71
72 /* We return to original Alan's scheme. Hash table of resolved
73 entries is changed only in process context and protected
74 with weak lock mrt_lock. Queue of unresolved entries is protected
75 with strong spinlock mfc_unres_lock.
76
77 In this case data path is free of exclusive locks at all.
78 */
79
80 static struct kmem_cache *mrt_cachep __read_mostly;
81
82 static struct mr_table *ip6mr_new_table(struct net *net, u32 id);
83 static void ip6mr_free_table(struct mr_table *mrt);
84
85 static void ip6_mr_forward(struct net *net, struct mr_table *mrt,
86 struct net_device *dev, struct sk_buff *skb,
87 struct mfc6_cache *cache);
88 static int ip6mr_cache_report(struct mr_table *mrt, struct sk_buff *pkt,
89 mifi_t mifi, int assert);
90 static void mr6_netlink_event(struct mr_table *mrt, struct mfc6_cache *mfc,
91 int cmd);
92 static void mrt6msg_netlink_event(struct mr_table *mrt, struct sk_buff *pkt);
93 static int ip6mr_rtm_dumproute(struct sk_buff *skb,
94 struct netlink_callback *cb);
95 static void mroute_clean_tables(struct mr_table *mrt, int flags);
96 static void ipmr_expire_process(struct timer_list *t);
97
98 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES
99 #define ip6mr_for_each_table(mrt, net) \
100 list_for_each_entry_rcu(mrt, &net->ipv6.mr6_tables, list, \
101 lockdep_rtnl_is_held())
102
103 static struct mr_table *ip6mr_mr_table_iter(struct net *net,
104 struct mr_table *mrt)
105 {
106 struct mr_table *ret;
107
108 if (!mrt)
109 ret = list_entry_rcu(net->ipv6.mr6_tables.next,
110 struct mr_table, list);
111 else
112 ret = list_entry_rcu(mrt->list.next,
113 struct mr_table, list);
114
115 if (&ret->list == &net->ipv6.mr6_tables)
116 return NULL;
117 return ret;
118 }
119
120 static struct mr_table *ip6mr_get_table(struct net *net, u32 id)
121 {
122 struct mr_table *mrt;
123
124 ip6mr_for_each_table(mrt, net) {
125 if (mrt->id == id)
126 return mrt;
127 }
128 return NULL;
129 }
130
131 static int ip6mr_fib_lookup(struct net *net, struct flowi6 *flp6,
132 struct mr_table **mrt)
133 {
134 int err;
135 struct ip6mr_result res;
136 struct fib_lookup_arg arg = {
137 .result = &res,
138 .flags = FIB_LOOKUP_NOREF,
139 };
140
141 /* update flow if oif or iif point to device enslaved to l3mdev */
142 l3mdev_update_flow(net, flowi6_to_flowi(flp6));
143
144 err = fib_rules_lookup(net->ipv6.mr6_rules_ops,
145 flowi6_to_flowi(flp6), 0, &arg);
146 if (err < 0)
147 return err;
148 *mrt = res.mrt;
149 return 0;
150 }
151
152 static int ip6mr_rule_action(struct fib_rule *rule, struct flowi *flp,
153 int flags, struct fib_lookup_arg *arg)
154 {
155 struct ip6mr_result *res = arg->result;
156 struct mr_table *mrt;
157
158 switch (rule->action) {
159 case FR_ACT_TO_TBL:
160 break;
161 case FR_ACT_UNREACHABLE:
162 return -ENETUNREACH;
163 case FR_ACT_PROHIBIT:
164 return -EACCES;
165 case FR_ACT_BLACKHOLE:
166 default:
167 return -EINVAL;
168 }
169
170 arg->table = fib_rule_get_table(rule, arg);
171
172 mrt = ip6mr_get_table(rule->fr_net, arg->table);
173 if (!mrt)
174 return -EAGAIN;
175 res->mrt = mrt;
176 return 0;
177 }
178
179 static int ip6mr_rule_match(struct fib_rule *rule, struct flowi *flp, int flags)
180 {
181 return 1;
182 }
183
184 static const struct nla_policy ip6mr_rule_policy[FRA_MAX + 1] = {
185 FRA_GENERIC_POLICY,
186 };
187
188 static int ip6mr_rule_configure(struct fib_rule *rule, struct sk_buff *skb,
189 struct fib_rule_hdr *frh, struct nlattr **tb,
190 struct netlink_ext_ack *extack)
191 {
192 return 0;
193 }
194
195 static int ip6mr_rule_compare(struct fib_rule *rule, struct fib_rule_hdr *frh,
196 struct nlattr **tb)
197 {
198 return 1;
199 }
200
201 static int ip6mr_rule_fill(struct fib_rule *rule, struct sk_buff *skb,
202 struct fib_rule_hdr *frh)
203 {
204 frh->dst_len = 0;
205 frh->src_len = 0;
206 frh->tos = 0;
207 return 0;
208 }
209
210 static const struct fib_rules_ops __net_initconst ip6mr_rules_ops_template = {
211 .family = RTNL_FAMILY_IP6MR,
212 .rule_size = sizeof(struct ip6mr_rule),
213 .addr_size = sizeof(struct in6_addr),
214 .action = ip6mr_rule_action,
215 .match = ip6mr_rule_match,
216 .configure = ip6mr_rule_configure,
217 .compare = ip6mr_rule_compare,
218 .fill = ip6mr_rule_fill,
219 .nlgroup = RTNLGRP_IPV6_RULE,
220 .policy = ip6mr_rule_policy,
221 .owner = THIS_MODULE,
222 };
223
224 static int __net_init ip6mr_rules_init(struct net *net)
225 {
226 struct fib_rules_ops *ops;
227 struct mr_table *mrt;
228 int err;
229
230 ops = fib_rules_register(&ip6mr_rules_ops_template, net);
231 if (IS_ERR(ops))
232 return PTR_ERR(ops);
233
234 INIT_LIST_HEAD(&net->ipv6.mr6_tables);
235
236 mrt = ip6mr_new_table(net, RT6_TABLE_DFLT);
237 if (IS_ERR(mrt)) {
238 err = PTR_ERR(mrt);
239 goto err1;
240 }
241
242 err = fib_default_rule_add(ops, 0x7fff, RT6_TABLE_DFLT, 0);
243 if (err < 0)
244 goto err2;
245
246 net->ipv6.mr6_rules_ops = ops;
247 return 0;
248
249 err2:
250 ip6mr_free_table(mrt);
251 err1:
252 fib_rules_unregister(ops);
253 return err;
254 }
255
256 static void __net_exit ip6mr_rules_exit(struct net *net)
257 {
258 struct mr_table *mrt, *next;
259
260 rtnl_lock();
261 list_for_each_entry_safe(mrt, next, &net->ipv6.mr6_tables, list) {
262 list_del(&mrt->list);
263 ip6mr_free_table(mrt);
264 }
265 fib_rules_unregister(net->ipv6.mr6_rules_ops);
266 rtnl_unlock();
267 }
268
269 static int ip6mr_rules_dump(struct net *net, struct notifier_block *nb,
270 struct netlink_ext_ack *extack)
271 {
272 return fib_rules_dump(net, nb, RTNL_FAMILY_IP6MR, extack);
273 }
274
275 static unsigned int ip6mr_rules_seq_read(struct net *net)
276 {
277 return fib_rules_seq_read(net, RTNL_FAMILY_IP6MR);
278 }
279
280 bool ip6mr_rule_default(const struct fib_rule *rule)
281 {
282 return fib_rule_matchall(rule) && rule->action == FR_ACT_TO_TBL &&
283 rule->table == RT6_TABLE_DFLT && !rule->l3mdev;
284 }
285 EXPORT_SYMBOL(ip6mr_rule_default);
286 #else
287 #define ip6mr_for_each_table(mrt, net) \
288 for (mrt = net->ipv6.mrt6; mrt; mrt = NULL)
289
290 static struct mr_table *ip6mr_mr_table_iter(struct net *net,
291 struct mr_table *mrt)
292 {
293 if (!mrt)
294 return net->ipv6.mrt6;
295 return NULL;
296 }
297
298 static struct mr_table *ip6mr_get_table(struct net *net, u32 id)
299 {
300 return net->ipv6.mrt6;
301 }
302
303 static int ip6mr_fib_lookup(struct net *net, struct flowi6 *flp6,
304 struct mr_table **mrt)
305 {
306 *mrt = net->ipv6.mrt6;
307 return 0;
308 }
309
310 static int __net_init ip6mr_rules_init(struct net *net)
311 {
312 struct mr_table *mrt;
313
314 mrt = ip6mr_new_table(net, RT6_TABLE_DFLT);
315 if (IS_ERR(mrt))
316 return PTR_ERR(mrt);
317 net->ipv6.mrt6 = mrt;
318 return 0;
319 }
320
321 static void __net_exit ip6mr_rules_exit(struct net *net)
322 {
323 rtnl_lock();
324 ip6mr_free_table(net->ipv6.mrt6);
325 net->ipv6.mrt6 = NULL;
326 rtnl_unlock();
327 }
328
329 static int ip6mr_rules_dump(struct net *net, struct notifier_block *nb,
330 struct netlink_ext_ack *extack)
331 {
332 return 0;
333 }
334
335 static unsigned int ip6mr_rules_seq_read(struct net *net)
336 {
337 return 0;
338 }
339 #endif
340
341 static int ip6mr_hash_cmp(struct rhashtable_compare_arg *arg,
342 const void *ptr)
343 {
344 const struct mfc6_cache_cmp_arg *cmparg = arg->key;
345 struct mfc6_cache *c = (struct mfc6_cache *)ptr;
346
347 return !ipv6_addr_equal(&c->mf6c_mcastgrp, &cmparg->mf6c_mcastgrp) ||
348 !ipv6_addr_equal(&c->mf6c_origin, &cmparg->mf6c_origin);
349 }
350
351 static const struct rhashtable_params ip6mr_rht_params = {
352 .head_offset = offsetof(struct mr_mfc, mnode),
353 .key_offset = offsetof(struct mfc6_cache, cmparg),
354 .key_len = sizeof(struct mfc6_cache_cmp_arg),
355 .nelem_hint = 3,
356 .obj_cmpfn = ip6mr_hash_cmp,
357 .automatic_shrinking = true,
358 };
359
360 static void ip6mr_new_table_set(struct mr_table *mrt,
361 struct net *net)
362 {
363 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES
364 list_add_tail_rcu(&mrt->list, &net->ipv6.mr6_tables);
365 #endif
366 }
367
368 static struct mfc6_cache_cmp_arg ip6mr_mr_table_ops_cmparg_any = {
369 .mf6c_origin = IN6ADDR_ANY_INIT,
370 .mf6c_mcastgrp = IN6ADDR_ANY_INIT,
371 };
372
373 static struct mr_table_ops ip6mr_mr_table_ops = {
374 .rht_params = &ip6mr_rht_params,
375 .cmparg_any = &ip6mr_mr_table_ops_cmparg_any,
376 };
377
378 static struct mr_table *ip6mr_new_table(struct net *net, u32 id)
379 {
380 struct mr_table *mrt;
381
382 mrt = ip6mr_get_table(net, id);
383 if (mrt)
384 return mrt;
385
386 return mr_table_alloc(net, id, &ip6mr_mr_table_ops,
387 ipmr_expire_process, ip6mr_new_table_set);
388 }
389
390 static void ip6mr_free_table(struct mr_table *mrt)
391 {
392 del_timer_sync(&mrt->ipmr_expire_timer);
393 mroute_clean_tables(mrt, MRT6_FLUSH_MIFS | MRT6_FLUSH_MIFS_STATIC |
394 MRT6_FLUSH_MFC | MRT6_FLUSH_MFC_STATIC);
395 rhltable_destroy(&mrt->mfc_hash);
396 kfree(mrt);
397 }
398
399 #ifdef CONFIG_PROC_FS
400 /* The /proc interfaces to multicast routing
401 * /proc/ip6_mr_cache /proc/ip6_mr_vif
402 */
403
404 static void *ip6mr_vif_seq_start(struct seq_file *seq, loff_t *pos)
405 __acquires(mrt_lock)
406 {
407 struct mr_vif_iter *iter = seq->private;
408 struct net *net = seq_file_net(seq);
409 struct mr_table *mrt;
410
411 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT);
412 if (!mrt)
413 return ERR_PTR(-ENOENT);
414
415 iter->mrt = mrt;
416
417 read_lock(&mrt_lock);
418 return mr_vif_seq_start(seq, pos);
419 }
420
421 static void ip6mr_vif_seq_stop(struct seq_file *seq, void *v)
422 __releases(mrt_lock)
423 {
424 read_unlock(&mrt_lock);
425 }
426
427 static int ip6mr_vif_seq_show(struct seq_file *seq, void *v)
428 {
429 struct mr_vif_iter *iter = seq->private;
430 struct mr_table *mrt = iter->mrt;
431
432 if (v == SEQ_START_TOKEN) {
433 seq_puts(seq,
434 "Interface BytesIn PktsIn BytesOut PktsOut Flags\n");
435 } else {
436 const struct vif_device *vif = v;
437 const char *name = vif->dev ? vif->dev->name : "none";
438
439 seq_printf(seq,
440 "%2td %-10s %8ld %7ld %8ld %7ld %05X\n",
441 vif - mrt->vif_table,
442 name, vif->bytes_in, vif->pkt_in,
443 vif->bytes_out, vif->pkt_out,
444 vif->flags);
445 }
446 return 0;
447 }
448
449 static const struct seq_operations ip6mr_vif_seq_ops = {
450 .start = ip6mr_vif_seq_start,
451 .next = mr_vif_seq_next,
452 .stop = ip6mr_vif_seq_stop,
453 .show = ip6mr_vif_seq_show,
454 };
455
456 static void *ipmr_mfc_seq_start(struct seq_file *seq, loff_t *pos)
457 {
458 struct net *net = seq_file_net(seq);
459 struct mr_table *mrt;
460
461 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT);
462 if (!mrt)
463 return ERR_PTR(-ENOENT);
464
465 return mr_mfc_seq_start(seq, pos, mrt, &mfc_unres_lock);
466 }
467
468 static int ipmr_mfc_seq_show(struct seq_file *seq, void *v)
469 {
470 int n;
471
472 if (v == SEQ_START_TOKEN) {
473 seq_puts(seq,
474 "Group "
475 "Origin "
476 "Iif Pkts Bytes Wrong Oifs\n");
477 } else {
478 const struct mfc6_cache *mfc = v;
479 const struct mr_mfc_iter *it = seq->private;
480 struct mr_table *mrt = it->mrt;
481
482 seq_printf(seq, "%pI6 %pI6 %-3hd",
483 &mfc->mf6c_mcastgrp, &mfc->mf6c_origin,
484 mfc->_c.mfc_parent);
485
486 if (it->cache != &mrt->mfc_unres_queue) {
487 seq_printf(seq, " %8lu %8lu %8lu",
488 mfc->_c.mfc_un.res.pkt,
489 mfc->_c.mfc_un.res.bytes,
490 mfc->_c.mfc_un.res.wrong_if);
491 for (n = mfc->_c.mfc_un.res.minvif;
492 n < mfc->_c.mfc_un.res.maxvif; n++) {
493 if (VIF_EXISTS(mrt, n) &&
494 mfc->_c.mfc_un.res.ttls[n] < 255)
495 seq_printf(seq,
496 " %2d:%-3d", n,
497 mfc->_c.mfc_un.res.ttls[n]);
498 }
499 } else {
500 /* unresolved mfc_caches don't contain
501 * pkt, bytes and wrong_if values
502 */
503 seq_printf(seq, " %8lu %8lu %8lu", 0ul, 0ul, 0ul);
504 }
505 seq_putc(seq, '\n');
506 }
507 return 0;
508 }
509
510 static const struct seq_operations ipmr_mfc_seq_ops = {
511 .start = ipmr_mfc_seq_start,
512 .next = mr_mfc_seq_next,
513 .stop = mr_mfc_seq_stop,
514 .show = ipmr_mfc_seq_show,
515 };
516 #endif
517
518 #ifdef CONFIG_IPV6_PIMSM_V2
519
520 static int pim6_rcv(struct sk_buff *skb)
521 {
522 struct pimreghdr *pim;
523 struct ipv6hdr *encap;
524 struct net_device *reg_dev = NULL;
525 struct net *net = dev_net(skb->dev);
526 struct mr_table *mrt;
527 struct flowi6 fl6 = {
528 .flowi6_iif = skb->dev->ifindex,
529 .flowi6_mark = skb->mark,
530 };
531 int reg_vif_num;
532
533 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(*encap)))
534 goto drop;
535
536 pim = (struct pimreghdr *)skb_transport_header(skb);
537 if (pim->type != ((PIM_VERSION << 4) | PIM_TYPE_REGISTER) ||
538 (pim->flags & PIM_NULL_REGISTER) ||
539 (csum_ipv6_magic(&ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr,
540 sizeof(*pim), IPPROTO_PIM,
541 csum_partial((void *)pim, sizeof(*pim), 0)) &&
542 csum_fold(skb_checksum(skb, 0, skb->len, 0))))
543 goto drop;
544
545 /* check if the inner packet is destined to mcast group */
546 encap = (struct ipv6hdr *)(skb_transport_header(skb) +
547 sizeof(*pim));
548
549 if (!ipv6_addr_is_multicast(&encap->daddr) ||
550 encap->payload_len == 0 ||
551 ntohs(encap->payload_len) + sizeof(*pim) > skb->len)
552 goto drop;
553
554 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0)
555 goto drop;
556 reg_vif_num = mrt->mroute_reg_vif_num;
557
558 read_lock(&mrt_lock);
559 if (reg_vif_num >= 0)
560 reg_dev = mrt->vif_table[reg_vif_num].dev;
561 if (reg_dev)
562 dev_hold(reg_dev);
563 read_unlock(&mrt_lock);
564
565 if (!reg_dev)
566 goto drop;
567
568 skb->mac_header = skb->network_header;
569 skb_pull(skb, (u8 *)encap - skb->data);
570 skb_reset_network_header(skb);
571 skb->protocol = htons(ETH_P_IPV6);
572 skb->ip_summed = CHECKSUM_NONE;
573
574 skb_tunnel_rx(skb, reg_dev, dev_net(reg_dev));
575
576 netif_rx(skb);
577
578 dev_put(reg_dev);
579 return 0;
580 drop:
581 kfree_skb(skb);
582 return 0;
583 }
584
585 static const struct inet6_protocol pim6_protocol = {
586 .handler = pim6_rcv,
587 };
588
589 /* Service routines creating virtual interfaces: PIMREG */
590
591 static netdev_tx_t reg_vif_xmit(struct sk_buff *skb,
592 struct net_device *dev)
593 {
594 struct net *net = dev_net(dev);
595 struct mr_table *mrt;
596 struct flowi6 fl6 = {
597 .flowi6_oif = dev->ifindex,
598 .flowi6_iif = skb->skb_iif ? : LOOPBACK_IFINDEX,
599 .flowi6_mark = skb->mark,
600 };
601
602 if (!pskb_inet_may_pull(skb))
603 goto tx_err;
604
605 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0)
606 goto tx_err;
607
608 read_lock(&mrt_lock);
609 dev->stats.tx_bytes += skb->len;
610 dev->stats.tx_packets++;
611 ip6mr_cache_report(mrt, skb, mrt->mroute_reg_vif_num, MRT6MSG_WHOLEPKT);
612 read_unlock(&mrt_lock);
613 kfree_skb(skb);
614 return NETDEV_TX_OK;
615
616 tx_err:
617 dev->stats.tx_errors++;
618 kfree_skb(skb);
619 return NETDEV_TX_OK;
620 }
621
622 static int reg_vif_get_iflink(const struct net_device *dev)
623 {
624 return 0;
625 }
626
627 static const struct net_device_ops reg_vif_netdev_ops = {
628 .ndo_start_xmit = reg_vif_xmit,
629 .ndo_get_iflink = reg_vif_get_iflink,
630 };
631
632 static void reg_vif_setup(struct net_device *dev)
633 {
634 dev->type = ARPHRD_PIMREG;
635 dev->mtu = 1500 - sizeof(struct ipv6hdr) - 8;
636 dev->flags = IFF_NOARP;
637 dev->netdev_ops = &reg_vif_netdev_ops;
638 dev->needs_free_netdev = true;
639 dev->features |= NETIF_F_NETNS_LOCAL;
640 }
641
642 static struct net_device *ip6mr_reg_vif(struct net *net, struct mr_table *mrt)
643 {
644 struct net_device *dev;
645 char name[IFNAMSIZ];
646
647 if (mrt->id == RT6_TABLE_DFLT)
648 sprintf(name, "pim6reg");
649 else
650 sprintf(name, "pim6reg%u", mrt->id);
651
652 dev = alloc_netdev(0, name, NET_NAME_UNKNOWN, reg_vif_setup);
653 if (!dev)
654 return NULL;
655
656 dev_net_set(dev, net);
657
658 if (register_netdevice(dev)) {
659 free_netdev(dev);
660 return NULL;
661 }
662
663 if (dev_open(dev, NULL))
664 goto failure;
665
666 dev_hold(dev);
667 return dev;
668
669 failure:
670 unregister_netdevice(dev);
671 return NULL;
672 }
673 #endif
674
675 static int call_ip6mr_vif_entry_notifiers(struct net *net,
676 enum fib_event_type event_type,
677 struct vif_device *vif,
678 mifi_t vif_index, u32 tb_id)
679 {
680 return mr_call_vif_notifiers(net, RTNL_FAMILY_IP6MR, event_type,
681 vif, vif_index, tb_id,
682 &net->ipv6.ipmr_seq);
683 }
684
685 static int call_ip6mr_mfc_entry_notifiers(struct net *net,
686 enum fib_event_type event_type,
687 struct mfc6_cache *mfc, u32 tb_id)
688 {
689 return mr_call_mfc_notifiers(net, RTNL_FAMILY_IP6MR, event_type,
690 &mfc->_c, tb_id, &net->ipv6.ipmr_seq);
691 }
692
693 /* Delete a VIF entry */
694 static int mif6_delete(struct mr_table *mrt, int vifi, int notify,
695 struct list_head *head)
696 {
697 struct vif_device *v;
698 struct net_device *dev;
699 struct inet6_dev *in6_dev;
700
701 if (vifi < 0 || vifi >= mrt->maxvif)
702 return -EADDRNOTAVAIL;
703
704 v = &mrt->vif_table[vifi];
705
706 if (VIF_EXISTS(mrt, vifi))
707 call_ip6mr_vif_entry_notifiers(read_pnet(&mrt->net),
708 FIB_EVENT_VIF_DEL, v, vifi,
709 mrt->id);
710
711 write_lock_bh(&mrt_lock);
712 dev = v->dev;
713 v->dev = NULL;
714
715 if (!dev) {
716 write_unlock_bh(&mrt_lock);
717 return -EADDRNOTAVAIL;
718 }
719
720 #ifdef CONFIG_IPV6_PIMSM_V2
721 if (vifi == mrt->mroute_reg_vif_num)
722 mrt->mroute_reg_vif_num = -1;
723 #endif
724
725 if (vifi + 1 == mrt->maxvif) {
726 int tmp;
727 for (tmp = vifi - 1; tmp >= 0; tmp--) {
728 if (VIF_EXISTS(mrt, tmp))
729 break;
730 }
731 mrt->maxvif = tmp + 1;
732 }
733
734 write_unlock_bh(&mrt_lock);
735
736 dev_set_allmulti(dev, -1);
737
738 in6_dev = __in6_dev_get(dev);
739 if (in6_dev) {
740 in6_dev->cnf.mc_forwarding--;
741 inet6_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF,
742 NETCONFA_MC_FORWARDING,
743 dev->ifindex, &in6_dev->cnf);
744 }
745
746 if ((v->flags & MIFF_REGISTER) && !notify)
747 unregister_netdevice_queue(dev, head);
748
749 dev_put(dev);
750 return 0;
751 }
752
753 static inline void ip6mr_cache_free_rcu(struct rcu_head *head)
754 {
755 struct mr_mfc *c = container_of(head, struct mr_mfc, rcu);
756
757 kmem_cache_free(mrt_cachep, (struct mfc6_cache *)c);
758 }
759
760 static inline void ip6mr_cache_free(struct mfc6_cache *c)
761 {
762 call_rcu(&c->_c.rcu, ip6mr_cache_free_rcu);
763 }
764
765 /* Destroy an unresolved cache entry, killing queued skbs
766 and reporting error to netlink readers.
767 */
768
769 static void ip6mr_destroy_unres(struct mr_table *mrt, struct mfc6_cache *c)
770 {
771 struct net *net = read_pnet(&mrt->net);
772 struct sk_buff *skb;
773
774 atomic_dec(&mrt->cache_resolve_queue_len);
775
776 while ((skb = skb_dequeue(&c->_c.mfc_un.unres.unresolved)) != NULL) {
777 if (ipv6_hdr(skb)->version == 0) {
778 struct nlmsghdr *nlh = skb_pull(skb,
779 sizeof(struct ipv6hdr));
780 nlh->nlmsg_type = NLMSG_ERROR;
781 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr));
782 skb_trim(skb, nlh->nlmsg_len);
783 ((struct nlmsgerr *)nlmsg_data(nlh))->error = -ETIMEDOUT;
784 rtnl_unicast(skb, net, NETLINK_CB(skb).portid);
785 } else
786 kfree_skb(skb);
787 }
788
789 ip6mr_cache_free(c);
790 }
791
792
793 /* Timer process for all the unresolved queue. */
794
795 static void ipmr_do_expire_process(struct mr_table *mrt)
796 {
797 unsigned long now = jiffies;
798 unsigned long expires = 10 * HZ;
799 struct mr_mfc *c, *next;
800
801 list_for_each_entry_safe(c, next, &mrt->mfc_unres_queue, list) {
802 if (time_after(c->mfc_un.unres.expires, now)) {
803 /* not yet... */
804 unsigned long interval = c->mfc_un.unres.expires - now;
805 if (interval < expires)
806 expires = interval;
807 continue;
808 }
809
810 list_del(&c->list);
811 mr6_netlink_event(mrt, (struct mfc6_cache *)c, RTM_DELROUTE);
812 ip6mr_destroy_unres(mrt, (struct mfc6_cache *)c);
813 }
814
815 if (!list_empty(&mrt->mfc_unres_queue))
816 mod_timer(&mrt->ipmr_expire_timer, jiffies + expires);
817 }
818
819 static void ipmr_expire_process(struct timer_list *t)
820 {
821 struct mr_table *mrt = from_timer(mrt, t, ipmr_expire_timer);
822
823 if (!spin_trylock(&mfc_unres_lock)) {
824 mod_timer(&mrt->ipmr_expire_timer, jiffies + 1);
825 return;
826 }
827
828 if (!list_empty(&mrt->mfc_unres_queue))
829 ipmr_do_expire_process(mrt);
830
831 spin_unlock(&mfc_unres_lock);
832 }
833
834 /* Fill oifs list. It is called under write locked mrt_lock. */
835
836 static void ip6mr_update_thresholds(struct mr_table *mrt,
837 struct mr_mfc *cache,
838 unsigned char *ttls)
839 {
840 int vifi;
841
842 cache->mfc_un.res.minvif = MAXMIFS;
843 cache->mfc_un.res.maxvif = 0;
844 memset(cache->mfc_un.res.ttls, 255, MAXMIFS);
845
846 for (vifi = 0; vifi < mrt->maxvif; vifi++) {
847 if (VIF_EXISTS(mrt, vifi) &&
848 ttls[vifi] && ttls[vifi] < 255) {
849 cache->mfc_un.res.ttls[vifi] = ttls[vifi];
850 if (cache->mfc_un.res.minvif > vifi)
851 cache->mfc_un.res.minvif = vifi;
852 if (cache->mfc_un.res.maxvif <= vifi)
853 cache->mfc_un.res.maxvif = vifi + 1;
854 }
855 }
856 cache->mfc_un.res.lastuse = jiffies;
857 }
858
859 static int mif6_add(struct net *net, struct mr_table *mrt,
860 struct mif6ctl *vifc, int mrtsock)
861 {
862 int vifi = vifc->mif6c_mifi;
863 struct vif_device *v = &mrt->vif_table[vifi];
864 struct net_device *dev;
865 struct inet6_dev *in6_dev;
866 int err;
867
868 /* Is vif busy ? */
869 if (VIF_EXISTS(mrt, vifi))
870 return -EADDRINUSE;
871
872 switch (vifc->mif6c_flags) {
873 #ifdef CONFIG_IPV6_PIMSM_V2
874 case MIFF_REGISTER:
875 /*
876 * Special Purpose VIF in PIM
877 * All the packets will be sent to the daemon
878 */
879 if (mrt->mroute_reg_vif_num >= 0)
880 return -EADDRINUSE;
881 dev = ip6mr_reg_vif(net, mrt);
882 if (!dev)
883 return -ENOBUFS;
884 err = dev_set_allmulti(dev, 1);
885 if (err) {
886 unregister_netdevice(dev);
887 dev_put(dev);
888 return err;
889 }
890 break;
891 #endif
892 case 0:
893 dev = dev_get_by_index(net, vifc->mif6c_pifi);
894 if (!dev)
895 return -EADDRNOTAVAIL;
896 err = dev_set_allmulti(dev, 1);
897 if (err) {
898 dev_put(dev);
899 return err;
900 }
901 break;
902 default:
903 return -EINVAL;
904 }
905
906 in6_dev = __in6_dev_get(dev);
907 if (in6_dev) {
908 in6_dev->cnf.mc_forwarding++;
909 inet6_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF,
910 NETCONFA_MC_FORWARDING,
911 dev->ifindex, &in6_dev->cnf);
912 }
913
914 /* Fill in the VIF structures */
915 vif_device_init(v, dev, vifc->vifc_rate_limit, vifc->vifc_threshold,
916 vifc->mif6c_flags | (!mrtsock ? VIFF_STATIC : 0),
917 MIFF_REGISTER);
918
919 /* And finish update writing critical data */
920 write_lock_bh(&mrt_lock);
921 v->dev = dev;
922 #ifdef CONFIG_IPV6_PIMSM_V2
923 if (v->flags & MIFF_REGISTER)
924 mrt->mroute_reg_vif_num = vifi;
925 #endif
926 if (vifi + 1 > mrt->maxvif)
927 mrt->maxvif = vifi + 1;
928 write_unlock_bh(&mrt_lock);
929 call_ip6mr_vif_entry_notifiers(net, FIB_EVENT_VIF_ADD,
930 v, vifi, mrt->id);
931 return 0;
932 }
933
934 static struct mfc6_cache *ip6mr_cache_find(struct mr_table *mrt,
935 const struct in6_addr *origin,
936 const struct in6_addr *mcastgrp)
937 {
938 struct mfc6_cache_cmp_arg arg = {
939 .mf6c_origin = *origin,
940 .mf6c_mcastgrp = *mcastgrp,
941 };
942
943 return mr_mfc_find(mrt, &arg);
944 }
945
946 /* Look for a (*,G) entry */
947 static struct mfc6_cache *ip6mr_cache_find_any(struct mr_table *mrt,
948 struct in6_addr *mcastgrp,
949 mifi_t mifi)
950 {
951 struct mfc6_cache_cmp_arg arg = {
952 .mf6c_origin = in6addr_any,
953 .mf6c_mcastgrp = *mcastgrp,
954 };
955
956 if (ipv6_addr_any(mcastgrp))
957 return mr_mfc_find_any_parent(mrt, mifi);
958 return mr_mfc_find_any(mrt, mifi, &arg);
959 }
960
961 /* Look for a (S,G,iif) entry if parent != -1 */
962 static struct mfc6_cache *
963 ip6mr_cache_find_parent(struct mr_table *mrt,
964 const struct in6_addr *origin,
965 const struct in6_addr *mcastgrp,
966 int parent)
967 {
968 struct mfc6_cache_cmp_arg arg = {
969 .mf6c_origin = *origin,
970 .mf6c_mcastgrp = *mcastgrp,
971 };
972
973 return mr_mfc_find_parent(mrt, &arg, parent);
974 }
975
976 /* Allocate a multicast cache entry */
977 static struct mfc6_cache *ip6mr_cache_alloc(void)
978 {
979 struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_KERNEL);
980 if (!c)
981 return NULL;
982 c->_c.mfc_un.res.last_assert = jiffies - MFC_ASSERT_THRESH - 1;
983 c->_c.mfc_un.res.minvif = MAXMIFS;
984 c->_c.free = ip6mr_cache_free_rcu;
985 refcount_set(&c->_c.mfc_un.res.refcount, 1);
986 return c;
987 }
988
989 static struct mfc6_cache *ip6mr_cache_alloc_unres(void)
990 {
991 struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_ATOMIC);
992 if (!c)
993 return NULL;
994 skb_queue_head_init(&c->_c.mfc_un.unres.unresolved);
995 c->_c.mfc_un.unres.expires = jiffies + 10 * HZ;
996 return c;
997 }
998
999 /*
1000 * A cache entry has gone into a resolved state from queued
1001 */
1002
1003 static void ip6mr_cache_resolve(struct net *net, struct mr_table *mrt,
1004 struct mfc6_cache *uc, struct mfc6_cache *c)
1005 {
1006 struct sk_buff *skb;
1007
1008 /*
1009 * Play the pending entries through our router
1010 */
1011
1012 while ((skb = __skb_dequeue(&uc->_c.mfc_un.unres.unresolved))) {
1013 if (ipv6_hdr(skb)->version == 0) {
1014 struct nlmsghdr *nlh = skb_pull(skb,
1015 sizeof(struct ipv6hdr));
1016
1017 if (mr_fill_mroute(mrt, skb, &c->_c,
1018 nlmsg_data(nlh)) > 0) {
1019 nlh->nlmsg_len = skb_tail_pointer(skb) - (u8 *)nlh;
1020 } else {
1021 nlh->nlmsg_type = NLMSG_ERROR;
1022 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr));
1023 skb_trim(skb, nlh->nlmsg_len);
1024 ((struct nlmsgerr *)nlmsg_data(nlh))->error = -EMSGSIZE;
1025 }
1026 rtnl_unicast(skb, net, NETLINK_CB(skb).portid);
1027 } else
1028 ip6_mr_forward(net, mrt, skb->dev, skb, c);
1029 }
1030 }
1031
1032 /*
1033 * Bounce a cache query up to pim6sd and netlink.
1034 *
1035 * Called under mrt_lock.
1036 */
1037
1038 static int ip6mr_cache_report(struct mr_table *mrt, struct sk_buff *pkt,
1039 mifi_t mifi, int assert)
1040 {
1041 struct sock *mroute6_sk;
1042 struct sk_buff *skb;
1043 struct mrt6msg *msg;
1044 int ret;
1045
1046 #ifdef CONFIG_IPV6_PIMSM_V2
1047 if (assert == MRT6MSG_WHOLEPKT)
1048 skb = skb_realloc_headroom(pkt, -skb_network_offset(pkt)
1049 +sizeof(*msg));
1050 else
1051 #endif
1052 skb = alloc_skb(sizeof(struct ipv6hdr) + sizeof(*msg), GFP_ATOMIC);
1053
1054 if (!skb)
1055 return -ENOBUFS;
1056
1057 /* I suppose that internal messages
1058 * do not require checksums */
1059
1060 skb->ip_summed = CHECKSUM_UNNECESSARY;
1061
1062 #ifdef CONFIG_IPV6_PIMSM_V2
1063 if (assert == MRT6MSG_WHOLEPKT) {
1064 /* Ugly, but we have no choice with this interface.
1065 Duplicate old header, fix length etc.
1066 And all this only to mangle msg->im6_msgtype and
1067 to set msg->im6_mbz to "mbz" :-)
1068 */
1069 skb_push(skb, -skb_network_offset(pkt));
1070
1071 skb_push(skb, sizeof(*msg));
1072 skb_reset_transport_header(skb);
1073 msg = (struct mrt6msg *)skb_transport_header(skb);
1074 msg->im6_mbz = 0;
1075 msg->im6_msgtype = MRT6MSG_WHOLEPKT;
1076 msg->im6_mif = mrt->mroute_reg_vif_num;
1077 msg->im6_pad = 0;
1078 msg->im6_src = ipv6_hdr(pkt)->saddr;
1079 msg->im6_dst = ipv6_hdr(pkt)->daddr;
1080
1081 skb->ip_summed = CHECKSUM_UNNECESSARY;
1082 } else
1083 #endif
1084 {
1085 /*
1086 * Copy the IP header
1087 */
1088
1089 skb_put(skb, sizeof(struct ipv6hdr));
1090 skb_reset_network_header(skb);
1091 skb_copy_to_linear_data(skb, ipv6_hdr(pkt), sizeof(struct ipv6hdr));
1092
1093 /*
1094 * Add our header
1095 */
1096 skb_put(skb, sizeof(*msg));
1097 skb_reset_transport_header(skb);
1098 msg = (struct mrt6msg *)skb_transport_header(skb);
1099
1100 msg->im6_mbz = 0;
1101 msg->im6_msgtype = assert;
1102 msg->im6_mif = mifi;
1103 msg->im6_pad = 0;
1104 msg->im6_src = ipv6_hdr(pkt)->saddr;
1105 msg->im6_dst = ipv6_hdr(pkt)->daddr;
1106
1107 skb_dst_set(skb, dst_clone(skb_dst(pkt)));
1108 skb->ip_summed = CHECKSUM_UNNECESSARY;
1109 }
1110
1111 rcu_read_lock();
1112 mroute6_sk = rcu_dereference(mrt->mroute_sk);
1113 if (!mroute6_sk) {
1114 rcu_read_unlock();
1115 kfree_skb(skb);
1116 return -EINVAL;
1117 }
1118
1119 mrt6msg_netlink_event(mrt, skb);
1120
1121 /* Deliver to user space multicast routing algorithms */
1122 ret = sock_queue_rcv_skb(mroute6_sk, skb);
1123 rcu_read_unlock();
1124 if (ret < 0) {
1125 net_warn_ratelimited("mroute6: pending queue full, dropping entries\n");
1126 kfree_skb(skb);
1127 }
1128
1129 return ret;
1130 }
1131
1132 /* Queue a packet for resolution. It gets locked cache entry! */
1133 static int ip6mr_cache_unresolved(struct mr_table *mrt, mifi_t mifi,
1134 struct sk_buff *skb, struct net_device *dev)
1135 {
1136 struct mfc6_cache *c;
1137 bool found = false;
1138 int err;
1139
1140 spin_lock_bh(&mfc_unres_lock);
1141 list_for_each_entry(c, &mrt->mfc_unres_queue, _c.list) {
1142 if (ipv6_addr_equal(&c->mf6c_mcastgrp, &ipv6_hdr(skb)->daddr) &&
1143 ipv6_addr_equal(&c->mf6c_origin, &ipv6_hdr(skb)->saddr)) {
1144 found = true;
1145 break;
1146 }
1147 }
1148
1149 if (!found) {
1150 /*
1151 * Create a new entry if allowable
1152 */
1153
1154 c = ip6mr_cache_alloc_unres();
1155 if (!c) {
1156 spin_unlock_bh(&mfc_unres_lock);
1157
1158 kfree_skb(skb);
1159 return -ENOBUFS;
1160 }
1161
1162 /* Fill in the new cache entry */
1163 c->_c.mfc_parent = -1;
1164 c->mf6c_origin = ipv6_hdr(skb)->saddr;
1165 c->mf6c_mcastgrp = ipv6_hdr(skb)->daddr;
1166
1167 /*
1168 * Reflect first query at pim6sd
1169 */
1170 err = ip6mr_cache_report(mrt, skb, mifi, MRT6MSG_NOCACHE);
1171 if (err < 0) {
1172 /* If the report failed throw the cache entry
1173 out - Brad Parker
1174 */
1175 spin_unlock_bh(&mfc_unres_lock);
1176
1177 ip6mr_cache_free(c);
1178 kfree_skb(skb);
1179 return err;
1180 }
1181
1182 atomic_inc(&mrt->cache_resolve_queue_len);
1183 list_add(&c->_c.list, &mrt->mfc_unres_queue);
1184 mr6_netlink_event(mrt, c, RTM_NEWROUTE);
1185
1186 ipmr_do_expire_process(mrt);
1187 }
1188
1189 /* See if we can append the packet */
1190 if (c->_c.mfc_un.unres.unresolved.qlen > 3) {
1191 kfree_skb(skb);
1192 err = -ENOBUFS;
1193 } else {
1194 if (dev) {
1195 skb->dev = dev;
1196 skb->skb_iif = dev->ifindex;
1197 }
1198 skb_queue_tail(&c->_c.mfc_un.unres.unresolved, skb);
1199 err = 0;
1200 }
1201
1202 spin_unlock_bh(&mfc_unres_lock);
1203 return err;
1204 }
1205
1206 /*
1207 * MFC6 cache manipulation by user space
1208 */
1209
1210 static int ip6mr_mfc_delete(struct mr_table *mrt, struct mf6cctl *mfc,
1211 int parent)
1212 {
1213 struct mfc6_cache *c;
1214
1215 /* The entries are added/deleted only under RTNL */
1216 rcu_read_lock();
1217 c = ip6mr_cache_find_parent(mrt, &mfc->mf6cc_origin.sin6_addr,
1218 &mfc->mf6cc_mcastgrp.sin6_addr, parent);
1219 rcu_read_unlock();
1220 if (!c)
1221 return -ENOENT;
1222 rhltable_remove(&mrt->mfc_hash, &c->_c.mnode, ip6mr_rht_params);
1223 list_del_rcu(&c->_c.list);
1224
1225 call_ip6mr_mfc_entry_notifiers(read_pnet(&mrt->net),
1226 FIB_EVENT_ENTRY_DEL, c, mrt->id);
1227 mr6_netlink_event(mrt, c, RTM_DELROUTE);
1228 mr_cache_put(&c->_c);
1229 return 0;
1230 }
1231
1232 static int ip6mr_device_event(struct notifier_block *this,
1233 unsigned long event, void *ptr)
1234 {
1235 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1236 struct net *net = dev_net(dev);
1237 struct mr_table *mrt;
1238 struct vif_device *v;
1239 int ct;
1240
1241 if (event != NETDEV_UNREGISTER)
1242 return NOTIFY_DONE;
1243
1244 ip6mr_for_each_table(mrt, net) {
1245 v = &mrt->vif_table[0];
1246 for (ct = 0; ct < mrt->maxvif; ct++, v++) {
1247 if (v->dev == dev)
1248 mif6_delete(mrt, ct, 1, NULL);
1249 }
1250 }
1251
1252 return NOTIFY_DONE;
1253 }
1254
1255 static unsigned int ip6mr_seq_read(struct net *net)
1256 {
1257 ASSERT_RTNL();
1258
1259 return net->ipv6.ipmr_seq + ip6mr_rules_seq_read(net);
1260 }
1261
1262 static int ip6mr_dump(struct net *net, struct notifier_block *nb,
1263 struct netlink_ext_ack *extack)
1264 {
1265 return mr_dump(net, nb, RTNL_FAMILY_IP6MR, ip6mr_rules_dump,
1266 ip6mr_mr_table_iter, &mrt_lock, extack);
1267 }
1268
1269 static struct notifier_block ip6_mr_notifier = {
1270 .notifier_call = ip6mr_device_event
1271 };
1272
1273 static const struct fib_notifier_ops ip6mr_notifier_ops_template = {
1274 .family = RTNL_FAMILY_IP6MR,
1275 .fib_seq_read = ip6mr_seq_read,
1276 .fib_dump = ip6mr_dump,
1277 .owner = THIS_MODULE,
1278 };
1279
1280 static int __net_init ip6mr_notifier_init(struct net *net)
1281 {
1282 struct fib_notifier_ops *ops;
1283
1284 net->ipv6.ipmr_seq = 0;
1285
1286 ops = fib_notifier_ops_register(&ip6mr_notifier_ops_template, net);
1287 if (IS_ERR(ops))
1288 return PTR_ERR(ops);
1289
1290 net->ipv6.ip6mr_notifier_ops = ops;
1291
1292 return 0;
1293 }
1294
1295 static void __net_exit ip6mr_notifier_exit(struct net *net)
1296 {
1297 fib_notifier_ops_unregister(net->ipv6.ip6mr_notifier_ops);
1298 net->ipv6.ip6mr_notifier_ops = NULL;
1299 }
1300
1301 /* Setup for IP multicast routing */
1302 static int __net_init ip6mr_net_init(struct net *net)
1303 {
1304 int err;
1305
1306 err = ip6mr_notifier_init(net);
1307 if (err)
1308 return err;
1309
1310 err = ip6mr_rules_init(net);
1311 if (err < 0)
1312 goto ip6mr_rules_fail;
1313
1314 #ifdef CONFIG_PROC_FS
1315 err = -ENOMEM;
1316 if (!proc_create_net("ip6_mr_vif", 0, net->proc_net, &ip6mr_vif_seq_ops,
1317 sizeof(struct mr_vif_iter)))
1318 goto proc_vif_fail;
1319 if (!proc_create_net("ip6_mr_cache", 0, net->proc_net, &ipmr_mfc_seq_ops,
1320 sizeof(struct mr_mfc_iter)))
1321 goto proc_cache_fail;
1322 #endif
1323
1324 return 0;
1325
1326 #ifdef CONFIG_PROC_FS
1327 proc_cache_fail:
1328 remove_proc_entry("ip6_mr_vif", net->proc_net);
1329 proc_vif_fail:
1330 ip6mr_rules_exit(net);
1331 #endif
1332 ip6mr_rules_fail:
1333 ip6mr_notifier_exit(net);
1334 return err;
1335 }
1336
1337 static void __net_exit ip6mr_net_exit(struct net *net)
1338 {
1339 #ifdef CONFIG_PROC_FS
1340 remove_proc_entry("ip6_mr_cache", net->proc_net);
1341 remove_proc_entry("ip6_mr_vif", net->proc_net);
1342 #endif
1343 ip6mr_rules_exit(net);
1344 ip6mr_notifier_exit(net);
1345 }
1346
1347 static struct pernet_operations ip6mr_net_ops = {
1348 .init = ip6mr_net_init,
1349 .exit = ip6mr_net_exit,
1350 };
1351
1352 int __init ip6_mr_init(void)
1353 {
1354 int err;
1355
1356 mrt_cachep = kmem_cache_create("ip6_mrt_cache",
1357 sizeof(struct mfc6_cache),
1358 0, SLAB_HWCACHE_ALIGN,
1359 NULL);
1360 if (!mrt_cachep)
1361 return -ENOMEM;
1362
1363 err = register_pernet_subsys(&ip6mr_net_ops);
1364 if (err)
1365 goto reg_pernet_fail;
1366
1367 err = register_netdevice_notifier(&ip6_mr_notifier);
1368 if (err)
1369 goto reg_notif_fail;
1370 #ifdef CONFIG_IPV6_PIMSM_V2
1371 if (inet6_add_protocol(&pim6_protocol, IPPROTO_PIM) < 0) {
1372 pr_err("%s: can't add PIM protocol\n", __func__);
1373 err = -EAGAIN;
1374 goto add_proto_fail;
1375 }
1376 #endif
1377 err = rtnl_register_module(THIS_MODULE, RTNL_FAMILY_IP6MR, RTM_GETROUTE,
1378 NULL, ip6mr_rtm_dumproute, 0);
1379 if (err == 0)
1380 return 0;
1381
1382 #ifdef CONFIG_IPV6_PIMSM_V2
1383 inet6_del_protocol(&pim6_protocol, IPPROTO_PIM);
1384 add_proto_fail:
1385 unregister_netdevice_notifier(&ip6_mr_notifier);
1386 #endif
1387 reg_notif_fail:
1388 unregister_pernet_subsys(&ip6mr_net_ops);
1389 reg_pernet_fail:
1390 kmem_cache_destroy(mrt_cachep);
1391 return err;
1392 }
1393
1394 void ip6_mr_cleanup(void)
1395 {
1396 rtnl_unregister(RTNL_FAMILY_IP6MR, RTM_GETROUTE);
1397 #ifdef CONFIG_IPV6_PIMSM_V2
1398 inet6_del_protocol(&pim6_protocol, IPPROTO_PIM);
1399 #endif
1400 unregister_netdevice_notifier(&ip6_mr_notifier);
1401 unregister_pernet_subsys(&ip6mr_net_ops);
1402 kmem_cache_destroy(mrt_cachep);
1403 }
1404
1405 static int ip6mr_mfc_add(struct net *net, struct mr_table *mrt,
1406 struct mf6cctl *mfc, int mrtsock, int parent)
1407 {
1408 unsigned char ttls[MAXMIFS];
1409 struct mfc6_cache *uc, *c;
1410 struct mr_mfc *_uc;
1411 bool found;
1412 int i, err;
1413
1414 if (mfc->mf6cc_parent >= MAXMIFS)
1415 return -ENFILE;
1416
1417 memset(ttls, 255, MAXMIFS);
1418 for (i = 0; i < MAXMIFS; i++) {
1419 if (IF_ISSET(i, &mfc->mf6cc_ifset))
1420 ttls[i] = 1;
1421 }
1422
1423 /* The entries are added/deleted only under RTNL */
1424 rcu_read_lock();
1425 c = ip6mr_cache_find_parent(mrt, &mfc->mf6cc_origin.sin6_addr,
1426 &mfc->mf6cc_mcastgrp.sin6_addr, parent);
1427 rcu_read_unlock();
1428 if (c) {
1429 write_lock_bh(&mrt_lock);
1430 c->_c.mfc_parent = mfc->mf6cc_parent;
1431 ip6mr_update_thresholds(mrt, &c->_c, ttls);
1432 if (!mrtsock)
1433 c->_c.mfc_flags |= MFC_STATIC;
1434 write_unlock_bh(&mrt_lock);
1435 call_ip6mr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_REPLACE,
1436 c, mrt->id);
1437 mr6_netlink_event(mrt, c, RTM_NEWROUTE);
1438 return 0;
1439 }
1440
1441 if (!ipv6_addr_any(&mfc->mf6cc_mcastgrp.sin6_addr) &&
1442 !ipv6_addr_is_multicast(&mfc->mf6cc_mcastgrp.sin6_addr))
1443 return -EINVAL;
1444
1445 c = ip6mr_cache_alloc();
1446 if (!c)
1447 return -ENOMEM;
1448
1449 c->mf6c_origin = mfc->mf6cc_origin.sin6_addr;
1450 c->mf6c_mcastgrp = mfc->mf6cc_mcastgrp.sin6_addr;
1451 c->_c.mfc_parent = mfc->mf6cc_parent;
1452 ip6mr_update_thresholds(mrt, &c->_c, ttls);
1453 if (!mrtsock)
1454 c->_c.mfc_flags |= MFC_STATIC;
1455
1456 err = rhltable_insert_key(&mrt->mfc_hash, &c->cmparg, &c->_c.mnode,
1457 ip6mr_rht_params);
1458 if (err) {
1459 pr_err("ip6mr: rhtable insert error %d\n", err);
1460 ip6mr_cache_free(c);
1461 return err;
1462 }
1463 list_add_tail_rcu(&c->_c.list, &mrt->mfc_cache_list);
1464
1465 /* Check to see if we resolved a queued list. If so we
1466 * need to send on the frames and tidy up.
1467 */
1468 found = false;
1469 spin_lock_bh(&mfc_unres_lock);
1470 list_for_each_entry(_uc, &mrt->mfc_unres_queue, list) {
1471 uc = (struct mfc6_cache *)_uc;
1472 if (ipv6_addr_equal(&uc->mf6c_origin, &c->mf6c_origin) &&
1473 ipv6_addr_equal(&uc->mf6c_mcastgrp, &c->mf6c_mcastgrp)) {
1474 list_del(&_uc->list);
1475 atomic_dec(&mrt->cache_resolve_queue_len);
1476 found = true;
1477 break;
1478 }
1479 }
1480 if (list_empty(&mrt->mfc_unres_queue))
1481 del_timer(&mrt->ipmr_expire_timer);
1482 spin_unlock_bh(&mfc_unres_lock);
1483
1484 if (found) {
1485 ip6mr_cache_resolve(net, mrt, uc, c);
1486 ip6mr_cache_free(uc);
1487 }
1488 call_ip6mr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_ADD,
1489 c, mrt->id);
1490 mr6_netlink_event(mrt, c, RTM_NEWROUTE);
1491 return 0;
1492 }
1493
1494 /*
1495 * Close the multicast socket, and clear the vif tables etc
1496 */
1497
1498 static void mroute_clean_tables(struct mr_table *mrt, int flags)
1499 {
1500 struct mr_mfc *c, *tmp;
1501 LIST_HEAD(list);
1502 int i;
1503
1504 /* Shut down all active vif entries */
1505 if (flags & (MRT6_FLUSH_MIFS | MRT6_FLUSH_MIFS_STATIC)) {
1506 for (i = 0; i < mrt->maxvif; i++) {
1507 if (((mrt->vif_table[i].flags & VIFF_STATIC) &&
1508 !(flags & MRT6_FLUSH_MIFS_STATIC)) ||
1509 (!(mrt->vif_table[i].flags & VIFF_STATIC) && !(flags & MRT6_FLUSH_MIFS)))
1510 continue;
1511 mif6_delete(mrt, i, 0, &list);
1512 }
1513 unregister_netdevice_many(&list);
1514 }
1515
1516 /* Wipe the cache */
1517 if (flags & (MRT6_FLUSH_MFC | MRT6_FLUSH_MFC_STATIC)) {
1518 list_for_each_entry_safe(c, tmp, &mrt->mfc_cache_list, list) {
1519 if (((c->mfc_flags & MFC_STATIC) && !(flags & MRT6_FLUSH_MFC_STATIC)) ||
1520 (!(c->mfc_flags & MFC_STATIC) && !(flags & MRT6_FLUSH_MFC)))
1521 continue;
1522 rhltable_remove(&mrt->mfc_hash, &c->mnode, ip6mr_rht_params);
1523 list_del_rcu(&c->list);
1524 call_ip6mr_mfc_entry_notifiers(read_pnet(&mrt->net),
1525 FIB_EVENT_ENTRY_DEL,
1526 (struct mfc6_cache *)c, mrt->id);
1527 mr6_netlink_event(mrt, (struct mfc6_cache *)c, RTM_DELROUTE);
1528 mr_cache_put(c);
1529 }
1530 }
1531
1532 if (flags & MRT6_FLUSH_MFC) {
1533 if (atomic_read(&mrt->cache_resolve_queue_len) != 0) {
1534 spin_lock_bh(&mfc_unres_lock);
1535 list_for_each_entry_safe(c, tmp, &mrt->mfc_unres_queue, list) {
1536 list_del(&c->list);
1537 mr6_netlink_event(mrt, (struct mfc6_cache *)c,
1538 RTM_DELROUTE);
1539 ip6mr_destroy_unres(mrt, (struct mfc6_cache *)c);
1540 }
1541 spin_unlock_bh(&mfc_unres_lock);
1542 }
1543 }
1544 }
1545
1546 static int ip6mr_sk_init(struct mr_table *mrt, struct sock *sk)
1547 {
1548 int err = 0;
1549 struct net *net = sock_net(sk);
1550
1551 rtnl_lock();
1552 write_lock_bh(&mrt_lock);
1553 if (rtnl_dereference(mrt->mroute_sk)) {
1554 err = -EADDRINUSE;
1555 } else {
1556 rcu_assign_pointer(mrt->mroute_sk, sk);
1557 sock_set_flag(sk, SOCK_RCU_FREE);
1558 net->ipv6.devconf_all->mc_forwarding++;
1559 }
1560 write_unlock_bh(&mrt_lock);
1561
1562 if (!err)
1563 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF,
1564 NETCONFA_MC_FORWARDING,
1565 NETCONFA_IFINDEX_ALL,
1566 net->ipv6.devconf_all);
1567 rtnl_unlock();
1568
1569 return err;
1570 }
1571
1572 int ip6mr_sk_done(struct sock *sk)
1573 {
1574 int err = -EACCES;
1575 struct net *net = sock_net(sk);
1576 struct mr_table *mrt;
1577
1578 if (sk->sk_type != SOCK_RAW ||
1579 inet_sk(sk)->inet_num != IPPROTO_ICMPV6)
1580 return err;
1581
1582 rtnl_lock();
1583 ip6mr_for_each_table(mrt, net) {
1584 if (sk == rtnl_dereference(mrt->mroute_sk)) {
1585 write_lock_bh(&mrt_lock);
1586 RCU_INIT_POINTER(mrt->mroute_sk, NULL);
1587 /* Note that mroute_sk had SOCK_RCU_FREE set,
1588 * so the RCU grace period before sk freeing
1589 * is guaranteed by sk_destruct()
1590 */
1591 net->ipv6.devconf_all->mc_forwarding--;
1592 write_unlock_bh(&mrt_lock);
1593 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF,
1594 NETCONFA_MC_FORWARDING,
1595 NETCONFA_IFINDEX_ALL,
1596 net->ipv6.devconf_all);
1597
1598 mroute_clean_tables(mrt, MRT6_FLUSH_MIFS | MRT6_FLUSH_MFC);
1599 err = 0;
1600 break;
1601 }
1602 }
1603 rtnl_unlock();
1604
1605 return err;
1606 }
1607
1608 bool mroute6_is_socket(struct net *net, struct sk_buff *skb)
1609 {
1610 struct mr_table *mrt;
1611 struct flowi6 fl6 = {
1612 .flowi6_iif = skb->skb_iif ? : LOOPBACK_IFINDEX,
1613 .flowi6_oif = skb->dev->ifindex,
1614 .flowi6_mark = skb->mark,
1615 };
1616
1617 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0)
1618 return NULL;
1619
1620 return rcu_access_pointer(mrt->mroute_sk);
1621 }
1622 EXPORT_SYMBOL(mroute6_is_socket);
1623
1624 /*
1625 * Socket options and virtual interface manipulation. The whole
1626 * virtual interface system is a complete heap, but unfortunately
1627 * that's how BSD mrouted happens to think. Maybe one day with a proper
1628 * MOSPF/PIM router set up we can clean this up.
1629 */
1630
1631 int ip6_mroute_setsockopt(struct sock *sk, int optname, char __user *optval, unsigned int optlen)
1632 {
1633 int ret, parent = 0;
1634 struct mif6ctl vif;
1635 struct mf6cctl mfc;
1636 mifi_t mifi;
1637 struct net *net = sock_net(sk);
1638 struct mr_table *mrt;
1639
1640 if (sk->sk_type != SOCK_RAW ||
1641 inet_sk(sk)->inet_num != IPPROTO_ICMPV6)
1642 return -EOPNOTSUPP;
1643
1644 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1645 if (!mrt)
1646 return -ENOENT;
1647
1648 if (optname != MRT6_INIT) {
1649 if (sk != rcu_access_pointer(mrt->mroute_sk) &&
1650 !ns_capable(net->user_ns, CAP_NET_ADMIN))
1651 return -EACCES;
1652 }
1653
1654 switch (optname) {
1655 case MRT6_INIT:
1656 if (optlen < sizeof(int))
1657 return -EINVAL;
1658
1659 return ip6mr_sk_init(mrt, sk);
1660
1661 case MRT6_DONE:
1662 return ip6mr_sk_done(sk);
1663
1664 case MRT6_ADD_MIF:
1665 if (optlen < sizeof(vif))
1666 return -EINVAL;
1667 if (copy_from_user(&vif, optval, sizeof(vif)))
1668 return -EFAULT;
1669 if (vif.mif6c_mifi >= MAXMIFS)
1670 return -ENFILE;
1671 rtnl_lock();
1672 ret = mif6_add(net, mrt, &vif,
1673 sk == rtnl_dereference(mrt->mroute_sk));
1674 rtnl_unlock();
1675 return ret;
1676
1677 case MRT6_DEL_MIF:
1678 if (optlen < sizeof(mifi_t))
1679 return -EINVAL;
1680 if (copy_from_user(&mifi, optval, sizeof(mifi_t)))
1681 return -EFAULT;
1682 rtnl_lock();
1683 ret = mif6_delete(mrt, mifi, 0, NULL);
1684 rtnl_unlock();
1685 return ret;
1686
1687 /*
1688 * Manipulate the forwarding caches. These live
1689 * in a sort of kernel/user symbiosis.
1690 */
1691 case MRT6_ADD_MFC:
1692 case MRT6_DEL_MFC:
1693 parent = -1;
1694 fallthrough;
1695 case MRT6_ADD_MFC_PROXY:
1696 case MRT6_DEL_MFC_PROXY:
1697 if (optlen < sizeof(mfc))
1698 return -EINVAL;
1699 if (copy_from_user(&mfc, optval, sizeof(mfc)))
1700 return -EFAULT;
1701 if (parent == 0)
1702 parent = mfc.mf6cc_parent;
1703 rtnl_lock();
1704 if (optname == MRT6_DEL_MFC || optname == MRT6_DEL_MFC_PROXY)
1705 ret = ip6mr_mfc_delete(mrt, &mfc, parent);
1706 else
1707 ret = ip6mr_mfc_add(net, mrt, &mfc,
1708 sk ==
1709 rtnl_dereference(mrt->mroute_sk),
1710 parent);
1711 rtnl_unlock();
1712 return ret;
1713
1714 case MRT6_FLUSH:
1715 {
1716 int flags;
1717
1718 if (optlen != sizeof(flags))
1719 return -EINVAL;
1720 if (get_user(flags, (int __user *)optval))
1721 return -EFAULT;
1722 rtnl_lock();
1723 mroute_clean_tables(mrt, flags);
1724 rtnl_unlock();
1725 return 0;
1726 }
1727
1728 /*
1729 * Control PIM assert (to activate pim will activate assert)
1730 */
1731 case MRT6_ASSERT:
1732 {
1733 int v;
1734
1735 if (optlen != sizeof(v))
1736 return -EINVAL;
1737 if (get_user(v, (int __user *)optval))
1738 return -EFAULT;
1739 mrt->mroute_do_assert = v;
1740 return 0;
1741 }
1742
1743 #ifdef CONFIG_IPV6_PIMSM_V2
1744 case MRT6_PIM:
1745 {
1746 int v;
1747
1748 if (optlen != sizeof(v))
1749 return -EINVAL;
1750 if (get_user(v, (int __user *)optval))
1751 return -EFAULT;
1752 v = !!v;
1753 rtnl_lock();
1754 ret = 0;
1755 if (v != mrt->mroute_do_pim) {
1756 mrt->mroute_do_pim = v;
1757 mrt->mroute_do_assert = v;
1758 }
1759 rtnl_unlock();
1760 return ret;
1761 }
1762
1763 #endif
1764 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES
1765 case MRT6_TABLE:
1766 {
1767 u32 v;
1768
1769 if (optlen != sizeof(u32))
1770 return -EINVAL;
1771 if (get_user(v, (u32 __user *)optval))
1772 return -EFAULT;
1773 /* "pim6reg%u" should not exceed 16 bytes (IFNAMSIZ) */
1774 if (v != RT_TABLE_DEFAULT && v >= 100000000)
1775 return -EINVAL;
1776 if (sk == rcu_access_pointer(mrt->mroute_sk))
1777 return -EBUSY;
1778
1779 rtnl_lock();
1780 ret = 0;
1781 mrt = ip6mr_new_table(net, v);
1782 if (IS_ERR(mrt))
1783 ret = PTR_ERR(mrt);
1784 else
1785 raw6_sk(sk)->ip6mr_table = v;
1786 rtnl_unlock();
1787 return ret;
1788 }
1789 #endif
1790 /*
1791 * Spurious command, or MRT6_VERSION which you cannot
1792 * set.
1793 */
1794 default:
1795 return -ENOPROTOOPT;
1796 }
1797 }
1798
1799 /*
1800 * Getsock opt support for the multicast routing system.
1801 */
1802
1803 int ip6_mroute_getsockopt(struct sock *sk, int optname, char __user *optval,
1804 int __user *optlen)
1805 {
1806 int olr;
1807 int val;
1808 struct net *net = sock_net(sk);
1809 struct mr_table *mrt;
1810
1811 if (sk->sk_type != SOCK_RAW ||
1812 inet_sk(sk)->inet_num != IPPROTO_ICMPV6)
1813 return -EOPNOTSUPP;
1814
1815 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1816 if (!mrt)
1817 return -ENOENT;
1818
1819 switch (optname) {
1820 case MRT6_VERSION:
1821 val = 0x0305;
1822 break;
1823 #ifdef CONFIG_IPV6_PIMSM_V2
1824 case MRT6_PIM:
1825 val = mrt->mroute_do_pim;
1826 break;
1827 #endif
1828 case MRT6_ASSERT:
1829 val = mrt->mroute_do_assert;
1830 break;
1831 default:
1832 return -ENOPROTOOPT;
1833 }
1834
1835 if (get_user(olr, optlen))
1836 return -EFAULT;
1837
1838 olr = min_t(int, olr, sizeof(int));
1839 if (olr < 0)
1840 return -EINVAL;
1841
1842 if (put_user(olr, optlen))
1843 return -EFAULT;
1844 if (copy_to_user(optval, &val, olr))
1845 return -EFAULT;
1846 return 0;
1847 }
1848
1849 /*
1850 * The IP multicast ioctl support routines.
1851 */
1852
1853 int ip6mr_ioctl(struct sock *sk, int cmd, void __user *arg)
1854 {
1855 struct sioc_sg_req6 sr;
1856 struct sioc_mif_req6 vr;
1857 struct vif_device *vif;
1858 struct mfc6_cache *c;
1859 struct net *net = sock_net(sk);
1860 struct mr_table *mrt;
1861
1862 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1863 if (!mrt)
1864 return -ENOENT;
1865
1866 switch (cmd) {
1867 case SIOCGETMIFCNT_IN6:
1868 if (copy_from_user(&vr, arg, sizeof(vr)))
1869 return -EFAULT;
1870 if (vr.mifi >= mrt->maxvif)
1871 return -EINVAL;
1872 vr.mifi = array_index_nospec(vr.mifi, mrt->maxvif);
1873 read_lock(&mrt_lock);
1874 vif = &mrt->vif_table[vr.mifi];
1875 if (VIF_EXISTS(mrt, vr.mifi)) {
1876 vr.icount = vif->pkt_in;
1877 vr.ocount = vif->pkt_out;
1878 vr.ibytes = vif->bytes_in;
1879 vr.obytes = vif->bytes_out;
1880 read_unlock(&mrt_lock);
1881
1882 if (copy_to_user(arg, &vr, sizeof(vr)))
1883 return -EFAULT;
1884 return 0;
1885 }
1886 read_unlock(&mrt_lock);
1887 return -EADDRNOTAVAIL;
1888 case SIOCGETSGCNT_IN6:
1889 if (copy_from_user(&sr, arg, sizeof(sr)))
1890 return -EFAULT;
1891
1892 rcu_read_lock();
1893 c = ip6mr_cache_find(mrt, &sr.src.sin6_addr, &sr.grp.sin6_addr);
1894 if (c) {
1895 sr.pktcnt = c->_c.mfc_un.res.pkt;
1896 sr.bytecnt = c->_c.mfc_un.res.bytes;
1897 sr.wrong_if = c->_c.mfc_un.res.wrong_if;
1898 rcu_read_unlock();
1899
1900 if (copy_to_user(arg, &sr, sizeof(sr)))
1901 return -EFAULT;
1902 return 0;
1903 }
1904 rcu_read_unlock();
1905 return -EADDRNOTAVAIL;
1906 default:
1907 return -ENOIOCTLCMD;
1908 }
1909 }
1910
1911 #ifdef CONFIG_COMPAT
1912 struct compat_sioc_sg_req6 {
1913 struct sockaddr_in6 src;
1914 struct sockaddr_in6 grp;
1915 compat_ulong_t pktcnt;
1916 compat_ulong_t bytecnt;
1917 compat_ulong_t wrong_if;
1918 };
1919
1920 struct compat_sioc_mif_req6 {
1921 mifi_t mifi;
1922 compat_ulong_t icount;
1923 compat_ulong_t ocount;
1924 compat_ulong_t ibytes;
1925 compat_ulong_t obytes;
1926 };
1927
1928 int ip6mr_compat_ioctl(struct sock *sk, unsigned int cmd, void __user *arg)
1929 {
1930 struct compat_sioc_sg_req6 sr;
1931 struct compat_sioc_mif_req6 vr;
1932 struct vif_device *vif;
1933 struct mfc6_cache *c;
1934 struct net *net = sock_net(sk);
1935 struct mr_table *mrt;
1936
1937 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1938 if (!mrt)
1939 return -ENOENT;
1940
1941 switch (cmd) {
1942 case SIOCGETMIFCNT_IN6:
1943 if (copy_from_user(&vr, arg, sizeof(vr)))
1944 return -EFAULT;
1945 if (vr.mifi >= mrt->maxvif)
1946 return -EINVAL;
1947 vr.mifi = array_index_nospec(vr.mifi, mrt->maxvif);
1948 read_lock(&mrt_lock);
1949 vif = &mrt->vif_table[vr.mifi];
1950 if (VIF_EXISTS(mrt, vr.mifi)) {
1951 vr.icount = vif->pkt_in;
1952 vr.ocount = vif->pkt_out;
1953 vr.ibytes = vif->bytes_in;
1954 vr.obytes = vif->bytes_out;
1955 read_unlock(&mrt_lock);
1956
1957 if (copy_to_user(arg, &vr, sizeof(vr)))
1958 return -EFAULT;
1959 return 0;
1960 }
1961 read_unlock(&mrt_lock);
1962 return -EADDRNOTAVAIL;
1963 case SIOCGETSGCNT_IN6:
1964 if (copy_from_user(&sr, arg, sizeof(sr)))
1965 return -EFAULT;
1966
1967 rcu_read_lock();
1968 c = ip6mr_cache_find(mrt, &sr.src.sin6_addr, &sr.grp.sin6_addr);
1969 if (c) {
1970 sr.pktcnt = c->_c.mfc_un.res.pkt;
1971 sr.bytecnt = c->_c.mfc_un.res.bytes;
1972 sr.wrong_if = c->_c.mfc_un.res.wrong_if;
1973 rcu_read_unlock();
1974
1975 if (copy_to_user(arg, &sr, sizeof(sr)))
1976 return -EFAULT;
1977 return 0;
1978 }
1979 rcu_read_unlock();
1980 return -EADDRNOTAVAIL;
1981 default:
1982 return -ENOIOCTLCMD;
1983 }
1984 }
1985 #endif
1986
1987 static inline int ip6mr_forward2_finish(struct net *net, struct sock *sk, struct sk_buff *skb)
1988 {
1989 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
1990 IPSTATS_MIB_OUTFORWDATAGRAMS);
1991 IP6_ADD_STATS(net, ip6_dst_idev(skb_dst(skb)),
1992 IPSTATS_MIB_OUTOCTETS, skb->len);
1993 return dst_output(net, sk, skb);
1994 }
1995
1996 /*
1997 * Processing handlers for ip6mr_forward
1998 */
1999
2000 static int ip6mr_forward2(struct net *net, struct mr_table *mrt,
2001 struct sk_buff *skb, int vifi)
2002 {
2003 struct ipv6hdr *ipv6h;
2004 struct vif_device *vif = &mrt->vif_table[vifi];
2005 struct net_device *dev;
2006 struct dst_entry *dst;
2007 struct flowi6 fl6;
2008
2009 if (!vif->dev)
2010 goto out_free;
2011
2012 #ifdef CONFIG_IPV6_PIMSM_V2
2013 if (vif->flags & MIFF_REGISTER) {
2014 vif->pkt_out++;
2015 vif->bytes_out += skb->len;
2016 vif->dev->stats.tx_bytes += skb->len;
2017 vif->dev->stats.tx_packets++;
2018 ip6mr_cache_report(mrt, skb, vifi, MRT6MSG_WHOLEPKT);
2019 goto out_free;
2020 }
2021 #endif
2022
2023 ipv6h = ipv6_hdr(skb);
2024
2025 fl6 = (struct flowi6) {
2026 .flowi6_oif = vif->link,
2027 .daddr = ipv6h->daddr,
2028 };
2029
2030 dst = ip6_route_output(net, NULL, &fl6);
2031 if (dst->error) {
2032 dst_release(dst);
2033 goto out_free;
2034 }
2035
2036 skb_dst_drop(skb);
2037 skb_dst_set(skb, dst);
2038
2039 /*
2040 * RFC1584 teaches, that DVMRP/PIM router must deliver packets locally
2041 * not only before forwarding, but after forwarding on all output
2042 * interfaces. It is clear, if mrouter runs a multicasting
2043 * program, it should receive packets not depending to what interface
2044 * program is joined.
2045 * If we will not make it, the program will have to join on all
2046 * interfaces. On the other hand, multihoming host (or router, but
2047 * not mrouter) cannot join to more than one interface - it will
2048 * result in receiving multiple packets.
2049 */
2050 dev = vif->dev;
2051 skb->dev = dev;
2052 vif->pkt_out++;
2053 vif->bytes_out += skb->len;
2054
2055 /* We are about to write */
2056 /* XXX: extension headers? */
2057 if (skb_cow(skb, sizeof(*ipv6h) + LL_RESERVED_SPACE(dev)))
2058 goto out_free;
2059
2060 ipv6h = ipv6_hdr(skb);
2061 ipv6h->hop_limit--;
2062
2063 IP6CB(skb)->flags |= IP6SKB_FORWARDED;
2064
2065 return NF_HOOK(NFPROTO_IPV6, NF_INET_FORWARD,
2066 net, NULL, skb, skb->dev, dev,
2067 ip6mr_forward2_finish);
2068
2069 out_free:
2070 kfree_skb(skb);
2071 return 0;
2072 }
2073
2074 static int ip6mr_find_vif(struct mr_table *mrt, struct net_device *dev)
2075 {
2076 int ct;
2077
2078 for (ct = mrt->maxvif - 1; ct >= 0; ct--) {
2079 if (mrt->vif_table[ct].dev == dev)
2080 break;
2081 }
2082 return ct;
2083 }
2084
2085 static void ip6_mr_forward(struct net *net, struct mr_table *mrt,
2086 struct net_device *dev, struct sk_buff *skb,
2087 struct mfc6_cache *c)
2088 {
2089 int psend = -1;
2090 int vif, ct;
2091 int true_vifi = ip6mr_find_vif(mrt, dev);
2092
2093 vif = c->_c.mfc_parent;
2094 c->_c.mfc_un.res.pkt++;
2095 c->_c.mfc_un.res.bytes += skb->len;
2096 c->_c.mfc_un.res.lastuse = jiffies;
2097
2098 if (ipv6_addr_any(&c->mf6c_origin) && true_vifi >= 0) {
2099 struct mfc6_cache *cache_proxy;
2100
2101 /* For an (*,G) entry, we only check that the incoming
2102 * interface is part of the static tree.
2103 */
2104 rcu_read_lock();
2105 cache_proxy = mr_mfc_find_any_parent(mrt, vif);
2106 if (cache_proxy &&
2107 cache_proxy->_c.mfc_un.res.ttls[true_vifi] < 255) {
2108 rcu_read_unlock();
2109 goto forward;
2110 }
2111 rcu_read_unlock();
2112 }
2113
2114 /*
2115 * Wrong interface: drop packet and (maybe) send PIM assert.
2116 */
2117 if (mrt->vif_table[vif].dev != dev) {
2118 c->_c.mfc_un.res.wrong_if++;
2119
2120 if (true_vifi >= 0 && mrt->mroute_do_assert &&
2121 /* pimsm uses asserts, when switching from RPT to SPT,
2122 so that we cannot check that packet arrived on an oif.
2123 It is bad, but otherwise we would need to move pretty
2124 large chunk of pimd to kernel. Ough... --ANK
2125 */
2126 (mrt->mroute_do_pim ||
2127 c->_c.mfc_un.res.ttls[true_vifi] < 255) &&
2128 time_after(jiffies,
2129 c->_c.mfc_un.res.last_assert +
2130 MFC_ASSERT_THRESH)) {
2131 c->_c.mfc_un.res.last_assert = jiffies;
2132 ip6mr_cache_report(mrt, skb, true_vifi, MRT6MSG_WRONGMIF);
2133 }
2134 goto dont_forward;
2135 }
2136
2137 forward:
2138 mrt->vif_table[vif].pkt_in++;
2139 mrt->vif_table[vif].bytes_in += skb->len;
2140
2141 /*
2142 * Forward the frame
2143 */
2144 if (ipv6_addr_any(&c->mf6c_origin) &&
2145 ipv6_addr_any(&c->mf6c_mcastgrp)) {
2146 if (true_vifi >= 0 &&
2147 true_vifi != c->_c.mfc_parent &&
2148 ipv6_hdr(skb)->hop_limit >
2149 c->_c.mfc_un.res.ttls[c->_c.mfc_parent]) {
2150 /* It's an (*,*) entry and the packet is not coming from
2151 * the upstream: forward the packet to the upstream
2152 * only.
2153 */
2154 psend = c->_c.mfc_parent;
2155 goto last_forward;
2156 }
2157 goto dont_forward;
2158 }
2159 for (ct = c->_c.mfc_un.res.maxvif - 1;
2160 ct >= c->_c.mfc_un.res.minvif; ct--) {
2161 /* For (*,G) entry, don't forward to the incoming interface */
2162 if ((!ipv6_addr_any(&c->mf6c_origin) || ct != true_vifi) &&
2163 ipv6_hdr(skb)->hop_limit > c->_c.mfc_un.res.ttls[ct]) {
2164 if (psend != -1) {
2165 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
2166 if (skb2)
2167 ip6mr_forward2(net, mrt, skb2, psend);
2168 }
2169 psend = ct;
2170 }
2171 }
2172 last_forward:
2173 if (psend != -1) {
2174 ip6mr_forward2(net, mrt, skb, psend);
2175 return;
2176 }
2177
2178 dont_forward:
2179 kfree_skb(skb);
2180 }
2181
2182
2183 /*
2184 * Multicast packets for forwarding arrive here
2185 */
2186
2187 int ip6_mr_input(struct sk_buff *skb)
2188 {
2189 struct mfc6_cache *cache;
2190 struct net *net = dev_net(skb->dev);
2191 struct mr_table *mrt;
2192 struct flowi6 fl6 = {
2193 .flowi6_iif = skb->dev->ifindex,
2194 .flowi6_mark = skb->mark,
2195 };
2196 int err;
2197 struct net_device *dev;
2198
2199 /* skb->dev passed in is the master dev for vrfs.
2200 * Get the proper interface that does have a vif associated with it.
2201 */
2202 dev = skb->dev;
2203 if (netif_is_l3_master(skb->dev)) {
2204 dev = dev_get_by_index_rcu(net, IPCB(skb)->iif);
2205 if (!dev) {
2206 kfree_skb(skb);
2207 return -ENODEV;
2208 }
2209 }
2210
2211 err = ip6mr_fib_lookup(net, &fl6, &mrt);
2212 if (err < 0) {
2213 kfree_skb(skb);
2214 return err;
2215 }
2216
2217 read_lock(&mrt_lock);
2218 cache = ip6mr_cache_find(mrt,
2219 &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr);
2220 if (!cache) {
2221 int vif = ip6mr_find_vif(mrt, dev);
2222
2223 if (vif >= 0)
2224 cache = ip6mr_cache_find_any(mrt,
2225 &ipv6_hdr(skb)->daddr,
2226 vif);
2227 }
2228
2229 /*
2230 * No usable cache entry
2231 */
2232 if (!cache) {
2233 int vif;
2234
2235 vif = ip6mr_find_vif(mrt, dev);
2236 if (vif >= 0) {
2237 int err = ip6mr_cache_unresolved(mrt, vif, skb, dev);
2238 read_unlock(&mrt_lock);
2239
2240 return err;
2241 }
2242 read_unlock(&mrt_lock);
2243 kfree_skb(skb);
2244 return -ENODEV;
2245 }
2246
2247 ip6_mr_forward(net, mrt, dev, skb, cache);
2248
2249 read_unlock(&mrt_lock);
2250
2251 return 0;
2252 }
2253
2254 int ip6mr_get_route(struct net *net, struct sk_buff *skb, struct rtmsg *rtm,
2255 u32 portid)
2256 {
2257 int err;
2258 struct mr_table *mrt;
2259 struct mfc6_cache *cache;
2260 struct rt6_info *rt = (struct rt6_info *)skb_dst(skb);
2261
2262 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT);
2263 if (!mrt)
2264 return -ENOENT;
2265
2266 read_lock(&mrt_lock);
2267 cache = ip6mr_cache_find(mrt, &rt->rt6i_src.addr, &rt->rt6i_dst.addr);
2268 if (!cache && skb->dev) {
2269 int vif = ip6mr_find_vif(mrt, skb->dev);
2270
2271 if (vif >= 0)
2272 cache = ip6mr_cache_find_any(mrt, &rt->rt6i_dst.addr,
2273 vif);
2274 }
2275
2276 if (!cache) {
2277 struct sk_buff *skb2;
2278 struct ipv6hdr *iph;
2279 struct net_device *dev;
2280 int vif;
2281
2282 dev = skb->dev;
2283 if (!dev || (vif = ip6mr_find_vif(mrt, dev)) < 0) {
2284 read_unlock(&mrt_lock);
2285 return -ENODEV;
2286 }
2287
2288 /* really correct? */
2289 skb2 = alloc_skb(sizeof(struct ipv6hdr), GFP_ATOMIC);
2290 if (!skb2) {
2291 read_unlock(&mrt_lock);
2292 return -ENOMEM;
2293 }
2294
2295 NETLINK_CB(skb2).portid = portid;
2296 skb_reset_transport_header(skb2);
2297
2298 skb_put(skb2, sizeof(struct ipv6hdr));
2299 skb_reset_network_header(skb2);
2300
2301 iph = ipv6_hdr(skb2);
2302 iph->version = 0;
2303 iph->priority = 0;
2304 iph->flow_lbl[0] = 0;
2305 iph->flow_lbl[1] = 0;
2306 iph->flow_lbl[2] = 0;
2307 iph->payload_len = 0;
2308 iph->nexthdr = IPPROTO_NONE;
2309 iph->hop_limit = 0;
2310 iph->saddr = rt->rt6i_src.addr;
2311 iph->daddr = rt->rt6i_dst.addr;
2312
2313 err = ip6mr_cache_unresolved(mrt, vif, skb2, dev);
2314 read_unlock(&mrt_lock);
2315
2316 return err;
2317 }
2318
2319 err = mr_fill_mroute(mrt, skb, &cache->_c, rtm);
2320 read_unlock(&mrt_lock);
2321 return err;
2322 }
2323
2324 static int ip6mr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb,
2325 u32 portid, u32 seq, struct mfc6_cache *c, int cmd,
2326 int flags)
2327 {
2328 struct nlmsghdr *nlh;
2329 struct rtmsg *rtm;
2330 int err;
2331
2332 nlh = nlmsg_put(skb, portid, seq, cmd, sizeof(*rtm), flags);
2333 if (!nlh)
2334 return -EMSGSIZE;
2335
2336 rtm = nlmsg_data(nlh);
2337 rtm->rtm_family = RTNL_FAMILY_IP6MR;
2338 rtm->rtm_dst_len = 128;
2339 rtm->rtm_src_len = 128;
2340 rtm->rtm_tos = 0;
2341 rtm->rtm_table = mrt->id;
2342 if (nla_put_u32(skb, RTA_TABLE, mrt->id))
2343 goto nla_put_failure;
2344 rtm->rtm_type = RTN_MULTICAST;
2345 rtm->rtm_scope = RT_SCOPE_UNIVERSE;
2346 if (c->_c.mfc_flags & MFC_STATIC)
2347 rtm->rtm_protocol = RTPROT_STATIC;
2348 else
2349 rtm->rtm_protocol = RTPROT_MROUTED;
2350 rtm->rtm_flags = 0;
2351
2352 if (nla_put_in6_addr(skb, RTA_SRC, &c->mf6c_origin) ||
2353 nla_put_in6_addr(skb, RTA_DST, &c->mf6c_mcastgrp))
2354 goto nla_put_failure;
2355 err = mr_fill_mroute(mrt, skb, &c->_c, rtm);
2356 /* do not break the dump if cache is unresolved */
2357 if (err < 0 && err != -ENOENT)
2358 goto nla_put_failure;
2359
2360 nlmsg_end(skb, nlh);
2361 return 0;
2362
2363 nla_put_failure:
2364 nlmsg_cancel(skb, nlh);
2365 return -EMSGSIZE;
2366 }
2367
2368 static int _ip6mr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb,
2369 u32 portid, u32 seq, struct mr_mfc *c,
2370 int cmd, int flags)
2371 {
2372 return ip6mr_fill_mroute(mrt, skb, portid, seq, (struct mfc6_cache *)c,
2373 cmd, flags);
2374 }
2375
2376 static int mr6_msgsize(bool unresolved, int maxvif)
2377 {
2378 size_t len =
2379 NLMSG_ALIGN(sizeof(struct rtmsg))
2380 + nla_total_size(4) /* RTA_TABLE */
2381 + nla_total_size(sizeof(struct in6_addr)) /* RTA_SRC */
2382 + nla_total_size(sizeof(struct in6_addr)) /* RTA_DST */
2383 ;
2384
2385 if (!unresolved)
2386 len = len
2387 + nla_total_size(4) /* RTA_IIF */
2388 + nla_total_size(0) /* RTA_MULTIPATH */
2389 + maxvif * NLA_ALIGN(sizeof(struct rtnexthop))
2390 /* RTA_MFC_STATS */
2391 + nla_total_size_64bit(sizeof(struct rta_mfc_stats))
2392 ;
2393
2394 return len;
2395 }
2396
2397 static void mr6_netlink_event(struct mr_table *mrt, struct mfc6_cache *mfc,
2398 int cmd)
2399 {
2400 struct net *net = read_pnet(&mrt->net);
2401 struct sk_buff *skb;
2402 int err = -ENOBUFS;
2403
2404 skb = nlmsg_new(mr6_msgsize(mfc->_c.mfc_parent >= MAXMIFS, mrt->maxvif),
2405 GFP_ATOMIC);
2406 if (!skb)
2407 goto errout;
2408
2409 err = ip6mr_fill_mroute(mrt, skb, 0, 0, mfc, cmd, 0);
2410 if (err < 0)
2411 goto errout;
2412
2413 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_MROUTE, NULL, GFP_ATOMIC);
2414 return;
2415
2416 errout:
2417 kfree_skb(skb);
2418 if (err < 0)
2419 rtnl_set_sk_err(net, RTNLGRP_IPV6_MROUTE, err);
2420 }
2421
2422 static size_t mrt6msg_netlink_msgsize(size_t payloadlen)
2423 {
2424 size_t len =
2425 NLMSG_ALIGN(sizeof(struct rtgenmsg))
2426 + nla_total_size(1) /* IP6MRA_CREPORT_MSGTYPE */
2427 + nla_total_size(4) /* IP6MRA_CREPORT_MIF_ID */
2428 /* IP6MRA_CREPORT_SRC_ADDR */
2429 + nla_total_size(sizeof(struct in6_addr))
2430 /* IP6MRA_CREPORT_DST_ADDR */
2431 + nla_total_size(sizeof(struct in6_addr))
2432 /* IP6MRA_CREPORT_PKT */
2433 + nla_total_size(payloadlen)
2434 ;
2435
2436 return len;
2437 }
2438
2439 static void mrt6msg_netlink_event(struct mr_table *mrt, struct sk_buff *pkt)
2440 {
2441 struct net *net = read_pnet(&mrt->net);
2442 struct nlmsghdr *nlh;
2443 struct rtgenmsg *rtgenm;
2444 struct mrt6msg *msg;
2445 struct sk_buff *skb;
2446 struct nlattr *nla;
2447 int payloadlen;
2448
2449 payloadlen = pkt->len - sizeof(struct mrt6msg);
2450 msg = (struct mrt6msg *)skb_transport_header(pkt);
2451
2452 skb = nlmsg_new(mrt6msg_netlink_msgsize(payloadlen), GFP_ATOMIC);
2453 if (!skb)
2454 goto errout;
2455
2456 nlh = nlmsg_put(skb, 0, 0, RTM_NEWCACHEREPORT,
2457 sizeof(struct rtgenmsg), 0);
2458 if (!nlh)
2459 goto errout;
2460 rtgenm = nlmsg_data(nlh);
2461 rtgenm->rtgen_family = RTNL_FAMILY_IP6MR;
2462 if (nla_put_u8(skb, IP6MRA_CREPORT_MSGTYPE, msg->im6_msgtype) ||
2463 nla_put_u32(skb, IP6MRA_CREPORT_MIF_ID, msg->im6_mif) ||
2464 nla_put_in6_addr(skb, IP6MRA_CREPORT_SRC_ADDR,
2465 &msg->im6_src) ||
2466 nla_put_in6_addr(skb, IP6MRA_CREPORT_DST_ADDR,
2467 &msg->im6_dst))
2468 goto nla_put_failure;
2469
2470 nla = nla_reserve(skb, IP6MRA_CREPORT_PKT, payloadlen);
2471 if (!nla || skb_copy_bits(pkt, sizeof(struct mrt6msg),
2472 nla_data(nla), payloadlen))
2473 goto nla_put_failure;
2474
2475 nlmsg_end(skb, nlh);
2476
2477 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_MROUTE_R, NULL, GFP_ATOMIC);
2478 return;
2479
2480 nla_put_failure:
2481 nlmsg_cancel(skb, nlh);
2482 errout:
2483 kfree_skb(skb);
2484 rtnl_set_sk_err(net, RTNLGRP_IPV6_MROUTE_R, -ENOBUFS);
2485 }
2486
2487 static int ip6mr_rtm_dumproute(struct sk_buff *skb, struct netlink_callback *cb)
2488 {
2489 const struct nlmsghdr *nlh = cb->nlh;
2490 struct fib_dump_filter filter = {};
2491 int err;
2492
2493 if (cb->strict_check) {
2494 err = ip_valid_fib_dump_req(sock_net(skb->sk), nlh,
2495 &filter, cb);
2496 if (err < 0)
2497 return err;
2498 }
2499
2500 if (filter.table_id) {
2501 struct mr_table *mrt;
2502
2503 mrt = ip6mr_get_table(sock_net(skb->sk), filter.table_id);
2504 if (!mrt) {
2505 if (filter.dump_all_families)
2506 return skb->len;
2507
2508 NL_SET_ERR_MSG_MOD(cb->extack, "MR table does not exist");
2509 return -ENOENT;
2510 }
2511 err = mr_table_dump(mrt, skb, cb, _ip6mr_fill_mroute,
2512 &mfc_unres_lock, &filter);
2513 return skb->len ? : err;
2514 }
2515
2516 return mr_rtm_dumproute(skb, cb, ip6mr_mr_table_iter,
2517 _ip6mr_fill_mroute, &mfc_unres_lock, &filter);
2518 }
Ubuntu Jammy Linux kernel mirror