0001
0002
0003
0004
0005
0006
0007
0008
0009
0010
0011
0012
0013
0014 #include <linux/uaccess.h>
0015 #include <linux/types.h>
0016 #include <linux/sched.h>
0017 #include <linux/errno.h>
0018 #include <linux/mm.h>
0019 #include <linux/kernel.h>
0020 #include <linux/fcntl.h>
0021 #include <linux/stat.h>
0022 #include <linux/socket.h>
0023 #include <linux/inet.h>
0024 #include <linux/netdevice.h>
0025 #include <linux/inetdevice.h>
0026 #include <linux/proc_fs.h>
0027 #include <linux/seq_file.h>
0028 #include <linux/init.h>
0029 #include <linux/compat.h>
0030 #include <linux/rhashtable.h>
0031 #include <net/protocol.h>
0032 #include <linux/skbuff.h>
0033 #include <net/raw.h>
0034 #include <linux/notifier.h>
0035 #include <linux/if_arp.h>
0036 #include <net/checksum.h>
0037 #include <net/netlink.h>
0038 #include <net/fib_rules.h>
0039
0040 #include <net/ipv6.h>
0041 #include <net/ip6_route.h>
0042 #include <linux/mroute6.h>
0043 #include <linux/pim.h>
0044 #include <net/addrconf.h>
0045 #include <linux/netfilter_ipv6.h>
0046 #include <linux/export.h>
0047 #include <net/ip6_checksum.h>
0048 #include <linux/netconf.h>
0049 #include <net/ip_tunnels.h>
0050
0051 #include <linux/nospec.h>
0052
0053 struct ip6mr_rule {
0054 struct fib_rule common;
0055 };
0056
0057 struct ip6mr_result {
0058 struct mr_table *mrt;
0059 };
0060
0061
0062
0063
0064
0065 static DEFINE_SPINLOCK(mrt_lock);
0066
0067 static struct net_device *vif_dev_read(const struct vif_device *vif)
0068 {
0069 return rcu_dereference(vif->dev);
0070 }
0071
0072
0073
0074
0075 static DEFINE_SPINLOCK(mfc_unres_lock);
0076
0077
0078
0079
0080
0081
0082
0083
0084
0085 static struct kmem_cache *mrt_cachep __read_mostly;
0086
0087 static struct mr_table *ip6mr_new_table(struct net *net, u32 id);
0088 static void ip6mr_free_table(struct mr_table *mrt);
0089
0090 static void ip6_mr_forward(struct net *net, struct mr_table *mrt,
0091 struct net_device *dev, struct sk_buff *skb,
0092 struct mfc6_cache *cache);
0093 static int ip6mr_cache_report(const struct mr_table *mrt, struct sk_buff *pkt,
0094 mifi_t mifi, int assert);
0095 static void mr6_netlink_event(struct mr_table *mrt, struct mfc6_cache *mfc,
0096 int cmd);
0097 static void mrt6msg_netlink_event(const struct mr_table *mrt, struct sk_buff *pkt);
0098 static int ip6mr_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh,
0099 struct netlink_ext_ack *extack);
0100 static int ip6mr_rtm_dumproute(struct sk_buff *skb,
0101 struct netlink_callback *cb);
0102 static void mroute_clean_tables(struct mr_table *mrt, int flags);
0103 static void ipmr_expire_process(struct timer_list *t);
0104
0105 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES
0106 #define ip6mr_for_each_table(mrt, net) \
0107 list_for_each_entry_rcu(mrt, &net->ipv6.mr6_tables, list, \
0108 lockdep_rtnl_is_held() || \
0109 list_empty(&net->ipv6.mr6_tables))
0110
0111 static struct mr_table *ip6mr_mr_table_iter(struct net *net,
0112 struct mr_table *mrt)
0113 {
0114 struct mr_table *ret;
0115
0116 if (!mrt)
0117 ret = list_entry_rcu(net->ipv6.mr6_tables.next,
0118 struct mr_table, list);
0119 else
0120 ret = list_entry_rcu(mrt->list.next,
0121 struct mr_table, list);
0122
0123 if (&ret->list == &net->ipv6.mr6_tables)
0124 return NULL;
0125 return ret;
0126 }
0127
0128 static struct mr_table *ip6mr_get_table(struct net *net, u32 id)
0129 {
0130 struct mr_table *mrt;
0131
0132 ip6mr_for_each_table(mrt, net) {
0133 if (mrt->id == id)
0134 return mrt;
0135 }
0136 return NULL;
0137 }
0138
0139 static int ip6mr_fib_lookup(struct net *net, struct flowi6 *flp6,
0140 struct mr_table **mrt)
0141 {
0142 int err;
0143 struct ip6mr_result res;
0144 struct fib_lookup_arg arg = {
0145 .result = &res,
0146 .flags = FIB_LOOKUP_NOREF,
0147 };
0148
0149
0150 l3mdev_update_flow(net, flowi6_to_flowi(flp6));
0151
0152 err = fib_rules_lookup(net->ipv6.mr6_rules_ops,
0153 flowi6_to_flowi(flp6), 0, &arg);
0154 if (err < 0)
0155 return err;
0156 *mrt = res.mrt;
0157 return 0;
0158 }
0159
0160 static int ip6mr_rule_action(struct fib_rule *rule, struct flowi *flp,
0161 int flags, struct fib_lookup_arg *arg)
0162 {
0163 struct ip6mr_result *res = arg->result;
0164 struct mr_table *mrt;
0165
0166 switch (rule->action) {
0167 case FR_ACT_TO_TBL:
0168 break;
0169 case FR_ACT_UNREACHABLE:
0170 return -ENETUNREACH;
0171 case FR_ACT_PROHIBIT:
0172 return -EACCES;
0173 case FR_ACT_BLACKHOLE:
0174 default:
0175 return -EINVAL;
0176 }
0177
0178 arg->table = fib_rule_get_table(rule, arg);
0179
0180 mrt = ip6mr_get_table(rule->fr_net, arg->table);
0181 if (!mrt)
0182 return -EAGAIN;
0183 res->mrt = mrt;
0184 return 0;
0185 }
0186
0187 static int ip6mr_rule_match(struct fib_rule *rule, struct flowi *flp, int flags)
0188 {
0189 return 1;
0190 }
0191
0192 static int ip6mr_rule_configure(struct fib_rule *rule, struct sk_buff *skb,
0193 struct fib_rule_hdr *frh, struct nlattr **tb,
0194 struct netlink_ext_ack *extack)
0195 {
0196 return 0;
0197 }
0198
0199 static int ip6mr_rule_compare(struct fib_rule *rule, struct fib_rule_hdr *frh,
0200 struct nlattr **tb)
0201 {
0202 return 1;
0203 }
0204
0205 static int ip6mr_rule_fill(struct fib_rule *rule, struct sk_buff *skb,
0206 struct fib_rule_hdr *frh)
0207 {
0208 frh->dst_len = 0;
0209 frh->src_len = 0;
0210 frh->tos = 0;
0211 return 0;
0212 }
0213
0214 static const struct fib_rules_ops __net_initconst ip6mr_rules_ops_template = {
0215 .family = RTNL_FAMILY_IP6MR,
0216 .rule_size = sizeof(struct ip6mr_rule),
0217 .addr_size = sizeof(struct in6_addr),
0218 .action = ip6mr_rule_action,
0219 .match = ip6mr_rule_match,
0220 .configure = ip6mr_rule_configure,
0221 .compare = ip6mr_rule_compare,
0222 .fill = ip6mr_rule_fill,
0223 .nlgroup = RTNLGRP_IPV6_RULE,
0224 .owner = THIS_MODULE,
0225 };
0226
0227 static int __net_init ip6mr_rules_init(struct net *net)
0228 {
0229 struct fib_rules_ops *ops;
0230 struct mr_table *mrt;
0231 int err;
0232
0233 ops = fib_rules_register(&ip6mr_rules_ops_template, net);
0234 if (IS_ERR(ops))
0235 return PTR_ERR(ops);
0236
0237 INIT_LIST_HEAD(&net->ipv6.mr6_tables);
0238
0239 mrt = ip6mr_new_table(net, RT6_TABLE_DFLT);
0240 if (IS_ERR(mrt)) {
0241 err = PTR_ERR(mrt);
0242 goto err1;
0243 }
0244
0245 err = fib_default_rule_add(ops, 0x7fff, RT6_TABLE_DFLT, 0);
0246 if (err < 0)
0247 goto err2;
0248
0249 net->ipv6.mr6_rules_ops = ops;
0250 return 0;
0251
0252 err2:
0253 rtnl_lock();
0254 ip6mr_free_table(mrt);
0255 rtnl_unlock();
0256 err1:
0257 fib_rules_unregister(ops);
0258 return err;
0259 }
0260
0261 static void __net_exit ip6mr_rules_exit(struct net *net)
0262 {
0263 struct mr_table *mrt, *next;
0264
0265 ASSERT_RTNL();
0266 list_for_each_entry_safe(mrt, next, &net->ipv6.mr6_tables, list) {
0267 list_del(&mrt->list);
0268 ip6mr_free_table(mrt);
0269 }
0270 fib_rules_unregister(net->ipv6.mr6_rules_ops);
0271 }
0272
0273 static int ip6mr_rules_dump(struct net *net, struct notifier_block *nb,
0274 struct netlink_ext_ack *extack)
0275 {
0276 return fib_rules_dump(net, nb, RTNL_FAMILY_IP6MR, extack);
0277 }
0278
0279 static unsigned int ip6mr_rules_seq_read(struct net *net)
0280 {
0281 return fib_rules_seq_read(net, RTNL_FAMILY_IP6MR);
0282 }
0283
0284 bool ip6mr_rule_default(const struct fib_rule *rule)
0285 {
0286 return fib_rule_matchall(rule) && rule->action == FR_ACT_TO_TBL &&
0287 rule->table == RT6_TABLE_DFLT && !rule->l3mdev;
0288 }
0289 EXPORT_SYMBOL(ip6mr_rule_default);
0290 #else
0291 #define ip6mr_for_each_table(mrt, net) \
0292 for (mrt = net->ipv6.mrt6; mrt; mrt = NULL)
0293
0294 static struct mr_table *ip6mr_mr_table_iter(struct net *net,
0295 struct mr_table *mrt)
0296 {
0297 if (!mrt)
0298 return net->ipv6.mrt6;
0299 return NULL;
0300 }
0301
0302 static struct mr_table *ip6mr_get_table(struct net *net, u32 id)
0303 {
0304 return net->ipv6.mrt6;
0305 }
0306
0307 static int ip6mr_fib_lookup(struct net *net, struct flowi6 *flp6,
0308 struct mr_table **mrt)
0309 {
0310 *mrt = net->ipv6.mrt6;
0311 return 0;
0312 }
0313
0314 static int __net_init ip6mr_rules_init(struct net *net)
0315 {
0316 struct mr_table *mrt;
0317
0318 mrt = ip6mr_new_table(net, RT6_TABLE_DFLT);
0319 if (IS_ERR(mrt))
0320 return PTR_ERR(mrt);
0321 net->ipv6.mrt6 = mrt;
0322 return 0;
0323 }
0324
0325 static void __net_exit ip6mr_rules_exit(struct net *net)
0326 {
0327 ASSERT_RTNL();
0328 ip6mr_free_table(net->ipv6.mrt6);
0329 net->ipv6.mrt6 = NULL;
0330 }
0331
0332 static int ip6mr_rules_dump(struct net *net, struct notifier_block *nb,
0333 struct netlink_ext_ack *extack)
0334 {
0335 return 0;
0336 }
0337
0338 static unsigned int ip6mr_rules_seq_read(struct net *net)
0339 {
0340 return 0;
0341 }
0342 #endif
0343
0344 static int ip6mr_hash_cmp(struct rhashtable_compare_arg *arg,
0345 const void *ptr)
0346 {
0347 const struct mfc6_cache_cmp_arg *cmparg = arg->key;
0348 struct mfc6_cache *c = (struct mfc6_cache *)ptr;
0349
0350 return !ipv6_addr_equal(&c->mf6c_mcastgrp, &cmparg->mf6c_mcastgrp) ||
0351 !ipv6_addr_equal(&c->mf6c_origin, &cmparg->mf6c_origin);
0352 }
0353
0354 static const struct rhashtable_params ip6mr_rht_params = {
0355 .head_offset = offsetof(struct mr_mfc, mnode),
0356 .key_offset = offsetof(struct mfc6_cache, cmparg),
0357 .key_len = sizeof(struct mfc6_cache_cmp_arg),
0358 .nelem_hint = 3,
0359 .obj_cmpfn = ip6mr_hash_cmp,
0360 .automatic_shrinking = true,
0361 };
0362
0363 static void ip6mr_new_table_set(struct mr_table *mrt,
0364 struct net *net)
0365 {
0366 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES
0367 list_add_tail_rcu(&mrt->list, &net->ipv6.mr6_tables);
0368 #endif
0369 }
0370
0371 static struct mfc6_cache_cmp_arg ip6mr_mr_table_ops_cmparg_any = {
0372 .mf6c_origin = IN6ADDR_ANY_INIT,
0373 .mf6c_mcastgrp = IN6ADDR_ANY_INIT,
0374 };
0375
0376 static struct mr_table_ops ip6mr_mr_table_ops = {
0377 .rht_params = &ip6mr_rht_params,
0378 .cmparg_any = &ip6mr_mr_table_ops_cmparg_any,
0379 };
0380
0381 static struct mr_table *ip6mr_new_table(struct net *net, u32 id)
0382 {
0383 struct mr_table *mrt;
0384
0385 mrt = ip6mr_get_table(net, id);
0386 if (mrt)
0387 return mrt;
0388
0389 return mr_table_alloc(net, id, &ip6mr_mr_table_ops,
0390 ipmr_expire_process, ip6mr_new_table_set);
0391 }
0392
0393 static void ip6mr_free_table(struct mr_table *mrt)
0394 {
0395 del_timer_sync(&mrt->ipmr_expire_timer);
0396 mroute_clean_tables(mrt, MRT6_FLUSH_MIFS | MRT6_FLUSH_MIFS_STATIC |
0397 MRT6_FLUSH_MFC | MRT6_FLUSH_MFC_STATIC);
0398 rhltable_destroy(&mrt->mfc_hash);
0399 kfree(mrt);
0400 }
0401
0402 #ifdef CONFIG_PROC_FS
0403
0404
0405
0406
0407 static void *ip6mr_vif_seq_start(struct seq_file *seq, loff_t *pos)
0408 __acquires(RCU)
0409 {
0410 struct mr_vif_iter *iter = seq->private;
0411 struct net *net = seq_file_net(seq);
0412 struct mr_table *mrt;
0413
0414 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT);
0415 if (!mrt)
0416 return ERR_PTR(-ENOENT);
0417
0418 iter->mrt = mrt;
0419
0420 rcu_read_lock();
0421 return mr_vif_seq_start(seq, pos);
0422 }
0423
0424 static void ip6mr_vif_seq_stop(struct seq_file *seq, void *v)
0425 __releases(RCU)
0426 {
0427 rcu_read_unlock();
0428 }
0429
0430 static int ip6mr_vif_seq_show(struct seq_file *seq, void *v)
0431 {
0432 struct mr_vif_iter *iter = seq->private;
0433 struct mr_table *mrt = iter->mrt;
0434
0435 if (v == SEQ_START_TOKEN) {
0436 seq_puts(seq,
0437 "Interface BytesIn PktsIn BytesOut PktsOut Flags\n");
0438 } else {
0439 const struct vif_device *vif = v;
0440 const struct net_device *vif_dev;
0441 const char *name;
0442
0443 vif_dev = vif_dev_read(vif);
0444 name = vif_dev ? vif_dev->name : "none";
0445
0446 seq_printf(seq,
0447 "%2td %-10s %8ld %7ld %8ld %7ld %05X\n",
0448 vif - mrt->vif_table,
0449 name, vif->bytes_in, vif->pkt_in,
0450 vif->bytes_out, vif->pkt_out,
0451 vif->flags);
0452 }
0453 return 0;
0454 }
0455
0456 static const struct seq_operations ip6mr_vif_seq_ops = {
0457 .start = ip6mr_vif_seq_start,
0458 .next = mr_vif_seq_next,
0459 .stop = ip6mr_vif_seq_stop,
0460 .show = ip6mr_vif_seq_show,
0461 };
0462
0463 static void *ipmr_mfc_seq_start(struct seq_file *seq, loff_t *pos)
0464 {
0465 struct net *net = seq_file_net(seq);
0466 struct mr_table *mrt;
0467
0468 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT);
0469 if (!mrt)
0470 return ERR_PTR(-ENOENT);
0471
0472 return mr_mfc_seq_start(seq, pos, mrt, &mfc_unres_lock);
0473 }
0474
0475 static int ipmr_mfc_seq_show(struct seq_file *seq, void *v)
0476 {
0477 int n;
0478
0479 if (v == SEQ_START_TOKEN) {
0480 seq_puts(seq,
0481 "Group "
0482 "Origin "
0483 "Iif Pkts Bytes Wrong Oifs\n");
0484 } else {
0485 const struct mfc6_cache *mfc = v;
0486 const struct mr_mfc_iter *it = seq->private;
0487 struct mr_table *mrt = it->mrt;
0488
0489 seq_printf(seq, "%pI6 %pI6 %-3hd",
0490 &mfc->mf6c_mcastgrp, &mfc->mf6c_origin,
0491 mfc->_c.mfc_parent);
0492
0493 if (it->cache != &mrt->mfc_unres_queue) {
0494 seq_printf(seq, " %8lu %8lu %8lu",
0495 mfc->_c.mfc_un.res.pkt,
0496 mfc->_c.mfc_un.res.bytes,
0497 mfc->_c.mfc_un.res.wrong_if);
0498 for (n = mfc->_c.mfc_un.res.minvif;
0499 n < mfc->_c.mfc_un.res.maxvif; n++) {
0500 if (VIF_EXISTS(mrt, n) &&
0501 mfc->_c.mfc_un.res.ttls[n] < 255)
0502 seq_printf(seq,
0503 " %2d:%-3d", n,
0504 mfc->_c.mfc_un.res.ttls[n]);
0505 }
0506 } else {
0507
0508
0509
0510 seq_printf(seq, " %8lu %8lu %8lu", 0ul, 0ul, 0ul);
0511 }
0512 seq_putc(seq, '\n');
0513 }
0514 return 0;
0515 }
0516
0517 static const struct seq_operations ipmr_mfc_seq_ops = {
0518 .start = ipmr_mfc_seq_start,
0519 .next = mr_mfc_seq_next,
0520 .stop = mr_mfc_seq_stop,
0521 .show = ipmr_mfc_seq_show,
0522 };
0523 #endif
0524
0525 #ifdef CONFIG_IPV6_PIMSM_V2
0526
0527 static int pim6_rcv(struct sk_buff *skb)
0528 {
0529 struct pimreghdr *pim;
0530 struct ipv6hdr *encap;
0531 struct net_device *reg_dev = NULL;
0532 struct net *net = dev_net(skb->dev);
0533 struct mr_table *mrt;
0534 struct flowi6 fl6 = {
0535 .flowi6_iif = skb->dev->ifindex,
0536 .flowi6_mark = skb->mark,
0537 };
0538 int reg_vif_num;
0539
0540 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(*encap)))
0541 goto drop;
0542
0543 pim = (struct pimreghdr *)skb_transport_header(skb);
0544 if (pim->type != ((PIM_VERSION << 4) | PIM_TYPE_REGISTER) ||
0545 (pim->flags & PIM_NULL_REGISTER) ||
0546 (csum_ipv6_magic(&ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr,
0547 sizeof(*pim), IPPROTO_PIM,
0548 csum_partial((void *)pim, sizeof(*pim), 0)) &&
0549 csum_fold(skb_checksum(skb, 0, skb->len, 0))))
0550 goto drop;
0551
0552
0553 encap = (struct ipv6hdr *)(skb_transport_header(skb) +
0554 sizeof(*pim));
0555
0556 if (!ipv6_addr_is_multicast(&encap->daddr) ||
0557 encap->payload_len == 0 ||
0558 ntohs(encap->payload_len) + sizeof(*pim) > skb->len)
0559 goto drop;
0560
0561 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0)
0562 goto drop;
0563
0564
0565 reg_vif_num = READ_ONCE(mrt->mroute_reg_vif_num);
0566 if (reg_vif_num >= 0)
0567 reg_dev = vif_dev_read(&mrt->vif_table[reg_vif_num]);
0568
0569 if (!reg_dev)
0570 goto drop;
0571
0572 skb->mac_header = skb->network_header;
0573 skb_pull(skb, (u8 *)encap - skb->data);
0574 skb_reset_network_header(skb);
0575 skb->protocol = htons(ETH_P_IPV6);
0576 skb->ip_summed = CHECKSUM_NONE;
0577
0578 skb_tunnel_rx(skb, reg_dev, dev_net(reg_dev));
0579
0580 netif_rx(skb);
0581
0582 return 0;
0583 drop:
0584 kfree_skb(skb);
0585 return 0;
0586 }
0587
0588 static const struct inet6_protocol pim6_protocol = {
0589 .handler = pim6_rcv,
0590 };
0591
0592
0593
0594 static netdev_tx_t reg_vif_xmit(struct sk_buff *skb,
0595 struct net_device *dev)
0596 {
0597 struct net *net = dev_net(dev);
0598 struct mr_table *mrt;
0599 struct flowi6 fl6 = {
0600 .flowi6_oif = dev->ifindex,
0601 .flowi6_iif = skb->skb_iif ? : LOOPBACK_IFINDEX,
0602 .flowi6_mark = skb->mark,
0603 };
0604
0605 if (!pskb_inet_may_pull(skb))
0606 goto tx_err;
0607
0608 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0)
0609 goto tx_err;
0610
0611 dev->stats.tx_bytes += skb->len;
0612 dev->stats.tx_packets++;
0613 rcu_read_lock();
0614 ip6mr_cache_report(mrt, skb, READ_ONCE(mrt->mroute_reg_vif_num),
0615 MRT6MSG_WHOLEPKT);
0616 rcu_read_unlock();
0617 kfree_skb(skb);
0618 return NETDEV_TX_OK;
0619
0620 tx_err:
0621 dev->stats.tx_errors++;
0622 kfree_skb(skb);
0623 return NETDEV_TX_OK;
0624 }
0625
0626 static int reg_vif_get_iflink(const struct net_device *dev)
0627 {
0628 return 0;
0629 }
0630
0631 static const struct net_device_ops reg_vif_netdev_ops = {
0632 .ndo_start_xmit = reg_vif_xmit,
0633 .ndo_get_iflink = reg_vif_get_iflink,
0634 };
0635
0636 static void reg_vif_setup(struct net_device *dev)
0637 {
0638 dev->type = ARPHRD_PIMREG;
0639 dev->mtu = 1500 - sizeof(struct ipv6hdr) - 8;
0640 dev->flags = IFF_NOARP;
0641 dev->netdev_ops = ®_vif_netdev_ops;
0642 dev->needs_free_netdev = true;
0643 dev->features |= NETIF_F_NETNS_LOCAL;
0644 }
0645
0646 static struct net_device *ip6mr_reg_vif(struct net *net, struct mr_table *mrt)
0647 {
0648 struct net_device *dev;
0649 char name[IFNAMSIZ];
0650
0651 if (mrt->id == RT6_TABLE_DFLT)
0652 sprintf(name, "pim6reg");
0653 else
0654 sprintf(name, "pim6reg%u", mrt->id);
0655
0656 dev = alloc_netdev(0, name, NET_NAME_UNKNOWN, reg_vif_setup);
0657 if (!dev)
0658 return NULL;
0659
0660 dev_net_set(dev, net);
0661
0662 if (register_netdevice(dev)) {
0663 free_netdev(dev);
0664 return NULL;
0665 }
0666
0667 if (dev_open(dev, NULL))
0668 goto failure;
0669
0670 dev_hold(dev);
0671 return dev;
0672
0673 failure:
0674 unregister_netdevice(dev);
0675 return NULL;
0676 }
0677 #endif
0678
0679 static int call_ip6mr_vif_entry_notifiers(struct net *net,
0680 enum fib_event_type event_type,
0681 struct vif_device *vif,
0682 struct net_device *vif_dev,
0683 mifi_t vif_index, u32 tb_id)
0684 {
0685 return mr_call_vif_notifiers(net, RTNL_FAMILY_IP6MR, event_type,
0686 vif, vif_dev, vif_index, tb_id,
0687 &net->ipv6.ipmr_seq);
0688 }
0689
0690 static int call_ip6mr_mfc_entry_notifiers(struct net *net,
0691 enum fib_event_type event_type,
0692 struct mfc6_cache *mfc, u32 tb_id)
0693 {
0694 return mr_call_mfc_notifiers(net, RTNL_FAMILY_IP6MR, event_type,
0695 &mfc->_c, tb_id, &net->ipv6.ipmr_seq);
0696 }
0697
0698
0699 static int mif6_delete(struct mr_table *mrt, int vifi, int notify,
0700 struct list_head *head)
0701 {
0702 struct vif_device *v;
0703 struct net_device *dev;
0704 struct inet6_dev *in6_dev;
0705
0706 if (vifi < 0 || vifi >= mrt->maxvif)
0707 return -EADDRNOTAVAIL;
0708
0709 v = &mrt->vif_table[vifi];
0710
0711 dev = rtnl_dereference(v->dev);
0712 if (!dev)
0713 return -EADDRNOTAVAIL;
0714
0715 call_ip6mr_vif_entry_notifiers(read_pnet(&mrt->net),
0716 FIB_EVENT_VIF_DEL, v, dev,
0717 vifi, mrt->id);
0718 spin_lock(&mrt_lock);
0719 RCU_INIT_POINTER(v->dev, NULL);
0720
0721 #ifdef CONFIG_IPV6_PIMSM_V2
0722 if (vifi == mrt->mroute_reg_vif_num) {
0723
0724 WRITE_ONCE(mrt->mroute_reg_vif_num, -1);
0725 }
0726 #endif
0727
0728 if (vifi + 1 == mrt->maxvif) {
0729 int tmp;
0730 for (tmp = vifi - 1; tmp >= 0; tmp--) {
0731 if (VIF_EXISTS(mrt, tmp))
0732 break;
0733 }
0734 WRITE_ONCE(mrt->maxvif, tmp + 1);
0735 }
0736
0737 spin_unlock(&mrt_lock);
0738
0739 dev_set_allmulti(dev, -1);
0740
0741 in6_dev = __in6_dev_get(dev);
0742 if (in6_dev) {
0743 atomic_dec(&in6_dev->cnf.mc_forwarding);
0744 inet6_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF,
0745 NETCONFA_MC_FORWARDING,
0746 dev->ifindex, &in6_dev->cnf);
0747 }
0748
0749 if ((v->flags & MIFF_REGISTER) && !notify)
0750 unregister_netdevice_queue(dev, head);
0751
0752 netdev_put(dev, &v->dev_tracker);
0753 return 0;
0754 }
0755
0756 static inline void ip6mr_cache_free_rcu(struct rcu_head *head)
0757 {
0758 struct mr_mfc *c = container_of(head, struct mr_mfc, rcu);
0759
0760 kmem_cache_free(mrt_cachep, (struct mfc6_cache *)c);
0761 }
0762
0763 static inline void ip6mr_cache_free(struct mfc6_cache *c)
0764 {
0765 call_rcu(&c->_c.rcu, ip6mr_cache_free_rcu);
0766 }
0767
0768
0769
0770
0771
0772 static void ip6mr_destroy_unres(struct mr_table *mrt, struct mfc6_cache *c)
0773 {
0774 struct net *net = read_pnet(&mrt->net);
0775 struct sk_buff *skb;
0776
0777 atomic_dec(&mrt->cache_resolve_queue_len);
0778
0779 while ((skb = skb_dequeue(&c->_c.mfc_un.unres.unresolved)) != NULL) {
0780 if (ipv6_hdr(skb)->version == 0) {
0781 struct nlmsghdr *nlh = skb_pull(skb,
0782 sizeof(struct ipv6hdr));
0783 nlh->nlmsg_type = NLMSG_ERROR;
0784 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr));
0785 skb_trim(skb, nlh->nlmsg_len);
0786 ((struct nlmsgerr *)nlmsg_data(nlh))->error = -ETIMEDOUT;
0787 rtnl_unicast(skb, net, NETLINK_CB(skb).portid);
0788 } else
0789 kfree_skb(skb);
0790 }
0791
0792 ip6mr_cache_free(c);
0793 }
0794
0795
0796
0797
0798 static void ipmr_do_expire_process(struct mr_table *mrt)
0799 {
0800 unsigned long now = jiffies;
0801 unsigned long expires = 10 * HZ;
0802 struct mr_mfc *c, *next;
0803
0804 list_for_each_entry_safe(c, next, &mrt->mfc_unres_queue, list) {
0805 if (time_after(c->mfc_un.unres.expires, now)) {
0806
0807 unsigned long interval = c->mfc_un.unres.expires - now;
0808 if (interval < expires)
0809 expires = interval;
0810 continue;
0811 }
0812
0813 list_del(&c->list);
0814 mr6_netlink_event(mrt, (struct mfc6_cache *)c, RTM_DELROUTE);
0815 ip6mr_destroy_unres(mrt, (struct mfc6_cache *)c);
0816 }
0817
0818 if (!list_empty(&mrt->mfc_unres_queue))
0819 mod_timer(&mrt->ipmr_expire_timer, jiffies + expires);
0820 }
0821
0822 static void ipmr_expire_process(struct timer_list *t)
0823 {
0824 struct mr_table *mrt = from_timer(mrt, t, ipmr_expire_timer);
0825
0826 if (!spin_trylock(&mfc_unres_lock)) {
0827 mod_timer(&mrt->ipmr_expire_timer, jiffies + 1);
0828 return;
0829 }
0830
0831 if (!list_empty(&mrt->mfc_unres_queue))
0832 ipmr_do_expire_process(mrt);
0833
0834 spin_unlock(&mfc_unres_lock);
0835 }
0836
0837
0838
0839 static void ip6mr_update_thresholds(struct mr_table *mrt,
0840 struct mr_mfc *cache,
0841 unsigned char *ttls)
0842 {
0843 int vifi;
0844
0845 cache->mfc_un.res.minvif = MAXMIFS;
0846 cache->mfc_un.res.maxvif = 0;
0847 memset(cache->mfc_un.res.ttls, 255, MAXMIFS);
0848
0849 for (vifi = 0; vifi < mrt->maxvif; vifi++) {
0850 if (VIF_EXISTS(mrt, vifi) &&
0851 ttls[vifi] && ttls[vifi] < 255) {
0852 cache->mfc_un.res.ttls[vifi] = ttls[vifi];
0853 if (cache->mfc_un.res.minvif > vifi)
0854 cache->mfc_un.res.minvif = vifi;
0855 if (cache->mfc_un.res.maxvif <= vifi)
0856 cache->mfc_un.res.maxvif = vifi + 1;
0857 }
0858 }
0859 cache->mfc_un.res.lastuse = jiffies;
0860 }
0861
0862 static int mif6_add(struct net *net, struct mr_table *mrt,
0863 struct mif6ctl *vifc, int mrtsock)
0864 {
0865 int vifi = vifc->mif6c_mifi;
0866 struct vif_device *v = &mrt->vif_table[vifi];
0867 struct net_device *dev;
0868 struct inet6_dev *in6_dev;
0869 int err;
0870
0871
0872 if (VIF_EXISTS(mrt, vifi))
0873 return -EADDRINUSE;
0874
0875 switch (vifc->mif6c_flags) {
0876 #ifdef CONFIG_IPV6_PIMSM_V2
0877 case MIFF_REGISTER:
0878
0879
0880
0881
0882 if (mrt->mroute_reg_vif_num >= 0)
0883 return -EADDRINUSE;
0884 dev = ip6mr_reg_vif(net, mrt);
0885 if (!dev)
0886 return -ENOBUFS;
0887 err = dev_set_allmulti(dev, 1);
0888 if (err) {
0889 unregister_netdevice(dev);
0890 dev_put(dev);
0891 return err;
0892 }
0893 break;
0894 #endif
0895 case 0:
0896 dev = dev_get_by_index(net, vifc->mif6c_pifi);
0897 if (!dev)
0898 return -EADDRNOTAVAIL;
0899 err = dev_set_allmulti(dev, 1);
0900 if (err) {
0901 dev_put(dev);
0902 return err;
0903 }
0904 break;
0905 default:
0906 return -EINVAL;
0907 }
0908
0909 in6_dev = __in6_dev_get(dev);
0910 if (in6_dev) {
0911 atomic_inc(&in6_dev->cnf.mc_forwarding);
0912 inet6_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF,
0913 NETCONFA_MC_FORWARDING,
0914 dev->ifindex, &in6_dev->cnf);
0915 }
0916
0917
0918 vif_device_init(v, dev, vifc->vifc_rate_limit, vifc->vifc_threshold,
0919 vifc->mif6c_flags | (!mrtsock ? VIFF_STATIC : 0),
0920 MIFF_REGISTER);
0921
0922
0923 spin_lock(&mrt_lock);
0924 rcu_assign_pointer(v->dev, dev);
0925 netdev_tracker_alloc(dev, &v->dev_tracker, GFP_ATOMIC);
0926 #ifdef CONFIG_IPV6_PIMSM_V2
0927 if (v->flags & MIFF_REGISTER)
0928 WRITE_ONCE(mrt->mroute_reg_vif_num, vifi);
0929 #endif
0930 if (vifi + 1 > mrt->maxvif)
0931 WRITE_ONCE(mrt->maxvif, vifi + 1);
0932 spin_unlock(&mrt_lock);
0933 call_ip6mr_vif_entry_notifiers(net, FIB_EVENT_VIF_ADD,
0934 v, dev, vifi, mrt->id);
0935 return 0;
0936 }
0937
0938 static struct mfc6_cache *ip6mr_cache_find(struct mr_table *mrt,
0939 const struct in6_addr *origin,
0940 const struct in6_addr *mcastgrp)
0941 {
0942 struct mfc6_cache_cmp_arg arg = {
0943 .mf6c_origin = *origin,
0944 .mf6c_mcastgrp = *mcastgrp,
0945 };
0946
0947 return mr_mfc_find(mrt, &arg);
0948 }
0949
0950
0951 static struct mfc6_cache *ip6mr_cache_find_any(struct mr_table *mrt,
0952 struct in6_addr *mcastgrp,
0953 mifi_t mifi)
0954 {
0955 struct mfc6_cache_cmp_arg arg = {
0956 .mf6c_origin = in6addr_any,
0957 .mf6c_mcastgrp = *mcastgrp,
0958 };
0959
0960 if (ipv6_addr_any(mcastgrp))
0961 return mr_mfc_find_any_parent(mrt, mifi);
0962 return mr_mfc_find_any(mrt, mifi, &arg);
0963 }
0964
0965
0966 static struct mfc6_cache *
0967 ip6mr_cache_find_parent(struct mr_table *mrt,
0968 const struct in6_addr *origin,
0969 const struct in6_addr *mcastgrp,
0970 int parent)
0971 {
0972 struct mfc6_cache_cmp_arg arg = {
0973 .mf6c_origin = *origin,
0974 .mf6c_mcastgrp = *mcastgrp,
0975 };
0976
0977 return mr_mfc_find_parent(mrt, &arg, parent);
0978 }
0979
0980
0981 static struct mfc6_cache *ip6mr_cache_alloc(void)
0982 {
0983 struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_KERNEL);
0984 if (!c)
0985 return NULL;
0986 c->_c.mfc_un.res.last_assert = jiffies - MFC_ASSERT_THRESH - 1;
0987 c->_c.mfc_un.res.minvif = MAXMIFS;
0988 c->_c.free = ip6mr_cache_free_rcu;
0989 refcount_set(&c->_c.mfc_un.res.refcount, 1);
0990 return c;
0991 }
0992
0993 static struct mfc6_cache *ip6mr_cache_alloc_unres(void)
0994 {
0995 struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_ATOMIC);
0996 if (!c)
0997 return NULL;
0998 skb_queue_head_init(&c->_c.mfc_un.unres.unresolved);
0999 c->_c.mfc_un.unres.expires = jiffies + 10 * HZ;
1000 return c;
1001 }
1002
1003
1004
1005
1006
1007 static void ip6mr_cache_resolve(struct net *net, struct mr_table *mrt,
1008 struct mfc6_cache *uc, struct mfc6_cache *c)
1009 {
1010 struct sk_buff *skb;
1011
1012
1013
1014
1015
1016 while ((skb = __skb_dequeue(&uc->_c.mfc_un.unres.unresolved))) {
1017 if (ipv6_hdr(skb)->version == 0) {
1018 struct nlmsghdr *nlh = skb_pull(skb,
1019 sizeof(struct ipv6hdr));
1020
1021 if (mr_fill_mroute(mrt, skb, &c->_c,
1022 nlmsg_data(nlh)) > 0) {
1023 nlh->nlmsg_len = skb_tail_pointer(skb) - (u8 *)nlh;
1024 } else {
1025 nlh->nlmsg_type = NLMSG_ERROR;
1026 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr));
1027 skb_trim(skb, nlh->nlmsg_len);
1028 ((struct nlmsgerr *)nlmsg_data(nlh))->error = -EMSGSIZE;
1029 }
1030 rtnl_unicast(skb, net, NETLINK_CB(skb).portid);
1031 } else {
1032 rcu_read_lock();
1033 ip6_mr_forward(net, mrt, skb->dev, skb, c);
1034 rcu_read_unlock();
1035 }
1036 }
1037 }
1038
1039
1040
1041
1042
1043
1044
1045 static int ip6mr_cache_report(const struct mr_table *mrt, struct sk_buff *pkt,
1046 mifi_t mifi, int assert)
1047 {
1048 struct sock *mroute6_sk;
1049 struct sk_buff *skb;
1050 struct mrt6msg *msg;
1051 int ret;
1052
1053 #ifdef CONFIG_IPV6_PIMSM_V2
1054 if (assert == MRT6MSG_WHOLEPKT || assert == MRT6MSG_WRMIFWHOLE)
1055 skb = skb_realloc_headroom(pkt, -skb_network_offset(pkt)
1056 +sizeof(*msg));
1057 else
1058 #endif
1059 skb = alloc_skb(sizeof(struct ipv6hdr) + sizeof(*msg), GFP_ATOMIC);
1060
1061 if (!skb)
1062 return -ENOBUFS;
1063
1064
1065
1066
1067 skb->ip_summed = CHECKSUM_UNNECESSARY;
1068
1069 #ifdef CONFIG_IPV6_PIMSM_V2
1070 if (assert == MRT6MSG_WHOLEPKT || assert == MRT6MSG_WRMIFWHOLE) {
1071
1072
1073
1074
1075
1076 skb_push(skb, -skb_network_offset(pkt));
1077
1078 skb_push(skb, sizeof(*msg));
1079 skb_reset_transport_header(skb);
1080 msg = (struct mrt6msg *)skb_transport_header(skb);
1081 msg->im6_mbz = 0;
1082 msg->im6_msgtype = assert;
1083 if (assert == MRT6MSG_WRMIFWHOLE)
1084 msg->im6_mif = mifi;
1085 else
1086 msg->im6_mif = READ_ONCE(mrt->mroute_reg_vif_num);
1087 msg->im6_pad = 0;
1088 msg->im6_src = ipv6_hdr(pkt)->saddr;
1089 msg->im6_dst = ipv6_hdr(pkt)->daddr;
1090
1091 skb->ip_summed = CHECKSUM_UNNECESSARY;
1092 } else
1093 #endif
1094 {
1095
1096
1097
1098
1099 skb_put(skb, sizeof(struct ipv6hdr));
1100 skb_reset_network_header(skb);
1101 skb_copy_to_linear_data(skb, ipv6_hdr(pkt), sizeof(struct ipv6hdr));
1102
1103
1104
1105
1106 skb_put(skb, sizeof(*msg));
1107 skb_reset_transport_header(skb);
1108 msg = (struct mrt6msg *)skb_transport_header(skb);
1109
1110 msg->im6_mbz = 0;
1111 msg->im6_msgtype = assert;
1112 msg->im6_mif = mifi;
1113 msg->im6_pad = 0;
1114 msg->im6_src = ipv6_hdr(pkt)->saddr;
1115 msg->im6_dst = ipv6_hdr(pkt)->daddr;
1116
1117 skb_dst_set(skb, dst_clone(skb_dst(pkt)));
1118 skb->ip_summed = CHECKSUM_UNNECESSARY;
1119 }
1120
1121 mroute6_sk = rcu_dereference(mrt->mroute_sk);
1122 if (!mroute6_sk) {
1123 kfree_skb(skb);
1124 return -EINVAL;
1125 }
1126
1127 mrt6msg_netlink_event(mrt, skb);
1128
1129
1130 ret = sock_queue_rcv_skb(mroute6_sk, skb);
1131
1132 if (ret < 0) {
1133 net_warn_ratelimited("mroute6: pending queue full, dropping entries\n");
1134 kfree_skb(skb);
1135 }
1136
1137 return ret;
1138 }
1139
1140
1141 static int ip6mr_cache_unresolved(struct mr_table *mrt, mifi_t mifi,
1142 struct sk_buff *skb, struct net_device *dev)
1143 {
1144 struct mfc6_cache *c;
1145 bool found = false;
1146 int err;
1147
1148 spin_lock_bh(&mfc_unres_lock);
1149 list_for_each_entry(c, &mrt->mfc_unres_queue, _c.list) {
1150 if (ipv6_addr_equal(&c->mf6c_mcastgrp, &ipv6_hdr(skb)->daddr) &&
1151 ipv6_addr_equal(&c->mf6c_origin, &ipv6_hdr(skb)->saddr)) {
1152 found = true;
1153 break;
1154 }
1155 }
1156
1157 if (!found) {
1158
1159
1160
1161
1162 c = ip6mr_cache_alloc_unres();
1163 if (!c) {
1164 spin_unlock_bh(&mfc_unres_lock);
1165
1166 kfree_skb(skb);
1167 return -ENOBUFS;
1168 }
1169
1170
1171 c->_c.mfc_parent = -1;
1172 c->mf6c_origin = ipv6_hdr(skb)->saddr;
1173 c->mf6c_mcastgrp = ipv6_hdr(skb)->daddr;
1174
1175
1176
1177
1178 err = ip6mr_cache_report(mrt, skb, mifi, MRT6MSG_NOCACHE);
1179 if (err < 0) {
1180
1181
1182
1183 spin_unlock_bh(&mfc_unres_lock);
1184
1185 ip6mr_cache_free(c);
1186 kfree_skb(skb);
1187 return err;
1188 }
1189
1190 atomic_inc(&mrt->cache_resolve_queue_len);
1191 list_add(&c->_c.list, &mrt->mfc_unres_queue);
1192 mr6_netlink_event(mrt, c, RTM_NEWROUTE);
1193
1194 ipmr_do_expire_process(mrt);
1195 }
1196
1197
1198 if (c->_c.mfc_un.unres.unresolved.qlen > 3) {
1199 kfree_skb(skb);
1200 err = -ENOBUFS;
1201 } else {
1202 if (dev) {
1203 skb->dev = dev;
1204 skb->skb_iif = dev->ifindex;
1205 }
1206 skb_queue_tail(&c->_c.mfc_un.unres.unresolved, skb);
1207 err = 0;
1208 }
1209
1210 spin_unlock_bh(&mfc_unres_lock);
1211 return err;
1212 }
1213
1214
1215
1216
1217
1218 static int ip6mr_mfc_delete(struct mr_table *mrt, struct mf6cctl *mfc,
1219 int parent)
1220 {
1221 struct mfc6_cache *c;
1222
1223
1224 rcu_read_lock();
1225 c = ip6mr_cache_find_parent(mrt, &mfc->mf6cc_origin.sin6_addr,
1226 &mfc->mf6cc_mcastgrp.sin6_addr, parent);
1227 rcu_read_unlock();
1228 if (!c)
1229 return -ENOENT;
1230 rhltable_remove(&mrt->mfc_hash, &c->_c.mnode, ip6mr_rht_params);
1231 list_del_rcu(&c->_c.list);
1232
1233 call_ip6mr_mfc_entry_notifiers(read_pnet(&mrt->net),
1234 FIB_EVENT_ENTRY_DEL, c, mrt->id);
1235 mr6_netlink_event(mrt, c, RTM_DELROUTE);
1236 mr_cache_put(&c->_c);
1237 return 0;
1238 }
1239
1240 static int ip6mr_device_event(struct notifier_block *this,
1241 unsigned long event, void *ptr)
1242 {
1243 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1244 struct net *net = dev_net(dev);
1245 struct mr_table *mrt;
1246 struct vif_device *v;
1247 int ct;
1248
1249 if (event != NETDEV_UNREGISTER)
1250 return NOTIFY_DONE;
1251
1252 ip6mr_for_each_table(mrt, net) {
1253 v = &mrt->vif_table[0];
1254 for (ct = 0; ct < mrt->maxvif; ct++, v++) {
1255 if (rcu_access_pointer(v->dev) == dev)
1256 mif6_delete(mrt, ct, 1, NULL);
1257 }
1258 }
1259
1260 return NOTIFY_DONE;
1261 }
1262
1263 static unsigned int ip6mr_seq_read(struct net *net)
1264 {
1265 ASSERT_RTNL();
1266
1267 return net->ipv6.ipmr_seq + ip6mr_rules_seq_read(net);
1268 }
1269
1270 static int ip6mr_dump(struct net *net, struct notifier_block *nb,
1271 struct netlink_ext_ack *extack)
1272 {
1273 return mr_dump(net, nb, RTNL_FAMILY_IP6MR, ip6mr_rules_dump,
1274 ip6mr_mr_table_iter, extack);
1275 }
1276
1277 static struct notifier_block ip6_mr_notifier = {
1278 .notifier_call = ip6mr_device_event
1279 };
1280
1281 static const struct fib_notifier_ops ip6mr_notifier_ops_template = {
1282 .family = RTNL_FAMILY_IP6MR,
1283 .fib_seq_read = ip6mr_seq_read,
1284 .fib_dump = ip6mr_dump,
1285 .owner = THIS_MODULE,
1286 };
1287
1288 static int __net_init ip6mr_notifier_init(struct net *net)
1289 {
1290 struct fib_notifier_ops *ops;
1291
1292 net->ipv6.ipmr_seq = 0;
1293
1294 ops = fib_notifier_ops_register(&ip6mr_notifier_ops_template, net);
1295 if (IS_ERR(ops))
1296 return PTR_ERR(ops);
1297
1298 net->ipv6.ip6mr_notifier_ops = ops;
1299
1300 return 0;
1301 }
1302
1303 static void __net_exit ip6mr_notifier_exit(struct net *net)
1304 {
1305 fib_notifier_ops_unregister(net->ipv6.ip6mr_notifier_ops);
1306 net->ipv6.ip6mr_notifier_ops = NULL;
1307 }
1308
1309
1310 static int __net_init ip6mr_net_init(struct net *net)
1311 {
1312 int err;
1313
1314 err = ip6mr_notifier_init(net);
1315 if (err)
1316 return err;
1317
1318 err = ip6mr_rules_init(net);
1319 if (err < 0)
1320 goto ip6mr_rules_fail;
1321
1322 #ifdef CONFIG_PROC_FS
1323 err = -ENOMEM;
1324 if (!proc_create_net("ip6_mr_vif", 0, net->proc_net, &ip6mr_vif_seq_ops,
1325 sizeof(struct mr_vif_iter)))
1326 goto proc_vif_fail;
1327 if (!proc_create_net("ip6_mr_cache", 0, net->proc_net, &ipmr_mfc_seq_ops,
1328 sizeof(struct mr_mfc_iter)))
1329 goto proc_cache_fail;
1330 #endif
1331
1332 return 0;
1333
1334 #ifdef CONFIG_PROC_FS
1335 proc_cache_fail:
1336 remove_proc_entry("ip6_mr_vif", net->proc_net);
1337 proc_vif_fail:
1338 rtnl_lock();
1339 ip6mr_rules_exit(net);
1340 rtnl_unlock();
1341 #endif
1342 ip6mr_rules_fail:
1343 ip6mr_notifier_exit(net);
1344 return err;
1345 }
1346
1347 static void __net_exit ip6mr_net_exit(struct net *net)
1348 {
1349 #ifdef CONFIG_PROC_FS
1350 remove_proc_entry("ip6_mr_cache", net->proc_net);
1351 remove_proc_entry("ip6_mr_vif", net->proc_net);
1352 #endif
1353 ip6mr_notifier_exit(net);
1354 }
1355
1356 static void __net_exit ip6mr_net_exit_batch(struct list_head *net_list)
1357 {
1358 struct net *net;
1359
1360 rtnl_lock();
1361 list_for_each_entry(net, net_list, exit_list)
1362 ip6mr_rules_exit(net);
1363 rtnl_unlock();
1364 }
1365
1366 static struct pernet_operations ip6mr_net_ops = {
1367 .init = ip6mr_net_init,
1368 .exit = ip6mr_net_exit,
1369 .exit_batch = ip6mr_net_exit_batch,
1370 };
1371
1372 int __init ip6_mr_init(void)
1373 {
1374 int err;
1375
1376 mrt_cachep = kmem_cache_create("ip6_mrt_cache",
1377 sizeof(struct mfc6_cache),
1378 0, SLAB_HWCACHE_ALIGN,
1379 NULL);
1380 if (!mrt_cachep)
1381 return -ENOMEM;
1382
1383 err = register_pernet_subsys(&ip6mr_net_ops);
1384 if (err)
1385 goto reg_pernet_fail;
1386
1387 err = register_netdevice_notifier(&ip6_mr_notifier);
1388 if (err)
1389 goto reg_notif_fail;
1390 #ifdef CONFIG_IPV6_PIMSM_V2
1391 if (inet6_add_protocol(&pim6_protocol, IPPROTO_PIM) < 0) {
1392 pr_err("%s: can't add PIM protocol\n", __func__);
1393 err = -EAGAIN;
1394 goto add_proto_fail;
1395 }
1396 #endif
1397 err = rtnl_register_module(THIS_MODULE, RTNL_FAMILY_IP6MR, RTM_GETROUTE,
1398 ip6mr_rtm_getroute, ip6mr_rtm_dumproute, 0);
1399 if (err == 0)
1400 return 0;
1401
1402 #ifdef CONFIG_IPV6_PIMSM_V2
1403 inet6_del_protocol(&pim6_protocol, IPPROTO_PIM);
1404 add_proto_fail:
1405 unregister_netdevice_notifier(&ip6_mr_notifier);
1406 #endif
1407 reg_notif_fail:
1408 unregister_pernet_subsys(&ip6mr_net_ops);
1409 reg_pernet_fail:
1410 kmem_cache_destroy(mrt_cachep);
1411 return err;
1412 }
1413
1414 void ip6_mr_cleanup(void)
1415 {
1416 rtnl_unregister(RTNL_FAMILY_IP6MR, RTM_GETROUTE);
1417 #ifdef CONFIG_IPV6_PIMSM_V2
1418 inet6_del_protocol(&pim6_protocol, IPPROTO_PIM);
1419 #endif
1420 unregister_netdevice_notifier(&ip6_mr_notifier);
1421 unregister_pernet_subsys(&ip6mr_net_ops);
1422 kmem_cache_destroy(mrt_cachep);
1423 }
1424
1425 static int ip6mr_mfc_add(struct net *net, struct mr_table *mrt,
1426 struct mf6cctl *mfc, int mrtsock, int parent)
1427 {
1428 unsigned char ttls[MAXMIFS];
1429 struct mfc6_cache *uc, *c;
1430 struct mr_mfc *_uc;
1431 bool found;
1432 int i, err;
1433
1434 if (mfc->mf6cc_parent >= MAXMIFS)
1435 return -ENFILE;
1436
1437 memset(ttls, 255, MAXMIFS);
1438 for (i = 0; i < MAXMIFS; i++) {
1439 if (IF_ISSET(i, &mfc->mf6cc_ifset))
1440 ttls[i] = 1;
1441 }
1442
1443
1444 rcu_read_lock();
1445 c = ip6mr_cache_find_parent(mrt, &mfc->mf6cc_origin.sin6_addr,
1446 &mfc->mf6cc_mcastgrp.sin6_addr, parent);
1447 rcu_read_unlock();
1448 if (c) {
1449 spin_lock(&mrt_lock);
1450 c->_c.mfc_parent = mfc->mf6cc_parent;
1451 ip6mr_update_thresholds(mrt, &c->_c, ttls);
1452 if (!mrtsock)
1453 c->_c.mfc_flags |= MFC_STATIC;
1454 spin_unlock(&mrt_lock);
1455 call_ip6mr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_REPLACE,
1456 c, mrt->id);
1457 mr6_netlink_event(mrt, c, RTM_NEWROUTE);
1458 return 0;
1459 }
1460
1461 if (!ipv6_addr_any(&mfc->mf6cc_mcastgrp.sin6_addr) &&
1462 !ipv6_addr_is_multicast(&mfc->mf6cc_mcastgrp.sin6_addr))
1463 return -EINVAL;
1464
1465 c = ip6mr_cache_alloc();
1466 if (!c)
1467 return -ENOMEM;
1468
1469 c->mf6c_origin = mfc->mf6cc_origin.sin6_addr;
1470 c->mf6c_mcastgrp = mfc->mf6cc_mcastgrp.sin6_addr;
1471 c->_c.mfc_parent = mfc->mf6cc_parent;
1472 ip6mr_update_thresholds(mrt, &c->_c, ttls);
1473 if (!mrtsock)
1474 c->_c.mfc_flags |= MFC_STATIC;
1475
1476 err = rhltable_insert_key(&mrt->mfc_hash, &c->cmparg, &c->_c.mnode,
1477 ip6mr_rht_params);
1478 if (err) {
1479 pr_err("ip6mr: rhtable insert error %d\n", err);
1480 ip6mr_cache_free(c);
1481 return err;
1482 }
1483 list_add_tail_rcu(&c->_c.list, &mrt->mfc_cache_list);
1484
1485
1486
1487
1488 found = false;
1489 spin_lock_bh(&mfc_unres_lock);
1490 list_for_each_entry(_uc, &mrt->mfc_unres_queue, list) {
1491 uc = (struct mfc6_cache *)_uc;
1492 if (ipv6_addr_equal(&uc->mf6c_origin, &c->mf6c_origin) &&
1493 ipv6_addr_equal(&uc->mf6c_mcastgrp, &c->mf6c_mcastgrp)) {
1494 list_del(&_uc->list);
1495 atomic_dec(&mrt->cache_resolve_queue_len);
1496 found = true;
1497 break;
1498 }
1499 }
1500 if (list_empty(&mrt->mfc_unres_queue))
1501 del_timer(&mrt->ipmr_expire_timer);
1502 spin_unlock_bh(&mfc_unres_lock);
1503
1504 if (found) {
1505 ip6mr_cache_resolve(net, mrt, uc, c);
1506 ip6mr_cache_free(uc);
1507 }
1508 call_ip6mr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_ADD,
1509 c, mrt->id);
1510 mr6_netlink_event(mrt, c, RTM_NEWROUTE);
1511 return 0;
1512 }
1513
1514
1515
1516
1517
1518 static void mroute_clean_tables(struct mr_table *mrt, int flags)
1519 {
1520 struct mr_mfc *c, *tmp;
1521 LIST_HEAD(list);
1522 int i;
1523
1524
1525 if (flags & (MRT6_FLUSH_MIFS | MRT6_FLUSH_MIFS_STATIC)) {
1526 for (i = 0; i < mrt->maxvif; i++) {
1527 if (((mrt->vif_table[i].flags & VIFF_STATIC) &&
1528 !(flags & MRT6_FLUSH_MIFS_STATIC)) ||
1529 (!(mrt->vif_table[i].flags & VIFF_STATIC) && !(flags & MRT6_FLUSH_MIFS)))
1530 continue;
1531 mif6_delete(mrt, i, 0, &list);
1532 }
1533 unregister_netdevice_many(&list);
1534 }
1535
1536
1537 if (flags & (MRT6_FLUSH_MFC | MRT6_FLUSH_MFC_STATIC)) {
1538 list_for_each_entry_safe(c, tmp, &mrt->mfc_cache_list, list) {
1539 if (((c->mfc_flags & MFC_STATIC) && !(flags & MRT6_FLUSH_MFC_STATIC)) ||
1540 (!(c->mfc_flags & MFC_STATIC) && !(flags & MRT6_FLUSH_MFC)))
1541 continue;
1542 rhltable_remove(&mrt->mfc_hash, &c->mnode, ip6mr_rht_params);
1543 list_del_rcu(&c->list);
1544 call_ip6mr_mfc_entry_notifiers(read_pnet(&mrt->net),
1545 FIB_EVENT_ENTRY_DEL,
1546 (struct mfc6_cache *)c, mrt->id);
1547 mr6_netlink_event(mrt, (struct mfc6_cache *)c, RTM_DELROUTE);
1548 mr_cache_put(c);
1549 }
1550 }
1551
1552 if (flags & MRT6_FLUSH_MFC) {
1553 if (atomic_read(&mrt->cache_resolve_queue_len) != 0) {
1554 spin_lock_bh(&mfc_unres_lock);
1555 list_for_each_entry_safe(c, tmp, &mrt->mfc_unres_queue, list) {
1556 list_del(&c->list);
1557 mr6_netlink_event(mrt, (struct mfc6_cache *)c,
1558 RTM_DELROUTE);
1559 ip6mr_destroy_unres(mrt, (struct mfc6_cache *)c);
1560 }
1561 spin_unlock_bh(&mfc_unres_lock);
1562 }
1563 }
1564 }
1565
1566 static int ip6mr_sk_init(struct mr_table *mrt, struct sock *sk)
1567 {
1568 int err = 0;
1569 struct net *net = sock_net(sk);
1570
1571 rtnl_lock();
1572 spin_lock(&mrt_lock);
1573 if (rtnl_dereference(mrt->mroute_sk)) {
1574 err = -EADDRINUSE;
1575 } else {
1576 rcu_assign_pointer(mrt->mroute_sk, sk);
1577 sock_set_flag(sk, SOCK_RCU_FREE);
1578 atomic_inc(&net->ipv6.devconf_all->mc_forwarding);
1579 }
1580 spin_unlock(&mrt_lock);
1581
1582 if (!err)
1583 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF,
1584 NETCONFA_MC_FORWARDING,
1585 NETCONFA_IFINDEX_ALL,
1586 net->ipv6.devconf_all);
1587 rtnl_unlock();
1588
1589 return err;
1590 }
1591
1592 int ip6mr_sk_done(struct sock *sk)
1593 {
1594 struct net *net = sock_net(sk);
1595 struct ipv6_devconf *devconf;
1596 struct mr_table *mrt;
1597 int err = -EACCES;
1598
1599 if (sk->sk_type != SOCK_RAW ||
1600 inet_sk(sk)->inet_num != IPPROTO_ICMPV6)
1601 return err;
1602
1603 devconf = net->ipv6.devconf_all;
1604 if (!devconf || !atomic_read(&devconf->mc_forwarding))
1605 return err;
1606
1607 rtnl_lock();
1608 ip6mr_for_each_table(mrt, net) {
1609 if (sk == rtnl_dereference(mrt->mroute_sk)) {
1610 spin_lock(&mrt_lock);
1611 RCU_INIT_POINTER(mrt->mroute_sk, NULL);
1612
1613
1614
1615
1616 atomic_dec(&devconf->mc_forwarding);
1617 spin_unlock(&mrt_lock);
1618 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF,
1619 NETCONFA_MC_FORWARDING,
1620 NETCONFA_IFINDEX_ALL,
1621 net->ipv6.devconf_all);
1622
1623 mroute_clean_tables(mrt, MRT6_FLUSH_MIFS | MRT6_FLUSH_MFC);
1624 err = 0;
1625 break;
1626 }
1627 }
1628 rtnl_unlock();
1629
1630 return err;
1631 }
1632
1633 bool mroute6_is_socket(struct net *net, struct sk_buff *skb)
1634 {
1635 struct mr_table *mrt;
1636 struct flowi6 fl6 = {
1637 .flowi6_iif = skb->skb_iif ? : LOOPBACK_IFINDEX,
1638 .flowi6_oif = skb->dev->ifindex,
1639 .flowi6_mark = skb->mark,
1640 };
1641
1642 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0)
1643 return NULL;
1644
1645 return rcu_access_pointer(mrt->mroute_sk);
1646 }
1647 EXPORT_SYMBOL(mroute6_is_socket);
1648
1649
1650
1651
1652
1653
1654
1655
1656 int ip6_mroute_setsockopt(struct sock *sk, int optname, sockptr_t optval,
1657 unsigned int optlen)
1658 {
1659 int ret, parent = 0;
1660 struct mif6ctl vif;
1661 struct mf6cctl mfc;
1662 mifi_t mifi;
1663 struct net *net = sock_net(sk);
1664 struct mr_table *mrt;
1665
1666 if (sk->sk_type != SOCK_RAW ||
1667 inet_sk(sk)->inet_num != IPPROTO_ICMPV6)
1668 return -EOPNOTSUPP;
1669
1670 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1671 if (!mrt)
1672 return -ENOENT;
1673
1674 if (optname != MRT6_INIT) {
1675 if (sk != rcu_access_pointer(mrt->mroute_sk) &&
1676 !ns_capable(net->user_ns, CAP_NET_ADMIN))
1677 return -EACCES;
1678 }
1679
1680 switch (optname) {
1681 case MRT6_INIT:
1682 if (optlen < sizeof(int))
1683 return -EINVAL;
1684
1685 return ip6mr_sk_init(mrt, sk);
1686
1687 case MRT6_DONE:
1688 return ip6mr_sk_done(sk);
1689
1690 case MRT6_ADD_MIF:
1691 if (optlen < sizeof(vif))
1692 return -EINVAL;
1693 if (copy_from_sockptr(&vif, optval, sizeof(vif)))
1694 return -EFAULT;
1695 if (vif.mif6c_mifi >= MAXMIFS)
1696 return -ENFILE;
1697 rtnl_lock();
1698 ret = mif6_add(net, mrt, &vif,
1699 sk == rtnl_dereference(mrt->mroute_sk));
1700 rtnl_unlock();
1701 return ret;
1702
1703 case MRT6_DEL_MIF:
1704 if (optlen < sizeof(mifi_t))
1705 return -EINVAL;
1706 if (copy_from_sockptr(&mifi, optval, sizeof(mifi_t)))
1707 return -EFAULT;
1708 rtnl_lock();
1709 ret = mif6_delete(mrt, mifi, 0, NULL);
1710 rtnl_unlock();
1711 return ret;
1712
1713
1714
1715
1716
1717 case MRT6_ADD_MFC:
1718 case MRT6_DEL_MFC:
1719 parent = -1;
1720 fallthrough;
1721 case MRT6_ADD_MFC_PROXY:
1722 case MRT6_DEL_MFC_PROXY:
1723 if (optlen < sizeof(mfc))
1724 return -EINVAL;
1725 if (copy_from_sockptr(&mfc, optval, sizeof(mfc)))
1726 return -EFAULT;
1727 if (parent == 0)
1728 parent = mfc.mf6cc_parent;
1729 rtnl_lock();
1730 if (optname == MRT6_DEL_MFC || optname == MRT6_DEL_MFC_PROXY)
1731 ret = ip6mr_mfc_delete(mrt, &mfc, parent);
1732 else
1733 ret = ip6mr_mfc_add(net, mrt, &mfc,
1734 sk ==
1735 rtnl_dereference(mrt->mroute_sk),
1736 parent);
1737 rtnl_unlock();
1738 return ret;
1739
1740 case MRT6_FLUSH:
1741 {
1742 int flags;
1743
1744 if (optlen != sizeof(flags))
1745 return -EINVAL;
1746 if (copy_from_sockptr(&flags, optval, sizeof(flags)))
1747 return -EFAULT;
1748 rtnl_lock();
1749 mroute_clean_tables(mrt, flags);
1750 rtnl_unlock();
1751 return 0;
1752 }
1753
1754
1755
1756
1757 case MRT6_ASSERT:
1758 {
1759 int v;
1760
1761 if (optlen != sizeof(v))
1762 return -EINVAL;
1763 if (copy_from_sockptr(&v, optval, sizeof(v)))
1764 return -EFAULT;
1765 mrt->mroute_do_assert = v;
1766 return 0;
1767 }
1768
1769 #ifdef CONFIG_IPV6_PIMSM_V2
1770 case MRT6_PIM:
1771 {
1772 bool do_wrmifwhole;
1773 int v;
1774
1775 if (optlen != sizeof(v))
1776 return -EINVAL;
1777 if (copy_from_sockptr(&v, optval, sizeof(v)))
1778 return -EFAULT;
1779
1780 do_wrmifwhole = (v == MRT6MSG_WRMIFWHOLE);
1781 v = !!v;
1782 rtnl_lock();
1783 ret = 0;
1784 if (v != mrt->mroute_do_pim) {
1785 mrt->mroute_do_pim = v;
1786 mrt->mroute_do_assert = v;
1787 mrt->mroute_do_wrvifwhole = do_wrmifwhole;
1788 }
1789 rtnl_unlock();
1790 return ret;
1791 }
1792
1793 #endif
1794 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES
1795 case MRT6_TABLE:
1796 {
1797 u32 v;
1798
1799 if (optlen != sizeof(u32))
1800 return -EINVAL;
1801 if (copy_from_sockptr(&v, optval, sizeof(v)))
1802 return -EFAULT;
1803
1804 if (v != RT_TABLE_DEFAULT && v >= 100000000)
1805 return -EINVAL;
1806 if (sk == rcu_access_pointer(mrt->mroute_sk))
1807 return -EBUSY;
1808
1809 rtnl_lock();
1810 ret = 0;
1811 mrt = ip6mr_new_table(net, v);
1812 if (IS_ERR(mrt))
1813 ret = PTR_ERR(mrt);
1814 else
1815 raw6_sk(sk)->ip6mr_table = v;
1816 rtnl_unlock();
1817 return ret;
1818 }
1819 #endif
1820
1821
1822
1823
1824 default:
1825 return -ENOPROTOOPT;
1826 }
1827 }
1828
1829
1830
1831
1832
1833 int ip6_mroute_getsockopt(struct sock *sk, int optname, char __user *optval,
1834 int __user *optlen)
1835 {
1836 int olr;
1837 int val;
1838 struct net *net = sock_net(sk);
1839 struct mr_table *mrt;
1840
1841 if (sk->sk_type != SOCK_RAW ||
1842 inet_sk(sk)->inet_num != IPPROTO_ICMPV6)
1843 return -EOPNOTSUPP;
1844
1845 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1846 if (!mrt)
1847 return -ENOENT;
1848
1849 switch (optname) {
1850 case MRT6_VERSION:
1851 val = 0x0305;
1852 break;
1853 #ifdef CONFIG_IPV6_PIMSM_V2
1854 case MRT6_PIM:
1855 val = mrt->mroute_do_pim;
1856 break;
1857 #endif
1858 case MRT6_ASSERT:
1859 val = mrt->mroute_do_assert;
1860 break;
1861 default:
1862 return -ENOPROTOOPT;
1863 }
1864
1865 if (get_user(olr, optlen))
1866 return -EFAULT;
1867
1868 olr = min_t(int, olr, sizeof(int));
1869 if (olr < 0)
1870 return -EINVAL;
1871
1872 if (put_user(olr, optlen))
1873 return -EFAULT;
1874 if (copy_to_user(optval, &val, olr))
1875 return -EFAULT;
1876 return 0;
1877 }
1878
1879
1880
1881
1882
1883 int ip6mr_ioctl(struct sock *sk, int cmd, void __user *arg)
1884 {
1885 struct sioc_sg_req6 sr;
1886 struct sioc_mif_req6 vr;
1887 struct vif_device *vif;
1888 struct mfc6_cache *c;
1889 struct net *net = sock_net(sk);
1890 struct mr_table *mrt;
1891
1892 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1893 if (!mrt)
1894 return -ENOENT;
1895
1896 switch (cmd) {
1897 case SIOCGETMIFCNT_IN6:
1898 if (copy_from_user(&vr, arg, sizeof(vr)))
1899 return -EFAULT;
1900 if (vr.mifi >= mrt->maxvif)
1901 return -EINVAL;
1902 vr.mifi = array_index_nospec(vr.mifi, mrt->maxvif);
1903 rcu_read_lock();
1904 vif = &mrt->vif_table[vr.mifi];
1905 if (VIF_EXISTS(mrt, vr.mifi)) {
1906 vr.icount = READ_ONCE(vif->pkt_in);
1907 vr.ocount = READ_ONCE(vif->pkt_out);
1908 vr.ibytes = READ_ONCE(vif->bytes_in);
1909 vr.obytes = READ_ONCE(vif->bytes_out);
1910 rcu_read_unlock();
1911
1912 if (copy_to_user(arg, &vr, sizeof(vr)))
1913 return -EFAULT;
1914 return 0;
1915 }
1916 rcu_read_unlock();
1917 return -EADDRNOTAVAIL;
1918 case SIOCGETSGCNT_IN6:
1919 if (copy_from_user(&sr, arg, sizeof(sr)))
1920 return -EFAULT;
1921
1922 rcu_read_lock();
1923 c = ip6mr_cache_find(mrt, &sr.src.sin6_addr, &sr.grp.sin6_addr);
1924 if (c) {
1925 sr.pktcnt = c->_c.mfc_un.res.pkt;
1926 sr.bytecnt = c->_c.mfc_un.res.bytes;
1927 sr.wrong_if = c->_c.mfc_un.res.wrong_if;
1928 rcu_read_unlock();
1929
1930 if (copy_to_user(arg, &sr, sizeof(sr)))
1931 return -EFAULT;
1932 return 0;
1933 }
1934 rcu_read_unlock();
1935 return -EADDRNOTAVAIL;
1936 default:
1937 return -ENOIOCTLCMD;
1938 }
1939 }
1940
1941 #ifdef CONFIG_COMPAT
1942 struct compat_sioc_sg_req6 {
1943 struct sockaddr_in6 src;
1944 struct sockaddr_in6 grp;
1945 compat_ulong_t pktcnt;
1946 compat_ulong_t bytecnt;
1947 compat_ulong_t wrong_if;
1948 };
1949
1950 struct compat_sioc_mif_req6 {
1951 mifi_t mifi;
1952 compat_ulong_t icount;
1953 compat_ulong_t ocount;
1954 compat_ulong_t ibytes;
1955 compat_ulong_t obytes;
1956 };
1957
1958 int ip6mr_compat_ioctl(struct sock *sk, unsigned int cmd, void __user *arg)
1959 {
1960 struct compat_sioc_sg_req6 sr;
1961 struct compat_sioc_mif_req6 vr;
1962 struct vif_device *vif;
1963 struct mfc6_cache *c;
1964 struct net *net = sock_net(sk);
1965 struct mr_table *mrt;
1966
1967 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1968 if (!mrt)
1969 return -ENOENT;
1970
1971 switch (cmd) {
1972 case SIOCGETMIFCNT_IN6:
1973 if (copy_from_user(&vr, arg, sizeof(vr)))
1974 return -EFAULT;
1975 if (vr.mifi >= mrt->maxvif)
1976 return -EINVAL;
1977 vr.mifi = array_index_nospec(vr.mifi, mrt->maxvif);
1978 rcu_read_lock();
1979 vif = &mrt->vif_table[vr.mifi];
1980 if (VIF_EXISTS(mrt, vr.mifi)) {
1981 vr.icount = READ_ONCE(vif->pkt_in);
1982 vr.ocount = READ_ONCE(vif->pkt_out);
1983 vr.ibytes = READ_ONCE(vif->bytes_in);
1984 vr.obytes = READ_ONCE(vif->bytes_out);
1985 rcu_read_unlock();
1986
1987 if (copy_to_user(arg, &vr, sizeof(vr)))
1988 return -EFAULT;
1989 return 0;
1990 }
1991 rcu_read_unlock();
1992 return -EADDRNOTAVAIL;
1993 case SIOCGETSGCNT_IN6:
1994 if (copy_from_user(&sr, arg, sizeof(sr)))
1995 return -EFAULT;
1996
1997 rcu_read_lock();
1998 c = ip6mr_cache_find(mrt, &sr.src.sin6_addr, &sr.grp.sin6_addr);
1999 if (c) {
2000 sr.pktcnt = c->_c.mfc_un.res.pkt;
2001 sr.bytecnt = c->_c.mfc_un.res.bytes;
2002 sr.wrong_if = c->_c.mfc_un.res.wrong_if;
2003 rcu_read_unlock();
2004
2005 if (copy_to_user(arg, &sr, sizeof(sr)))
2006 return -EFAULT;
2007 return 0;
2008 }
2009 rcu_read_unlock();
2010 return -EADDRNOTAVAIL;
2011 default:
2012 return -ENOIOCTLCMD;
2013 }
2014 }
2015 #endif
2016
2017 static inline int ip6mr_forward2_finish(struct net *net, struct sock *sk, struct sk_buff *skb)
2018 {
2019 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
2020 IPSTATS_MIB_OUTFORWDATAGRAMS);
2021 IP6_ADD_STATS(net, ip6_dst_idev(skb_dst(skb)),
2022 IPSTATS_MIB_OUTOCTETS, skb->len);
2023 return dst_output(net, sk, skb);
2024 }
2025
2026
2027
2028
2029
2030 static int ip6mr_forward2(struct net *net, struct mr_table *mrt,
2031 struct sk_buff *skb, int vifi)
2032 {
2033 struct vif_device *vif = &mrt->vif_table[vifi];
2034 struct net_device *vif_dev;
2035 struct ipv6hdr *ipv6h;
2036 struct dst_entry *dst;
2037 struct flowi6 fl6;
2038
2039 vif_dev = vif_dev_read(vif);
2040 if (!vif_dev)
2041 goto out_free;
2042
2043 #ifdef CONFIG_IPV6_PIMSM_V2
2044 if (vif->flags & MIFF_REGISTER) {
2045 WRITE_ONCE(vif->pkt_out, vif->pkt_out + 1);
2046 WRITE_ONCE(vif->bytes_out, vif->bytes_out + skb->len);
2047 vif_dev->stats.tx_bytes += skb->len;
2048 vif_dev->stats.tx_packets++;
2049 ip6mr_cache_report(mrt, skb, vifi, MRT6MSG_WHOLEPKT);
2050 goto out_free;
2051 }
2052 #endif
2053
2054 ipv6h = ipv6_hdr(skb);
2055
2056 fl6 = (struct flowi6) {
2057 .flowi6_oif = vif->link,
2058 .daddr = ipv6h->daddr,
2059 };
2060
2061 dst = ip6_route_output(net, NULL, &fl6);
2062 if (dst->error) {
2063 dst_release(dst);
2064 goto out_free;
2065 }
2066
2067 skb_dst_drop(skb);
2068 skb_dst_set(skb, dst);
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081 skb->dev = vif_dev;
2082 WRITE_ONCE(vif->pkt_out, vif->pkt_out + 1);
2083 WRITE_ONCE(vif->bytes_out, vif->bytes_out + skb->len);
2084
2085
2086
2087 if (skb_cow(skb, sizeof(*ipv6h) + LL_RESERVED_SPACE(vif_dev)))
2088 goto out_free;
2089
2090 ipv6h = ipv6_hdr(skb);
2091 ipv6h->hop_limit--;
2092
2093 IP6CB(skb)->flags |= IP6SKB_FORWARDED;
2094
2095 return NF_HOOK(NFPROTO_IPV6, NF_INET_FORWARD,
2096 net, NULL, skb, skb->dev, vif_dev,
2097 ip6mr_forward2_finish);
2098
2099 out_free:
2100 kfree_skb(skb);
2101 return 0;
2102 }
2103
2104
2105 static int ip6mr_find_vif(struct mr_table *mrt, struct net_device *dev)
2106 {
2107 int ct;
2108
2109
2110 for (ct = READ_ONCE(mrt->maxvif) - 1; ct >= 0; ct--) {
2111 if (rcu_access_pointer(mrt->vif_table[ct].dev) == dev)
2112 break;
2113 }
2114 return ct;
2115 }
2116
2117
2118 static void ip6_mr_forward(struct net *net, struct mr_table *mrt,
2119 struct net_device *dev, struct sk_buff *skb,
2120 struct mfc6_cache *c)
2121 {
2122 int psend = -1;
2123 int vif, ct;
2124 int true_vifi = ip6mr_find_vif(mrt, dev);
2125
2126 vif = c->_c.mfc_parent;
2127 c->_c.mfc_un.res.pkt++;
2128 c->_c.mfc_un.res.bytes += skb->len;
2129 c->_c.mfc_un.res.lastuse = jiffies;
2130
2131 if (ipv6_addr_any(&c->mf6c_origin) && true_vifi >= 0) {
2132 struct mfc6_cache *cache_proxy;
2133
2134
2135
2136
2137 cache_proxy = mr_mfc_find_any_parent(mrt, vif);
2138 if (cache_proxy &&
2139 cache_proxy->_c.mfc_un.res.ttls[true_vifi] < 255)
2140 goto forward;
2141 }
2142
2143
2144
2145
2146 if (rcu_access_pointer(mrt->vif_table[vif].dev) != dev) {
2147 c->_c.mfc_un.res.wrong_if++;
2148
2149 if (true_vifi >= 0 && mrt->mroute_do_assert &&
2150
2151
2152
2153
2154
2155 (mrt->mroute_do_pim ||
2156 c->_c.mfc_un.res.ttls[true_vifi] < 255) &&
2157 time_after(jiffies,
2158 c->_c.mfc_un.res.last_assert +
2159 MFC_ASSERT_THRESH)) {
2160 c->_c.mfc_un.res.last_assert = jiffies;
2161 ip6mr_cache_report(mrt, skb, true_vifi, MRT6MSG_WRONGMIF);
2162 if (mrt->mroute_do_wrvifwhole)
2163 ip6mr_cache_report(mrt, skb, true_vifi,
2164 MRT6MSG_WRMIFWHOLE);
2165 }
2166 goto dont_forward;
2167 }
2168
2169 forward:
2170 WRITE_ONCE(mrt->vif_table[vif].pkt_in,
2171 mrt->vif_table[vif].pkt_in + 1);
2172 WRITE_ONCE(mrt->vif_table[vif].bytes_in,
2173 mrt->vif_table[vif].bytes_in + skb->len);
2174
2175
2176
2177
2178 if (ipv6_addr_any(&c->mf6c_origin) &&
2179 ipv6_addr_any(&c->mf6c_mcastgrp)) {
2180 if (true_vifi >= 0 &&
2181 true_vifi != c->_c.mfc_parent &&
2182 ipv6_hdr(skb)->hop_limit >
2183 c->_c.mfc_un.res.ttls[c->_c.mfc_parent]) {
2184
2185
2186
2187
2188 psend = c->_c.mfc_parent;
2189 goto last_forward;
2190 }
2191 goto dont_forward;
2192 }
2193 for (ct = c->_c.mfc_un.res.maxvif - 1;
2194 ct >= c->_c.mfc_un.res.minvif; ct--) {
2195
2196 if ((!ipv6_addr_any(&c->mf6c_origin) || ct != true_vifi) &&
2197 ipv6_hdr(skb)->hop_limit > c->_c.mfc_un.res.ttls[ct]) {
2198 if (psend != -1) {
2199 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
2200 if (skb2)
2201 ip6mr_forward2(net, mrt, skb2, psend);
2202 }
2203 psend = ct;
2204 }
2205 }
2206 last_forward:
2207 if (psend != -1) {
2208 ip6mr_forward2(net, mrt, skb, psend);
2209 return;
2210 }
2211
2212 dont_forward:
2213 kfree_skb(skb);
2214 }
2215
2216
2217
2218
2219
2220
2221 int ip6_mr_input(struct sk_buff *skb)
2222 {
2223 struct mfc6_cache *cache;
2224 struct net *net = dev_net(skb->dev);
2225 struct mr_table *mrt;
2226 struct flowi6 fl6 = {
2227 .flowi6_iif = skb->dev->ifindex,
2228 .flowi6_mark = skb->mark,
2229 };
2230 int err;
2231 struct net_device *dev;
2232
2233
2234
2235
2236 dev = skb->dev;
2237 if (netif_is_l3_master(skb->dev)) {
2238 dev = dev_get_by_index_rcu(net, IPCB(skb)->iif);
2239 if (!dev) {
2240 kfree_skb(skb);
2241 return -ENODEV;
2242 }
2243 }
2244
2245 err = ip6mr_fib_lookup(net, &fl6, &mrt);
2246 if (err < 0) {
2247 kfree_skb(skb);
2248 return err;
2249 }
2250
2251 cache = ip6mr_cache_find(mrt,
2252 &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr);
2253 if (!cache) {
2254 int vif = ip6mr_find_vif(mrt, dev);
2255
2256 if (vif >= 0)
2257 cache = ip6mr_cache_find_any(mrt,
2258 &ipv6_hdr(skb)->daddr,
2259 vif);
2260 }
2261
2262
2263
2264
2265 if (!cache) {
2266 int vif;
2267
2268 vif = ip6mr_find_vif(mrt, dev);
2269 if (vif >= 0) {
2270 int err = ip6mr_cache_unresolved(mrt, vif, skb, dev);
2271
2272 return err;
2273 }
2274 kfree_skb(skb);
2275 return -ENODEV;
2276 }
2277
2278 ip6_mr_forward(net, mrt, dev, skb, cache);
2279
2280 return 0;
2281 }
2282
2283 int ip6mr_get_route(struct net *net, struct sk_buff *skb, struct rtmsg *rtm,
2284 u32 portid)
2285 {
2286 int err;
2287 struct mr_table *mrt;
2288 struct mfc6_cache *cache;
2289 struct rt6_info *rt = (struct rt6_info *)skb_dst(skb);
2290
2291 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT);
2292 if (!mrt)
2293 return -ENOENT;
2294
2295 rcu_read_lock();
2296 cache = ip6mr_cache_find(mrt, &rt->rt6i_src.addr, &rt->rt6i_dst.addr);
2297 if (!cache && skb->dev) {
2298 int vif = ip6mr_find_vif(mrt, skb->dev);
2299
2300 if (vif >= 0)
2301 cache = ip6mr_cache_find_any(mrt, &rt->rt6i_dst.addr,
2302 vif);
2303 }
2304
2305 if (!cache) {
2306 struct sk_buff *skb2;
2307 struct ipv6hdr *iph;
2308 struct net_device *dev;
2309 int vif;
2310
2311 dev = skb->dev;
2312 if (!dev || (vif = ip6mr_find_vif(mrt, dev)) < 0) {
2313 rcu_read_unlock();
2314 return -ENODEV;
2315 }
2316
2317
2318 skb2 = alloc_skb(sizeof(struct ipv6hdr), GFP_ATOMIC);
2319 if (!skb2) {
2320 rcu_read_unlock();
2321 return -ENOMEM;
2322 }
2323
2324 NETLINK_CB(skb2).portid = portid;
2325 skb_reset_transport_header(skb2);
2326
2327 skb_put(skb2, sizeof(struct ipv6hdr));
2328 skb_reset_network_header(skb2);
2329
2330 iph = ipv6_hdr(skb2);
2331 iph->version = 0;
2332 iph->priority = 0;
2333 iph->flow_lbl[0] = 0;
2334 iph->flow_lbl[1] = 0;
2335 iph->flow_lbl[2] = 0;
2336 iph->payload_len = 0;
2337 iph->nexthdr = IPPROTO_NONE;
2338 iph->hop_limit = 0;
2339 iph->saddr = rt->rt6i_src.addr;
2340 iph->daddr = rt->rt6i_dst.addr;
2341
2342 err = ip6mr_cache_unresolved(mrt, vif, skb2, dev);
2343 rcu_read_unlock();
2344
2345 return err;
2346 }
2347
2348 err = mr_fill_mroute(mrt, skb, &cache->_c, rtm);
2349 rcu_read_unlock();
2350 return err;
2351 }
2352
2353 static int ip6mr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb,
2354 u32 portid, u32 seq, struct mfc6_cache *c, int cmd,
2355 int flags)
2356 {
2357 struct nlmsghdr *nlh;
2358 struct rtmsg *rtm;
2359 int err;
2360
2361 nlh = nlmsg_put(skb, portid, seq, cmd, sizeof(*rtm), flags);
2362 if (!nlh)
2363 return -EMSGSIZE;
2364
2365 rtm = nlmsg_data(nlh);
2366 rtm->rtm_family = RTNL_FAMILY_IP6MR;
2367 rtm->rtm_dst_len = 128;
2368 rtm->rtm_src_len = 128;
2369 rtm->rtm_tos = 0;
2370 rtm->rtm_table = mrt->id;
2371 if (nla_put_u32(skb, RTA_TABLE, mrt->id))
2372 goto nla_put_failure;
2373 rtm->rtm_type = RTN_MULTICAST;
2374 rtm->rtm_scope = RT_SCOPE_UNIVERSE;
2375 if (c->_c.mfc_flags & MFC_STATIC)
2376 rtm->rtm_protocol = RTPROT_STATIC;
2377 else
2378 rtm->rtm_protocol = RTPROT_MROUTED;
2379 rtm->rtm_flags = 0;
2380
2381 if (nla_put_in6_addr(skb, RTA_SRC, &c->mf6c_origin) ||
2382 nla_put_in6_addr(skb, RTA_DST, &c->mf6c_mcastgrp))
2383 goto nla_put_failure;
2384 err = mr_fill_mroute(mrt, skb, &c->_c, rtm);
2385
2386 if (err < 0 && err != -ENOENT)
2387 goto nla_put_failure;
2388
2389 nlmsg_end(skb, nlh);
2390 return 0;
2391
2392 nla_put_failure:
2393 nlmsg_cancel(skb, nlh);
2394 return -EMSGSIZE;
2395 }
2396
2397 static int _ip6mr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb,
2398 u32 portid, u32 seq, struct mr_mfc *c,
2399 int cmd, int flags)
2400 {
2401 return ip6mr_fill_mroute(mrt, skb, portid, seq, (struct mfc6_cache *)c,
2402 cmd, flags);
2403 }
2404
2405 static int mr6_msgsize(bool unresolved, int maxvif)
2406 {
2407 size_t len =
2408 NLMSG_ALIGN(sizeof(struct rtmsg))
2409 + nla_total_size(4)
2410 + nla_total_size(sizeof(struct in6_addr))
2411 + nla_total_size(sizeof(struct in6_addr))
2412 ;
2413
2414 if (!unresolved)
2415 len = len
2416 + nla_total_size(4)
2417 + nla_total_size(0)
2418 + maxvif * NLA_ALIGN(sizeof(struct rtnexthop))
2419
2420 + nla_total_size_64bit(sizeof(struct rta_mfc_stats))
2421 ;
2422
2423 return len;
2424 }
2425
2426 static void mr6_netlink_event(struct mr_table *mrt, struct mfc6_cache *mfc,
2427 int cmd)
2428 {
2429 struct net *net = read_pnet(&mrt->net);
2430 struct sk_buff *skb;
2431 int err = -ENOBUFS;
2432
2433 skb = nlmsg_new(mr6_msgsize(mfc->_c.mfc_parent >= MAXMIFS, mrt->maxvif),
2434 GFP_ATOMIC);
2435 if (!skb)
2436 goto errout;
2437
2438 err = ip6mr_fill_mroute(mrt, skb, 0, 0, mfc, cmd, 0);
2439 if (err < 0)
2440 goto errout;
2441
2442 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_MROUTE, NULL, GFP_ATOMIC);
2443 return;
2444
2445 errout:
2446 kfree_skb(skb);
2447 if (err < 0)
2448 rtnl_set_sk_err(net, RTNLGRP_IPV6_MROUTE, err);
2449 }
2450
2451 static size_t mrt6msg_netlink_msgsize(size_t payloadlen)
2452 {
2453 size_t len =
2454 NLMSG_ALIGN(sizeof(struct rtgenmsg))
2455 + nla_total_size(1)
2456 + nla_total_size(4)
2457
2458 + nla_total_size(sizeof(struct in6_addr))
2459
2460 + nla_total_size(sizeof(struct in6_addr))
2461
2462 + nla_total_size(payloadlen)
2463 ;
2464
2465 return len;
2466 }
2467
2468 static void mrt6msg_netlink_event(const struct mr_table *mrt, struct sk_buff *pkt)
2469 {
2470 struct net *net = read_pnet(&mrt->net);
2471 struct nlmsghdr *nlh;
2472 struct rtgenmsg *rtgenm;
2473 struct mrt6msg *msg;
2474 struct sk_buff *skb;
2475 struct nlattr *nla;
2476 int payloadlen;
2477
2478 payloadlen = pkt->len - sizeof(struct mrt6msg);
2479 msg = (struct mrt6msg *)skb_transport_header(pkt);
2480
2481 skb = nlmsg_new(mrt6msg_netlink_msgsize(payloadlen), GFP_ATOMIC);
2482 if (!skb)
2483 goto errout;
2484
2485 nlh = nlmsg_put(skb, 0, 0, RTM_NEWCACHEREPORT,
2486 sizeof(struct rtgenmsg), 0);
2487 if (!nlh)
2488 goto errout;
2489 rtgenm = nlmsg_data(nlh);
2490 rtgenm->rtgen_family = RTNL_FAMILY_IP6MR;
2491 if (nla_put_u8(skb, IP6MRA_CREPORT_MSGTYPE, msg->im6_msgtype) ||
2492 nla_put_u32(skb, IP6MRA_CREPORT_MIF_ID, msg->im6_mif) ||
2493 nla_put_in6_addr(skb, IP6MRA_CREPORT_SRC_ADDR,
2494 &msg->im6_src) ||
2495 nla_put_in6_addr(skb, IP6MRA_CREPORT_DST_ADDR,
2496 &msg->im6_dst))
2497 goto nla_put_failure;
2498
2499 nla = nla_reserve(skb, IP6MRA_CREPORT_PKT, payloadlen);
2500 if (!nla || skb_copy_bits(pkt, sizeof(struct mrt6msg),
2501 nla_data(nla), payloadlen))
2502 goto nla_put_failure;
2503
2504 nlmsg_end(skb, nlh);
2505
2506 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_MROUTE_R, NULL, GFP_ATOMIC);
2507 return;
2508
2509 nla_put_failure:
2510 nlmsg_cancel(skb, nlh);
2511 errout:
2512 kfree_skb(skb);
2513 rtnl_set_sk_err(net, RTNLGRP_IPV6_MROUTE_R, -ENOBUFS);
2514 }
2515
2516 static const struct nla_policy ip6mr_getroute_policy[RTA_MAX + 1] = {
2517 [RTA_SRC] = NLA_POLICY_EXACT_LEN(sizeof(struct in6_addr)),
2518 [RTA_DST] = NLA_POLICY_EXACT_LEN(sizeof(struct in6_addr)),
2519 [RTA_TABLE] = { .type = NLA_U32 },
2520 };
2521
2522 static int ip6mr_rtm_valid_getroute_req(struct sk_buff *skb,
2523 const struct nlmsghdr *nlh,
2524 struct nlattr **tb,
2525 struct netlink_ext_ack *extack)
2526 {
2527 struct rtmsg *rtm;
2528 int err;
2529
2530 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, ip6mr_getroute_policy,
2531 extack);
2532 if (err)
2533 return err;
2534
2535 rtm = nlmsg_data(nlh);
2536 if ((rtm->rtm_src_len && rtm->rtm_src_len != 128) ||
2537 (rtm->rtm_dst_len && rtm->rtm_dst_len != 128) ||
2538 rtm->rtm_tos || rtm->rtm_table || rtm->rtm_protocol ||
2539 rtm->rtm_scope || rtm->rtm_type || rtm->rtm_flags) {
2540 NL_SET_ERR_MSG_MOD(extack,
2541 "Invalid values in header for multicast route get request");
2542 return -EINVAL;
2543 }
2544
2545 if ((tb[RTA_SRC] && !rtm->rtm_src_len) ||
2546 (tb[RTA_DST] && !rtm->rtm_dst_len)) {
2547 NL_SET_ERR_MSG_MOD(extack, "rtm_src_len and rtm_dst_len must be 128 for IPv6");
2548 return -EINVAL;
2549 }
2550
2551 return 0;
2552 }
2553
2554 static int ip6mr_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh,
2555 struct netlink_ext_ack *extack)
2556 {
2557 struct net *net = sock_net(in_skb->sk);
2558 struct in6_addr src = {}, grp = {};
2559 struct nlattr *tb[RTA_MAX + 1];
2560 struct mfc6_cache *cache;
2561 struct mr_table *mrt;
2562 struct sk_buff *skb;
2563 u32 tableid;
2564 int err;
2565
2566 err = ip6mr_rtm_valid_getroute_req(in_skb, nlh, tb, extack);
2567 if (err < 0)
2568 return err;
2569
2570 if (tb[RTA_SRC])
2571 src = nla_get_in6_addr(tb[RTA_SRC]);
2572 if (tb[RTA_DST])
2573 grp = nla_get_in6_addr(tb[RTA_DST]);
2574 tableid = tb[RTA_TABLE] ? nla_get_u32(tb[RTA_TABLE]) : 0;
2575
2576 mrt = ip6mr_get_table(net, tableid ?: RT_TABLE_DEFAULT);
2577 if (!mrt) {
2578 NL_SET_ERR_MSG_MOD(extack, "MR table does not exist");
2579 return -ENOENT;
2580 }
2581
2582
2583 rcu_read_lock();
2584 cache = ip6mr_cache_find(mrt, &src, &grp);
2585 rcu_read_unlock();
2586 if (!cache) {
2587 NL_SET_ERR_MSG_MOD(extack, "MR cache entry not found");
2588 return -ENOENT;
2589 }
2590
2591 skb = nlmsg_new(mr6_msgsize(false, mrt->maxvif), GFP_KERNEL);
2592 if (!skb)
2593 return -ENOBUFS;
2594
2595 err = ip6mr_fill_mroute(mrt, skb, NETLINK_CB(in_skb).portid,
2596 nlh->nlmsg_seq, cache, RTM_NEWROUTE, 0);
2597 if (err < 0) {
2598 kfree_skb(skb);
2599 return err;
2600 }
2601
2602 return rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
2603 }
2604
2605 static int ip6mr_rtm_dumproute(struct sk_buff *skb, struct netlink_callback *cb)
2606 {
2607 const struct nlmsghdr *nlh = cb->nlh;
2608 struct fib_dump_filter filter = {};
2609 int err;
2610
2611 if (cb->strict_check) {
2612 err = ip_valid_fib_dump_req(sock_net(skb->sk), nlh,
2613 &filter, cb);
2614 if (err < 0)
2615 return err;
2616 }
2617
2618 if (filter.table_id) {
2619 struct mr_table *mrt;
2620
2621 mrt = ip6mr_get_table(sock_net(skb->sk), filter.table_id);
2622 if (!mrt) {
2623 if (rtnl_msg_family(cb->nlh) != RTNL_FAMILY_IP6MR)
2624 return skb->len;
2625
2626 NL_SET_ERR_MSG_MOD(cb->extack, "MR table does not exist");
2627 return -ENOENT;
2628 }
2629 err = mr_table_dump(mrt, skb, cb, _ip6mr_fill_mroute,
2630 &mfc_unres_lock, &filter);
2631 return skb->len ? : err;
2632 }
2633
2634 return mr_rtm_dumproute(skb, cb, ip6mr_mr_table_iter,
2635 _ip6mr_fill_mroute, &mfc_unres_lock, &filter);
2636 }
