1 /* 2 * IP multicast routing support for mrouted 3.6/3.8 3 * 4 * (c) 1995 Alan Cox, <alan@lxorguk.ukuu.org.uk> 5 * Linux Consultancy and Custom Driver Development 6 * 7 * This program is free software; you can redistribute it and/or 8 * modify it under the terms of the GNU General Public License 9 * as published by the Free Software Foundation; either version 10 * 2 of the License, or (at your option) any later version. 11 * 12 * Fixes: 13 * Michael Chastain : Incorrect size of copying. 14 * Alan Cox : Added the cache manager code 15 * Alan Cox : Fixed the clone/copy bug and device race. 16 * Mike McLagan : Routing by source 17 * Malcolm Beattie : Buffer handling fixes. 18 * Alexey Kuznetsov : Double buffer free and other fixes. 19 * SVR Anand : Fixed several multicast bugs and problems. 20 * Alexey Kuznetsov : Status, optimisations and more. 21 * Brad Parker : Better behaviour on mrouted upcall 22 * overflow. 23 * Carlos Picoto : PIMv1 Support 24 * Pavlin Ivanov Radoslavov: PIMv2 Registers must checksum only PIM header 25 * Relax this requirement to work with older peers. 26 * 27 */ 28 29 #include <linux/uaccess.h> 30 #include <linux/types.h> 31 #include <linux/cache.h> 32 #include <linux/capability.h> 33 #include <linux/errno.h> 34 #include <linux/mm.h> 35 #include <linux/kernel.h> 36 #include <linux/fcntl.h> 37 #include <linux/stat.h> 38 #include <linux/socket.h> 39 #include <linux/in.h> 40 #include <linux/inet.h> 41 #include <linux/netdevice.h> 42 #include <linux/inetdevice.h> 43 #include <linux/igmp.h> 44 #include <linux/proc_fs.h> 45 #include <linux/seq_file.h> 46 #include <linux/mroute.h> 47 #include <linux/init.h> 48 #include <linux/if_ether.h> 49 #include <linux/slab.h> 50 #include <net/net_namespace.h> 51 #include <net/ip.h> 52 #include <net/protocol.h> 53 #include <linux/skbuff.h> 54 #include <net/route.h> 55 #include <net/icmp.h> 56 #include <net/udp.h> 57 #include <net/raw.h> 58 #include <linux/notifier.h> 59 #include <linux/if_arp.h> 60 #include <linux/netfilter_ipv4.h> 61 #include <linux/compat.h> 62 #include <linux/export.h> 63 #include <net/ip_tunnels.h> 64 #include <net/checksum.h> 65 #include <net/netlink.h> 66 #include <net/fib_rules.h> 67 #include <linux/netconf.h> 68 #include <net/nexthop.h> 69 #include <net/switchdev.h> 70 71 struct ipmr_rule { 72 struct fib_rule common; 73 }; 74 75 struct ipmr_result { 76 struct mr_table *mrt; 77 }; 78 79 /* Big lock, protecting vif table, mrt cache and mroute socket state. 80 * Note that the changes are semaphored via rtnl_lock. 81 */ 82 83 static DEFINE_RWLOCK(mrt_lock); 84 85 /* Multicast router control variables */ 86 87 /* Special spinlock for queue of unresolved entries */ 88 static DEFINE_SPINLOCK(mfc_unres_lock); 89 90 /* We return to original Alan's scheme. Hash table of resolved 91 * entries is changed only in process context and protected 92 * with weak lock mrt_lock. Queue of unresolved entries is protected 93 * with strong spinlock mfc_unres_lock. 94 * 95 * In this case data path is free of exclusive locks at all. 96 */ 97 98 static struct kmem_cache *mrt_cachep __ro_after_init; 99 100 static struct mr_table *ipmr_new_table(struct net *net, u32 id); 101 static void ipmr_free_table(struct mr_table *mrt); 102 103 static void ip_mr_forward(struct net *net, struct mr_table *mrt, 104 struct net_device *dev, struct sk_buff *skb, 105 struct mfc_cache *cache, int local); 106 static int ipmr_cache_report(struct mr_table *mrt, 107 struct sk_buff *pkt, vifi_t vifi, int assert); 108 static void mroute_netlink_event(struct mr_table *mrt, struct mfc_cache *mfc, 109 int cmd); 110 static void igmpmsg_netlink_event(struct mr_table *mrt, struct sk_buff *pkt); 111 static void mroute_clean_tables(struct mr_table *mrt, bool all); 112 static void ipmr_expire_process(struct timer_list *t); 113 114 #ifdef CONFIG_IP_MROUTE_MULTIPLE_TABLES 115 #define ipmr_for_each_table(mrt, net) \ 116 list_for_each_entry_rcu(mrt, &net->ipv4.mr_tables, list) 117 118 static struct mr_table *ipmr_mr_table_iter(struct net *net, 119 struct mr_table *mrt) 120 { 121 struct mr_table *ret; 122 123 if (!mrt) 124 ret = list_entry_rcu(net->ipv4.mr_tables.next, 125 struct mr_table, list); 126 else 127 ret = list_entry_rcu(mrt->list.next, 128 struct mr_table, list); 129 130 if (&ret->list == &net->ipv4.mr_tables) 131 return NULL; 132 return ret; 133 } 134 135 static struct mr_table *ipmr_get_table(struct net *net, u32 id) 136 { 137 struct mr_table *mrt; 138 139 ipmr_for_each_table(mrt, net) { 140 if (mrt->id == id) 141 return mrt; 142 } 143 return NULL; 144 } 145 146 static int ipmr_fib_lookup(struct net *net, struct flowi4 *flp4, 147 struct mr_table **mrt) 148 { 149 int err; 150 struct ipmr_result res; 151 struct fib_lookup_arg arg = { 152 .result = &res, 153 .flags = FIB_LOOKUP_NOREF, 154 }; 155 156 /* update flow if oif or iif point to device enslaved to l3mdev */ 157 l3mdev_update_flow(net, flowi4_to_flowi(flp4)); 158 159 err = fib_rules_lookup(net->ipv4.mr_rules_ops, 160 flowi4_to_flowi(flp4), 0, &arg); 161 if (err < 0) 162 return err; 163 *mrt = res.mrt; 164 return 0; 165 } 166 167 static int ipmr_rule_action(struct fib_rule *rule, struct flowi *flp, 168 int flags, struct fib_lookup_arg *arg) 169 { 170 struct ipmr_result *res = arg->result; 171 struct mr_table *mrt; 172 173 switch (rule->action) { 174 case FR_ACT_TO_TBL: 175 break; 176 case FR_ACT_UNREACHABLE: 177 return -ENETUNREACH; 178 case FR_ACT_PROHIBIT: 179 return -EACCES; 180 case FR_ACT_BLACKHOLE: 181 default: 182 return -EINVAL; 183 } 184 185 arg->table = fib_rule_get_table(rule, arg); 186 187 mrt = ipmr_get_table(rule->fr_net, arg->table); 188 if (!mrt) 189 return -EAGAIN; 190 res->mrt = mrt; 191 return 0; 192 } 193 194 static int ipmr_rule_match(struct fib_rule *rule, struct flowi *fl, int flags) 195 { 196 return 1; 197 } 198 199 static const struct nla_policy ipmr_rule_policy[FRA_MAX + 1] = { 200 FRA_GENERIC_POLICY, 201 }; 202 203 static int ipmr_rule_configure(struct fib_rule *rule, struct sk_buff *skb, 204 struct fib_rule_hdr *frh, struct nlattr **tb, 205 struct netlink_ext_ack *extack) 206 { 207 return 0; 208 } 209 210 static int ipmr_rule_compare(struct fib_rule *rule, struct fib_rule_hdr *frh, 211 struct nlattr **tb) 212 { 213 return 1; 214 } 215 216 static int ipmr_rule_fill(struct fib_rule *rule, struct sk_buff *skb, 217 struct fib_rule_hdr *frh) 218 { 219 frh->dst_len = 0; 220 frh->src_len = 0; 221 frh->tos = 0; 222 return 0; 223 } 224 225 static const struct fib_rules_ops __net_initconst ipmr_rules_ops_template = { 226 .family = RTNL_FAMILY_IPMR, 227 .rule_size = sizeof(struct ipmr_rule), 228 .addr_size = sizeof(u32), 229 .action = ipmr_rule_action, 230 .match = ipmr_rule_match, 231 .configure = ipmr_rule_configure, 232 .compare = ipmr_rule_compare, 233 .fill = ipmr_rule_fill, 234 .nlgroup = RTNLGRP_IPV4_RULE, 235 .policy = ipmr_rule_policy, 236 .owner = THIS_MODULE, 237 }; 238 239 static int __net_init ipmr_rules_init(struct net *net) 240 { 241 struct fib_rules_ops *ops; 242 struct mr_table *mrt; 243 int err; 244 245 ops = fib_rules_register(&ipmr_rules_ops_template, net); 246 if (IS_ERR(ops)) 247 return PTR_ERR(ops); 248 249 INIT_LIST_HEAD(&net->ipv4.mr_tables); 250 251 mrt = ipmr_new_table(net, RT_TABLE_DEFAULT); 252 if (IS_ERR(mrt)) { 253 err = PTR_ERR(mrt); 254 goto err1; 255 } 256 257 err = fib_default_rule_add(ops, 0x7fff, RT_TABLE_DEFAULT, 0); 258 if (err < 0) 259 goto err2; 260 261 net->ipv4.mr_rules_ops = ops; 262 return 0; 263 264 err2: 265 ipmr_free_table(mrt); 266 err1: 267 fib_rules_unregister(ops); 268 return err; 269 } 270 271 static void __net_exit ipmr_rules_exit(struct net *net) 272 { 273 struct mr_table *mrt, *next; 274 275 rtnl_lock(); 276 list_for_each_entry_safe(mrt, next, &net->ipv4.mr_tables, list) { 277 list_del(&mrt->list); 278 ipmr_free_table(mrt); 279 } 280 fib_rules_unregister(net->ipv4.mr_rules_ops); 281 rtnl_unlock(); 282 } 283 284 static int ipmr_rules_dump(struct net *net, struct notifier_block *nb) 285 { 286 return fib_rules_dump(net, nb, RTNL_FAMILY_IPMR); 287 } 288 289 static unsigned int ipmr_rules_seq_read(struct net *net) 290 { 291 return fib_rules_seq_read(net, RTNL_FAMILY_IPMR); 292 } 293 294 bool ipmr_rule_default(const struct fib_rule *rule) 295 { 296 return fib_rule_matchall(rule) && rule->table == RT_TABLE_DEFAULT; 297 } 298 EXPORT_SYMBOL(ipmr_rule_default); 299 #else 300 #define ipmr_for_each_table(mrt, net) \ 301 for (mrt = net->ipv4.mrt; mrt; mrt = NULL) 302 303 static struct mr_table *ipmr_mr_table_iter(struct net *net, 304 struct mr_table *mrt) 305 { 306 if (!mrt) 307 return net->ipv4.mrt; 308 return NULL; 309 } 310 311 static struct mr_table *ipmr_get_table(struct net *net, u32 id) 312 { 313 return net->ipv4.mrt; 314 } 315 316 static int ipmr_fib_lookup(struct net *net, struct flowi4 *flp4, 317 struct mr_table **mrt) 318 { 319 *mrt = net->ipv4.mrt; 320 return 0; 321 } 322 323 static int __net_init ipmr_rules_init(struct net *net) 324 { 325 struct mr_table *mrt; 326 327 mrt = ipmr_new_table(net, RT_TABLE_DEFAULT); 328 if (IS_ERR(mrt)) 329 return PTR_ERR(mrt); 330 net->ipv4.mrt = mrt; 331 return 0; 332 } 333 334 static void __net_exit ipmr_rules_exit(struct net *net) 335 { 336 rtnl_lock(); 337 ipmr_free_table(net->ipv4.mrt); 338 net->ipv4.mrt = NULL; 339 rtnl_unlock(); 340 } 341 342 static int ipmr_rules_dump(struct net *net, struct notifier_block *nb) 343 { 344 return 0; 345 } 346 347 static unsigned int ipmr_rules_seq_read(struct net *net) 348 { 349 return 0; 350 } 351 352 bool ipmr_rule_default(const struct fib_rule *rule) 353 { 354 return true; 355 } 356 EXPORT_SYMBOL(ipmr_rule_default); 357 #endif 358 359 static inline int ipmr_hash_cmp(struct rhashtable_compare_arg *arg, 360 const void *ptr) 361 { 362 const struct mfc_cache_cmp_arg *cmparg = arg->key; 363 struct mfc_cache *c = (struct mfc_cache *)ptr; 364 365 return cmparg->mfc_mcastgrp != c->mfc_mcastgrp || 366 cmparg->mfc_origin != c->mfc_origin; 367 } 368 369 static const struct rhashtable_params ipmr_rht_params = { 370 .head_offset = offsetof(struct mr_mfc, mnode), 371 .key_offset = offsetof(struct mfc_cache, cmparg), 372 .key_len = sizeof(struct mfc_cache_cmp_arg), 373 .nelem_hint = 3, 374 .locks_mul = 1, 375 .obj_cmpfn = ipmr_hash_cmp, 376 .automatic_shrinking = true, 377 }; 378 379 static void ipmr_new_table_set(struct mr_table *mrt, 380 struct net *net) 381 { 382 #ifdef CONFIG_IP_MROUTE_MULTIPLE_TABLES 383 list_add_tail_rcu(&mrt->list, &net->ipv4.mr_tables); 384 #endif 385 } 386 387 static struct mfc_cache_cmp_arg ipmr_mr_table_ops_cmparg_any = { 388 .mfc_mcastgrp = htonl(INADDR_ANY), 389 .mfc_origin = htonl(INADDR_ANY), 390 }; 391 392 static struct mr_table_ops ipmr_mr_table_ops = { 393 .rht_params = &ipmr_rht_params, 394 .cmparg_any = &ipmr_mr_table_ops_cmparg_any, 395 }; 396 397 static struct mr_table *ipmr_new_table(struct net *net, u32 id) 398 { 399 struct mr_table *mrt; 400 401 /* "pimreg%u" should not exceed 16 bytes (IFNAMSIZ) */ 402 if (id != RT_TABLE_DEFAULT && id >= 1000000000) 403 return ERR_PTR(-EINVAL); 404 405 mrt = ipmr_get_table(net, id); 406 if (mrt) 407 return mrt; 408 409 return mr_table_alloc(net, id, &ipmr_mr_table_ops, 410 ipmr_expire_process, ipmr_new_table_set); 411 } 412 413 static void ipmr_free_table(struct mr_table *mrt) 414 { 415 del_timer_sync(&mrt->ipmr_expire_timer); 416 mroute_clean_tables(mrt, true); 417 rhltable_destroy(&mrt->mfc_hash); 418 kfree(mrt); 419 } 420 421 /* Service routines creating virtual interfaces: DVMRP tunnels and PIMREG */ 422 423 static void ipmr_del_tunnel(struct net_device *dev, struct vifctl *v) 424 { 425 struct net *net = dev_net(dev); 426 427 dev_close(dev); 428 429 dev = __dev_get_by_name(net, "tunl0"); 430 if (dev) { 431 const struct net_device_ops *ops = dev->netdev_ops; 432 struct ifreq ifr; 433 struct ip_tunnel_parm p; 434 435 memset(&p, 0, sizeof(p)); 436 p.iph.daddr = v->vifc_rmt_addr.s_addr; 437 p.iph.saddr = v->vifc_lcl_addr.s_addr; 438 p.iph.version = 4; 439 p.iph.ihl = 5; 440 p.iph.protocol = IPPROTO_IPIP; 441 sprintf(p.name, "dvmrp%d", v->vifc_vifi); 442 ifr.ifr_ifru.ifru_data = (__force void __user *)&p; 443 444 if (ops->ndo_do_ioctl) { 445 mm_segment_t oldfs = get_fs(); 446 447 set_fs(KERNEL_DS); 448 ops->ndo_do_ioctl(dev, &ifr, SIOCDELTUNNEL); 449 set_fs(oldfs); 450 } 451 } 452 } 453 454 /* Initialize ipmr pimreg/tunnel in_device */ 455 static bool ipmr_init_vif_indev(const struct net_device *dev) 456 { 457 struct in_device *in_dev; 458 459 ASSERT_RTNL(); 460 461 in_dev = __in_dev_get_rtnl(dev); 462 if (!in_dev) 463 return false; 464 ipv4_devconf_setall(in_dev); 465 neigh_parms_data_state_setall(in_dev->arp_parms); 466 IPV4_DEVCONF(in_dev->cnf, RP_FILTER) = 0; 467 468 return true; 469 } 470 471 static struct net_device *ipmr_new_tunnel(struct net *net, struct vifctl *v) 472 { 473 struct net_device *dev; 474 475 dev = __dev_get_by_name(net, "tunl0"); 476 477 if (dev) { 478 const struct net_device_ops *ops = dev->netdev_ops; 479 int err; 480 struct ifreq ifr; 481 struct ip_tunnel_parm p; 482 483 memset(&p, 0, sizeof(p)); 484 p.iph.daddr = v->vifc_rmt_addr.s_addr; 485 p.iph.saddr = v->vifc_lcl_addr.s_addr; 486 p.iph.version = 4; 487 p.iph.ihl = 5; 488 p.iph.protocol = IPPROTO_IPIP; 489 sprintf(p.name, "dvmrp%d", v->vifc_vifi); 490 ifr.ifr_ifru.ifru_data = (__force void __user *)&p; 491 492 if (ops->ndo_do_ioctl) { 493 mm_segment_t oldfs = get_fs(); 494 495 set_fs(KERNEL_DS); 496 err = ops->ndo_do_ioctl(dev, &ifr, SIOCADDTUNNEL); 497 set_fs(oldfs); 498 } else { 499 err = -EOPNOTSUPP; 500 } 501 dev = NULL; 502 503 if (err == 0 && 504 (dev = __dev_get_by_name(net, p.name)) != NULL) { 505 dev->flags |= IFF_MULTICAST; 506 if (!ipmr_init_vif_indev(dev)) 507 goto failure; 508 if (dev_open(dev)) 509 goto failure; 510 dev_hold(dev); 511 } 512 } 513 return dev; 514 515 failure: 516 unregister_netdevice(dev); 517 return NULL; 518 } 519 520 #if defined(CONFIG_IP_PIMSM_V1) || defined(CONFIG_IP_PIMSM_V2) 521 static netdev_tx_t reg_vif_xmit(struct sk_buff *skb, struct net_device *dev) 522 { 523 struct net *net = dev_net(dev); 524 struct mr_table *mrt; 525 struct flowi4 fl4 = { 526 .flowi4_oif = dev->ifindex, 527 .flowi4_iif = skb->skb_iif ? : LOOPBACK_IFINDEX, 528 .flowi4_mark = skb->mark, 529 }; 530 int err; 531 532 err = ipmr_fib_lookup(net, &fl4, &mrt); 533 if (err < 0) { 534 kfree_skb(skb); 535 return err; 536 } 537 538 read_lock(&mrt_lock); 539 dev->stats.tx_bytes += skb->len; 540 dev->stats.tx_packets++; 541 ipmr_cache_report(mrt, skb, mrt->mroute_reg_vif_num, IGMPMSG_WHOLEPKT); 542 read_unlock(&mrt_lock); 543 kfree_skb(skb); 544 return NETDEV_TX_OK; 545 } 546 547 static int reg_vif_get_iflink(const struct net_device *dev) 548 { 549 return 0; 550 } 551 552 static const struct net_device_ops reg_vif_netdev_ops = { 553 .ndo_start_xmit = reg_vif_xmit, 554 .ndo_get_iflink = reg_vif_get_iflink, 555 }; 556 557 static void reg_vif_setup(struct net_device *dev) 558 { 559 dev->type = ARPHRD_PIMREG; 560 dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr) - 8; 561 dev->flags = IFF_NOARP; 562 dev->netdev_ops = ®_vif_netdev_ops; 563 dev->needs_free_netdev = true; 564 dev->features |= NETIF_F_NETNS_LOCAL; 565 } 566 567 static struct net_device *ipmr_reg_vif(struct net *net, struct mr_table *mrt) 568 { 569 struct net_device *dev; 570 char name[IFNAMSIZ]; 571 572 if (mrt->id == RT_TABLE_DEFAULT) 573 sprintf(name, "pimreg"); 574 else 575 sprintf(name, "pimreg%u", mrt->id); 576 577 dev = alloc_netdev(0, name, NET_NAME_UNKNOWN, reg_vif_setup); 578 579 if (!dev) 580 return NULL; 581 582 dev_net_set(dev, net); 583 584 if (register_netdevice(dev)) { 585 free_netdev(dev); 586 return NULL; 587 } 588 589 if (!ipmr_init_vif_indev(dev)) 590 goto failure; 591 if (dev_open(dev)) 592 goto failure; 593 594 dev_hold(dev); 595 596 return dev; 597 598 failure: 599 unregister_netdevice(dev); 600 return NULL; 601 } 602 603 /* called with rcu_read_lock() */ 604 static int __pim_rcv(struct mr_table *mrt, struct sk_buff *skb, 605 unsigned int pimlen) 606 { 607 struct net_device *reg_dev = NULL; 608 struct iphdr *encap; 609 610 encap = (struct iphdr *)(skb_transport_header(skb) + pimlen); 611 /* Check that: 612 * a. packet is really sent to a multicast group 613 * b. packet is not a NULL-REGISTER 614 * c. packet is not truncated 615 */ 616 if (!ipv4_is_multicast(encap->daddr) || 617 encap->tot_len == 0 || 618 ntohs(encap->tot_len) + pimlen > skb->len) 619 return 1; 620 621 read_lock(&mrt_lock); 622 if (mrt->mroute_reg_vif_num >= 0) 623 reg_dev = mrt->vif_table[mrt->mroute_reg_vif_num].dev; 624 read_unlock(&mrt_lock); 625 626 if (!reg_dev) 627 return 1; 628 629 skb->mac_header = skb->network_header; 630 skb_pull(skb, (u8 *)encap - skb->data); 631 skb_reset_network_header(skb); 632 skb->protocol = htons(ETH_P_IP); 633 skb->ip_summed = CHECKSUM_NONE; 634 635 skb_tunnel_rx(skb, reg_dev, dev_net(reg_dev)); 636 637 netif_rx(skb); 638 639 return NET_RX_SUCCESS; 640 } 641 #else 642 static struct net_device *ipmr_reg_vif(struct net *net, struct mr_table *mrt) 643 { 644 return NULL; 645 } 646 #endif 647 648 static int call_ipmr_vif_entry_notifiers(struct net *net, 649 enum fib_event_type event_type, 650 struct vif_device *vif, 651 vifi_t vif_index, u32 tb_id) 652 { 653 return mr_call_vif_notifiers(net, RTNL_FAMILY_IPMR, event_type, 654 vif, vif_index, tb_id, 655 &net->ipv4.ipmr_seq); 656 } 657 658 static int call_ipmr_mfc_entry_notifiers(struct net *net, 659 enum fib_event_type event_type, 660 struct mfc_cache *mfc, u32 tb_id) 661 { 662 return mr_call_mfc_notifiers(net, RTNL_FAMILY_IPMR, event_type, 663 &mfc->_c, tb_id, &net->ipv4.ipmr_seq); 664 } 665 666 /** 667 * vif_delete - Delete a VIF entry 668 * @notify: Set to 1, if the caller is a notifier_call 669 */ 670 static int vif_delete(struct mr_table *mrt, int vifi, int notify, 671 struct list_head *head) 672 { 673 struct net *net = read_pnet(&mrt->net); 674 struct vif_device *v; 675 struct net_device *dev; 676 struct in_device *in_dev; 677 678 if (vifi < 0 || vifi >= mrt->maxvif) 679 return -EADDRNOTAVAIL; 680 681 v = &mrt->vif_table[vifi]; 682 683 if (VIF_EXISTS(mrt, vifi)) 684 call_ipmr_vif_entry_notifiers(net, FIB_EVENT_VIF_DEL, v, vifi, 685 mrt->id); 686 687 write_lock_bh(&mrt_lock); 688 dev = v->dev; 689 v->dev = NULL; 690 691 if (!dev) { 692 write_unlock_bh(&mrt_lock); 693 return -EADDRNOTAVAIL; 694 } 695 696 if (vifi == mrt->mroute_reg_vif_num) 697 mrt->mroute_reg_vif_num = -1; 698 699 if (vifi + 1 == mrt->maxvif) { 700 int tmp; 701 702 for (tmp = vifi - 1; tmp >= 0; tmp--) { 703 if (VIF_EXISTS(mrt, tmp)) 704 break; 705 } 706 mrt->maxvif = tmp+1; 707 } 708 709 write_unlock_bh(&mrt_lock); 710 711 dev_set_allmulti(dev, -1); 712 713 in_dev = __in_dev_get_rtnl(dev); 714 if (in_dev) { 715 IPV4_DEVCONF(in_dev->cnf, MC_FORWARDING)--; 716 inet_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF, 717 NETCONFA_MC_FORWARDING, 718 dev->ifindex, &in_dev->cnf); 719 ip_rt_multicast_event(in_dev); 720 } 721 722 if (v->flags & (VIFF_TUNNEL | VIFF_REGISTER) && !notify) 723 unregister_netdevice_queue(dev, head); 724 725 dev_put(dev); 726 return 0; 727 } 728 729 static void ipmr_cache_free_rcu(struct rcu_head *head) 730 { 731 struct mr_mfc *c = container_of(head, struct mr_mfc, rcu); 732 733 kmem_cache_free(mrt_cachep, (struct mfc_cache *)c); 734 } 735 736 static void ipmr_cache_free(struct mfc_cache *c) 737 { 738 call_rcu(&c->_c.rcu, ipmr_cache_free_rcu); 739 } 740 741 /* Destroy an unresolved cache entry, killing queued skbs 742 * and reporting error to netlink readers. 743 */ 744 static void ipmr_destroy_unres(struct mr_table *mrt, struct mfc_cache *c) 745 { 746 struct net *net = read_pnet(&mrt->net); 747 struct sk_buff *skb; 748 struct nlmsgerr *e; 749 750 atomic_dec(&mrt->cache_resolve_queue_len); 751 752 while ((skb = skb_dequeue(&c->_c.mfc_un.unres.unresolved))) { 753 if (ip_hdr(skb)->version == 0) { 754 struct nlmsghdr *nlh = skb_pull(skb, 755 sizeof(struct iphdr)); 756 nlh->nlmsg_type = NLMSG_ERROR; 757 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr)); 758 skb_trim(skb, nlh->nlmsg_len); 759 e = nlmsg_data(nlh); 760 e->error = -ETIMEDOUT; 761 memset(&e->msg, 0, sizeof(e->msg)); 762 763 rtnl_unicast(skb, net, NETLINK_CB(skb).portid); 764 } else { 765 kfree_skb(skb); 766 } 767 } 768 769 ipmr_cache_free(c); 770 } 771 772 /* Timer process for the unresolved queue. */ 773 static void ipmr_expire_process(struct timer_list *t) 774 { 775 struct mr_table *mrt = from_timer(mrt, t, ipmr_expire_timer); 776 struct mr_mfc *c, *next; 777 unsigned long expires; 778 unsigned long now; 779 780 if (!spin_trylock(&mfc_unres_lock)) { 781 mod_timer(&mrt->ipmr_expire_timer, jiffies+HZ/10); 782 return; 783 } 784 785 if (list_empty(&mrt->mfc_unres_queue)) 786 goto out; 787 788 now = jiffies; 789 expires = 10*HZ; 790 791 list_for_each_entry_safe(c, next, &mrt->mfc_unres_queue, list) { 792 if (time_after(c->mfc_un.unres.expires, now)) { 793 unsigned long interval = c->mfc_un.unres.expires - now; 794 if (interval < expires) 795 expires = interval; 796 continue; 797 } 798 799 list_del(&c->list); 800 mroute_netlink_event(mrt, (struct mfc_cache *)c, RTM_DELROUTE); 801 ipmr_destroy_unres(mrt, (struct mfc_cache *)c); 802 } 803 804 if (!list_empty(&mrt->mfc_unres_queue)) 805 mod_timer(&mrt->ipmr_expire_timer, jiffies + expires); 806 807 out: 808 spin_unlock(&mfc_unres_lock); 809 } 810 811 /* Fill oifs list. It is called under write locked mrt_lock. */ 812 static void ipmr_update_thresholds(struct mr_table *mrt, struct mr_mfc *cache, 813 unsigned char *ttls) 814 { 815 int vifi; 816 817 cache->mfc_un.res.minvif = MAXVIFS; 818 cache->mfc_un.res.maxvif = 0; 819 memset(cache->mfc_un.res.ttls, 255, MAXVIFS); 820 821 for (vifi = 0; vifi < mrt->maxvif; vifi++) { 822 if (VIF_EXISTS(mrt, vifi) && 823 ttls[vifi] && ttls[vifi] < 255) { 824 cache->mfc_un.res.ttls[vifi] = ttls[vifi]; 825 if (cache->mfc_un.res.minvif > vifi) 826 cache->mfc_un.res.minvif = vifi; 827 if (cache->mfc_un.res.maxvif <= vifi) 828 cache->mfc_un.res.maxvif = vifi + 1; 829 } 830 } 831 cache->mfc_un.res.lastuse = jiffies; 832 } 833 834 static int vif_add(struct net *net, struct mr_table *mrt, 835 struct vifctl *vifc, int mrtsock) 836 { 837 int vifi = vifc->vifc_vifi; 838 struct switchdev_attr attr = { 839 .id = SWITCHDEV_ATTR_ID_PORT_PARENT_ID, 840 }; 841 struct vif_device *v = &mrt->vif_table[vifi]; 842 struct net_device *dev; 843 struct in_device *in_dev; 844 int err; 845 846 /* Is vif busy ? */ 847 if (VIF_EXISTS(mrt, vifi)) 848 return -EADDRINUSE; 849 850 switch (vifc->vifc_flags) { 851 case VIFF_REGISTER: 852 if (!ipmr_pimsm_enabled()) 853 return -EINVAL; 854 /* Special Purpose VIF in PIM 855 * All the packets will be sent to the daemon 856 */ 857 if (mrt->mroute_reg_vif_num >= 0) 858 return -EADDRINUSE; 859 dev = ipmr_reg_vif(net, mrt); 860 if (!dev) 861 return -ENOBUFS; 862 err = dev_set_allmulti(dev, 1); 863 if (err) { 864 unregister_netdevice(dev); 865 dev_put(dev); 866 return err; 867 } 868 break; 869 case VIFF_TUNNEL: 870 dev = ipmr_new_tunnel(net, vifc); 871 if (!dev) 872 return -ENOBUFS; 873 err = dev_set_allmulti(dev, 1); 874 if (err) { 875 ipmr_del_tunnel(dev, vifc); 876 dev_put(dev); 877 return err; 878 } 879 break; 880 case VIFF_USE_IFINDEX: 881 case 0: 882 if (vifc->vifc_flags == VIFF_USE_IFINDEX) { 883 dev = dev_get_by_index(net, vifc->vifc_lcl_ifindex); 884 if (dev && !__in_dev_get_rtnl(dev)) { 885 dev_put(dev); 886 return -EADDRNOTAVAIL; 887 } 888 } else { 889 dev = ip_dev_find(net, vifc->vifc_lcl_addr.s_addr); 890 } 891 if (!dev) 892 return -EADDRNOTAVAIL; 893 err = dev_set_allmulti(dev, 1); 894 if (err) { 895 dev_put(dev); 896 return err; 897 } 898 break; 899 default: 900 return -EINVAL; 901 } 902 903 in_dev = __in_dev_get_rtnl(dev); 904 if (!in_dev) { 905 dev_put(dev); 906 return -EADDRNOTAVAIL; 907 } 908 IPV4_DEVCONF(in_dev->cnf, MC_FORWARDING)++; 909 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, NETCONFA_MC_FORWARDING, 910 dev->ifindex, &in_dev->cnf); 911 ip_rt_multicast_event(in_dev); 912 913 /* Fill in the VIF structures */ 914 vif_device_init(v, dev, vifc->vifc_rate_limit, 915 vifc->vifc_threshold, 916 vifc->vifc_flags | (!mrtsock ? VIFF_STATIC : 0), 917 (VIFF_TUNNEL | VIFF_REGISTER)); 918 919 attr.orig_dev = dev; 920 if (!switchdev_port_attr_get(dev, &attr)) { 921 memcpy(v->dev_parent_id.id, attr.u.ppid.id, attr.u.ppid.id_len); 922 v->dev_parent_id.id_len = attr.u.ppid.id_len; 923 } else { 924 v->dev_parent_id.id_len = 0; 925 } 926 927 v->local = vifc->vifc_lcl_addr.s_addr; 928 v->remote = vifc->vifc_rmt_addr.s_addr; 929 930 /* And finish update writing critical data */ 931 write_lock_bh(&mrt_lock); 932 v->dev = dev; 933 if (v->flags & VIFF_REGISTER) 934 mrt->mroute_reg_vif_num = vifi; 935 if (vifi+1 > mrt->maxvif) 936 mrt->maxvif = vifi+1; 937 write_unlock_bh(&mrt_lock); 938 call_ipmr_vif_entry_notifiers(net, FIB_EVENT_VIF_ADD, v, vifi, mrt->id); 939 return 0; 940 } 941 942 /* called with rcu_read_lock() */ 943 static struct mfc_cache *ipmr_cache_find(struct mr_table *mrt, 944 __be32 origin, 945 __be32 mcastgrp) 946 { 947 struct mfc_cache_cmp_arg arg = { 948 .mfc_mcastgrp = mcastgrp, 949 .mfc_origin = origin 950 }; 951 952 return mr_mfc_find(mrt, &arg); 953 } 954 955 /* Look for a (*,G) entry */ 956 static struct mfc_cache *ipmr_cache_find_any(struct mr_table *mrt, 957 __be32 mcastgrp, int vifi) 958 { 959 struct mfc_cache_cmp_arg arg = { 960 .mfc_mcastgrp = mcastgrp, 961 .mfc_origin = htonl(INADDR_ANY) 962 }; 963 964 if (mcastgrp == htonl(INADDR_ANY)) 965 return mr_mfc_find_any_parent(mrt, vifi); 966 return mr_mfc_find_any(mrt, vifi, &arg); 967 } 968 969 /* Look for a (S,G,iif) entry if parent != -1 */ 970 static struct mfc_cache *ipmr_cache_find_parent(struct mr_table *mrt, 971 __be32 origin, __be32 mcastgrp, 972 int parent) 973 { 974 struct mfc_cache_cmp_arg arg = { 975 .mfc_mcastgrp = mcastgrp, 976 .mfc_origin = origin, 977 }; 978 979 return mr_mfc_find_parent(mrt, &arg, parent); 980 } 981 982 /* Allocate a multicast cache entry */ 983 static struct mfc_cache *ipmr_cache_alloc(void) 984 { 985 struct mfc_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_KERNEL); 986 987 if (c) { 988 c->_c.mfc_un.res.last_assert = jiffies - MFC_ASSERT_THRESH - 1; 989 c->_c.mfc_un.res.minvif = MAXVIFS; 990 c->_c.free = ipmr_cache_free_rcu; 991 refcount_set(&c->_c.mfc_un.res.refcount, 1); 992 } 993 return c; 994 } 995 996 static struct mfc_cache *ipmr_cache_alloc_unres(void) 997 { 998 struct mfc_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_ATOMIC); 999 1000 if (c) { 1001 skb_queue_head_init(&c->_c.mfc_un.unres.unresolved); 1002 c->_c.mfc_un.unres.expires = jiffies + 10 * HZ; 1003 } 1004 return c; 1005 } 1006 1007 /* A cache entry has gone into a resolved state from queued */ 1008 static void ipmr_cache_resolve(struct net *net, struct mr_table *mrt, 1009 struct mfc_cache *uc, struct mfc_cache *c) 1010 { 1011 struct sk_buff *skb; 1012 struct nlmsgerr *e; 1013 1014 /* Play the pending entries through our router */ 1015 while ((skb = __skb_dequeue(&uc->_c.mfc_un.unres.unresolved))) { 1016 if (ip_hdr(skb)->version == 0) { 1017 struct nlmsghdr *nlh = skb_pull(skb, 1018 sizeof(struct iphdr)); 1019 1020 if (mr_fill_mroute(mrt, skb, &c->_c, 1021 nlmsg_data(nlh)) > 0) { 1022 nlh->nlmsg_len = skb_tail_pointer(skb) - 1023 (u8 *)nlh; 1024 } else { 1025 nlh->nlmsg_type = NLMSG_ERROR; 1026 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr)); 1027 skb_trim(skb, nlh->nlmsg_len); 1028 e = nlmsg_data(nlh); 1029 e->error = -EMSGSIZE; 1030 memset(&e->msg, 0, sizeof(e->msg)); 1031 } 1032 1033 rtnl_unicast(skb, net, NETLINK_CB(skb).portid); 1034 } else { 1035 ip_mr_forward(net, mrt, skb->dev, skb, c, 0); 1036 } 1037 } 1038 } 1039 1040 /* Bounce a cache query up to mrouted and netlink. 1041 * 1042 * Called under mrt_lock. 1043 */ 1044 static int ipmr_cache_report(struct mr_table *mrt, 1045 struct sk_buff *pkt, vifi_t vifi, int assert) 1046 { 1047 const int ihl = ip_hdrlen(pkt); 1048 struct sock *mroute_sk; 1049 struct igmphdr *igmp; 1050 struct igmpmsg *msg; 1051 struct sk_buff *skb; 1052 int ret; 1053 1054 if (assert == IGMPMSG_WHOLEPKT) 1055 skb = skb_realloc_headroom(pkt, sizeof(struct iphdr)); 1056 else 1057 skb = alloc_skb(128, GFP_ATOMIC); 1058 1059 if (!skb) 1060 return -ENOBUFS; 1061 1062 if (assert == IGMPMSG_WHOLEPKT) { 1063 /* Ugly, but we have no choice with this interface. 1064 * Duplicate old header, fix ihl, length etc. 1065 * And all this only to mangle msg->im_msgtype and 1066 * to set msg->im_mbz to "mbz" :-) 1067 */ 1068 skb_push(skb, sizeof(struct iphdr)); 1069 skb_reset_network_header(skb); 1070 skb_reset_transport_header(skb); 1071 msg = (struct igmpmsg *)skb_network_header(skb); 1072 memcpy(msg, skb_network_header(pkt), sizeof(struct iphdr)); 1073 msg->im_msgtype = IGMPMSG_WHOLEPKT; 1074 msg->im_mbz = 0; 1075 msg->im_vif = mrt->mroute_reg_vif_num; 1076 ip_hdr(skb)->ihl = sizeof(struct iphdr) >> 2; 1077 ip_hdr(skb)->tot_len = htons(ntohs(ip_hdr(pkt)->tot_len) + 1078 sizeof(struct iphdr)); 1079 } else { 1080 /* Copy the IP header */ 1081 skb_set_network_header(skb, skb->len); 1082 skb_put(skb, ihl); 1083 skb_copy_to_linear_data(skb, pkt->data, ihl); 1084 /* Flag to the kernel this is a route add */ 1085 ip_hdr(skb)->protocol = 0; 1086 msg = (struct igmpmsg *)skb_network_header(skb); 1087 msg->im_vif = vifi; 1088 skb_dst_set(skb, dst_clone(skb_dst(pkt))); 1089 /* Add our header */ 1090 igmp = skb_put(skb, sizeof(struct igmphdr)); 1091 igmp->type = assert; 1092 msg->im_msgtype = assert; 1093 igmp->code = 0; 1094 ip_hdr(skb)->tot_len = htons(skb->len); /* Fix the length */ 1095 skb->transport_header = skb->network_header; 1096 } 1097 1098 rcu_read_lock(); 1099 mroute_sk = rcu_dereference(mrt->mroute_sk); 1100 if (!mroute_sk) { 1101 rcu_read_unlock(); 1102 kfree_skb(skb); 1103 return -EINVAL; 1104 } 1105 1106 igmpmsg_netlink_event(mrt, skb); 1107 1108 /* Deliver to mrouted */ 1109 ret = sock_queue_rcv_skb(mroute_sk, skb); 1110 rcu_read_unlock(); 1111 if (ret < 0) { 1112 net_warn_ratelimited("mroute: pending queue full, dropping entries\n"); 1113 kfree_skb(skb); 1114 } 1115 1116 return ret; 1117 } 1118 1119 /* Queue a packet for resolution. It gets locked cache entry! */ 1120 static int ipmr_cache_unresolved(struct mr_table *mrt, vifi_t vifi, 1121 struct sk_buff *skb, struct net_device *dev) 1122 { 1123 const struct iphdr *iph = ip_hdr(skb); 1124 struct mfc_cache *c; 1125 bool found = false; 1126 int err; 1127 1128 spin_lock_bh(&mfc_unres_lock); 1129 list_for_each_entry(c, &mrt->mfc_unres_queue, _c.list) { 1130 if (c->mfc_mcastgrp == iph->daddr && 1131 c->mfc_origin == iph->saddr) { 1132 found = true; 1133 break; 1134 } 1135 } 1136 1137 if (!found) { 1138 /* Create a new entry if allowable */ 1139 if (atomic_read(&mrt->cache_resolve_queue_len) >= 10 || 1140 (c = ipmr_cache_alloc_unres()) == NULL) { 1141 spin_unlock_bh(&mfc_unres_lock); 1142 1143 kfree_skb(skb); 1144 return -ENOBUFS; 1145 } 1146 1147 /* Fill in the new cache entry */ 1148 c->_c.mfc_parent = -1; 1149 c->mfc_origin = iph->saddr; 1150 c->mfc_mcastgrp = iph->daddr; 1151 1152 /* Reflect first query at mrouted. */ 1153 err = ipmr_cache_report(mrt, skb, vifi, IGMPMSG_NOCACHE); 1154 1155 if (err < 0) { 1156 /* If the report failed throw the cache entry 1157 out - Brad Parker 1158 */ 1159 spin_unlock_bh(&mfc_unres_lock); 1160 1161 ipmr_cache_free(c); 1162 kfree_skb(skb); 1163 return err; 1164 } 1165 1166 atomic_inc(&mrt->cache_resolve_queue_len); 1167 list_add(&c->_c.list, &mrt->mfc_unres_queue); 1168 mroute_netlink_event(mrt, c, RTM_NEWROUTE); 1169 1170 if (atomic_read(&mrt->cache_resolve_queue_len) == 1) 1171 mod_timer(&mrt->ipmr_expire_timer, 1172 c->_c.mfc_un.unres.expires); 1173 } 1174 1175 /* See if we can append the packet */ 1176 if (c->_c.mfc_un.unres.unresolved.qlen > 3) { 1177 kfree_skb(skb); 1178 err = -ENOBUFS; 1179 } else { 1180 if (dev) { 1181 skb->dev = dev; 1182 skb->skb_iif = dev->ifindex; 1183 } 1184 skb_queue_tail(&c->_c.mfc_un.unres.unresolved, skb); 1185 err = 0; 1186 } 1187 1188 spin_unlock_bh(&mfc_unres_lock); 1189 return err; 1190 } 1191 1192 /* MFC cache manipulation by user space mroute daemon */ 1193 1194 static int ipmr_mfc_delete(struct mr_table *mrt, struct mfcctl *mfc, int parent) 1195 { 1196 struct net *net = read_pnet(&mrt->net); 1197 struct mfc_cache *c; 1198 1199 /* The entries are added/deleted only under RTNL */ 1200 rcu_read_lock(); 1201 c = ipmr_cache_find_parent(mrt, mfc->mfcc_origin.s_addr, 1202 mfc->mfcc_mcastgrp.s_addr, parent); 1203 rcu_read_unlock(); 1204 if (!c) 1205 return -ENOENT; 1206 rhltable_remove(&mrt->mfc_hash, &c->_c.mnode, ipmr_rht_params); 1207 list_del_rcu(&c->_c.list); 1208 call_ipmr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_DEL, c, mrt->id); 1209 mroute_netlink_event(mrt, c, RTM_DELROUTE); 1210 mr_cache_put(&c->_c); 1211 1212 return 0; 1213 } 1214 1215 static int ipmr_mfc_add(struct net *net, struct mr_table *mrt, 1216 struct mfcctl *mfc, int mrtsock, int parent) 1217 { 1218 struct mfc_cache *uc, *c; 1219 struct mr_mfc *_uc; 1220 bool found; 1221 int ret; 1222 1223 if (mfc->mfcc_parent >= MAXVIFS) 1224 return -ENFILE; 1225 1226 /* The entries are added/deleted only under RTNL */ 1227 rcu_read_lock(); 1228 c = ipmr_cache_find_parent(mrt, mfc->mfcc_origin.s_addr, 1229 mfc->mfcc_mcastgrp.s_addr, parent); 1230 rcu_read_unlock(); 1231 if (c) { 1232 write_lock_bh(&mrt_lock); 1233 c->_c.mfc_parent = mfc->mfcc_parent; 1234 ipmr_update_thresholds(mrt, &c->_c, mfc->mfcc_ttls); 1235 if (!mrtsock) 1236 c->_c.mfc_flags |= MFC_STATIC; 1237 write_unlock_bh(&mrt_lock); 1238 call_ipmr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_REPLACE, c, 1239 mrt->id); 1240 mroute_netlink_event(mrt, c, RTM_NEWROUTE); 1241 return 0; 1242 } 1243 1244 if (mfc->mfcc_mcastgrp.s_addr != htonl(INADDR_ANY) && 1245 !ipv4_is_multicast(mfc->mfcc_mcastgrp.s_addr)) 1246 return -EINVAL; 1247 1248 c = ipmr_cache_alloc(); 1249 if (!c) 1250 return -ENOMEM; 1251 1252 c->mfc_origin = mfc->mfcc_origin.s_addr; 1253 c->mfc_mcastgrp = mfc->mfcc_mcastgrp.s_addr; 1254 c->_c.mfc_parent = mfc->mfcc_parent; 1255 ipmr_update_thresholds(mrt, &c->_c, mfc->mfcc_ttls); 1256 if (!mrtsock) 1257 c->_c.mfc_flags |= MFC_STATIC; 1258 1259 ret = rhltable_insert_key(&mrt->mfc_hash, &c->cmparg, &c->_c.mnode, 1260 ipmr_rht_params); 1261 if (ret) { 1262 pr_err("ipmr: rhtable insert error %d\n", ret); 1263 ipmr_cache_free(c); 1264 return ret; 1265 } 1266 list_add_tail_rcu(&c->_c.list, &mrt->mfc_cache_list); 1267 /* Check to see if we resolved a queued list. If so we 1268 * need to send on the frames and tidy up. 1269 */ 1270 found = false; 1271 spin_lock_bh(&mfc_unres_lock); 1272 list_for_each_entry(_uc, &mrt->mfc_unres_queue, list) { 1273 uc = (struct mfc_cache *)_uc; 1274 if (uc->mfc_origin == c->mfc_origin && 1275 uc->mfc_mcastgrp == c->mfc_mcastgrp) { 1276 list_del(&_uc->list); 1277 atomic_dec(&mrt->cache_resolve_queue_len); 1278 found = true; 1279 break; 1280 } 1281 } 1282 if (list_empty(&mrt->mfc_unres_queue)) 1283 del_timer(&mrt->ipmr_expire_timer); 1284 spin_unlock_bh(&mfc_unres_lock); 1285 1286 if (found) { 1287 ipmr_cache_resolve(net, mrt, uc, c); 1288 ipmr_cache_free(uc); 1289 } 1290 call_ipmr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_ADD, c, mrt->id); 1291 mroute_netlink_event(mrt, c, RTM_NEWROUTE); 1292 return 0; 1293 } 1294 1295 /* Close the multicast socket, and clear the vif tables etc */ 1296 static void mroute_clean_tables(struct mr_table *mrt, bool all) 1297 { 1298 struct net *net = read_pnet(&mrt->net); 1299 struct mr_mfc *c, *tmp; 1300 struct mfc_cache *cache; 1301 LIST_HEAD(list); 1302 int i; 1303 1304 /* Shut down all active vif entries */ 1305 for (i = 0; i < mrt->maxvif; i++) { 1306 if (!all && (mrt->vif_table[i].flags & VIFF_STATIC)) 1307 continue; 1308 vif_delete(mrt, i, 0, &list); 1309 } 1310 unregister_netdevice_many(&list); 1311 1312 /* Wipe the cache */ 1313 list_for_each_entry_safe(c, tmp, &mrt->mfc_cache_list, list) { 1314 if (!all && (c->mfc_flags & MFC_STATIC)) 1315 continue; 1316 rhltable_remove(&mrt->mfc_hash, &c->mnode, ipmr_rht_params); 1317 list_del_rcu(&c->list); 1318 cache = (struct mfc_cache *)c; 1319 call_ipmr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_DEL, cache, 1320 mrt->id); 1321 mroute_netlink_event(mrt, cache, RTM_DELROUTE); 1322 mr_cache_put(c); 1323 } 1324 1325 if (atomic_read(&mrt->cache_resolve_queue_len) != 0) { 1326 spin_lock_bh(&mfc_unres_lock); 1327 list_for_each_entry_safe(c, tmp, &mrt->mfc_unres_queue, list) { 1328 list_del(&c->list); 1329 cache = (struct mfc_cache *)c; 1330 mroute_netlink_event(mrt, cache, RTM_DELROUTE); 1331 ipmr_destroy_unres(mrt, cache); 1332 } 1333 spin_unlock_bh(&mfc_unres_lock); 1334 } 1335 } 1336 1337 /* called from ip_ra_control(), before an RCU grace period, 1338 * we dont need to call synchronize_rcu() here 1339 */ 1340 static void mrtsock_destruct(struct sock *sk) 1341 { 1342 struct net *net = sock_net(sk); 1343 struct mr_table *mrt; 1344 1345 rtnl_lock(); 1346 ipmr_for_each_table(mrt, net) { 1347 if (sk == rtnl_dereference(mrt->mroute_sk)) { 1348 IPV4_DEVCONF_ALL(net, MC_FORWARDING)--; 1349 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 1350 NETCONFA_MC_FORWARDING, 1351 NETCONFA_IFINDEX_ALL, 1352 net->ipv4.devconf_all); 1353 RCU_INIT_POINTER(mrt->mroute_sk, NULL); 1354 mroute_clean_tables(mrt, false); 1355 } 1356 } 1357 rtnl_unlock(); 1358 } 1359 1360 /* Socket options and virtual interface manipulation. The whole 1361 * virtual interface system is a complete heap, but unfortunately 1362 * that's how BSD mrouted happens to think. Maybe one day with a proper 1363 * MOSPF/PIM router set up we can clean this up. 1364 */ 1365 1366 int ip_mroute_setsockopt(struct sock *sk, int optname, char __user *optval, 1367 unsigned int optlen) 1368 { 1369 struct net *net = sock_net(sk); 1370 int val, ret = 0, parent = 0; 1371 struct mr_table *mrt; 1372 struct vifctl vif; 1373 struct mfcctl mfc; 1374 u32 uval; 1375 1376 /* There's one exception to the lock - MRT_DONE which needs to unlock */ 1377 rtnl_lock(); 1378 if (sk->sk_type != SOCK_RAW || 1379 inet_sk(sk)->inet_num != IPPROTO_IGMP) { 1380 ret = -EOPNOTSUPP; 1381 goto out_unlock; 1382 } 1383 1384 mrt = ipmr_get_table(net, raw_sk(sk)->ipmr_table ? : RT_TABLE_DEFAULT); 1385 if (!mrt) { 1386 ret = -ENOENT; 1387 goto out_unlock; 1388 } 1389 if (optname != MRT_INIT) { 1390 if (sk != rcu_access_pointer(mrt->mroute_sk) && 1391 !ns_capable(net->user_ns, CAP_NET_ADMIN)) { 1392 ret = -EACCES; 1393 goto out_unlock; 1394 } 1395 } 1396 1397 switch (optname) { 1398 case MRT_INIT: 1399 if (optlen != sizeof(int)) { 1400 ret = -EINVAL; 1401 break; 1402 } 1403 if (rtnl_dereference(mrt->mroute_sk)) { 1404 ret = -EADDRINUSE; 1405 break; 1406 } 1407 1408 ret = ip_ra_control(sk, 1, mrtsock_destruct); 1409 if (ret == 0) { 1410 rcu_assign_pointer(mrt->mroute_sk, sk); 1411 IPV4_DEVCONF_ALL(net, MC_FORWARDING)++; 1412 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 1413 NETCONFA_MC_FORWARDING, 1414 NETCONFA_IFINDEX_ALL, 1415 net->ipv4.devconf_all); 1416 } 1417 break; 1418 case MRT_DONE: 1419 if (sk != rcu_access_pointer(mrt->mroute_sk)) { 1420 ret = -EACCES; 1421 } else { 1422 /* We need to unlock here because mrtsock_destruct takes 1423 * care of rtnl itself and we can't change that due to 1424 * the IP_ROUTER_ALERT setsockopt which runs without it. 1425 */ 1426 rtnl_unlock(); 1427 ret = ip_ra_control(sk, 0, NULL); 1428 goto out; 1429 } 1430 break; 1431 case MRT_ADD_VIF: 1432 case MRT_DEL_VIF: 1433 if (optlen != sizeof(vif)) { 1434 ret = -EINVAL; 1435 break; 1436 } 1437 if (copy_from_user(&vif, optval, sizeof(vif))) { 1438 ret = -EFAULT; 1439 break; 1440 } 1441 if (vif.vifc_vifi >= MAXVIFS) { 1442 ret = -ENFILE; 1443 break; 1444 } 1445 if (optname == MRT_ADD_VIF) { 1446 ret = vif_add(net, mrt, &vif, 1447 sk == rtnl_dereference(mrt->mroute_sk)); 1448 } else { 1449 ret = vif_delete(mrt, vif.vifc_vifi, 0, NULL); 1450 } 1451 break; 1452 /* Manipulate the forwarding caches. These live 1453 * in a sort of kernel/user symbiosis. 1454 */ 1455 case MRT_ADD_MFC: 1456 case MRT_DEL_MFC: 1457 parent = -1; 1458 /* fall through */ 1459 case MRT_ADD_MFC_PROXY: 1460 case MRT_DEL_MFC_PROXY: 1461 if (optlen != sizeof(mfc)) { 1462 ret = -EINVAL; 1463 break; 1464 } 1465 if (copy_from_user(&mfc, optval, sizeof(mfc))) { 1466 ret = -EFAULT; 1467 break; 1468 } 1469 if (parent == 0) 1470 parent = mfc.mfcc_parent; 1471 if (optname == MRT_DEL_MFC || optname == MRT_DEL_MFC_PROXY) 1472 ret = ipmr_mfc_delete(mrt, &mfc, parent); 1473 else 1474 ret = ipmr_mfc_add(net, mrt, &mfc, 1475 sk == rtnl_dereference(mrt->mroute_sk), 1476 parent); 1477 break; 1478 /* Control PIM assert. */ 1479 case MRT_ASSERT: 1480 if (optlen != sizeof(val)) { 1481 ret = -EINVAL; 1482 break; 1483 } 1484 if (get_user(val, (int __user *)optval)) { 1485 ret = -EFAULT; 1486 break; 1487 } 1488 mrt->mroute_do_assert = val; 1489 break; 1490 case MRT_PIM: 1491 if (!ipmr_pimsm_enabled()) { 1492 ret = -ENOPROTOOPT; 1493 break; 1494 } 1495 if (optlen != sizeof(val)) { 1496 ret = -EINVAL; 1497 break; 1498 } 1499 if (get_user(val, (int __user *)optval)) { 1500 ret = -EFAULT; 1501 break; 1502 } 1503 1504 val = !!val; 1505 if (val != mrt->mroute_do_pim) { 1506 mrt->mroute_do_pim = val; 1507 mrt->mroute_do_assert = val; 1508 } 1509 break; 1510 case MRT_TABLE: 1511 if (!IS_BUILTIN(CONFIG_IP_MROUTE_MULTIPLE_TABLES)) { 1512 ret = -ENOPROTOOPT; 1513 break; 1514 } 1515 if (optlen != sizeof(uval)) { 1516 ret = -EINVAL; 1517 break; 1518 } 1519 if (get_user(uval, (u32 __user *)optval)) { 1520 ret = -EFAULT; 1521 break; 1522 } 1523 1524 if (sk == rtnl_dereference(mrt->mroute_sk)) { 1525 ret = -EBUSY; 1526 } else { 1527 mrt = ipmr_new_table(net, uval); 1528 if (IS_ERR(mrt)) 1529 ret = PTR_ERR(mrt); 1530 else 1531 raw_sk(sk)->ipmr_table = uval; 1532 } 1533 break; 1534 /* Spurious command, or MRT_VERSION which you cannot set. */ 1535 default: 1536 ret = -ENOPROTOOPT; 1537 } 1538 out_unlock: 1539 rtnl_unlock(); 1540 out: 1541 return ret; 1542 } 1543 1544 /* Getsock opt support for the multicast routing system. */ 1545 int ip_mroute_getsockopt(struct sock *sk, int optname, char __user *optval, int __user *optlen) 1546 { 1547 int olr; 1548 int val; 1549 struct net *net = sock_net(sk); 1550 struct mr_table *mrt; 1551 1552 if (sk->sk_type != SOCK_RAW || 1553 inet_sk(sk)->inet_num != IPPROTO_IGMP) 1554 return -EOPNOTSUPP; 1555 1556 mrt = ipmr_get_table(net, raw_sk(sk)->ipmr_table ? : RT_TABLE_DEFAULT); 1557 if (!mrt) 1558 return -ENOENT; 1559 1560 switch (optname) { 1561 case MRT_VERSION: 1562 val = 0x0305; 1563 break; 1564 case MRT_PIM: 1565 if (!ipmr_pimsm_enabled()) 1566 return -ENOPROTOOPT; 1567 val = mrt->mroute_do_pim; 1568 break; 1569 case MRT_ASSERT: 1570 val = mrt->mroute_do_assert; 1571 break; 1572 default: 1573 return -ENOPROTOOPT; 1574 } 1575 1576 if (get_user(olr, optlen)) 1577 return -EFAULT; 1578 olr = min_t(unsigned int, olr, sizeof(int)); 1579 if (olr < 0) 1580 return -EINVAL; 1581 if (put_user(olr, optlen)) 1582 return -EFAULT; 1583 if (copy_to_user(optval, &val, olr)) 1584 return -EFAULT; 1585 return 0; 1586 } 1587 1588 /* The IP multicast ioctl support routines. */ 1589 int ipmr_ioctl(struct sock *sk, int cmd, void __user *arg) 1590 { 1591 struct sioc_sg_req sr; 1592 struct sioc_vif_req vr; 1593 struct vif_device *vif; 1594 struct mfc_cache *c; 1595 struct net *net = sock_net(sk); 1596 struct mr_table *mrt; 1597 1598 mrt = ipmr_get_table(net, raw_sk(sk)->ipmr_table ? : RT_TABLE_DEFAULT); 1599 if (!mrt) 1600 return -ENOENT; 1601 1602 switch (cmd) { 1603 case SIOCGETVIFCNT: 1604 if (copy_from_user(&vr, arg, sizeof(vr))) 1605 return -EFAULT; 1606 if (vr.vifi >= mrt->maxvif) 1607 return -EINVAL; 1608 read_lock(&mrt_lock); 1609 vif = &mrt->vif_table[vr.vifi]; 1610 if (VIF_EXISTS(mrt, vr.vifi)) { 1611 vr.icount = vif->pkt_in; 1612 vr.ocount = vif->pkt_out; 1613 vr.ibytes = vif->bytes_in; 1614 vr.obytes = vif->bytes_out; 1615 read_unlock(&mrt_lock); 1616 1617 if (copy_to_user(arg, &vr, sizeof(vr))) 1618 return -EFAULT; 1619 return 0; 1620 } 1621 read_unlock(&mrt_lock); 1622 return -EADDRNOTAVAIL; 1623 case SIOCGETSGCNT: 1624 if (copy_from_user(&sr, arg, sizeof(sr))) 1625 return -EFAULT; 1626 1627 rcu_read_lock(); 1628 c = ipmr_cache_find(mrt, sr.src.s_addr, sr.grp.s_addr); 1629 if (c) { 1630 sr.pktcnt = c->_c.mfc_un.res.pkt; 1631 sr.bytecnt = c->_c.mfc_un.res.bytes; 1632 sr.wrong_if = c->_c.mfc_un.res.wrong_if; 1633 rcu_read_unlock(); 1634 1635 if (copy_to_user(arg, &sr, sizeof(sr))) 1636 return -EFAULT; 1637 return 0; 1638 } 1639 rcu_read_unlock(); 1640 return -EADDRNOTAVAIL; 1641 default: 1642 return -ENOIOCTLCMD; 1643 } 1644 } 1645 1646 #ifdef CONFIG_COMPAT 1647 struct compat_sioc_sg_req { 1648 struct in_addr src; 1649 struct in_addr grp; 1650 compat_ulong_t pktcnt; 1651 compat_ulong_t bytecnt; 1652 compat_ulong_t wrong_if; 1653 }; 1654 1655 struct compat_sioc_vif_req { 1656 vifi_t vifi; /* Which iface */ 1657 compat_ulong_t icount; 1658 compat_ulong_t ocount; 1659 compat_ulong_t ibytes; 1660 compat_ulong_t obytes; 1661 }; 1662 1663 int ipmr_compat_ioctl(struct sock *sk, unsigned int cmd, void __user *arg) 1664 { 1665 struct compat_sioc_sg_req sr; 1666 struct compat_sioc_vif_req vr; 1667 struct vif_device *vif; 1668 struct mfc_cache *c; 1669 struct net *net = sock_net(sk); 1670 struct mr_table *mrt; 1671 1672 mrt = ipmr_get_table(net, raw_sk(sk)->ipmr_table ? : RT_TABLE_DEFAULT); 1673 if (!mrt) 1674 return -ENOENT; 1675 1676 switch (cmd) { 1677 case SIOCGETVIFCNT: 1678 if (copy_from_user(&vr, arg, sizeof(vr))) 1679 return -EFAULT; 1680 if (vr.vifi >= mrt->maxvif) 1681 return -EINVAL; 1682 read_lock(&mrt_lock); 1683 vif = &mrt->vif_table[vr.vifi]; 1684 if (VIF_EXISTS(mrt, vr.vifi)) { 1685 vr.icount = vif->pkt_in; 1686 vr.ocount = vif->pkt_out; 1687 vr.ibytes = vif->bytes_in; 1688 vr.obytes = vif->bytes_out; 1689 read_unlock(&mrt_lock); 1690 1691 if (copy_to_user(arg, &vr, sizeof(vr))) 1692 return -EFAULT; 1693 return 0; 1694 } 1695 read_unlock(&mrt_lock); 1696 return -EADDRNOTAVAIL; 1697 case SIOCGETSGCNT: 1698 if (copy_from_user(&sr, arg, sizeof(sr))) 1699 return -EFAULT; 1700 1701 rcu_read_lock(); 1702 c = ipmr_cache_find(mrt, sr.src.s_addr, sr.grp.s_addr); 1703 if (c) { 1704 sr.pktcnt = c->_c.mfc_un.res.pkt; 1705 sr.bytecnt = c->_c.mfc_un.res.bytes; 1706 sr.wrong_if = c->_c.mfc_un.res.wrong_if; 1707 rcu_read_unlock(); 1708 1709 if (copy_to_user(arg, &sr, sizeof(sr))) 1710 return -EFAULT; 1711 return 0; 1712 } 1713 rcu_read_unlock(); 1714 return -EADDRNOTAVAIL; 1715 default: 1716 return -ENOIOCTLCMD; 1717 } 1718 } 1719 #endif 1720 1721 static int ipmr_device_event(struct notifier_block *this, unsigned long event, void *ptr) 1722 { 1723 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 1724 struct net *net = dev_net(dev); 1725 struct mr_table *mrt; 1726 struct vif_device *v; 1727 int ct; 1728 1729 if (event != NETDEV_UNREGISTER) 1730 return NOTIFY_DONE; 1731 1732 ipmr_for_each_table(mrt, net) { 1733 v = &mrt->vif_table[0]; 1734 for (ct = 0; ct < mrt->maxvif; ct++, v++) { 1735 if (v->dev == dev) 1736 vif_delete(mrt, ct, 1, NULL); 1737 } 1738 } 1739 return NOTIFY_DONE; 1740 } 1741 1742 static struct notifier_block ip_mr_notifier = { 1743 .notifier_call = ipmr_device_event, 1744 }; 1745 1746 /* Encapsulate a packet by attaching a valid IPIP header to it. 1747 * This avoids tunnel drivers and other mess and gives us the speed so 1748 * important for multicast video. 1749 */ 1750 static void ip_encap(struct net *net, struct sk_buff *skb, 1751 __be32 saddr, __be32 daddr) 1752 { 1753 struct iphdr *iph; 1754 const struct iphdr *old_iph = ip_hdr(skb); 1755 1756 skb_push(skb, sizeof(struct iphdr)); 1757 skb->transport_header = skb->network_header; 1758 skb_reset_network_header(skb); 1759 iph = ip_hdr(skb); 1760 1761 iph->version = 4; 1762 iph->tos = old_iph->tos; 1763 iph->ttl = old_iph->ttl; 1764 iph->frag_off = 0; 1765 iph->daddr = daddr; 1766 iph->saddr = saddr; 1767 iph->protocol = IPPROTO_IPIP; 1768 iph->ihl = 5; 1769 iph->tot_len = htons(skb->len); 1770 ip_select_ident(net, skb, NULL); 1771 ip_send_check(iph); 1772 1773 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt)); 1774 nf_reset(skb); 1775 } 1776 1777 static inline int ipmr_forward_finish(struct net *net, struct sock *sk, 1778 struct sk_buff *skb) 1779 { 1780 struct ip_options *opt = &(IPCB(skb)->opt); 1781 1782 IP_INC_STATS(net, IPSTATS_MIB_OUTFORWDATAGRAMS); 1783 IP_ADD_STATS(net, IPSTATS_MIB_OUTOCTETS, skb->len); 1784 1785 if (unlikely(opt->optlen)) 1786 ip_forward_options(skb); 1787 1788 return dst_output(net, sk, skb); 1789 } 1790 1791 #ifdef CONFIG_NET_SWITCHDEV 1792 static bool ipmr_forward_offloaded(struct sk_buff *skb, struct mr_table *mrt, 1793 int in_vifi, int out_vifi) 1794 { 1795 struct vif_device *out_vif = &mrt->vif_table[out_vifi]; 1796 struct vif_device *in_vif = &mrt->vif_table[in_vifi]; 1797 1798 if (!skb->offload_mr_fwd_mark) 1799 return false; 1800 if (!out_vif->dev_parent_id.id_len || !in_vif->dev_parent_id.id_len) 1801 return false; 1802 return netdev_phys_item_id_same(&out_vif->dev_parent_id, 1803 &in_vif->dev_parent_id); 1804 } 1805 #else 1806 static bool ipmr_forward_offloaded(struct sk_buff *skb, struct mr_table *mrt, 1807 int in_vifi, int out_vifi) 1808 { 1809 return false; 1810 } 1811 #endif 1812 1813 /* Processing handlers for ipmr_forward */ 1814 1815 static void ipmr_queue_xmit(struct net *net, struct mr_table *mrt, 1816 int in_vifi, struct sk_buff *skb, 1817 struct mfc_cache *c, int vifi) 1818 { 1819 const struct iphdr *iph = ip_hdr(skb); 1820 struct vif_device *vif = &mrt->vif_table[vifi]; 1821 struct net_device *dev; 1822 struct rtable *rt; 1823 struct flowi4 fl4; 1824 int encap = 0; 1825 1826 if (!vif->dev) 1827 goto out_free; 1828 1829 if (vif->flags & VIFF_REGISTER) { 1830 vif->pkt_out++; 1831 vif->bytes_out += skb->len; 1832 vif->dev->stats.tx_bytes += skb->len; 1833 vif->dev->stats.tx_packets++; 1834 ipmr_cache_report(mrt, skb, vifi, IGMPMSG_WHOLEPKT); 1835 goto out_free; 1836 } 1837 1838 if (ipmr_forward_offloaded(skb, mrt, in_vifi, vifi)) 1839 goto out_free; 1840 1841 if (vif->flags & VIFF_TUNNEL) { 1842 rt = ip_route_output_ports(net, &fl4, NULL, 1843 vif->remote, vif->local, 1844 0, 0, 1845 IPPROTO_IPIP, 1846 RT_TOS(iph->tos), vif->link); 1847 if (IS_ERR(rt)) 1848 goto out_free; 1849 encap = sizeof(struct iphdr); 1850 } else { 1851 rt = ip_route_output_ports(net, &fl4, NULL, iph->daddr, 0, 1852 0, 0, 1853 IPPROTO_IPIP, 1854 RT_TOS(iph->tos), vif->link); 1855 if (IS_ERR(rt)) 1856 goto out_free; 1857 } 1858 1859 dev = rt->dst.dev; 1860 1861 if (skb->len+encap > dst_mtu(&rt->dst) && (ntohs(iph->frag_off) & IP_DF)) { 1862 /* Do not fragment multicasts. Alas, IPv4 does not 1863 * allow to send ICMP, so that packets will disappear 1864 * to blackhole. 1865 */ 1866 IP_INC_STATS(net, IPSTATS_MIB_FRAGFAILS); 1867 ip_rt_put(rt); 1868 goto out_free; 1869 } 1870 1871 encap += LL_RESERVED_SPACE(dev) + rt->dst.header_len; 1872 1873 if (skb_cow(skb, encap)) { 1874 ip_rt_put(rt); 1875 goto out_free; 1876 } 1877 1878 vif->pkt_out++; 1879 vif->bytes_out += skb->len; 1880 1881 skb_dst_drop(skb); 1882 skb_dst_set(skb, &rt->dst); 1883 ip_decrease_ttl(ip_hdr(skb)); 1884 1885 /* FIXME: forward and output firewalls used to be called here. 1886 * What do we do with netfilter? -- RR 1887 */ 1888 if (vif->flags & VIFF_TUNNEL) { 1889 ip_encap(net, skb, vif->local, vif->remote); 1890 /* FIXME: extra output firewall step used to be here. --RR */ 1891 vif->dev->stats.tx_packets++; 1892 vif->dev->stats.tx_bytes += skb->len; 1893 } 1894 1895 IPCB(skb)->flags |= IPSKB_FORWARDED; 1896 1897 /* RFC1584 teaches, that DVMRP/PIM router must deliver packets locally 1898 * not only before forwarding, but after forwarding on all output 1899 * interfaces. It is clear, if mrouter runs a multicasting 1900 * program, it should receive packets not depending to what interface 1901 * program is joined. 1902 * If we will not make it, the program will have to join on all 1903 * interfaces. On the other hand, multihoming host (or router, but 1904 * not mrouter) cannot join to more than one interface - it will 1905 * result in receiving multiple packets. 1906 */ 1907 NF_HOOK(NFPROTO_IPV4, NF_INET_FORWARD, 1908 net, NULL, skb, skb->dev, dev, 1909 ipmr_forward_finish); 1910 return; 1911 1912 out_free: 1913 kfree_skb(skb); 1914 } 1915 1916 static int ipmr_find_vif(struct mr_table *mrt, struct net_device *dev) 1917 { 1918 int ct; 1919 1920 for (ct = mrt->maxvif-1; ct >= 0; ct--) { 1921 if (mrt->vif_table[ct].dev == dev) 1922 break; 1923 } 1924 return ct; 1925 } 1926 1927 /* "local" means that we should preserve one skb (for local delivery) */ 1928 static void ip_mr_forward(struct net *net, struct mr_table *mrt, 1929 struct net_device *dev, struct sk_buff *skb, 1930 struct mfc_cache *c, int local) 1931 { 1932 int true_vifi = ipmr_find_vif(mrt, dev); 1933 int psend = -1; 1934 int vif, ct; 1935 1936 vif = c->_c.mfc_parent; 1937 c->_c.mfc_un.res.pkt++; 1938 c->_c.mfc_un.res.bytes += skb->len; 1939 c->_c.mfc_un.res.lastuse = jiffies; 1940 1941 if (c->mfc_origin == htonl(INADDR_ANY) && true_vifi >= 0) { 1942 struct mfc_cache *cache_proxy; 1943 1944 /* For an (*,G) entry, we only check that the incomming 1945 * interface is part of the static tree. 1946 */ 1947 cache_proxy = mr_mfc_find_any_parent(mrt, vif); 1948 if (cache_proxy && 1949 cache_proxy->_c.mfc_un.res.ttls[true_vifi] < 255) 1950 goto forward; 1951 } 1952 1953 /* Wrong interface: drop packet and (maybe) send PIM assert. */ 1954 if (mrt->vif_table[vif].dev != dev) { 1955 if (rt_is_output_route(skb_rtable(skb))) { 1956 /* It is our own packet, looped back. 1957 * Very complicated situation... 1958 * 1959 * The best workaround until routing daemons will be 1960 * fixed is not to redistribute packet, if it was 1961 * send through wrong interface. It means, that 1962 * multicast applications WILL NOT work for 1963 * (S,G), which have default multicast route pointing 1964 * to wrong oif. In any case, it is not a good 1965 * idea to use multicasting applications on router. 1966 */ 1967 goto dont_forward; 1968 } 1969 1970 c->_c.mfc_un.res.wrong_if++; 1971 1972 if (true_vifi >= 0 && mrt->mroute_do_assert && 1973 /* pimsm uses asserts, when switching from RPT to SPT, 1974 * so that we cannot check that packet arrived on an oif. 1975 * It is bad, but otherwise we would need to move pretty 1976 * large chunk of pimd to kernel. Ough... --ANK 1977 */ 1978 (mrt->mroute_do_pim || 1979 c->_c.mfc_un.res.ttls[true_vifi] < 255) && 1980 time_after(jiffies, 1981 c->_c.mfc_un.res.last_assert + 1982 MFC_ASSERT_THRESH)) { 1983 c->_c.mfc_un.res.last_assert = jiffies; 1984 ipmr_cache_report(mrt, skb, true_vifi, IGMPMSG_WRONGVIF); 1985 } 1986 goto dont_forward; 1987 } 1988 1989 forward: 1990 mrt->vif_table[vif].pkt_in++; 1991 mrt->vif_table[vif].bytes_in += skb->len; 1992 1993 /* Forward the frame */ 1994 if (c->mfc_origin == htonl(INADDR_ANY) && 1995 c->mfc_mcastgrp == htonl(INADDR_ANY)) { 1996 if (true_vifi >= 0 && 1997 true_vifi != c->_c.mfc_parent && 1998 ip_hdr(skb)->ttl > 1999 c->_c.mfc_un.res.ttls[c->_c.mfc_parent]) { 2000 /* It's an (*,*) entry and the packet is not coming from 2001 * the upstream: forward the packet to the upstream 2002 * only. 2003 */ 2004 psend = c->_c.mfc_parent; 2005 goto last_forward; 2006 } 2007 goto dont_forward; 2008 } 2009 for (ct = c->_c.mfc_un.res.maxvif - 1; 2010 ct >= c->_c.mfc_un.res.minvif; ct--) { 2011 /* For (*,G) entry, don't forward to the incoming interface */ 2012 if ((c->mfc_origin != htonl(INADDR_ANY) || 2013 ct != true_vifi) && 2014 ip_hdr(skb)->ttl > c->_c.mfc_un.res.ttls[ct]) { 2015 if (psend != -1) { 2016 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC); 2017 2018 if (skb2) 2019 ipmr_queue_xmit(net, mrt, true_vifi, 2020 skb2, c, psend); 2021 } 2022 psend = ct; 2023 } 2024 } 2025 last_forward: 2026 if (psend != -1) { 2027 if (local) { 2028 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC); 2029 2030 if (skb2) 2031 ipmr_queue_xmit(net, mrt, true_vifi, skb2, 2032 c, psend); 2033 } else { 2034 ipmr_queue_xmit(net, mrt, true_vifi, skb, c, psend); 2035 return; 2036 } 2037 } 2038 2039 dont_forward: 2040 if (!local) 2041 kfree_skb(skb); 2042 } 2043 2044 static struct mr_table *ipmr_rt_fib_lookup(struct net *net, struct sk_buff *skb) 2045 { 2046 struct rtable *rt = skb_rtable(skb); 2047 struct iphdr *iph = ip_hdr(skb); 2048 struct flowi4 fl4 = { 2049 .daddr = iph->daddr, 2050 .saddr = iph->saddr, 2051 .flowi4_tos = RT_TOS(iph->tos), 2052 .flowi4_oif = (rt_is_output_route(rt) ? 2053 skb->dev->ifindex : 0), 2054 .flowi4_iif = (rt_is_output_route(rt) ? 2055 LOOPBACK_IFINDEX : 2056 skb->dev->ifindex), 2057 .flowi4_mark = skb->mark, 2058 }; 2059 struct mr_table *mrt; 2060 int err; 2061 2062 err = ipmr_fib_lookup(net, &fl4, &mrt); 2063 if (err) 2064 return ERR_PTR(err); 2065 return mrt; 2066 } 2067 2068 /* Multicast packets for forwarding arrive here 2069 * Called with rcu_read_lock(); 2070 */ 2071 int ip_mr_input(struct sk_buff *skb) 2072 { 2073 struct mfc_cache *cache; 2074 struct net *net = dev_net(skb->dev); 2075 int local = skb_rtable(skb)->rt_flags & RTCF_LOCAL; 2076 struct mr_table *mrt; 2077 struct net_device *dev; 2078 2079 /* skb->dev passed in is the loX master dev for vrfs. 2080 * As there are no vifs associated with loopback devices, 2081 * get the proper interface that does have a vif associated with it. 2082 */ 2083 dev = skb->dev; 2084 if (netif_is_l3_master(skb->dev)) { 2085 dev = dev_get_by_index_rcu(net, IPCB(skb)->iif); 2086 if (!dev) { 2087 kfree_skb(skb); 2088 return -ENODEV; 2089 } 2090 } 2091 2092 /* Packet is looped back after forward, it should not be 2093 * forwarded second time, but still can be delivered locally. 2094 */ 2095 if (IPCB(skb)->flags & IPSKB_FORWARDED) 2096 goto dont_forward; 2097 2098 mrt = ipmr_rt_fib_lookup(net, skb); 2099 if (IS_ERR(mrt)) { 2100 kfree_skb(skb); 2101 return PTR_ERR(mrt); 2102 } 2103 if (!local) { 2104 if (IPCB(skb)->opt.router_alert) { 2105 if (ip_call_ra_chain(skb)) 2106 return 0; 2107 } else if (ip_hdr(skb)->protocol == IPPROTO_IGMP) { 2108 /* IGMPv1 (and broken IGMPv2 implementations sort of 2109 * Cisco IOS <= 11.2(8)) do not put router alert 2110 * option to IGMP packets destined to routable 2111 * groups. It is very bad, because it means 2112 * that we can forward NO IGMP messages. 2113 */ 2114 struct sock *mroute_sk; 2115 2116 mroute_sk = rcu_dereference(mrt->mroute_sk); 2117 if (mroute_sk) { 2118 nf_reset(skb); 2119 raw_rcv(mroute_sk, skb); 2120 return 0; 2121 } 2122 } 2123 } 2124 2125 /* already under rcu_read_lock() */ 2126 cache = ipmr_cache_find(mrt, ip_hdr(skb)->saddr, ip_hdr(skb)->daddr); 2127 if (!cache) { 2128 int vif = ipmr_find_vif(mrt, dev); 2129 2130 if (vif >= 0) 2131 cache = ipmr_cache_find_any(mrt, ip_hdr(skb)->daddr, 2132 vif); 2133 } 2134 2135 /* No usable cache entry */ 2136 if (!cache) { 2137 int vif; 2138 2139 if (local) { 2140 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC); 2141 ip_local_deliver(skb); 2142 if (!skb2) 2143 return -ENOBUFS; 2144 skb = skb2; 2145 } 2146 2147 read_lock(&mrt_lock); 2148 vif = ipmr_find_vif(mrt, dev); 2149 if (vif >= 0) { 2150 int err2 = ipmr_cache_unresolved(mrt, vif, skb, dev); 2151 read_unlock(&mrt_lock); 2152 2153 return err2; 2154 } 2155 read_unlock(&mrt_lock); 2156 kfree_skb(skb); 2157 return -ENODEV; 2158 } 2159 2160 read_lock(&mrt_lock); 2161 ip_mr_forward(net, mrt, dev, skb, cache, local); 2162 read_unlock(&mrt_lock); 2163 2164 if (local) 2165 return ip_local_deliver(skb); 2166 2167 return 0; 2168 2169 dont_forward: 2170 if (local) 2171 return ip_local_deliver(skb); 2172 kfree_skb(skb); 2173 return 0; 2174 } 2175 2176 #ifdef CONFIG_IP_PIMSM_V1 2177 /* Handle IGMP messages of PIMv1 */ 2178 int pim_rcv_v1(struct sk_buff *skb) 2179 { 2180 struct igmphdr *pim; 2181 struct net *net = dev_net(skb->dev); 2182 struct mr_table *mrt; 2183 2184 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(struct iphdr))) 2185 goto drop; 2186 2187 pim = igmp_hdr(skb); 2188 2189 mrt = ipmr_rt_fib_lookup(net, skb); 2190 if (IS_ERR(mrt)) 2191 goto drop; 2192 if (!mrt->mroute_do_pim || 2193 pim->group != PIM_V1_VERSION || pim->code != PIM_V1_REGISTER) 2194 goto drop; 2195 2196 if (__pim_rcv(mrt, skb, sizeof(*pim))) { 2197 drop: 2198 kfree_skb(skb); 2199 } 2200 return 0; 2201 } 2202 #endif 2203 2204 #ifdef CONFIG_IP_PIMSM_V2 2205 static int pim_rcv(struct sk_buff *skb) 2206 { 2207 struct pimreghdr *pim; 2208 struct net *net = dev_net(skb->dev); 2209 struct mr_table *mrt; 2210 2211 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(struct iphdr))) 2212 goto drop; 2213 2214 pim = (struct pimreghdr *)skb_transport_header(skb); 2215 if (pim->type != ((PIM_VERSION << 4) | (PIM_TYPE_REGISTER)) || 2216 (pim->flags & PIM_NULL_REGISTER) || 2217 (ip_compute_csum((void *)pim, sizeof(*pim)) != 0 && 2218 csum_fold(skb_checksum(skb, 0, skb->len, 0)))) 2219 goto drop; 2220 2221 mrt = ipmr_rt_fib_lookup(net, skb); 2222 if (IS_ERR(mrt)) 2223 goto drop; 2224 if (__pim_rcv(mrt, skb, sizeof(*pim))) { 2225 drop: 2226 kfree_skb(skb); 2227 } 2228 return 0; 2229 } 2230 #endif 2231 2232 int ipmr_get_route(struct net *net, struct sk_buff *skb, 2233 __be32 saddr, __be32 daddr, 2234 struct rtmsg *rtm, u32 portid) 2235 { 2236 struct mfc_cache *cache; 2237 struct mr_table *mrt; 2238 int err; 2239 2240 mrt = ipmr_get_table(net, RT_TABLE_DEFAULT); 2241 if (!mrt) 2242 return -ENOENT; 2243 2244 rcu_read_lock(); 2245 cache = ipmr_cache_find(mrt, saddr, daddr); 2246 if (!cache && skb->dev) { 2247 int vif = ipmr_find_vif(mrt, skb->dev); 2248 2249 if (vif >= 0) 2250 cache = ipmr_cache_find_any(mrt, daddr, vif); 2251 } 2252 if (!cache) { 2253 struct sk_buff *skb2; 2254 struct iphdr *iph; 2255 struct net_device *dev; 2256 int vif = -1; 2257 2258 dev = skb->dev; 2259 read_lock(&mrt_lock); 2260 if (dev) 2261 vif = ipmr_find_vif(mrt, dev); 2262 if (vif < 0) { 2263 read_unlock(&mrt_lock); 2264 rcu_read_unlock(); 2265 return -ENODEV; 2266 } 2267 skb2 = skb_clone(skb, GFP_ATOMIC); 2268 if (!skb2) { 2269 read_unlock(&mrt_lock); 2270 rcu_read_unlock(); 2271 return -ENOMEM; 2272 } 2273 2274 NETLINK_CB(skb2).portid = portid; 2275 skb_push(skb2, sizeof(struct iphdr)); 2276 skb_reset_network_header(skb2); 2277 iph = ip_hdr(skb2); 2278 iph->ihl = sizeof(struct iphdr) >> 2; 2279 iph->saddr = saddr; 2280 iph->daddr = daddr; 2281 iph->version = 0; 2282 err = ipmr_cache_unresolved(mrt, vif, skb2, dev); 2283 read_unlock(&mrt_lock); 2284 rcu_read_unlock(); 2285 return err; 2286 } 2287 2288 read_lock(&mrt_lock); 2289 err = mr_fill_mroute(mrt, skb, &cache->_c, rtm); 2290 read_unlock(&mrt_lock); 2291 rcu_read_unlock(); 2292 return err; 2293 } 2294 2295 static int ipmr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb, 2296 u32 portid, u32 seq, struct mfc_cache *c, int cmd, 2297 int flags) 2298 { 2299 struct nlmsghdr *nlh; 2300 struct rtmsg *rtm; 2301 int err; 2302 2303 nlh = nlmsg_put(skb, portid, seq, cmd, sizeof(*rtm), flags); 2304 if (!nlh) 2305 return -EMSGSIZE; 2306 2307 rtm = nlmsg_data(nlh); 2308 rtm->rtm_family = RTNL_FAMILY_IPMR; 2309 rtm->rtm_dst_len = 32; 2310 rtm->rtm_src_len = 32; 2311 rtm->rtm_tos = 0; 2312 rtm->rtm_table = mrt->id; 2313 if (nla_put_u32(skb, RTA_TABLE, mrt->id)) 2314 goto nla_put_failure; 2315 rtm->rtm_type = RTN_MULTICAST; 2316 rtm->rtm_scope = RT_SCOPE_UNIVERSE; 2317 if (c->_c.mfc_flags & MFC_STATIC) 2318 rtm->rtm_protocol = RTPROT_STATIC; 2319 else 2320 rtm->rtm_protocol = RTPROT_MROUTED; 2321 rtm->rtm_flags = 0; 2322 2323 if (nla_put_in_addr(skb, RTA_SRC, c->mfc_origin) || 2324 nla_put_in_addr(skb, RTA_DST, c->mfc_mcastgrp)) 2325 goto nla_put_failure; 2326 err = mr_fill_mroute(mrt, skb, &c->_c, rtm); 2327 /* do not break the dump if cache is unresolved */ 2328 if (err < 0 && err != -ENOENT) 2329 goto nla_put_failure; 2330 2331 nlmsg_end(skb, nlh); 2332 return 0; 2333 2334 nla_put_failure: 2335 nlmsg_cancel(skb, nlh); 2336 return -EMSGSIZE; 2337 } 2338 2339 static int _ipmr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb, 2340 u32 portid, u32 seq, struct mr_mfc *c, int cmd, 2341 int flags) 2342 { 2343 return ipmr_fill_mroute(mrt, skb, portid, seq, (struct mfc_cache *)c, 2344 cmd, flags); 2345 } 2346 2347 static size_t mroute_msgsize(bool unresolved, int maxvif) 2348 { 2349 size_t len = 2350 NLMSG_ALIGN(sizeof(struct rtmsg)) 2351 + nla_total_size(4) /* RTA_TABLE */ 2352 + nla_total_size(4) /* RTA_SRC */ 2353 + nla_total_size(4) /* RTA_DST */ 2354 ; 2355 2356 if (!unresolved) 2357 len = len 2358 + nla_total_size(4) /* RTA_IIF */ 2359 + nla_total_size(0) /* RTA_MULTIPATH */ 2360 + maxvif * NLA_ALIGN(sizeof(struct rtnexthop)) 2361 /* RTA_MFC_STATS */ 2362 + nla_total_size_64bit(sizeof(struct rta_mfc_stats)) 2363 ; 2364 2365 return len; 2366 } 2367 2368 static void mroute_netlink_event(struct mr_table *mrt, struct mfc_cache *mfc, 2369 int cmd) 2370 { 2371 struct net *net = read_pnet(&mrt->net); 2372 struct sk_buff *skb; 2373 int err = -ENOBUFS; 2374 2375 skb = nlmsg_new(mroute_msgsize(mfc->_c.mfc_parent >= MAXVIFS, 2376 mrt->maxvif), 2377 GFP_ATOMIC); 2378 if (!skb) 2379 goto errout; 2380 2381 err = ipmr_fill_mroute(mrt, skb, 0, 0, mfc, cmd, 0); 2382 if (err < 0) 2383 goto errout; 2384 2385 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_MROUTE, NULL, GFP_ATOMIC); 2386 return; 2387 2388 errout: 2389 kfree_skb(skb); 2390 if (err < 0) 2391 rtnl_set_sk_err(net, RTNLGRP_IPV4_MROUTE, err); 2392 } 2393 2394 static size_t igmpmsg_netlink_msgsize(size_t payloadlen) 2395 { 2396 size_t len = 2397 NLMSG_ALIGN(sizeof(struct rtgenmsg)) 2398 + nla_total_size(1) /* IPMRA_CREPORT_MSGTYPE */ 2399 + nla_total_size(4) /* IPMRA_CREPORT_VIF_ID */ 2400 + nla_total_size(4) /* IPMRA_CREPORT_SRC_ADDR */ 2401 + nla_total_size(4) /* IPMRA_CREPORT_DST_ADDR */ 2402 /* IPMRA_CREPORT_PKT */ 2403 + nla_total_size(payloadlen) 2404 ; 2405 2406 return len; 2407 } 2408 2409 static void igmpmsg_netlink_event(struct mr_table *mrt, struct sk_buff *pkt) 2410 { 2411 struct net *net = read_pnet(&mrt->net); 2412 struct nlmsghdr *nlh; 2413 struct rtgenmsg *rtgenm; 2414 struct igmpmsg *msg; 2415 struct sk_buff *skb; 2416 struct nlattr *nla; 2417 int payloadlen; 2418 2419 payloadlen = pkt->len - sizeof(struct igmpmsg); 2420 msg = (struct igmpmsg *)skb_network_header(pkt); 2421 2422 skb = nlmsg_new(igmpmsg_netlink_msgsize(payloadlen), GFP_ATOMIC); 2423 if (!skb) 2424 goto errout; 2425 2426 nlh = nlmsg_put(skb, 0, 0, RTM_NEWCACHEREPORT, 2427 sizeof(struct rtgenmsg), 0); 2428 if (!nlh) 2429 goto errout; 2430 rtgenm = nlmsg_data(nlh); 2431 rtgenm->rtgen_family = RTNL_FAMILY_IPMR; 2432 if (nla_put_u8(skb, IPMRA_CREPORT_MSGTYPE, msg->im_msgtype) || 2433 nla_put_u32(skb, IPMRA_CREPORT_VIF_ID, msg->im_vif) || 2434 nla_put_in_addr(skb, IPMRA_CREPORT_SRC_ADDR, 2435 msg->im_src.s_addr) || 2436 nla_put_in_addr(skb, IPMRA_CREPORT_DST_ADDR, 2437 msg->im_dst.s_addr)) 2438 goto nla_put_failure; 2439 2440 nla = nla_reserve(skb, IPMRA_CREPORT_PKT, payloadlen); 2441 if (!nla || skb_copy_bits(pkt, sizeof(struct igmpmsg), 2442 nla_data(nla), payloadlen)) 2443 goto nla_put_failure; 2444 2445 nlmsg_end(skb, nlh); 2446 2447 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_MROUTE_R, NULL, GFP_ATOMIC); 2448 return; 2449 2450 nla_put_failure: 2451 nlmsg_cancel(skb, nlh); 2452 errout: 2453 kfree_skb(skb); 2454 rtnl_set_sk_err(net, RTNLGRP_IPV4_MROUTE_R, -ENOBUFS); 2455 } 2456 2457 static int ipmr_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh, 2458 struct netlink_ext_ack *extack) 2459 { 2460 struct net *net = sock_net(in_skb->sk); 2461 struct nlattr *tb[RTA_MAX + 1]; 2462 struct sk_buff *skb = NULL; 2463 struct mfc_cache *cache; 2464 struct mr_table *mrt; 2465 struct rtmsg *rtm; 2466 __be32 src, grp; 2467 u32 tableid; 2468 int err; 2469 2470 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, 2471 rtm_ipv4_policy, extack); 2472 if (err < 0) 2473 goto errout; 2474 2475 rtm = nlmsg_data(nlh); 2476 2477 src = tb[RTA_SRC] ? nla_get_in_addr(tb[RTA_SRC]) : 0; 2478 grp = tb[RTA_DST] ? nla_get_in_addr(tb[RTA_DST]) : 0; 2479 tableid = tb[RTA_TABLE] ? nla_get_u32(tb[RTA_TABLE]) : 0; 2480 2481 mrt = ipmr_get_table(net, tableid ? tableid : RT_TABLE_DEFAULT); 2482 if (!mrt) { 2483 err = -ENOENT; 2484 goto errout_free; 2485 } 2486 2487 /* entries are added/deleted only under RTNL */ 2488 rcu_read_lock(); 2489 cache = ipmr_cache_find(mrt, src, grp); 2490 rcu_read_unlock(); 2491 if (!cache) { 2492 err = -ENOENT; 2493 goto errout_free; 2494 } 2495 2496 skb = nlmsg_new(mroute_msgsize(false, mrt->maxvif), GFP_KERNEL); 2497 if (!skb) { 2498 err = -ENOBUFS; 2499 goto errout_free; 2500 } 2501 2502 err = ipmr_fill_mroute(mrt, skb, NETLINK_CB(in_skb).portid, 2503 nlh->nlmsg_seq, cache, 2504 RTM_NEWROUTE, 0); 2505 if (err < 0) 2506 goto errout_free; 2507 2508 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid); 2509 2510 errout: 2511 return err; 2512 2513 errout_free: 2514 kfree_skb(skb); 2515 goto errout; 2516 } 2517 2518 static int ipmr_rtm_dumproute(struct sk_buff *skb, struct netlink_callback *cb) 2519 { 2520 return mr_rtm_dumproute(skb, cb, ipmr_mr_table_iter, 2521 _ipmr_fill_mroute, &mfc_unres_lock); 2522 } 2523 2524 static const struct nla_policy rtm_ipmr_policy[RTA_MAX + 1] = { 2525 [RTA_SRC] = { .type = NLA_U32 }, 2526 [RTA_DST] = { .type = NLA_U32 }, 2527 [RTA_IIF] = { .type = NLA_U32 }, 2528 [RTA_TABLE] = { .type = NLA_U32 }, 2529 [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) }, 2530 }; 2531 2532 static bool ipmr_rtm_validate_proto(unsigned char rtm_protocol) 2533 { 2534 switch (rtm_protocol) { 2535 case RTPROT_STATIC: 2536 case RTPROT_MROUTED: 2537 return true; 2538 } 2539 return false; 2540 } 2541 2542 static int ipmr_nla_get_ttls(const struct nlattr *nla, struct mfcctl *mfcc) 2543 { 2544 struct rtnexthop *rtnh = nla_data(nla); 2545 int remaining = nla_len(nla), vifi = 0; 2546 2547 while (rtnh_ok(rtnh, remaining)) { 2548 mfcc->mfcc_ttls[vifi] = rtnh->rtnh_hops; 2549 if (++vifi == MAXVIFS) 2550 break; 2551 rtnh = rtnh_next(rtnh, &remaining); 2552 } 2553 2554 return remaining > 0 ? -EINVAL : vifi; 2555 } 2556 2557 /* returns < 0 on error, 0 for ADD_MFC and 1 for ADD_MFC_PROXY */ 2558 static int rtm_to_ipmr_mfcc(struct net *net, struct nlmsghdr *nlh, 2559 struct mfcctl *mfcc, int *mrtsock, 2560 struct mr_table **mrtret, 2561 struct netlink_ext_ack *extack) 2562 { 2563 struct net_device *dev = NULL; 2564 u32 tblid = RT_TABLE_DEFAULT; 2565 struct mr_table *mrt; 2566 struct nlattr *attr; 2567 struct rtmsg *rtm; 2568 int ret, rem; 2569 2570 ret = nlmsg_validate(nlh, sizeof(*rtm), RTA_MAX, rtm_ipmr_policy, 2571 extack); 2572 if (ret < 0) 2573 goto out; 2574 rtm = nlmsg_data(nlh); 2575 2576 ret = -EINVAL; 2577 if (rtm->rtm_family != RTNL_FAMILY_IPMR || rtm->rtm_dst_len != 32 || 2578 rtm->rtm_type != RTN_MULTICAST || 2579 rtm->rtm_scope != RT_SCOPE_UNIVERSE || 2580 !ipmr_rtm_validate_proto(rtm->rtm_protocol)) 2581 goto out; 2582 2583 memset(mfcc, 0, sizeof(*mfcc)); 2584 mfcc->mfcc_parent = -1; 2585 ret = 0; 2586 nlmsg_for_each_attr(attr, nlh, sizeof(struct rtmsg), rem) { 2587 switch (nla_type(attr)) { 2588 case RTA_SRC: 2589 mfcc->mfcc_origin.s_addr = nla_get_be32(attr); 2590 break; 2591 case RTA_DST: 2592 mfcc->mfcc_mcastgrp.s_addr = nla_get_be32(attr); 2593 break; 2594 case RTA_IIF: 2595 dev = __dev_get_by_index(net, nla_get_u32(attr)); 2596 if (!dev) { 2597 ret = -ENODEV; 2598 goto out; 2599 } 2600 break; 2601 case RTA_MULTIPATH: 2602 if (ipmr_nla_get_ttls(attr, mfcc) < 0) { 2603 ret = -EINVAL; 2604 goto out; 2605 } 2606 break; 2607 case RTA_PREFSRC: 2608 ret = 1; 2609 break; 2610 case RTA_TABLE: 2611 tblid = nla_get_u32(attr); 2612 break; 2613 } 2614 } 2615 mrt = ipmr_get_table(net, tblid); 2616 if (!mrt) { 2617 ret = -ENOENT; 2618 goto out; 2619 } 2620 *mrtret = mrt; 2621 *mrtsock = rtm->rtm_protocol == RTPROT_MROUTED ? 1 : 0; 2622 if (dev) 2623 mfcc->mfcc_parent = ipmr_find_vif(mrt, dev); 2624 2625 out: 2626 return ret; 2627 } 2628 2629 /* takes care of both newroute and delroute */ 2630 static int ipmr_rtm_route(struct sk_buff *skb, struct nlmsghdr *nlh, 2631 struct netlink_ext_ack *extack) 2632 { 2633 struct net *net = sock_net(skb->sk); 2634 int ret, mrtsock, parent; 2635 struct mr_table *tbl; 2636 struct mfcctl mfcc; 2637 2638 mrtsock = 0; 2639 tbl = NULL; 2640 ret = rtm_to_ipmr_mfcc(net, nlh, &mfcc, &mrtsock, &tbl, extack); 2641 if (ret < 0) 2642 return ret; 2643 2644 parent = ret ? mfcc.mfcc_parent : -1; 2645 if (nlh->nlmsg_type == RTM_NEWROUTE) 2646 return ipmr_mfc_add(net, tbl, &mfcc, mrtsock, parent); 2647 else 2648 return ipmr_mfc_delete(tbl, &mfcc, parent); 2649 } 2650 2651 static bool ipmr_fill_table(struct mr_table *mrt, struct sk_buff *skb) 2652 { 2653 u32 queue_len = atomic_read(&mrt->cache_resolve_queue_len); 2654 2655 if (nla_put_u32(skb, IPMRA_TABLE_ID, mrt->id) || 2656 nla_put_u32(skb, IPMRA_TABLE_CACHE_RES_QUEUE_LEN, queue_len) || 2657 nla_put_s32(skb, IPMRA_TABLE_MROUTE_REG_VIF_NUM, 2658 mrt->mroute_reg_vif_num) || 2659 nla_put_u8(skb, IPMRA_TABLE_MROUTE_DO_ASSERT, 2660 mrt->mroute_do_assert) || 2661 nla_put_u8(skb, IPMRA_TABLE_MROUTE_DO_PIM, mrt->mroute_do_pim)) 2662 return false; 2663 2664 return true; 2665 } 2666 2667 static bool ipmr_fill_vif(struct mr_table *mrt, u32 vifid, struct sk_buff *skb) 2668 { 2669 struct nlattr *vif_nest; 2670 struct vif_device *vif; 2671 2672 /* if the VIF doesn't exist just continue */ 2673 if (!VIF_EXISTS(mrt, vifid)) 2674 return true; 2675 2676 vif = &mrt->vif_table[vifid]; 2677 vif_nest = nla_nest_start(skb, IPMRA_VIF); 2678 if (!vif_nest) 2679 return false; 2680 if (nla_put_u32(skb, IPMRA_VIFA_IFINDEX, vif->dev->ifindex) || 2681 nla_put_u32(skb, IPMRA_VIFA_VIF_ID, vifid) || 2682 nla_put_u16(skb, IPMRA_VIFA_FLAGS, vif->flags) || 2683 nla_put_u64_64bit(skb, IPMRA_VIFA_BYTES_IN, vif->bytes_in, 2684 IPMRA_VIFA_PAD) || 2685 nla_put_u64_64bit(skb, IPMRA_VIFA_BYTES_OUT, vif->bytes_out, 2686 IPMRA_VIFA_PAD) || 2687 nla_put_u64_64bit(skb, IPMRA_VIFA_PACKETS_IN, vif->pkt_in, 2688 IPMRA_VIFA_PAD) || 2689 nla_put_u64_64bit(skb, IPMRA_VIFA_PACKETS_OUT, vif->pkt_out, 2690 IPMRA_VIFA_PAD) || 2691 nla_put_be32(skb, IPMRA_VIFA_LOCAL_ADDR, vif->local) || 2692 nla_put_be32(skb, IPMRA_VIFA_REMOTE_ADDR, vif->remote)) { 2693 nla_nest_cancel(skb, vif_nest); 2694 return false; 2695 } 2696 nla_nest_end(skb, vif_nest); 2697 2698 return true; 2699 } 2700 2701 static int ipmr_rtm_dumplink(struct sk_buff *skb, struct netlink_callback *cb) 2702 { 2703 struct net *net = sock_net(skb->sk); 2704 struct nlmsghdr *nlh = NULL; 2705 unsigned int t = 0, s_t; 2706 unsigned int e = 0, s_e; 2707 struct mr_table *mrt; 2708 2709 s_t = cb->args[0]; 2710 s_e = cb->args[1]; 2711 2712 ipmr_for_each_table(mrt, net) { 2713 struct nlattr *vifs, *af; 2714 struct ifinfomsg *hdr; 2715 u32 i; 2716 2717 if (t < s_t) 2718 goto skip_table; 2719 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, 2720 cb->nlh->nlmsg_seq, RTM_NEWLINK, 2721 sizeof(*hdr), NLM_F_MULTI); 2722 if (!nlh) 2723 break; 2724 2725 hdr = nlmsg_data(nlh); 2726 memset(hdr, 0, sizeof(*hdr)); 2727 hdr->ifi_family = RTNL_FAMILY_IPMR; 2728 2729 af = nla_nest_start(skb, IFLA_AF_SPEC); 2730 if (!af) { 2731 nlmsg_cancel(skb, nlh); 2732 goto out; 2733 } 2734 2735 if (!ipmr_fill_table(mrt, skb)) { 2736 nlmsg_cancel(skb, nlh); 2737 goto out; 2738 } 2739 2740 vifs = nla_nest_start(skb, IPMRA_TABLE_VIFS); 2741 if (!vifs) { 2742 nla_nest_end(skb, af); 2743 nlmsg_end(skb, nlh); 2744 goto out; 2745 } 2746 for (i = 0; i < mrt->maxvif; i++) { 2747 if (e < s_e) 2748 goto skip_entry; 2749 if (!ipmr_fill_vif(mrt, i, skb)) { 2750 nla_nest_end(skb, vifs); 2751 nla_nest_end(skb, af); 2752 nlmsg_end(skb, nlh); 2753 goto out; 2754 } 2755 skip_entry: 2756 e++; 2757 } 2758 s_e = 0; 2759 e = 0; 2760 nla_nest_end(skb, vifs); 2761 nla_nest_end(skb, af); 2762 nlmsg_end(skb, nlh); 2763 skip_table: 2764 t++; 2765 } 2766 2767 out: 2768 cb->args[1] = e; 2769 cb->args[0] = t; 2770 2771 return skb->len; 2772 } 2773 2774 #ifdef CONFIG_PROC_FS 2775 /* The /proc interfaces to multicast routing : 2776 * /proc/net/ip_mr_cache & /proc/net/ip_mr_vif 2777 */ 2778 2779 static void *ipmr_vif_seq_start(struct seq_file *seq, loff_t *pos) 2780 __acquires(mrt_lock) 2781 { 2782 struct mr_vif_iter *iter = seq->private; 2783 struct net *net = seq_file_net(seq); 2784 struct mr_table *mrt; 2785 2786 mrt = ipmr_get_table(net, RT_TABLE_DEFAULT); 2787 if (!mrt) 2788 return ERR_PTR(-ENOENT); 2789 2790 iter->mrt = mrt; 2791 2792 read_lock(&mrt_lock); 2793 return mr_vif_seq_start(seq, pos); 2794 } 2795 2796 static void ipmr_vif_seq_stop(struct seq_file *seq, void *v) 2797 __releases(mrt_lock) 2798 { 2799 read_unlock(&mrt_lock); 2800 } 2801 2802 static int ipmr_vif_seq_show(struct seq_file *seq, void *v) 2803 { 2804 struct mr_vif_iter *iter = seq->private; 2805 struct mr_table *mrt = iter->mrt; 2806 2807 if (v == SEQ_START_TOKEN) { 2808 seq_puts(seq, 2809 "Interface BytesIn PktsIn BytesOut PktsOut Flags Local Remote\n"); 2810 } else { 2811 const struct vif_device *vif = v; 2812 const char *name = vif->dev ? 2813 vif->dev->name : "none"; 2814 2815 seq_printf(seq, 2816 "%2td %-10s %8ld %7ld %8ld %7ld %05X %08X %08X\n", 2817 vif - mrt->vif_table, 2818 name, vif->bytes_in, vif->pkt_in, 2819 vif->bytes_out, vif->pkt_out, 2820 vif->flags, vif->local, vif->remote); 2821 } 2822 return 0; 2823 } 2824 2825 static const struct seq_operations ipmr_vif_seq_ops = { 2826 .start = ipmr_vif_seq_start, 2827 .next = mr_vif_seq_next, 2828 .stop = ipmr_vif_seq_stop, 2829 .show = ipmr_vif_seq_show, 2830 }; 2831 2832 static void *ipmr_mfc_seq_start(struct seq_file *seq, loff_t *pos) 2833 { 2834 struct net *net = seq_file_net(seq); 2835 struct mr_table *mrt; 2836 2837 mrt = ipmr_get_table(net, RT_TABLE_DEFAULT); 2838 if (!mrt) 2839 return ERR_PTR(-ENOENT); 2840 2841 return mr_mfc_seq_start(seq, pos, mrt, &mfc_unres_lock); 2842 } 2843 2844 static int ipmr_mfc_seq_show(struct seq_file *seq, void *v) 2845 { 2846 int n; 2847 2848 if (v == SEQ_START_TOKEN) { 2849 seq_puts(seq, 2850 "Group Origin Iif Pkts Bytes Wrong Oifs\n"); 2851 } else { 2852 const struct mfc_cache *mfc = v; 2853 const struct mr_mfc_iter *it = seq->private; 2854 const struct mr_table *mrt = it->mrt; 2855 2856 seq_printf(seq, "%08X %08X %-3hd", 2857 (__force u32) mfc->mfc_mcastgrp, 2858 (__force u32) mfc->mfc_origin, 2859 mfc->_c.mfc_parent); 2860 2861 if (it->cache != &mrt->mfc_unres_queue) { 2862 seq_printf(seq, " %8lu %8lu %8lu", 2863 mfc->_c.mfc_un.res.pkt, 2864 mfc->_c.mfc_un.res.bytes, 2865 mfc->_c.mfc_un.res.wrong_if); 2866 for (n = mfc->_c.mfc_un.res.minvif; 2867 n < mfc->_c.mfc_un.res.maxvif; n++) { 2868 if (VIF_EXISTS(mrt, n) && 2869 mfc->_c.mfc_un.res.ttls[n] < 255) 2870 seq_printf(seq, 2871 " %2d:%-3d", 2872 n, mfc->_c.mfc_un.res.ttls[n]); 2873 } 2874 } else { 2875 /* unresolved mfc_caches don't contain 2876 * pkt, bytes and wrong_if values 2877 */ 2878 seq_printf(seq, " %8lu %8lu %8lu", 0ul, 0ul, 0ul); 2879 } 2880 seq_putc(seq, '\n'); 2881 } 2882 return 0; 2883 } 2884 2885 static const struct seq_operations ipmr_mfc_seq_ops = { 2886 .start = ipmr_mfc_seq_start, 2887 .next = mr_mfc_seq_next, 2888 .stop = mr_mfc_seq_stop, 2889 .show = ipmr_mfc_seq_show, 2890 }; 2891 #endif 2892 2893 #ifdef CONFIG_IP_PIMSM_V2 2894 static const struct net_protocol pim_protocol = { 2895 .handler = pim_rcv, 2896 .netns_ok = 1, 2897 }; 2898 #endif 2899 2900 static unsigned int ipmr_seq_read(struct net *net) 2901 { 2902 ASSERT_RTNL(); 2903 2904 return net->ipv4.ipmr_seq + ipmr_rules_seq_read(net); 2905 } 2906 2907 static int ipmr_dump(struct net *net, struct notifier_block *nb) 2908 { 2909 return mr_dump(net, nb, RTNL_FAMILY_IPMR, ipmr_rules_dump, 2910 ipmr_mr_table_iter, &mrt_lock); 2911 } 2912 2913 static const struct fib_notifier_ops ipmr_notifier_ops_template = { 2914 .family = RTNL_FAMILY_IPMR, 2915 .fib_seq_read = ipmr_seq_read, 2916 .fib_dump = ipmr_dump, 2917 .owner = THIS_MODULE, 2918 }; 2919 2920 static int __net_init ipmr_notifier_init(struct net *net) 2921 { 2922 struct fib_notifier_ops *ops; 2923 2924 net->ipv4.ipmr_seq = 0; 2925 2926 ops = fib_notifier_ops_register(&ipmr_notifier_ops_template, net); 2927 if (IS_ERR(ops)) 2928 return PTR_ERR(ops); 2929 net->ipv4.ipmr_notifier_ops = ops; 2930 2931 return 0; 2932 } 2933 2934 static void __net_exit ipmr_notifier_exit(struct net *net) 2935 { 2936 fib_notifier_ops_unregister(net->ipv4.ipmr_notifier_ops); 2937 net->ipv4.ipmr_notifier_ops = NULL; 2938 } 2939 2940 /* Setup for IP multicast routing */ 2941 static int __net_init ipmr_net_init(struct net *net) 2942 { 2943 int err; 2944 2945 err = ipmr_notifier_init(net); 2946 if (err) 2947 goto ipmr_notifier_fail; 2948 2949 err = ipmr_rules_init(net); 2950 if (err < 0) 2951 goto ipmr_rules_fail; 2952 2953 #ifdef CONFIG_PROC_FS 2954 err = -ENOMEM; 2955 if (!proc_create_net("ip_mr_vif", 0, net->proc_net, &ipmr_vif_seq_ops, 2956 sizeof(struct mr_vif_iter))) 2957 goto proc_vif_fail; 2958 if (!proc_create_net("ip_mr_cache", 0, net->proc_net, &ipmr_mfc_seq_ops, 2959 sizeof(struct mr_mfc_iter))) 2960 goto proc_cache_fail; 2961 #endif 2962 return 0; 2963 2964 #ifdef CONFIG_PROC_FS 2965 proc_cache_fail: 2966 remove_proc_entry("ip_mr_vif", net->proc_net); 2967 proc_vif_fail: 2968 ipmr_rules_exit(net); 2969 #endif 2970 ipmr_rules_fail: 2971 ipmr_notifier_exit(net); 2972 ipmr_notifier_fail: 2973 return err; 2974 } 2975 2976 static void __net_exit ipmr_net_exit(struct net *net) 2977 { 2978 #ifdef CONFIG_PROC_FS 2979 remove_proc_entry("ip_mr_cache", net->proc_net); 2980 remove_proc_entry("ip_mr_vif", net->proc_net); 2981 #endif 2982 ipmr_notifier_exit(net); 2983 ipmr_rules_exit(net); 2984 } 2985 2986 static struct pernet_operations ipmr_net_ops = { 2987 .init = ipmr_net_init, 2988 .exit = ipmr_net_exit, 2989 }; 2990 2991 int __init ip_mr_init(void) 2992 { 2993 int err; 2994 2995 mrt_cachep = kmem_cache_create("ip_mrt_cache", 2996 sizeof(struct mfc_cache), 2997 0, SLAB_HWCACHE_ALIGN | SLAB_PANIC, 2998 NULL); 2999 3000 err = register_pernet_subsys(&ipmr_net_ops); 3001 if (err) 3002 goto reg_pernet_fail; 3003 3004 err = register_netdevice_notifier(&ip_mr_notifier); 3005 if (err) 3006 goto reg_notif_fail; 3007 #ifdef CONFIG_IP_PIMSM_V2 3008 if (inet_add_protocol(&pim_protocol, IPPROTO_PIM) < 0) { 3009 pr_err("%s: can't add PIM protocol\n", __func__); 3010 err = -EAGAIN; 3011 goto add_proto_fail; 3012 } 3013 #endif 3014 rtnl_register(RTNL_FAMILY_IPMR, RTM_GETROUTE, 3015 ipmr_rtm_getroute, ipmr_rtm_dumproute, 0); 3016 rtnl_register(RTNL_FAMILY_IPMR, RTM_NEWROUTE, 3017 ipmr_rtm_route, NULL, 0); 3018 rtnl_register(RTNL_FAMILY_IPMR, RTM_DELROUTE, 3019 ipmr_rtm_route, NULL, 0); 3020 3021 rtnl_register(RTNL_FAMILY_IPMR, RTM_GETLINK, 3022 NULL, ipmr_rtm_dumplink, 0); 3023 return 0; 3024 3025 #ifdef CONFIG_IP_PIMSM_V2 3026 add_proto_fail: 3027 unregister_netdevice_notifier(&ip_mr_notifier); 3028 #endif 3029 reg_notif_fail: 3030 unregister_pernet_subsys(&ipmr_net_ops); 3031 reg_pernet_fail: 3032 kmem_cache_destroy(mrt_cachep); 3033 return err; 3034 } 3035