1 /* 2 * Linux IPv6 multicast routing support for BSD pim6sd 3 * Based on net/ipv4/ipmr.c. 4 * 5 * (c) 2004 Mickael Hoerdt, <hoerdt@clarinet.u-strasbg.fr> 6 * LSIIT Laboratory, Strasbourg, France 7 * (c) 2004 Jean-Philippe Andriot, <jean-philippe.andriot@6WIND.com> 8 * 6WIND, Paris, France 9 * Copyright (C)2007,2008 USAGI/WIDE Project 10 * YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> 11 * 12 * This program is free software; you can redistribute it and/or 13 * modify it under the terms of the GNU General Public License 14 * as published by the Free Software Foundation; either version 15 * 2 of the License, or (at your option) any later version. 16 * 17 */ 18 19 #include <asm/system.h> 20 #include <asm/uaccess.h> 21 #include <linux/types.h> 22 #include <linux/sched.h> 23 #include <linux/errno.h> 24 #include <linux/timer.h> 25 #include <linux/mm.h> 26 #include <linux/kernel.h> 27 #include <linux/fcntl.h> 28 #include <linux/stat.h> 29 #include <linux/socket.h> 30 #include <linux/inet.h> 31 #include <linux/netdevice.h> 32 #include <linux/inetdevice.h> 33 #include <linux/proc_fs.h> 34 #include <linux/seq_file.h> 35 #include <linux/init.h> 36 #include <net/protocol.h> 37 #include <linux/skbuff.h> 38 #include <net/sock.h> 39 #include <net/raw.h> 40 #include <linux/notifier.h> 41 #include <linux/if_arp.h> 42 #include <net/checksum.h> 43 #include <net/netlink.h> 44 45 #include <net/ipv6.h> 46 #include <net/ip6_route.h> 47 #include <linux/mroute6.h> 48 #include <linux/pim.h> 49 #include <net/addrconf.h> 50 #include <linux/netfilter_ipv6.h> 51 #include <net/ip6_checksum.h> 52 53 /* Big lock, protecting vif table, mrt cache and mroute socket state. 54 Note that the changes are semaphored via rtnl_lock. 55 */ 56 57 static DEFINE_RWLOCK(mrt_lock); 58 59 /* 60 * Multicast router control variables 61 */ 62 63 #define MIF_EXISTS(_net, _idx) ((_net)->ipv6.vif6_table[_idx].dev != NULL) 64 65 static struct mfc6_cache *mfc_unres_queue; /* Queue of unresolved entries */ 66 67 /* Special spinlock for queue of unresolved entries */ 68 static DEFINE_SPINLOCK(mfc_unres_lock); 69 70 /* We return to original Alan's scheme. Hash table of resolved 71 entries is changed only in process context and protected 72 with weak lock mrt_lock. Queue of unresolved entries is protected 73 with strong spinlock mfc_unres_lock. 74 75 In this case data path is free of exclusive locks at all. 76 */ 77 78 static struct kmem_cache *mrt_cachep __read_mostly; 79 80 static int ip6_mr_forward(struct sk_buff *skb, struct mfc6_cache *cache); 81 static int ip6mr_cache_report(struct net *net, struct sk_buff *pkt, 82 mifi_t mifi, int assert); 83 static int ip6mr_fill_mroute(struct sk_buff *skb, struct mfc6_cache *c, struct rtmsg *rtm); 84 static void mroute_clean_tables(struct net *net); 85 86 #ifdef CONFIG_IPV6_PIMSM_V2 87 static struct inet6_protocol pim6_protocol; 88 #endif 89 90 static struct timer_list ipmr_expire_timer; 91 92 93 #ifdef CONFIG_PROC_FS 94 95 struct ipmr_mfc_iter { 96 struct seq_net_private p; 97 struct mfc6_cache **cache; 98 int ct; 99 }; 100 101 102 static struct mfc6_cache *ipmr_mfc_seq_idx(struct net *net, 103 struct ipmr_mfc_iter *it, loff_t pos) 104 { 105 struct mfc6_cache *mfc; 106 107 it->cache = net->ipv6.mfc6_cache_array; 108 read_lock(&mrt_lock); 109 for (it->ct = 0; it->ct < MFC6_LINES; it->ct++) 110 for (mfc = net->ipv6.mfc6_cache_array[it->ct]; 111 mfc; mfc = mfc->next) 112 if (pos-- == 0) 113 return mfc; 114 read_unlock(&mrt_lock); 115 116 it->cache = &mfc_unres_queue; 117 spin_lock_bh(&mfc_unres_lock); 118 for (mfc = mfc_unres_queue; mfc; mfc = mfc->next) 119 if (net_eq(mfc6_net(mfc), net) && 120 pos-- == 0) 121 return mfc; 122 spin_unlock_bh(&mfc_unres_lock); 123 124 it->cache = NULL; 125 return NULL; 126 } 127 128 129 130 131 /* 132 * The /proc interfaces to multicast routing /proc/ip6_mr_cache /proc/ip6_mr_vif 133 */ 134 135 struct ipmr_vif_iter { 136 struct seq_net_private p; 137 int ct; 138 }; 139 140 static struct mif_device *ip6mr_vif_seq_idx(struct net *net, 141 struct ipmr_vif_iter *iter, 142 loff_t pos) 143 { 144 for (iter->ct = 0; iter->ct < net->ipv6.maxvif; ++iter->ct) { 145 if (!MIF_EXISTS(net, iter->ct)) 146 continue; 147 if (pos-- == 0) 148 return &net->ipv6.vif6_table[iter->ct]; 149 } 150 return NULL; 151 } 152 153 static void *ip6mr_vif_seq_start(struct seq_file *seq, loff_t *pos) 154 __acquires(mrt_lock) 155 { 156 struct net *net = seq_file_net(seq); 157 158 read_lock(&mrt_lock); 159 return *pos ? ip6mr_vif_seq_idx(net, seq->private, *pos - 1) 160 : SEQ_START_TOKEN; 161 } 162 163 static void *ip6mr_vif_seq_next(struct seq_file *seq, void *v, loff_t *pos) 164 { 165 struct ipmr_vif_iter *iter = seq->private; 166 struct net *net = seq_file_net(seq); 167 168 ++*pos; 169 if (v == SEQ_START_TOKEN) 170 return ip6mr_vif_seq_idx(net, iter, 0); 171 172 while (++iter->ct < net->ipv6.maxvif) { 173 if (!MIF_EXISTS(net, iter->ct)) 174 continue; 175 return &net->ipv6.vif6_table[iter->ct]; 176 } 177 return NULL; 178 } 179 180 static void ip6mr_vif_seq_stop(struct seq_file *seq, void *v) 181 __releases(mrt_lock) 182 { 183 read_unlock(&mrt_lock); 184 } 185 186 static int ip6mr_vif_seq_show(struct seq_file *seq, void *v) 187 { 188 struct net *net = seq_file_net(seq); 189 190 if (v == SEQ_START_TOKEN) { 191 seq_puts(seq, 192 "Interface BytesIn PktsIn BytesOut PktsOut Flags\n"); 193 } else { 194 const struct mif_device *vif = v; 195 const char *name = vif->dev ? vif->dev->name : "none"; 196 197 seq_printf(seq, 198 "%2td %-10s %8ld %7ld %8ld %7ld %05X\n", 199 vif - net->ipv6.vif6_table, 200 name, vif->bytes_in, vif->pkt_in, 201 vif->bytes_out, vif->pkt_out, 202 vif->flags); 203 } 204 return 0; 205 } 206 207 static const struct seq_operations ip6mr_vif_seq_ops = { 208 .start = ip6mr_vif_seq_start, 209 .next = ip6mr_vif_seq_next, 210 .stop = ip6mr_vif_seq_stop, 211 .show = ip6mr_vif_seq_show, 212 }; 213 214 static int ip6mr_vif_open(struct inode *inode, struct file *file) 215 { 216 return seq_open_net(inode, file, &ip6mr_vif_seq_ops, 217 sizeof(struct ipmr_vif_iter)); 218 } 219 220 static const struct file_operations ip6mr_vif_fops = { 221 .owner = THIS_MODULE, 222 .open = ip6mr_vif_open, 223 .read = seq_read, 224 .llseek = seq_lseek, 225 .release = seq_release_net, 226 }; 227 228 static void *ipmr_mfc_seq_start(struct seq_file *seq, loff_t *pos) 229 { 230 struct net *net = seq_file_net(seq); 231 232 return *pos ? ipmr_mfc_seq_idx(net, seq->private, *pos - 1) 233 : SEQ_START_TOKEN; 234 } 235 236 static void *ipmr_mfc_seq_next(struct seq_file *seq, void *v, loff_t *pos) 237 { 238 struct mfc6_cache *mfc = v; 239 struct ipmr_mfc_iter *it = seq->private; 240 struct net *net = seq_file_net(seq); 241 242 ++*pos; 243 244 if (v == SEQ_START_TOKEN) 245 return ipmr_mfc_seq_idx(net, seq->private, 0); 246 247 if (mfc->next) 248 return mfc->next; 249 250 if (it->cache == &mfc_unres_queue) 251 goto end_of_list; 252 253 BUG_ON(it->cache != net->ipv6.mfc6_cache_array); 254 255 while (++it->ct < MFC6_LINES) { 256 mfc = net->ipv6.mfc6_cache_array[it->ct]; 257 if (mfc) 258 return mfc; 259 } 260 261 /* exhausted cache_array, show unresolved */ 262 read_unlock(&mrt_lock); 263 it->cache = &mfc_unres_queue; 264 it->ct = 0; 265 266 spin_lock_bh(&mfc_unres_lock); 267 mfc = mfc_unres_queue; 268 if (mfc) 269 return mfc; 270 271 end_of_list: 272 spin_unlock_bh(&mfc_unres_lock); 273 it->cache = NULL; 274 275 return NULL; 276 } 277 278 static void ipmr_mfc_seq_stop(struct seq_file *seq, void *v) 279 { 280 struct ipmr_mfc_iter *it = seq->private; 281 struct net *net = seq_file_net(seq); 282 283 if (it->cache == &mfc_unres_queue) 284 spin_unlock_bh(&mfc_unres_lock); 285 else if (it->cache == net->ipv6.mfc6_cache_array) 286 read_unlock(&mrt_lock); 287 } 288 289 static int ipmr_mfc_seq_show(struct seq_file *seq, void *v) 290 { 291 int n; 292 struct net *net = seq_file_net(seq); 293 294 if (v == SEQ_START_TOKEN) { 295 seq_puts(seq, 296 "Group " 297 "Origin " 298 "Iif Pkts Bytes Wrong Oifs\n"); 299 } else { 300 const struct mfc6_cache *mfc = v; 301 const struct ipmr_mfc_iter *it = seq->private; 302 303 seq_printf(seq, "%pI6 %pI6 %-3hd", 304 &mfc->mf6c_mcastgrp, &mfc->mf6c_origin, 305 mfc->mf6c_parent); 306 307 if (it->cache != &mfc_unres_queue) { 308 seq_printf(seq, " %8lu %8lu %8lu", 309 mfc->mfc_un.res.pkt, 310 mfc->mfc_un.res.bytes, 311 mfc->mfc_un.res.wrong_if); 312 for (n = mfc->mfc_un.res.minvif; 313 n < mfc->mfc_un.res.maxvif; n++) { 314 if (MIF_EXISTS(net, n) && 315 mfc->mfc_un.res.ttls[n] < 255) 316 seq_printf(seq, 317 " %2d:%-3d", 318 n, mfc->mfc_un.res.ttls[n]); 319 } 320 } else { 321 /* unresolved mfc_caches don't contain 322 * pkt, bytes and wrong_if values 323 */ 324 seq_printf(seq, " %8lu %8lu %8lu", 0ul, 0ul, 0ul); 325 } 326 seq_putc(seq, '\n'); 327 } 328 return 0; 329 } 330 331 static struct seq_operations ipmr_mfc_seq_ops = { 332 .start = ipmr_mfc_seq_start, 333 .next = ipmr_mfc_seq_next, 334 .stop = ipmr_mfc_seq_stop, 335 .show = ipmr_mfc_seq_show, 336 }; 337 338 static int ipmr_mfc_open(struct inode *inode, struct file *file) 339 { 340 return seq_open_net(inode, file, &ipmr_mfc_seq_ops, 341 sizeof(struct ipmr_mfc_iter)); 342 } 343 344 static const struct file_operations ip6mr_mfc_fops = { 345 .owner = THIS_MODULE, 346 .open = ipmr_mfc_open, 347 .read = seq_read, 348 .llseek = seq_lseek, 349 .release = seq_release_net, 350 }; 351 #endif 352 353 #ifdef CONFIG_IPV6_PIMSM_V2 354 355 static int pim6_rcv(struct sk_buff *skb) 356 { 357 struct pimreghdr *pim; 358 struct ipv6hdr *encap; 359 struct net_device *reg_dev = NULL; 360 struct net *net = dev_net(skb->dev); 361 int reg_vif_num = net->ipv6.mroute_reg_vif_num; 362 363 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(*encap))) 364 goto drop; 365 366 pim = (struct pimreghdr *)skb_transport_header(skb); 367 if (pim->type != ((PIM_VERSION << 4) | PIM_REGISTER) || 368 (pim->flags & PIM_NULL_REGISTER) || 369 (csum_ipv6_magic(&ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr, 370 sizeof(*pim), IPPROTO_PIM, 371 csum_partial((void *)pim, sizeof(*pim), 0)) && 372 csum_fold(skb_checksum(skb, 0, skb->len, 0)))) 373 goto drop; 374 375 /* check if the inner packet is destined to mcast group */ 376 encap = (struct ipv6hdr *)(skb_transport_header(skb) + 377 sizeof(*pim)); 378 379 if (!ipv6_addr_is_multicast(&encap->daddr) || 380 encap->payload_len == 0 || 381 ntohs(encap->payload_len) + sizeof(*pim) > skb->len) 382 goto drop; 383 384 read_lock(&mrt_lock); 385 if (reg_vif_num >= 0) 386 reg_dev = net->ipv6.vif6_table[reg_vif_num].dev; 387 if (reg_dev) 388 dev_hold(reg_dev); 389 read_unlock(&mrt_lock); 390 391 if (reg_dev == NULL) 392 goto drop; 393 394 skb->mac_header = skb->network_header; 395 skb_pull(skb, (u8 *)encap - skb->data); 396 skb_reset_network_header(skb); 397 skb->dev = reg_dev; 398 skb->protocol = htons(ETH_P_IPV6); 399 skb->ip_summed = 0; 400 skb->pkt_type = PACKET_HOST; 401 skb_dst_drop(skb); 402 reg_dev->stats.rx_bytes += skb->len; 403 reg_dev->stats.rx_packets++; 404 nf_reset(skb); 405 netif_rx(skb); 406 dev_put(reg_dev); 407 return 0; 408 drop: 409 kfree_skb(skb); 410 return 0; 411 } 412 413 static struct inet6_protocol pim6_protocol = { 414 .handler = pim6_rcv, 415 }; 416 417 /* Service routines creating virtual interfaces: PIMREG */ 418 419 static netdev_tx_t reg_vif_xmit(struct sk_buff *skb, 420 struct net_device *dev) 421 { 422 struct net *net = dev_net(dev); 423 424 read_lock(&mrt_lock); 425 dev->stats.tx_bytes += skb->len; 426 dev->stats.tx_packets++; 427 ip6mr_cache_report(net, skb, net->ipv6.mroute_reg_vif_num, 428 MRT6MSG_WHOLEPKT); 429 read_unlock(&mrt_lock); 430 kfree_skb(skb); 431 return NETDEV_TX_OK; 432 } 433 434 static const struct net_device_ops reg_vif_netdev_ops = { 435 .ndo_start_xmit = reg_vif_xmit, 436 }; 437 438 static void reg_vif_setup(struct net_device *dev) 439 { 440 dev->type = ARPHRD_PIMREG; 441 dev->mtu = 1500 - sizeof(struct ipv6hdr) - 8; 442 dev->flags = IFF_NOARP; 443 dev->netdev_ops = ®_vif_netdev_ops; 444 dev->destructor = free_netdev; 445 dev->features |= NETIF_F_NETNS_LOCAL; 446 } 447 448 static struct net_device *ip6mr_reg_vif(struct net *net) 449 { 450 struct net_device *dev; 451 452 dev = alloc_netdev(0, "pim6reg", reg_vif_setup); 453 if (dev == NULL) 454 return NULL; 455 456 dev_net_set(dev, net); 457 458 if (register_netdevice(dev)) { 459 free_netdev(dev); 460 return NULL; 461 } 462 dev->iflink = 0; 463 464 if (dev_open(dev)) 465 goto failure; 466 467 dev_hold(dev); 468 return dev; 469 470 failure: 471 /* allow the register to be completed before unregistering. */ 472 rtnl_unlock(); 473 rtnl_lock(); 474 475 unregister_netdevice(dev); 476 return NULL; 477 } 478 #endif 479 480 /* 481 * Delete a VIF entry 482 */ 483 484 static int mif6_delete(struct net *net, int vifi) 485 { 486 struct mif_device *v; 487 struct net_device *dev; 488 struct inet6_dev *in6_dev; 489 if (vifi < 0 || vifi >= net->ipv6.maxvif) 490 return -EADDRNOTAVAIL; 491 492 v = &net->ipv6.vif6_table[vifi]; 493 494 write_lock_bh(&mrt_lock); 495 dev = v->dev; 496 v->dev = NULL; 497 498 if (!dev) { 499 write_unlock_bh(&mrt_lock); 500 return -EADDRNOTAVAIL; 501 } 502 503 #ifdef CONFIG_IPV6_PIMSM_V2 504 if (vifi == net->ipv6.mroute_reg_vif_num) 505 net->ipv6.mroute_reg_vif_num = -1; 506 #endif 507 508 if (vifi + 1 == net->ipv6.maxvif) { 509 int tmp; 510 for (tmp = vifi - 1; tmp >= 0; tmp--) { 511 if (MIF_EXISTS(net, tmp)) 512 break; 513 } 514 net->ipv6.maxvif = tmp + 1; 515 } 516 517 write_unlock_bh(&mrt_lock); 518 519 dev_set_allmulti(dev, -1); 520 521 in6_dev = __in6_dev_get(dev); 522 if (in6_dev) 523 in6_dev->cnf.mc_forwarding--; 524 525 if (v->flags & MIFF_REGISTER) 526 unregister_netdevice(dev); 527 528 dev_put(dev); 529 return 0; 530 } 531 532 static inline void ip6mr_cache_free(struct mfc6_cache *c) 533 { 534 release_net(mfc6_net(c)); 535 kmem_cache_free(mrt_cachep, c); 536 } 537 538 /* Destroy an unresolved cache entry, killing queued skbs 539 and reporting error to netlink readers. 540 */ 541 542 static void ip6mr_destroy_unres(struct mfc6_cache *c) 543 { 544 struct sk_buff *skb; 545 struct net *net = mfc6_net(c); 546 547 atomic_dec(&net->ipv6.cache_resolve_queue_len); 548 549 while((skb = skb_dequeue(&c->mfc_un.unres.unresolved)) != NULL) { 550 if (ipv6_hdr(skb)->version == 0) { 551 struct nlmsghdr *nlh = (struct nlmsghdr *)skb_pull(skb, sizeof(struct ipv6hdr)); 552 nlh->nlmsg_type = NLMSG_ERROR; 553 nlh->nlmsg_len = NLMSG_LENGTH(sizeof(struct nlmsgerr)); 554 skb_trim(skb, nlh->nlmsg_len); 555 ((struct nlmsgerr *)NLMSG_DATA(nlh))->error = -ETIMEDOUT; 556 rtnl_unicast(skb, net, NETLINK_CB(skb).pid); 557 } else 558 kfree_skb(skb); 559 } 560 561 ip6mr_cache_free(c); 562 } 563 564 565 /* Single timer process for all the unresolved queue. */ 566 567 static void ipmr_do_expire_process(unsigned long dummy) 568 { 569 unsigned long now = jiffies; 570 unsigned long expires = 10 * HZ; 571 struct mfc6_cache *c, **cp; 572 573 cp = &mfc_unres_queue; 574 575 while ((c = *cp) != NULL) { 576 if (time_after(c->mfc_un.unres.expires, now)) { 577 /* not yet... */ 578 unsigned long interval = c->mfc_un.unres.expires - now; 579 if (interval < expires) 580 expires = interval; 581 cp = &c->next; 582 continue; 583 } 584 585 *cp = c->next; 586 ip6mr_destroy_unres(c); 587 } 588 589 if (mfc_unres_queue != NULL) 590 mod_timer(&ipmr_expire_timer, jiffies + expires); 591 } 592 593 static void ipmr_expire_process(unsigned long dummy) 594 { 595 if (!spin_trylock(&mfc_unres_lock)) { 596 mod_timer(&ipmr_expire_timer, jiffies + 1); 597 return; 598 } 599 600 if (mfc_unres_queue != NULL) 601 ipmr_do_expire_process(dummy); 602 603 spin_unlock(&mfc_unres_lock); 604 } 605 606 /* Fill oifs list. It is called under write locked mrt_lock. */ 607 608 static void ip6mr_update_thresholds(struct mfc6_cache *cache, unsigned char *ttls) 609 { 610 int vifi; 611 struct net *net = mfc6_net(cache); 612 613 cache->mfc_un.res.minvif = MAXMIFS; 614 cache->mfc_un.res.maxvif = 0; 615 memset(cache->mfc_un.res.ttls, 255, MAXMIFS); 616 617 for (vifi = 0; vifi < net->ipv6.maxvif; vifi++) { 618 if (MIF_EXISTS(net, vifi) && 619 ttls[vifi] && ttls[vifi] < 255) { 620 cache->mfc_un.res.ttls[vifi] = ttls[vifi]; 621 if (cache->mfc_un.res.minvif > vifi) 622 cache->mfc_un.res.minvif = vifi; 623 if (cache->mfc_un.res.maxvif <= vifi) 624 cache->mfc_un.res.maxvif = vifi + 1; 625 } 626 } 627 } 628 629 static int mif6_add(struct net *net, struct mif6ctl *vifc, int mrtsock) 630 { 631 int vifi = vifc->mif6c_mifi; 632 struct mif_device *v = &net->ipv6.vif6_table[vifi]; 633 struct net_device *dev; 634 struct inet6_dev *in6_dev; 635 int err; 636 637 /* Is vif busy ? */ 638 if (MIF_EXISTS(net, vifi)) 639 return -EADDRINUSE; 640 641 switch (vifc->mif6c_flags) { 642 #ifdef CONFIG_IPV6_PIMSM_V2 643 case MIFF_REGISTER: 644 /* 645 * Special Purpose VIF in PIM 646 * All the packets will be sent to the daemon 647 */ 648 if (net->ipv6.mroute_reg_vif_num >= 0) 649 return -EADDRINUSE; 650 dev = ip6mr_reg_vif(net); 651 if (!dev) 652 return -ENOBUFS; 653 err = dev_set_allmulti(dev, 1); 654 if (err) { 655 unregister_netdevice(dev); 656 dev_put(dev); 657 return err; 658 } 659 break; 660 #endif 661 case 0: 662 dev = dev_get_by_index(net, vifc->mif6c_pifi); 663 if (!dev) 664 return -EADDRNOTAVAIL; 665 err = dev_set_allmulti(dev, 1); 666 if (err) { 667 dev_put(dev); 668 return err; 669 } 670 break; 671 default: 672 return -EINVAL; 673 } 674 675 in6_dev = __in6_dev_get(dev); 676 if (in6_dev) 677 in6_dev->cnf.mc_forwarding++; 678 679 /* 680 * Fill in the VIF structures 681 */ 682 v->rate_limit = vifc->vifc_rate_limit; 683 v->flags = vifc->mif6c_flags; 684 if (!mrtsock) 685 v->flags |= VIFF_STATIC; 686 v->threshold = vifc->vifc_threshold; 687 v->bytes_in = 0; 688 v->bytes_out = 0; 689 v->pkt_in = 0; 690 v->pkt_out = 0; 691 v->link = dev->ifindex; 692 if (v->flags & MIFF_REGISTER) 693 v->link = dev->iflink; 694 695 /* And finish update writing critical data */ 696 write_lock_bh(&mrt_lock); 697 v->dev = dev; 698 #ifdef CONFIG_IPV6_PIMSM_V2 699 if (v->flags & MIFF_REGISTER) 700 net->ipv6.mroute_reg_vif_num = vifi; 701 #endif 702 if (vifi + 1 > net->ipv6.maxvif) 703 net->ipv6.maxvif = vifi + 1; 704 write_unlock_bh(&mrt_lock); 705 return 0; 706 } 707 708 static struct mfc6_cache *ip6mr_cache_find(struct net *net, 709 struct in6_addr *origin, 710 struct in6_addr *mcastgrp) 711 { 712 int line = MFC6_HASH(mcastgrp, origin); 713 struct mfc6_cache *c; 714 715 for (c = net->ipv6.mfc6_cache_array[line]; c; c = c->next) { 716 if (ipv6_addr_equal(&c->mf6c_origin, origin) && 717 ipv6_addr_equal(&c->mf6c_mcastgrp, mcastgrp)) 718 break; 719 } 720 return c; 721 } 722 723 /* 724 * Allocate a multicast cache entry 725 */ 726 static struct mfc6_cache *ip6mr_cache_alloc(struct net *net) 727 { 728 struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_KERNEL); 729 if (c == NULL) 730 return NULL; 731 c->mfc_un.res.minvif = MAXMIFS; 732 mfc6_net_set(c, net); 733 return c; 734 } 735 736 static struct mfc6_cache *ip6mr_cache_alloc_unres(struct net *net) 737 { 738 struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_ATOMIC); 739 if (c == NULL) 740 return NULL; 741 skb_queue_head_init(&c->mfc_un.unres.unresolved); 742 c->mfc_un.unres.expires = jiffies + 10 * HZ; 743 mfc6_net_set(c, net); 744 return c; 745 } 746 747 /* 748 * A cache entry has gone into a resolved state from queued 749 */ 750 751 static void ip6mr_cache_resolve(struct mfc6_cache *uc, struct mfc6_cache *c) 752 { 753 struct sk_buff *skb; 754 755 /* 756 * Play the pending entries through our router 757 */ 758 759 while((skb = __skb_dequeue(&uc->mfc_un.unres.unresolved))) { 760 if (ipv6_hdr(skb)->version == 0) { 761 int err; 762 struct nlmsghdr *nlh = (struct nlmsghdr *)skb_pull(skb, sizeof(struct ipv6hdr)); 763 764 if (ip6mr_fill_mroute(skb, c, NLMSG_DATA(nlh)) > 0) { 765 nlh->nlmsg_len = skb_tail_pointer(skb) - (u8 *)nlh; 766 } else { 767 nlh->nlmsg_type = NLMSG_ERROR; 768 nlh->nlmsg_len = NLMSG_LENGTH(sizeof(struct nlmsgerr)); 769 skb_trim(skb, nlh->nlmsg_len); 770 ((struct nlmsgerr *)NLMSG_DATA(nlh))->error = -EMSGSIZE; 771 } 772 err = rtnl_unicast(skb, mfc6_net(uc), NETLINK_CB(skb).pid); 773 } else 774 ip6_mr_forward(skb, c); 775 } 776 } 777 778 /* 779 * Bounce a cache query up to pim6sd. We could use netlink for this but pim6sd 780 * expects the following bizarre scheme. 781 * 782 * Called under mrt_lock. 783 */ 784 785 static int ip6mr_cache_report(struct net *net, struct sk_buff *pkt, mifi_t mifi, 786 int assert) 787 { 788 struct sk_buff *skb; 789 struct mrt6msg *msg; 790 int ret; 791 792 #ifdef CONFIG_IPV6_PIMSM_V2 793 if (assert == MRT6MSG_WHOLEPKT) 794 skb = skb_realloc_headroom(pkt, -skb_network_offset(pkt) 795 +sizeof(*msg)); 796 else 797 #endif 798 skb = alloc_skb(sizeof(struct ipv6hdr) + sizeof(*msg), GFP_ATOMIC); 799 800 if (!skb) 801 return -ENOBUFS; 802 803 /* I suppose that internal messages 804 * do not require checksums */ 805 806 skb->ip_summed = CHECKSUM_UNNECESSARY; 807 808 #ifdef CONFIG_IPV6_PIMSM_V2 809 if (assert == MRT6MSG_WHOLEPKT) { 810 /* Ugly, but we have no choice with this interface. 811 Duplicate old header, fix length etc. 812 And all this only to mangle msg->im6_msgtype and 813 to set msg->im6_mbz to "mbz" :-) 814 */ 815 skb_push(skb, -skb_network_offset(pkt)); 816 817 skb_push(skb, sizeof(*msg)); 818 skb_reset_transport_header(skb); 819 msg = (struct mrt6msg *)skb_transport_header(skb); 820 msg->im6_mbz = 0; 821 msg->im6_msgtype = MRT6MSG_WHOLEPKT; 822 msg->im6_mif = net->ipv6.mroute_reg_vif_num; 823 msg->im6_pad = 0; 824 ipv6_addr_copy(&msg->im6_src, &ipv6_hdr(pkt)->saddr); 825 ipv6_addr_copy(&msg->im6_dst, &ipv6_hdr(pkt)->daddr); 826 827 skb->ip_summed = CHECKSUM_UNNECESSARY; 828 } else 829 #endif 830 { 831 /* 832 * Copy the IP header 833 */ 834 835 skb_put(skb, sizeof(struct ipv6hdr)); 836 skb_reset_network_header(skb); 837 skb_copy_to_linear_data(skb, ipv6_hdr(pkt), sizeof(struct ipv6hdr)); 838 839 /* 840 * Add our header 841 */ 842 skb_put(skb, sizeof(*msg)); 843 skb_reset_transport_header(skb); 844 msg = (struct mrt6msg *)skb_transport_header(skb); 845 846 msg->im6_mbz = 0; 847 msg->im6_msgtype = assert; 848 msg->im6_mif = mifi; 849 msg->im6_pad = 0; 850 ipv6_addr_copy(&msg->im6_src, &ipv6_hdr(pkt)->saddr); 851 ipv6_addr_copy(&msg->im6_dst, &ipv6_hdr(pkt)->daddr); 852 853 skb_dst_set(skb, dst_clone(skb_dst(pkt))); 854 skb->ip_summed = CHECKSUM_UNNECESSARY; 855 } 856 857 if (net->ipv6.mroute6_sk == NULL) { 858 kfree_skb(skb); 859 return -EINVAL; 860 } 861 862 /* 863 * Deliver to user space multicast routing algorithms 864 */ 865 ret = sock_queue_rcv_skb(net->ipv6.mroute6_sk, skb); 866 if (ret < 0) { 867 if (net_ratelimit()) 868 printk(KERN_WARNING "mroute6: pending queue full, dropping entries.\n"); 869 kfree_skb(skb); 870 } 871 872 return ret; 873 } 874 875 /* 876 * Queue a packet for resolution. It gets locked cache entry! 877 */ 878 879 static int 880 ip6mr_cache_unresolved(struct net *net, mifi_t mifi, struct sk_buff *skb) 881 { 882 int err; 883 struct mfc6_cache *c; 884 885 spin_lock_bh(&mfc_unres_lock); 886 for (c = mfc_unres_queue; c; c = c->next) { 887 if (net_eq(mfc6_net(c), net) && 888 ipv6_addr_equal(&c->mf6c_mcastgrp, &ipv6_hdr(skb)->daddr) && 889 ipv6_addr_equal(&c->mf6c_origin, &ipv6_hdr(skb)->saddr)) 890 break; 891 } 892 893 if (c == NULL) { 894 /* 895 * Create a new entry if allowable 896 */ 897 898 if (atomic_read(&net->ipv6.cache_resolve_queue_len) >= 10 || 899 (c = ip6mr_cache_alloc_unres(net)) == NULL) { 900 spin_unlock_bh(&mfc_unres_lock); 901 902 kfree_skb(skb); 903 return -ENOBUFS; 904 } 905 906 /* 907 * Fill in the new cache entry 908 */ 909 c->mf6c_parent = -1; 910 c->mf6c_origin = ipv6_hdr(skb)->saddr; 911 c->mf6c_mcastgrp = ipv6_hdr(skb)->daddr; 912 913 /* 914 * Reflect first query at pim6sd 915 */ 916 err = ip6mr_cache_report(net, skb, mifi, MRT6MSG_NOCACHE); 917 if (err < 0) { 918 /* If the report failed throw the cache entry 919 out - Brad Parker 920 */ 921 spin_unlock_bh(&mfc_unres_lock); 922 923 ip6mr_cache_free(c); 924 kfree_skb(skb); 925 return err; 926 } 927 928 atomic_inc(&net->ipv6.cache_resolve_queue_len); 929 c->next = mfc_unres_queue; 930 mfc_unres_queue = c; 931 932 ipmr_do_expire_process(1); 933 } 934 935 /* 936 * See if we can append the packet 937 */ 938 if (c->mfc_un.unres.unresolved.qlen > 3) { 939 kfree_skb(skb); 940 err = -ENOBUFS; 941 } else { 942 skb_queue_tail(&c->mfc_un.unres.unresolved, skb); 943 err = 0; 944 } 945 946 spin_unlock_bh(&mfc_unres_lock); 947 return err; 948 } 949 950 /* 951 * MFC6 cache manipulation by user space 952 */ 953 954 static int ip6mr_mfc_delete(struct net *net, struct mf6cctl *mfc) 955 { 956 int line; 957 struct mfc6_cache *c, **cp; 958 959 line = MFC6_HASH(&mfc->mf6cc_mcastgrp.sin6_addr, &mfc->mf6cc_origin.sin6_addr); 960 961 for (cp = &net->ipv6.mfc6_cache_array[line]; 962 (c = *cp) != NULL; cp = &c->next) { 963 if (ipv6_addr_equal(&c->mf6c_origin, &mfc->mf6cc_origin.sin6_addr) && 964 ipv6_addr_equal(&c->mf6c_mcastgrp, &mfc->mf6cc_mcastgrp.sin6_addr)) { 965 write_lock_bh(&mrt_lock); 966 *cp = c->next; 967 write_unlock_bh(&mrt_lock); 968 969 ip6mr_cache_free(c); 970 return 0; 971 } 972 } 973 return -ENOENT; 974 } 975 976 static int ip6mr_device_event(struct notifier_block *this, 977 unsigned long event, void *ptr) 978 { 979 struct net_device *dev = ptr; 980 struct net *net = dev_net(dev); 981 struct mif_device *v; 982 int ct; 983 984 if (event != NETDEV_UNREGISTER) 985 return NOTIFY_DONE; 986 987 v = &net->ipv6.vif6_table[0]; 988 for (ct = 0; ct < net->ipv6.maxvif; ct++, v++) { 989 if (v->dev == dev) 990 mif6_delete(net, ct); 991 } 992 return NOTIFY_DONE; 993 } 994 995 static struct notifier_block ip6_mr_notifier = { 996 .notifier_call = ip6mr_device_event 997 }; 998 999 /* 1000 * Setup for IP multicast routing 1001 */ 1002 1003 static int __net_init ip6mr_net_init(struct net *net) 1004 { 1005 int err = 0; 1006 net->ipv6.vif6_table = kcalloc(MAXMIFS, sizeof(struct mif_device), 1007 GFP_KERNEL); 1008 if (!net->ipv6.vif6_table) { 1009 err = -ENOMEM; 1010 goto fail; 1011 } 1012 1013 /* Forwarding cache */ 1014 net->ipv6.mfc6_cache_array = kcalloc(MFC6_LINES, 1015 sizeof(struct mfc6_cache *), 1016 GFP_KERNEL); 1017 if (!net->ipv6.mfc6_cache_array) { 1018 err = -ENOMEM; 1019 goto fail_mfc6_cache; 1020 } 1021 1022 #ifdef CONFIG_IPV6_PIMSM_V2 1023 net->ipv6.mroute_reg_vif_num = -1; 1024 #endif 1025 1026 #ifdef CONFIG_PROC_FS 1027 err = -ENOMEM; 1028 if (!proc_net_fops_create(net, "ip6_mr_vif", 0, &ip6mr_vif_fops)) 1029 goto proc_vif_fail; 1030 if (!proc_net_fops_create(net, "ip6_mr_cache", 0, &ip6mr_mfc_fops)) 1031 goto proc_cache_fail; 1032 #endif 1033 return 0; 1034 1035 #ifdef CONFIG_PROC_FS 1036 proc_cache_fail: 1037 proc_net_remove(net, "ip6_mr_vif"); 1038 proc_vif_fail: 1039 kfree(net->ipv6.mfc6_cache_array); 1040 #endif 1041 fail_mfc6_cache: 1042 kfree(net->ipv6.vif6_table); 1043 fail: 1044 return err; 1045 } 1046 1047 static void __net_exit ip6mr_net_exit(struct net *net) 1048 { 1049 #ifdef CONFIG_PROC_FS 1050 proc_net_remove(net, "ip6_mr_cache"); 1051 proc_net_remove(net, "ip6_mr_vif"); 1052 #endif 1053 mroute_clean_tables(net); 1054 kfree(net->ipv6.mfc6_cache_array); 1055 kfree(net->ipv6.vif6_table); 1056 } 1057 1058 static struct pernet_operations ip6mr_net_ops = { 1059 .init = ip6mr_net_init, 1060 .exit = ip6mr_net_exit, 1061 }; 1062 1063 int __init ip6_mr_init(void) 1064 { 1065 int err; 1066 1067 mrt_cachep = kmem_cache_create("ip6_mrt_cache", 1068 sizeof(struct mfc6_cache), 1069 0, SLAB_HWCACHE_ALIGN, 1070 NULL); 1071 if (!mrt_cachep) 1072 return -ENOMEM; 1073 1074 err = register_pernet_subsys(&ip6mr_net_ops); 1075 if (err) 1076 goto reg_pernet_fail; 1077 1078 setup_timer(&ipmr_expire_timer, ipmr_expire_process, 0); 1079 err = register_netdevice_notifier(&ip6_mr_notifier); 1080 if (err) 1081 goto reg_notif_fail; 1082 #ifdef CONFIG_IPV6_PIMSM_V2 1083 if (inet6_add_protocol(&pim6_protocol, IPPROTO_PIM) < 0) { 1084 printk(KERN_ERR "ip6_mr_init: can't add PIM protocol\n"); 1085 err = -EAGAIN; 1086 goto add_proto_fail; 1087 } 1088 #endif 1089 return 0; 1090 #ifdef CONFIG_IPV6_PIMSM_V2 1091 add_proto_fail: 1092 unregister_netdevice_notifier(&ip6_mr_notifier); 1093 #endif 1094 reg_notif_fail: 1095 del_timer(&ipmr_expire_timer); 1096 unregister_pernet_subsys(&ip6mr_net_ops); 1097 reg_pernet_fail: 1098 kmem_cache_destroy(mrt_cachep); 1099 return err; 1100 } 1101 1102 void ip6_mr_cleanup(void) 1103 { 1104 unregister_netdevice_notifier(&ip6_mr_notifier); 1105 del_timer(&ipmr_expire_timer); 1106 unregister_pernet_subsys(&ip6mr_net_ops); 1107 kmem_cache_destroy(mrt_cachep); 1108 } 1109 1110 static int ip6mr_mfc_add(struct net *net, struct mf6cctl *mfc, int mrtsock) 1111 { 1112 int line; 1113 struct mfc6_cache *uc, *c, **cp; 1114 unsigned char ttls[MAXMIFS]; 1115 int i; 1116 1117 memset(ttls, 255, MAXMIFS); 1118 for (i = 0; i < MAXMIFS; i++) { 1119 if (IF_ISSET(i, &mfc->mf6cc_ifset)) 1120 ttls[i] = 1; 1121 1122 } 1123 1124 line = MFC6_HASH(&mfc->mf6cc_mcastgrp.sin6_addr, &mfc->mf6cc_origin.sin6_addr); 1125 1126 for (cp = &net->ipv6.mfc6_cache_array[line]; 1127 (c = *cp) != NULL; cp = &c->next) { 1128 if (ipv6_addr_equal(&c->mf6c_origin, &mfc->mf6cc_origin.sin6_addr) && 1129 ipv6_addr_equal(&c->mf6c_mcastgrp, &mfc->mf6cc_mcastgrp.sin6_addr)) 1130 break; 1131 } 1132 1133 if (c != NULL) { 1134 write_lock_bh(&mrt_lock); 1135 c->mf6c_parent = mfc->mf6cc_parent; 1136 ip6mr_update_thresholds(c, ttls); 1137 if (!mrtsock) 1138 c->mfc_flags |= MFC_STATIC; 1139 write_unlock_bh(&mrt_lock); 1140 return 0; 1141 } 1142 1143 if (!ipv6_addr_is_multicast(&mfc->mf6cc_mcastgrp.sin6_addr)) 1144 return -EINVAL; 1145 1146 c = ip6mr_cache_alloc(net); 1147 if (c == NULL) 1148 return -ENOMEM; 1149 1150 c->mf6c_origin = mfc->mf6cc_origin.sin6_addr; 1151 c->mf6c_mcastgrp = mfc->mf6cc_mcastgrp.sin6_addr; 1152 c->mf6c_parent = mfc->mf6cc_parent; 1153 ip6mr_update_thresholds(c, ttls); 1154 if (!mrtsock) 1155 c->mfc_flags |= MFC_STATIC; 1156 1157 write_lock_bh(&mrt_lock); 1158 c->next = net->ipv6.mfc6_cache_array[line]; 1159 net->ipv6.mfc6_cache_array[line] = c; 1160 write_unlock_bh(&mrt_lock); 1161 1162 /* 1163 * Check to see if we resolved a queued list. If so we 1164 * need to send on the frames and tidy up. 1165 */ 1166 spin_lock_bh(&mfc_unres_lock); 1167 for (cp = &mfc_unres_queue; (uc = *cp) != NULL; 1168 cp = &uc->next) { 1169 if (net_eq(mfc6_net(uc), net) && 1170 ipv6_addr_equal(&uc->mf6c_origin, &c->mf6c_origin) && 1171 ipv6_addr_equal(&uc->mf6c_mcastgrp, &c->mf6c_mcastgrp)) { 1172 *cp = uc->next; 1173 atomic_dec(&net->ipv6.cache_resolve_queue_len); 1174 break; 1175 } 1176 } 1177 if (mfc_unres_queue == NULL) 1178 del_timer(&ipmr_expire_timer); 1179 spin_unlock_bh(&mfc_unres_lock); 1180 1181 if (uc) { 1182 ip6mr_cache_resolve(uc, c); 1183 ip6mr_cache_free(uc); 1184 } 1185 return 0; 1186 } 1187 1188 /* 1189 * Close the multicast socket, and clear the vif tables etc 1190 */ 1191 1192 static void mroute_clean_tables(struct net *net) 1193 { 1194 int i; 1195 1196 /* 1197 * Shut down all active vif entries 1198 */ 1199 for (i = 0; i < net->ipv6.maxvif; i++) { 1200 if (!(net->ipv6.vif6_table[i].flags & VIFF_STATIC)) 1201 mif6_delete(net, i); 1202 } 1203 1204 /* 1205 * Wipe the cache 1206 */ 1207 for (i = 0; i < MFC6_LINES; i++) { 1208 struct mfc6_cache *c, **cp; 1209 1210 cp = &net->ipv6.mfc6_cache_array[i]; 1211 while ((c = *cp) != NULL) { 1212 if (c->mfc_flags & MFC_STATIC) { 1213 cp = &c->next; 1214 continue; 1215 } 1216 write_lock_bh(&mrt_lock); 1217 *cp = c->next; 1218 write_unlock_bh(&mrt_lock); 1219 1220 ip6mr_cache_free(c); 1221 } 1222 } 1223 1224 if (atomic_read(&net->ipv6.cache_resolve_queue_len) != 0) { 1225 struct mfc6_cache *c, **cp; 1226 1227 spin_lock_bh(&mfc_unres_lock); 1228 cp = &mfc_unres_queue; 1229 while ((c = *cp) != NULL) { 1230 if (!net_eq(mfc6_net(c), net)) { 1231 cp = &c->next; 1232 continue; 1233 } 1234 *cp = c->next; 1235 ip6mr_destroy_unres(c); 1236 } 1237 spin_unlock_bh(&mfc_unres_lock); 1238 } 1239 } 1240 1241 static int ip6mr_sk_init(struct sock *sk) 1242 { 1243 int err = 0; 1244 struct net *net = sock_net(sk); 1245 1246 rtnl_lock(); 1247 write_lock_bh(&mrt_lock); 1248 if (likely(net->ipv6.mroute6_sk == NULL)) { 1249 net->ipv6.mroute6_sk = sk; 1250 net->ipv6.devconf_all->mc_forwarding++; 1251 } 1252 else 1253 err = -EADDRINUSE; 1254 write_unlock_bh(&mrt_lock); 1255 1256 rtnl_unlock(); 1257 1258 return err; 1259 } 1260 1261 int ip6mr_sk_done(struct sock *sk) 1262 { 1263 int err = 0; 1264 struct net *net = sock_net(sk); 1265 1266 rtnl_lock(); 1267 if (sk == net->ipv6.mroute6_sk) { 1268 write_lock_bh(&mrt_lock); 1269 net->ipv6.mroute6_sk = NULL; 1270 net->ipv6.devconf_all->mc_forwarding--; 1271 write_unlock_bh(&mrt_lock); 1272 1273 mroute_clean_tables(net); 1274 } else 1275 err = -EACCES; 1276 rtnl_unlock(); 1277 1278 return err; 1279 } 1280 1281 /* 1282 * Socket options and virtual interface manipulation. The whole 1283 * virtual interface system is a complete heap, but unfortunately 1284 * that's how BSD mrouted happens to think. Maybe one day with a proper 1285 * MOSPF/PIM router set up we can clean this up. 1286 */ 1287 1288 int ip6_mroute_setsockopt(struct sock *sk, int optname, char __user *optval, int optlen) 1289 { 1290 int ret; 1291 struct mif6ctl vif; 1292 struct mf6cctl mfc; 1293 mifi_t mifi; 1294 struct net *net = sock_net(sk); 1295 1296 if (optname != MRT6_INIT) { 1297 if (sk != net->ipv6.mroute6_sk && !capable(CAP_NET_ADMIN)) 1298 return -EACCES; 1299 } 1300 1301 switch (optname) { 1302 case MRT6_INIT: 1303 if (sk->sk_type != SOCK_RAW || 1304 inet_sk(sk)->num != IPPROTO_ICMPV6) 1305 return -EOPNOTSUPP; 1306 if (optlen < sizeof(int)) 1307 return -EINVAL; 1308 1309 return ip6mr_sk_init(sk); 1310 1311 case MRT6_DONE: 1312 return ip6mr_sk_done(sk); 1313 1314 case MRT6_ADD_MIF: 1315 if (optlen < sizeof(vif)) 1316 return -EINVAL; 1317 if (copy_from_user(&vif, optval, sizeof(vif))) 1318 return -EFAULT; 1319 if (vif.mif6c_mifi >= MAXMIFS) 1320 return -ENFILE; 1321 rtnl_lock(); 1322 ret = mif6_add(net, &vif, sk == net->ipv6.mroute6_sk); 1323 rtnl_unlock(); 1324 return ret; 1325 1326 case MRT6_DEL_MIF: 1327 if (optlen < sizeof(mifi_t)) 1328 return -EINVAL; 1329 if (copy_from_user(&mifi, optval, sizeof(mifi_t))) 1330 return -EFAULT; 1331 rtnl_lock(); 1332 ret = mif6_delete(net, mifi); 1333 rtnl_unlock(); 1334 return ret; 1335 1336 /* 1337 * Manipulate the forwarding caches. These live 1338 * in a sort of kernel/user symbiosis. 1339 */ 1340 case MRT6_ADD_MFC: 1341 case MRT6_DEL_MFC: 1342 if (optlen < sizeof(mfc)) 1343 return -EINVAL; 1344 if (copy_from_user(&mfc, optval, sizeof(mfc))) 1345 return -EFAULT; 1346 rtnl_lock(); 1347 if (optname == MRT6_DEL_MFC) 1348 ret = ip6mr_mfc_delete(net, &mfc); 1349 else 1350 ret = ip6mr_mfc_add(net, &mfc, 1351 sk == net->ipv6.mroute6_sk); 1352 rtnl_unlock(); 1353 return ret; 1354 1355 /* 1356 * Control PIM assert (to activate pim will activate assert) 1357 */ 1358 case MRT6_ASSERT: 1359 { 1360 int v; 1361 if (get_user(v, (int __user *)optval)) 1362 return -EFAULT; 1363 net->ipv6.mroute_do_assert = !!v; 1364 return 0; 1365 } 1366 1367 #ifdef CONFIG_IPV6_PIMSM_V2 1368 case MRT6_PIM: 1369 { 1370 int v; 1371 if (get_user(v, (int __user *)optval)) 1372 return -EFAULT; 1373 v = !!v; 1374 rtnl_lock(); 1375 ret = 0; 1376 if (v != net->ipv6.mroute_do_pim) { 1377 net->ipv6.mroute_do_pim = v; 1378 net->ipv6.mroute_do_assert = v; 1379 } 1380 rtnl_unlock(); 1381 return ret; 1382 } 1383 1384 #endif 1385 /* 1386 * Spurious command, or MRT6_VERSION which you cannot 1387 * set. 1388 */ 1389 default: 1390 return -ENOPROTOOPT; 1391 } 1392 } 1393 1394 /* 1395 * Getsock opt support for the multicast routing system. 1396 */ 1397 1398 int ip6_mroute_getsockopt(struct sock *sk, int optname, char __user *optval, 1399 int __user *optlen) 1400 { 1401 int olr; 1402 int val; 1403 struct net *net = sock_net(sk); 1404 1405 switch (optname) { 1406 case MRT6_VERSION: 1407 val = 0x0305; 1408 break; 1409 #ifdef CONFIG_IPV6_PIMSM_V2 1410 case MRT6_PIM: 1411 val = net->ipv6.mroute_do_pim; 1412 break; 1413 #endif 1414 case MRT6_ASSERT: 1415 val = net->ipv6.mroute_do_assert; 1416 break; 1417 default: 1418 return -ENOPROTOOPT; 1419 } 1420 1421 if (get_user(olr, optlen)) 1422 return -EFAULT; 1423 1424 olr = min_t(int, olr, sizeof(int)); 1425 if (olr < 0) 1426 return -EINVAL; 1427 1428 if (put_user(olr, optlen)) 1429 return -EFAULT; 1430 if (copy_to_user(optval, &val, olr)) 1431 return -EFAULT; 1432 return 0; 1433 } 1434 1435 /* 1436 * The IP multicast ioctl support routines. 1437 */ 1438 1439 int ip6mr_ioctl(struct sock *sk, int cmd, void __user *arg) 1440 { 1441 struct sioc_sg_req6 sr; 1442 struct sioc_mif_req6 vr; 1443 struct mif_device *vif; 1444 struct mfc6_cache *c; 1445 struct net *net = sock_net(sk); 1446 1447 switch (cmd) { 1448 case SIOCGETMIFCNT_IN6: 1449 if (copy_from_user(&vr, arg, sizeof(vr))) 1450 return -EFAULT; 1451 if (vr.mifi >= net->ipv6.maxvif) 1452 return -EINVAL; 1453 read_lock(&mrt_lock); 1454 vif = &net->ipv6.vif6_table[vr.mifi]; 1455 if (MIF_EXISTS(net, vr.mifi)) { 1456 vr.icount = vif->pkt_in; 1457 vr.ocount = vif->pkt_out; 1458 vr.ibytes = vif->bytes_in; 1459 vr.obytes = vif->bytes_out; 1460 read_unlock(&mrt_lock); 1461 1462 if (copy_to_user(arg, &vr, sizeof(vr))) 1463 return -EFAULT; 1464 return 0; 1465 } 1466 read_unlock(&mrt_lock); 1467 return -EADDRNOTAVAIL; 1468 case SIOCGETSGCNT_IN6: 1469 if (copy_from_user(&sr, arg, sizeof(sr))) 1470 return -EFAULT; 1471 1472 read_lock(&mrt_lock); 1473 c = ip6mr_cache_find(net, &sr.src.sin6_addr, &sr.grp.sin6_addr); 1474 if (c) { 1475 sr.pktcnt = c->mfc_un.res.pkt; 1476 sr.bytecnt = c->mfc_un.res.bytes; 1477 sr.wrong_if = c->mfc_un.res.wrong_if; 1478 read_unlock(&mrt_lock); 1479 1480 if (copy_to_user(arg, &sr, sizeof(sr))) 1481 return -EFAULT; 1482 return 0; 1483 } 1484 read_unlock(&mrt_lock); 1485 return -EADDRNOTAVAIL; 1486 default: 1487 return -ENOIOCTLCMD; 1488 } 1489 } 1490 1491 1492 static inline int ip6mr_forward2_finish(struct sk_buff *skb) 1493 { 1494 IP6_INC_STATS_BH(dev_net(skb_dst(skb)->dev), ip6_dst_idev(skb_dst(skb)), 1495 IPSTATS_MIB_OUTFORWDATAGRAMS); 1496 return dst_output(skb); 1497 } 1498 1499 /* 1500 * Processing handlers for ip6mr_forward 1501 */ 1502 1503 static int ip6mr_forward2(struct sk_buff *skb, struct mfc6_cache *c, int vifi) 1504 { 1505 struct ipv6hdr *ipv6h; 1506 struct net *net = mfc6_net(c); 1507 struct mif_device *vif = &net->ipv6.vif6_table[vifi]; 1508 struct net_device *dev; 1509 struct dst_entry *dst; 1510 struct flowi fl; 1511 1512 if (vif->dev == NULL) 1513 goto out_free; 1514 1515 #ifdef CONFIG_IPV6_PIMSM_V2 1516 if (vif->flags & MIFF_REGISTER) { 1517 vif->pkt_out++; 1518 vif->bytes_out += skb->len; 1519 vif->dev->stats.tx_bytes += skb->len; 1520 vif->dev->stats.tx_packets++; 1521 ip6mr_cache_report(net, skb, vifi, MRT6MSG_WHOLEPKT); 1522 goto out_free; 1523 } 1524 #endif 1525 1526 ipv6h = ipv6_hdr(skb); 1527 1528 fl = (struct flowi) { 1529 .oif = vif->link, 1530 .nl_u = { .ip6_u = 1531 { .daddr = ipv6h->daddr, } 1532 } 1533 }; 1534 1535 dst = ip6_route_output(net, NULL, &fl); 1536 if (!dst) 1537 goto out_free; 1538 1539 skb_dst_drop(skb); 1540 skb_dst_set(skb, dst); 1541 1542 /* 1543 * RFC1584 teaches, that DVMRP/PIM router must deliver packets locally 1544 * not only before forwarding, but after forwarding on all output 1545 * interfaces. It is clear, if mrouter runs a multicasting 1546 * program, it should receive packets not depending to what interface 1547 * program is joined. 1548 * If we will not make it, the program will have to join on all 1549 * interfaces. On the other hand, multihoming host (or router, but 1550 * not mrouter) cannot join to more than one interface - it will 1551 * result in receiving multiple packets. 1552 */ 1553 dev = vif->dev; 1554 skb->dev = dev; 1555 vif->pkt_out++; 1556 vif->bytes_out += skb->len; 1557 1558 /* We are about to write */ 1559 /* XXX: extension headers? */ 1560 if (skb_cow(skb, sizeof(*ipv6h) + LL_RESERVED_SPACE(dev))) 1561 goto out_free; 1562 1563 ipv6h = ipv6_hdr(skb); 1564 ipv6h->hop_limit--; 1565 1566 IP6CB(skb)->flags |= IP6SKB_FORWARDED; 1567 1568 return NF_HOOK(PF_INET6, NF_INET_FORWARD, skb, skb->dev, dev, 1569 ip6mr_forward2_finish); 1570 1571 out_free: 1572 kfree_skb(skb); 1573 return 0; 1574 } 1575 1576 static int ip6mr_find_vif(struct net_device *dev) 1577 { 1578 struct net *net = dev_net(dev); 1579 int ct; 1580 for (ct = net->ipv6.maxvif - 1; ct >= 0; ct--) { 1581 if (net->ipv6.vif6_table[ct].dev == dev) 1582 break; 1583 } 1584 return ct; 1585 } 1586 1587 static int ip6_mr_forward(struct sk_buff *skb, struct mfc6_cache *cache) 1588 { 1589 int psend = -1; 1590 int vif, ct; 1591 struct net *net = mfc6_net(cache); 1592 1593 vif = cache->mf6c_parent; 1594 cache->mfc_un.res.pkt++; 1595 cache->mfc_un.res.bytes += skb->len; 1596 1597 /* 1598 * Wrong interface: drop packet and (maybe) send PIM assert. 1599 */ 1600 if (net->ipv6.vif6_table[vif].dev != skb->dev) { 1601 int true_vifi; 1602 1603 cache->mfc_un.res.wrong_if++; 1604 true_vifi = ip6mr_find_vif(skb->dev); 1605 1606 if (true_vifi >= 0 && net->ipv6.mroute_do_assert && 1607 /* pimsm uses asserts, when switching from RPT to SPT, 1608 so that we cannot check that packet arrived on an oif. 1609 It is bad, but otherwise we would need to move pretty 1610 large chunk of pimd to kernel. Ough... --ANK 1611 */ 1612 (net->ipv6.mroute_do_pim || 1613 cache->mfc_un.res.ttls[true_vifi] < 255) && 1614 time_after(jiffies, 1615 cache->mfc_un.res.last_assert + MFC_ASSERT_THRESH)) { 1616 cache->mfc_un.res.last_assert = jiffies; 1617 ip6mr_cache_report(net, skb, true_vifi, MRT6MSG_WRONGMIF); 1618 } 1619 goto dont_forward; 1620 } 1621 1622 net->ipv6.vif6_table[vif].pkt_in++; 1623 net->ipv6.vif6_table[vif].bytes_in += skb->len; 1624 1625 /* 1626 * Forward the frame 1627 */ 1628 for (ct = cache->mfc_un.res.maxvif - 1; ct >= cache->mfc_un.res.minvif; ct--) { 1629 if (ipv6_hdr(skb)->hop_limit > cache->mfc_un.res.ttls[ct]) { 1630 if (psend != -1) { 1631 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC); 1632 if (skb2) 1633 ip6mr_forward2(skb2, cache, psend); 1634 } 1635 psend = ct; 1636 } 1637 } 1638 if (psend != -1) { 1639 ip6mr_forward2(skb, cache, psend); 1640 return 0; 1641 } 1642 1643 dont_forward: 1644 kfree_skb(skb); 1645 return 0; 1646 } 1647 1648 1649 /* 1650 * Multicast packets for forwarding arrive here 1651 */ 1652 1653 int ip6_mr_input(struct sk_buff *skb) 1654 { 1655 struct mfc6_cache *cache; 1656 struct net *net = dev_net(skb->dev); 1657 1658 read_lock(&mrt_lock); 1659 cache = ip6mr_cache_find(net, 1660 &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr); 1661 1662 /* 1663 * No usable cache entry 1664 */ 1665 if (cache == NULL) { 1666 int vif; 1667 1668 vif = ip6mr_find_vif(skb->dev); 1669 if (vif >= 0) { 1670 int err = ip6mr_cache_unresolved(net, vif, skb); 1671 read_unlock(&mrt_lock); 1672 1673 return err; 1674 } 1675 read_unlock(&mrt_lock); 1676 kfree_skb(skb); 1677 return -ENODEV; 1678 } 1679 1680 ip6_mr_forward(skb, cache); 1681 1682 read_unlock(&mrt_lock); 1683 1684 return 0; 1685 } 1686 1687 1688 static int 1689 ip6mr_fill_mroute(struct sk_buff *skb, struct mfc6_cache *c, struct rtmsg *rtm) 1690 { 1691 int ct; 1692 struct rtnexthop *nhp; 1693 struct net *net = mfc6_net(c); 1694 struct net_device *dev = net->ipv6.vif6_table[c->mf6c_parent].dev; 1695 u8 *b = skb_tail_pointer(skb); 1696 struct rtattr *mp_head; 1697 1698 if (dev) 1699 RTA_PUT(skb, RTA_IIF, 4, &dev->ifindex); 1700 1701 mp_head = (struct rtattr *)skb_put(skb, RTA_LENGTH(0)); 1702 1703 for (ct = c->mfc_un.res.minvif; ct < c->mfc_un.res.maxvif; ct++) { 1704 if (c->mfc_un.res.ttls[ct] < 255) { 1705 if (skb_tailroom(skb) < RTA_ALIGN(RTA_ALIGN(sizeof(*nhp)) + 4)) 1706 goto rtattr_failure; 1707 nhp = (struct rtnexthop *)skb_put(skb, RTA_ALIGN(sizeof(*nhp))); 1708 nhp->rtnh_flags = 0; 1709 nhp->rtnh_hops = c->mfc_un.res.ttls[ct]; 1710 nhp->rtnh_ifindex = net->ipv6.vif6_table[ct].dev->ifindex; 1711 nhp->rtnh_len = sizeof(*nhp); 1712 } 1713 } 1714 mp_head->rta_type = RTA_MULTIPATH; 1715 mp_head->rta_len = skb_tail_pointer(skb) - (u8 *)mp_head; 1716 rtm->rtm_type = RTN_MULTICAST; 1717 return 1; 1718 1719 rtattr_failure: 1720 nlmsg_trim(skb, b); 1721 return -EMSGSIZE; 1722 } 1723 1724 int ip6mr_get_route(struct net *net, 1725 struct sk_buff *skb, struct rtmsg *rtm, int nowait) 1726 { 1727 int err; 1728 struct mfc6_cache *cache; 1729 struct rt6_info *rt = (struct rt6_info *)skb_dst(skb); 1730 1731 read_lock(&mrt_lock); 1732 cache = ip6mr_cache_find(net, &rt->rt6i_src.addr, &rt->rt6i_dst.addr); 1733 1734 if (!cache) { 1735 struct sk_buff *skb2; 1736 struct ipv6hdr *iph; 1737 struct net_device *dev; 1738 int vif; 1739 1740 if (nowait) { 1741 read_unlock(&mrt_lock); 1742 return -EAGAIN; 1743 } 1744 1745 dev = skb->dev; 1746 if (dev == NULL || (vif = ip6mr_find_vif(dev)) < 0) { 1747 read_unlock(&mrt_lock); 1748 return -ENODEV; 1749 } 1750 1751 /* really correct? */ 1752 skb2 = alloc_skb(sizeof(struct ipv6hdr), GFP_ATOMIC); 1753 if (!skb2) { 1754 read_unlock(&mrt_lock); 1755 return -ENOMEM; 1756 } 1757 1758 skb_reset_transport_header(skb2); 1759 1760 skb_put(skb2, sizeof(struct ipv6hdr)); 1761 skb_reset_network_header(skb2); 1762 1763 iph = ipv6_hdr(skb2); 1764 iph->version = 0; 1765 iph->priority = 0; 1766 iph->flow_lbl[0] = 0; 1767 iph->flow_lbl[1] = 0; 1768 iph->flow_lbl[2] = 0; 1769 iph->payload_len = 0; 1770 iph->nexthdr = IPPROTO_NONE; 1771 iph->hop_limit = 0; 1772 ipv6_addr_copy(&iph->saddr, &rt->rt6i_src.addr); 1773 ipv6_addr_copy(&iph->daddr, &rt->rt6i_dst.addr); 1774 1775 err = ip6mr_cache_unresolved(net, vif, skb2); 1776 read_unlock(&mrt_lock); 1777 1778 return err; 1779 } 1780 1781 if (!nowait && (rtm->rtm_flags&RTM_F_NOTIFY)) 1782 cache->mfc_flags |= MFC_NOTIFY; 1783 1784 err = ip6mr_fill_mroute(skb, cache, rtm); 1785 read_unlock(&mrt_lock); 1786 return err; 1787 } 1788 1789