1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Multicast support for IPv6 4 * Linux INET6 implementation 5 * 6 * Authors: 7 * Pedro Roque <roque@di.fc.ul.pt> 8 * 9 * Based on linux/ipv4/igmp.c and linux/ipv4/ip_sockglue.c 10 */ 11 12 /* Changes: 13 * 14 * yoshfuji : fix format of router-alert option 15 * YOSHIFUJI Hideaki @USAGI: 16 * Fixed source address for MLD message based on 17 * <draft-ietf-magma-mld-source-05.txt>. 18 * YOSHIFUJI Hideaki @USAGI: 19 * - Ignore Queries for invalid addresses. 20 * - MLD for link-local addresses. 21 * David L Stevens <dlstevens@us.ibm.com>: 22 * - MLDv2 support 23 */ 24 25 #include <linux/module.h> 26 #include <linux/errno.h> 27 #include <linux/types.h> 28 #include <linux/string.h> 29 #include <linux/socket.h> 30 #include <linux/sockios.h> 31 #include <linux/jiffies.h> 32 #include <linux/net.h> 33 #include <linux/in.h> 34 #include <linux/in6.h> 35 #include <linux/netdevice.h> 36 #include <linux/if_addr.h> 37 #include <linux/if_arp.h> 38 #include <linux/route.h> 39 #include <linux/rtnetlink.h> 40 #include <linux/init.h> 41 #include <linux/proc_fs.h> 42 #include <linux/seq_file.h> 43 #include <linux/slab.h> 44 #include <linux/pkt_sched.h> 45 #include <net/mld.h> 46 #include <linux/workqueue.h> 47 48 #include <linux/netfilter.h> 49 #include <linux/netfilter_ipv6.h> 50 51 #include <net/net_namespace.h> 52 #include <net/netlink.h> 53 #include <net/sock.h> 54 #include <net/snmp.h> 55 56 #include <net/ipv6.h> 57 #include <net/protocol.h> 58 #include <net/if_inet6.h> 59 #include <net/ndisc.h> 60 #include <net/addrconf.h> 61 #include <net/ip6_route.h> 62 #include <net/inet_common.h> 63 64 #include <net/ip6_checksum.h> 65 66 /* Ensure that we have struct in6_addr aligned on 32bit word. */ 67 static int __mld2_query_bugs[] __attribute__((__unused__)) = { 68 BUILD_BUG_ON_ZERO(offsetof(struct mld2_query, mld2q_srcs) % 4), 69 BUILD_BUG_ON_ZERO(offsetof(struct mld2_report, mld2r_grec) % 4), 70 BUILD_BUG_ON_ZERO(offsetof(struct mld2_grec, grec_mca) % 4) 71 }; 72 73 static struct workqueue_struct *mld_wq; 74 static struct in6_addr mld2_all_mcr = MLD2_ALL_MCR_INIT; 75 76 static void igmp6_join_group(struct ifmcaddr6 *ma); 77 static void igmp6_leave_group(struct ifmcaddr6 *ma); 78 static void mld_mca_work(struct work_struct *work); 79 80 static void mld_ifc_event(struct inet6_dev *idev); 81 static bool mld_in_v1_mode(const struct inet6_dev *idev); 82 static int sf_setstate(struct ifmcaddr6 *pmc); 83 static void sf_markstate(struct ifmcaddr6 *pmc); 84 static void ip6_mc_clear_src(struct ifmcaddr6 *pmc); 85 static int ip6_mc_del_src(struct inet6_dev *idev, const struct in6_addr *pmca, 86 int sfmode, int sfcount, const struct in6_addr *psfsrc, 87 int delta); 88 static int ip6_mc_add_src(struct inet6_dev *idev, const struct in6_addr *pmca, 89 int sfmode, int sfcount, const struct in6_addr *psfsrc, 90 int delta); 91 static int ip6_mc_leave_src(struct sock *sk, struct ipv6_mc_socklist *iml, 92 struct inet6_dev *idev); 93 static int __ipv6_dev_mc_inc(struct net_device *dev, 94 const struct in6_addr *addr, unsigned int mode); 95 96 #define MLD_QRV_DEFAULT 2 97 /* RFC3810, 9.2. Query Interval */ 98 #define MLD_QI_DEFAULT (125 * HZ) 99 /* RFC3810, 9.3. Query Response Interval */ 100 #define MLD_QRI_DEFAULT (10 * HZ) 101 102 /* RFC3810, 8.1 Query Version Distinctions */ 103 #define MLD_V1_QUERY_LEN 24 104 #define MLD_V2_QUERY_LEN_MIN 28 105 106 #define IPV6_MLD_MAX_MSF 64 107 108 int sysctl_mld_max_msf __read_mostly = IPV6_MLD_MAX_MSF; 109 int sysctl_mld_qrv __read_mostly = MLD_QRV_DEFAULT; 110 111 /* 112 * socket join on multicast group 113 */ 114 #define mc_dereference(e, idev) \ 115 rcu_dereference_protected(e, lockdep_is_held(&(idev)->mc_lock)) 116 117 #define sock_dereference(e, sk) \ 118 rcu_dereference_protected(e, lockdep_sock_is_held(sk)) 119 120 #define for_each_pmc_socklock(np, sk, pmc) \ 121 for (pmc = sock_dereference((np)->ipv6_mc_list, sk); \ 122 pmc; \ 123 pmc = sock_dereference(pmc->next, sk)) 124 125 #define for_each_pmc_rcu(np, pmc) \ 126 for (pmc = rcu_dereference((np)->ipv6_mc_list); \ 127 pmc; \ 128 pmc = rcu_dereference(pmc->next)) 129 130 #define for_each_psf_mclock(mc, psf) \ 131 for (psf = mc_dereference((mc)->mca_sources, mc->idev); \ 132 psf; \ 133 psf = mc_dereference(psf->sf_next, mc->idev)) 134 135 #define for_each_psf_rcu(mc, psf) \ 136 for (psf = rcu_dereference((mc)->mca_sources); \ 137 psf; \ 138 psf = rcu_dereference(psf->sf_next)) 139 140 #define for_each_psf_tomb(mc, psf) \ 141 for (psf = mc_dereference((mc)->mca_tomb, mc->idev); \ 142 psf; \ 143 psf = mc_dereference(psf->sf_next, mc->idev)) 144 145 #define for_each_mc_mclock(idev, mc) \ 146 for (mc = mc_dereference((idev)->mc_list, idev); \ 147 mc; \ 148 mc = mc_dereference(mc->next, idev)) 149 150 #define for_each_mc_rcu(idev, mc) \ 151 for (mc = rcu_dereference((idev)->mc_list); \ 152 mc; \ 153 mc = rcu_dereference(mc->next)) 154 155 #define for_each_mc_tomb(idev, mc) \ 156 for (mc = mc_dereference((idev)->mc_tomb, idev); \ 157 mc; \ 158 mc = mc_dereference(mc->next, idev)) 159 160 static int unsolicited_report_interval(struct inet6_dev *idev) 161 { 162 int iv; 163 164 if (mld_in_v1_mode(idev)) 165 iv = READ_ONCE(idev->cnf.mldv1_unsolicited_report_interval); 166 else 167 iv = READ_ONCE(idev->cnf.mldv2_unsolicited_report_interval); 168 169 return iv > 0 ? iv : 1; 170 } 171 172 static int __ipv6_sock_mc_join(struct sock *sk, int ifindex, 173 const struct in6_addr *addr, unsigned int mode) 174 { 175 struct net_device *dev = NULL; 176 struct ipv6_mc_socklist *mc_lst; 177 struct ipv6_pinfo *np = inet6_sk(sk); 178 struct net *net = sock_net(sk); 179 int err; 180 181 ASSERT_RTNL(); 182 183 if (!ipv6_addr_is_multicast(addr)) 184 return -EINVAL; 185 186 for_each_pmc_socklock(np, sk, mc_lst) { 187 if ((ifindex == 0 || mc_lst->ifindex == ifindex) && 188 ipv6_addr_equal(&mc_lst->addr, addr)) 189 return -EADDRINUSE; 190 } 191 192 mc_lst = sock_kmalloc(sk, sizeof(struct ipv6_mc_socklist), GFP_KERNEL); 193 194 if (!mc_lst) 195 return -ENOMEM; 196 197 mc_lst->next = NULL; 198 mc_lst->addr = *addr; 199 200 if (ifindex == 0) { 201 struct rt6_info *rt; 202 rt = rt6_lookup(net, addr, NULL, 0, NULL, 0); 203 if (rt) { 204 dev = rt->dst.dev; 205 ip6_rt_put(rt); 206 } 207 } else 208 dev = __dev_get_by_index(net, ifindex); 209 210 if (!dev) { 211 sock_kfree_s(sk, mc_lst, sizeof(*mc_lst)); 212 return -ENODEV; 213 } 214 215 mc_lst->ifindex = dev->ifindex; 216 mc_lst->sfmode = mode; 217 RCU_INIT_POINTER(mc_lst->sflist, NULL); 218 219 /* 220 * now add/increase the group membership on the device 221 */ 222 223 err = __ipv6_dev_mc_inc(dev, addr, mode); 224 225 if (err) { 226 sock_kfree_s(sk, mc_lst, sizeof(*mc_lst)); 227 return err; 228 } 229 230 mc_lst->next = np->ipv6_mc_list; 231 rcu_assign_pointer(np->ipv6_mc_list, mc_lst); 232 233 return 0; 234 } 235 236 int ipv6_sock_mc_join(struct sock *sk, int ifindex, const struct in6_addr *addr) 237 { 238 return __ipv6_sock_mc_join(sk, ifindex, addr, MCAST_EXCLUDE); 239 } 240 EXPORT_SYMBOL(ipv6_sock_mc_join); 241 242 int ipv6_sock_mc_join_ssm(struct sock *sk, int ifindex, 243 const struct in6_addr *addr, unsigned int mode) 244 { 245 return __ipv6_sock_mc_join(sk, ifindex, addr, mode); 246 } 247 248 /* 249 * socket leave on multicast group 250 */ 251 int ipv6_sock_mc_drop(struct sock *sk, int ifindex, const struct in6_addr *addr) 252 { 253 struct ipv6_pinfo *np = inet6_sk(sk); 254 struct ipv6_mc_socklist *mc_lst; 255 struct ipv6_mc_socklist __rcu **lnk; 256 struct net *net = sock_net(sk); 257 258 ASSERT_RTNL(); 259 260 if (!ipv6_addr_is_multicast(addr)) 261 return -EINVAL; 262 263 for (lnk = &np->ipv6_mc_list; 264 (mc_lst = sock_dereference(*lnk, sk)) != NULL; 265 lnk = &mc_lst->next) { 266 if ((ifindex == 0 || mc_lst->ifindex == ifindex) && 267 ipv6_addr_equal(&mc_lst->addr, addr)) { 268 struct net_device *dev; 269 270 *lnk = mc_lst->next; 271 272 dev = __dev_get_by_index(net, mc_lst->ifindex); 273 if (dev) { 274 struct inet6_dev *idev = __in6_dev_get(dev); 275 276 ip6_mc_leave_src(sk, mc_lst, idev); 277 if (idev) 278 __ipv6_dev_mc_dec(idev, &mc_lst->addr); 279 } else { 280 ip6_mc_leave_src(sk, mc_lst, NULL); 281 } 282 283 atomic_sub(sizeof(*mc_lst), &sk->sk_omem_alloc); 284 kfree_rcu(mc_lst, rcu); 285 return 0; 286 } 287 } 288 289 return -EADDRNOTAVAIL; 290 } 291 EXPORT_SYMBOL(ipv6_sock_mc_drop); 292 293 static struct inet6_dev *ip6_mc_find_dev_rtnl(struct net *net, 294 const struct in6_addr *group, 295 int ifindex) 296 { 297 struct net_device *dev = NULL; 298 struct inet6_dev *idev = NULL; 299 300 if (ifindex == 0) { 301 struct rt6_info *rt = rt6_lookup(net, group, NULL, 0, NULL, 0); 302 303 if (rt) { 304 dev = rt->dst.dev; 305 ip6_rt_put(rt); 306 } 307 } else { 308 dev = __dev_get_by_index(net, ifindex); 309 } 310 311 if (!dev) 312 return NULL; 313 idev = __in6_dev_get(dev); 314 if (!idev) 315 return NULL; 316 if (idev->dead) 317 return NULL; 318 return idev; 319 } 320 321 void __ipv6_sock_mc_close(struct sock *sk) 322 { 323 struct ipv6_pinfo *np = inet6_sk(sk); 324 struct ipv6_mc_socklist *mc_lst; 325 struct net *net = sock_net(sk); 326 327 ASSERT_RTNL(); 328 329 while ((mc_lst = sock_dereference(np->ipv6_mc_list, sk)) != NULL) { 330 struct net_device *dev; 331 332 np->ipv6_mc_list = mc_lst->next; 333 334 dev = __dev_get_by_index(net, mc_lst->ifindex); 335 if (dev) { 336 struct inet6_dev *idev = __in6_dev_get(dev); 337 338 ip6_mc_leave_src(sk, mc_lst, idev); 339 if (idev) 340 __ipv6_dev_mc_dec(idev, &mc_lst->addr); 341 } else { 342 ip6_mc_leave_src(sk, mc_lst, NULL); 343 } 344 345 atomic_sub(sizeof(*mc_lst), &sk->sk_omem_alloc); 346 kfree_rcu(mc_lst, rcu); 347 } 348 } 349 350 void ipv6_sock_mc_close(struct sock *sk) 351 { 352 struct ipv6_pinfo *np = inet6_sk(sk); 353 354 if (!rcu_access_pointer(np->ipv6_mc_list)) 355 return; 356 357 rtnl_lock(); 358 lock_sock(sk); 359 __ipv6_sock_mc_close(sk); 360 release_sock(sk); 361 rtnl_unlock(); 362 } 363 364 int ip6_mc_source(int add, int omode, struct sock *sk, 365 struct group_source_req *pgsr) 366 { 367 struct in6_addr *source, *group; 368 struct ipv6_mc_socklist *pmc; 369 struct inet6_dev *idev; 370 struct ipv6_pinfo *inet6 = inet6_sk(sk); 371 struct ip6_sf_socklist *psl; 372 struct net *net = sock_net(sk); 373 int i, j, rv; 374 int leavegroup = 0; 375 int err; 376 377 source = &((struct sockaddr_in6 *)&pgsr->gsr_source)->sin6_addr; 378 group = &((struct sockaddr_in6 *)&pgsr->gsr_group)->sin6_addr; 379 380 if (!ipv6_addr_is_multicast(group)) 381 return -EINVAL; 382 383 idev = ip6_mc_find_dev_rtnl(net, group, pgsr->gsr_interface); 384 if (!idev) 385 return -ENODEV; 386 387 err = -EADDRNOTAVAIL; 388 389 mutex_lock(&idev->mc_lock); 390 for_each_pmc_socklock(inet6, sk, pmc) { 391 if (pgsr->gsr_interface && pmc->ifindex != pgsr->gsr_interface) 392 continue; 393 if (ipv6_addr_equal(&pmc->addr, group)) 394 break; 395 } 396 if (!pmc) { /* must have a prior join */ 397 err = -EINVAL; 398 goto done; 399 } 400 /* if a source filter was set, must be the same mode as before */ 401 if (rcu_access_pointer(pmc->sflist)) { 402 if (pmc->sfmode != omode) { 403 err = -EINVAL; 404 goto done; 405 } 406 } else if (pmc->sfmode != omode) { 407 /* allow mode switches for empty-set filters */ 408 ip6_mc_add_src(idev, group, omode, 0, NULL, 0); 409 ip6_mc_del_src(idev, group, pmc->sfmode, 0, NULL, 0); 410 pmc->sfmode = omode; 411 } 412 413 psl = sock_dereference(pmc->sflist, sk); 414 if (!add) { 415 if (!psl) 416 goto done; /* err = -EADDRNOTAVAIL */ 417 rv = !0; 418 for (i = 0; i < psl->sl_count; i++) { 419 rv = !ipv6_addr_equal(&psl->sl_addr[i], source); 420 if (rv == 0) 421 break; 422 } 423 if (rv) /* source not found */ 424 goto done; /* err = -EADDRNOTAVAIL */ 425 426 /* special case - (INCLUDE, empty) == LEAVE_GROUP */ 427 if (psl->sl_count == 1 && omode == MCAST_INCLUDE) { 428 leavegroup = 1; 429 goto done; 430 } 431 432 /* update the interface filter */ 433 ip6_mc_del_src(idev, group, omode, 1, source, 1); 434 435 for (j = i+1; j < psl->sl_count; j++) 436 psl->sl_addr[j-1] = psl->sl_addr[j]; 437 psl->sl_count--; 438 err = 0; 439 goto done; 440 } 441 /* else, add a new source to the filter */ 442 443 if (psl && psl->sl_count >= sysctl_mld_max_msf) { 444 err = -ENOBUFS; 445 goto done; 446 } 447 if (!psl || psl->sl_count == psl->sl_max) { 448 struct ip6_sf_socklist *newpsl; 449 int count = IP6_SFBLOCK; 450 451 if (psl) 452 count += psl->sl_max; 453 newpsl = sock_kmalloc(sk, struct_size(newpsl, sl_addr, count), 454 GFP_KERNEL); 455 if (!newpsl) { 456 err = -ENOBUFS; 457 goto done; 458 } 459 newpsl->sl_max = count; 460 newpsl->sl_count = count - IP6_SFBLOCK; 461 if (psl) { 462 for (i = 0; i < psl->sl_count; i++) 463 newpsl->sl_addr[i] = psl->sl_addr[i]; 464 atomic_sub(struct_size(psl, sl_addr, psl->sl_max), 465 &sk->sk_omem_alloc); 466 } 467 rcu_assign_pointer(pmc->sflist, newpsl); 468 kfree_rcu(psl, rcu); 469 psl = newpsl; 470 } 471 rv = 1; /* > 0 for insert logic below if sl_count is 0 */ 472 for (i = 0; i < psl->sl_count; i++) { 473 rv = !ipv6_addr_equal(&psl->sl_addr[i], source); 474 if (rv == 0) /* There is an error in the address. */ 475 goto done; 476 } 477 for (j = psl->sl_count-1; j >= i; j--) 478 psl->sl_addr[j+1] = psl->sl_addr[j]; 479 psl->sl_addr[i] = *source; 480 psl->sl_count++; 481 err = 0; 482 /* update the interface list */ 483 ip6_mc_add_src(idev, group, omode, 1, source, 1); 484 done: 485 mutex_unlock(&idev->mc_lock); 486 if (leavegroup) 487 err = ipv6_sock_mc_drop(sk, pgsr->gsr_interface, group); 488 return err; 489 } 490 491 int ip6_mc_msfilter(struct sock *sk, struct group_filter *gsf, 492 struct sockaddr_storage *list) 493 { 494 const struct in6_addr *group; 495 struct ipv6_mc_socklist *pmc; 496 struct inet6_dev *idev; 497 struct ipv6_pinfo *inet6 = inet6_sk(sk); 498 struct ip6_sf_socklist *newpsl, *psl; 499 struct net *net = sock_net(sk); 500 int leavegroup = 0; 501 int i, err; 502 503 group = &((struct sockaddr_in6 *)&gsf->gf_group)->sin6_addr; 504 505 if (!ipv6_addr_is_multicast(group)) 506 return -EINVAL; 507 if (gsf->gf_fmode != MCAST_INCLUDE && 508 gsf->gf_fmode != MCAST_EXCLUDE) 509 return -EINVAL; 510 511 idev = ip6_mc_find_dev_rtnl(net, group, gsf->gf_interface); 512 if (!idev) 513 return -ENODEV; 514 515 err = 0; 516 517 if (gsf->gf_fmode == MCAST_INCLUDE && gsf->gf_numsrc == 0) { 518 leavegroup = 1; 519 goto done; 520 } 521 522 for_each_pmc_socklock(inet6, sk, pmc) { 523 if (pmc->ifindex != gsf->gf_interface) 524 continue; 525 if (ipv6_addr_equal(&pmc->addr, group)) 526 break; 527 } 528 if (!pmc) { /* must have a prior join */ 529 err = -EINVAL; 530 goto done; 531 } 532 if (gsf->gf_numsrc) { 533 newpsl = sock_kmalloc(sk, struct_size(newpsl, sl_addr, 534 gsf->gf_numsrc), 535 GFP_KERNEL); 536 if (!newpsl) { 537 err = -ENOBUFS; 538 goto done; 539 } 540 newpsl->sl_max = newpsl->sl_count = gsf->gf_numsrc; 541 for (i = 0; i < newpsl->sl_count; ++i, ++list) { 542 struct sockaddr_in6 *psin6; 543 544 psin6 = (struct sockaddr_in6 *)list; 545 newpsl->sl_addr[i] = psin6->sin6_addr; 546 } 547 mutex_lock(&idev->mc_lock); 548 err = ip6_mc_add_src(idev, group, gsf->gf_fmode, 549 newpsl->sl_count, newpsl->sl_addr, 0); 550 if (err) { 551 mutex_unlock(&idev->mc_lock); 552 sock_kfree_s(sk, newpsl, struct_size(newpsl, sl_addr, 553 newpsl->sl_max)); 554 goto done; 555 } 556 mutex_unlock(&idev->mc_lock); 557 } else { 558 newpsl = NULL; 559 mutex_lock(&idev->mc_lock); 560 ip6_mc_add_src(idev, group, gsf->gf_fmode, 0, NULL, 0); 561 mutex_unlock(&idev->mc_lock); 562 } 563 564 mutex_lock(&idev->mc_lock); 565 psl = sock_dereference(pmc->sflist, sk); 566 if (psl) { 567 ip6_mc_del_src(idev, group, pmc->sfmode, 568 psl->sl_count, psl->sl_addr, 0); 569 atomic_sub(struct_size(psl, sl_addr, psl->sl_max), 570 &sk->sk_omem_alloc); 571 } else { 572 ip6_mc_del_src(idev, group, pmc->sfmode, 0, NULL, 0); 573 } 574 rcu_assign_pointer(pmc->sflist, newpsl); 575 mutex_unlock(&idev->mc_lock); 576 kfree_rcu(psl, rcu); 577 pmc->sfmode = gsf->gf_fmode; 578 err = 0; 579 done: 580 if (leavegroup) 581 err = ipv6_sock_mc_drop(sk, gsf->gf_interface, group); 582 return err; 583 } 584 585 int ip6_mc_msfget(struct sock *sk, struct group_filter *gsf, 586 sockptr_t optval, size_t ss_offset) 587 { 588 struct ipv6_pinfo *inet6 = inet6_sk(sk); 589 const struct in6_addr *group; 590 struct ipv6_mc_socklist *pmc; 591 struct ip6_sf_socklist *psl; 592 unsigned int count; 593 int i, copycount; 594 595 group = &((struct sockaddr_in6 *)&gsf->gf_group)->sin6_addr; 596 597 if (!ipv6_addr_is_multicast(group)) 598 return -EINVAL; 599 600 /* changes to the ipv6_mc_list require the socket lock and 601 * rtnl lock. We have the socket lock, so reading the list is safe. 602 */ 603 604 for_each_pmc_socklock(inet6, sk, pmc) { 605 if (pmc->ifindex != gsf->gf_interface) 606 continue; 607 if (ipv6_addr_equal(group, &pmc->addr)) 608 break; 609 } 610 if (!pmc) /* must have a prior join */ 611 return -EADDRNOTAVAIL; 612 613 gsf->gf_fmode = pmc->sfmode; 614 psl = sock_dereference(pmc->sflist, sk); 615 count = psl ? psl->sl_count : 0; 616 617 copycount = min(count, gsf->gf_numsrc); 618 gsf->gf_numsrc = count; 619 for (i = 0; i < copycount; i++) { 620 struct sockaddr_in6 *psin6; 621 struct sockaddr_storage ss; 622 623 psin6 = (struct sockaddr_in6 *)&ss; 624 memset(&ss, 0, sizeof(ss)); 625 psin6->sin6_family = AF_INET6; 626 psin6->sin6_addr = psl->sl_addr[i]; 627 if (copy_to_sockptr_offset(optval, ss_offset, &ss, sizeof(ss))) 628 return -EFAULT; 629 ss_offset += sizeof(ss); 630 } 631 return 0; 632 } 633 634 bool inet6_mc_check(const struct sock *sk, const struct in6_addr *mc_addr, 635 const struct in6_addr *src_addr) 636 { 637 const struct ipv6_pinfo *np = inet6_sk(sk); 638 const struct ipv6_mc_socklist *mc; 639 const struct ip6_sf_socklist *psl; 640 bool rv = true; 641 642 rcu_read_lock(); 643 for_each_pmc_rcu(np, mc) { 644 if (ipv6_addr_equal(&mc->addr, mc_addr)) 645 break; 646 } 647 if (!mc) { 648 rcu_read_unlock(); 649 return inet6_test_bit(MC6_ALL, sk); 650 } 651 psl = rcu_dereference(mc->sflist); 652 if (!psl) { 653 rv = mc->sfmode == MCAST_EXCLUDE; 654 } else { 655 int i; 656 657 for (i = 0; i < psl->sl_count; i++) { 658 if (ipv6_addr_equal(&psl->sl_addr[i], src_addr)) 659 break; 660 } 661 if (mc->sfmode == MCAST_INCLUDE && i >= psl->sl_count) 662 rv = false; 663 if (mc->sfmode == MCAST_EXCLUDE && i < psl->sl_count) 664 rv = false; 665 } 666 rcu_read_unlock(); 667 668 return rv; 669 } 670 671 /* called with mc_lock */ 672 static void igmp6_group_added(struct ifmcaddr6 *mc) 673 { 674 struct net_device *dev = mc->idev->dev; 675 char buf[MAX_ADDR_LEN]; 676 677 if (IPV6_ADDR_MC_SCOPE(&mc->mca_addr) < 678 IPV6_ADDR_SCOPE_LINKLOCAL) 679 return; 680 681 if (!(mc->mca_flags&MAF_LOADED)) { 682 mc->mca_flags |= MAF_LOADED; 683 if (ndisc_mc_map(&mc->mca_addr, buf, dev, 0) == 0) 684 dev_mc_add(dev, buf); 685 } 686 687 if (!(dev->flags & IFF_UP) || (mc->mca_flags & MAF_NOREPORT)) 688 return; 689 690 if (mld_in_v1_mode(mc->idev)) { 691 igmp6_join_group(mc); 692 return; 693 } 694 /* else v2 */ 695 696 /* Based on RFC3810 6.1, for newly added INCLUDE SSM, we 697 * should not send filter-mode change record as the mode 698 * should be from IN() to IN(A). 699 */ 700 if (mc->mca_sfmode == MCAST_EXCLUDE) 701 mc->mca_crcount = mc->idev->mc_qrv; 702 703 mld_ifc_event(mc->idev); 704 } 705 706 /* called with mc_lock */ 707 static void igmp6_group_dropped(struct ifmcaddr6 *mc) 708 { 709 struct net_device *dev = mc->idev->dev; 710 char buf[MAX_ADDR_LEN]; 711 712 if (IPV6_ADDR_MC_SCOPE(&mc->mca_addr) < 713 IPV6_ADDR_SCOPE_LINKLOCAL) 714 return; 715 716 if (mc->mca_flags&MAF_LOADED) { 717 mc->mca_flags &= ~MAF_LOADED; 718 if (ndisc_mc_map(&mc->mca_addr, buf, dev, 0) == 0) 719 dev_mc_del(dev, buf); 720 } 721 722 if (mc->mca_flags & MAF_NOREPORT) 723 return; 724 725 if (!mc->idev->dead) 726 igmp6_leave_group(mc); 727 728 if (cancel_delayed_work(&mc->mca_work)) 729 refcount_dec(&mc->mca_refcnt); 730 } 731 732 /* 733 * deleted ifmcaddr6 manipulation 734 * called with mc_lock 735 */ 736 static void mld_add_delrec(struct inet6_dev *idev, struct ifmcaddr6 *im) 737 { 738 struct ifmcaddr6 *pmc; 739 740 /* this is an "ifmcaddr6" for convenience; only the fields below 741 * are actually used. In particular, the refcnt and users are not 742 * used for management of the delete list. Using the same structure 743 * for deleted items allows change reports to use common code with 744 * non-deleted or query-response MCA's. 745 */ 746 pmc = kzalloc(sizeof(*pmc), GFP_KERNEL); 747 if (!pmc) 748 return; 749 750 pmc->idev = im->idev; 751 in6_dev_hold(idev); 752 pmc->mca_addr = im->mca_addr; 753 pmc->mca_crcount = idev->mc_qrv; 754 pmc->mca_sfmode = im->mca_sfmode; 755 if (pmc->mca_sfmode == MCAST_INCLUDE) { 756 struct ip6_sf_list *psf; 757 758 rcu_assign_pointer(pmc->mca_tomb, 759 mc_dereference(im->mca_tomb, idev)); 760 rcu_assign_pointer(pmc->mca_sources, 761 mc_dereference(im->mca_sources, idev)); 762 RCU_INIT_POINTER(im->mca_tomb, NULL); 763 RCU_INIT_POINTER(im->mca_sources, NULL); 764 765 for_each_psf_mclock(pmc, psf) 766 psf->sf_crcount = pmc->mca_crcount; 767 } 768 769 rcu_assign_pointer(pmc->next, idev->mc_tomb); 770 rcu_assign_pointer(idev->mc_tomb, pmc); 771 } 772 773 /* called with mc_lock */ 774 static void mld_del_delrec(struct inet6_dev *idev, struct ifmcaddr6 *im) 775 { 776 struct ip6_sf_list *psf, *sources, *tomb; 777 struct in6_addr *pmca = &im->mca_addr; 778 struct ifmcaddr6 *pmc, *pmc_prev; 779 780 pmc_prev = NULL; 781 for_each_mc_tomb(idev, pmc) { 782 if (ipv6_addr_equal(&pmc->mca_addr, pmca)) 783 break; 784 pmc_prev = pmc; 785 } 786 if (pmc) { 787 if (pmc_prev) 788 rcu_assign_pointer(pmc_prev->next, pmc->next); 789 else 790 rcu_assign_pointer(idev->mc_tomb, pmc->next); 791 } 792 793 if (pmc) { 794 im->idev = pmc->idev; 795 if (im->mca_sfmode == MCAST_INCLUDE) { 796 tomb = rcu_replace_pointer(im->mca_tomb, 797 mc_dereference(pmc->mca_tomb, pmc->idev), 798 lockdep_is_held(&im->idev->mc_lock)); 799 rcu_assign_pointer(pmc->mca_tomb, tomb); 800 801 sources = rcu_replace_pointer(im->mca_sources, 802 mc_dereference(pmc->mca_sources, pmc->idev), 803 lockdep_is_held(&im->idev->mc_lock)); 804 rcu_assign_pointer(pmc->mca_sources, sources); 805 for_each_psf_mclock(im, psf) 806 psf->sf_crcount = idev->mc_qrv; 807 } else { 808 im->mca_crcount = idev->mc_qrv; 809 } 810 in6_dev_put(pmc->idev); 811 ip6_mc_clear_src(pmc); 812 kfree_rcu(pmc, rcu); 813 } 814 } 815 816 /* called with mc_lock */ 817 static void mld_clear_delrec(struct inet6_dev *idev) 818 { 819 struct ifmcaddr6 *pmc, *nextpmc; 820 821 pmc = mc_dereference(idev->mc_tomb, idev); 822 RCU_INIT_POINTER(idev->mc_tomb, NULL); 823 824 for (; pmc; pmc = nextpmc) { 825 nextpmc = mc_dereference(pmc->next, idev); 826 ip6_mc_clear_src(pmc); 827 in6_dev_put(pmc->idev); 828 kfree_rcu(pmc, rcu); 829 } 830 831 /* clear dead sources, too */ 832 for_each_mc_mclock(idev, pmc) { 833 struct ip6_sf_list *psf, *psf_next; 834 835 psf = mc_dereference(pmc->mca_tomb, idev); 836 RCU_INIT_POINTER(pmc->mca_tomb, NULL); 837 for (; psf; psf = psf_next) { 838 psf_next = mc_dereference(psf->sf_next, idev); 839 kfree_rcu(psf, rcu); 840 } 841 } 842 } 843 844 static void mld_clear_query(struct inet6_dev *idev) 845 { 846 struct sk_buff *skb; 847 848 spin_lock_bh(&idev->mc_query_lock); 849 while ((skb = __skb_dequeue(&idev->mc_query_queue))) 850 kfree_skb(skb); 851 spin_unlock_bh(&idev->mc_query_lock); 852 } 853 854 static void mld_clear_report(struct inet6_dev *idev) 855 { 856 struct sk_buff *skb; 857 858 spin_lock_bh(&idev->mc_report_lock); 859 while ((skb = __skb_dequeue(&idev->mc_report_queue))) 860 kfree_skb(skb); 861 spin_unlock_bh(&idev->mc_report_lock); 862 } 863 864 static void mca_get(struct ifmcaddr6 *mc) 865 { 866 refcount_inc(&mc->mca_refcnt); 867 } 868 869 static void ma_put(struct ifmcaddr6 *mc) 870 { 871 if (refcount_dec_and_test(&mc->mca_refcnt)) { 872 in6_dev_put(mc->idev); 873 kfree_rcu(mc, rcu); 874 } 875 } 876 877 /* called with mc_lock */ 878 static struct ifmcaddr6 *mca_alloc(struct inet6_dev *idev, 879 const struct in6_addr *addr, 880 unsigned int mode) 881 { 882 struct ifmcaddr6 *mc; 883 884 mc = kzalloc(sizeof(*mc), GFP_KERNEL); 885 if (!mc) 886 return NULL; 887 888 INIT_DELAYED_WORK(&mc->mca_work, mld_mca_work); 889 890 mc->mca_addr = *addr; 891 mc->idev = idev; /* reference taken by caller */ 892 mc->mca_users = 1; 893 /* mca_stamp should be updated upon changes */ 894 mc->mca_cstamp = mc->mca_tstamp = jiffies; 895 refcount_set(&mc->mca_refcnt, 1); 896 897 mc->mca_sfmode = mode; 898 mc->mca_sfcount[mode] = 1; 899 900 if (ipv6_addr_is_ll_all_nodes(&mc->mca_addr) || 901 IPV6_ADDR_MC_SCOPE(&mc->mca_addr) < IPV6_ADDR_SCOPE_LINKLOCAL) 902 mc->mca_flags |= MAF_NOREPORT; 903 904 return mc; 905 } 906 907 static void inet6_ifmcaddr_notify(struct net_device *dev, 908 const struct ifmcaddr6 *ifmca, int event) 909 { 910 struct inet6_fill_args fillargs = { 911 .portid = 0, 912 .seq = 0, 913 .event = event, 914 .flags = 0, 915 .netnsid = -1, 916 .force_rt_scope_universe = true, 917 }; 918 struct net *net = dev_net(dev); 919 struct sk_buff *skb; 920 int err = -ENOMEM; 921 922 skb = nlmsg_new(NLMSG_ALIGN(sizeof(struct ifaddrmsg)) + 923 nla_total_size(16), GFP_ATOMIC); 924 if (!skb) 925 goto error; 926 927 err = inet6_fill_ifmcaddr(skb, ifmca, &fillargs); 928 if (err < 0) { 929 WARN_ON_ONCE(err == -EMSGSIZE); 930 nlmsg_free(skb); 931 goto error; 932 } 933 934 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_MCADDR, NULL, GFP_ATOMIC); 935 return; 936 error: 937 rtnl_set_sk_err(net, RTNLGRP_IPV6_MCADDR, err); 938 } 939 940 /* 941 * device multicast group inc (add if not found) 942 */ 943 static int __ipv6_dev_mc_inc(struct net_device *dev, 944 const struct in6_addr *addr, unsigned int mode) 945 { 946 struct ifmcaddr6 *mc; 947 struct inet6_dev *idev; 948 949 ASSERT_RTNL(); 950 951 /* we need to take a reference on idev */ 952 idev = in6_dev_get(dev); 953 954 if (!idev) 955 return -EINVAL; 956 957 if (idev->dead) { 958 in6_dev_put(idev); 959 return -ENODEV; 960 } 961 962 mutex_lock(&idev->mc_lock); 963 for_each_mc_mclock(idev, mc) { 964 if (ipv6_addr_equal(&mc->mca_addr, addr)) { 965 mc->mca_users++; 966 ip6_mc_add_src(idev, &mc->mca_addr, mode, 0, NULL, 0); 967 mutex_unlock(&idev->mc_lock); 968 in6_dev_put(idev); 969 return 0; 970 } 971 } 972 973 mc = mca_alloc(idev, addr, mode); 974 if (!mc) { 975 mutex_unlock(&idev->mc_lock); 976 in6_dev_put(idev); 977 return -ENOMEM; 978 } 979 980 rcu_assign_pointer(mc->next, idev->mc_list); 981 rcu_assign_pointer(idev->mc_list, mc); 982 983 mca_get(mc); 984 985 mld_del_delrec(idev, mc); 986 igmp6_group_added(mc); 987 inet6_ifmcaddr_notify(dev, mc, RTM_NEWMULTICAST); 988 mutex_unlock(&idev->mc_lock); 989 ma_put(mc); 990 return 0; 991 } 992 993 int ipv6_dev_mc_inc(struct net_device *dev, const struct in6_addr *addr) 994 { 995 return __ipv6_dev_mc_inc(dev, addr, MCAST_EXCLUDE); 996 } 997 EXPORT_SYMBOL(ipv6_dev_mc_inc); 998 999 /* 1000 * device multicast group del 1001 */ 1002 int __ipv6_dev_mc_dec(struct inet6_dev *idev, const struct in6_addr *addr) 1003 { 1004 struct ifmcaddr6 *ma, __rcu **map; 1005 1006 ASSERT_RTNL(); 1007 1008 mutex_lock(&idev->mc_lock); 1009 for (map = &idev->mc_list; 1010 (ma = mc_dereference(*map, idev)); 1011 map = &ma->next) { 1012 if (ipv6_addr_equal(&ma->mca_addr, addr)) { 1013 if (--ma->mca_users == 0) { 1014 *map = ma->next; 1015 1016 igmp6_group_dropped(ma); 1017 inet6_ifmcaddr_notify(idev->dev, ma, 1018 RTM_DELMULTICAST); 1019 ip6_mc_clear_src(ma); 1020 mutex_unlock(&idev->mc_lock); 1021 1022 ma_put(ma); 1023 return 0; 1024 } 1025 mutex_unlock(&idev->mc_lock); 1026 return 0; 1027 } 1028 } 1029 1030 mutex_unlock(&idev->mc_lock); 1031 return -ENOENT; 1032 } 1033 1034 int ipv6_dev_mc_dec(struct net_device *dev, const struct in6_addr *addr) 1035 { 1036 struct inet6_dev *idev; 1037 int err; 1038 1039 ASSERT_RTNL(); 1040 1041 idev = __in6_dev_get(dev); 1042 if (!idev) 1043 err = -ENODEV; 1044 else 1045 err = __ipv6_dev_mc_dec(idev, addr); 1046 1047 return err; 1048 } 1049 EXPORT_SYMBOL(ipv6_dev_mc_dec); 1050 1051 /* 1052 * check if the interface/address pair is valid 1053 */ 1054 bool ipv6_chk_mcast_addr(struct net_device *dev, const struct in6_addr *group, 1055 const struct in6_addr *src_addr) 1056 { 1057 struct inet6_dev *idev; 1058 struct ifmcaddr6 *mc; 1059 bool rv = false; 1060 1061 rcu_read_lock(); 1062 idev = __in6_dev_get(dev); 1063 if (!idev) 1064 goto unlock; 1065 for_each_mc_rcu(idev, mc) { 1066 if (ipv6_addr_equal(&mc->mca_addr, group)) 1067 break; 1068 } 1069 if (!mc) 1070 goto unlock; 1071 if (src_addr && !ipv6_addr_any(src_addr)) { 1072 struct ip6_sf_list *psf; 1073 1074 for_each_psf_rcu(mc, psf) { 1075 if (ipv6_addr_equal(&psf->sf_addr, src_addr)) 1076 break; 1077 } 1078 if (psf) 1079 rv = READ_ONCE(psf->sf_count[MCAST_INCLUDE]) || 1080 READ_ONCE(psf->sf_count[MCAST_EXCLUDE]) != 1081 READ_ONCE(mc->mca_sfcount[MCAST_EXCLUDE]); 1082 else 1083 rv = READ_ONCE(mc->mca_sfcount[MCAST_EXCLUDE]) != 0; 1084 } else { 1085 rv = true; /* don't filter unspecified source */ 1086 } 1087 unlock: 1088 rcu_read_unlock(); 1089 return rv; 1090 } 1091 1092 /* called with mc_lock */ 1093 static void mld_gq_start_work(struct inet6_dev *idev) 1094 { 1095 unsigned long tv = get_random_u32_below(idev->mc_maxdelay); 1096 1097 idev->mc_gq_running = 1; 1098 if (!mod_delayed_work(mld_wq, &idev->mc_gq_work, tv + 2)) 1099 in6_dev_hold(idev); 1100 } 1101 1102 /* called with mc_lock */ 1103 static void mld_gq_stop_work(struct inet6_dev *idev) 1104 { 1105 idev->mc_gq_running = 0; 1106 if (cancel_delayed_work(&idev->mc_gq_work)) 1107 __in6_dev_put(idev); 1108 } 1109 1110 /* called with mc_lock */ 1111 static void mld_ifc_start_work(struct inet6_dev *idev, unsigned long delay) 1112 { 1113 unsigned long tv = get_random_u32_below(delay); 1114 1115 if (!mod_delayed_work(mld_wq, &idev->mc_ifc_work, tv + 2)) 1116 in6_dev_hold(idev); 1117 } 1118 1119 /* called with mc_lock */ 1120 static void mld_ifc_stop_work(struct inet6_dev *idev) 1121 { 1122 idev->mc_ifc_count = 0; 1123 if (cancel_delayed_work(&idev->mc_ifc_work)) 1124 __in6_dev_put(idev); 1125 } 1126 1127 /* called with mc_lock */ 1128 static void mld_dad_start_work(struct inet6_dev *idev, unsigned long delay) 1129 { 1130 unsigned long tv = get_random_u32_below(delay); 1131 1132 if (!mod_delayed_work(mld_wq, &idev->mc_dad_work, tv + 2)) 1133 in6_dev_hold(idev); 1134 } 1135 1136 static void mld_dad_stop_work(struct inet6_dev *idev) 1137 { 1138 if (cancel_delayed_work(&idev->mc_dad_work)) 1139 __in6_dev_put(idev); 1140 } 1141 1142 static void mld_query_stop_work(struct inet6_dev *idev) 1143 { 1144 spin_lock_bh(&idev->mc_query_lock); 1145 if (cancel_delayed_work(&idev->mc_query_work)) 1146 __in6_dev_put(idev); 1147 spin_unlock_bh(&idev->mc_query_lock); 1148 } 1149 1150 static void mld_report_stop_work(struct inet6_dev *idev) 1151 { 1152 if (cancel_delayed_work_sync(&idev->mc_report_work)) 1153 __in6_dev_put(idev); 1154 } 1155 1156 /* 1157 * IGMP handling (alias multicast ICMPv6 messages) 1158 * called with mc_lock 1159 */ 1160 static void igmp6_group_queried(struct ifmcaddr6 *ma, unsigned long resptime) 1161 { 1162 unsigned long delay = resptime; 1163 1164 /* Do not start work for these addresses */ 1165 if (ipv6_addr_is_ll_all_nodes(&ma->mca_addr) || 1166 IPV6_ADDR_MC_SCOPE(&ma->mca_addr) < IPV6_ADDR_SCOPE_LINKLOCAL) 1167 return; 1168 1169 if (cancel_delayed_work(&ma->mca_work)) { 1170 refcount_dec(&ma->mca_refcnt); 1171 delay = ma->mca_work.timer.expires - jiffies; 1172 } 1173 1174 if (delay >= resptime) 1175 delay = get_random_u32_below(resptime); 1176 1177 if (!mod_delayed_work(mld_wq, &ma->mca_work, delay)) 1178 refcount_inc(&ma->mca_refcnt); 1179 ma->mca_flags |= MAF_TIMER_RUNNING; 1180 } 1181 1182 /* mark EXCLUDE-mode sources 1183 * called with mc_lock 1184 */ 1185 static bool mld_xmarksources(struct ifmcaddr6 *pmc, int nsrcs, 1186 const struct in6_addr *srcs) 1187 { 1188 struct ip6_sf_list *psf; 1189 int i, scount; 1190 1191 scount = 0; 1192 for_each_psf_mclock(pmc, psf) { 1193 if (scount == nsrcs) 1194 break; 1195 for (i = 0; i < nsrcs; i++) { 1196 /* skip inactive filters */ 1197 if (psf->sf_count[MCAST_INCLUDE] || 1198 pmc->mca_sfcount[MCAST_EXCLUDE] != 1199 psf->sf_count[MCAST_EXCLUDE]) 1200 break; 1201 if (ipv6_addr_equal(&srcs[i], &psf->sf_addr)) { 1202 scount++; 1203 break; 1204 } 1205 } 1206 } 1207 pmc->mca_flags &= ~MAF_GSQUERY; 1208 if (scount == nsrcs) /* all sources excluded */ 1209 return false; 1210 return true; 1211 } 1212 1213 /* called with mc_lock */ 1214 static bool mld_marksources(struct ifmcaddr6 *pmc, int nsrcs, 1215 const struct in6_addr *srcs) 1216 { 1217 struct ip6_sf_list *psf; 1218 int i, scount; 1219 1220 if (pmc->mca_sfmode == MCAST_EXCLUDE) 1221 return mld_xmarksources(pmc, nsrcs, srcs); 1222 1223 /* mark INCLUDE-mode sources */ 1224 1225 scount = 0; 1226 for_each_psf_mclock(pmc, psf) { 1227 if (scount == nsrcs) 1228 break; 1229 for (i = 0; i < nsrcs; i++) { 1230 if (ipv6_addr_equal(&srcs[i], &psf->sf_addr)) { 1231 psf->sf_gsresp = 1; 1232 scount++; 1233 break; 1234 } 1235 } 1236 } 1237 if (!scount) { 1238 pmc->mca_flags &= ~MAF_GSQUERY; 1239 return false; 1240 } 1241 pmc->mca_flags |= MAF_GSQUERY; 1242 return true; 1243 } 1244 1245 static int mld_force_mld_version(const struct inet6_dev *idev) 1246 { 1247 const struct net *net = dev_net(idev->dev); 1248 int all_force; 1249 1250 all_force = READ_ONCE(net->ipv6.devconf_all->force_mld_version); 1251 /* Normally, both are 0 here. If enforcement to a particular is 1252 * being used, individual device enforcement will have a lower 1253 * precedence over 'all' device (.../conf/all/force_mld_version). 1254 */ 1255 return all_force ?: READ_ONCE(idev->cnf.force_mld_version); 1256 } 1257 1258 static bool mld_in_v2_mode_only(const struct inet6_dev *idev) 1259 { 1260 return mld_force_mld_version(idev) == 2; 1261 } 1262 1263 static bool mld_in_v1_mode_only(const struct inet6_dev *idev) 1264 { 1265 return mld_force_mld_version(idev) == 1; 1266 } 1267 1268 static bool mld_in_v1_mode(const struct inet6_dev *idev) 1269 { 1270 if (mld_in_v2_mode_only(idev)) 1271 return false; 1272 if (mld_in_v1_mode_only(idev)) 1273 return true; 1274 if (idev->mc_v1_seen && time_before(jiffies, idev->mc_v1_seen)) 1275 return true; 1276 1277 return false; 1278 } 1279 1280 static void mld_set_v1_mode(struct inet6_dev *idev) 1281 { 1282 /* RFC3810, relevant sections: 1283 * - 9.1. Robustness Variable 1284 * - 9.2. Query Interval 1285 * - 9.3. Query Response Interval 1286 * - 9.12. Older Version Querier Present Timeout 1287 */ 1288 unsigned long switchback; 1289 1290 switchback = (idev->mc_qrv * idev->mc_qi) + idev->mc_qri; 1291 1292 idev->mc_v1_seen = jiffies + switchback; 1293 } 1294 1295 static void mld_update_qrv(struct inet6_dev *idev, 1296 const struct mld2_query *mlh2) 1297 { 1298 /* RFC3810, relevant sections: 1299 * - 5.1.8. QRV (Querier's Robustness Variable) 1300 * - 9.1. Robustness Variable 1301 */ 1302 1303 /* The value of the Robustness Variable MUST NOT be zero, 1304 * and SHOULD NOT be one. Catch this here if we ever run 1305 * into such a case in future. 1306 */ 1307 const int min_qrv = min(MLD_QRV_DEFAULT, sysctl_mld_qrv); 1308 WARN_ON(idev->mc_qrv == 0); 1309 1310 if (mlh2->mld2q_qrv > 0) 1311 idev->mc_qrv = mlh2->mld2q_qrv; 1312 1313 if (unlikely(idev->mc_qrv < min_qrv)) { 1314 net_warn_ratelimited("IPv6: MLD: clamping QRV from %u to %u!\n", 1315 idev->mc_qrv, min_qrv); 1316 idev->mc_qrv = min_qrv; 1317 } 1318 } 1319 1320 static void mld_update_qi(struct inet6_dev *idev, 1321 const struct mld2_query *mlh2) 1322 { 1323 /* RFC3810, relevant sections: 1324 * - 5.1.9. QQIC (Querier's Query Interval Code) 1325 * - 9.2. Query Interval 1326 * - 9.12. Older Version Querier Present Timeout 1327 * (the [Query Interval] in the last Query received) 1328 */ 1329 unsigned long mc_qqi; 1330 1331 if (mlh2->mld2q_qqic < 128) { 1332 mc_qqi = mlh2->mld2q_qqic; 1333 } else { 1334 unsigned long mc_man, mc_exp; 1335 1336 mc_exp = MLDV2_QQIC_EXP(mlh2->mld2q_qqic); 1337 mc_man = MLDV2_QQIC_MAN(mlh2->mld2q_qqic); 1338 1339 mc_qqi = (mc_man | 0x10) << (mc_exp + 3); 1340 } 1341 1342 idev->mc_qi = mc_qqi * HZ; 1343 } 1344 1345 static void mld_update_qri(struct inet6_dev *idev, 1346 const struct mld2_query *mlh2) 1347 { 1348 /* RFC3810, relevant sections: 1349 * - 5.1.3. Maximum Response Code 1350 * - 9.3. Query Response Interval 1351 */ 1352 idev->mc_qri = msecs_to_jiffies(mldv2_mrc(mlh2)); 1353 } 1354 1355 static int mld_process_v1(struct inet6_dev *idev, struct mld_msg *mld, 1356 unsigned long *max_delay, bool v1_query) 1357 { 1358 unsigned long mldv1_md; 1359 1360 /* Ignore v1 queries */ 1361 if (mld_in_v2_mode_only(idev)) 1362 return -EINVAL; 1363 1364 mldv1_md = ntohs(mld->mld_maxdelay); 1365 1366 /* When in MLDv1 fallback and a MLDv2 router start-up being 1367 * unaware of current MLDv1 operation, the MRC == MRD mapping 1368 * only works when the exponential algorithm is not being 1369 * used (as MLDv1 is unaware of such things). 1370 * 1371 * According to the RFC author, the MLDv2 implementations 1372 * he's aware of all use a MRC < 32768 on start up queries. 1373 * 1374 * Thus, should we *ever* encounter something else larger 1375 * than that, just assume the maximum possible within our 1376 * reach. 1377 */ 1378 if (!v1_query) 1379 mldv1_md = min(mldv1_md, MLDV1_MRD_MAX_COMPAT); 1380 1381 *max_delay = max(msecs_to_jiffies(mldv1_md), 1UL); 1382 1383 /* MLDv1 router present: we need to go into v1 mode *only* 1384 * when an MLDv1 query is received as per section 9.12. of 1385 * RFC3810! And we know from RFC2710 section 3.7 that MLDv1 1386 * queries MUST be of exactly 24 octets. 1387 */ 1388 if (v1_query) 1389 mld_set_v1_mode(idev); 1390 1391 /* cancel MLDv2 report work */ 1392 mld_gq_stop_work(idev); 1393 /* cancel the interface change work */ 1394 mld_ifc_stop_work(idev); 1395 /* clear deleted report items */ 1396 mld_clear_delrec(idev); 1397 1398 return 0; 1399 } 1400 1401 static void mld_process_v2(struct inet6_dev *idev, struct mld2_query *mld, 1402 unsigned long *max_delay) 1403 { 1404 *max_delay = max(msecs_to_jiffies(mldv2_mrc(mld)), 1UL); 1405 1406 mld_update_qrv(idev, mld); 1407 mld_update_qi(idev, mld); 1408 mld_update_qri(idev, mld); 1409 1410 idev->mc_maxdelay = *max_delay; 1411 1412 return; 1413 } 1414 1415 /* called with rcu_read_lock() */ 1416 void igmp6_event_query(struct sk_buff *skb) 1417 { 1418 struct inet6_dev *idev = __in6_dev_get(skb->dev); 1419 1420 if (!idev || idev->dead) 1421 goto out; 1422 1423 spin_lock_bh(&idev->mc_query_lock); 1424 if (skb_queue_len(&idev->mc_query_queue) < MLD_MAX_SKBS) { 1425 __skb_queue_tail(&idev->mc_query_queue, skb); 1426 if (!mod_delayed_work(mld_wq, &idev->mc_query_work, 0)) 1427 in6_dev_hold(idev); 1428 skb = NULL; 1429 } 1430 spin_unlock_bh(&idev->mc_query_lock); 1431 out: 1432 kfree_skb(skb); 1433 } 1434 1435 static void __mld_query_work(struct sk_buff *skb) 1436 { 1437 struct mld2_query *mlh2 = NULL; 1438 const struct in6_addr *group; 1439 unsigned long max_delay; 1440 struct inet6_dev *idev; 1441 struct ifmcaddr6 *ma; 1442 struct mld_msg *mld; 1443 int group_type; 1444 int mark = 0; 1445 int len, err; 1446 1447 if (!pskb_may_pull(skb, sizeof(struct in6_addr))) 1448 goto kfree_skb; 1449 1450 /* compute payload length excluding extension headers */ 1451 len = ntohs(ipv6_hdr(skb)->payload_len) + sizeof(struct ipv6hdr); 1452 len -= skb_network_header_len(skb); 1453 1454 /* RFC3810 6.2 1455 * Upon reception of an MLD message that contains a Query, the node 1456 * checks if the source address of the message is a valid link-local 1457 * address, if the Hop Limit is set to 1, and if the Router Alert 1458 * option is present in the Hop-By-Hop Options header of the IPv6 1459 * packet. If any of these checks fails, the packet is dropped. 1460 */ 1461 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL) || 1462 ipv6_hdr(skb)->hop_limit != 1 || 1463 !(IP6CB(skb)->flags & IP6SKB_ROUTERALERT) || 1464 IP6CB(skb)->ra != htons(IPV6_OPT_ROUTERALERT_MLD)) 1465 goto kfree_skb; 1466 1467 idev = in6_dev_get(skb->dev); 1468 if (!idev) 1469 goto kfree_skb; 1470 1471 mld = (struct mld_msg *)icmp6_hdr(skb); 1472 group = &mld->mld_mca; 1473 group_type = ipv6_addr_type(group); 1474 1475 if (group_type != IPV6_ADDR_ANY && 1476 !(group_type&IPV6_ADDR_MULTICAST)) 1477 goto out; 1478 1479 if (len < MLD_V1_QUERY_LEN) { 1480 goto out; 1481 } else if (len == MLD_V1_QUERY_LEN || mld_in_v1_mode(idev)) { 1482 err = mld_process_v1(idev, mld, &max_delay, 1483 len == MLD_V1_QUERY_LEN); 1484 if (err < 0) 1485 goto out; 1486 } else if (len >= MLD_V2_QUERY_LEN_MIN) { 1487 int srcs_offset = sizeof(struct mld2_query) - 1488 sizeof(struct icmp6hdr); 1489 1490 if (!pskb_may_pull(skb, srcs_offset)) 1491 goto out; 1492 1493 mlh2 = (struct mld2_query *)skb_transport_header(skb); 1494 1495 mld_process_v2(idev, mlh2, &max_delay); 1496 1497 if (group_type == IPV6_ADDR_ANY) { /* general query */ 1498 if (mlh2->mld2q_nsrcs) 1499 goto out; /* no sources allowed */ 1500 1501 mld_gq_start_work(idev); 1502 goto out; 1503 } 1504 /* mark sources to include, if group & source-specific */ 1505 if (mlh2->mld2q_nsrcs != 0) { 1506 if (!pskb_may_pull(skb, srcs_offset + 1507 ntohs(mlh2->mld2q_nsrcs) * sizeof(struct in6_addr))) 1508 goto out; 1509 1510 mlh2 = (struct mld2_query *)skb_transport_header(skb); 1511 mark = 1; 1512 } 1513 } else { 1514 goto out; 1515 } 1516 1517 if (group_type == IPV6_ADDR_ANY) { 1518 for_each_mc_mclock(idev, ma) { 1519 igmp6_group_queried(ma, max_delay); 1520 } 1521 } else { 1522 for_each_mc_mclock(idev, ma) { 1523 if (!ipv6_addr_equal(group, &ma->mca_addr)) 1524 continue; 1525 if (ma->mca_flags & MAF_TIMER_RUNNING) { 1526 /* gsquery <- gsquery && mark */ 1527 if (!mark) 1528 ma->mca_flags &= ~MAF_GSQUERY; 1529 } else { 1530 /* gsquery <- mark */ 1531 if (mark) 1532 ma->mca_flags |= MAF_GSQUERY; 1533 else 1534 ma->mca_flags &= ~MAF_GSQUERY; 1535 } 1536 if (!(ma->mca_flags & MAF_GSQUERY) || 1537 mld_marksources(ma, ntohs(mlh2->mld2q_nsrcs), mlh2->mld2q_srcs)) 1538 igmp6_group_queried(ma, max_delay); 1539 break; 1540 } 1541 } 1542 1543 out: 1544 in6_dev_put(idev); 1545 kfree_skb: 1546 consume_skb(skb); 1547 } 1548 1549 static void mld_query_work(struct work_struct *work) 1550 { 1551 struct inet6_dev *idev = container_of(to_delayed_work(work), 1552 struct inet6_dev, 1553 mc_query_work); 1554 struct sk_buff_head q; 1555 struct sk_buff *skb; 1556 bool rework = false; 1557 int cnt = 0; 1558 1559 skb_queue_head_init(&q); 1560 1561 spin_lock_bh(&idev->mc_query_lock); 1562 while ((skb = __skb_dequeue(&idev->mc_query_queue))) { 1563 __skb_queue_tail(&q, skb); 1564 1565 if (++cnt >= MLD_MAX_QUEUE) { 1566 rework = true; 1567 break; 1568 } 1569 } 1570 spin_unlock_bh(&idev->mc_query_lock); 1571 1572 mutex_lock(&idev->mc_lock); 1573 while ((skb = __skb_dequeue(&q))) 1574 __mld_query_work(skb); 1575 mutex_unlock(&idev->mc_lock); 1576 1577 if (rework && queue_delayed_work(mld_wq, &idev->mc_query_work, 0)) 1578 return; 1579 1580 in6_dev_put(idev); 1581 } 1582 1583 /* called with rcu_read_lock() */ 1584 void igmp6_event_report(struct sk_buff *skb) 1585 { 1586 struct inet6_dev *idev = __in6_dev_get(skb->dev); 1587 1588 if (!idev || idev->dead) 1589 goto out; 1590 1591 spin_lock_bh(&idev->mc_report_lock); 1592 if (skb_queue_len(&idev->mc_report_queue) < MLD_MAX_SKBS) { 1593 __skb_queue_tail(&idev->mc_report_queue, skb); 1594 if (!mod_delayed_work(mld_wq, &idev->mc_report_work, 0)) 1595 in6_dev_hold(idev); 1596 skb = NULL; 1597 } 1598 spin_unlock_bh(&idev->mc_report_lock); 1599 out: 1600 kfree_skb(skb); 1601 } 1602 1603 static void __mld_report_work(struct sk_buff *skb) 1604 { 1605 struct inet6_dev *idev; 1606 struct ifmcaddr6 *ma; 1607 struct mld_msg *mld; 1608 int addr_type; 1609 1610 /* Our own report looped back. Ignore it. */ 1611 if (skb->pkt_type == PACKET_LOOPBACK) 1612 goto kfree_skb; 1613 1614 /* send our report if the MC router may not have heard this report */ 1615 if (skb->pkt_type != PACKET_MULTICAST && 1616 skb->pkt_type != PACKET_BROADCAST) 1617 goto kfree_skb; 1618 1619 if (!pskb_may_pull(skb, sizeof(*mld) - sizeof(struct icmp6hdr))) 1620 goto kfree_skb; 1621 1622 mld = (struct mld_msg *)icmp6_hdr(skb); 1623 1624 /* Drop reports with not link local source */ 1625 addr_type = ipv6_addr_type(&ipv6_hdr(skb)->saddr); 1626 if (addr_type != IPV6_ADDR_ANY && 1627 !(addr_type&IPV6_ADDR_LINKLOCAL)) 1628 goto kfree_skb; 1629 1630 idev = in6_dev_get(skb->dev); 1631 if (!idev) 1632 goto kfree_skb; 1633 1634 /* 1635 * Cancel the work for this group 1636 */ 1637 1638 for_each_mc_mclock(idev, ma) { 1639 if (ipv6_addr_equal(&ma->mca_addr, &mld->mld_mca)) { 1640 if (cancel_delayed_work(&ma->mca_work)) 1641 refcount_dec(&ma->mca_refcnt); 1642 ma->mca_flags &= ~(MAF_LAST_REPORTER | 1643 MAF_TIMER_RUNNING); 1644 break; 1645 } 1646 } 1647 1648 in6_dev_put(idev); 1649 kfree_skb: 1650 consume_skb(skb); 1651 } 1652 1653 static void mld_report_work(struct work_struct *work) 1654 { 1655 struct inet6_dev *idev = container_of(to_delayed_work(work), 1656 struct inet6_dev, 1657 mc_report_work); 1658 struct sk_buff_head q; 1659 struct sk_buff *skb; 1660 bool rework = false; 1661 int cnt = 0; 1662 1663 skb_queue_head_init(&q); 1664 spin_lock_bh(&idev->mc_report_lock); 1665 while ((skb = __skb_dequeue(&idev->mc_report_queue))) { 1666 __skb_queue_tail(&q, skb); 1667 1668 if (++cnt >= MLD_MAX_QUEUE) { 1669 rework = true; 1670 break; 1671 } 1672 } 1673 spin_unlock_bh(&idev->mc_report_lock); 1674 1675 mutex_lock(&idev->mc_lock); 1676 while ((skb = __skb_dequeue(&q))) 1677 __mld_report_work(skb); 1678 mutex_unlock(&idev->mc_lock); 1679 1680 if (rework && queue_delayed_work(mld_wq, &idev->mc_report_work, 0)) 1681 return; 1682 1683 in6_dev_put(idev); 1684 } 1685 1686 static bool is_in(struct ifmcaddr6 *pmc, struct ip6_sf_list *psf, int type, 1687 int gdeleted, int sdeleted) 1688 { 1689 switch (type) { 1690 case MLD2_MODE_IS_INCLUDE: 1691 case MLD2_MODE_IS_EXCLUDE: 1692 if (gdeleted || sdeleted) 1693 return false; 1694 if (!((pmc->mca_flags & MAF_GSQUERY) && !psf->sf_gsresp)) { 1695 if (pmc->mca_sfmode == MCAST_INCLUDE) 1696 return true; 1697 /* don't include if this source is excluded 1698 * in all filters 1699 */ 1700 if (psf->sf_count[MCAST_INCLUDE]) 1701 return type == MLD2_MODE_IS_INCLUDE; 1702 return pmc->mca_sfcount[MCAST_EXCLUDE] == 1703 psf->sf_count[MCAST_EXCLUDE]; 1704 } 1705 return false; 1706 case MLD2_CHANGE_TO_INCLUDE: 1707 if (gdeleted || sdeleted) 1708 return false; 1709 return psf->sf_count[MCAST_INCLUDE] != 0; 1710 case MLD2_CHANGE_TO_EXCLUDE: 1711 if (gdeleted || sdeleted) 1712 return false; 1713 if (pmc->mca_sfcount[MCAST_EXCLUDE] == 0 || 1714 psf->sf_count[MCAST_INCLUDE]) 1715 return false; 1716 return pmc->mca_sfcount[MCAST_EXCLUDE] == 1717 psf->sf_count[MCAST_EXCLUDE]; 1718 case MLD2_ALLOW_NEW_SOURCES: 1719 if (gdeleted || !psf->sf_crcount) 1720 return false; 1721 return (pmc->mca_sfmode == MCAST_INCLUDE) ^ sdeleted; 1722 case MLD2_BLOCK_OLD_SOURCES: 1723 if (pmc->mca_sfmode == MCAST_INCLUDE) 1724 return gdeleted || (psf->sf_crcount && sdeleted); 1725 return psf->sf_crcount && !gdeleted && !sdeleted; 1726 } 1727 return false; 1728 } 1729 1730 static int 1731 mld_scount(struct ifmcaddr6 *pmc, int type, int gdeleted, int sdeleted) 1732 { 1733 struct ip6_sf_list *psf; 1734 int scount = 0; 1735 1736 for_each_psf_mclock(pmc, psf) { 1737 if (!is_in(pmc, psf, type, gdeleted, sdeleted)) 1738 continue; 1739 scount++; 1740 } 1741 return scount; 1742 } 1743 1744 static void ip6_mc_hdr(const struct sock *sk, struct sk_buff *skb, 1745 struct net_device *dev, const struct in6_addr *saddr, 1746 const struct in6_addr *daddr, int proto, int len) 1747 { 1748 struct ipv6hdr *hdr; 1749 1750 skb->protocol = htons(ETH_P_IPV6); 1751 skb->dev = dev; 1752 1753 skb_reset_network_header(skb); 1754 skb_put(skb, sizeof(struct ipv6hdr)); 1755 hdr = ipv6_hdr(skb); 1756 1757 ip6_flow_hdr(hdr, 0, 0); 1758 1759 hdr->payload_len = htons(len); 1760 hdr->nexthdr = proto; 1761 hdr->hop_limit = READ_ONCE(inet6_sk(sk)->hop_limit); 1762 1763 hdr->saddr = *saddr; 1764 hdr->daddr = *daddr; 1765 } 1766 1767 static struct sk_buff *mld_newpack(struct inet6_dev *idev, unsigned int mtu) 1768 { 1769 u8 ra[8] = { IPPROTO_ICMPV6, 0, IPV6_TLV_ROUTERALERT, 1770 2, 0, 0, IPV6_TLV_PADN, 0 }; 1771 struct net_device *dev = idev->dev; 1772 int hlen = LL_RESERVED_SPACE(dev); 1773 int tlen = dev->needed_tailroom; 1774 struct net *net = dev_net(dev); 1775 const struct in6_addr *saddr; 1776 struct in6_addr addr_buf; 1777 struct mld2_report *pmr; 1778 struct sk_buff *skb; 1779 unsigned int size; 1780 struct sock *sk; 1781 int err; 1782 1783 sk = net->ipv6.igmp_sk; 1784 /* we assume size > sizeof(ra) here 1785 * Also try to not allocate high-order pages for big MTU 1786 */ 1787 size = min_t(int, mtu, PAGE_SIZE / 2) + hlen + tlen; 1788 skb = sock_alloc_send_skb(sk, size, 1, &err); 1789 if (!skb) 1790 return NULL; 1791 1792 skb->priority = TC_PRIO_CONTROL; 1793 skb_reserve(skb, hlen); 1794 skb_tailroom_reserve(skb, mtu, tlen); 1795 1796 if (ipv6_get_lladdr(dev, &addr_buf, IFA_F_TENTATIVE)) { 1797 /* <draft-ietf-magma-mld-source-05.txt>: 1798 * use unspecified address as the source address 1799 * when a valid link-local address is not available. 1800 */ 1801 saddr = &in6addr_any; 1802 } else 1803 saddr = &addr_buf; 1804 1805 ip6_mc_hdr(sk, skb, dev, saddr, &mld2_all_mcr, NEXTHDR_HOP, 0); 1806 1807 skb_put_data(skb, ra, sizeof(ra)); 1808 1809 skb_set_transport_header(skb, skb_tail_pointer(skb) - skb->data); 1810 skb_put(skb, sizeof(*pmr)); 1811 pmr = (struct mld2_report *)skb_transport_header(skb); 1812 pmr->mld2r_type = ICMPV6_MLD2_REPORT; 1813 pmr->mld2r_resv1 = 0; 1814 pmr->mld2r_cksum = 0; 1815 pmr->mld2r_resv2 = 0; 1816 pmr->mld2r_ngrec = 0; 1817 return skb; 1818 } 1819 1820 static void mld_sendpack(struct sk_buff *skb) 1821 { 1822 struct ipv6hdr *pip6 = ipv6_hdr(skb); 1823 struct mld2_report *pmr = 1824 (struct mld2_report *)skb_transport_header(skb); 1825 int payload_len, mldlen; 1826 struct inet6_dev *idev; 1827 struct net *net = dev_net(skb->dev); 1828 int err; 1829 struct flowi6 fl6; 1830 struct dst_entry *dst; 1831 1832 rcu_read_lock(); 1833 idev = __in6_dev_get(skb->dev); 1834 IP6_INC_STATS(net, idev, IPSTATS_MIB_OUTREQUESTS); 1835 1836 payload_len = (skb_tail_pointer(skb) - skb_network_header(skb)) - 1837 sizeof(*pip6); 1838 mldlen = skb_tail_pointer(skb) - skb_transport_header(skb); 1839 pip6->payload_len = htons(payload_len); 1840 1841 pmr->mld2r_cksum = csum_ipv6_magic(&pip6->saddr, &pip6->daddr, mldlen, 1842 IPPROTO_ICMPV6, 1843 csum_partial(skb_transport_header(skb), 1844 mldlen, 0)); 1845 1846 icmpv6_flow_init(net->ipv6.igmp_sk, &fl6, ICMPV6_MLD2_REPORT, 1847 &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr, 1848 skb->dev->ifindex); 1849 dst = icmp6_dst_alloc(skb->dev, &fl6); 1850 1851 err = 0; 1852 if (IS_ERR(dst)) { 1853 err = PTR_ERR(dst); 1854 dst = NULL; 1855 } 1856 skb_dst_set(skb, dst); 1857 if (err) 1858 goto err_out; 1859 1860 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, 1861 net, net->ipv6.igmp_sk, skb, NULL, skb->dev, 1862 dst_output); 1863 out: 1864 if (!err) { 1865 ICMP6MSGOUT_INC_STATS(net, idev, ICMPV6_MLD2_REPORT); 1866 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS); 1867 } else { 1868 IP6_INC_STATS(net, idev, IPSTATS_MIB_OUTDISCARDS); 1869 } 1870 1871 rcu_read_unlock(); 1872 return; 1873 1874 err_out: 1875 kfree_skb(skb); 1876 goto out; 1877 } 1878 1879 static int grec_size(struct ifmcaddr6 *pmc, int type, int gdel, int sdel) 1880 { 1881 return sizeof(struct mld2_grec) + 16 * mld_scount(pmc,type,gdel,sdel); 1882 } 1883 1884 static struct sk_buff *add_grhead(struct sk_buff *skb, struct ifmcaddr6 *pmc, 1885 int type, struct mld2_grec **ppgr, unsigned int mtu) 1886 { 1887 struct mld2_report *pmr; 1888 struct mld2_grec *pgr; 1889 1890 if (!skb) { 1891 skb = mld_newpack(pmc->idev, mtu); 1892 if (!skb) 1893 return NULL; 1894 } 1895 pgr = skb_put(skb, sizeof(struct mld2_grec)); 1896 pgr->grec_type = type; 1897 pgr->grec_auxwords = 0; 1898 pgr->grec_nsrcs = 0; 1899 pgr->grec_mca = pmc->mca_addr; /* structure copy */ 1900 pmr = (struct mld2_report *)skb_transport_header(skb); 1901 pmr->mld2r_ngrec = htons(ntohs(pmr->mld2r_ngrec)+1); 1902 *ppgr = pgr; 1903 return skb; 1904 } 1905 1906 #define AVAILABLE(skb) ((skb) ? skb_availroom(skb) : 0) 1907 1908 /* called with mc_lock */ 1909 static struct sk_buff *add_grec(struct sk_buff *skb, struct ifmcaddr6 *pmc, 1910 int type, int gdeleted, int sdeleted, 1911 int crsend) 1912 { 1913 struct ip6_sf_list *psf, *psf_prev, *psf_next; 1914 int scount, stotal, first, isquery, truncate; 1915 struct ip6_sf_list __rcu **psf_list; 1916 struct inet6_dev *idev = pmc->idev; 1917 struct net_device *dev = idev->dev; 1918 struct mld2_grec *pgr = NULL; 1919 struct mld2_report *pmr; 1920 unsigned int mtu; 1921 1922 if (pmc->mca_flags & MAF_NOREPORT) 1923 return skb; 1924 1925 mtu = READ_ONCE(dev->mtu); 1926 if (mtu < IPV6_MIN_MTU) 1927 return skb; 1928 1929 isquery = type == MLD2_MODE_IS_INCLUDE || 1930 type == MLD2_MODE_IS_EXCLUDE; 1931 truncate = type == MLD2_MODE_IS_EXCLUDE || 1932 type == MLD2_CHANGE_TO_EXCLUDE; 1933 1934 stotal = scount = 0; 1935 1936 psf_list = sdeleted ? &pmc->mca_tomb : &pmc->mca_sources; 1937 1938 if (!rcu_access_pointer(*psf_list)) 1939 goto empty_source; 1940 1941 pmr = skb ? (struct mld2_report *)skb_transport_header(skb) : NULL; 1942 1943 /* EX and TO_EX get a fresh packet, if needed */ 1944 if (truncate) { 1945 if (pmr && pmr->mld2r_ngrec && 1946 AVAILABLE(skb) < grec_size(pmc, type, gdeleted, sdeleted)) { 1947 if (skb) 1948 mld_sendpack(skb); 1949 skb = mld_newpack(idev, mtu); 1950 } 1951 } 1952 first = 1; 1953 psf_prev = NULL; 1954 for (psf = mc_dereference(*psf_list, idev); 1955 psf; 1956 psf = psf_next) { 1957 struct in6_addr *psrc; 1958 1959 psf_next = mc_dereference(psf->sf_next, idev); 1960 1961 if (!is_in(pmc, psf, type, gdeleted, sdeleted) && !crsend) { 1962 psf_prev = psf; 1963 continue; 1964 } 1965 1966 /* Based on RFC3810 6.1. Should not send source-list change 1967 * records when there is a filter mode change. 1968 */ 1969 if (((gdeleted && pmc->mca_sfmode == MCAST_EXCLUDE) || 1970 (!gdeleted && pmc->mca_crcount)) && 1971 (type == MLD2_ALLOW_NEW_SOURCES || 1972 type == MLD2_BLOCK_OLD_SOURCES) && psf->sf_crcount) 1973 goto decrease_sf_crcount; 1974 1975 /* clear marks on query responses */ 1976 if (isquery) 1977 psf->sf_gsresp = 0; 1978 1979 if (AVAILABLE(skb) < sizeof(*psrc) + 1980 first*sizeof(struct mld2_grec)) { 1981 if (truncate && !first) 1982 break; /* truncate these */ 1983 if (pgr) 1984 pgr->grec_nsrcs = htons(scount); 1985 if (skb) 1986 mld_sendpack(skb); 1987 skb = mld_newpack(idev, mtu); 1988 first = 1; 1989 scount = 0; 1990 } 1991 if (first) { 1992 skb = add_grhead(skb, pmc, type, &pgr, mtu); 1993 first = 0; 1994 } 1995 if (!skb) 1996 return NULL; 1997 psrc = skb_put(skb, sizeof(*psrc)); 1998 *psrc = psf->sf_addr; 1999 scount++; stotal++; 2000 if ((type == MLD2_ALLOW_NEW_SOURCES || 2001 type == MLD2_BLOCK_OLD_SOURCES) && psf->sf_crcount) { 2002 decrease_sf_crcount: 2003 psf->sf_crcount--; 2004 if ((sdeleted || gdeleted) && psf->sf_crcount == 0) { 2005 if (psf_prev) 2006 rcu_assign_pointer(psf_prev->sf_next, 2007 mc_dereference(psf->sf_next, idev)); 2008 else 2009 rcu_assign_pointer(*psf_list, 2010 mc_dereference(psf->sf_next, idev)); 2011 kfree_rcu(psf, rcu); 2012 continue; 2013 } 2014 } 2015 psf_prev = psf; 2016 } 2017 2018 empty_source: 2019 if (!stotal) { 2020 if (type == MLD2_ALLOW_NEW_SOURCES || 2021 type == MLD2_BLOCK_OLD_SOURCES) 2022 return skb; 2023 if (pmc->mca_crcount || isquery || crsend) { 2024 /* make sure we have room for group header */ 2025 if (skb && AVAILABLE(skb) < sizeof(struct mld2_grec)) { 2026 mld_sendpack(skb); 2027 skb = NULL; /* add_grhead will get a new one */ 2028 } 2029 skb = add_grhead(skb, pmc, type, &pgr, mtu); 2030 } 2031 } 2032 if (pgr) 2033 pgr->grec_nsrcs = htons(scount); 2034 2035 if (isquery) 2036 pmc->mca_flags &= ~MAF_GSQUERY; /* clear query state */ 2037 return skb; 2038 } 2039 2040 /* called with mc_lock */ 2041 static void mld_send_report(struct inet6_dev *idev, struct ifmcaddr6 *pmc) 2042 { 2043 struct sk_buff *skb = NULL; 2044 int type; 2045 2046 if (!pmc) { 2047 for_each_mc_mclock(idev, pmc) { 2048 if (pmc->mca_flags & MAF_NOREPORT) 2049 continue; 2050 if (pmc->mca_sfcount[MCAST_EXCLUDE]) 2051 type = MLD2_MODE_IS_EXCLUDE; 2052 else 2053 type = MLD2_MODE_IS_INCLUDE; 2054 skb = add_grec(skb, pmc, type, 0, 0, 0); 2055 } 2056 } else { 2057 if (pmc->mca_sfcount[MCAST_EXCLUDE]) 2058 type = MLD2_MODE_IS_EXCLUDE; 2059 else 2060 type = MLD2_MODE_IS_INCLUDE; 2061 skb = add_grec(skb, pmc, type, 0, 0, 0); 2062 } 2063 if (skb) 2064 mld_sendpack(skb); 2065 } 2066 2067 /* 2068 * remove zero-count source records from a source filter list 2069 * called with mc_lock 2070 */ 2071 static void mld_clear_zeros(struct ip6_sf_list __rcu **ppsf, struct inet6_dev *idev) 2072 { 2073 struct ip6_sf_list *psf_prev, *psf_next, *psf; 2074 2075 psf_prev = NULL; 2076 for (psf = mc_dereference(*ppsf, idev); 2077 psf; 2078 psf = psf_next) { 2079 psf_next = mc_dereference(psf->sf_next, idev); 2080 if (psf->sf_crcount == 0) { 2081 if (psf_prev) 2082 rcu_assign_pointer(psf_prev->sf_next, 2083 mc_dereference(psf->sf_next, idev)); 2084 else 2085 rcu_assign_pointer(*ppsf, 2086 mc_dereference(psf->sf_next, idev)); 2087 kfree_rcu(psf, rcu); 2088 } else { 2089 psf_prev = psf; 2090 } 2091 } 2092 } 2093 2094 /* called with mc_lock */ 2095 static void mld_send_cr(struct inet6_dev *idev) 2096 { 2097 struct ifmcaddr6 *pmc, *pmc_prev, *pmc_next; 2098 struct sk_buff *skb = NULL; 2099 int type, dtype; 2100 2101 /* deleted MCA's */ 2102 pmc_prev = NULL; 2103 for (pmc = mc_dereference(idev->mc_tomb, idev); 2104 pmc; 2105 pmc = pmc_next) { 2106 pmc_next = mc_dereference(pmc->next, idev); 2107 if (pmc->mca_sfmode == MCAST_INCLUDE) { 2108 type = MLD2_BLOCK_OLD_SOURCES; 2109 dtype = MLD2_BLOCK_OLD_SOURCES; 2110 skb = add_grec(skb, pmc, type, 1, 0, 0); 2111 skb = add_grec(skb, pmc, dtype, 1, 1, 0); 2112 } 2113 if (pmc->mca_crcount) { 2114 if (pmc->mca_sfmode == MCAST_EXCLUDE) { 2115 type = MLD2_CHANGE_TO_INCLUDE; 2116 skb = add_grec(skb, pmc, type, 1, 0, 0); 2117 } 2118 pmc->mca_crcount--; 2119 if (pmc->mca_crcount == 0) { 2120 mld_clear_zeros(&pmc->mca_tomb, idev); 2121 mld_clear_zeros(&pmc->mca_sources, idev); 2122 } 2123 } 2124 if (pmc->mca_crcount == 0 && 2125 !rcu_access_pointer(pmc->mca_tomb) && 2126 !rcu_access_pointer(pmc->mca_sources)) { 2127 if (pmc_prev) 2128 rcu_assign_pointer(pmc_prev->next, pmc_next); 2129 else 2130 rcu_assign_pointer(idev->mc_tomb, pmc_next); 2131 in6_dev_put(pmc->idev); 2132 kfree_rcu(pmc, rcu); 2133 } else 2134 pmc_prev = pmc; 2135 } 2136 2137 /* change recs */ 2138 for_each_mc_mclock(idev, pmc) { 2139 if (pmc->mca_sfcount[MCAST_EXCLUDE]) { 2140 type = MLD2_BLOCK_OLD_SOURCES; 2141 dtype = MLD2_ALLOW_NEW_SOURCES; 2142 } else { 2143 type = MLD2_ALLOW_NEW_SOURCES; 2144 dtype = MLD2_BLOCK_OLD_SOURCES; 2145 } 2146 skb = add_grec(skb, pmc, type, 0, 0, 0); 2147 skb = add_grec(skb, pmc, dtype, 0, 1, 0); /* deleted sources */ 2148 2149 /* filter mode changes */ 2150 if (pmc->mca_crcount) { 2151 if (pmc->mca_sfmode == MCAST_EXCLUDE) 2152 type = MLD2_CHANGE_TO_EXCLUDE; 2153 else 2154 type = MLD2_CHANGE_TO_INCLUDE; 2155 skb = add_grec(skb, pmc, type, 0, 0, 0); 2156 pmc->mca_crcount--; 2157 } 2158 } 2159 if (!skb) 2160 return; 2161 (void) mld_sendpack(skb); 2162 } 2163 2164 static void igmp6_send(struct in6_addr *addr, struct net_device *dev, int type) 2165 { 2166 struct net *net = dev_net(dev); 2167 struct sock *sk = net->ipv6.igmp_sk; 2168 struct inet6_dev *idev; 2169 struct sk_buff *skb; 2170 struct mld_msg *hdr; 2171 const struct in6_addr *snd_addr, *saddr; 2172 struct in6_addr addr_buf; 2173 int hlen = LL_RESERVED_SPACE(dev); 2174 int tlen = dev->needed_tailroom; 2175 int err, len, payload_len, full_len; 2176 u8 ra[8] = { IPPROTO_ICMPV6, 0, 2177 IPV6_TLV_ROUTERALERT, 2, 0, 0, 2178 IPV6_TLV_PADN, 0 }; 2179 struct flowi6 fl6; 2180 struct dst_entry *dst; 2181 2182 if (type == ICMPV6_MGM_REDUCTION) 2183 snd_addr = &in6addr_linklocal_allrouters; 2184 else 2185 snd_addr = addr; 2186 2187 len = sizeof(struct icmp6hdr) + sizeof(struct in6_addr); 2188 payload_len = len + sizeof(ra); 2189 full_len = sizeof(struct ipv6hdr) + payload_len; 2190 2191 rcu_read_lock(); 2192 IP6_INC_STATS(net, __in6_dev_get(dev), IPSTATS_MIB_OUTREQUESTS); 2193 rcu_read_unlock(); 2194 2195 skb = sock_alloc_send_skb(sk, hlen + tlen + full_len, 1, &err); 2196 2197 if (!skb) { 2198 rcu_read_lock(); 2199 IP6_INC_STATS(net, __in6_dev_get(dev), 2200 IPSTATS_MIB_OUTDISCARDS); 2201 rcu_read_unlock(); 2202 return; 2203 } 2204 skb->priority = TC_PRIO_CONTROL; 2205 skb_reserve(skb, hlen); 2206 2207 if (ipv6_get_lladdr(dev, &addr_buf, IFA_F_TENTATIVE)) { 2208 /* <draft-ietf-magma-mld-source-05.txt>: 2209 * use unspecified address as the source address 2210 * when a valid link-local address is not available. 2211 */ 2212 saddr = &in6addr_any; 2213 } else 2214 saddr = &addr_buf; 2215 2216 ip6_mc_hdr(sk, skb, dev, saddr, snd_addr, NEXTHDR_HOP, payload_len); 2217 2218 skb_put_data(skb, ra, sizeof(ra)); 2219 2220 hdr = skb_put_zero(skb, sizeof(struct mld_msg)); 2221 hdr->mld_type = type; 2222 hdr->mld_mca = *addr; 2223 2224 hdr->mld_cksum = csum_ipv6_magic(saddr, snd_addr, len, 2225 IPPROTO_ICMPV6, 2226 csum_partial(hdr, len, 0)); 2227 2228 rcu_read_lock(); 2229 idev = __in6_dev_get(skb->dev); 2230 2231 icmpv6_flow_init(sk, &fl6, type, 2232 &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr, 2233 skb->dev->ifindex); 2234 dst = icmp6_dst_alloc(skb->dev, &fl6); 2235 if (IS_ERR(dst)) { 2236 err = PTR_ERR(dst); 2237 goto err_out; 2238 } 2239 2240 skb_dst_set(skb, dst); 2241 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, 2242 net, sk, skb, NULL, skb->dev, 2243 dst_output); 2244 out: 2245 if (!err) { 2246 ICMP6MSGOUT_INC_STATS(net, idev, type); 2247 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS); 2248 } else 2249 IP6_INC_STATS(net, idev, IPSTATS_MIB_OUTDISCARDS); 2250 2251 rcu_read_unlock(); 2252 return; 2253 2254 err_out: 2255 kfree_skb(skb); 2256 goto out; 2257 } 2258 2259 /* called with mc_lock */ 2260 static void mld_send_initial_cr(struct inet6_dev *idev) 2261 { 2262 struct sk_buff *skb; 2263 struct ifmcaddr6 *pmc; 2264 int type; 2265 2266 if (mld_in_v1_mode(idev)) 2267 return; 2268 2269 skb = NULL; 2270 for_each_mc_mclock(idev, pmc) { 2271 if (pmc->mca_sfcount[MCAST_EXCLUDE]) 2272 type = MLD2_CHANGE_TO_EXCLUDE; 2273 else 2274 type = MLD2_ALLOW_NEW_SOURCES; 2275 skb = add_grec(skb, pmc, type, 0, 0, 1); 2276 } 2277 if (skb) 2278 mld_sendpack(skb); 2279 } 2280 2281 void ipv6_mc_dad_complete(struct inet6_dev *idev) 2282 { 2283 mutex_lock(&idev->mc_lock); 2284 idev->mc_dad_count = idev->mc_qrv; 2285 if (idev->mc_dad_count) { 2286 mld_send_initial_cr(idev); 2287 idev->mc_dad_count--; 2288 if (idev->mc_dad_count) 2289 mld_dad_start_work(idev, 2290 unsolicited_report_interval(idev)); 2291 } 2292 mutex_unlock(&idev->mc_lock); 2293 } 2294 2295 static void mld_dad_work(struct work_struct *work) 2296 { 2297 struct inet6_dev *idev = container_of(to_delayed_work(work), 2298 struct inet6_dev, 2299 mc_dad_work); 2300 mutex_lock(&idev->mc_lock); 2301 mld_send_initial_cr(idev); 2302 if (idev->mc_dad_count) { 2303 idev->mc_dad_count--; 2304 if (idev->mc_dad_count) 2305 mld_dad_start_work(idev, 2306 unsolicited_report_interval(idev)); 2307 } 2308 mutex_unlock(&idev->mc_lock); 2309 in6_dev_put(idev); 2310 } 2311 2312 /* called with mc_lock */ 2313 static int ip6_mc_del1_src(struct ifmcaddr6 *pmc, int sfmode, 2314 const struct in6_addr *psfsrc) 2315 { 2316 struct ip6_sf_list *psf, *psf_prev; 2317 int rv = 0; 2318 2319 psf_prev = NULL; 2320 for_each_psf_mclock(pmc, psf) { 2321 if (ipv6_addr_equal(&psf->sf_addr, psfsrc)) 2322 break; 2323 psf_prev = psf; 2324 } 2325 if (!psf || psf->sf_count[sfmode] == 0) { 2326 /* source filter not found, or count wrong => bug */ 2327 return -ESRCH; 2328 } 2329 WRITE_ONCE(psf->sf_count[sfmode], psf->sf_count[sfmode] - 1); 2330 if (!psf->sf_count[MCAST_INCLUDE] && !psf->sf_count[MCAST_EXCLUDE]) { 2331 struct inet6_dev *idev = pmc->idev; 2332 2333 /* no more filters for this source */ 2334 if (psf_prev) 2335 rcu_assign_pointer(psf_prev->sf_next, 2336 mc_dereference(psf->sf_next, idev)); 2337 else 2338 rcu_assign_pointer(pmc->mca_sources, 2339 mc_dereference(psf->sf_next, idev)); 2340 2341 if (psf->sf_oldin && !(pmc->mca_flags & MAF_NOREPORT) && 2342 !mld_in_v1_mode(idev)) { 2343 psf->sf_crcount = idev->mc_qrv; 2344 rcu_assign_pointer(psf->sf_next, 2345 mc_dereference(pmc->mca_tomb, idev)); 2346 rcu_assign_pointer(pmc->mca_tomb, psf); 2347 rv = 1; 2348 } else { 2349 kfree_rcu(psf, rcu); 2350 } 2351 } 2352 return rv; 2353 } 2354 2355 /* called with mc_lock */ 2356 static int ip6_mc_del_src(struct inet6_dev *idev, const struct in6_addr *pmca, 2357 int sfmode, int sfcount, const struct in6_addr *psfsrc, 2358 int delta) 2359 { 2360 struct ifmcaddr6 *pmc; 2361 int changerec = 0; 2362 int i, err; 2363 2364 if (!idev) 2365 return -ENODEV; 2366 2367 for_each_mc_mclock(idev, pmc) { 2368 if (ipv6_addr_equal(pmca, &pmc->mca_addr)) 2369 break; 2370 } 2371 if (!pmc) 2372 return -ESRCH; 2373 2374 sf_markstate(pmc); 2375 if (!delta) { 2376 if (!pmc->mca_sfcount[sfmode]) 2377 return -EINVAL; 2378 2379 pmc->mca_sfcount[sfmode]--; 2380 } 2381 err = 0; 2382 for (i = 0; i < sfcount; i++) { 2383 int rv = ip6_mc_del1_src(pmc, sfmode, &psfsrc[i]); 2384 2385 changerec |= rv > 0; 2386 if (!err && rv < 0) 2387 err = rv; 2388 } 2389 if (pmc->mca_sfmode == MCAST_EXCLUDE && 2390 pmc->mca_sfcount[MCAST_EXCLUDE] == 0 && 2391 pmc->mca_sfcount[MCAST_INCLUDE]) { 2392 struct ip6_sf_list *psf; 2393 2394 /* filter mode change */ 2395 pmc->mca_sfmode = MCAST_INCLUDE; 2396 pmc->mca_crcount = idev->mc_qrv; 2397 idev->mc_ifc_count = pmc->mca_crcount; 2398 for_each_psf_mclock(pmc, psf) 2399 psf->sf_crcount = 0; 2400 mld_ifc_event(pmc->idev); 2401 } else if (sf_setstate(pmc) || changerec) { 2402 mld_ifc_event(pmc->idev); 2403 } 2404 2405 return err; 2406 } 2407 2408 /* 2409 * Add multicast single-source filter to the interface list 2410 * called with mc_lock 2411 */ 2412 static int ip6_mc_add1_src(struct ifmcaddr6 *pmc, int sfmode, 2413 const struct in6_addr *psfsrc) 2414 { 2415 struct ip6_sf_list *psf, *psf_prev; 2416 2417 psf_prev = NULL; 2418 for_each_psf_mclock(pmc, psf) { 2419 if (ipv6_addr_equal(&psf->sf_addr, psfsrc)) 2420 break; 2421 psf_prev = psf; 2422 } 2423 if (!psf) { 2424 psf = kzalloc(sizeof(*psf), GFP_KERNEL); 2425 if (!psf) 2426 return -ENOBUFS; 2427 2428 psf->sf_addr = *psfsrc; 2429 if (psf_prev) { 2430 rcu_assign_pointer(psf_prev->sf_next, psf); 2431 } else { 2432 rcu_assign_pointer(pmc->mca_sources, psf); 2433 } 2434 } 2435 WRITE_ONCE(psf->sf_count[sfmode], psf->sf_count[sfmode] + 1); 2436 return 0; 2437 } 2438 2439 /* called with mc_lock */ 2440 static void sf_markstate(struct ifmcaddr6 *pmc) 2441 { 2442 struct ip6_sf_list *psf; 2443 int mca_xcount = pmc->mca_sfcount[MCAST_EXCLUDE]; 2444 2445 for_each_psf_mclock(pmc, psf) { 2446 if (pmc->mca_sfcount[MCAST_EXCLUDE]) { 2447 psf->sf_oldin = mca_xcount == 2448 psf->sf_count[MCAST_EXCLUDE] && 2449 !psf->sf_count[MCAST_INCLUDE]; 2450 } else { 2451 psf->sf_oldin = psf->sf_count[MCAST_INCLUDE] != 0; 2452 } 2453 } 2454 } 2455 2456 /* called with mc_lock */ 2457 static int sf_setstate(struct ifmcaddr6 *pmc) 2458 { 2459 struct ip6_sf_list *psf, *dpsf; 2460 int mca_xcount = pmc->mca_sfcount[MCAST_EXCLUDE]; 2461 int qrv = pmc->idev->mc_qrv; 2462 int new_in, rv; 2463 2464 rv = 0; 2465 for_each_psf_mclock(pmc, psf) { 2466 if (pmc->mca_sfcount[MCAST_EXCLUDE]) { 2467 new_in = mca_xcount == psf->sf_count[MCAST_EXCLUDE] && 2468 !psf->sf_count[MCAST_INCLUDE]; 2469 } else 2470 new_in = psf->sf_count[MCAST_INCLUDE] != 0; 2471 if (new_in) { 2472 if (!psf->sf_oldin) { 2473 struct ip6_sf_list *prev = NULL; 2474 2475 for_each_psf_tomb(pmc, dpsf) { 2476 if (ipv6_addr_equal(&dpsf->sf_addr, 2477 &psf->sf_addr)) 2478 break; 2479 prev = dpsf; 2480 } 2481 if (dpsf) { 2482 if (prev) 2483 rcu_assign_pointer(prev->sf_next, 2484 mc_dereference(dpsf->sf_next, 2485 pmc->idev)); 2486 else 2487 rcu_assign_pointer(pmc->mca_tomb, 2488 mc_dereference(dpsf->sf_next, 2489 pmc->idev)); 2490 kfree_rcu(dpsf, rcu); 2491 } 2492 psf->sf_crcount = qrv; 2493 rv++; 2494 } 2495 } else if (psf->sf_oldin) { 2496 psf->sf_crcount = 0; 2497 /* 2498 * add or update "delete" records if an active filter 2499 * is now inactive 2500 */ 2501 2502 for_each_psf_tomb(pmc, dpsf) 2503 if (ipv6_addr_equal(&dpsf->sf_addr, 2504 &psf->sf_addr)) 2505 break; 2506 if (!dpsf) { 2507 dpsf = kmalloc(sizeof(*dpsf), GFP_KERNEL); 2508 if (!dpsf) 2509 continue; 2510 *dpsf = *psf; 2511 rcu_assign_pointer(dpsf->sf_next, 2512 mc_dereference(pmc->mca_tomb, pmc->idev)); 2513 rcu_assign_pointer(pmc->mca_tomb, dpsf); 2514 } 2515 dpsf->sf_crcount = qrv; 2516 rv++; 2517 } 2518 } 2519 return rv; 2520 } 2521 2522 /* 2523 * Add multicast source filter list to the interface list 2524 * called with mc_lock 2525 */ 2526 static int ip6_mc_add_src(struct inet6_dev *idev, const struct in6_addr *pmca, 2527 int sfmode, int sfcount, const struct in6_addr *psfsrc, 2528 int delta) 2529 { 2530 struct ifmcaddr6 *pmc; 2531 int isexclude; 2532 int i, err; 2533 2534 if (!idev) 2535 return -ENODEV; 2536 2537 for_each_mc_mclock(idev, pmc) { 2538 if (ipv6_addr_equal(pmca, &pmc->mca_addr)) 2539 break; 2540 } 2541 if (!pmc) 2542 return -ESRCH; 2543 2544 sf_markstate(pmc); 2545 isexclude = pmc->mca_sfmode == MCAST_EXCLUDE; 2546 if (!delta) 2547 WRITE_ONCE(pmc->mca_sfcount[sfmode], 2548 pmc->mca_sfcount[sfmode] + 1); 2549 err = 0; 2550 for (i = 0; i < sfcount; i++) { 2551 err = ip6_mc_add1_src(pmc, sfmode, &psfsrc[i]); 2552 if (err) 2553 break; 2554 } 2555 if (err) { 2556 int j; 2557 2558 if (!delta) 2559 WRITE_ONCE(pmc->mca_sfcount[sfmode], 2560 pmc->mca_sfcount[sfmode] - 1); 2561 for (j = 0; j < i; j++) 2562 ip6_mc_del1_src(pmc, sfmode, &psfsrc[j]); 2563 } else if (isexclude != (pmc->mca_sfcount[MCAST_EXCLUDE] != 0)) { 2564 struct ip6_sf_list *psf; 2565 2566 /* filter mode change */ 2567 if (pmc->mca_sfcount[MCAST_EXCLUDE]) 2568 pmc->mca_sfmode = MCAST_EXCLUDE; 2569 else if (pmc->mca_sfcount[MCAST_INCLUDE]) 2570 pmc->mca_sfmode = MCAST_INCLUDE; 2571 /* else no filters; keep old mode for reports */ 2572 2573 pmc->mca_crcount = idev->mc_qrv; 2574 idev->mc_ifc_count = pmc->mca_crcount; 2575 for_each_psf_mclock(pmc, psf) 2576 psf->sf_crcount = 0; 2577 mld_ifc_event(idev); 2578 } else if (sf_setstate(pmc)) { 2579 mld_ifc_event(idev); 2580 } 2581 return err; 2582 } 2583 2584 /* called with mc_lock */ 2585 static void ip6_mc_clear_src(struct ifmcaddr6 *pmc) 2586 { 2587 struct ip6_sf_list *psf, *nextpsf; 2588 2589 for (psf = mc_dereference(pmc->mca_tomb, pmc->idev); 2590 psf; 2591 psf = nextpsf) { 2592 nextpsf = mc_dereference(psf->sf_next, pmc->idev); 2593 kfree_rcu(psf, rcu); 2594 } 2595 RCU_INIT_POINTER(pmc->mca_tomb, NULL); 2596 for (psf = mc_dereference(pmc->mca_sources, pmc->idev); 2597 psf; 2598 psf = nextpsf) { 2599 nextpsf = mc_dereference(psf->sf_next, pmc->idev); 2600 kfree_rcu(psf, rcu); 2601 } 2602 RCU_INIT_POINTER(pmc->mca_sources, NULL); 2603 pmc->mca_sfmode = MCAST_EXCLUDE; 2604 pmc->mca_sfcount[MCAST_INCLUDE] = 0; 2605 /* Paired with the READ_ONCE() from ipv6_chk_mcast_addr() */ 2606 WRITE_ONCE(pmc->mca_sfcount[MCAST_EXCLUDE], 1); 2607 } 2608 2609 /* called with mc_lock */ 2610 static void igmp6_join_group(struct ifmcaddr6 *ma) 2611 { 2612 unsigned long delay; 2613 2614 if (ma->mca_flags & MAF_NOREPORT) 2615 return; 2616 2617 igmp6_send(&ma->mca_addr, ma->idev->dev, ICMPV6_MGM_REPORT); 2618 2619 delay = get_random_u32_below(unsolicited_report_interval(ma->idev)); 2620 2621 if (cancel_delayed_work(&ma->mca_work)) { 2622 refcount_dec(&ma->mca_refcnt); 2623 delay = ma->mca_work.timer.expires - jiffies; 2624 } 2625 2626 if (!mod_delayed_work(mld_wq, &ma->mca_work, delay)) 2627 refcount_inc(&ma->mca_refcnt); 2628 ma->mca_flags |= MAF_TIMER_RUNNING | MAF_LAST_REPORTER; 2629 } 2630 2631 static int ip6_mc_leave_src(struct sock *sk, struct ipv6_mc_socklist *iml, 2632 struct inet6_dev *idev) 2633 { 2634 struct ip6_sf_socklist *psl; 2635 int err; 2636 2637 psl = sock_dereference(iml->sflist, sk); 2638 2639 if (idev) 2640 mutex_lock(&idev->mc_lock); 2641 2642 if (!psl) { 2643 /* any-source empty exclude case */ 2644 err = ip6_mc_del_src(idev, &iml->addr, iml->sfmode, 0, NULL, 0); 2645 } else { 2646 err = ip6_mc_del_src(idev, &iml->addr, iml->sfmode, 2647 psl->sl_count, psl->sl_addr, 0); 2648 RCU_INIT_POINTER(iml->sflist, NULL); 2649 atomic_sub(struct_size(psl, sl_addr, psl->sl_max), 2650 &sk->sk_omem_alloc); 2651 kfree_rcu(psl, rcu); 2652 } 2653 2654 if (idev) 2655 mutex_unlock(&idev->mc_lock); 2656 2657 return err; 2658 } 2659 2660 /* called with mc_lock */ 2661 static void igmp6_leave_group(struct ifmcaddr6 *ma) 2662 { 2663 if (mld_in_v1_mode(ma->idev)) { 2664 if (ma->mca_flags & MAF_LAST_REPORTER) { 2665 igmp6_send(&ma->mca_addr, ma->idev->dev, 2666 ICMPV6_MGM_REDUCTION); 2667 } 2668 } else { 2669 mld_add_delrec(ma->idev, ma); 2670 mld_ifc_event(ma->idev); 2671 } 2672 } 2673 2674 static void mld_gq_work(struct work_struct *work) 2675 { 2676 struct inet6_dev *idev = container_of(to_delayed_work(work), 2677 struct inet6_dev, 2678 mc_gq_work); 2679 2680 mutex_lock(&idev->mc_lock); 2681 mld_send_report(idev, NULL); 2682 idev->mc_gq_running = 0; 2683 mutex_unlock(&idev->mc_lock); 2684 2685 in6_dev_put(idev); 2686 } 2687 2688 static void mld_ifc_work(struct work_struct *work) 2689 { 2690 struct inet6_dev *idev = container_of(to_delayed_work(work), 2691 struct inet6_dev, 2692 mc_ifc_work); 2693 2694 mutex_lock(&idev->mc_lock); 2695 mld_send_cr(idev); 2696 2697 if (idev->mc_ifc_count) { 2698 idev->mc_ifc_count--; 2699 if (idev->mc_ifc_count) 2700 mld_ifc_start_work(idev, 2701 unsolicited_report_interval(idev)); 2702 } 2703 mutex_unlock(&idev->mc_lock); 2704 in6_dev_put(idev); 2705 } 2706 2707 /* called with mc_lock */ 2708 static void mld_ifc_event(struct inet6_dev *idev) 2709 { 2710 if (mld_in_v1_mode(idev)) 2711 return; 2712 2713 idev->mc_ifc_count = idev->mc_qrv; 2714 mld_ifc_start_work(idev, 1); 2715 } 2716 2717 static void mld_mca_work(struct work_struct *work) 2718 { 2719 struct ifmcaddr6 *ma = container_of(to_delayed_work(work), 2720 struct ifmcaddr6, mca_work); 2721 2722 mutex_lock(&ma->idev->mc_lock); 2723 if (mld_in_v1_mode(ma->idev)) 2724 igmp6_send(&ma->mca_addr, ma->idev->dev, ICMPV6_MGM_REPORT); 2725 else 2726 mld_send_report(ma->idev, ma); 2727 ma->mca_flags |= MAF_LAST_REPORTER; 2728 ma->mca_flags &= ~MAF_TIMER_RUNNING; 2729 mutex_unlock(&ma->idev->mc_lock); 2730 2731 ma_put(ma); 2732 } 2733 2734 /* Device changing type */ 2735 2736 void ipv6_mc_unmap(struct inet6_dev *idev) 2737 { 2738 struct ifmcaddr6 *i; 2739 2740 /* Install multicast list, except for all-nodes (already installed) */ 2741 2742 mutex_lock(&idev->mc_lock); 2743 for_each_mc_mclock(idev, i) 2744 igmp6_group_dropped(i); 2745 mutex_unlock(&idev->mc_lock); 2746 } 2747 2748 void ipv6_mc_remap(struct inet6_dev *idev) 2749 { 2750 ipv6_mc_up(idev); 2751 } 2752 2753 /* Device going down */ 2754 void ipv6_mc_down(struct inet6_dev *idev) 2755 { 2756 struct ifmcaddr6 *i; 2757 2758 mutex_lock(&idev->mc_lock); 2759 /* Withdraw multicast list */ 2760 for_each_mc_mclock(idev, i) 2761 igmp6_group_dropped(i); 2762 mutex_unlock(&idev->mc_lock); 2763 2764 /* Should stop work after group drop. or we will 2765 * start work again in mld_ifc_event() 2766 */ 2767 mld_query_stop_work(idev); 2768 mld_report_stop_work(idev); 2769 2770 mutex_lock(&idev->mc_lock); 2771 mld_ifc_stop_work(idev); 2772 mld_gq_stop_work(idev); 2773 mutex_unlock(&idev->mc_lock); 2774 2775 mld_dad_stop_work(idev); 2776 } 2777 2778 static void ipv6_mc_reset(struct inet6_dev *idev) 2779 { 2780 idev->mc_qrv = sysctl_mld_qrv; 2781 idev->mc_qi = MLD_QI_DEFAULT; 2782 idev->mc_qri = MLD_QRI_DEFAULT; 2783 idev->mc_v1_seen = 0; 2784 idev->mc_maxdelay = unsolicited_report_interval(idev); 2785 } 2786 2787 /* Device going up */ 2788 2789 void ipv6_mc_up(struct inet6_dev *idev) 2790 { 2791 struct ifmcaddr6 *i; 2792 2793 /* Install multicast list, except for all-nodes (already installed) */ 2794 2795 ipv6_mc_reset(idev); 2796 mutex_lock(&idev->mc_lock); 2797 for_each_mc_mclock(idev, i) { 2798 mld_del_delrec(idev, i); 2799 igmp6_group_added(i); 2800 } 2801 mutex_unlock(&idev->mc_lock); 2802 } 2803 2804 /* IPv6 device initialization. */ 2805 2806 void ipv6_mc_init_dev(struct inet6_dev *idev) 2807 { 2808 idev->mc_gq_running = 0; 2809 INIT_DELAYED_WORK(&idev->mc_gq_work, mld_gq_work); 2810 RCU_INIT_POINTER(idev->mc_tomb, NULL); 2811 idev->mc_ifc_count = 0; 2812 INIT_DELAYED_WORK(&idev->mc_ifc_work, mld_ifc_work); 2813 INIT_DELAYED_WORK(&idev->mc_dad_work, mld_dad_work); 2814 INIT_DELAYED_WORK(&idev->mc_query_work, mld_query_work); 2815 INIT_DELAYED_WORK(&idev->mc_report_work, mld_report_work); 2816 skb_queue_head_init(&idev->mc_query_queue); 2817 skb_queue_head_init(&idev->mc_report_queue); 2818 spin_lock_init(&idev->mc_query_lock); 2819 spin_lock_init(&idev->mc_report_lock); 2820 mutex_init(&idev->mc_lock); 2821 ipv6_mc_reset(idev); 2822 } 2823 2824 /* 2825 * Device is about to be destroyed: clean up. 2826 */ 2827 2828 void ipv6_mc_destroy_dev(struct inet6_dev *idev) 2829 { 2830 struct ifmcaddr6 *i; 2831 2832 /* Deactivate works */ 2833 ipv6_mc_down(idev); 2834 mutex_lock(&idev->mc_lock); 2835 mld_clear_delrec(idev); 2836 mutex_unlock(&idev->mc_lock); 2837 mld_clear_query(idev); 2838 mld_clear_report(idev); 2839 2840 /* Delete all-nodes address. */ 2841 /* We cannot call ipv6_dev_mc_dec() directly, our caller in 2842 * addrconf.c has NULL'd out dev->ip6_ptr so in6_dev_get() will 2843 * fail. 2844 */ 2845 __ipv6_dev_mc_dec(idev, &in6addr_linklocal_allnodes); 2846 2847 if (idev->cnf.forwarding) 2848 __ipv6_dev_mc_dec(idev, &in6addr_linklocal_allrouters); 2849 2850 mutex_lock(&idev->mc_lock); 2851 while ((i = mc_dereference(idev->mc_list, idev))) { 2852 rcu_assign_pointer(idev->mc_list, mc_dereference(i->next, idev)); 2853 2854 ip6_mc_clear_src(i); 2855 ma_put(i); 2856 } 2857 mutex_unlock(&idev->mc_lock); 2858 } 2859 2860 static void ipv6_mc_rejoin_groups(struct inet6_dev *idev) 2861 { 2862 struct ifmcaddr6 *pmc; 2863 2864 ASSERT_RTNL(); 2865 2866 mutex_lock(&idev->mc_lock); 2867 if (mld_in_v1_mode(idev)) { 2868 for_each_mc_mclock(idev, pmc) 2869 igmp6_join_group(pmc); 2870 } else { 2871 mld_send_report(idev, NULL); 2872 } 2873 mutex_unlock(&idev->mc_lock); 2874 } 2875 2876 static int ipv6_mc_netdev_event(struct notifier_block *this, 2877 unsigned long event, 2878 void *ptr) 2879 { 2880 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 2881 struct inet6_dev *idev = __in6_dev_get(dev); 2882 2883 switch (event) { 2884 case NETDEV_RESEND_IGMP: 2885 if (idev) 2886 ipv6_mc_rejoin_groups(idev); 2887 break; 2888 default: 2889 break; 2890 } 2891 2892 return NOTIFY_DONE; 2893 } 2894 2895 static struct notifier_block igmp6_netdev_notifier = { 2896 .notifier_call = ipv6_mc_netdev_event, 2897 }; 2898 2899 #ifdef CONFIG_PROC_FS 2900 struct igmp6_mc_iter_state { 2901 struct seq_net_private p; 2902 struct net_device *dev; 2903 struct inet6_dev *idev; 2904 }; 2905 2906 #define igmp6_mc_seq_private(seq) ((struct igmp6_mc_iter_state *)(seq)->private) 2907 2908 static inline struct ifmcaddr6 *igmp6_mc_get_first(struct seq_file *seq) 2909 { 2910 struct ifmcaddr6 *im = NULL; 2911 struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); 2912 struct net *net = seq_file_net(seq); 2913 2914 state->idev = NULL; 2915 for_each_netdev_rcu(net, state->dev) { 2916 struct inet6_dev *idev; 2917 idev = __in6_dev_get(state->dev); 2918 if (!idev) 2919 continue; 2920 2921 im = rcu_dereference(idev->mc_list); 2922 if (im) { 2923 state->idev = idev; 2924 break; 2925 } 2926 } 2927 return im; 2928 } 2929 2930 static struct ifmcaddr6 *igmp6_mc_get_next(struct seq_file *seq, struct ifmcaddr6 *im) 2931 { 2932 struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); 2933 2934 im = rcu_dereference(im->next); 2935 while (!im) { 2936 state->dev = next_net_device_rcu(state->dev); 2937 if (!state->dev) { 2938 state->idev = NULL; 2939 break; 2940 } 2941 state->idev = __in6_dev_get(state->dev); 2942 if (!state->idev) 2943 continue; 2944 im = rcu_dereference(state->idev->mc_list); 2945 } 2946 return im; 2947 } 2948 2949 static struct ifmcaddr6 *igmp6_mc_get_idx(struct seq_file *seq, loff_t pos) 2950 { 2951 struct ifmcaddr6 *im = igmp6_mc_get_first(seq); 2952 if (im) 2953 while (pos && (im = igmp6_mc_get_next(seq, im)) != NULL) 2954 --pos; 2955 return pos ? NULL : im; 2956 } 2957 2958 static void *igmp6_mc_seq_start(struct seq_file *seq, loff_t *pos) 2959 __acquires(RCU) 2960 { 2961 rcu_read_lock(); 2962 return igmp6_mc_get_idx(seq, *pos); 2963 } 2964 2965 static void *igmp6_mc_seq_next(struct seq_file *seq, void *v, loff_t *pos) 2966 { 2967 struct ifmcaddr6 *im = igmp6_mc_get_next(seq, v); 2968 2969 ++*pos; 2970 return im; 2971 } 2972 2973 static void igmp6_mc_seq_stop(struct seq_file *seq, void *v) 2974 __releases(RCU) 2975 { 2976 struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); 2977 2978 if (likely(state->idev)) 2979 state->idev = NULL; 2980 state->dev = NULL; 2981 rcu_read_unlock(); 2982 } 2983 2984 static int igmp6_mc_seq_show(struct seq_file *seq, void *v) 2985 { 2986 struct ifmcaddr6 *im = (struct ifmcaddr6 *)v; 2987 struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); 2988 2989 seq_printf(seq, 2990 "%-4d %-15s %pi6 %5d %08X %ld\n", 2991 state->dev->ifindex, state->dev->name, 2992 &im->mca_addr, 2993 im->mca_users, im->mca_flags, 2994 (im->mca_flags & MAF_TIMER_RUNNING) ? 2995 jiffies_to_clock_t(im->mca_work.timer.expires - jiffies) : 0); 2996 return 0; 2997 } 2998 2999 static const struct seq_operations igmp6_mc_seq_ops = { 3000 .start = igmp6_mc_seq_start, 3001 .next = igmp6_mc_seq_next, 3002 .stop = igmp6_mc_seq_stop, 3003 .show = igmp6_mc_seq_show, 3004 }; 3005 3006 struct igmp6_mcf_iter_state { 3007 struct seq_net_private p; 3008 struct net_device *dev; 3009 struct inet6_dev *idev; 3010 struct ifmcaddr6 *im; 3011 }; 3012 3013 #define igmp6_mcf_seq_private(seq) ((struct igmp6_mcf_iter_state *)(seq)->private) 3014 3015 static inline struct ip6_sf_list *igmp6_mcf_get_first(struct seq_file *seq) 3016 { 3017 struct ip6_sf_list *psf = NULL; 3018 struct ifmcaddr6 *im = NULL; 3019 struct igmp6_mcf_iter_state *state = igmp6_mcf_seq_private(seq); 3020 struct net *net = seq_file_net(seq); 3021 3022 state->idev = NULL; 3023 state->im = NULL; 3024 for_each_netdev_rcu(net, state->dev) { 3025 struct inet6_dev *idev; 3026 idev = __in6_dev_get(state->dev); 3027 if (unlikely(idev == NULL)) 3028 continue; 3029 3030 im = rcu_dereference(idev->mc_list); 3031 if (likely(im)) { 3032 psf = rcu_dereference(im->mca_sources); 3033 if (likely(psf)) { 3034 state->im = im; 3035 state->idev = idev; 3036 break; 3037 } 3038 } 3039 } 3040 return psf; 3041 } 3042 3043 static struct ip6_sf_list *igmp6_mcf_get_next(struct seq_file *seq, struct ip6_sf_list *psf) 3044 { 3045 struct igmp6_mcf_iter_state *state = igmp6_mcf_seq_private(seq); 3046 3047 psf = rcu_dereference(psf->sf_next); 3048 while (!psf) { 3049 state->im = rcu_dereference(state->im->next); 3050 while (!state->im) { 3051 state->dev = next_net_device_rcu(state->dev); 3052 if (!state->dev) { 3053 state->idev = NULL; 3054 goto out; 3055 } 3056 state->idev = __in6_dev_get(state->dev); 3057 if (!state->idev) 3058 continue; 3059 state->im = rcu_dereference(state->idev->mc_list); 3060 } 3061 psf = rcu_dereference(state->im->mca_sources); 3062 } 3063 out: 3064 return psf; 3065 } 3066 3067 static struct ip6_sf_list *igmp6_mcf_get_idx(struct seq_file *seq, loff_t pos) 3068 { 3069 struct ip6_sf_list *psf = igmp6_mcf_get_first(seq); 3070 if (psf) 3071 while (pos && (psf = igmp6_mcf_get_next(seq, psf)) != NULL) 3072 --pos; 3073 return pos ? NULL : psf; 3074 } 3075 3076 static void *igmp6_mcf_seq_start(struct seq_file *seq, loff_t *pos) 3077 __acquires(RCU) 3078 { 3079 rcu_read_lock(); 3080 return *pos ? igmp6_mcf_get_idx(seq, *pos - 1) : SEQ_START_TOKEN; 3081 } 3082 3083 static void *igmp6_mcf_seq_next(struct seq_file *seq, void *v, loff_t *pos) 3084 { 3085 struct ip6_sf_list *psf; 3086 if (v == SEQ_START_TOKEN) 3087 psf = igmp6_mcf_get_first(seq); 3088 else 3089 psf = igmp6_mcf_get_next(seq, v); 3090 ++*pos; 3091 return psf; 3092 } 3093 3094 static void igmp6_mcf_seq_stop(struct seq_file *seq, void *v) 3095 __releases(RCU) 3096 { 3097 struct igmp6_mcf_iter_state *state = igmp6_mcf_seq_private(seq); 3098 3099 if (likely(state->im)) 3100 state->im = NULL; 3101 if (likely(state->idev)) 3102 state->idev = NULL; 3103 3104 state->dev = NULL; 3105 rcu_read_unlock(); 3106 } 3107 3108 static int igmp6_mcf_seq_show(struct seq_file *seq, void *v) 3109 { 3110 struct ip6_sf_list *psf = (struct ip6_sf_list *)v; 3111 struct igmp6_mcf_iter_state *state = igmp6_mcf_seq_private(seq); 3112 3113 if (v == SEQ_START_TOKEN) { 3114 seq_puts(seq, "Idx Device Multicast Address Source Address INC EXC\n"); 3115 } else { 3116 seq_printf(seq, 3117 "%3d %6.6s %pi6 %pi6 %6lu %6lu\n", 3118 state->dev->ifindex, state->dev->name, 3119 &state->im->mca_addr, 3120 &psf->sf_addr, 3121 READ_ONCE(psf->sf_count[MCAST_INCLUDE]), 3122 READ_ONCE(psf->sf_count[MCAST_EXCLUDE])); 3123 } 3124 return 0; 3125 } 3126 3127 static const struct seq_operations igmp6_mcf_seq_ops = { 3128 .start = igmp6_mcf_seq_start, 3129 .next = igmp6_mcf_seq_next, 3130 .stop = igmp6_mcf_seq_stop, 3131 .show = igmp6_mcf_seq_show, 3132 }; 3133 3134 static int __net_init igmp6_proc_init(struct net *net) 3135 { 3136 int err; 3137 3138 err = -ENOMEM; 3139 if (!proc_create_net("igmp6", 0444, net->proc_net, &igmp6_mc_seq_ops, 3140 sizeof(struct igmp6_mc_iter_state))) 3141 goto out; 3142 if (!proc_create_net("mcfilter6", 0444, net->proc_net, 3143 &igmp6_mcf_seq_ops, 3144 sizeof(struct igmp6_mcf_iter_state))) 3145 goto out_proc_net_igmp6; 3146 3147 err = 0; 3148 out: 3149 return err; 3150 3151 out_proc_net_igmp6: 3152 remove_proc_entry("igmp6", net->proc_net); 3153 goto out; 3154 } 3155 3156 static void __net_exit igmp6_proc_exit(struct net *net) 3157 { 3158 remove_proc_entry("mcfilter6", net->proc_net); 3159 remove_proc_entry("igmp6", net->proc_net); 3160 } 3161 #else 3162 static inline int igmp6_proc_init(struct net *net) 3163 { 3164 return 0; 3165 } 3166 static inline void igmp6_proc_exit(struct net *net) 3167 { 3168 } 3169 #endif 3170 3171 static int __net_init igmp6_net_init(struct net *net) 3172 { 3173 int err; 3174 3175 err = inet_ctl_sock_create(&net->ipv6.igmp_sk, PF_INET6, 3176 SOCK_RAW, IPPROTO_ICMPV6, net); 3177 if (err < 0) { 3178 pr_err("Failed to initialize the IGMP6 control socket (err %d)\n", 3179 err); 3180 goto out; 3181 } 3182 3183 inet6_sk(net->ipv6.igmp_sk)->hop_limit = 1; 3184 net->ipv6.igmp_sk->sk_allocation = GFP_KERNEL; 3185 3186 err = inet_ctl_sock_create(&net->ipv6.mc_autojoin_sk, PF_INET6, 3187 SOCK_RAW, IPPROTO_ICMPV6, net); 3188 if (err < 0) { 3189 pr_err("Failed to initialize the IGMP6 autojoin socket (err %d)\n", 3190 err); 3191 goto out_sock_create; 3192 } 3193 3194 err = igmp6_proc_init(net); 3195 if (err) 3196 goto out_sock_create_autojoin; 3197 3198 return 0; 3199 3200 out_sock_create_autojoin: 3201 inet_ctl_sock_destroy(net->ipv6.mc_autojoin_sk); 3202 out_sock_create: 3203 inet_ctl_sock_destroy(net->ipv6.igmp_sk); 3204 out: 3205 return err; 3206 } 3207 3208 static void __net_exit igmp6_net_exit(struct net *net) 3209 { 3210 inet_ctl_sock_destroy(net->ipv6.igmp_sk); 3211 inet_ctl_sock_destroy(net->ipv6.mc_autojoin_sk); 3212 igmp6_proc_exit(net); 3213 } 3214 3215 static struct pernet_operations igmp6_net_ops = { 3216 .init = igmp6_net_init, 3217 .exit = igmp6_net_exit, 3218 }; 3219 3220 int __init igmp6_init(void) 3221 { 3222 int err; 3223 3224 err = register_pernet_subsys(&igmp6_net_ops); 3225 if (err) 3226 return err; 3227 3228 mld_wq = create_workqueue("mld"); 3229 if (!mld_wq) { 3230 unregister_pernet_subsys(&igmp6_net_ops); 3231 return -ENOMEM; 3232 } 3233 3234 return err; 3235 } 3236 3237 int __init igmp6_late_init(void) 3238 { 3239 return register_netdevice_notifier(&igmp6_netdev_notifier); 3240 } 3241 3242 void igmp6_cleanup(void) 3243 { 3244 unregister_pernet_subsys(&igmp6_net_ops); 3245 destroy_workqueue(mld_wq); 3246 } 3247 3248 void igmp6_late_cleanup(void) 3249 { 3250 unregister_netdevice_notifier(&igmp6_netdev_notifier); 3251 } 3252