2 * Linux IPv6 multicast routing support for BSD pim6sd
3 * Based on net/ipv4/ipmr.c.
5 * (c) 2004 Mickael Hoerdt, <hoerdt@clarinet.u-strasbg.fr>
6 * LSIIT Laboratory, Strasbourg, France
7 * (c) 2004 Jean-Philippe Andriot, <jean-philippe.andriot@6WIND.com>
9 * Copyright (C)2007,2008 USAGI/WIDE Project
10 * YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version
15 * 2 of the License, or (at your option) any later version.
19 #include <linux/uaccess.h>
20 #include <linux/types.h>
21 #include <linux/sched.h>
22 #include <linux/errno.h>
24 #include <linux/kernel.h>
25 #include <linux/fcntl.h>
26 #include <linux/stat.h>
27 #include <linux/socket.h>
28 #include <linux/inet.h>
29 #include <linux/netdevice.h>
30 #include <linux/inetdevice.h>
31 #include <linux/proc_fs.h>
32 #include <linux/seq_file.h>
33 #include <linux/init.h>
34 #include <linux/compat.h>
35 #include <linux/rhashtable.h>
36 #include <net/protocol.h>
37 #include <linux/skbuff.h>
39 #include <linux/notifier.h>
40 #include <linux/if_arp.h>
41 #include <net/checksum.h>
42 #include <net/netlink.h>
43 #include <net/fib_rules.h>
46 #include <net/ip6_route.h>
47 #include <linux/mroute6.h>
48 #include <linux/pim.h>
49 #include <net/addrconf.h>
50 #include <linux/netfilter_ipv6.h>
51 #include <linux/export.h>
52 #include <net/ip6_checksum.h>
53 #include <linux/netconf.h>
54 #include <net/ip_tunnels.h>
56 #include <linux/nospec.h>
59 struct fib_rule common;
66 /* Big lock, protecting vif table, mrt cache and mroute socket state.
67 Note that the changes are semaphored via rtnl_lock.
70 static DEFINE_RWLOCK(mrt_lock);
72 /* Multicast router control variables */
74 /* Special spinlock for queue of unresolved entries */
75 static DEFINE_SPINLOCK(mfc_unres_lock);
77 /* We return to original Alan's scheme. Hash table of resolved
78 entries is changed only in process context and protected
79 with weak lock mrt_lock. Queue of unresolved entries is protected
80 with strong spinlock mfc_unres_lock.
82 In this case data path is free of exclusive locks at all.
85 static struct kmem_cache *mrt_cachep __read_mostly;
87 static struct mr_table *ip6mr_new_table(struct net *net, u32 id);
88 static void ip6mr_free_table(struct mr_table *mrt);
90 static void ip6_mr_forward(struct net *net, struct mr_table *mrt,
91 struct net_device *dev, struct sk_buff *skb,
92 struct mfc6_cache *cache);
93 static int ip6mr_cache_report(struct mr_table *mrt, struct sk_buff *pkt,
94 mifi_t mifi, int assert);
95 static void mr6_netlink_event(struct mr_table *mrt, struct mfc6_cache *mfc,
97 static void mrt6msg_netlink_event(struct mr_table *mrt, struct sk_buff *pkt);
98 static int ip6mr_rtm_dumproute(struct sk_buff *skb,
99 struct netlink_callback *cb);
100 static void mroute_clean_tables(struct mr_table *mrt, bool all);
101 static void ipmr_expire_process(struct timer_list *t);
103 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES
104 #define ip6mr_for_each_table(mrt, net) \
105 list_for_each_entry_rcu(mrt, &net->ipv6.mr6_tables, list)
107 static struct mr_table *ip6mr_mr_table_iter(struct net *net,
108 struct mr_table *mrt)
110 struct mr_table *ret;
113 ret = list_entry_rcu(net->ipv6.mr6_tables.next,
114 struct mr_table, list);
116 ret = list_entry_rcu(mrt->list.next,
117 struct mr_table, list);
119 if (&ret->list == &net->ipv6.mr6_tables)
124 static struct mr_table *ip6mr_get_table(struct net *net, u32 id)
126 struct mr_table *mrt;
128 ip6mr_for_each_table(mrt, net) {
135 static int ip6mr_fib_lookup(struct net *net, struct flowi6 *flp6,
136 struct mr_table **mrt)
139 struct ip6mr_result res;
140 struct fib_lookup_arg arg = {
142 .flags = FIB_LOOKUP_NOREF,
145 /* update flow if oif or iif point to device enslaved to l3mdev */
146 l3mdev_update_flow(net, flowi6_to_flowi(flp6));
148 err = fib_rules_lookup(net->ipv6.mr6_rules_ops,
149 flowi6_to_flowi(flp6), 0, &arg);
156 static int ip6mr_rule_action(struct fib_rule *rule, struct flowi *flp,
157 int flags, struct fib_lookup_arg *arg)
159 struct ip6mr_result *res = arg->result;
160 struct mr_table *mrt;
162 switch (rule->action) {
165 case FR_ACT_UNREACHABLE:
167 case FR_ACT_PROHIBIT:
169 case FR_ACT_BLACKHOLE:
174 arg->table = fib_rule_get_table(rule, arg);
176 mrt = ip6mr_get_table(rule->fr_net, arg->table);
183 static int ip6mr_rule_match(struct fib_rule *rule, struct flowi *flp, int flags)
188 static const struct nla_policy ip6mr_rule_policy[FRA_MAX + 1] = {
192 static int ip6mr_rule_configure(struct fib_rule *rule, struct sk_buff *skb,
193 struct fib_rule_hdr *frh, struct nlattr **tb,
194 struct netlink_ext_ack *extack)
199 static int ip6mr_rule_compare(struct fib_rule *rule, struct fib_rule_hdr *frh,
205 static int ip6mr_rule_fill(struct fib_rule *rule, struct sk_buff *skb,
206 struct fib_rule_hdr *frh)
214 static const struct fib_rules_ops __net_initconst ip6mr_rules_ops_template = {
215 .family = RTNL_FAMILY_IP6MR,
216 .rule_size = sizeof(struct ip6mr_rule),
217 .addr_size = sizeof(struct in6_addr),
218 .action = ip6mr_rule_action,
219 .match = ip6mr_rule_match,
220 .configure = ip6mr_rule_configure,
221 .compare = ip6mr_rule_compare,
222 .fill = ip6mr_rule_fill,
223 .nlgroup = RTNLGRP_IPV6_RULE,
224 .policy = ip6mr_rule_policy,
225 .owner = THIS_MODULE,
228 static int __net_init ip6mr_rules_init(struct net *net)
230 struct fib_rules_ops *ops;
231 struct mr_table *mrt;
234 ops = fib_rules_register(&ip6mr_rules_ops_template, net);
238 INIT_LIST_HEAD(&net->ipv6.mr6_tables);
240 mrt = ip6mr_new_table(net, RT6_TABLE_DFLT);
246 err = fib_default_rule_add(ops, 0x7fff, RT6_TABLE_DFLT, 0);
250 net->ipv6.mr6_rules_ops = ops;
254 ip6mr_free_table(mrt);
256 fib_rules_unregister(ops);
260 static void __net_exit ip6mr_rules_exit(struct net *net)
262 struct mr_table *mrt, *next;
265 list_for_each_entry_safe(mrt, next, &net->ipv6.mr6_tables, list) {
266 list_del(&mrt->list);
267 ip6mr_free_table(mrt);
269 fib_rules_unregister(net->ipv6.mr6_rules_ops);
273 static int ip6mr_rules_dump(struct net *net, struct notifier_block *nb)
275 return fib_rules_dump(net, nb, RTNL_FAMILY_IP6MR);
278 static unsigned int ip6mr_rules_seq_read(struct net *net)
280 return fib_rules_seq_read(net, RTNL_FAMILY_IP6MR);
283 bool ip6mr_rule_default(const struct fib_rule *rule)
285 return fib_rule_matchall(rule) && rule->action == FR_ACT_TO_TBL &&
286 rule->table == RT6_TABLE_DFLT && !rule->l3mdev;
288 EXPORT_SYMBOL(ip6mr_rule_default);
290 #define ip6mr_for_each_table(mrt, net) \
291 for (mrt = net->ipv6.mrt6; mrt; mrt = NULL)
293 static struct mr_table *ip6mr_mr_table_iter(struct net *net,
294 struct mr_table *mrt)
297 return net->ipv6.mrt6;
301 static struct mr_table *ip6mr_get_table(struct net *net, u32 id)
303 return net->ipv6.mrt6;
306 static int ip6mr_fib_lookup(struct net *net, struct flowi6 *flp6,
307 struct mr_table **mrt)
309 *mrt = net->ipv6.mrt6;
313 static int __net_init ip6mr_rules_init(struct net *net)
315 struct mr_table *mrt;
317 mrt = ip6mr_new_table(net, RT6_TABLE_DFLT);
320 net->ipv6.mrt6 = mrt;
324 static void __net_exit ip6mr_rules_exit(struct net *net)
327 ip6mr_free_table(net->ipv6.mrt6);
328 net->ipv6.mrt6 = NULL;
332 static int ip6mr_rules_dump(struct net *net, struct notifier_block *nb)
337 static unsigned int ip6mr_rules_seq_read(struct net *net)
343 static int ip6mr_hash_cmp(struct rhashtable_compare_arg *arg,
346 const struct mfc6_cache_cmp_arg *cmparg = arg->key;
347 struct mfc6_cache *c = (struct mfc6_cache *)ptr;
349 return !ipv6_addr_equal(&c->mf6c_mcastgrp, &cmparg->mf6c_mcastgrp) ||
350 !ipv6_addr_equal(&c->mf6c_origin, &cmparg->mf6c_origin);
353 static const struct rhashtable_params ip6mr_rht_params = {
354 .head_offset = offsetof(struct mr_mfc, mnode),
355 .key_offset = offsetof(struct mfc6_cache, cmparg),
356 .key_len = sizeof(struct mfc6_cache_cmp_arg),
359 .obj_cmpfn = ip6mr_hash_cmp,
360 .automatic_shrinking = true,
363 static void ip6mr_new_table_set(struct mr_table *mrt,
366 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES
367 list_add_tail_rcu(&mrt->list, &net->ipv6.mr6_tables);
371 static struct mfc6_cache_cmp_arg ip6mr_mr_table_ops_cmparg_any = {
372 .mf6c_origin = IN6ADDR_ANY_INIT,
373 .mf6c_mcastgrp = IN6ADDR_ANY_INIT,
376 static struct mr_table_ops ip6mr_mr_table_ops = {
377 .rht_params = &ip6mr_rht_params,
378 .cmparg_any = &ip6mr_mr_table_ops_cmparg_any,
381 static struct mr_table *ip6mr_new_table(struct net *net, u32 id)
383 struct mr_table *mrt;
385 mrt = ip6mr_get_table(net, id);
389 return mr_table_alloc(net, id, &ip6mr_mr_table_ops,
390 ipmr_expire_process, ip6mr_new_table_set);
393 static void ip6mr_free_table(struct mr_table *mrt)
395 del_timer_sync(&mrt->ipmr_expire_timer);
396 mroute_clean_tables(mrt, true);
397 rhltable_destroy(&mrt->mfc_hash);
401 #ifdef CONFIG_PROC_FS
402 /* The /proc interfaces to multicast routing
403 * /proc/ip6_mr_cache /proc/ip6_mr_vif
406 static void *ip6mr_vif_seq_start(struct seq_file *seq, loff_t *pos)
409 struct mr_vif_iter *iter = seq->private;
410 struct net *net = seq_file_net(seq);
411 struct mr_table *mrt;
413 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT);
415 return ERR_PTR(-ENOENT);
419 read_lock(&mrt_lock);
420 return mr_vif_seq_start(seq, pos);
423 static void ip6mr_vif_seq_stop(struct seq_file *seq, void *v)
426 read_unlock(&mrt_lock);
429 static int ip6mr_vif_seq_show(struct seq_file *seq, void *v)
431 struct mr_vif_iter *iter = seq->private;
432 struct mr_table *mrt = iter->mrt;
434 if (v == SEQ_START_TOKEN) {
436 "Interface BytesIn PktsIn BytesOut PktsOut Flags\n");
438 const struct vif_device *vif = v;
439 const char *name = vif->dev ? vif->dev->name : "none";
442 "%2td %-10s %8ld %7ld %8ld %7ld %05X\n",
443 vif - mrt->vif_table,
444 name, vif->bytes_in, vif->pkt_in,
445 vif->bytes_out, vif->pkt_out,
451 static const struct seq_operations ip6mr_vif_seq_ops = {
452 .start = ip6mr_vif_seq_start,
453 .next = mr_vif_seq_next,
454 .stop = ip6mr_vif_seq_stop,
455 .show = ip6mr_vif_seq_show,
458 static void *ipmr_mfc_seq_start(struct seq_file *seq, loff_t *pos)
460 struct net *net = seq_file_net(seq);
461 struct mr_table *mrt;
463 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT);
465 return ERR_PTR(-ENOENT);
467 return mr_mfc_seq_start(seq, pos, mrt, &mfc_unres_lock);
470 static int ipmr_mfc_seq_show(struct seq_file *seq, void *v)
474 if (v == SEQ_START_TOKEN) {
478 "Iif Pkts Bytes Wrong Oifs\n");
480 const struct mfc6_cache *mfc = v;
481 const struct mr_mfc_iter *it = seq->private;
482 struct mr_table *mrt = it->mrt;
484 seq_printf(seq, "%pI6 %pI6 %-3hd",
485 &mfc->mf6c_mcastgrp, &mfc->mf6c_origin,
488 if (it->cache != &mrt->mfc_unres_queue) {
489 seq_printf(seq, " %8lu %8lu %8lu",
490 mfc->_c.mfc_un.res.pkt,
491 mfc->_c.mfc_un.res.bytes,
492 mfc->_c.mfc_un.res.wrong_if);
493 for (n = mfc->_c.mfc_un.res.minvif;
494 n < mfc->_c.mfc_un.res.maxvif; n++) {
495 if (VIF_EXISTS(mrt, n) &&
496 mfc->_c.mfc_un.res.ttls[n] < 255)
499 mfc->_c.mfc_un.res.ttls[n]);
502 /* unresolved mfc_caches don't contain
503 * pkt, bytes and wrong_if values
505 seq_printf(seq, " %8lu %8lu %8lu", 0ul, 0ul, 0ul);
512 static const struct seq_operations ipmr_mfc_seq_ops = {
513 .start = ipmr_mfc_seq_start,
514 .next = mr_mfc_seq_next,
515 .stop = mr_mfc_seq_stop,
516 .show = ipmr_mfc_seq_show,
520 #ifdef CONFIG_IPV6_PIMSM_V2
522 static int pim6_rcv(struct sk_buff *skb)
524 struct pimreghdr *pim;
525 struct ipv6hdr *encap;
526 struct net_device *reg_dev = NULL;
527 struct net *net = dev_net(skb->dev);
528 struct mr_table *mrt;
529 struct flowi6 fl6 = {
530 .flowi6_iif = skb->dev->ifindex,
531 .flowi6_mark = skb->mark,
535 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(*encap)))
538 pim = (struct pimreghdr *)skb_transport_header(skb);
539 if (pim->type != ((PIM_VERSION << 4) | PIM_TYPE_REGISTER) ||
540 (pim->flags & PIM_NULL_REGISTER) ||
541 (csum_ipv6_magic(&ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr,
542 sizeof(*pim), IPPROTO_PIM,
543 csum_partial((void *)pim, sizeof(*pim), 0)) &&
544 csum_fold(skb_checksum(skb, 0, skb->len, 0))))
547 /* check if the inner packet is destined to mcast group */
548 encap = (struct ipv6hdr *)(skb_transport_header(skb) +
551 if (!ipv6_addr_is_multicast(&encap->daddr) ||
552 encap->payload_len == 0 ||
553 ntohs(encap->payload_len) + sizeof(*pim) > skb->len)
556 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0)
558 reg_vif_num = mrt->mroute_reg_vif_num;
560 read_lock(&mrt_lock);
561 if (reg_vif_num >= 0)
562 reg_dev = mrt->vif_table[reg_vif_num].dev;
565 read_unlock(&mrt_lock);
570 skb->mac_header = skb->network_header;
571 skb_pull(skb, (u8 *)encap - skb->data);
572 skb_reset_network_header(skb);
573 skb->protocol = htons(ETH_P_IPV6);
574 skb->ip_summed = CHECKSUM_NONE;
576 skb_tunnel_rx(skb, reg_dev, dev_net(reg_dev));
587 static const struct inet6_protocol pim6_protocol = {
591 /* Service routines creating virtual interfaces: PIMREG */
593 static netdev_tx_t reg_vif_xmit(struct sk_buff *skb,
594 struct net_device *dev)
596 struct net *net = dev_net(dev);
597 struct mr_table *mrt;
598 struct flowi6 fl6 = {
599 .flowi6_oif = dev->ifindex,
600 .flowi6_iif = skb->skb_iif ? : LOOPBACK_IFINDEX,
601 .flowi6_mark = skb->mark,
604 if (!pskb_inet_may_pull(skb))
607 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0)
610 read_lock(&mrt_lock);
611 dev->stats.tx_bytes += skb->len;
612 dev->stats.tx_packets++;
613 ip6mr_cache_report(mrt, skb, mrt->mroute_reg_vif_num, MRT6MSG_WHOLEPKT);
614 read_unlock(&mrt_lock);
619 dev->stats.tx_errors++;
624 static int reg_vif_get_iflink(const struct net_device *dev)
629 static const struct net_device_ops reg_vif_netdev_ops = {
630 .ndo_start_xmit = reg_vif_xmit,
631 .ndo_get_iflink = reg_vif_get_iflink,
634 static void reg_vif_setup(struct net_device *dev)
636 dev->type = ARPHRD_PIMREG;
637 dev->mtu = 1500 - sizeof(struct ipv6hdr) - 8;
638 dev->flags = IFF_NOARP;
639 dev->netdev_ops = ®_vif_netdev_ops;
640 dev->needs_free_netdev = true;
641 dev->features |= NETIF_F_NETNS_LOCAL;
644 static struct net_device *ip6mr_reg_vif(struct net *net, struct mr_table *mrt)
646 struct net_device *dev;
649 if (mrt->id == RT6_TABLE_DFLT)
650 sprintf(name, "pim6reg");
652 sprintf(name, "pim6reg%u", mrt->id);
654 dev = alloc_netdev(0, name, NET_NAME_UNKNOWN, reg_vif_setup);
658 dev_net_set(dev, net);
660 if (register_netdevice(dev)) {
665 if (dev_open(dev, NULL))
672 unregister_netdevice(dev);
677 static int call_ip6mr_vif_entry_notifiers(struct net *net,
678 enum fib_event_type event_type,
679 struct vif_device *vif,
680 mifi_t vif_index, u32 tb_id)
682 return mr_call_vif_notifiers(net, RTNL_FAMILY_IP6MR, event_type,
683 vif, vif_index, tb_id,
684 &net->ipv6.ipmr_seq);
687 static int call_ip6mr_mfc_entry_notifiers(struct net *net,
688 enum fib_event_type event_type,
689 struct mfc6_cache *mfc, u32 tb_id)
691 return mr_call_mfc_notifiers(net, RTNL_FAMILY_IP6MR, event_type,
692 &mfc->_c, tb_id, &net->ipv6.ipmr_seq);
695 /* Delete a VIF entry */
696 static int mif6_delete(struct mr_table *mrt, int vifi, int notify,
697 struct list_head *head)
699 struct vif_device *v;
700 struct net_device *dev;
701 struct inet6_dev *in6_dev;
703 if (vifi < 0 || vifi >= mrt->maxvif)
704 return -EADDRNOTAVAIL;
706 v = &mrt->vif_table[vifi];
708 if (VIF_EXISTS(mrt, vifi))
709 call_ip6mr_vif_entry_notifiers(read_pnet(&mrt->net),
710 FIB_EVENT_VIF_DEL, v, vifi,
713 write_lock_bh(&mrt_lock);
718 write_unlock_bh(&mrt_lock);
719 return -EADDRNOTAVAIL;
722 #ifdef CONFIG_IPV6_PIMSM_V2
723 if (vifi == mrt->mroute_reg_vif_num)
724 mrt->mroute_reg_vif_num = -1;
727 if (vifi + 1 == mrt->maxvif) {
729 for (tmp = vifi - 1; tmp >= 0; tmp--) {
730 if (VIF_EXISTS(mrt, tmp))
733 mrt->maxvif = tmp + 1;
736 write_unlock_bh(&mrt_lock);
738 dev_set_allmulti(dev, -1);
740 in6_dev = __in6_dev_get(dev);
742 in6_dev->cnf.mc_forwarding--;
743 inet6_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF,
744 NETCONFA_MC_FORWARDING,
745 dev->ifindex, &in6_dev->cnf);
748 if ((v->flags & MIFF_REGISTER) && !notify)
749 unregister_netdevice_queue(dev, head);
755 static inline void ip6mr_cache_free_rcu(struct rcu_head *head)
757 struct mr_mfc *c = container_of(head, struct mr_mfc, rcu);
759 kmem_cache_free(mrt_cachep, (struct mfc6_cache *)c);
762 static inline void ip6mr_cache_free(struct mfc6_cache *c)
764 call_rcu(&c->_c.rcu, ip6mr_cache_free_rcu);
767 /* Destroy an unresolved cache entry, killing queued skbs
768 and reporting error to netlink readers.
771 static void ip6mr_destroy_unres(struct mr_table *mrt, struct mfc6_cache *c)
773 struct net *net = read_pnet(&mrt->net);
776 atomic_dec(&mrt->cache_resolve_queue_len);
778 while ((skb = skb_dequeue(&c->_c.mfc_un.unres.unresolved)) != NULL) {
779 if (ipv6_hdr(skb)->version == 0) {
780 struct nlmsghdr *nlh = skb_pull(skb,
781 sizeof(struct ipv6hdr));
782 nlh->nlmsg_type = NLMSG_ERROR;
783 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr));
784 skb_trim(skb, nlh->nlmsg_len);
785 ((struct nlmsgerr *)nlmsg_data(nlh))->error = -ETIMEDOUT;
786 rtnl_unicast(skb, net, NETLINK_CB(skb).portid);
795 /* Timer process for all the unresolved queue. */
797 static void ipmr_do_expire_process(struct mr_table *mrt)
799 unsigned long now = jiffies;
800 unsigned long expires = 10 * HZ;
801 struct mr_mfc *c, *next;
803 list_for_each_entry_safe(c, next, &mrt->mfc_unres_queue, list) {
804 if (time_after(c->mfc_un.unres.expires, now)) {
806 unsigned long interval = c->mfc_un.unres.expires - now;
807 if (interval < expires)
813 mr6_netlink_event(mrt, (struct mfc6_cache *)c, RTM_DELROUTE);
814 ip6mr_destroy_unres(mrt, (struct mfc6_cache *)c);
817 if (!list_empty(&mrt->mfc_unres_queue))
818 mod_timer(&mrt->ipmr_expire_timer, jiffies + expires);
821 static void ipmr_expire_process(struct timer_list *t)
823 struct mr_table *mrt = from_timer(mrt, t, ipmr_expire_timer);
825 if (!spin_trylock(&mfc_unres_lock)) {
826 mod_timer(&mrt->ipmr_expire_timer, jiffies + 1);
830 if (!list_empty(&mrt->mfc_unres_queue))
831 ipmr_do_expire_process(mrt);
833 spin_unlock(&mfc_unres_lock);
836 /* Fill oifs list. It is called under write locked mrt_lock. */
838 static void ip6mr_update_thresholds(struct mr_table *mrt,
839 struct mr_mfc *cache,
844 cache->mfc_un.res.minvif = MAXMIFS;
845 cache->mfc_un.res.maxvif = 0;
846 memset(cache->mfc_un.res.ttls, 255, MAXMIFS);
848 for (vifi = 0; vifi < mrt->maxvif; vifi++) {
849 if (VIF_EXISTS(mrt, vifi) &&
850 ttls[vifi] && ttls[vifi] < 255) {
851 cache->mfc_un.res.ttls[vifi] = ttls[vifi];
852 if (cache->mfc_un.res.minvif > vifi)
853 cache->mfc_un.res.minvif = vifi;
854 if (cache->mfc_un.res.maxvif <= vifi)
855 cache->mfc_un.res.maxvif = vifi + 1;
858 cache->mfc_un.res.lastuse = jiffies;
861 static int mif6_add(struct net *net, struct mr_table *mrt,
862 struct mif6ctl *vifc, int mrtsock)
864 int vifi = vifc->mif6c_mifi;
865 struct vif_device *v = &mrt->vif_table[vifi];
866 struct net_device *dev;
867 struct inet6_dev *in6_dev;
871 if (VIF_EXISTS(mrt, vifi))
874 switch (vifc->mif6c_flags) {
875 #ifdef CONFIG_IPV6_PIMSM_V2
878 * Special Purpose VIF in PIM
879 * All the packets will be sent to the daemon
881 if (mrt->mroute_reg_vif_num >= 0)
883 dev = ip6mr_reg_vif(net, mrt);
886 err = dev_set_allmulti(dev, 1);
888 unregister_netdevice(dev);
895 dev = dev_get_by_index(net, vifc->mif6c_pifi);
897 return -EADDRNOTAVAIL;
898 err = dev_set_allmulti(dev, 1);
908 in6_dev = __in6_dev_get(dev);
910 in6_dev->cnf.mc_forwarding++;
911 inet6_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF,
912 NETCONFA_MC_FORWARDING,
913 dev->ifindex, &in6_dev->cnf);
916 /* Fill in the VIF structures */
917 vif_device_init(v, dev, vifc->vifc_rate_limit, vifc->vifc_threshold,
918 vifc->mif6c_flags | (!mrtsock ? VIFF_STATIC : 0),
921 /* And finish update writing critical data */
922 write_lock_bh(&mrt_lock);
924 #ifdef CONFIG_IPV6_PIMSM_V2
925 if (v->flags & MIFF_REGISTER)
926 mrt->mroute_reg_vif_num = vifi;
928 if (vifi + 1 > mrt->maxvif)
929 mrt->maxvif = vifi + 1;
930 write_unlock_bh(&mrt_lock);
931 call_ip6mr_vif_entry_notifiers(net, FIB_EVENT_VIF_ADD,
936 static struct mfc6_cache *ip6mr_cache_find(struct mr_table *mrt,
937 const struct in6_addr *origin,
938 const struct in6_addr *mcastgrp)
940 struct mfc6_cache_cmp_arg arg = {
941 .mf6c_origin = *origin,
942 .mf6c_mcastgrp = *mcastgrp,
945 return mr_mfc_find(mrt, &arg);
948 /* Look for a (*,G) entry */
949 static struct mfc6_cache *ip6mr_cache_find_any(struct mr_table *mrt,
950 struct in6_addr *mcastgrp,
953 struct mfc6_cache_cmp_arg arg = {
954 .mf6c_origin = in6addr_any,
955 .mf6c_mcastgrp = *mcastgrp,
958 if (ipv6_addr_any(mcastgrp))
959 return mr_mfc_find_any_parent(mrt, mifi);
960 return mr_mfc_find_any(mrt, mifi, &arg);
963 /* Look for a (S,G,iif) entry if parent != -1 */
964 static struct mfc6_cache *
965 ip6mr_cache_find_parent(struct mr_table *mrt,
966 const struct in6_addr *origin,
967 const struct in6_addr *mcastgrp,
970 struct mfc6_cache_cmp_arg arg = {
971 .mf6c_origin = *origin,
972 .mf6c_mcastgrp = *mcastgrp,
975 return mr_mfc_find_parent(mrt, &arg, parent);
978 /* Allocate a multicast cache entry */
979 static struct mfc6_cache *ip6mr_cache_alloc(void)
981 struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_KERNEL);
984 c->_c.mfc_un.res.last_assert = jiffies - MFC_ASSERT_THRESH - 1;
985 c->_c.mfc_un.res.minvif = MAXMIFS;
986 c->_c.free = ip6mr_cache_free_rcu;
987 refcount_set(&c->_c.mfc_un.res.refcount, 1);
991 static struct mfc6_cache *ip6mr_cache_alloc_unres(void)
993 struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_ATOMIC);
996 skb_queue_head_init(&c->_c.mfc_un.unres.unresolved);
997 c->_c.mfc_un.unres.expires = jiffies + 10 * HZ;
1002 * A cache entry has gone into a resolved state from queued
1005 static void ip6mr_cache_resolve(struct net *net, struct mr_table *mrt,
1006 struct mfc6_cache *uc, struct mfc6_cache *c)
1008 struct sk_buff *skb;
1011 * Play the pending entries through our router
1014 while ((skb = __skb_dequeue(&uc->_c.mfc_un.unres.unresolved))) {
1015 if (ipv6_hdr(skb)->version == 0) {
1016 struct nlmsghdr *nlh = skb_pull(skb,
1017 sizeof(struct ipv6hdr));
1019 if (mr_fill_mroute(mrt, skb, &c->_c,
1020 nlmsg_data(nlh)) > 0) {
1021 nlh->nlmsg_len = skb_tail_pointer(skb) - (u8 *)nlh;
1023 nlh->nlmsg_type = NLMSG_ERROR;
1024 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr));
1025 skb_trim(skb, nlh->nlmsg_len);
1026 ((struct nlmsgerr *)nlmsg_data(nlh))->error = -EMSGSIZE;
1028 rtnl_unicast(skb, net, NETLINK_CB(skb).portid);
1030 ip6_mr_forward(net, mrt, skb->dev, skb, c);
1035 * Bounce a cache query up to pim6sd and netlink.
1037 * Called under mrt_lock.
1040 static int ip6mr_cache_report(struct mr_table *mrt, struct sk_buff *pkt,
1041 mifi_t mifi, int assert)
1043 struct sock *mroute6_sk;
1044 struct sk_buff *skb;
1045 struct mrt6msg *msg;
1048 #ifdef CONFIG_IPV6_PIMSM_V2
1049 if (assert == MRT6MSG_WHOLEPKT)
1050 skb = skb_realloc_headroom(pkt, -skb_network_offset(pkt)
1054 skb = alloc_skb(sizeof(struct ipv6hdr) + sizeof(*msg), GFP_ATOMIC);
1059 /* I suppose that internal messages
1060 * do not require checksums */
1062 skb->ip_summed = CHECKSUM_UNNECESSARY;
1064 #ifdef CONFIG_IPV6_PIMSM_V2
1065 if (assert == MRT6MSG_WHOLEPKT) {
1066 /* Ugly, but we have no choice with this interface.
1067 Duplicate old header, fix length etc.
1068 And all this only to mangle msg->im6_msgtype and
1069 to set msg->im6_mbz to "mbz" :-)
1071 skb_push(skb, -skb_network_offset(pkt));
1073 skb_push(skb, sizeof(*msg));
1074 skb_reset_transport_header(skb);
1075 msg = (struct mrt6msg *)skb_transport_header(skb);
1077 msg->im6_msgtype = MRT6MSG_WHOLEPKT;
1078 msg->im6_mif = mrt->mroute_reg_vif_num;
1080 msg->im6_src = ipv6_hdr(pkt)->saddr;
1081 msg->im6_dst = ipv6_hdr(pkt)->daddr;
1083 skb->ip_summed = CHECKSUM_UNNECESSARY;
1088 * Copy the IP header
1091 skb_put(skb, sizeof(struct ipv6hdr));
1092 skb_reset_network_header(skb);
1093 skb_copy_to_linear_data(skb, ipv6_hdr(pkt), sizeof(struct ipv6hdr));
1098 skb_put(skb, sizeof(*msg));
1099 skb_reset_transport_header(skb);
1100 msg = (struct mrt6msg *)skb_transport_header(skb);
1103 msg->im6_msgtype = assert;
1104 msg->im6_mif = mifi;
1106 msg->im6_src = ipv6_hdr(pkt)->saddr;
1107 msg->im6_dst = ipv6_hdr(pkt)->daddr;
1109 skb_dst_set(skb, dst_clone(skb_dst(pkt)));
1110 skb->ip_summed = CHECKSUM_UNNECESSARY;
1114 mroute6_sk = rcu_dereference(mrt->mroute_sk);
1121 mrt6msg_netlink_event(mrt, skb);
1123 /* Deliver to user space multicast routing algorithms */
1124 ret = sock_queue_rcv_skb(mroute6_sk, skb);
1127 net_warn_ratelimited("mroute6: pending queue full, dropping entries\n");
1134 /* Queue a packet for resolution. It gets locked cache entry! */
1135 static int ip6mr_cache_unresolved(struct mr_table *mrt, mifi_t mifi,
1136 struct sk_buff *skb, struct net_device *dev)
1138 struct mfc6_cache *c;
1142 spin_lock_bh(&mfc_unres_lock);
1143 list_for_each_entry(c, &mrt->mfc_unres_queue, _c.list) {
1144 if (ipv6_addr_equal(&c->mf6c_mcastgrp, &ipv6_hdr(skb)->daddr) &&
1145 ipv6_addr_equal(&c->mf6c_origin, &ipv6_hdr(skb)->saddr)) {
1153 * Create a new entry if allowable
1156 if (atomic_read(&mrt->cache_resolve_queue_len) >= 10 ||
1157 (c = ip6mr_cache_alloc_unres()) == NULL) {
1158 spin_unlock_bh(&mfc_unres_lock);
1164 /* Fill in the new cache entry */
1165 c->_c.mfc_parent = -1;
1166 c->mf6c_origin = ipv6_hdr(skb)->saddr;
1167 c->mf6c_mcastgrp = ipv6_hdr(skb)->daddr;
1170 * Reflect first query at pim6sd
1172 err = ip6mr_cache_report(mrt, skb, mifi, MRT6MSG_NOCACHE);
1174 /* If the report failed throw the cache entry
1177 spin_unlock_bh(&mfc_unres_lock);
1179 ip6mr_cache_free(c);
1184 atomic_inc(&mrt->cache_resolve_queue_len);
1185 list_add(&c->_c.list, &mrt->mfc_unres_queue);
1186 mr6_netlink_event(mrt, c, RTM_NEWROUTE);
1188 ipmr_do_expire_process(mrt);
1191 /* See if we can append the packet */
1192 if (c->_c.mfc_un.unres.unresolved.qlen > 3) {
1198 skb->skb_iif = dev->ifindex;
1200 skb_queue_tail(&c->_c.mfc_un.unres.unresolved, skb);
1204 spin_unlock_bh(&mfc_unres_lock);
1209 * MFC6 cache manipulation by user space
1212 static int ip6mr_mfc_delete(struct mr_table *mrt, struct mf6cctl *mfc,
1215 struct mfc6_cache *c;
1217 /* The entries are added/deleted only under RTNL */
1219 c = ip6mr_cache_find_parent(mrt, &mfc->mf6cc_origin.sin6_addr,
1220 &mfc->mf6cc_mcastgrp.sin6_addr, parent);
1224 rhltable_remove(&mrt->mfc_hash, &c->_c.mnode, ip6mr_rht_params);
1225 list_del_rcu(&c->_c.list);
1227 call_ip6mr_mfc_entry_notifiers(read_pnet(&mrt->net),
1228 FIB_EVENT_ENTRY_DEL, c, mrt->id);
1229 mr6_netlink_event(mrt, c, RTM_DELROUTE);
1230 mr_cache_put(&c->_c);
1234 static int ip6mr_device_event(struct notifier_block *this,
1235 unsigned long event, void *ptr)
1237 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1238 struct net *net = dev_net(dev);
1239 struct mr_table *mrt;
1240 struct vif_device *v;
1243 if (event != NETDEV_UNREGISTER)
1246 ip6mr_for_each_table(mrt, net) {
1247 v = &mrt->vif_table[0];
1248 for (ct = 0; ct < mrt->maxvif; ct++, v++) {
1250 mif6_delete(mrt, ct, 1, NULL);
1257 static unsigned int ip6mr_seq_read(struct net *net)
1261 return net->ipv6.ipmr_seq + ip6mr_rules_seq_read(net);
1264 static int ip6mr_dump(struct net *net, struct notifier_block *nb)
1266 return mr_dump(net, nb, RTNL_FAMILY_IP6MR, ip6mr_rules_dump,
1267 ip6mr_mr_table_iter, &mrt_lock);
1270 static struct notifier_block ip6_mr_notifier = {
1271 .notifier_call = ip6mr_device_event
1274 static const struct fib_notifier_ops ip6mr_notifier_ops_template = {
1275 .family = RTNL_FAMILY_IP6MR,
1276 .fib_seq_read = ip6mr_seq_read,
1277 .fib_dump = ip6mr_dump,
1278 .owner = THIS_MODULE,
1281 static int __net_init ip6mr_notifier_init(struct net *net)
1283 struct fib_notifier_ops *ops;
1285 net->ipv6.ipmr_seq = 0;
1287 ops = fib_notifier_ops_register(&ip6mr_notifier_ops_template, net);
1289 return PTR_ERR(ops);
1291 net->ipv6.ip6mr_notifier_ops = ops;
1296 static void __net_exit ip6mr_notifier_exit(struct net *net)
1298 fib_notifier_ops_unregister(net->ipv6.ip6mr_notifier_ops);
1299 net->ipv6.ip6mr_notifier_ops = NULL;
1302 /* Setup for IP multicast routing */
1303 static int __net_init ip6mr_net_init(struct net *net)
1307 err = ip6mr_notifier_init(net);
1311 err = ip6mr_rules_init(net);
1313 goto ip6mr_rules_fail;
1315 #ifdef CONFIG_PROC_FS
1317 if (!proc_create_net("ip6_mr_vif", 0, net->proc_net, &ip6mr_vif_seq_ops,
1318 sizeof(struct mr_vif_iter)))
1320 if (!proc_create_net("ip6_mr_cache", 0, net->proc_net, &ipmr_mfc_seq_ops,
1321 sizeof(struct mr_mfc_iter)))
1322 goto proc_cache_fail;
1327 #ifdef CONFIG_PROC_FS
1329 remove_proc_entry("ip6_mr_vif", net->proc_net);
1331 ip6mr_rules_exit(net);
1334 ip6mr_notifier_exit(net);
1338 static void __net_exit ip6mr_net_exit(struct net *net)
1340 #ifdef CONFIG_PROC_FS
1341 remove_proc_entry("ip6_mr_cache", net->proc_net);
1342 remove_proc_entry("ip6_mr_vif", net->proc_net);
1344 ip6mr_rules_exit(net);
1345 ip6mr_notifier_exit(net);
1348 static struct pernet_operations ip6mr_net_ops = {
1349 .init = ip6mr_net_init,
1350 .exit = ip6mr_net_exit,
1353 int __init ip6_mr_init(void)
1357 mrt_cachep = kmem_cache_create("ip6_mrt_cache",
1358 sizeof(struct mfc6_cache),
1359 0, SLAB_HWCACHE_ALIGN,
1364 err = register_pernet_subsys(&ip6mr_net_ops);
1366 goto reg_pernet_fail;
1368 err = register_netdevice_notifier(&ip6_mr_notifier);
1370 goto reg_notif_fail;
1371 #ifdef CONFIG_IPV6_PIMSM_V2
1372 if (inet6_add_protocol(&pim6_protocol, IPPROTO_PIM) < 0) {
1373 pr_err("%s: can't add PIM protocol\n", __func__);
1375 goto add_proto_fail;
1378 err = rtnl_register_module(THIS_MODULE, RTNL_FAMILY_IP6MR, RTM_GETROUTE,
1379 NULL, ip6mr_rtm_dumproute, 0);
1383 #ifdef CONFIG_IPV6_PIMSM_V2
1384 inet6_del_protocol(&pim6_protocol, IPPROTO_PIM);
1386 unregister_netdevice_notifier(&ip6_mr_notifier);
1389 unregister_pernet_subsys(&ip6mr_net_ops);
1391 kmem_cache_destroy(mrt_cachep);
1395 void ip6_mr_cleanup(void)
1397 rtnl_unregister(RTNL_FAMILY_IP6MR, RTM_GETROUTE);
1398 #ifdef CONFIG_IPV6_PIMSM_V2
1399 inet6_del_protocol(&pim6_protocol, IPPROTO_PIM);
1401 unregister_netdevice_notifier(&ip6_mr_notifier);
1402 unregister_pernet_subsys(&ip6mr_net_ops);
1403 kmem_cache_destroy(mrt_cachep);
1406 static int ip6mr_mfc_add(struct net *net, struct mr_table *mrt,
1407 struct mf6cctl *mfc, int mrtsock, int parent)
1409 unsigned char ttls[MAXMIFS];
1410 struct mfc6_cache *uc, *c;
1415 if (mfc->mf6cc_parent >= MAXMIFS)
1418 memset(ttls, 255, MAXMIFS);
1419 for (i = 0; i < MAXMIFS; i++) {
1420 if (IF_ISSET(i, &mfc->mf6cc_ifset))
1424 /* The entries are added/deleted only under RTNL */
1426 c = ip6mr_cache_find_parent(mrt, &mfc->mf6cc_origin.sin6_addr,
1427 &mfc->mf6cc_mcastgrp.sin6_addr, parent);
1430 write_lock_bh(&mrt_lock);
1431 c->_c.mfc_parent = mfc->mf6cc_parent;
1432 ip6mr_update_thresholds(mrt, &c->_c, ttls);
1434 c->_c.mfc_flags |= MFC_STATIC;
1435 write_unlock_bh(&mrt_lock);
1436 call_ip6mr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_REPLACE,
1438 mr6_netlink_event(mrt, c, RTM_NEWROUTE);
1442 if (!ipv6_addr_any(&mfc->mf6cc_mcastgrp.sin6_addr) &&
1443 !ipv6_addr_is_multicast(&mfc->mf6cc_mcastgrp.sin6_addr))
1446 c = ip6mr_cache_alloc();
1450 c->mf6c_origin = mfc->mf6cc_origin.sin6_addr;
1451 c->mf6c_mcastgrp = mfc->mf6cc_mcastgrp.sin6_addr;
1452 c->_c.mfc_parent = mfc->mf6cc_parent;
1453 ip6mr_update_thresholds(mrt, &c->_c, ttls);
1455 c->_c.mfc_flags |= MFC_STATIC;
1457 err = rhltable_insert_key(&mrt->mfc_hash, &c->cmparg, &c->_c.mnode,
1460 pr_err("ip6mr: rhtable insert error %d\n", err);
1461 ip6mr_cache_free(c);
1464 list_add_tail_rcu(&c->_c.list, &mrt->mfc_cache_list);
1466 /* Check to see if we resolved a queued list. If so we
1467 * need to send on the frames and tidy up.
1470 spin_lock_bh(&mfc_unres_lock);
1471 list_for_each_entry(_uc, &mrt->mfc_unres_queue, list) {
1472 uc = (struct mfc6_cache *)_uc;
1473 if (ipv6_addr_equal(&uc->mf6c_origin, &c->mf6c_origin) &&
1474 ipv6_addr_equal(&uc->mf6c_mcastgrp, &c->mf6c_mcastgrp)) {
1475 list_del(&_uc->list);
1476 atomic_dec(&mrt->cache_resolve_queue_len);
1481 if (list_empty(&mrt->mfc_unres_queue))
1482 del_timer(&mrt->ipmr_expire_timer);
1483 spin_unlock_bh(&mfc_unres_lock);
1486 ip6mr_cache_resolve(net, mrt, uc, c);
1487 ip6mr_cache_free(uc);
1489 call_ip6mr_mfc_entry_notifiers(net, FIB_EVENT_ENTRY_ADD,
1491 mr6_netlink_event(mrt, c, RTM_NEWROUTE);
1496 * Close the multicast socket, and clear the vif tables etc
1499 static void mroute_clean_tables(struct mr_table *mrt, bool all)
1501 struct mr_mfc *c, *tmp;
1505 /* Shut down all active vif entries */
1506 for (i = 0; i < mrt->maxvif; i++) {
1507 if (!all && (mrt->vif_table[i].flags & VIFF_STATIC))
1509 mif6_delete(mrt, i, 0, &list);
1511 unregister_netdevice_many(&list);
1513 /* Wipe the cache */
1514 list_for_each_entry_safe(c, tmp, &mrt->mfc_cache_list, list) {
1515 if (!all && (c->mfc_flags & MFC_STATIC))
1517 rhltable_remove(&mrt->mfc_hash, &c->mnode, ip6mr_rht_params);
1518 list_del_rcu(&c->list);
1519 call_ip6mr_mfc_entry_notifiers(read_pnet(&mrt->net),
1520 FIB_EVENT_ENTRY_DEL,
1521 (struct mfc6_cache *)c, mrt->id);
1522 mr6_netlink_event(mrt, (struct mfc6_cache *)c, RTM_DELROUTE);
1526 if (atomic_read(&mrt->cache_resolve_queue_len) != 0) {
1527 spin_lock_bh(&mfc_unres_lock);
1528 list_for_each_entry_safe(c, tmp, &mrt->mfc_unres_queue, list) {
1530 mr6_netlink_event(mrt, (struct mfc6_cache *)c,
1532 ip6mr_destroy_unres(mrt, (struct mfc6_cache *)c);
1534 spin_unlock_bh(&mfc_unres_lock);
1538 static int ip6mr_sk_init(struct mr_table *mrt, struct sock *sk)
1541 struct net *net = sock_net(sk);
1544 write_lock_bh(&mrt_lock);
1545 if (rtnl_dereference(mrt->mroute_sk)) {
1548 rcu_assign_pointer(mrt->mroute_sk, sk);
1549 sock_set_flag(sk, SOCK_RCU_FREE);
1550 net->ipv6.devconf_all->mc_forwarding++;
1552 write_unlock_bh(&mrt_lock);
1555 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF,
1556 NETCONFA_MC_FORWARDING,
1557 NETCONFA_IFINDEX_ALL,
1558 net->ipv6.devconf_all);
1564 int ip6mr_sk_done(struct sock *sk)
1567 struct net *net = sock_net(sk);
1568 struct mr_table *mrt;
1570 if (sk->sk_type != SOCK_RAW ||
1571 inet_sk(sk)->inet_num != IPPROTO_ICMPV6)
1575 ip6mr_for_each_table(mrt, net) {
1576 if (sk == rtnl_dereference(mrt->mroute_sk)) {
1577 write_lock_bh(&mrt_lock);
1578 RCU_INIT_POINTER(mrt->mroute_sk, NULL);
1579 /* Note that mroute_sk had SOCK_RCU_FREE set,
1580 * so the RCU grace period before sk freeing
1581 * is guaranteed by sk_destruct()
1583 net->ipv6.devconf_all->mc_forwarding--;
1584 write_unlock_bh(&mrt_lock);
1585 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF,
1586 NETCONFA_MC_FORWARDING,
1587 NETCONFA_IFINDEX_ALL,
1588 net->ipv6.devconf_all);
1590 mroute_clean_tables(mrt, false);
1600 bool mroute6_is_socket(struct net *net, struct sk_buff *skb)
1602 struct mr_table *mrt;
1603 struct flowi6 fl6 = {
1604 .flowi6_iif = skb->skb_iif ? : LOOPBACK_IFINDEX,
1605 .flowi6_oif = skb->dev->ifindex,
1606 .flowi6_mark = skb->mark,
1609 if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0)
1612 return rcu_access_pointer(mrt->mroute_sk);
1614 EXPORT_SYMBOL(mroute6_is_socket);
1617 * Socket options and virtual interface manipulation. The whole
1618 * virtual interface system is a complete heap, but unfortunately
1619 * that's how BSD mrouted happens to think. Maybe one day with a proper
1620 * MOSPF/PIM router set up we can clean this up.
1623 int ip6_mroute_setsockopt(struct sock *sk, int optname, char __user *optval, unsigned int optlen)
1625 int ret, parent = 0;
1629 struct net *net = sock_net(sk);
1630 struct mr_table *mrt;
1632 if (sk->sk_type != SOCK_RAW ||
1633 inet_sk(sk)->inet_num != IPPROTO_ICMPV6)
1636 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1640 if (optname != MRT6_INIT) {
1641 if (sk != rcu_access_pointer(mrt->mroute_sk) &&
1642 !ns_capable(net->user_ns, CAP_NET_ADMIN))
1648 if (optlen < sizeof(int))
1651 return ip6mr_sk_init(mrt, sk);
1654 return ip6mr_sk_done(sk);
1657 if (optlen < sizeof(vif))
1659 if (copy_from_user(&vif, optval, sizeof(vif)))
1661 if (vif.mif6c_mifi >= MAXMIFS)
1664 ret = mif6_add(net, mrt, &vif,
1665 sk == rtnl_dereference(mrt->mroute_sk));
1670 if (optlen < sizeof(mifi_t))
1672 if (copy_from_user(&mifi, optval, sizeof(mifi_t)))
1675 ret = mif6_delete(mrt, mifi, 0, NULL);
1680 * Manipulate the forwarding caches. These live
1681 * in a sort of kernel/user symbiosis.
1687 case MRT6_ADD_MFC_PROXY:
1688 case MRT6_DEL_MFC_PROXY:
1689 if (optlen < sizeof(mfc))
1691 if (copy_from_user(&mfc, optval, sizeof(mfc)))
1694 parent = mfc.mf6cc_parent;
1696 if (optname == MRT6_DEL_MFC || optname == MRT6_DEL_MFC_PROXY)
1697 ret = ip6mr_mfc_delete(mrt, &mfc, parent);
1699 ret = ip6mr_mfc_add(net, mrt, &mfc,
1701 rtnl_dereference(mrt->mroute_sk),
1707 * Control PIM assert (to activate pim will activate assert)
1713 if (optlen != sizeof(v))
1715 if (get_user(v, (int __user *)optval))
1717 mrt->mroute_do_assert = v;
1721 #ifdef CONFIG_IPV6_PIMSM_V2
1726 if (optlen != sizeof(v))
1728 if (get_user(v, (int __user *)optval))
1733 if (v != mrt->mroute_do_pim) {
1734 mrt->mroute_do_pim = v;
1735 mrt->mroute_do_assert = v;
1742 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES
1747 if (optlen != sizeof(u32))
1749 if (get_user(v, (u32 __user *)optval))
1751 /* "pim6reg%u" should not exceed 16 bytes (IFNAMSIZ) */
1752 if (v != RT_TABLE_DEFAULT && v >= 100000000)
1754 if (sk == rcu_access_pointer(mrt->mroute_sk))
1759 mrt = ip6mr_new_table(net, v);
1763 raw6_sk(sk)->ip6mr_table = v;
1769 * Spurious command, or MRT6_VERSION which you cannot
1773 return -ENOPROTOOPT;
1778 * Getsock opt support for the multicast routing system.
1781 int ip6_mroute_getsockopt(struct sock *sk, int optname, char __user *optval,
1786 struct net *net = sock_net(sk);
1787 struct mr_table *mrt;
1789 if (sk->sk_type != SOCK_RAW ||
1790 inet_sk(sk)->inet_num != IPPROTO_ICMPV6)
1793 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1801 #ifdef CONFIG_IPV6_PIMSM_V2
1803 val = mrt->mroute_do_pim;
1807 val = mrt->mroute_do_assert;
1810 return -ENOPROTOOPT;
1813 if (get_user(olr, optlen))
1816 olr = min_t(int, olr, sizeof(int));
1820 if (put_user(olr, optlen))
1822 if (copy_to_user(optval, &val, olr))
1828 * The IP multicast ioctl support routines.
1831 int ip6mr_ioctl(struct sock *sk, int cmd, void __user *arg)
1833 struct sioc_sg_req6 sr;
1834 struct sioc_mif_req6 vr;
1835 struct vif_device *vif;
1836 struct mfc6_cache *c;
1837 struct net *net = sock_net(sk);
1838 struct mr_table *mrt;
1840 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1845 case SIOCGETMIFCNT_IN6:
1846 if (copy_from_user(&vr, arg, sizeof(vr)))
1848 if (vr.mifi >= mrt->maxvif)
1850 vr.mifi = array_index_nospec(vr.mifi, mrt->maxvif);
1851 read_lock(&mrt_lock);
1852 vif = &mrt->vif_table[vr.mifi];
1853 if (VIF_EXISTS(mrt, vr.mifi)) {
1854 vr.icount = vif->pkt_in;
1855 vr.ocount = vif->pkt_out;
1856 vr.ibytes = vif->bytes_in;
1857 vr.obytes = vif->bytes_out;
1858 read_unlock(&mrt_lock);
1860 if (copy_to_user(arg, &vr, sizeof(vr)))
1864 read_unlock(&mrt_lock);
1865 return -EADDRNOTAVAIL;
1866 case SIOCGETSGCNT_IN6:
1867 if (copy_from_user(&sr, arg, sizeof(sr)))
1871 c = ip6mr_cache_find(mrt, &sr.src.sin6_addr, &sr.grp.sin6_addr);
1873 sr.pktcnt = c->_c.mfc_un.res.pkt;
1874 sr.bytecnt = c->_c.mfc_un.res.bytes;
1875 sr.wrong_if = c->_c.mfc_un.res.wrong_if;
1878 if (copy_to_user(arg, &sr, sizeof(sr)))
1883 return -EADDRNOTAVAIL;
1885 return -ENOIOCTLCMD;
1889 #ifdef CONFIG_COMPAT
1890 struct compat_sioc_sg_req6 {
1891 struct sockaddr_in6 src;
1892 struct sockaddr_in6 grp;
1893 compat_ulong_t pktcnt;
1894 compat_ulong_t bytecnt;
1895 compat_ulong_t wrong_if;
1898 struct compat_sioc_mif_req6 {
1900 compat_ulong_t icount;
1901 compat_ulong_t ocount;
1902 compat_ulong_t ibytes;
1903 compat_ulong_t obytes;
1906 int ip6mr_compat_ioctl(struct sock *sk, unsigned int cmd, void __user *arg)
1908 struct compat_sioc_sg_req6 sr;
1909 struct compat_sioc_mif_req6 vr;
1910 struct vif_device *vif;
1911 struct mfc6_cache *c;
1912 struct net *net = sock_net(sk);
1913 struct mr_table *mrt;
1915 mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1920 case SIOCGETMIFCNT_IN6:
1921 if (copy_from_user(&vr, arg, sizeof(vr)))
1923 if (vr.mifi >= mrt->maxvif)
1925 vr.mifi = array_index_nospec(vr.mifi, mrt->maxvif);
1926 read_lock(&mrt_lock);
1927 vif = &mrt->vif_table[vr.mifi];
1928 if (VIF_EXISTS(mrt, vr.mifi)) {
1929 vr.icount = vif->pkt_in;
1930 vr.ocount = vif->pkt_out;
1931 vr.ibytes = vif->bytes_in;
1932 vr.obytes = vif->bytes_out;
1933 read_unlock(&mrt_lock);
1935 if (copy_to_user(arg, &vr, sizeof(vr)))
1939 read_unlock(&mrt_lock);
1940 return -EADDRNOTAVAIL;
1941 case SIOCGETSGCNT_IN6:
1942 if (copy_from_user(&sr, arg, sizeof(sr)))
1946 c = ip6mr_cache_find(mrt, &sr.src.sin6_addr, &sr.grp.sin6_addr);
1948 sr.pktcnt = c->_c.mfc_un.res.pkt;
1949 sr.bytecnt = c->_c.mfc_un.res.bytes;
1950 sr.wrong_if = c->_c.mfc_un.res.wrong_if;
1953 if (copy_to_user(arg, &sr, sizeof(sr)))
1958 return -EADDRNOTAVAIL;
1960 return -ENOIOCTLCMD;
1965 static inline int ip6mr_forward2_finish(struct net *net, struct sock *sk, struct sk_buff *skb)
1967 __IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
1968 IPSTATS_MIB_OUTFORWDATAGRAMS);
1969 __IP6_ADD_STATS(net, ip6_dst_idev(skb_dst(skb)),
1970 IPSTATS_MIB_OUTOCTETS, skb->len);
1971 return dst_output(net, sk, skb);
1975 * Processing handlers for ip6mr_forward
1978 static int ip6mr_forward2(struct net *net, struct mr_table *mrt,
1979 struct sk_buff *skb, int vifi)
1981 struct ipv6hdr *ipv6h;
1982 struct vif_device *vif = &mrt->vif_table[vifi];
1983 struct net_device *dev;
1984 struct dst_entry *dst;
1990 #ifdef CONFIG_IPV6_PIMSM_V2
1991 if (vif->flags & MIFF_REGISTER) {
1993 vif->bytes_out += skb->len;
1994 vif->dev->stats.tx_bytes += skb->len;
1995 vif->dev->stats.tx_packets++;
1996 ip6mr_cache_report(mrt, skb, vifi, MRT6MSG_WHOLEPKT);
2001 ipv6h = ipv6_hdr(skb);
2003 fl6 = (struct flowi6) {
2004 .flowi6_oif = vif->link,
2005 .daddr = ipv6h->daddr,
2008 dst = ip6_route_output(net, NULL, &fl6);
2015 skb_dst_set(skb, dst);
2018 * RFC1584 teaches, that DVMRP/PIM router must deliver packets locally
2019 * not only before forwarding, but after forwarding on all output
2020 * interfaces. It is clear, if mrouter runs a multicasting
2021 * program, it should receive packets not depending to what interface
2022 * program is joined.
2023 * If we will not make it, the program will have to join on all
2024 * interfaces. On the other hand, multihoming host (or router, but
2025 * not mrouter) cannot join to more than one interface - it will
2026 * result in receiving multiple packets.
2031 vif->bytes_out += skb->len;
2033 /* We are about to write */
2034 /* XXX: extension headers? */
2035 if (skb_cow(skb, sizeof(*ipv6h) + LL_RESERVED_SPACE(dev)))
2038 ipv6h = ipv6_hdr(skb);
2041 IP6CB(skb)->flags |= IP6SKB_FORWARDED;
2043 return NF_HOOK(NFPROTO_IPV6, NF_INET_FORWARD,
2044 net, NULL, skb, skb->dev, dev,
2045 ip6mr_forward2_finish);
2052 static int ip6mr_find_vif(struct mr_table *mrt, struct net_device *dev)
2056 for (ct = mrt->maxvif - 1; ct >= 0; ct--) {
2057 if (mrt->vif_table[ct].dev == dev)
2063 static void ip6_mr_forward(struct net *net, struct mr_table *mrt,
2064 struct net_device *dev, struct sk_buff *skb,
2065 struct mfc6_cache *c)
2069 int true_vifi = ip6mr_find_vif(mrt, dev);
2071 vif = c->_c.mfc_parent;
2072 c->_c.mfc_un.res.pkt++;
2073 c->_c.mfc_un.res.bytes += skb->len;
2074 c->_c.mfc_un.res.lastuse = jiffies;
2076 if (ipv6_addr_any(&c->mf6c_origin) && true_vifi >= 0) {
2077 struct mfc6_cache *cache_proxy;
2079 /* For an (*,G) entry, we only check that the incoming
2080 * interface is part of the static tree.
2083 cache_proxy = mr_mfc_find_any_parent(mrt, vif);
2085 cache_proxy->_c.mfc_un.res.ttls[true_vifi] < 255) {
2093 * Wrong interface: drop packet and (maybe) send PIM assert.
2095 if (mrt->vif_table[vif].dev != dev) {
2096 c->_c.mfc_un.res.wrong_if++;
2098 if (true_vifi >= 0 && mrt->mroute_do_assert &&
2099 /* pimsm uses asserts, when switching from RPT to SPT,
2100 so that we cannot check that packet arrived on an oif.
2101 It is bad, but otherwise we would need to move pretty
2102 large chunk of pimd to kernel. Ough... --ANK
2104 (mrt->mroute_do_pim ||
2105 c->_c.mfc_un.res.ttls[true_vifi] < 255) &&
2107 c->_c.mfc_un.res.last_assert +
2108 MFC_ASSERT_THRESH)) {
2109 c->_c.mfc_un.res.last_assert = jiffies;
2110 ip6mr_cache_report(mrt, skb, true_vifi, MRT6MSG_WRONGMIF);
2116 mrt->vif_table[vif].pkt_in++;
2117 mrt->vif_table[vif].bytes_in += skb->len;
2122 if (ipv6_addr_any(&c->mf6c_origin) &&
2123 ipv6_addr_any(&c->mf6c_mcastgrp)) {
2124 if (true_vifi >= 0 &&
2125 true_vifi != c->_c.mfc_parent &&
2126 ipv6_hdr(skb)->hop_limit >
2127 c->_c.mfc_un.res.ttls[c->_c.mfc_parent]) {
2128 /* It's an (*,*) entry and the packet is not coming from
2129 * the upstream: forward the packet to the upstream
2132 psend = c->_c.mfc_parent;
2137 for (ct = c->_c.mfc_un.res.maxvif - 1;
2138 ct >= c->_c.mfc_un.res.minvif; ct--) {
2139 /* For (*,G) entry, don't forward to the incoming interface */
2140 if ((!ipv6_addr_any(&c->mf6c_origin) || ct != true_vifi) &&
2141 ipv6_hdr(skb)->hop_limit > c->_c.mfc_un.res.ttls[ct]) {
2143 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
2145 ip6mr_forward2(net, mrt, skb2, psend);
2152 ip6mr_forward2(net, mrt, skb, psend);
2162 * Multicast packets for forwarding arrive here
2165 int ip6_mr_input(struct sk_buff *skb)
2167 struct mfc6_cache *cache;
2168 struct net *net = dev_net(skb->dev);
2169 struct mr_table *mrt;
2170 struct flowi6 fl6 = {
2171 .flowi6_iif = skb->dev->ifindex,
2172 .flowi6_mark = skb->mark,
2175 struct net_device *dev;
2177 /* skb->dev passed in is the master dev for vrfs.
2178 * Get the proper interface that does have a vif associated with it.
2181 if (netif_is_l3_master(skb->dev)) {
2182 dev = dev_get_by_index_rcu(net, IPCB(skb)->iif);
2189 err = ip6mr_fib_lookup(net, &fl6, &mrt);
2195 read_lock(&mrt_lock);
2196 cache = ip6mr_cache_find(mrt,
2197 &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr);
2199 int vif = ip6mr_find_vif(mrt, dev);
2202 cache = ip6mr_cache_find_any(mrt,
2203 &ipv6_hdr(skb)->daddr,
2208 * No usable cache entry
2213 vif = ip6mr_find_vif(mrt, dev);
2215 int err = ip6mr_cache_unresolved(mrt, vif, skb, dev);
2216 read_unlock(&mrt_lock);
2220 read_unlock(&mrt_lock);
2225 ip6_mr_forward(net, mrt, dev, skb, cache);
2227 read_unlock(&mrt_lock);
2232 int ip6mr_get_route(struct net *net, struct sk_buff *skb, struct rtmsg *rtm,
2236 struct mr_table *mrt;
2237 struct mfc6_cache *cache;
2238 struct rt6_info *rt = (struct rt6_info *)skb_dst(skb);
2240 mrt = ip6mr_get_table(net, RT6_TABLE_DFLT);
2244 read_lock(&mrt_lock);
2245 cache = ip6mr_cache_find(mrt, &rt->rt6i_src.addr, &rt->rt6i_dst.addr);
2246 if (!cache && skb->dev) {
2247 int vif = ip6mr_find_vif(mrt, skb->dev);
2250 cache = ip6mr_cache_find_any(mrt, &rt->rt6i_dst.addr,
2255 struct sk_buff *skb2;
2256 struct ipv6hdr *iph;
2257 struct net_device *dev;
2261 if (!dev || (vif = ip6mr_find_vif(mrt, dev)) < 0) {
2262 read_unlock(&mrt_lock);
2266 /* really correct? */
2267 skb2 = alloc_skb(sizeof(struct ipv6hdr), GFP_ATOMIC);
2269 read_unlock(&mrt_lock);
2273 NETLINK_CB(skb2).portid = portid;
2274 skb_reset_transport_header(skb2);
2276 skb_put(skb2, sizeof(struct ipv6hdr));
2277 skb_reset_network_header(skb2);
2279 iph = ipv6_hdr(skb2);
2282 iph->flow_lbl[0] = 0;
2283 iph->flow_lbl[1] = 0;
2284 iph->flow_lbl[2] = 0;
2285 iph->payload_len = 0;
2286 iph->nexthdr = IPPROTO_NONE;
2288 iph->saddr = rt->rt6i_src.addr;
2289 iph->daddr = rt->rt6i_dst.addr;
2291 err = ip6mr_cache_unresolved(mrt, vif, skb2, dev);
2292 read_unlock(&mrt_lock);
2297 err = mr_fill_mroute(mrt, skb, &cache->_c, rtm);
2298 read_unlock(&mrt_lock);
2302 static int ip6mr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb,
2303 u32 portid, u32 seq, struct mfc6_cache *c, int cmd,
2306 struct nlmsghdr *nlh;
2310 nlh = nlmsg_put(skb, portid, seq, cmd, sizeof(*rtm), flags);
2314 rtm = nlmsg_data(nlh);
2315 rtm->rtm_family = RTNL_FAMILY_IP6MR;
2316 rtm->rtm_dst_len = 128;
2317 rtm->rtm_src_len = 128;
2319 rtm->rtm_table = mrt->id;
2320 if (nla_put_u32(skb, RTA_TABLE, mrt->id))
2321 goto nla_put_failure;
2322 rtm->rtm_type = RTN_MULTICAST;
2323 rtm->rtm_scope = RT_SCOPE_UNIVERSE;
2324 if (c->_c.mfc_flags & MFC_STATIC)
2325 rtm->rtm_protocol = RTPROT_STATIC;
2327 rtm->rtm_protocol = RTPROT_MROUTED;
2330 if (nla_put_in6_addr(skb, RTA_SRC, &c->mf6c_origin) ||
2331 nla_put_in6_addr(skb, RTA_DST, &c->mf6c_mcastgrp))
2332 goto nla_put_failure;
2333 err = mr_fill_mroute(mrt, skb, &c->_c, rtm);
2334 /* do not break the dump if cache is unresolved */
2335 if (err < 0 && err != -ENOENT)
2336 goto nla_put_failure;
2338 nlmsg_end(skb, nlh);
2342 nlmsg_cancel(skb, nlh);
2346 static int _ip6mr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb,
2347 u32 portid, u32 seq, struct mr_mfc *c,
2350 return ip6mr_fill_mroute(mrt, skb, portid, seq, (struct mfc6_cache *)c,
2354 static int mr6_msgsize(bool unresolved, int maxvif)
2357 NLMSG_ALIGN(sizeof(struct rtmsg))
2358 + nla_total_size(4) /* RTA_TABLE */
2359 + nla_total_size(sizeof(struct in6_addr)) /* RTA_SRC */
2360 + nla_total_size(sizeof(struct in6_addr)) /* RTA_DST */
2365 + nla_total_size(4) /* RTA_IIF */
2366 + nla_total_size(0) /* RTA_MULTIPATH */
2367 + maxvif * NLA_ALIGN(sizeof(struct rtnexthop))
2369 + nla_total_size_64bit(sizeof(struct rta_mfc_stats))
2375 static void mr6_netlink_event(struct mr_table *mrt, struct mfc6_cache *mfc,
2378 struct net *net = read_pnet(&mrt->net);
2379 struct sk_buff *skb;
2382 skb = nlmsg_new(mr6_msgsize(mfc->_c.mfc_parent >= MAXMIFS, mrt->maxvif),
2387 err = ip6mr_fill_mroute(mrt, skb, 0, 0, mfc, cmd, 0);
2391 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_MROUTE, NULL, GFP_ATOMIC);
2397 rtnl_set_sk_err(net, RTNLGRP_IPV6_MROUTE, err);
2400 static size_t mrt6msg_netlink_msgsize(size_t payloadlen)
2403 NLMSG_ALIGN(sizeof(struct rtgenmsg))
2404 + nla_total_size(1) /* IP6MRA_CREPORT_MSGTYPE */
2405 + nla_total_size(4) /* IP6MRA_CREPORT_MIF_ID */
2406 /* IP6MRA_CREPORT_SRC_ADDR */
2407 + nla_total_size(sizeof(struct in6_addr))
2408 /* IP6MRA_CREPORT_DST_ADDR */
2409 + nla_total_size(sizeof(struct in6_addr))
2410 /* IP6MRA_CREPORT_PKT */
2411 + nla_total_size(payloadlen)
2417 static void mrt6msg_netlink_event(struct mr_table *mrt, struct sk_buff *pkt)
2419 struct net *net = read_pnet(&mrt->net);
2420 struct nlmsghdr *nlh;
2421 struct rtgenmsg *rtgenm;
2422 struct mrt6msg *msg;
2423 struct sk_buff *skb;
2427 payloadlen = pkt->len - sizeof(struct mrt6msg);
2428 msg = (struct mrt6msg *)skb_transport_header(pkt);
2430 skb = nlmsg_new(mrt6msg_netlink_msgsize(payloadlen), GFP_ATOMIC);
2434 nlh = nlmsg_put(skb, 0, 0, RTM_NEWCACHEREPORT,
2435 sizeof(struct rtgenmsg), 0);
2438 rtgenm = nlmsg_data(nlh);
2439 rtgenm->rtgen_family = RTNL_FAMILY_IP6MR;
2440 if (nla_put_u8(skb, IP6MRA_CREPORT_MSGTYPE, msg->im6_msgtype) ||
2441 nla_put_u32(skb, IP6MRA_CREPORT_MIF_ID, msg->im6_mif) ||
2442 nla_put_in6_addr(skb, IP6MRA_CREPORT_SRC_ADDR,
2444 nla_put_in6_addr(skb, IP6MRA_CREPORT_DST_ADDR,
2446 goto nla_put_failure;
2448 nla = nla_reserve(skb, IP6MRA_CREPORT_PKT, payloadlen);
2449 if (!nla || skb_copy_bits(pkt, sizeof(struct mrt6msg),
2450 nla_data(nla), payloadlen))
2451 goto nla_put_failure;
2453 nlmsg_end(skb, nlh);
2455 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_MROUTE_R, NULL, GFP_ATOMIC);
2459 nlmsg_cancel(skb, nlh);
2462 rtnl_set_sk_err(net, RTNLGRP_IPV6_MROUTE_R, -ENOBUFS);
2465 static int ip6mr_rtm_dumproute(struct sk_buff *skb, struct netlink_callback *cb)
2467 const struct nlmsghdr *nlh = cb->nlh;
2468 struct fib_dump_filter filter = {};
2471 if (cb->strict_check) {
2472 err = ip_valid_fib_dump_req(sock_net(skb->sk), nlh,
2478 if (filter.table_id) {
2479 struct mr_table *mrt;
2481 mrt = ip6mr_get_table(sock_net(skb->sk), filter.table_id);
2483 if (filter.dump_all_families)
2486 NL_SET_ERR_MSG_MOD(cb->extack, "MR table does not exist");
2489 err = mr_table_dump(mrt, skb, cb, _ip6mr_fill_mroute,
2490 &mfc_unres_lock, &filter);
2491 return skb->len ? : err;
2494 return mr_rtm_dumproute(skb, cb, ip6mr_mr_table_iter,
2495 _ip6mr_fill_mroute, &mfc_unres_lock, &filter);
OSDN Git Service
