]> bbs.cooldavid.org Git - net-next-2.6.git/blame_incremental - net/ipv4/ipmr.c
git://bbs.cooldavid.org / net-next-2.6.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
netfilter: bridge: use NFPROTO values for NF_HOOK invocation
[net-next-2.6.git] / net / ipv4 / ipmr.c
... / ...
CommitLineData
1/*
2 * IP multicast routing support for mrouted 3.6/3.8
3 *
4 * (c) 1995 Alan Cox, <alan@lxorguk.ukuu.org.uk>
5 * Linux Consultancy and Custom Driver Development
6 *
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version
10 * 2 of the License, or (at your option) any later version.
11 *
12 * Fixes:
13 * Michael Chastain : Incorrect size of copying.
14 * Alan Cox : Added the cache manager code
15 * Alan Cox : Fixed the clone/copy bug and device race.
16 * Mike McLagan : Routing by source
17 * Malcolm Beattie : Buffer handling fixes.
18 * Alexey Kuznetsov : Double buffer free and other fixes.
19 * SVR Anand : Fixed several multicast bugs and problems.
20 * Alexey Kuznetsov : Status, optimisations and more.
21 * Brad Parker : Better behaviour on mrouted upcall
22 * overflow.
23 * Carlos Picoto : PIMv1 Support
24 * Pavlin Ivanov Radoslavov: PIMv2 Registers must checksum only PIM header
25 * Relax this requrement to work with older peers.
26 *
27 */
28
29#include <asm/system.h>
30#include <asm/uaccess.h>
31#include <linux/types.h>
32#include <linux/capability.h>
33#include <linux/errno.h>
34#include <linux/timer.h>
35#include <linux/mm.h>
36#include <linux/kernel.h>
37#include <linux/fcntl.h>
38#include <linux/stat.h>
39#include <linux/socket.h>
40#include <linux/in.h>
41#include <linux/inet.h>
42#include <linux/netdevice.h>
43#include <linux/inetdevice.h>
44#include <linux/igmp.h>
45#include <linux/proc_fs.h>
46#include <linux/seq_file.h>
47#include <linux/mroute.h>
48#include <linux/init.h>
49#include <linux/if_ether.h>
50#include <net/net_namespace.h>
51#include <net/ip.h>
52#include <net/protocol.h>
53#include <linux/skbuff.h>
54#include <net/route.h>
55#include <net/sock.h>
56#include <net/icmp.h>
57#include <net/udp.h>
58#include <net/raw.h>
59#include <linux/notifier.h>
60#include <linux/if_arp.h>
61#include <linux/netfilter_ipv4.h>
62#include <net/ipip.h>
63#include <net/checksum.h>
64#include <net/netlink.h>
65
66#if defined(CONFIG_IP_PIMSM_V1) || defined(CONFIG_IP_PIMSM_V2)
67#define CONFIG_IP_PIMSM 1
68#endif
69
70/* Big lock, protecting vif table, mrt cache and mroute socket state.
71 Note that the changes are semaphored via rtnl_lock.
72 */
73
74static DEFINE_RWLOCK(mrt_lock);
75
76/*
77 * Multicast router control variables
78 */
79
80#define VIF_EXISTS(_net, _idx) ((_net)->ipv4.vif_table[_idx].dev != NULL)
81
82static struct mfc_cache *mfc_unres_queue; /* Queue of unresolved entries */
83
84/* Special spinlock for queue of unresolved entries */
85static DEFINE_SPINLOCK(mfc_unres_lock);
86
87/* We return to original Alan's scheme. Hash table of resolved
88 entries is changed only in process context and protected
89 with weak lock mrt_lock. Queue of unresolved entries is protected
90 with strong spinlock mfc_unres_lock.
91
92 In this case data path is free of exclusive locks at all.
93 */
94
95static struct kmem_cache *mrt_cachep __read_mostly;
96
97static int ip_mr_forward(struct sk_buff *skb, struct mfc_cache *cache, int local);
98static int ipmr_cache_report(struct net *net,
99 struct sk_buff *pkt, vifi_t vifi, int assert);
100static int ipmr_fill_mroute(struct sk_buff *skb, struct mfc_cache *c, struct rtmsg *rtm);
101
102static struct timer_list ipmr_expire_timer;
103
104/* Service routines creating virtual interfaces: DVMRP tunnels and PIMREG */
105
106static void ipmr_del_tunnel(struct net_device *dev, struct vifctl *v)
107{
108 struct net *net = dev_net(dev);
109
110 dev_close(dev);
111
112 dev = __dev_get_by_name(net, "tunl0");
113 if (dev) {
114 const struct net_device_ops *ops = dev->netdev_ops;
115 struct ifreq ifr;
116 struct ip_tunnel_parm p;
117
118 memset(&p, 0, sizeof(p));
119 p.iph.daddr = v->vifc_rmt_addr.s_addr;
120 p.iph.saddr = v->vifc_lcl_addr.s_addr;
121 p.iph.version = 4;
122 p.iph.ihl = 5;
123 p.iph.protocol = IPPROTO_IPIP;
124 sprintf(p.name, "dvmrp%d", v->vifc_vifi);
125 ifr.ifr_ifru.ifru_data = (__force void __user *)&p;
126
127 if (ops->ndo_do_ioctl) {
128 mm_segment_t oldfs = get_fs();
129
130 set_fs(KERNEL_DS);
131 ops->ndo_do_ioctl(dev, &ifr, SIOCDELTUNNEL);
132 set_fs(oldfs);
133 }
134 }
135}
136
137static
138struct net_device *ipmr_new_tunnel(struct net *net, struct vifctl *v)
139{
140 struct net_device *dev;
141
142 dev = __dev_get_by_name(net, "tunl0");
143
144 if (dev) {
145 const struct net_device_ops *ops = dev->netdev_ops;
146 int err;
147 struct ifreq ifr;
148 struct ip_tunnel_parm p;
149 struct in_device *in_dev;
150
151 memset(&p, 0, sizeof(p));
152 p.iph.daddr = v->vifc_rmt_addr.s_addr;
153 p.iph.saddr = v->vifc_lcl_addr.s_addr;
154 p.iph.version = 4;
155 p.iph.ihl = 5;
156 p.iph.protocol = IPPROTO_IPIP;
157 sprintf(p.name, "dvmrp%d", v->vifc_vifi);
158 ifr.ifr_ifru.ifru_data = (__force void __user *)&p;
159
160 if (ops->ndo_do_ioctl) {
161 mm_segment_t oldfs = get_fs();
162
163 set_fs(KERNEL_DS);
164 err = ops->ndo_do_ioctl(dev, &ifr, SIOCADDTUNNEL);
165 set_fs(oldfs);
166 } else
167 err = -EOPNOTSUPP;
168
169 dev = NULL;
170
171 if (err == 0 &&
172 (dev = __dev_get_by_name(net, p.name)) != NULL) {
173 dev->flags |= IFF_MULTICAST;
174
175 in_dev = __in_dev_get_rtnl(dev);
176 if (in_dev == NULL)
177 goto failure;
178
179 ipv4_devconf_setall(in_dev);
180 IPV4_DEVCONF(in_dev->cnf, RP_FILTER) = 0;
181
182 if (dev_open(dev))
183 goto failure;
184 dev_hold(dev);
185 }
186 }
187 return dev;
188
189failure:
190 /* allow the register to be completed before unregistering. */
191 rtnl_unlock();
192 rtnl_lock();
193
194 unregister_netdevice(dev);
195 return NULL;
196}
197
198#ifdef CONFIG_IP_PIMSM
199
200static netdev_tx_t reg_vif_xmit(struct sk_buff *skb, struct net_device *dev)
201{
202 struct net *net = dev_net(dev);
203
204 read_lock(&mrt_lock);
205 dev->stats.tx_bytes += skb->len;
206 dev->stats.tx_packets++;
207 ipmr_cache_report(net, skb, net->ipv4.mroute_reg_vif_num,
208 IGMPMSG_WHOLEPKT);
209 read_unlock(&mrt_lock);
210 kfree_skb(skb);
211 return NETDEV_TX_OK;
212}
213
214static const struct net_device_ops reg_vif_netdev_ops = {
215 .ndo_start_xmit = reg_vif_xmit,
216};
217
218static void reg_vif_setup(struct net_device *dev)
219{
220 dev->type = ARPHRD_PIMREG;
221 dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr) - 8;
222 dev->flags = IFF_NOARP;
223 dev->netdev_ops = &reg_vif_netdev_ops,
224 dev->destructor = free_netdev;
225 dev->features |= NETIF_F_NETNS_LOCAL;
226}
227
228static struct net_device *ipmr_reg_vif(struct net *net)
229{
230 struct net_device *dev;
231 struct in_device *in_dev;
232
233 dev = alloc_netdev(0, "pimreg", reg_vif_setup);
234
235 if (dev == NULL)
236 return NULL;
237
238 dev_net_set(dev, net);
239
240 if (register_netdevice(dev)) {
241 free_netdev(dev);
242 return NULL;
243 }
244 dev->iflink = 0;
245
246 rcu_read_lock();
247 if ((in_dev = __in_dev_get_rcu(dev)) == NULL) {
248 rcu_read_unlock();
249 goto failure;
250 }
251
252 ipv4_devconf_setall(in_dev);
253 IPV4_DEVCONF(in_dev->cnf, RP_FILTER) = 0;
254 rcu_read_unlock();
255
256 if (dev_open(dev))
257 goto failure;
258
259 dev_hold(dev);
260
261 return dev;
262
263failure:
264 /* allow the register to be completed before unregistering. */
265 rtnl_unlock();
266 rtnl_lock();
267
268 unregister_netdevice(dev);
269 return NULL;
270}
271#endif
272
273/*
274 * Delete a VIF entry
275 * @notify: Set to 1, if the caller is a notifier_call
276 */
277
278static int vif_delete(struct net *net, int vifi, int notify,
279 struct list_head *head)
280{
281 struct vif_device *v;
282 struct net_device *dev;
283 struct in_device *in_dev;
284
285 if (vifi < 0 || vifi >= net->ipv4.maxvif)
286 return -EADDRNOTAVAIL;
287
288 v = &net->ipv4.vif_table[vifi];
289
290 write_lock_bh(&mrt_lock);
291 dev = v->dev;
292 v->dev = NULL;
293
294 if (!dev) {
295 write_unlock_bh(&mrt_lock);
296 return -EADDRNOTAVAIL;
297 }
298
299#ifdef CONFIG_IP_PIMSM
300 if (vifi == net->ipv4.mroute_reg_vif_num)
301 net->ipv4.mroute_reg_vif_num = -1;
302#endif
303
304 if (vifi+1 == net->ipv4.maxvif) {
305 int tmp;
306 for (tmp=vifi-1; tmp>=0; tmp--) {
307 if (VIF_EXISTS(net, tmp))
308 break;
309 }
310 net->ipv4.maxvif = tmp+1;
311 }
312
313 write_unlock_bh(&mrt_lock);
314
315 dev_set_allmulti(dev, -1);
316
317 if ((in_dev = __in_dev_get_rtnl(dev)) != NULL) {
318 IPV4_DEVCONF(in_dev->cnf, MC_FORWARDING)--;
319 ip_rt_multicast_event(in_dev);
320 }
321
322 if (v->flags&(VIFF_TUNNEL|VIFF_REGISTER) && !notify)
323 unregister_netdevice_queue(dev, head);
324
325 dev_put(dev);
326 return 0;
327}
328
329static inline void ipmr_cache_free(struct mfc_cache *c)
330{
331 release_net(mfc_net(c));
332 kmem_cache_free(mrt_cachep, c);
333}
334
335/* Destroy an unresolved cache entry, killing queued skbs
336 and reporting error to netlink readers.
337 */
338
339static void ipmr_destroy_unres(struct mfc_cache *c)
340{
341 struct sk_buff *skb;
342 struct nlmsgerr *e;
343 struct net *net = mfc_net(c);
344
345 atomic_dec(&net->ipv4.cache_resolve_queue_len);
346
347 while ((skb = skb_dequeue(&c->mfc_un.unres.unresolved))) {
348 if (ip_hdr(skb)->version == 0) {
349 struct nlmsghdr *nlh = (struct nlmsghdr *)skb_pull(skb, sizeof(struct iphdr));
350 nlh->nlmsg_type = NLMSG_ERROR;
351 nlh->nlmsg_len = NLMSG_LENGTH(sizeof(struct nlmsgerr));
352 skb_trim(skb, nlh->nlmsg_len);
353 e = NLMSG_DATA(nlh);
354 e->error = -ETIMEDOUT;
355 memset(&e->msg, 0, sizeof(e->msg));
356
357 rtnl_unicast(skb, net, NETLINK_CB(skb).pid);
358 } else
359 kfree_skb(skb);
360 }
361
362 ipmr_cache_free(c);
363}
364
365
366/* Single timer process for all the unresolved queue. */
367
368static void ipmr_expire_process(unsigned long dummy)
369{
370 unsigned long now;
371 unsigned long expires;
372 struct mfc_cache *c, **cp;
373
374 if (!spin_trylock(&mfc_unres_lock)) {
375 mod_timer(&ipmr_expire_timer, jiffies+HZ/10);
376 return;
377 }
378
379 if (mfc_unres_queue == NULL)
380 goto out;
381
382 now = jiffies;
383 expires = 10*HZ;
384 cp = &mfc_unres_queue;
385
386 while ((c=*cp) != NULL) {
387 if (time_after(c->mfc_un.unres.expires, now)) {
388 unsigned long interval = c->mfc_un.unres.expires - now;
389 if (interval < expires)
390 expires = interval;
391 cp = &c->next;
392 continue;
393 }
394
395 *cp = c->next;
396
397 ipmr_destroy_unres(c);
398 }
399
400 if (mfc_unres_queue != NULL)
401 mod_timer(&ipmr_expire_timer, jiffies + expires);
402
403out:
404 spin_unlock(&mfc_unres_lock);
405}
406
407/* Fill oifs list. It is called under write locked mrt_lock. */
408
409static void ipmr_update_thresholds(struct mfc_cache *cache, unsigned char *ttls)
410{
411 int vifi;
412 struct net *net = mfc_net(cache);
413
414 cache->mfc_un.res.minvif = MAXVIFS;
415 cache->mfc_un.res.maxvif = 0;
416 memset(cache->mfc_un.res.ttls, 255, MAXVIFS);
417
418 for (vifi = 0; vifi < net->ipv4.maxvif; vifi++) {
419 if (VIF_EXISTS(net, vifi) &&
420 ttls[vifi] && ttls[vifi] < 255) {
421 cache->mfc_un.res.ttls[vifi] = ttls[vifi];
422 if (cache->mfc_un.res.minvif > vifi)
423 cache->mfc_un.res.minvif = vifi;
424 if (cache->mfc_un.res.maxvif <= vifi)
425 cache->mfc_un.res.maxvif = vifi + 1;
426 }
427 }
428}
429
430static int vif_add(struct net *net, struct vifctl *vifc, int mrtsock)
431{
432 int vifi = vifc->vifc_vifi;
433 struct vif_device *v = &net->ipv4.vif_table[vifi];
434 struct net_device *dev;
435 struct in_device *in_dev;
436 int err;
437
438 /* Is vif busy ? */
439 if (VIF_EXISTS(net, vifi))
440 return -EADDRINUSE;
441
442 switch (vifc->vifc_flags) {
443#ifdef CONFIG_IP_PIMSM
444 case VIFF_REGISTER:
445 /*
446 * Special Purpose VIF in PIM
447 * All the packets will be sent to the daemon
448 */
449 if (net->ipv4.mroute_reg_vif_num >= 0)
450 return -EADDRINUSE;
451 dev = ipmr_reg_vif(net);
452 if (!dev)
453 return -ENOBUFS;
454 err = dev_set_allmulti(dev, 1);
455 if (err) {
456 unregister_netdevice(dev);
457 dev_put(dev);
458 return err;
459 }
460 break;
461#endif
462 case VIFF_TUNNEL:
463 dev = ipmr_new_tunnel(net, vifc);
464 if (!dev)
465 return -ENOBUFS;
466 err = dev_set_allmulti(dev, 1);
467 if (err) {
468 ipmr_del_tunnel(dev, vifc);
469 dev_put(dev);
470 return err;
471 }
472 break;
473
474 case VIFF_USE_IFINDEX:
475 case 0:
476 if (vifc->vifc_flags == VIFF_USE_IFINDEX) {
477 dev = dev_get_by_index(net, vifc->vifc_lcl_ifindex);
478 if (dev && dev->ip_ptr == NULL) {
479 dev_put(dev);
480 return -EADDRNOTAVAIL;
481 }
482 } else
483 dev = ip_dev_find(net, vifc->vifc_lcl_addr.s_addr);
484
485 if (!dev)
486 return -EADDRNOTAVAIL;
487 err = dev_set_allmulti(dev, 1);
488 if (err) {
489 dev_put(dev);
490 return err;
491 }
492 break;
493 default:
494 return -EINVAL;
495 }
496
497 if ((in_dev = __in_dev_get_rtnl(dev)) == NULL) {
498 dev_put(dev);
499 return -EADDRNOTAVAIL;
500 }
501 IPV4_DEVCONF(in_dev->cnf, MC_FORWARDING)++;
502 ip_rt_multicast_event(in_dev);
503
504 /*
505 * Fill in the VIF structures
506 */
507 v->rate_limit = vifc->vifc_rate_limit;
508 v->local = vifc->vifc_lcl_addr.s_addr;
509 v->remote = vifc->vifc_rmt_addr.s_addr;
510 v->flags = vifc->vifc_flags;
511 if (!mrtsock)
512 v->flags |= VIFF_STATIC;
513 v->threshold = vifc->vifc_threshold;
514 v->bytes_in = 0;
515 v->bytes_out = 0;
516 v->pkt_in = 0;
517 v->pkt_out = 0;
518 v->link = dev->ifindex;
519 if (v->flags&(VIFF_TUNNEL|VIFF_REGISTER))
520 v->link = dev->iflink;
521
522 /* And finish update writing critical data */
523 write_lock_bh(&mrt_lock);
524 v->dev = dev;
525#ifdef CONFIG_IP_PIMSM
526 if (v->flags&VIFF_REGISTER)
527 net->ipv4.mroute_reg_vif_num = vifi;
528#endif
529 if (vifi+1 > net->ipv4.maxvif)
530 net->ipv4.maxvif = vifi+1;
531 write_unlock_bh(&mrt_lock);
532 return 0;
533}
534
535static struct mfc_cache *ipmr_cache_find(struct net *net,
536 __be32 origin,
537 __be32 mcastgrp)
538{
539 int line = MFC_HASH(mcastgrp, origin);
540 struct mfc_cache *c;
541
542 for (c = net->ipv4.mfc_cache_array[line]; c; c = c->next) {
543 if (c->mfc_origin==origin && c->mfc_mcastgrp==mcastgrp)
544 break;
545 }
546 return c;
547}
548
549/*
550 * Allocate a multicast cache entry
551 */
552static struct mfc_cache *ipmr_cache_alloc(struct net *net)
553{
554 struct mfc_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_KERNEL);
555 if (c == NULL)
556 return NULL;
557 c->mfc_un.res.minvif = MAXVIFS;
558 mfc_net_set(c, net);
559 return c;
560}
561
562static struct mfc_cache *ipmr_cache_alloc_unres(struct net *net)
563{
564 struct mfc_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_ATOMIC);
565 if (c == NULL)
566 return NULL;
567 skb_queue_head_init(&c->mfc_un.unres.unresolved);
568 c->mfc_un.unres.expires = jiffies + 10*HZ;
569 mfc_net_set(c, net);
570 return c;
571}
572
573/*
574 * A cache entry has gone into a resolved state from queued
575 */
576
577static void ipmr_cache_resolve(struct mfc_cache *uc, struct mfc_cache *c)
578{
579 struct sk_buff *skb;
580 struct nlmsgerr *e;
581
582 /*
583 * Play the pending entries through our router
584 */
585
586 while ((skb = __skb_dequeue(&uc->mfc_un.unres.unresolved))) {
587 if (ip_hdr(skb)->version == 0) {
588 struct nlmsghdr *nlh = (struct nlmsghdr *)skb_pull(skb, sizeof(struct iphdr));
589
590 if (ipmr_fill_mroute(skb, c, NLMSG_DATA(nlh)) > 0) {
591 nlh->nlmsg_len = (skb_tail_pointer(skb) -
592 (u8 *)nlh);
593 } else {
594 nlh->nlmsg_type = NLMSG_ERROR;
595 nlh->nlmsg_len = NLMSG_LENGTH(sizeof(struct nlmsgerr));
596 skb_trim(skb, nlh->nlmsg_len);
597 e = NLMSG_DATA(nlh);
598 e->error = -EMSGSIZE;
599 memset(&e->msg, 0, sizeof(e->msg));
600 }
601
602 rtnl_unicast(skb, mfc_net(c), NETLINK_CB(skb).pid);
603 } else
604 ip_mr_forward(skb, c, 0);
605 }
606}
607
608/*
609 * Bounce a cache query up to mrouted. We could use netlink for this but mrouted
610 * expects the following bizarre scheme.
611 *
612 * Called under mrt_lock.
613 */
614
615static int ipmr_cache_report(struct net *net,
616 struct sk_buff *pkt, vifi_t vifi, int assert)
617{
618 struct sk_buff *skb;
619 const int ihl = ip_hdrlen(pkt);
620 struct igmphdr *igmp;
621 struct igmpmsg *msg;
622 int ret;
623
624#ifdef CONFIG_IP_PIMSM
625 if (assert == IGMPMSG_WHOLEPKT)
626 skb = skb_realloc_headroom(pkt, sizeof(struct iphdr));
627 else
628#endif
629 skb = alloc_skb(128, GFP_ATOMIC);
630
631 if (!skb)
632 return -ENOBUFS;
633
634#ifdef CONFIG_IP_PIMSM
635 if (assert == IGMPMSG_WHOLEPKT) {
636 /* Ugly, but we have no choice with this interface.
637 Duplicate old header, fix ihl, length etc.
638 And all this only to mangle msg->im_msgtype and
639 to set msg->im_mbz to "mbz" :-)
640 */
641 skb_push(skb, sizeof(struct iphdr));
642 skb_reset_network_header(skb);
643 skb_reset_transport_header(skb);
644 msg = (struct igmpmsg *)skb_network_header(skb);
645 memcpy(msg, skb_network_header(pkt), sizeof(struct iphdr));
646 msg->im_msgtype = IGMPMSG_WHOLEPKT;
647 msg->im_mbz = 0;
648 msg->im_vif = net->ipv4.mroute_reg_vif_num;
649 ip_hdr(skb)->ihl = sizeof(struct iphdr) >> 2;
650 ip_hdr(skb)->tot_len = htons(ntohs(ip_hdr(pkt)->tot_len) +
651 sizeof(struct iphdr));
652 } else
653#endif
654 {
655
656 /*
657 * Copy the IP header
658 */
659
660 skb->network_header = skb->tail;
661 skb_put(skb, ihl);
662 skb_copy_to_linear_data(skb, pkt->data, ihl);
663 ip_hdr(skb)->protocol = 0; /* Flag to the kernel this is a route add */
664 msg = (struct igmpmsg *)skb_network_header(skb);
665 msg->im_vif = vifi;
666 skb_dst_set(skb, dst_clone(skb_dst(pkt)));
667
668 /*
669 * Add our header
670 */
671
672 igmp=(struct igmphdr *)skb_put(skb, sizeof(struct igmphdr));
673 igmp->type =
674 msg->im_msgtype = assert;
675 igmp->code = 0;
676 ip_hdr(skb)->tot_len = htons(skb->len); /* Fix the length */
677 skb->transport_header = skb->network_header;
678 }
679
680 if (net->ipv4.mroute_sk == NULL) {
681 kfree_skb(skb);
682 return -EINVAL;
683 }
684
685 /*
686 * Deliver to mrouted
687 */
688 ret = sock_queue_rcv_skb(net->ipv4.mroute_sk, skb);
689 if (ret < 0) {
690 if (net_ratelimit())
691 printk(KERN_WARNING "mroute: pending queue full, dropping entries.\n");
692 kfree_skb(skb);
693 }
694
695 return ret;
696}
697
698/*
699 * Queue a packet for resolution. It gets locked cache entry!
700 */
701
702static int
703ipmr_cache_unresolved(struct net *net, vifi_t vifi, struct sk_buff *skb)
704{
705 int err;
706 struct mfc_cache *c;
707 const struct iphdr *iph = ip_hdr(skb);
708
709 spin_lock_bh(&mfc_unres_lock);
710 for (c=mfc_unres_queue; c; c=c->next) {
711 if (net_eq(mfc_net(c), net) &&
712 c->mfc_mcastgrp == iph->daddr &&
713 c->mfc_origin == iph->saddr)
714 break;
715 }
716
717 if (c == NULL) {
718 /*
719 * Create a new entry if allowable
720 */
721
722 if (atomic_read(&net->ipv4.cache_resolve_queue_len) >= 10 ||
723 (c = ipmr_cache_alloc_unres(net)) == NULL) {
724 spin_unlock_bh(&mfc_unres_lock);
725
726 kfree_skb(skb);
727 return -ENOBUFS;
728 }
729
730 /*
731 * Fill in the new cache entry
732 */
733 c->mfc_parent = -1;
734 c->mfc_origin = iph->saddr;
735 c->mfc_mcastgrp = iph->daddr;
736
737 /*
738 * Reflect first query at mrouted.
739 */
740 err = ipmr_cache_report(net, skb, vifi, IGMPMSG_NOCACHE);
741 if (err < 0) {
742 /* If the report failed throw the cache entry
743 out - Brad Parker
744 */
745 spin_unlock_bh(&mfc_unres_lock);
746
747 ipmr_cache_free(c);
748 kfree_skb(skb);
749 return err;
750 }
751
752 atomic_inc(&net->ipv4.cache_resolve_queue_len);
753 c->next = mfc_unres_queue;
754 mfc_unres_queue = c;
755
756 mod_timer(&ipmr_expire_timer, c->mfc_un.unres.expires);
757 }
758
759 /*
760 * See if we can append the packet
761 */
762 if (c->mfc_un.unres.unresolved.qlen>3) {
763 kfree_skb(skb);
764 err = -ENOBUFS;
765 } else {
766 skb_queue_tail(&c->mfc_un.unres.unresolved, skb);
767 err = 0;
768 }
769
770 spin_unlock_bh(&mfc_unres_lock);
771 return err;
772}
773
774/*
775 * MFC cache manipulation by user space mroute daemon
776 */
777
778static int ipmr_mfc_delete(struct net *net, struct mfcctl *mfc)
779{
780 int line;
781 struct mfc_cache *c, **cp;
782
783 line = MFC_HASH(mfc->mfcc_mcastgrp.s_addr, mfc->mfcc_origin.s_addr);
784
785 for (cp = &net->ipv4.mfc_cache_array[line];
786 (c = *cp) != NULL; cp = &c->next) {
787 if (c->mfc_origin == mfc->mfcc_origin.s_addr &&
788 c->mfc_mcastgrp == mfc->mfcc_mcastgrp.s_addr) {
789 write_lock_bh(&mrt_lock);
790 *cp = c->next;
791 write_unlock_bh(&mrt_lock);
792
793 ipmr_cache_free(c);
794 return 0;
795 }
796 }
797 return -ENOENT;
798}
799
800static int ipmr_mfc_add(struct net *net, struct mfcctl *mfc, int mrtsock)
801{
802 int line;
803 struct mfc_cache *uc, *c, **cp;
804
805 line = MFC_HASH(mfc->mfcc_mcastgrp.s_addr, mfc->mfcc_origin.s_addr);
806
807 for (cp = &net->ipv4.mfc_cache_array[line];
808 (c = *cp) != NULL; cp = &c->next) {
809 if (c->mfc_origin == mfc->mfcc_origin.s_addr &&
810 c->mfc_mcastgrp == mfc->mfcc_mcastgrp.s_addr)
811 break;
812 }
813
814 if (c != NULL) {
815 write_lock_bh(&mrt_lock);
816 c->mfc_parent = mfc->mfcc_parent;
817 ipmr_update_thresholds(c, mfc->mfcc_ttls);
818 if (!mrtsock)
819 c->mfc_flags |= MFC_STATIC;
820 write_unlock_bh(&mrt_lock);
821 return 0;
822 }
823
824 if (!ipv4_is_multicast(mfc->mfcc_mcastgrp.s_addr))
825 return -EINVAL;
826
827 c = ipmr_cache_alloc(net);
828 if (c == NULL)
829 return -ENOMEM;
830
831 c->mfc_origin = mfc->mfcc_origin.s_addr;
832 c->mfc_mcastgrp = mfc->mfcc_mcastgrp.s_addr;
833 c->mfc_parent = mfc->mfcc_parent;
834 ipmr_update_thresholds(c, mfc->mfcc_ttls);
835 if (!mrtsock)
836 c->mfc_flags |= MFC_STATIC;
837
838 write_lock_bh(&mrt_lock);
839 c->next = net->ipv4.mfc_cache_array[line];
840 net->ipv4.mfc_cache_array[line] = c;
841 write_unlock_bh(&mrt_lock);
842
843 /*
844 * Check to see if we resolved a queued list. If so we
845 * need to send on the frames and tidy up.
846 */
847 spin_lock_bh(&mfc_unres_lock);
848 for (cp = &mfc_unres_queue; (uc=*cp) != NULL;
849 cp = &uc->next) {
850 if (net_eq(mfc_net(uc), net) &&
851 uc->mfc_origin == c->mfc_origin &&
852 uc->mfc_mcastgrp == c->mfc_mcastgrp) {
853 *cp = uc->next;
854 atomic_dec(&net->ipv4.cache_resolve_queue_len);
855 break;
856 }
857 }
858 if (mfc_unres_queue == NULL)
859 del_timer(&ipmr_expire_timer);
860 spin_unlock_bh(&mfc_unres_lock);
861
862 if (uc) {
863 ipmr_cache_resolve(uc, c);
864 ipmr_cache_free(uc);
865 }
866 return 0;
867}
868
869/*
870 * Close the multicast socket, and clear the vif tables etc
871 */
872
873static void mroute_clean_tables(struct net *net)
874{
875 int i;
876 LIST_HEAD(list);
877
878 /*
879 * Shut down all active vif entries
880 */
881 for (i = 0; i < net->ipv4.maxvif; i++) {
882 if (!(net->ipv4.vif_table[i].flags&VIFF_STATIC))
883 vif_delete(net, i, 0, &list);
884 }
885 unregister_netdevice_many(&list);
886
887 /*
888 * Wipe the cache
889 */
890 for (i=0; i<MFC_LINES; i++) {
891 struct mfc_cache *c, **cp;
892
893 cp = &net->ipv4.mfc_cache_array[i];
894 while ((c = *cp) != NULL) {
895 if (c->mfc_flags&MFC_STATIC) {
896 cp = &c->next;
897 continue;
898 }
899 write_lock_bh(&mrt_lock);
900 *cp = c->next;
901 write_unlock_bh(&mrt_lock);
902
903 ipmr_cache_free(c);
904 }
905 }
906
907 if (atomic_read(&net->ipv4.cache_resolve_queue_len) != 0) {
908 struct mfc_cache *c, **cp;
909
910 spin_lock_bh(&mfc_unres_lock);
911 cp = &mfc_unres_queue;
912 while ((c = *cp) != NULL) {
913 if (!net_eq(mfc_net(c), net)) {
914 cp = &c->next;
915 continue;
916 }
917 *cp = c->next;
918
919 ipmr_destroy_unres(c);
920 }
921 spin_unlock_bh(&mfc_unres_lock);
922 }
923}
924
925static void mrtsock_destruct(struct sock *sk)
926{
927 struct net *net = sock_net(sk);
928
929 rtnl_lock();
930 if (sk == net->ipv4.mroute_sk) {
931 IPV4_DEVCONF_ALL(net, MC_FORWARDING)--;
932
933 write_lock_bh(&mrt_lock);
934 net->ipv4.mroute_sk = NULL;
935 write_unlock_bh(&mrt_lock);
936
937 mroute_clean_tables(net);
938 }
939 rtnl_unlock();
940}
941
942/*
943 * Socket options and virtual interface manipulation. The whole
944 * virtual interface system is a complete heap, but unfortunately
945 * that's how BSD mrouted happens to think. Maybe one day with a proper
946 * MOSPF/PIM router set up we can clean this up.
947 */
948
949int ip_mroute_setsockopt(struct sock *sk, int optname, char __user *optval, unsigned int optlen)
950{
951 int ret;
952 struct vifctl vif;
953 struct mfcctl mfc;
954 struct net *net = sock_net(sk);
955
956 if (optname != MRT_INIT) {
957 if (sk != net->ipv4.mroute_sk && !capable(CAP_NET_ADMIN))
958 return -EACCES;
959 }
960
961 switch (optname) {
962 case MRT_INIT:
963 if (sk->sk_type != SOCK_RAW ||
964 inet_sk(sk)->inet_num != IPPROTO_IGMP)
965 return -EOPNOTSUPP;
966 if (optlen != sizeof(int))
967 return -ENOPROTOOPT;
968
969 rtnl_lock();
970 if (net->ipv4.mroute_sk) {
971 rtnl_unlock();
972 return -EADDRINUSE;
973 }
974
975 ret = ip_ra_control(sk, 1, mrtsock_destruct);
976 if (ret == 0) {
977 write_lock_bh(&mrt_lock);
978 net->ipv4.mroute_sk = sk;
979 write_unlock_bh(&mrt_lock);
980
981 IPV4_DEVCONF_ALL(net, MC_FORWARDING)++;
982 }
983 rtnl_unlock();
984 return ret;
985 case MRT_DONE:
986 if (sk != net->ipv4.mroute_sk)
987 return -EACCES;
988 return ip_ra_control(sk, 0, NULL);
989 case MRT_ADD_VIF:
990 case MRT_DEL_VIF:
991 if (optlen != sizeof(vif))
992 return -EINVAL;
993 if (copy_from_user(&vif, optval, sizeof(vif)))
994 return -EFAULT;
995 if (vif.vifc_vifi >= MAXVIFS)
996 return -ENFILE;
997 rtnl_lock();
998 if (optname == MRT_ADD_VIF) {
999 ret = vif_add(net, &vif, sk == net->ipv4.mroute_sk);
1000 } else {
1001 ret = vif_delete(net, vif.vifc_vifi, 0, NULL);
1002 }
1003 rtnl_unlock();
1004 return ret;
1005
1006 /*
1007 * Manipulate the forwarding caches. These live
1008 * in a sort of kernel/user symbiosis.
1009 */
1010 case MRT_ADD_MFC:
1011 case MRT_DEL_MFC:
1012 if (optlen != sizeof(mfc))
1013 return -EINVAL;
1014 if (copy_from_user(&mfc, optval, sizeof(mfc)))
1015 return -EFAULT;
1016 rtnl_lock();
1017 if (optname == MRT_DEL_MFC)
1018 ret = ipmr_mfc_delete(net, &mfc);
1019 else
1020 ret = ipmr_mfc_add(net, &mfc, sk == net->ipv4.mroute_sk);
1021 rtnl_unlock();
1022 return ret;
1023 /*
1024 * Control PIM assert.
1025 */
1026 case MRT_ASSERT:
1027 {
1028 int v;
1029 if (get_user(v,(int __user *)optval))
1030 return -EFAULT;
1031 net->ipv4.mroute_do_assert = (v) ? 1 : 0;
1032 return 0;
1033 }
1034#ifdef CONFIG_IP_PIMSM
1035 case MRT_PIM:
1036 {
1037 int v;
1038
1039 if (get_user(v,(int __user *)optval))
1040 return -EFAULT;
1041 v = (v) ? 1 : 0;
1042
1043 rtnl_lock();
1044 ret = 0;
1045 if (v != net->ipv4.mroute_do_pim) {
1046 net->ipv4.mroute_do_pim = v;
1047 net->ipv4.mroute_do_assert = v;
1048 }
1049 rtnl_unlock();
1050 return ret;
1051 }
1052#endif
1053 /*
1054 * Spurious command, or MRT_VERSION which you cannot
1055 * set.
1056 */
1057 default:
1058 return -ENOPROTOOPT;
1059 }
1060}
1061
1062/*
1063 * Getsock opt support for the multicast routing system.
1064 */
1065
1066int ip_mroute_getsockopt(struct sock *sk, int optname, char __user *optval, int __user *optlen)
1067{
1068 int olr;
1069 int val;
1070 struct net *net = sock_net(sk);
1071
1072 if (optname != MRT_VERSION &&
1073#ifdef CONFIG_IP_PIMSM
1074 optname!=MRT_PIM &&
1075#endif
1076 optname!=MRT_ASSERT)
1077 return -ENOPROTOOPT;
1078
1079 if (get_user(olr, optlen))
1080 return -EFAULT;
1081
1082 olr = min_t(unsigned int, olr, sizeof(int));
1083 if (olr < 0)
1084 return -EINVAL;
1085
1086 if (put_user(olr, optlen))
1087 return -EFAULT;
1088 if (optname == MRT_VERSION)
1089 val = 0x0305;
1090#ifdef CONFIG_IP_PIMSM
1091 else if (optname == MRT_PIM)
1092 val = net->ipv4.mroute_do_pim;
1093#endif
1094 else
1095 val = net->ipv4.mroute_do_assert;
1096 if (copy_to_user(optval, &val, olr))
1097 return -EFAULT;
1098 return 0;
1099}
1100
1101/*
1102 * The IP multicast ioctl support routines.
1103 */
1104
1105int ipmr_ioctl(struct sock *sk, int cmd, void __user *arg)
1106{
1107 struct sioc_sg_req sr;
1108 struct sioc_vif_req vr;
1109 struct vif_device *vif;
1110 struct mfc_cache *c;
1111 struct net *net = sock_net(sk);
1112
1113 switch (cmd) {
1114 case SIOCGETVIFCNT:
1115 if (copy_from_user(&vr, arg, sizeof(vr)))
1116 return -EFAULT;
1117 if (vr.vifi >= net->ipv4.maxvif)
1118 return -EINVAL;
1119 read_lock(&mrt_lock);
1120 vif = &net->ipv4.vif_table[vr.vifi];
1121 if (VIF_EXISTS(net, vr.vifi)) {
1122 vr.icount = vif->pkt_in;
1123 vr.ocount = vif->pkt_out;
1124 vr.ibytes = vif->bytes_in;
1125 vr.obytes = vif->bytes_out;
1126 read_unlock(&mrt_lock);
1127
1128 if (copy_to_user(arg, &vr, sizeof(vr)))
1129 return -EFAULT;
1130 return 0;
1131 }
1132 read_unlock(&mrt_lock);
1133 return -EADDRNOTAVAIL;
1134 case SIOCGETSGCNT:
1135 if (copy_from_user(&sr, arg, sizeof(sr)))
1136 return -EFAULT;
1137
1138 read_lock(&mrt_lock);
1139 c = ipmr_cache_find(net, sr.src.s_addr, sr.grp.s_addr);
1140 if (c) {
1141 sr.pktcnt = c->mfc_un.res.pkt;
1142 sr.bytecnt = c->mfc_un.res.bytes;
1143 sr.wrong_if = c->mfc_un.res.wrong_if;
1144 read_unlock(&mrt_lock);
1145
1146 if (copy_to_user(arg, &sr, sizeof(sr)))
1147 return -EFAULT;
1148 return 0;
1149 }
1150 read_unlock(&mrt_lock);
1151 return -EADDRNOTAVAIL;
1152 default:
1153 return -ENOIOCTLCMD;
1154 }
1155}
1156
1157
1158static int ipmr_device_event(struct notifier_block *this, unsigned long event, void *ptr)
1159{
1160 struct net_device *dev = ptr;
1161 struct net *net = dev_net(dev);
1162 struct vif_device *v;
1163 int ct;
1164 LIST_HEAD(list);
1165
1166 if (event != NETDEV_UNREGISTER)
1167 return NOTIFY_DONE;
1168 v = &net->ipv4.vif_table[0];
1169 for (ct = 0; ct < net->ipv4.maxvif; ct++, v++) {
1170 if (v->dev == dev)
1171 vif_delete(net, ct, 1, &list);
1172 }
1173 unregister_netdevice_many(&list);
1174 return NOTIFY_DONE;
1175}
1176
1177
1178static struct notifier_block ip_mr_notifier = {
1179 .notifier_call = ipmr_device_event,
1180};
1181
1182/*
1183 * Encapsulate a packet by attaching a valid IPIP header to it.
1184 * This avoids tunnel drivers and other mess and gives us the speed so
1185 * important for multicast video.
1186 */
1187
1188static void ip_encap(struct sk_buff *skb, __be32 saddr, __be32 daddr)
1189{
1190 struct iphdr *iph;
1191 struct iphdr *old_iph = ip_hdr(skb);
1192
1193 skb_push(skb, sizeof(struct iphdr));
1194 skb->transport_header = skb->network_header;
1195 skb_reset_network_header(skb);
1196 iph = ip_hdr(skb);
1197
1198 iph->version = 4;
1199 iph->tos = old_iph->tos;
1200 iph->ttl = old_iph->ttl;
1201 iph->frag_off = 0;
1202 iph->daddr = daddr;
1203 iph->saddr = saddr;
1204 iph->protocol = IPPROTO_IPIP;
1205 iph->ihl = 5;
1206 iph->tot_len = htons(skb->len);
1207 ip_select_ident(iph, skb_dst(skb), NULL);
1208 ip_send_check(iph);
1209
1210 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
1211 nf_reset(skb);
1212}
1213
1214static inline int ipmr_forward_finish(struct sk_buff *skb)
1215{
1216 struct ip_options * opt = &(IPCB(skb)->opt);
1217
1218 IP_INC_STATS_BH(dev_net(skb_dst(skb)->dev), IPSTATS_MIB_OUTFORWDATAGRAMS);
1219
1220 if (unlikely(opt->optlen))
1221 ip_forward_options(skb);
1222
1223 return dst_output(skb);
1224}
1225
1226/*
1227 * Processing handlers for ipmr_forward
1228 */
1229
1230static void ipmr_queue_xmit(struct sk_buff *skb, struct mfc_cache *c, int vifi)
1231{
1232 struct net *net = mfc_net(c);
1233 const struct iphdr *iph = ip_hdr(skb);
1234 struct vif_device *vif = &net->ipv4.vif_table[vifi];
1235 struct net_device *dev;
1236 struct rtable *rt;
1237 int encap = 0;
1238
1239 if (vif->dev == NULL)
1240 goto out_free;
1241
1242#ifdef CONFIG_IP_PIMSM
1243 if (vif->flags & VIFF_REGISTER) {
1244 vif->pkt_out++;
1245 vif->bytes_out += skb->len;
1246 vif->dev->stats.tx_bytes += skb->len;
1247 vif->dev->stats.tx_packets++;
1248 ipmr_cache_report(net, skb, vifi, IGMPMSG_WHOLEPKT);
1249 goto out_free;
1250 }
1251#endif
1252
1253 if (vif->flags&VIFF_TUNNEL) {
1254 struct flowi fl = { .oif = vif->link,
1255 .nl_u = { .ip4_u =
1256 { .daddr = vif->remote,
1257 .saddr = vif->local,
1258 .tos = RT_TOS(iph->tos) } },
1259 .proto = IPPROTO_IPIP };
1260 if (ip_route_output_key(net, &rt, &fl))
1261 goto out_free;
1262 encap = sizeof(struct iphdr);
1263 } else {
1264 struct flowi fl = { .oif = vif->link,
1265 .nl_u = { .ip4_u =
1266 { .daddr = iph->daddr,
1267 .tos = RT_TOS(iph->tos) } },
1268 .proto = IPPROTO_IPIP };
1269 if (ip_route_output_key(net, &rt, &fl))
1270 goto out_free;
1271 }
1272
1273 dev = rt->u.dst.dev;
1274
1275 if (skb->len+encap > dst_mtu(&rt->u.dst) && (ntohs(iph->frag_off) & IP_DF)) {
1276 /* Do not fragment multicasts. Alas, IPv4 does not
1277 allow to send ICMP, so that packets will disappear
1278 to blackhole.
1279 */
1280
1281 IP_INC_STATS_BH(dev_net(dev), IPSTATS_MIB_FRAGFAILS);
1282 ip_rt_put(rt);
1283 goto out_free;
1284 }
1285
1286 encap += LL_RESERVED_SPACE(dev) + rt->u.dst.header_len;
1287
1288 if (skb_cow(skb, encap)) {
1289 ip_rt_put(rt);
1290 goto out_free;
1291 }
1292
1293 vif->pkt_out++;
1294 vif->bytes_out += skb->len;
1295
1296 skb_dst_drop(skb);
1297 skb_dst_set(skb, &rt->u.dst);
1298 ip_decrease_ttl(ip_hdr(skb));
1299
1300 /* FIXME: forward and output firewalls used to be called here.
1301 * What do we do with netfilter? -- RR */
1302 if (vif->flags & VIFF_TUNNEL) {
1303 ip_encap(skb, vif->local, vif->remote);
1304 /* FIXME: extra output firewall step used to be here. --RR */
1305 vif->dev->stats.tx_packets++;
1306 vif->dev->stats.tx_bytes += skb->len;
1307 }
1308
1309 IPCB(skb)->flags |= IPSKB_FORWARDED;
1310
1311 /*
1312 * RFC1584 teaches, that DVMRP/PIM router must deliver packets locally
1313 * not only before forwarding, but after forwarding on all output
1314 * interfaces. It is clear, if mrouter runs a multicasting
1315 * program, it should receive packets not depending to what interface
1316 * program is joined.
1317 * If we will not make it, the program will have to join on all
1318 * interfaces. On the other hand, multihoming host (or router, but
1319 * not mrouter) cannot join to more than one interface - it will
1320 * result in receiving multiple packets.
1321 */
1322 NF_HOOK(PF_INET, NF_INET_FORWARD, skb, skb->dev, dev,
1323 ipmr_forward_finish);
1324 return;
1325
1326out_free:
1327 kfree_skb(skb);
1328 return;
1329}
1330
1331static int ipmr_find_vif(struct net_device *dev)
1332{
1333 struct net *net = dev_net(dev);
1334 int ct;
1335 for (ct = net->ipv4.maxvif-1; ct >= 0; ct--) {
1336 if (net->ipv4.vif_table[ct].dev == dev)
1337 break;
1338 }
1339 return ct;
1340}
1341
1342/* "local" means that we should preserve one skb (for local delivery) */
1343
1344static int ip_mr_forward(struct sk_buff *skb, struct mfc_cache *cache, int local)
1345{
1346 int psend = -1;
1347 int vif, ct;
1348 struct net *net = mfc_net(cache);
1349
1350 vif = cache->mfc_parent;
1351 cache->mfc_un.res.pkt++;
1352 cache->mfc_un.res.bytes += skb->len;
1353
1354 /*
1355 * Wrong interface: drop packet and (maybe) send PIM assert.
1356 */
1357 if (net->ipv4.vif_table[vif].dev != skb->dev) {
1358 int true_vifi;
1359
1360 if (skb_rtable(skb)->fl.iif == 0) {
1361 /* It is our own packet, looped back.
1362 Very complicated situation...
1363
1364 The best workaround until routing daemons will be
1365 fixed is not to redistribute packet, if it was
1366 send through wrong interface. It means, that
1367 multicast applications WILL NOT work for
1368 (S,G), which have default multicast route pointing
1369 to wrong oif. In any case, it is not a good
1370 idea to use multicasting applications on router.
1371 */
1372 goto dont_forward;
1373 }
1374
1375 cache->mfc_un.res.wrong_if++;
1376 true_vifi = ipmr_find_vif(skb->dev);
1377
1378 if (true_vifi >= 0 && net->ipv4.mroute_do_assert &&
1379 /* pimsm uses asserts, when switching from RPT to SPT,
1380 so that we cannot check that packet arrived on an oif.
1381 It is bad, but otherwise we would need to move pretty
1382 large chunk of pimd to kernel. Ough... --ANK
1383 */
1384 (net->ipv4.mroute_do_pim ||
1385 cache->mfc_un.res.ttls[true_vifi] < 255) &&
1386 time_after(jiffies,
1387 cache->mfc_un.res.last_assert + MFC_ASSERT_THRESH)) {
1388 cache->mfc_un.res.last_assert = jiffies;
1389 ipmr_cache_report(net, skb, true_vifi, IGMPMSG_WRONGVIF);
1390 }
1391 goto dont_forward;
1392 }
1393
1394 net->ipv4.vif_table[vif].pkt_in++;
1395 net->ipv4.vif_table[vif].bytes_in += skb->len;
1396
1397 /*
1398 * Forward the frame
1399 */
1400 for (ct = cache->mfc_un.res.maxvif-1; ct >= cache->mfc_un.res.minvif; ct--) {
1401 if (ip_hdr(skb)->ttl > cache->mfc_un.res.ttls[ct]) {
1402 if (psend != -1) {
1403 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
1404 if (skb2)
1405 ipmr_queue_xmit(skb2, cache, psend);
1406 }
1407 psend = ct;
1408 }
1409 }
1410 if (psend != -1) {
1411 if (local) {
1412 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
1413 if (skb2)
1414 ipmr_queue_xmit(skb2, cache, psend);
1415 } else {
1416 ipmr_queue_xmit(skb, cache, psend);
1417 return 0;
1418 }
1419 }
1420
1421dont_forward:
1422 if (!local)
1423 kfree_skb(skb);
1424 return 0;
1425}
1426
1427
1428/*
1429 * Multicast packets for forwarding arrive here
1430 */
1431
1432int ip_mr_input(struct sk_buff *skb)
1433{
1434 struct mfc_cache *cache;
1435 struct net *net = dev_net(skb->dev);
1436 int local = skb_rtable(skb)->rt_flags & RTCF_LOCAL;
1437
1438 /* Packet is looped back after forward, it should not be
1439 forwarded second time, but still can be delivered locally.
1440 */
1441 if (IPCB(skb)->flags&IPSKB_FORWARDED)
1442 goto dont_forward;
1443
1444 if (!local) {
1445 if (IPCB(skb)->opt.router_alert) {
1446 if (ip_call_ra_chain(skb))
1447 return 0;
1448 } else if (ip_hdr(skb)->protocol == IPPROTO_IGMP){
1449 /* IGMPv1 (and broken IGMPv2 implementations sort of
1450 Cisco IOS <= 11.2(8)) do not put router alert
1451 option to IGMP packets destined to routable
1452 groups. It is very bad, because it means
1453 that we can forward NO IGMP messages.
1454 */
1455 read_lock(&mrt_lock);
1456 if (net->ipv4.mroute_sk) {
1457 nf_reset(skb);
1458 raw_rcv(net->ipv4.mroute_sk, skb);
1459 read_unlock(&mrt_lock);
1460 return 0;
1461 }
1462 read_unlock(&mrt_lock);
1463 }
1464 }
1465
1466 read_lock(&mrt_lock);
1467 cache = ipmr_cache_find(net, ip_hdr(skb)->saddr, ip_hdr(skb)->daddr);
1468
1469 /*
1470 * No usable cache entry
1471 */
1472 if (cache == NULL) {
1473 int vif;
1474
1475 if (local) {
1476 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
1477 ip_local_deliver(skb);
1478 if (skb2 == NULL) {
1479 read_unlock(&mrt_lock);
1480 return -ENOBUFS;
1481 }
1482 skb = skb2;
1483 }
1484
1485 vif = ipmr_find_vif(skb->dev);
1486 if (vif >= 0) {
1487 int err = ipmr_cache_unresolved(net, vif, skb);
1488 read_unlock(&mrt_lock);
1489
1490 return err;
1491 }
1492 read_unlock(&mrt_lock);
1493 kfree_skb(skb);
1494 return -ENODEV;
1495 }
1496
1497 ip_mr_forward(skb, cache, local);
1498
1499 read_unlock(&mrt_lock);
1500
1501 if (local)
1502 return ip_local_deliver(skb);
1503
1504 return 0;
1505
1506dont_forward:
1507 if (local)
1508 return ip_local_deliver(skb);
1509 kfree_skb(skb);
1510 return 0;
1511}
1512
1513#ifdef CONFIG_IP_PIMSM
1514static int __pim_rcv(struct sk_buff *skb, unsigned int pimlen)
1515{
1516 struct net_device *reg_dev = NULL;
1517 struct iphdr *encap;
1518 struct net *net = dev_net(skb->dev);
1519
1520 encap = (struct iphdr *)(skb_transport_header(skb) + pimlen);
1521 /*
1522 Check that:
1523 a. packet is really destinted to a multicast group
1524 b. packet is not a NULL-REGISTER
1525 c. packet is not truncated
1526 */
1527 if (!ipv4_is_multicast(encap->daddr) ||
1528 encap->tot_len == 0 ||
1529 ntohs(encap->tot_len) + pimlen > skb->len)
1530 return 1;
1531
1532 read_lock(&mrt_lock);
1533 if (net->ipv4.mroute_reg_vif_num >= 0)
1534 reg_dev = net->ipv4.vif_table[net->ipv4.mroute_reg_vif_num].dev;
1535 if (reg_dev)
1536 dev_hold(reg_dev);
1537 read_unlock(&mrt_lock);
1538
1539 if (reg_dev == NULL)
1540 return 1;
1541
1542 skb->mac_header = skb->network_header;
1543 skb_pull(skb, (u8*)encap - skb->data);
1544 skb_reset_network_header(skb);
1545 skb->dev = reg_dev;
1546 skb->protocol = htons(ETH_P_IP);
1547 skb->ip_summed = 0;
1548 skb->pkt_type = PACKET_HOST;
1549 skb_dst_drop(skb);
1550 reg_dev->stats.rx_bytes += skb->len;
1551 reg_dev->stats.rx_packets++;
1552 nf_reset(skb);
1553 netif_rx(skb);
1554 dev_put(reg_dev);
1555
1556 return 0;
1557}
1558#endif
1559
1560#ifdef CONFIG_IP_PIMSM_V1
1561/*
1562 * Handle IGMP messages of PIMv1
1563 */
1564
1565int pim_rcv_v1(struct sk_buff * skb)
1566{
1567 struct igmphdr *pim;
1568 struct net *net = dev_net(skb->dev);
1569
1570 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(struct iphdr)))
1571 goto drop;
1572
1573 pim = igmp_hdr(skb);
1574
1575 if (!net->ipv4.mroute_do_pim ||
1576 pim->group != PIM_V1_VERSION || pim->code != PIM_V1_REGISTER)
1577 goto drop;
1578
1579 if (__pim_rcv(skb, sizeof(*pim))) {
1580drop:
1581 kfree_skb(skb);
1582 }
1583 return 0;
1584}
1585#endif
1586
1587#ifdef CONFIG_IP_PIMSM_V2
1588static int pim_rcv(struct sk_buff * skb)
1589{
1590 struct pimreghdr *pim;
1591
1592 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(struct iphdr)))
1593 goto drop;
1594
1595 pim = (struct pimreghdr *)skb_transport_header(skb);
1596 if (pim->type != ((PIM_VERSION<<4)|(PIM_REGISTER)) ||
1597 (pim->flags&PIM_NULL_REGISTER) ||
1598 (ip_compute_csum((void *)pim, sizeof(*pim)) != 0 &&
1599 csum_fold(skb_checksum(skb, 0, skb->len, 0))))
1600 goto drop;
1601
1602 if (__pim_rcv(skb, sizeof(*pim))) {
1603drop:
1604 kfree_skb(skb);
1605 }
1606 return 0;
1607}
1608#endif
1609
1610static int
1611ipmr_fill_mroute(struct sk_buff *skb, struct mfc_cache *c, struct rtmsg *rtm)
1612{
1613 int ct;
1614 struct rtnexthop *nhp;
1615 struct net *net = mfc_net(c);
1616 struct net_device *dev = net->ipv4.vif_table[c->mfc_parent].dev;
1617 u8 *b = skb_tail_pointer(skb);
1618 struct rtattr *mp_head;
1619
1620 if (dev)
1621 RTA_PUT(skb, RTA_IIF, 4, &dev->ifindex);
1622
1623 mp_head = (struct rtattr *)skb_put(skb, RTA_LENGTH(0));
1624
1625 for (ct = c->mfc_un.res.minvif; ct < c->mfc_un.res.maxvif; ct++) {
1626 if (c->mfc_un.res.ttls[ct] < 255) {
1627 if (skb_tailroom(skb) < RTA_ALIGN(RTA_ALIGN(sizeof(*nhp)) + 4))
1628 goto rtattr_failure;
1629 nhp = (struct rtnexthop *)skb_put(skb, RTA_ALIGN(sizeof(*nhp)));
1630 nhp->rtnh_flags = 0;
1631 nhp->rtnh_hops = c->mfc_un.res.ttls[ct];
1632 nhp->rtnh_ifindex = net->ipv4.vif_table[ct].dev->ifindex;
1633 nhp->rtnh_len = sizeof(*nhp);
1634 }
1635 }
1636 mp_head->rta_type = RTA_MULTIPATH;
1637 mp_head->rta_len = skb_tail_pointer(skb) - (u8 *)mp_head;
1638 rtm->rtm_type = RTN_MULTICAST;
1639 return 1;
1640
1641rtattr_failure:
1642 nlmsg_trim(skb, b);
1643 return -EMSGSIZE;
1644}
1645
1646int ipmr_get_route(struct net *net,
1647 struct sk_buff *skb, struct rtmsg *rtm, int nowait)
1648{
1649 int err;
1650 struct mfc_cache *cache;
1651 struct rtable *rt = skb_rtable(skb);
1652
1653 read_lock(&mrt_lock);
1654 cache = ipmr_cache_find(net, rt->rt_src, rt->rt_dst);
1655
1656 if (cache == NULL) {
1657 struct sk_buff *skb2;
1658 struct iphdr *iph;
1659 struct net_device *dev;
1660 int vif;
1661
1662 if (nowait) {
1663 read_unlock(&mrt_lock);
1664 return -EAGAIN;
1665 }
1666
1667 dev = skb->dev;
1668 if (dev == NULL || (vif = ipmr_find_vif(dev)) < 0) {
1669 read_unlock(&mrt_lock);
1670 return -ENODEV;
1671 }
1672 skb2 = skb_clone(skb, GFP_ATOMIC);
1673 if (!skb2) {
1674 read_unlock(&mrt_lock);
1675 return -ENOMEM;
1676 }
1677
1678 skb_push(skb2, sizeof(struct iphdr));
1679 skb_reset_network_header(skb2);
1680 iph = ip_hdr(skb2);
1681 iph->ihl = sizeof(struct iphdr) >> 2;
1682 iph->saddr = rt->rt_src;
1683 iph->daddr = rt->rt_dst;
1684 iph->version = 0;
1685 err = ipmr_cache_unresolved(net, vif, skb2);
1686 read_unlock(&mrt_lock);
1687 return err;
1688 }
1689
1690 if (!nowait && (rtm->rtm_flags&RTM_F_NOTIFY))
1691 cache->mfc_flags |= MFC_NOTIFY;
1692 err = ipmr_fill_mroute(skb, cache, rtm);
1693 read_unlock(&mrt_lock);
1694 return err;
1695}
1696
1697#ifdef CONFIG_PROC_FS
1698/*
1699 * The /proc interfaces to multicast routing /proc/ip_mr_cache /proc/ip_mr_vif
1700 */
1701struct ipmr_vif_iter {
1702 struct seq_net_private p;
1703 int ct;
1704};
1705
1706static struct vif_device *ipmr_vif_seq_idx(struct net *net,
1707 struct ipmr_vif_iter *iter,
1708 loff_t pos)
1709{
1710 for (iter->ct = 0; iter->ct < net->ipv4.maxvif; ++iter->ct) {
1711 if (!VIF_EXISTS(net, iter->ct))
1712 continue;
1713 if (pos-- == 0)
1714 return &net->ipv4.vif_table[iter->ct];
1715 }
1716 return NULL;
1717}
1718
1719static void *ipmr_vif_seq_start(struct seq_file *seq, loff_t *pos)
1720 __acquires(mrt_lock)
1721{
1722 struct net *net = seq_file_net(seq);
1723
1724 read_lock(&mrt_lock);
1725 return *pos ? ipmr_vif_seq_idx(net, seq->private, *pos - 1)
1726 : SEQ_START_TOKEN;
1727}
1728
1729static void *ipmr_vif_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1730{
1731 struct ipmr_vif_iter *iter = seq->private;
1732 struct net *net = seq_file_net(seq);
1733
1734 ++*pos;
1735 if (v == SEQ_START_TOKEN)
1736 return ipmr_vif_seq_idx(net, iter, 0);
1737
1738 while (++iter->ct < net->ipv4.maxvif) {
1739 if (!VIF_EXISTS(net, iter->ct))
1740 continue;
1741 return &net->ipv4.vif_table[iter->ct];
1742 }
1743 return NULL;
1744}
1745
1746static void ipmr_vif_seq_stop(struct seq_file *seq, void *v)
1747 __releases(mrt_lock)
1748{
1749 read_unlock(&mrt_lock);
1750}
1751
1752static int ipmr_vif_seq_show(struct seq_file *seq, void *v)
1753{
1754 struct net *net = seq_file_net(seq);
1755
1756 if (v == SEQ_START_TOKEN) {
1757 seq_puts(seq,
1758 "Interface BytesIn PktsIn BytesOut PktsOut Flags Local Remote\n");
1759 } else {
1760 const struct vif_device *vif = v;
1761 const char *name = vif->dev ? vif->dev->name : "none";
1762
1763 seq_printf(seq,
1764 "%2Zd %-10s %8ld %7ld %8ld %7ld %05X %08X %08X\n",
1765 vif - net->ipv4.vif_table,
1766 name, vif->bytes_in, vif->pkt_in,
1767 vif->bytes_out, vif->pkt_out,
1768 vif->flags, vif->local, vif->remote);
1769 }
1770 return 0;
1771}
1772
1773static const struct seq_operations ipmr_vif_seq_ops = {
1774 .start = ipmr_vif_seq_start,
1775 .next = ipmr_vif_seq_next,
1776 .stop = ipmr_vif_seq_stop,
1777 .show = ipmr_vif_seq_show,
1778};
1779
1780static int ipmr_vif_open(struct inode *inode, struct file *file)
1781{
1782 return seq_open_net(inode, file, &ipmr_vif_seq_ops,
1783 sizeof(struct ipmr_vif_iter));
1784}
1785
1786static const struct file_operations ipmr_vif_fops = {
1787 .owner = THIS_MODULE,
1788 .open = ipmr_vif_open,
1789 .read = seq_read,
1790 .llseek = seq_lseek,
1791 .release = seq_release_net,
1792};
1793
1794struct ipmr_mfc_iter {
1795 struct seq_net_private p;
1796 struct mfc_cache **cache;
1797 int ct;
1798};
1799
1800
1801static struct mfc_cache *ipmr_mfc_seq_idx(struct net *net,
1802 struct ipmr_mfc_iter *it, loff_t pos)
1803{
1804 struct mfc_cache *mfc;
1805
1806 it->cache = net->ipv4.mfc_cache_array;
1807 read_lock(&mrt_lock);
1808 for (it->ct = 0; it->ct < MFC_LINES; it->ct++)
1809 for (mfc = net->ipv4.mfc_cache_array[it->ct];
1810 mfc; mfc = mfc->next)
1811 if (pos-- == 0)
1812 return mfc;
1813 read_unlock(&mrt_lock);
1814
1815 it->cache = &mfc_unres_queue;
1816 spin_lock_bh(&mfc_unres_lock);
1817 for (mfc = mfc_unres_queue; mfc; mfc = mfc->next)
1818 if (net_eq(mfc_net(mfc), net) &&
1819 pos-- == 0)
1820 return mfc;
1821 spin_unlock_bh(&mfc_unres_lock);
1822
1823 it->cache = NULL;
1824 return NULL;
1825}
1826
1827
1828static void *ipmr_mfc_seq_start(struct seq_file *seq, loff_t *pos)
1829{
1830 struct ipmr_mfc_iter *it = seq->private;
1831 struct net *net = seq_file_net(seq);
1832
1833 it->cache = NULL;
1834 it->ct = 0;
1835 return *pos ? ipmr_mfc_seq_idx(net, seq->private, *pos - 1)
1836 : SEQ_START_TOKEN;
1837}
1838
1839static void *ipmr_mfc_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1840{
1841 struct mfc_cache *mfc = v;
1842 struct ipmr_mfc_iter *it = seq->private;
1843 struct net *net = seq_file_net(seq);
1844
1845 ++*pos;
1846
1847 if (v == SEQ_START_TOKEN)
1848 return ipmr_mfc_seq_idx(net, seq->private, 0);
1849
1850 if (mfc->next)
1851 return mfc->next;
1852
1853 if (it->cache == &mfc_unres_queue)
1854 goto end_of_list;
1855
1856 BUG_ON(it->cache != net->ipv4.mfc_cache_array);
1857
1858 while (++it->ct < MFC_LINES) {
1859 mfc = net->ipv4.mfc_cache_array[it->ct];
1860 if (mfc)
1861 return mfc;
1862 }
1863
1864 /* exhausted cache_array, show unresolved */
1865 read_unlock(&mrt_lock);
1866 it->cache = &mfc_unres_queue;
1867 it->ct = 0;
1868
1869 spin_lock_bh(&mfc_unres_lock);
1870 mfc = mfc_unres_queue;
1871 while (mfc && !net_eq(mfc_net(mfc), net))
1872 mfc = mfc->next;
1873 if (mfc)
1874 return mfc;
1875
1876 end_of_list:
1877 spin_unlock_bh(&mfc_unres_lock);
1878 it->cache = NULL;
1879
1880 return NULL;
1881}
1882
1883static void ipmr_mfc_seq_stop(struct seq_file *seq, void *v)
1884{
1885 struct ipmr_mfc_iter *it = seq->private;
1886 struct net *net = seq_file_net(seq);
1887
1888 if (it->cache == &mfc_unres_queue)
1889 spin_unlock_bh(&mfc_unres_lock);
1890 else if (it->cache == net->ipv4.mfc_cache_array)
1891 read_unlock(&mrt_lock);
1892}
1893
1894static int ipmr_mfc_seq_show(struct seq_file *seq, void *v)
1895{
1896 int n;
1897 struct net *net = seq_file_net(seq);
1898
1899 if (v == SEQ_START_TOKEN) {
1900 seq_puts(seq,
1901 "Group Origin Iif Pkts Bytes Wrong Oifs\n");
1902 } else {
1903 const struct mfc_cache *mfc = v;
1904 const struct ipmr_mfc_iter *it = seq->private;
1905
1906 seq_printf(seq, "%08lX %08lX %-3hd",
1907 (unsigned long) mfc->mfc_mcastgrp,
1908 (unsigned long) mfc->mfc_origin,
1909 mfc->mfc_parent);
1910
1911 if (it->cache != &mfc_unres_queue) {
1912 seq_printf(seq, " %8lu %8lu %8lu",
1913 mfc->mfc_un.res.pkt,
1914 mfc->mfc_un.res.bytes,
1915 mfc->mfc_un.res.wrong_if);
1916 for (n = mfc->mfc_un.res.minvif;
1917 n < mfc->mfc_un.res.maxvif; n++ ) {
1918 if (VIF_EXISTS(net, n) &&
1919 mfc->mfc_un.res.ttls[n] < 255)
1920 seq_printf(seq,
1921 " %2d:%-3d",
1922 n, mfc->mfc_un.res.ttls[n]);
1923 }
1924 } else {
1925 /* unresolved mfc_caches don't contain
1926 * pkt, bytes and wrong_if values
1927 */
1928 seq_printf(seq, " %8lu %8lu %8lu", 0ul, 0ul, 0ul);
1929 }
1930 seq_putc(seq, '\n');
1931 }
1932 return 0;
1933}
1934
1935static const struct seq_operations ipmr_mfc_seq_ops = {
1936 .start = ipmr_mfc_seq_start,
1937 .next = ipmr_mfc_seq_next,
1938 .stop = ipmr_mfc_seq_stop,
1939 .show = ipmr_mfc_seq_show,
1940};
1941
1942static int ipmr_mfc_open(struct inode *inode, struct file *file)
1943{
1944 return seq_open_net(inode, file, &ipmr_mfc_seq_ops,
1945 sizeof(struct ipmr_mfc_iter));
1946}
1947
1948static const struct file_operations ipmr_mfc_fops = {
1949 .owner = THIS_MODULE,
1950 .open = ipmr_mfc_open,
1951 .read = seq_read,
1952 .llseek = seq_lseek,
1953 .release = seq_release_net,
1954};
1955#endif
1956
1957#ifdef CONFIG_IP_PIMSM_V2
1958static const struct net_protocol pim_protocol = {
1959 .handler = pim_rcv,
1960 .netns_ok = 1,
1961};
1962#endif
1963
1964
1965/*
1966 * Setup for IP multicast routing
1967 */
1968static int __net_init ipmr_net_init(struct net *net)
1969{
1970 int err = 0;
1971
1972 net->ipv4.vif_table = kcalloc(MAXVIFS, sizeof(struct vif_device),
1973 GFP_KERNEL);
1974 if (!net->ipv4.vif_table) {
1975 err = -ENOMEM;
1976 goto fail;
1977 }
1978
1979 /* Forwarding cache */
1980 net->ipv4.mfc_cache_array = kcalloc(MFC_LINES,
1981 sizeof(struct mfc_cache *),
1982 GFP_KERNEL);
1983 if (!net->ipv4.mfc_cache_array) {
1984 err = -ENOMEM;
1985 goto fail_mfc_cache;
1986 }
1987
1988#ifdef CONFIG_IP_PIMSM
1989 net->ipv4.mroute_reg_vif_num = -1;
1990#endif
1991
1992#ifdef CONFIG_PROC_FS
1993 err = -ENOMEM;
1994 if (!proc_net_fops_create(net, "ip_mr_vif", 0, &ipmr_vif_fops))
1995 goto proc_vif_fail;
1996 if (!proc_net_fops_create(net, "ip_mr_cache", 0, &ipmr_mfc_fops))
1997 goto proc_cache_fail;
1998#endif
1999 return 0;
2000
2001#ifdef CONFIG_PROC_FS
2002proc_cache_fail:
2003 proc_net_remove(net, "ip_mr_vif");
2004proc_vif_fail:
2005 kfree(net->ipv4.mfc_cache_array);
2006#endif
2007fail_mfc_cache:
2008 kfree(net->ipv4.vif_table);
2009fail:
2010 return err;
2011}
2012
2013static void __net_exit ipmr_net_exit(struct net *net)
2014{
2015#ifdef CONFIG_PROC_FS
2016 proc_net_remove(net, "ip_mr_cache");
2017 proc_net_remove(net, "ip_mr_vif");
2018#endif
2019 kfree(net->ipv4.mfc_cache_array);
2020 kfree(net->ipv4.vif_table);
2021}
2022
2023static struct pernet_operations ipmr_net_ops = {
2024 .init = ipmr_net_init,
2025 .exit = ipmr_net_exit,
2026};
2027
2028int __init ip_mr_init(void)
2029{
2030 int err;
2031
2032 mrt_cachep = kmem_cache_create("ip_mrt_cache",
2033 sizeof(struct mfc_cache),
2034 0, SLAB_HWCACHE_ALIGN|SLAB_PANIC,
2035 NULL);
2036 if (!mrt_cachep)
2037 return -ENOMEM;
2038
2039 err = register_pernet_subsys(&ipmr_net_ops);
2040 if (err)
2041 goto reg_pernet_fail;
2042
2043 setup_timer(&ipmr_expire_timer, ipmr_expire_process, 0);
2044 err = register_netdevice_notifier(&ip_mr_notifier);
2045 if (err)
2046 goto reg_notif_fail;
2047#ifdef CONFIG_IP_PIMSM_V2
2048 if (inet_add_protocol(&pim_protocol, IPPROTO_PIM) < 0) {
2049 printk(KERN_ERR "ip_mr_init: can't add PIM protocol\n");
2050 err = -EAGAIN;
2051 goto add_proto_fail;
2052 }
2053#endif
2054 return 0;
2055
2056#ifdef CONFIG_IP_PIMSM_V2
2057add_proto_fail:
2058 unregister_netdevice_notifier(&ip_mr_notifier);
2059#endif
2060reg_notif_fail:
2061 del_timer(&ipmr_expire_timer);
2062 unregister_pernet_subsys(&ipmr_net_ops);
2063reg_pernet_fail:
2064 kmem_cache_destroy(mrt_cachep);
2065 return err;
2066}
Clone of davem's net-next-2.6 tree