~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/ipv6/ip6mr.c

Version: ~ [ linux-5.4-rc7 ] ~ [ linux-5.3.11 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.84 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.154 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.201 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.201 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.140 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.77 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-3.9.11 ] ~ [ linux-3.8.13 ] ~ [ linux-3.7.10 ] ~ [ linux-3.6.11 ] ~ [ linux-3.5.7 ] ~ [ linux-3.4.113 ] ~ [ linux-3.3.8 ] ~ [ linux-3.2.102 ] ~ [ linux-3.1.10 ] ~ [ linux-3.0.101 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /*
  2  *      Linux IPv6 multicast routing support for BSD pim6sd
  3  *      Based on net/ipv4/ipmr.c.
  4  *
  5  *      (c) 2004 Mickael Hoerdt, <hoerdt@clarinet.u-strasbg.fr>
  6  *              LSIIT Laboratory, Strasbourg, France
  7  *      (c) 2004 Jean-Philippe Andriot, <jean-philippe.andriot@6WIND.com>
  8  *              6WIND, Paris, France
  9  *      Copyright (C)2007,2008 USAGI/WIDE Project
 10  *              YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
 11  *
 12  *      This program is free software; you can redistribute it and/or
 13  *      modify it under the terms of the GNU General Public License
 14  *      as published by the Free Software Foundation; either version
 15  *      2 of the License, or (at your option) any later version.
 16  *
 17  */
 18 
 19 #include <linux/uaccess.h>
 20 #include <linux/types.h>
 21 #include <linux/sched.h>
 22 #include <linux/errno.h>
 23 #include <linux/timer.h>
 24 #include <linux/mm.h>
 25 #include <linux/kernel.h>
 26 #include <linux/fcntl.h>
 27 #include <linux/stat.h>
 28 #include <linux/socket.h>
 29 #include <linux/inet.h>
 30 #include <linux/netdevice.h>
 31 #include <linux/inetdevice.h>
 32 #include <linux/proc_fs.h>
 33 #include <linux/seq_file.h>
 34 #include <linux/init.h>
 35 #include <linux/slab.h>
 36 #include <linux/compat.h>
 37 #include <net/protocol.h>
 38 #include <linux/skbuff.h>
 39 #include <net/sock.h>
 40 #include <net/raw.h>
 41 #include <linux/notifier.h>
 42 #include <linux/if_arp.h>
 43 #include <net/checksum.h>
 44 #include <net/netlink.h>
 45 #include <net/fib_rules.h>
 46 
 47 #include <net/ipv6.h>
 48 #include <net/ip6_route.h>
 49 #include <linux/mroute6.h>
 50 #include <linux/pim.h>
 51 #include <net/addrconf.h>
 52 #include <linux/netfilter_ipv6.h>
 53 #include <linux/export.h>
 54 #include <net/ip6_checksum.h>
 55 #include <linux/netconf.h>
 56 
 57 struct mr6_table {
 58         struct list_head        list;
 59         possible_net_t          net;
 60         u32                     id;
 61         struct sock             *mroute6_sk;
 62         struct timer_list       ipmr_expire_timer;
 63         struct list_head        mfc6_unres_queue;
 64         struct list_head        mfc6_cache_array[MFC6_LINES];
 65         struct mif_device       vif6_table[MAXMIFS];
 66         int                     maxvif;
 67         atomic_t                cache_resolve_queue_len;
 68         bool                    mroute_do_assert;
 69         bool                    mroute_do_pim;
 70 #ifdef CONFIG_IPV6_PIMSM_V2
 71         int                     mroute_reg_vif_num;
 72 #endif
 73 };
 74 
 75 struct ip6mr_rule {
 76         struct fib_rule         common;
 77 };
 78 
 79 struct ip6mr_result {
 80         struct mr6_table        *mrt;
 81 };
 82 
 83 /* Big lock, protecting vif table, mrt cache and mroute socket state.
 84    Note that the changes are semaphored via rtnl_lock.
 85  */
 86 
 87 static DEFINE_RWLOCK(mrt_lock);
 88 
 89 /*
 90  *      Multicast router control variables
 91  */
 92 
 93 #define MIF_EXISTS(_mrt, _idx) ((_mrt)->vif6_table[_idx].dev != NULL)
 94 
 95 /* Special spinlock for queue of unresolved entries */
 96 static DEFINE_SPINLOCK(mfc_unres_lock);
 97 
 98 /* We return to original Alan's scheme. Hash table of resolved
 99    entries is changed only in process context and protected
100    with weak lock mrt_lock. Queue of unresolved entries is protected
101    with strong spinlock mfc_unres_lock.
102 
103    In this case data path is free of exclusive locks at all.
104  */
105 
106 static struct kmem_cache *mrt_cachep __read_mostly;
107 
108 static struct mr6_table *ip6mr_new_table(struct net *net, u32 id);
109 static void ip6mr_free_table(struct mr6_table *mrt);
110 
111 static void ip6_mr_forward(struct net *net, struct mr6_table *mrt,
112                            struct sk_buff *skb, struct mfc6_cache *cache);
113 static int ip6mr_cache_report(struct mr6_table *mrt, struct sk_buff *pkt,
114                               mifi_t mifi, int assert);
115 static int __ip6mr_fill_mroute(struct mr6_table *mrt, struct sk_buff *skb,
116                                struct mfc6_cache *c, struct rtmsg *rtm);
117 static void mr6_netlink_event(struct mr6_table *mrt, struct mfc6_cache *mfc,
118                               int cmd);
119 static void mrt6msg_netlink_event(struct mr6_table *mrt, struct sk_buff *pkt);
120 static int ip6mr_rtm_dumproute(struct sk_buff *skb,
121                                struct netlink_callback *cb);
122 static void mroute_clean_tables(struct mr6_table *mrt, bool all);
123 static void ipmr_expire_process(struct timer_list *t);
124 
125 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES
126 #define ip6mr_for_each_table(mrt, net) \
127         list_for_each_entry_rcu(mrt, &net->ipv6.mr6_tables, list)
128 
129 static struct mr6_table *ip6mr_get_table(struct net *net, u32 id)
130 {
131         struct mr6_table *mrt;
132 
133         ip6mr_for_each_table(mrt, net) {
134                 if (mrt->id == id)
135                         return mrt;
136         }
137         return NULL;
138 }
139 
140 static int ip6mr_fib_lookup(struct net *net, struct flowi6 *flp6,
141                             struct mr6_table **mrt)
142 {
143         int err;
144         struct ip6mr_result res;
145         struct fib_lookup_arg arg = {
146                 .result = &res,
147                 .flags = FIB_LOOKUP_NOREF,
148         };
149 
150         err = fib_rules_lookup(net->ipv6.mr6_rules_ops,
151                                flowi6_to_flowi(flp6), 0, &arg);
152         if (err < 0)
153                 return err;
154         *mrt = res.mrt;
155         return 0;
156 }
157 
158 static int ip6mr_rule_action(struct fib_rule *rule, struct flowi *flp,
159                              int flags, struct fib_lookup_arg *arg)
160 {
161         struct ip6mr_result *res = arg->result;
162         struct mr6_table *mrt;
163 
164         switch (rule->action) {
165         case FR_ACT_TO_TBL:
166                 break;
167         case FR_ACT_UNREACHABLE:
168                 return -ENETUNREACH;
169         case FR_ACT_PROHIBIT:
170                 return -EACCES;
171         case FR_ACT_BLACKHOLE:
172         default:
173                 return -EINVAL;
174         }
175 
176         mrt = ip6mr_get_table(rule->fr_net, rule->table);
177         if (!mrt)
178                 return -EAGAIN;
179         res->mrt = mrt;
180         return 0;
181 }
182 
183 static int ip6mr_rule_match(struct fib_rule *rule, struct flowi *flp, int flags)
184 {
185         return 1;
186 }
187 
188 static const struct nla_policy ip6mr_rule_policy[FRA_MAX + 1] = {
189         FRA_GENERIC_POLICY,
190 };
191 
192 static int ip6mr_rule_configure(struct fib_rule *rule, struct sk_buff *skb,
193                                 struct fib_rule_hdr *frh, struct nlattr **tb)
194 {
195         return 0;
196 }
197 
198 static int ip6mr_rule_compare(struct fib_rule *rule, struct fib_rule_hdr *frh,
199                               struct nlattr **tb)
200 {
201         return 1;
202 }
203 
204 static int ip6mr_rule_fill(struct fib_rule *rule, struct sk_buff *skb,
205                            struct fib_rule_hdr *frh)
206 {
207         frh->dst_len = 0;
208         frh->src_len = 0;
209         frh->tos     = 0;
210         return 0;
211 }
212 
213 static const struct fib_rules_ops __net_initconst ip6mr_rules_ops_template = {
214         .family         = RTNL_FAMILY_IP6MR,
215         .rule_size      = sizeof(struct ip6mr_rule),
216         .addr_size      = sizeof(struct in6_addr),
217         .action         = ip6mr_rule_action,
218         .match          = ip6mr_rule_match,
219         .configure      = ip6mr_rule_configure,
220         .compare        = ip6mr_rule_compare,
221         .fill           = ip6mr_rule_fill,
222         .nlgroup        = RTNLGRP_IPV6_RULE,
223         .policy         = ip6mr_rule_policy,
224         .owner          = THIS_MODULE,
225 };
226 
227 static int __net_init ip6mr_rules_init(struct net *net)
228 {
229         struct fib_rules_ops *ops;
230         struct mr6_table *mrt;
231         int err;
232 
233         ops = fib_rules_register(&ip6mr_rules_ops_template, net);
234         if (IS_ERR(ops))
235                 return PTR_ERR(ops);
236 
237         INIT_LIST_HEAD(&net->ipv6.mr6_tables);
238 
239         mrt = ip6mr_new_table(net, RT6_TABLE_DFLT);
240         if (!mrt) {
241                 err = -ENOMEM;
242                 goto err1;
243         }
244 
245         err = fib_default_rule_add(ops, 0x7fff, RT6_TABLE_DFLT, 0);
246         if (err < 0)
247                 goto err2;
248 
249         net->ipv6.mr6_rules_ops = ops;
250         return 0;
251 
252 err2:
253         ip6mr_free_table(mrt);
254 err1:
255         fib_rules_unregister(ops);
256         return err;
257 }
258 
259 static void __net_exit ip6mr_rules_exit(struct net *net)
260 {
261         struct mr6_table *mrt, *next;
262 
263         rtnl_lock();
264         list_for_each_entry_safe(mrt, next, &net->ipv6.mr6_tables, list) {
265                 list_del(&mrt->list);
266                 ip6mr_free_table(mrt);
267         }
268         fib_rules_unregister(net->ipv6.mr6_rules_ops);
269         rtnl_unlock();
270 }
271 #else
272 #define ip6mr_for_each_table(mrt, net) \
273         for (mrt = net->ipv6.mrt6; mrt; mrt = NULL)
274 
275 static struct mr6_table *ip6mr_get_table(struct net *net, u32 id)
276 {
277         return net->ipv6.mrt6;
278 }
279 
280 static int ip6mr_fib_lookup(struct net *net, struct flowi6 *flp6,
281                             struct mr6_table **mrt)
282 {
283         *mrt = net->ipv6.mrt6;
284         return 0;
285 }
286 
287 static int __net_init ip6mr_rules_init(struct net *net)
288 {
289         net->ipv6.mrt6 = ip6mr_new_table(net, RT6_TABLE_DFLT);
290         return net->ipv6.mrt6 ? 0 : -ENOMEM;
291 }
292 
293 static void __net_exit ip6mr_rules_exit(struct net *net)
294 {
295         rtnl_lock();
296         ip6mr_free_table(net->ipv6.mrt6);
297         net->ipv6.mrt6 = NULL;
298         rtnl_unlock();
299 }
300 #endif
301 
302 static struct mr6_table *ip6mr_new_table(struct net *net, u32 id)
303 {
304         struct mr6_table *mrt;
305         unsigned int i;
306 
307         mrt = ip6mr_get_table(net, id);
308         if (mrt)
309                 return mrt;
310 
311         mrt = kzalloc(sizeof(*mrt), GFP_KERNEL);
312         if (!mrt)
313                 return NULL;
314         mrt->id = id;
315         write_pnet(&mrt->net, net);
316 
317         /* Forwarding cache */
318         for (i = 0; i < MFC6_LINES; i++)
319                 INIT_LIST_HEAD(&mrt->mfc6_cache_array[i]);
320 
321         INIT_LIST_HEAD(&mrt->mfc6_unres_queue);
322 
323         timer_setup(&mrt->ipmr_expire_timer, ipmr_expire_process, 0);
324 
325 #ifdef CONFIG_IPV6_PIMSM_V2
326         mrt->mroute_reg_vif_num = -1;
327 #endif
328 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES
329         list_add_tail_rcu(&mrt->list, &net->ipv6.mr6_tables);
330 #endif
331         return mrt;
332 }
333 
334 static void ip6mr_free_table(struct mr6_table *mrt)
335 {
336         del_timer_sync(&mrt->ipmr_expire_timer);
337         mroute_clean_tables(mrt, true);
338         kfree(mrt);
339 }
340 
341 #ifdef CONFIG_PROC_FS
342 
343 struct ipmr_mfc_iter {
344         struct seq_net_private p;
345         struct mr6_table *mrt;
346         struct list_head *cache;
347         int ct;
348 };
349 
350 
351 static struct mfc6_cache *ipmr_mfc_seq_idx(struct net *net,
352                                            struct ipmr_mfc_iter *it, loff_t pos)
353 {
354         struct mr6_table *mrt = it->mrt;
355         struct mfc6_cache *mfc;
356 
357         read_lock(&mrt_lock);
358         for (it->ct = 0; it->ct < MFC6_LINES; it->ct++) {
359                 it->cache = &mrt->mfc6_cache_array[it->ct];
360                 list_for_each_entry(mfc, it->cache, list)
361                         if (pos-- == 0)
362                                 return mfc;
363         }
364         read_unlock(&mrt_lock);
365 
366         spin_lock_bh(&mfc_unres_lock);
367         it->cache = &mrt->mfc6_unres_queue;
368         list_for_each_entry(mfc, it->cache, list)
369                 if (pos-- == 0)
370                         return mfc;
371         spin_unlock_bh(&mfc_unres_lock);
372 
373         it->cache = NULL;
374         return NULL;
375 }
376 
377 /*
378  *      The /proc interfaces to multicast routing /proc/ip6_mr_cache /proc/ip6_mr_vif
379  */
380 
381 struct ipmr_vif_iter {
382         struct seq_net_private p;
383         struct mr6_table *mrt;
384         int ct;
385 };
386 
387 static struct mif_device *ip6mr_vif_seq_idx(struct net *net,
388                                             struct ipmr_vif_iter *iter,
389                                             loff_t pos)
390 {
391         struct mr6_table *mrt = iter->mrt;
392 
393         for (iter->ct = 0; iter->ct < mrt->maxvif; ++iter->ct) {
394                 if (!MIF_EXISTS(mrt, iter->ct))
395                         continue;
396                 if (pos-- == 0)
397                         return &mrt->vif6_table[iter->ct];
398         }
399         return NULL;
400 }
401 
402 static void *ip6mr_vif_seq_start(struct seq_file *seq, loff_t *pos)
403         __acquires(mrt_lock)
404 {
405         struct ipmr_vif_iter *iter = seq->private;
406         struct net *net = seq_file_net(seq);
407         struct mr6_table *mrt;
408 
409         mrt = ip6mr_get_table(net, RT6_TABLE_DFLT);
410         if (!mrt)
411                 return ERR_PTR(-ENOENT);
412 
413         iter->mrt = mrt;
414 
415         read_lock(&mrt_lock);
416         return *pos ? ip6mr_vif_seq_idx(net, seq->private, *pos - 1)
417                 : SEQ_START_TOKEN;
418 }
419 
420 static void *ip6mr_vif_seq_next(struct seq_file *seq, void *v, loff_t *pos)
421 {
422         struct ipmr_vif_iter *iter = seq->private;
423         struct net *net = seq_file_net(seq);
424         struct mr6_table *mrt = iter->mrt;
425 
426         ++*pos;
427         if (v == SEQ_START_TOKEN)
428                 return ip6mr_vif_seq_idx(net, iter, 0);
429 
430         while (++iter->ct < mrt->maxvif) {
431                 if (!MIF_EXISTS(mrt, iter->ct))
432                         continue;
433                 return &mrt->vif6_table[iter->ct];
434         }
435         return NULL;
436 }
437 
438 static void ip6mr_vif_seq_stop(struct seq_file *seq, void *v)
439         __releases(mrt_lock)
440 {
441         read_unlock(&mrt_lock);
442 }
443 
444 static int ip6mr_vif_seq_show(struct seq_file *seq, void *v)
445 {
446         struct ipmr_vif_iter *iter = seq->private;
447         struct mr6_table *mrt = iter->mrt;
448 
449         if (v == SEQ_START_TOKEN) {
450                 seq_puts(seq,
451                          "Interface      BytesIn  PktsIn  BytesOut PktsOut Flags\n");
452         } else {
453                 const struct mif_device *vif = v;
454                 const char *name = vif->dev ? vif->dev->name : "none";
455 
456                 seq_printf(seq,
457                            "%2td %-10s %8ld %7ld  %8ld %7ld %05X\n",
458                            vif - mrt->vif6_table,
459                            name, vif->bytes_in, vif->pkt_in,
460                            vif->bytes_out, vif->pkt_out,
461                            vif->flags);
462         }
463         return 0;
464 }
465 
466 static const struct seq_operations ip6mr_vif_seq_ops = {
467         .start = ip6mr_vif_seq_start,
468         .next  = ip6mr_vif_seq_next,
469         .stop  = ip6mr_vif_seq_stop,
470         .show  = ip6mr_vif_seq_show,
471 };
472 
473 static int ip6mr_vif_open(struct inode *inode, struct file *file)
474 {
475         return seq_open_net(inode, file, &ip6mr_vif_seq_ops,
476                             sizeof(struct ipmr_vif_iter));
477 }
478 
479 static const struct file_operations ip6mr_vif_fops = {
480         .open    = ip6mr_vif_open,
481         .read    = seq_read,
482         .llseek  = seq_lseek,
483         .release = seq_release_net,
484 };
485 
486 static void *ipmr_mfc_seq_start(struct seq_file *seq, loff_t *pos)
487 {
488         struct ipmr_mfc_iter *it = seq->private;
489         struct net *net = seq_file_net(seq);
490         struct mr6_table *mrt;
491 
492         mrt = ip6mr_get_table(net, RT6_TABLE_DFLT);
493         if (!mrt)
494                 return ERR_PTR(-ENOENT);
495 
496         it->mrt = mrt;
497         it->cache = NULL;
498         return *pos ? ipmr_mfc_seq_idx(net, seq->private, *pos - 1)
499                 : SEQ_START_TOKEN;
500 }
501 
502 static void *ipmr_mfc_seq_next(struct seq_file *seq, void *v, loff_t *pos)
503 {
504         struct mfc6_cache *mfc = v;
505         struct ipmr_mfc_iter *it = seq->private;
506         struct net *net = seq_file_net(seq);
507         struct mr6_table *mrt = it->mrt;
508 
509         ++*pos;
510 
511         if (v == SEQ_START_TOKEN)
512                 return ipmr_mfc_seq_idx(net, seq->private, 0);
513 
514         if (mfc->list.next != it->cache)
515                 return list_entry(mfc->list.next, struct mfc6_cache, list);
516 
517         if (it->cache == &mrt->mfc6_unres_queue)
518                 goto end_of_list;
519 
520         BUG_ON(it->cache != &mrt->mfc6_cache_array[it->ct]);
521 
522         while (++it->ct < MFC6_LINES) {
523                 it->cache = &mrt->mfc6_cache_array[it->ct];
524                 if (list_empty(it->cache))
525                         continue;
526                 return list_first_entry(it->cache, struct mfc6_cache, list);
527         }
528 
529         /* exhausted cache_array, show unresolved */
530         read_unlock(&mrt_lock);
531         it->cache = &mrt->mfc6_unres_queue;
532         it->ct = 0;
533 
534         spin_lock_bh(&mfc_unres_lock);
535         if (!list_empty(it->cache))
536                 return list_first_entry(it->cache, struct mfc6_cache, list);
537 
538  end_of_list:
539         spin_unlock_bh(&mfc_unres_lock);
540         it->cache = NULL;
541 
542         return NULL;
543 }
544 
545 static void ipmr_mfc_seq_stop(struct seq_file *seq, void *v)
546 {
547         struct ipmr_mfc_iter *it = seq->private;
548         struct mr6_table *mrt = it->mrt;
549 
550         if (it->cache == &mrt->mfc6_unres_queue)
551                 spin_unlock_bh(&mfc_unres_lock);
552         else if (it->cache == &mrt->mfc6_cache_array[it->ct])
553                 read_unlock(&mrt_lock);
554 }
555 
556 static int ipmr_mfc_seq_show(struct seq_file *seq, void *v)
557 {
558         int n;
559 
560         if (v == SEQ_START_TOKEN) {
561                 seq_puts(seq,
562                          "Group                            "
563                          "Origin                           "
564                          "Iif      Pkts  Bytes     Wrong  Oifs\n");
565         } else {
566                 const struct mfc6_cache *mfc = v;
567                 const struct ipmr_mfc_iter *it = seq->private;
568                 struct mr6_table *mrt = it->mrt;
569 
570                 seq_printf(seq, "%pI6 %pI6 %-3hd",
571                            &mfc->mf6c_mcastgrp, &mfc->mf6c_origin,
572                            mfc->mf6c_parent);
573 
574                 if (it->cache != &mrt->mfc6_unres_queue) {
575                         seq_printf(seq, " %8lu %8lu %8lu",
576                                    mfc->mfc_un.res.pkt,
577                                    mfc->mfc_un.res.bytes,
578                                    mfc->mfc_un.res.wrong_if);
579                         for (n = mfc->mfc_un.res.minvif;
580                              n < mfc->mfc_un.res.maxvif; n++) {
581                                 if (MIF_EXISTS(mrt, n) &&
582                                     mfc->mfc_un.res.ttls[n] < 255)
583                                         seq_printf(seq,
584                                                    " %2d:%-3d",
585                                                    n, mfc->mfc_un.res.ttls[n]);
586                         }
587                 } else {
588                         /* unresolved mfc_caches don't contain
589                          * pkt, bytes and wrong_if values
590                          */
591                         seq_printf(seq, " %8lu %8lu %8lu", 0ul, 0ul, 0ul);
592                 }
593                 seq_putc(seq, '\n');
594         }
595         return 0;
596 }
597 
598 static const struct seq_operations ipmr_mfc_seq_ops = {
599         .start = ipmr_mfc_seq_start,
600         .next  = ipmr_mfc_seq_next,
601         .stop  = ipmr_mfc_seq_stop,
602         .show  = ipmr_mfc_seq_show,
603 };
604 
605 static int ipmr_mfc_open(struct inode *inode, struct file *file)
606 {
607         return seq_open_net(inode, file, &ipmr_mfc_seq_ops,
608                             sizeof(struct ipmr_mfc_iter));
609 }
610 
611 static const struct file_operations ip6mr_mfc_fops = {
612         .open    = ipmr_mfc_open,
613         .read    = seq_read,
614         .llseek  = seq_lseek,
615         .release = seq_release_net,
616 };
617 #endif
618 
619 #ifdef CONFIG_IPV6_PIMSM_V2
620 
621 static int pim6_rcv(struct sk_buff *skb)
622 {
623         struct pimreghdr *pim;
624         struct ipv6hdr   *encap;
625         struct net_device  *reg_dev = NULL;
626         struct net *net = dev_net(skb->dev);
627         struct mr6_table *mrt;
628         struct flowi6 fl6 = {
629                 .flowi6_iif     = skb->dev->ifindex,
630                 .flowi6_mark    = skb->mark,
631         };
632         int reg_vif_num;
633 
634         if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(*encap)))
635                 goto drop;
636 
637         pim = (struct pimreghdr *)skb_transport_header(skb);
638         if (pim->type != ((PIM_VERSION << 4) | PIM_TYPE_REGISTER) ||
639             (pim->flags & PIM_NULL_REGISTER) ||
640             (csum_ipv6_magic(&ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr,
641                              sizeof(*pim), IPPROTO_PIM,
642                              csum_partial((void *)pim, sizeof(*pim), 0)) &&
643              csum_fold(skb_checksum(skb, 0, skb->len, 0))))
644                 goto drop;
645 
646         /* check if the inner packet is destined to mcast group */
647         encap = (struct ipv6hdr *)(skb_transport_header(skb) +
648                                    sizeof(*pim));
649 
650         if (!ipv6_addr_is_multicast(&encap->daddr) ||
651             encap->payload_len == 0 ||
652             ntohs(encap->payload_len) + sizeof(*pim) > skb->len)
653                 goto drop;
654 
655         if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0)
656                 goto drop;
657         reg_vif_num = mrt->mroute_reg_vif_num;
658 
659         read_lock(&mrt_lock);
660         if (reg_vif_num >= 0)
661                 reg_dev = mrt->vif6_table[reg_vif_num].dev;
662         if (reg_dev)
663                 dev_hold(reg_dev);
664         read_unlock(&mrt_lock);
665 
666         if (!reg_dev)
667                 goto drop;
668 
669         skb->mac_header = skb->network_header;
670         skb_pull(skb, (u8 *)encap - skb->data);
671         skb_reset_network_header(skb);
672         skb->protocol = htons(ETH_P_IPV6);
673         skb->ip_summed = CHECKSUM_NONE;
674 
675         skb_tunnel_rx(skb, reg_dev, dev_net(reg_dev));
676 
677         netif_rx(skb);
678 
679         dev_put(reg_dev);
680         return 0;
681  drop:
682         kfree_skb(skb);
683         return 0;
684 }
685 
686 static const struct inet6_protocol pim6_protocol = {
687         .handler        =       pim6_rcv,
688 };
689 
690 /* Service routines creating virtual interfaces: PIMREG */
691 
692 static netdev_tx_t reg_vif_xmit(struct sk_buff *skb,
693                                       struct net_device *dev)
694 {
695         struct net *net = dev_net(dev);
696         struct mr6_table *mrt;
697         struct flowi6 fl6 = {
698                 .flowi6_oif     = dev->ifindex,
699                 .flowi6_iif     = skb->skb_iif ? : LOOPBACK_IFINDEX,
700                 .flowi6_mark    = skb->mark,
701         };
702         int err;
703 
704         err = ip6mr_fib_lookup(net, &fl6, &mrt);
705         if (err < 0) {
706                 kfree_skb(skb);
707                 return err;
708         }
709 
710         read_lock(&mrt_lock);
711         dev->stats.tx_bytes += skb->len;
712         dev->stats.tx_packets++;
713         ip6mr_cache_report(mrt, skb, mrt->mroute_reg_vif_num, MRT6MSG_WHOLEPKT);
714         read_unlock(&mrt_lock);
715         kfree_skb(skb);
716         return NETDEV_TX_OK;
717 }
718 
719 static int reg_vif_get_iflink(const struct net_device *dev)
720 {
721         return 0;
722 }
723 
724 static const struct net_device_ops reg_vif_netdev_ops = {
725         .ndo_start_xmit = reg_vif_xmit,
726         .ndo_get_iflink = reg_vif_get_iflink,
727 };
728 
729 static void reg_vif_setup(struct net_device *dev)
730 {
731         dev->type               = ARPHRD_PIMREG;
732         dev->mtu                = 1500 - sizeof(struct ipv6hdr) - 8;
733         dev->flags              = IFF_NOARP;
734         dev->netdev_ops         = &reg_vif_netdev_ops;
735         dev->needs_free_netdev  = true;
736         dev->features           |= NETIF_F_NETNS_LOCAL;
737 }
738 
739 static struct net_device *ip6mr_reg_vif(struct net *net, struct mr6_table *mrt)
740 {
741         struct net_device *dev;
742         char name[IFNAMSIZ];
743 
744         if (mrt->id == RT6_TABLE_DFLT)
745                 sprintf(name, "pim6reg");
746         else
747                 sprintf(name, "pim6reg%u", mrt->id);
748 
749         dev = alloc_netdev(0, name, NET_NAME_UNKNOWN, reg_vif_setup);
750         if (!dev)
751                 return NULL;
752 
753         dev_net_set(dev, net);
754 
755         if (register_netdevice(dev)) {
756                 free_netdev(dev);
757                 return NULL;
758         }
759 
760         if (dev_open(dev))
761                 goto failure;
762 
763         dev_hold(dev);
764         return dev;
765 
766 failure:
767         unregister_netdevice(dev);
768         return NULL;
769 }
770 #endif
771 
772 /*
773  *      Delete a VIF entry
774  */
775 
776 static int mif6_delete(struct mr6_table *mrt, int vifi, int notify,
777                        struct list_head *head)
778 {
779         struct mif_device *v;
780         struct net_device *dev;
781         struct inet6_dev *in6_dev;
782 
783         if (vifi < 0 || vifi >= mrt->maxvif)
784                 return -EADDRNOTAVAIL;
785 
786         v = &mrt->vif6_table[vifi];
787 
788         write_lock_bh(&mrt_lock);
789         dev = v->dev;
790         v->dev = NULL;
791 
792         if (!dev) {
793                 write_unlock_bh(&mrt_lock);
794                 return -EADDRNOTAVAIL;
795         }
796 
797 #ifdef CONFIG_IPV6_PIMSM_V2
798         if (vifi == mrt->mroute_reg_vif_num)
799                 mrt->mroute_reg_vif_num = -1;
800 #endif
801 
802         if (vifi + 1 == mrt->maxvif) {
803                 int tmp;
804                 for (tmp = vifi - 1; tmp >= 0; tmp--) {
805                         if (MIF_EXISTS(mrt, tmp))
806                                 break;
807                 }
808                 mrt->maxvif = tmp + 1;
809         }
810 
811         write_unlock_bh(&mrt_lock);
812 
813         dev_set_allmulti(dev, -1);
814 
815         in6_dev = __in6_dev_get(dev);
816         if (in6_dev) {
817                 in6_dev->cnf.mc_forwarding--;
818                 inet6_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF,
819                                              NETCONFA_MC_FORWARDING,
820                                              dev->ifindex, &in6_dev->cnf);
821         }
822 
823         if ((v->flags & MIFF_REGISTER) && !notify)
824                 unregister_netdevice_queue(dev, head);
825 
826         dev_put(dev);
827         return 0;
828 }
829 
830 static inline void ip6mr_cache_free(struct mfc6_cache *c)
831 {
832         kmem_cache_free(mrt_cachep, c);
833 }
834 
835 /* Destroy an unresolved cache entry, killing queued skbs
836    and reporting error to netlink readers.
837  */
838 
839 static void ip6mr_destroy_unres(struct mr6_table *mrt, struct mfc6_cache *c)
840 {
841         struct net *net = read_pnet(&mrt->net);
842         struct sk_buff *skb;
843 
844         atomic_dec(&mrt->cache_resolve_queue_len);
845 
846         while ((skb = skb_dequeue(&c->mfc_un.unres.unresolved)) != NULL) {
847                 if (ipv6_hdr(skb)->version == 0) {
848                         struct nlmsghdr *nlh = skb_pull(skb,
849                                                         sizeof(struct ipv6hdr));
850                         nlh->nlmsg_type = NLMSG_ERROR;
851                         nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr));
852                         skb_trim(skb, nlh->nlmsg_len);
853                         ((struct nlmsgerr *)nlmsg_data(nlh))->error = -ETIMEDOUT;
854                         rtnl_unicast(skb, net, NETLINK_CB(skb).portid);
855                 } else
856                         kfree_skb(skb);
857         }
858 
859         ip6mr_cache_free(c);
860 }
861 
862 
863 /* Timer process for all the unresolved queue. */
864 
865 static void ipmr_do_expire_process(struct mr6_table *mrt)
866 {
867         unsigned long now = jiffies;
868         unsigned long expires = 10 * HZ;
869         struct mfc6_cache *c, *next;
870 
871         list_for_each_entry_safe(c, next, &mrt->mfc6_unres_queue, list) {
872                 if (time_after(c->mfc_un.unres.expires, now)) {
873                         /* not yet... */
874                         unsigned long interval = c->mfc_un.unres.expires - now;
875                         if (interval < expires)
876                                 expires = interval;
877                         continue;
878                 }
879 
880                 list_del(&c->list);
881                 mr6_netlink_event(mrt, c, RTM_DELROUTE);
882                 ip6mr_destroy_unres(mrt, c);
883         }
884 
885         if (!list_empty(&mrt->mfc6_unres_queue))
886                 mod_timer(&mrt->ipmr_expire_timer, jiffies + expires);
887 }
888 
889 static void ipmr_expire_process(struct timer_list *t)
890 {
891         struct mr6_table *mrt = from_timer(mrt, t, ipmr_expire_timer);
892 
893         if (!spin_trylock(&mfc_unres_lock)) {
894                 mod_timer(&mrt->ipmr_expire_timer, jiffies + 1);
895                 return;
896         }
897 
898         if (!list_empty(&mrt->mfc6_unres_queue))
899                 ipmr_do_expire_process(mrt);
900 
901         spin_unlock(&mfc_unres_lock);
902 }
903 
904 /* Fill oifs list. It is called under write locked mrt_lock. */
905 
906 static void ip6mr_update_thresholds(struct mr6_table *mrt, struct mfc6_cache *cache,
907                                     unsigned char *ttls)
908 {
909         int vifi;
910 
911         cache->mfc_un.res.minvif = MAXMIFS;
912         cache->mfc_un.res.maxvif = 0;
913         memset(cache->mfc_un.res.ttls, 255, MAXMIFS);
914 
915         for (vifi = 0; vifi < mrt->maxvif; vifi++) {
916                 if (MIF_EXISTS(mrt, vifi) &&
917                     ttls[vifi] && ttls[vifi] < 255) {
918                         cache->mfc_un.res.ttls[vifi] = ttls[vifi];
919                         if (cache->mfc_un.res.minvif > vifi)
920                                 cache->mfc_un.res.minvif = vifi;
921                         if (cache->mfc_un.res.maxvif <= vifi)
922                                 cache->mfc_un.res.maxvif = vifi + 1;
923                 }
924         }
925         cache->mfc_un.res.lastuse = jiffies;
926 }
927 
928 static int mif6_add(struct net *net, struct mr6_table *mrt,
929                     struct mif6ctl *vifc, int mrtsock)
930 {
931         int vifi = vifc->mif6c_mifi;
932         struct mif_device *v = &mrt->vif6_table[vifi];
933         struct net_device *dev;
934         struct inet6_dev *in6_dev;
935         int err;
936 
937         /* Is vif busy ? */
938         if (MIF_EXISTS(mrt, vifi))
939                 return -EADDRINUSE;
940 
941         switch (vifc->mif6c_flags) {
942 #ifdef CONFIG_IPV6_PIMSM_V2
943         case MIFF_REGISTER:
944                 /*
945                  * Special Purpose VIF in PIM
946                  * All the packets will be sent to the daemon
947                  */
948                 if (mrt->mroute_reg_vif_num >= 0)
949                         return -EADDRINUSE;
950                 dev = ip6mr_reg_vif(net, mrt);
951                 if (!dev)
952                         return -ENOBUFS;
953                 err = dev_set_allmulti(dev, 1);
954                 if (err) {
955                         unregister_netdevice(dev);
956                         dev_put(dev);
957                         return err;
958                 }
959                 break;
960 #endif
961         case 0:
962                 dev = dev_get_by_index(net, vifc->mif6c_pifi);
963                 if (!dev)
964                         return -EADDRNOTAVAIL;
965                 err = dev_set_allmulti(dev, 1);
966                 if (err) {
967                         dev_put(dev);
968                         return err;
969                 }
970                 break;
971         default:
972                 return -EINVAL;
973         }
974 
975         in6_dev = __in6_dev_get(dev);
976         if (in6_dev) {
977                 in6_dev->cnf.mc_forwarding++;
978                 inet6_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF,
979                                              NETCONFA_MC_FORWARDING,
980                                              dev->ifindex, &in6_dev->cnf);
981         }
982 
983         /*
984          *      Fill in the VIF structures
985          */
986         v->rate_limit = vifc->vifc_rate_limit;
987         v->flags = vifc->mif6c_flags;
988         if (!mrtsock)
989                 v->flags |= VIFF_STATIC;
990         v->threshold = vifc->vifc_threshold;
991         v->bytes_in = 0;
992         v->bytes_out = 0;
993         v->pkt_in = 0;
994         v->pkt_out = 0;
995         v->link = dev->ifindex;
996         if (v->flags & MIFF_REGISTER)
997                 v->link = dev_get_iflink(dev);
998 
999         /* And finish update writing critical data */
1000         write_lock_bh(&mrt_lock);
1001         v->dev = dev;
1002 #ifdef CONFIG_IPV6_PIMSM_V2
1003         if (v->flags & MIFF_REGISTER)
1004                 mrt->mroute_reg_vif_num = vifi;
1005 #endif
1006         if (vifi + 1 > mrt->maxvif)
1007                 mrt->maxvif = vifi + 1;
1008         write_unlock_bh(&mrt_lock);
1009         return 0;
1010 }
1011 
1012 static struct mfc6_cache *ip6mr_cache_find(struct mr6_table *mrt,
1013                                            const struct in6_addr *origin,
1014                                            const struct in6_addr *mcastgrp)
1015 {
1016         int line = MFC6_HASH(mcastgrp, origin);
1017         struct mfc6_cache *c;
1018 
1019         list_for_each_entry(c, &mrt->mfc6_cache_array[line], list) {
1020                 if (ipv6_addr_equal(&c->mf6c_origin, origin) &&
1021                     ipv6_addr_equal(&c->mf6c_mcastgrp, mcastgrp))
1022                         return c;
1023         }
1024         return NULL;
1025 }
1026 
1027 /* Look for a (*,*,oif) entry */
1028 static struct mfc6_cache *ip6mr_cache_find_any_parent(struct mr6_table *mrt,
1029                                                       mifi_t mifi)
1030 {
1031         int line = MFC6_HASH(&in6addr_any, &in6addr_any);
1032         struct mfc6_cache *c;
1033 
1034         list_for_each_entry(c, &mrt->mfc6_cache_array[line], list)
1035                 if (ipv6_addr_any(&c->mf6c_origin) &&
1036                     ipv6_addr_any(&c->mf6c_mcastgrp) &&
1037                     (c->mfc_un.res.ttls[mifi] < 255))
1038                         return c;
1039 
1040         return NULL;
1041 }
1042 
1043 /* Look for a (*,G) entry */
1044 static struct mfc6_cache *ip6mr_cache_find_any(struct mr6_table *mrt,
1045                                                struct in6_addr *mcastgrp,
1046                                                mifi_t mifi)
1047 {
1048         int line = MFC6_HASH(mcastgrp, &in6addr_any);
1049         struct mfc6_cache *c, *proxy;
1050 
1051         if (ipv6_addr_any(mcastgrp))
1052                 goto skip;
1053 
1054         list_for_each_entry(c, &mrt->mfc6_cache_array[line], list)
1055                 if (ipv6_addr_any(&c->mf6c_origin) &&
1056                     ipv6_addr_equal(&c->mf6c_mcastgrp, mcastgrp)) {
1057                         if (c->mfc_un.res.ttls[mifi] < 255)
1058                                 return c;
1059 
1060                         /* It's ok if the mifi is part of the static tree */
1061                         proxy = ip6mr_cache_find_any_parent(mrt,
1062                                                             c->mf6c_parent);
1063                         if (proxy && proxy->mfc_un.res.ttls[mifi] < 255)
1064                                 return c;
1065                 }
1066 
1067 skip:
1068         return ip6mr_cache_find_any_parent(mrt, mifi);
1069 }
1070 
1071 /*
1072  *      Allocate a multicast cache entry
1073  */
1074 static struct mfc6_cache *ip6mr_cache_alloc(void)
1075 {
1076         struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_KERNEL);
1077         if (!c)
1078                 return NULL;
1079         c->mfc_un.res.last_assert = jiffies - MFC_ASSERT_THRESH - 1;
1080         c->mfc_un.res.minvif = MAXMIFS;
1081         return c;
1082 }
1083 
1084 static struct mfc6_cache *ip6mr_cache_alloc_unres(void)
1085 {
1086         struct mfc6_cache *c = kmem_cache_zalloc(mrt_cachep, GFP_ATOMIC);
1087         if (!c)
1088                 return NULL;
1089         skb_queue_head_init(&c->mfc_un.unres.unresolved);
1090         c->mfc_un.unres.expires = jiffies + 10 * HZ;
1091         return c;
1092 }
1093 
1094 /*
1095  *      A cache entry has gone into a resolved state from queued
1096  */
1097 
1098 static void ip6mr_cache_resolve(struct net *net, struct mr6_table *mrt,
1099                                 struct mfc6_cache *uc, struct mfc6_cache *c)
1100 {
1101         struct sk_buff *skb;
1102 
1103         /*
1104          *      Play the pending entries through our router
1105          */
1106 
1107         while ((skb = __skb_dequeue(&uc->mfc_un.unres.unresolved))) {
1108                 if (ipv6_hdr(skb)->version == 0) {
1109                         struct nlmsghdr *nlh = skb_pull(skb,
1110                                                         sizeof(struct ipv6hdr));
1111 
1112                         if (__ip6mr_fill_mroute(mrt, skb, c, nlmsg_data(nlh)) > 0) {
1113                                 nlh->nlmsg_len = skb_tail_pointer(skb) - (u8 *)nlh;
1114                         } else {
1115                                 nlh->nlmsg_type = NLMSG_ERROR;
1116                                 nlh->nlmsg_len = nlmsg_msg_size(sizeof(struct nlmsgerr));
1117                                 skb_trim(skb, nlh->nlmsg_len);
1118                                 ((struct nlmsgerr *)nlmsg_data(nlh))->error = -EMSGSIZE;
1119                         }
1120                         rtnl_unicast(skb, net, NETLINK_CB(skb).portid);
1121                 } else
1122                         ip6_mr_forward(net, mrt, skb, c);
1123         }
1124 }
1125 
1126 /*
1127  *      Bounce a cache query up to pim6sd and netlink.
1128  *
1129  *      Called under mrt_lock.
1130  */
1131 
1132 static int ip6mr_cache_report(struct mr6_table *mrt, struct sk_buff *pkt,
1133                               mifi_t mifi, int assert)
1134 {
1135         struct sk_buff *skb;
1136         struct mrt6msg *msg;
1137         int ret;
1138 
1139 #ifdef CONFIG_IPV6_PIMSM_V2
1140         if (assert == MRT6MSG_WHOLEPKT)
1141                 skb = skb_realloc_headroom(pkt, -skb_network_offset(pkt)
1142                                                 +sizeof(*msg));
1143         else
1144 #endif
1145                 skb = alloc_skb(sizeof(struct ipv6hdr) + sizeof(*msg), GFP_ATOMIC);
1146 
1147         if (!skb)
1148                 return -ENOBUFS;
1149 
1150         /* I suppose that internal messages
1151          * do not require checksums */
1152 
1153         skb->ip_summed = CHECKSUM_UNNECESSARY;
1154 
1155 #ifdef CONFIG_IPV6_PIMSM_V2
1156         if (assert == MRT6MSG_WHOLEPKT) {
1157                 /* Ugly, but we have no choice with this interface.
1158                    Duplicate old header, fix length etc.
1159                    And all this only to mangle msg->im6_msgtype and
1160                    to set msg->im6_mbz to "mbz" :-)
1161                  */
1162                 skb_push(skb, -skb_network_offset(pkt));
1163 
1164                 skb_push(skb, sizeof(*msg));
1165                 skb_reset_transport_header(skb);
1166                 msg = (struct mrt6msg *)skb_transport_header(skb);
1167                 msg->im6_mbz = 0;
1168                 msg->im6_msgtype = MRT6MSG_WHOLEPKT;
1169                 msg->im6_mif = mrt->mroute_reg_vif_num;
1170                 msg->im6_pad = 0;
1171                 msg->im6_src = ipv6_hdr(pkt)->saddr;
1172                 msg->im6_dst = ipv6_hdr(pkt)->daddr;
1173 
1174                 skb->ip_summed = CHECKSUM_UNNECESSARY;
1175         } else
1176 #endif
1177         {
1178         /*
1179          *      Copy the IP header
1180          */
1181 
1182         skb_put(skb, sizeof(struct ipv6hdr));
1183         skb_reset_network_header(skb);
1184         skb_copy_to_linear_data(skb, ipv6_hdr(pkt), sizeof(struct ipv6hdr));
1185 
1186         /*
1187          *      Add our header
1188          */
1189         skb_put(skb, sizeof(*msg));
1190         skb_reset_transport_header(skb);
1191         msg = (struct mrt6msg *)skb_transport_header(skb);
1192 
1193         msg->im6_mbz = 0;
1194         msg->im6_msgtype = assert;
1195         msg->im6_mif = mifi;
1196         msg->im6_pad = 0;
1197         msg->im6_src = ipv6_hdr(pkt)->saddr;
1198         msg->im6_dst = ipv6_hdr(pkt)->daddr;
1199 
1200         skb_dst_set(skb, dst_clone(skb_dst(pkt)));
1201         skb->ip_summed = CHECKSUM_UNNECESSARY;
1202         }
1203 
1204         if (!mrt->mroute6_sk) {
1205                 kfree_skb(skb);
1206                 return -EINVAL;
1207         }
1208 
1209         mrt6msg_netlink_event(mrt, skb);
1210 
1211         /*
1212          *      Deliver to user space multicast routing algorithms
1213          */
1214         ret = sock_queue_rcv_skb(mrt->mroute6_sk, skb);
1215         if (ret < 0) {
1216                 net_warn_ratelimited("mroute6: pending queue full, dropping entries\n");
1217                 kfree_skb(skb);
1218         }
1219 
1220         return ret;
1221 }
1222 
1223 /*
1224  *      Queue a packet for resolution. It gets locked cache entry!
1225  */
1226 
1227 static int
1228 ip6mr_cache_unresolved(struct mr6_table *mrt, mifi_t mifi, struct sk_buff *skb)
1229 {
1230         bool found = false;
1231         int err;
1232         struct mfc6_cache *c;
1233 
1234         spin_lock_bh(&mfc_unres_lock);
1235         list_for_each_entry(c, &mrt->mfc6_unres_queue, list) {
1236                 if (ipv6_addr_equal(&c->mf6c_mcastgrp, &ipv6_hdr(skb)->daddr) &&
1237                     ipv6_addr_equal(&c->mf6c_origin, &ipv6_hdr(skb)->saddr)) {
1238                         found = true;
1239                         break;
1240                 }
1241         }
1242 
1243         if (!found) {
1244                 /*
1245                  *      Create a new entry if allowable
1246                  */
1247 
1248                 if (atomic_read(&mrt->cache_resolve_queue_len) >= 10 ||
1249                     (c = ip6mr_cache_alloc_unres()) == NULL) {
1250                         spin_unlock_bh(&mfc_unres_lock);
1251 
1252                         kfree_skb(skb);
1253                         return -ENOBUFS;
1254                 }
1255 
1256                 /*
1257                  *      Fill in the new cache entry
1258                  */
1259                 c->mf6c_parent = -1;
1260                 c->mf6c_origin = ipv6_hdr(skb)->saddr;
1261                 c->mf6c_mcastgrp = ipv6_hdr(skb)->daddr;
1262 
1263                 /*
1264                  *      Reflect first query at pim6sd
1265                  */
1266                 err = ip6mr_cache_report(mrt, skb, mifi, MRT6MSG_NOCACHE);
1267                 if (err < 0) {
1268                         /* If the report failed throw the cache entry
1269                            out - Brad Parker
1270                          */
1271                         spin_unlock_bh(&mfc_unres_lock);
1272 
1273                         ip6mr_cache_free(c);
1274                         kfree_skb(skb);
1275                         return err;
1276                 }
1277 
1278                 atomic_inc(&mrt->cache_resolve_queue_len);
1279                 list_add(&c->list, &mrt->mfc6_unres_queue);
1280                 mr6_netlink_event(mrt, c, RTM_NEWROUTE);
1281 
1282                 ipmr_do_expire_process(mrt);
1283         }
1284 
1285         /*
1286          *      See if we can append the packet
1287          */
1288         if (c->mfc_un.unres.unresolved.qlen > 3) {
1289                 kfree_skb(skb);
1290                 err = -ENOBUFS;
1291         } else {
1292                 skb_queue_tail(&c->mfc_un.unres.unresolved, skb);
1293                 err = 0;
1294         }
1295 
1296         spin_unlock_bh(&mfc_unres_lock);
1297         return err;
1298 }
1299 
1300 /*
1301  *      MFC6 cache manipulation by user space
1302  */
1303 
1304 static int ip6mr_mfc_delete(struct mr6_table *mrt, struct mf6cctl *mfc,
1305                             int parent)
1306 {
1307         int line;
1308         struct mfc6_cache *c, *next;
1309 
1310         line = MFC6_HASH(&mfc->mf6cc_mcastgrp.sin6_addr, &mfc->mf6cc_origin.sin6_addr);
1311 
1312         list_for_each_entry_safe(c, next, &mrt->mfc6_cache_array[line], list) {
1313                 if (ipv6_addr_equal(&c->mf6c_origin, &mfc->mf6cc_origin.sin6_addr) &&
1314                     ipv6_addr_equal(&c->mf6c_mcastgrp,
1315                                     &mfc->mf6cc_mcastgrp.sin6_addr) &&
1316                     (parent == -1 || parent == c->mf6c_parent)) {
1317                         write_lock_bh(&mrt_lock);
1318                         list_del(&c->list);
1319                         write_unlock_bh(&mrt_lock);
1320 
1321                         mr6_netlink_event(mrt, c, RTM_DELROUTE);
1322                         ip6mr_cache_free(c);
1323                         return 0;
1324                 }
1325         }
1326         return -ENOENT;
1327 }
1328 
1329 static int ip6mr_device_event(struct notifier_block *this,
1330                               unsigned long event, void *ptr)
1331 {
1332         struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1333         struct net *net = dev_net(dev);
1334         struct mr6_table *mrt;
1335         struct mif_device *v;
1336         int ct;
1337 
1338         if (event != NETDEV_UNREGISTER)
1339                 return NOTIFY_DONE;
1340 
1341         ip6mr_for_each_table(mrt, net) {
1342                 v = &mrt->vif6_table[0];
1343                 for (ct = 0; ct < mrt->maxvif; ct++, v++) {
1344                         if (v->dev == dev)
1345                                 mif6_delete(mrt, ct, 1, NULL);
1346                 }
1347         }
1348 
1349         return NOTIFY_DONE;
1350 }
1351 
1352 static struct notifier_block ip6_mr_notifier = {
1353         .notifier_call = ip6mr_device_event
1354 };
1355 
1356 /*
1357  *      Setup for IP multicast routing
1358  */
1359 
1360 static int __net_init ip6mr_net_init(struct net *net)
1361 {
1362         int err;
1363 
1364         err = ip6mr_rules_init(net);
1365         if (err < 0)
1366                 goto fail;
1367 
1368 #ifdef CONFIG_PROC_FS
1369         err = -ENOMEM;
1370         if (!proc_create("ip6_mr_vif", 0, net->proc_net, &ip6mr_vif_fops))
1371                 goto proc_vif_fail;
1372         if (!proc_create("ip6_mr_cache", 0, net->proc_net, &ip6mr_mfc_fops))
1373                 goto proc_cache_fail;
1374 #endif
1375 
1376         return 0;
1377 
1378 #ifdef CONFIG_PROC_FS
1379 proc_cache_fail:
1380         remove_proc_entry("ip6_mr_vif", net->proc_net);
1381 proc_vif_fail:
1382         ip6mr_rules_exit(net);
1383 #endif
1384 fail:
1385         return err;
1386 }
1387 
1388 static void __net_exit ip6mr_net_exit(struct net *net)
1389 {
1390 #ifdef CONFIG_PROC_FS
1391         remove_proc_entry("ip6_mr_cache", net->proc_net);
1392         remove_proc_entry("ip6_mr_vif", net->proc_net);
1393 #endif
1394         ip6mr_rules_exit(net);
1395 }
1396 
1397 static struct pernet_operations ip6mr_net_ops = {
1398         .init = ip6mr_net_init,
1399         .exit = ip6mr_net_exit,
1400 };
1401 
1402 int __init ip6_mr_init(void)
1403 {
1404         int err;
1405 
1406         mrt_cachep = kmem_cache_create("ip6_mrt_cache",
1407                                        sizeof(struct mfc6_cache),
1408                                        0, SLAB_HWCACHE_ALIGN,
1409                                        NULL);
1410         if (!mrt_cachep)
1411                 return -ENOMEM;
1412 
1413         err = register_pernet_subsys(&ip6mr_net_ops);
1414         if (err)
1415                 goto reg_pernet_fail;
1416 
1417         err = register_netdevice_notifier(&ip6_mr_notifier);
1418         if (err)
1419                 goto reg_notif_fail;
1420 #ifdef CONFIG_IPV6_PIMSM_V2
1421         if (inet6_add_protocol(&pim6_protocol, IPPROTO_PIM) < 0) {
1422                 pr_err("%s: can't add PIM protocol\n", __func__);
1423                 err = -EAGAIN;
1424                 goto add_proto_fail;
1425         }
1426 #endif
1427         err = rtnl_register_module(THIS_MODULE, RTNL_FAMILY_IP6MR, RTM_GETROUTE,
1428                                    NULL, ip6mr_rtm_dumproute, 0);
1429         if (err == 0)
1430                 return 0;
1431 
1432 #ifdef CONFIG_IPV6_PIMSM_V2
1433         inet6_del_protocol(&pim6_protocol, IPPROTO_PIM);
1434 add_proto_fail:
1435         unregister_netdevice_notifier(&ip6_mr_notifier);
1436 #endif
1437 reg_notif_fail:
1438         unregister_pernet_subsys(&ip6mr_net_ops);
1439 reg_pernet_fail:
1440         kmem_cache_destroy(mrt_cachep);
1441         return err;
1442 }
1443 
1444 void ip6_mr_cleanup(void)
1445 {
1446         rtnl_unregister(RTNL_FAMILY_IP6MR, RTM_GETROUTE);
1447 #ifdef CONFIG_IPV6_PIMSM_V2
1448         inet6_del_protocol(&pim6_protocol, IPPROTO_PIM);
1449 #endif
1450         unregister_netdevice_notifier(&ip6_mr_notifier);
1451         unregister_pernet_subsys(&ip6mr_net_ops);
1452         kmem_cache_destroy(mrt_cachep);
1453 }
1454 
1455 static int ip6mr_mfc_add(struct net *net, struct mr6_table *mrt,
1456                          struct mf6cctl *mfc, int mrtsock, int parent)
1457 {
1458         bool found = false;
1459         int line;
1460         struct mfc6_cache *uc, *c;
1461         unsigned char ttls[MAXMIFS];
1462         int i;
1463 
1464         if (mfc->mf6cc_parent >= MAXMIFS)
1465                 return -ENFILE;
1466 
1467         memset(ttls, 255, MAXMIFS);
1468         for (i = 0; i < MAXMIFS; i++) {
1469                 if (IF_ISSET(i, &mfc->mf6cc_ifset))
1470                         ttls[i] = 1;
1471 
1472         }
1473 
1474         line = MFC6_HASH(&mfc->mf6cc_mcastgrp.sin6_addr, &mfc->mf6cc_origin.sin6_addr);
1475 
1476         list_for_each_entry(c, &mrt->mfc6_cache_array[line], list) {
1477                 if (ipv6_addr_equal(&c->mf6c_origin, &mfc->mf6cc_origin.sin6_addr) &&
1478                     ipv6_addr_equal(&c->mf6c_mcastgrp,
1479                                     &mfc->mf6cc_mcastgrp.sin6_addr) &&
1480                     (parent == -1 || parent == mfc->mf6cc_parent)) {
1481                         found = true;
1482                         break;
1483                 }
1484         }
1485 
1486         if (found) {
1487                 write_lock_bh(&mrt_lock);
1488                 c->mf6c_parent = mfc->mf6cc_parent;
1489                 ip6mr_update_thresholds(mrt, c, ttls);
1490                 if (!mrtsock)
1491                         c->mfc_flags |= MFC_STATIC;
1492                 write_unlock_bh(&mrt_lock);
1493                 mr6_netlink_event(mrt, c, RTM_NEWROUTE);
1494                 return 0;
1495         }
1496 
1497         if (!ipv6_addr_any(&mfc->mf6cc_mcastgrp.sin6_addr) &&
1498             !ipv6_addr_is_multicast(&mfc->mf6cc_mcastgrp.sin6_addr))
1499                 return -EINVAL;
1500 
1501         c = ip6mr_cache_alloc();
1502         if (!c)
1503                 return -ENOMEM;
1504 
1505         c->mf6c_origin = mfc->mf6cc_origin.sin6_addr;
1506         c->mf6c_mcastgrp = mfc->mf6cc_mcastgrp.sin6_addr;
1507         c->mf6c_parent = mfc->mf6cc_parent;
1508         ip6mr_update_thresholds(mrt, c, ttls);
1509         if (!mrtsock)
1510                 c->mfc_flags |= MFC_STATIC;
1511 
1512         write_lock_bh(&mrt_lock);
1513         list_add(&c->list, &mrt->mfc6_cache_array[line]);
1514         write_unlock_bh(&mrt_lock);
1515 
1516         /*
1517          *      Check to see if we resolved a queued list. If so we
1518          *      need to send on the frames and tidy up.
1519          */
1520         found = false;
1521         spin_lock_bh(&mfc_unres_lock);
1522         list_for_each_entry(uc, &mrt->mfc6_unres_queue, list) {
1523                 if (ipv6_addr_equal(&uc->mf6c_origin, &c->mf6c_origin) &&
1524                     ipv6_addr_equal(&uc->mf6c_mcastgrp, &c->mf6c_mcastgrp)) {
1525                         list_del(&uc->list);
1526                         atomic_dec(&mrt->cache_resolve_queue_len);
1527                         found = true;
1528                         break;
1529                 }
1530         }
1531         if (list_empty(&mrt->mfc6_unres_queue))
1532                 del_timer(&mrt->ipmr_expire_timer);
1533         spin_unlock_bh(&mfc_unres_lock);
1534 
1535         if (found) {
1536                 ip6mr_cache_resolve(net, mrt, uc, c);
1537                 ip6mr_cache_free(uc);
1538         }
1539         mr6_netlink_event(mrt, c, RTM_NEWROUTE);
1540         return 0;
1541 }
1542 
1543 /*
1544  *      Close the multicast socket, and clear the vif tables etc
1545  */
1546 
1547 static void mroute_clean_tables(struct mr6_table *mrt, bool all)
1548 {
1549         int i;
1550         LIST_HEAD(list);
1551         struct mfc6_cache *c, *next;
1552 
1553         /*
1554          *      Shut down all active vif entries
1555          */
1556         for (i = 0; i < mrt->maxvif; i++) {
1557                 if (!all && (mrt->vif6_table[i].flags & VIFF_STATIC))
1558                         continue;
1559                 mif6_delete(mrt, i, 0, &list);
1560         }
1561         unregister_netdevice_many(&list);
1562 
1563         /*
1564          *      Wipe the cache
1565          */
1566         for (i = 0; i < MFC6_LINES; i++) {
1567                 list_for_each_entry_safe(c, next, &mrt->mfc6_cache_array[i], list) {
1568                         if (!all && (c->mfc_flags & MFC_STATIC))
1569                                 continue;
1570                         write_lock_bh(&mrt_lock);
1571                         list_del(&c->list);
1572                         write_unlock_bh(&mrt_lock);
1573 
1574                         mr6_netlink_event(mrt, c, RTM_DELROUTE);
1575                         ip6mr_cache_free(c);
1576                 }
1577         }
1578 
1579         if (atomic_read(&mrt->cache_resolve_queue_len) != 0) {
1580                 spin_lock_bh(&mfc_unres_lock);
1581                 list_for_each_entry_safe(c, next, &mrt->mfc6_unres_queue, list) {
1582                         list_del(&c->list);
1583                         mr6_netlink_event(mrt, c, RTM_DELROUTE);
1584                         ip6mr_destroy_unres(mrt, c);
1585                 }
1586                 spin_unlock_bh(&mfc_unres_lock);
1587         }
1588 }
1589 
1590 static int ip6mr_sk_init(struct mr6_table *mrt, struct sock *sk)
1591 {
1592         int err = 0;
1593         struct net *net = sock_net(sk);
1594 
1595         rtnl_lock();
1596         write_lock_bh(&mrt_lock);
1597         if (likely(mrt->mroute6_sk == NULL)) {
1598                 mrt->mroute6_sk = sk;
1599                 net->ipv6.devconf_all->mc_forwarding++;
1600         } else {
1601                 err = -EADDRINUSE;
1602         }
1603         write_unlock_bh(&mrt_lock);
1604 
1605         if (!err)
1606                 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF,
1607                                              NETCONFA_MC_FORWARDING,
1608                                              NETCONFA_IFINDEX_ALL,
1609                                              net->ipv6.devconf_all);
1610         rtnl_unlock();
1611 
1612         return err;
1613 }
1614 
1615 int ip6mr_sk_done(struct sock *sk)
1616 {
1617         int err = -EACCES;
1618         struct net *net = sock_net(sk);
1619         struct mr6_table *mrt;
1620 
1621         if (sk->sk_type != SOCK_RAW ||
1622             inet_sk(sk)->inet_num != IPPROTO_ICMPV6)
1623                 return err;
1624 
1625         rtnl_lock();
1626         ip6mr_for_each_table(mrt, net) {
1627                 if (sk == mrt->mroute6_sk) {
1628                         write_lock_bh(&mrt_lock);
1629                         mrt->mroute6_sk = NULL;
1630                         net->ipv6.devconf_all->mc_forwarding--;
1631                         write_unlock_bh(&mrt_lock);
1632                         inet6_netconf_notify_devconf(net, RTM_NEWNETCONF,
1633                                                      NETCONFA_MC_FORWARDING,
1634                                                      NETCONFA_IFINDEX_ALL,
1635                                                      net->ipv6.devconf_all);
1636 
1637                         mroute_clean_tables(mrt, false);
1638                         err = 0;
1639                         break;
1640                 }
1641         }
1642         rtnl_unlock();
1643 
1644         return err;
1645 }
1646 
1647 struct sock *mroute6_socket(struct net *net, struct sk_buff *skb)
1648 {
1649         struct mr6_table *mrt;
1650         struct flowi6 fl6 = {
1651                 .flowi6_iif     = skb->skb_iif ? : LOOPBACK_IFINDEX,
1652                 .flowi6_oif     = skb->dev->ifindex,
1653                 .flowi6_mark    = skb->mark,
1654         };
1655 
1656         if (ip6mr_fib_lookup(net, &fl6, &mrt) < 0)
1657                 return NULL;
1658 
1659         return mrt->mroute6_sk;
1660 }
1661 
1662 /*
1663  *      Socket options and virtual interface manipulation. The whole
1664  *      virtual interface system is a complete heap, but unfortunately
1665  *      that's how BSD mrouted happens to think. Maybe one day with a proper
1666  *      MOSPF/PIM router set up we can clean this up.
1667  */
1668 
1669 int ip6_mroute_setsockopt(struct sock *sk, int optname, char __user *optval, unsigned int optlen)
1670 {
1671         int ret, parent = 0;
1672         struct mif6ctl vif;
1673         struct mf6cctl mfc;
1674         mifi_t mifi;
1675         struct net *net = sock_net(sk);
1676         struct mr6_table *mrt;
1677 
1678         if (sk->sk_type != SOCK_RAW ||
1679             inet_sk(sk)->inet_num != IPPROTO_ICMPV6)
1680                 return -EOPNOTSUPP;
1681 
1682         mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1683         if (!mrt)
1684                 return -ENOENT;
1685 
1686         if (optname != MRT6_INIT) {
1687                 if (sk != mrt->mroute6_sk && !ns_capable(net->user_ns, CAP_NET_ADMIN))
1688                         return -EACCES;
1689         }
1690 
1691         switch (optname) {
1692         case MRT6_INIT:
1693                 if (optlen < sizeof(int))
1694                         return -EINVAL;
1695 
1696                 return ip6mr_sk_init(mrt, sk);
1697 
1698         case MRT6_DONE:
1699                 return ip6mr_sk_done(sk);
1700 
1701         case MRT6_ADD_MIF:
1702                 if (optlen < sizeof(vif))
1703                         return -EINVAL;
1704                 if (copy_from_user(&vif, optval, sizeof(vif)))
1705                         return -EFAULT;
1706                 if (vif.mif6c_mifi >= MAXMIFS)
1707                         return -ENFILE;
1708                 rtnl_lock();
1709                 ret = mif6_add(net, mrt, &vif, sk == mrt->mroute6_sk);
1710                 rtnl_unlock();
1711                 return ret;
1712 
1713         case MRT6_DEL_MIF:
1714                 if (optlen < sizeof(mifi_t))
1715                         return -EINVAL;
1716                 if (copy_from_user(&mifi, optval, sizeof(mifi_t)))
1717                         return -EFAULT;
1718                 rtnl_lock();
1719                 ret = mif6_delete(mrt, mifi, 0, NULL);
1720                 rtnl_unlock();
1721                 return ret;
1722 
1723         /*
1724          *      Manipulate the forwarding caches. These live
1725          *      in a sort of kernel/user symbiosis.
1726          */
1727         case MRT6_ADD_MFC:
1728         case MRT6_DEL_MFC:
1729                 parent = -1;
1730                 /* fall through */
1731         case MRT6_ADD_MFC_PROXY:
1732         case MRT6_DEL_MFC_PROXY:
1733                 if (optlen < sizeof(mfc))
1734                         return -EINVAL;
1735                 if (copy_from_user(&mfc, optval, sizeof(mfc)))
1736                         return -EFAULT;
1737                 if (parent == 0)
1738                         parent = mfc.mf6cc_parent;
1739                 rtnl_lock();
1740                 if (optname == MRT6_DEL_MFC || optname == MRT6_DEL_MFC_PROXY)
1741                         ret = ip6mr_mfc_delete(mrt, &mfc, parent);
1742                 else
1743                         ret = ip6mr_mfc_add(net, mrt, &mfc,
1744                                             sk == mrt->mroute6_sk, parent);
1745                 rtnl_unlock();
1746                 return ret;
1747 
1748         /*
1749          *      Control PIM assert (to activate pim will activate assert)
1750          */
1751         case MRT6_ASSERT:
1752         {
1753                 int v;
1754 
1755                 if (optlen != sizeof(v))
1756                         return -EINVAL;
1757                 if (get_user(v, (int __user *)optval))
1758                         return -EFAULT;
1759                 mrt->mroute_do_assert = v;
1760                 return 0;
1761         }
1762 
1763 #ifdef CONFIG_IPV6_PIMSM_V2
1764         case MRT6_PIM:
1765         {
1766                 int v;
1767 
1768                 if (optlen != sizeof(v))
1769                         return -EINVAL;
1770                 if (get_user(v, (int __user *)optval))
1771                         return -EFAULT;
1772                 v = !!v;
1773                 rtnl_lock();
1774                 ret = 0;
1775                 if (v != mrt->mroute_do_pim) {
1776                         mrt->mroute_do_pim = v;
1777                         mrt->mroute_do_assert = v;
1778                 }
1779                 rtnl_unlock();
1780                 return ret;
1781         }
1782 
1783 #endif
1784 #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES
1785         case MRT6_TABLE:
1786         {
1787                 u32 v;
1788 
1789                 if (optlen != sizeof(u32))
1790                         return -EINVAL;
1791                 if (get_user(v, (u32 __user *)optval))
1792                         return -EFAULT;
1793                 /* "pim6reg%u" should not exceed 16 bytes (IFNAMSIZ) */
1794                 if (v != RT_TABLE_DEFAULT && v >= 100000000)
1795                         return -EINVAL;
1796                 if (sk == mrt->mroute6_sk)
1797                         return -EBUSY;
1798 
1799                 rtnl_lock();
1800                 ret = 0;
1801                 if (!ip6mr_new_table(net, v))
1802                         ret = -ENOMEM;
1803                 else
1804                         raw6_sk(sk)->ip6mr_table = v;
1805                 rtnl_unlock();
1806                 return ret;
1807         }
1808 #endif
1809         /*
1810          *      Spurious command, or MRT6_VERSION which you cannot
1811          *      set.
1812          */
1813         default:
1814                 return -ENOPROTOOPT;
1815         }
1816 }
1817 
1818 /*
1819  *      Getsock opt support for the multicast routing system.
1820  */
1821 
1822 int ip6_mroute_getsockopt(struct sock *sk, int optname, char __user *optval,
1823                           int __user *optlen)
1824 {
1825         int olr;
1826         int val;
1827         struct net *net = sock_net(sk);
1828         struct mr6_table *mrt;
1829 
1830         if (sk->sk_type != SOCK_RAW ||
1831             inet_sk(sk)->inet_num != IPPROTO_ICMPV6)
1832                 return -EOPNOTSUPP;
1833 
1834         mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1835         if (!mrt)
1836                 return -ENOENT;
1837 
1838         switch (optname) {
1839         case MRT6_VERSION:
1840                 val = 0x0305;
1841                 break;
1842 #ifdef CONFIG_IPV6_PIMSM_V2
1843         case MRT6_PIM:
1844                 val = mrt->mroute_do_pim;
1845                 break;
1846 #endif
1847         case MRT6_ASSERT:
1848                 val = mrt->mroute_do_assert;
1849                 break;
1850         default:
1851                 return -ENOPROTOOPT;
1852         }
1853 
1854         if (get_user(olr, optlen))
1855                 return -EFAULT;
1856 
1857         olr = min_t(int, olr, sizeof(int));
1858         if (olr < 0)
1859                 return -EINVAL;
1860 
1861         if (put_user(olr, optlen))
1862                 return -EFAULT;
1863         if (copy_to_user(optval, &val, olr))
1864                 return -EFAULT;
1865         return 0;
1866 }
1867 
1868 /*
1869  *      The IP multicast ioctl support routines.
1870  */
1871 
1872 int ip6mr_ioctl(struct sock *sk, int cmd, void __user *arg)
1873 {
1874         struct sioc_sg_req6 sr;
1875         struct sioc_mif_req6 vr;
1876         struct mif_device *vif;
1877         struct mfc6_cache *c;
1878         struct net *net = sock_net(sk);
1879         struct mr6_table *mrt;
1880 
1881         mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1882         if (!mrt)
1883                 return -ENOENT;
1884 
1885         switch (cmd) {
1886         case SIOCGETMIFCNT_IN6:
1887                 if (copy_from_user(&vr, arg, sizeof(vr)))
1888                         return -EFAULT;
1889                 if (vr.mifi >= mrt->maxvif)
1890                         return -EINVAL;
1891                 read_lock(&mrt_lock);
1892                 vif = &mrt->vif6_table[vr.mifi];
1893                 if (MIF_EXISTS(mrt, vr.mifi)) {
1894                         vr.icount = vif->pkt_in;
1895                         vr.ocount = vif->pkt_out;
1896                         vr.ibytes = vif->bytes_in;
1897                         vr.obytes = vif->bytes_out;
1898                         read_unlock(&mrt_lock);
1899 
1900                         if (copy_to_user(arg, &vr, sizeof(vr)))
1901                                 return -EFAULT;
1902                         return 0;
1903                 }
1904                 read_unlock(&mrt_lock);
1905                 return -EADDRNOTAVAIL;
1906         case SIOCGETSGCNT_IN6:
1907                 if (copy_from_user(&sr, arg, sizeof(sr)))
1908                         return -EFAULT;
1909 
1910                 read_lock(&mrt_lock);
1911                 c = ip6mr_cache_find(mrt, &sr.src.sin6_addr, &sr.grp.sin6_addr);
1912                 if (c) {
1913                         sr.pktcnt = c->mfc_un.res.pkt;
1914                         sr.bytecnt = c->mfc_un.res.bytes;
1915                         sr.wrong_if = c->mfc_un.res.wrong_if;
1916                         read_unlock(&mrt_lock);
1917 
1918                         if (copy_to_user(arg, &sr, sizeof(sr)))
1919                                 return -EFAULT;
1920                         return 0;
1921                 }
1922                 read_unlock(&mrt_lock);
1923                 return -EADDRNOTAVAIL;
1924         default:
1925                 return -ENOIOCTLCMD;
1926         }
1927 }
1928 
1929 #ifdef CONFIG_COMPAT
1930 struct compat_sioc_sg_req6 {
1931         struct sockaddr_in6 src;
1932         struct sockaddr_in6 grp;
1933         compat_ulong_t pktcnt;
1934         compat_ulong_t bytecnt;
1935         compat_ulong_t wrong_if;
1936 };
1937 
1938 struct compat_sioc_mif_req6 {
1939         mifi_t  mifi;
1940         compat_ulong_t icount;
1941         compat_ulong_t ocount;
1942         compat_ulong_t ibytes;
1943         compat_ulong_t obytes;
1944 };
1945 
1946 int ip6mr_compat_ioctl(struct sock *sk, unsigned int cmd, void __user *arg)
1947 {
1948         struct compat_sioc_sg_req6 sr;
1949         struct compat_sioc_mif_req6 vr;
1950         struct mif_device *vif;
1951         struct mfc6_cache *c;
1952         struct net *net = sock_net(sk);
1953         struct mr6_table *mrt;
1954 
1955         mrt = ip6mr_get_table(net, raw6_sk(sk)->ip6mr_table ? : RT6_TABLE_DFLT);
1956         if (!mrt)
1957                 return -ENOENT;
1958 
1959         switch (cmd) {
1960         case SIOCGETMIFCNT_IN6:
1961                 if (copy_from_user(&vr, arg, sizeof(vr)))
1962                         return -EFAULT;
1963                 if (vr.mifi >= mrt->maxvif)
1964                         return -EINVAL;
1965                 read_lock(&mrt_lock);
1966                 vif = &mrt->vif6_table[vr.mifi];
1967                 if (MIF_EXISTS(mrt, vr.mifi)) {
1968                         vr.icount = vif->pkt_in;
1969                         vr.ocount = vif->pkt_out;
1970                         vr.ibytes = vif->bytes_in;
1971                         vr.obytes = vif->bytes_out;
1972                         read_unlock(&mrt_lock);
1973 
1974                         if (copy_to_user(arg, &vr, sizeof(vr)))
1975                                 return -EFAULT;
1976                         return 0;
1977                 }
1978                 read_unlock(&mrt_lock);
1979                 return -EADDRNOTAVAIL;
1980         case SIOCGETSGCNT_IN6:
1981                 if (copy_from_user(&sr, arg, sizeof(sr)))
1982                         return -EFAULT;
1983 
1984                 read_lock(&mrt_lock);
1985                 c = ip6mr_cache_find(mrt, &sr.src.sin6_addr, &sr.grp.sin6_addr);
1986                 if (c) {
1987                         sr.pktcnt = c->mfc_un.res.pkt;
1988                         sr.bytecnt = c->mfc_un.res.bytes;
1989                         sr.wrong_if = c->mfc_un.res.wrong_if;
1990                         read_unlock(&mrt_lock);
1991 
1992                         if (copy_to_user(arg, &sr, sizeof(sr)))
1993                                 return -EFAULT;
1994                         return 0;
1995                 }
1996                 read_unlock(&mrt_lock);
1997                 return -EADDRNOTAVAIL;
1998         default:
1999                 return -ENOIOCTLCMD;
2000         }
2001 }
2002 #endif
2003 
2004 static inline int ip6mr_forward2_finish(struct net *net, struct sock *sk, struct sk_buff *skb)
2005 {
2006         __IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
2007                         IPSTATS_MIB_OUTFORWDATAGRAMS);
2008         __IP6_ADD_STATS(net, ip6_dst_idev(skb_dst(skb)),
2009                         IPSTATS_MIB_OUTOCTETS, skb->len);
2010         return dst_output(net, sk, skb);
2011 }
2012 
2013 /*
2014  *      Processing handlers for ip6mr_forward
2015  */
2016 
2017 static int ip6mr_forward2(struct net *net, struct mr6_table *mrt,
2018                           struct sk_buff *skb, struct mfc6_cache *c, int vifi)
2019 {
2020         struct ipv6hdr *ipv6h;
2021         struct mif_device *vif = &mrt->vif6_table[vifi];
2022         struct net_device *dev;
2023         struct dst_entry *dst;
2024         struct flowi6 fl6;
2025 
2026         if (!vif->dev)
2027                 goto out_free;
2028 
2029 #ifdef CONFIG_IPV6_PIMSM_V2
2030         if (vif->flags & MIFF_REGISTER) {
2031                 vif->pkt_out++;
2032                 vif->bytes_out += skb->len;
2033                 vif->dev->stats.tx_bytes += skb->len;
2034                 vif->dev->stats.tx_packets++;
2035                 ip6mr_cache_report(mrt, skb, vifi, MRT6MSG_WHOLEPKT);
2036                 goto out_free;
2037         }
2038 #endif
2039 
2040         ipv6h = ipv6_hdr(skb);
2041 
2042         fl6 = (struct flowi6) {
2043                 .flowi6_oif = vif->link,
2044                 .daddr = ipv6h->daddr,
2045         };
2046 
2047         dst = ip6_route_output(net, NULL, &fl6);
2048         if (dst->error) {
2049                 dst_release(dst);
2050                 goto out_free;
2051         }
2052 
2053         skb_dst_drop(skb);
2054         skb_dst_set(skb, dst);
2055 
2056         /*
2057          * RFC1584 teaches, that DVMRP/PIM router must deliver packets locally
2058          * not only before forwarding, but after forwarding on all output
2059          * interfaces. It is clear, if mrouter runs a multicasting
2060          * program, it should receive packets not depending to what interface
2061          * program is joined.
2062          * If we will not make it, the program will have to join on all
2063          * interfaces. On the other hand, multihoming host (or router, but
2064          * not mrouter) cannot join to more than one interface - it will
2065          * result in receiving multiple packets.
2066          */
2067         dev = vif->dev;
2068         skb->dev = dev;
2069         vif->pkt_out++;
2070         vif->bytes_out += skb->len;
2071 
2072         /* We are about to write */
2073         /* XXX: extension headers? */
2074         if (skb_cow(skb, sizeof(*ipv6h) + LL_RESERVED_SPACE(dev)))
2075                 goto out_free;
2076 
2077         ipv6h = ipv6_hdr(skb);
2078         ipv6h->hop_limit--;
2079 
2080         IP6CB(skb)->flags |= IP6SKB_FORWARDED;
2081 
2082         return NF_HOOK(NFPROTO_IPV6, NF_INET_FORWARD,
2083                        net, NULL, skb, skb->dev, dev,
2084                        ip6mr_forward2_finish);
2085 
2086 out_free:
2087         kfree_skb(skb);
2088         return 0;
2089 }
2090 
2091 static int ip6mr_find_vif(struct mr6_table *mrt, struct net_device *dev)
2092 {
2093         int ct;
2094 
2095         for (ct = mrt->maxvif - 1; ct >= 0; ct--) {
2096                 if (mrt->vif6_table[ct].dev == dev)
2097                         break;
2098         }
2099         return ct;
2100 }
2101 
2102 static void ip6_mr_forward(struct net *net, struct mr6_table *mrt,
2103                            struct sk_buff *skb, struct mfc6_cache *cache)
2104 {
2105         int psend = -1;
2106         int vif, ct;
2107         int true_vifi = ip6mr_find_vif(mrt, skb->dev);
2108 
2109         vif = cache->mf6c_parent;
2110         cache->mfc_un.res.pkt++;
2111         cache->mfc_un.res.bytes += skb->len;
2112         cache->mfc_un.res.lastuse = jiffies;
2113 
2114         if (ipv6_addr_any(&cache->mf6c_origin) && true_vifi >= 0) {
2115                 struct mfc6_cache *cache_proxy;
2116 
2117                 /* For an (*,G) entry, we only check that the incoming
2118                  * interface is part of the static tree.
2119                  */
2120                 cache_proxy = ip6mr_cache_find_any_parent(mrt, vif);
2121                 if (cache_proxy &&
2122                     cache_proxy->mfc_un.res.ttls[true_vifi] < 255)
2123                         goto forward;
2124         }
2125 
2126         /*
2127          * Wrong interface: drop packet and (maybe) send PIM assert.
2128          */
2129         if (mrt->vif6_table[vif].dev != skb->dev) {
2130                 cache->mfc_un.res.wrong_if++;
2131 
2132                 if (true_vifi >= 0 && mrt->mroute_do_assert &&
2133                     /* pimsm uses asserts, when switching from RPT to SPT,
2134                        so that we cannot check that packet arrived on an oif.
2135                        It is bad, but otherwise we would need to move pretty
2136                        large chunk of pimd to kernel. Ough... --ANK
2137                      */
2138                     (mrt->mroute_do_pim ||
2139                      cache->mfc_un.res.ttls[true_vifi] < 255) &&
2140                     time_after(jiffies,
2141                                cache->mfc_un.res.last_assert + MFC_ASSERT_THRESH)) {
2142                         cache->mfc_un.res.last_assert = jiffies;
2143                         ip6mr_cache_report(mrt, skb, true_vifi, MRT6MSG_WRONGMIF);
2144                 }
2145                 goto dont_forward;
2146         }
2147 
2148 forward:
2149         mrt->vif6_table[vif].pkt_in++;
2150         mrt->vif6_table[vif].bytes_in += skb->len;
2151 
2152         /*
2153          *      Forward the frame
2154          */
2155         if (ipv6_addr_any(&cache->mf6c_origin) &&
2156             ipv6_addr_any(&cache->mf6c_mcastgrp)) {
2157                 if (true_vifi >= 0 &&
2158                     true_vifi != cache->mf6c_parent &&
2159                     ipv6_hdr(skb)->hop_limit >
2160                                 cache->mfc_un.res.ttls[cache->mf6c_parent]) {
2161                         /* It's an (*,*) entry and the packet is not coming from
2162                          * the upstream: forward the packet to the upstream
2163                          * only.
2164                          */
2165                         psend = cache->mf6c_parent;
2166                         goto last_forward;
2167                 }
2168                 goto dont_forward;
2169         }
2170         for (ct = cache->mfc_un.res.maxvif - 1; ct >= cache->mfc_un.res.minvif; ct--) {
2171                 /* For (*,G) entry, don't forward to the incoming interface */
2172                 if ((!ipv6_addr_any(&cache->mf6c_origin) || ct != true_vifi) &&
2173                     ipv6_hdr(skb)->hop_limit > cache->mfc_un.res.ttls[ct]) {
2174                         if (psend != -1) {
2175                                 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
2176                                 if (skb2)
2177                                         ip6mr_forward2(net, mrt, skb2, cache, psend);
2178                         }
2179                         psend = ct;
2180                 }
2181         }
2182 last_forward:
2183         if (psend != -1) {
2184                 ip6mr_forward2(net, mrt, skb, cache, psend);
2185                 return;
2186         }
2187 
2188 dont_forward:
2189         kfree_skb(skb);
2190 }
2191 
2192 
2193 /*
2194  *      Multicast packets for forwarding arrive here
2195  */
2196 
2197 int ip6_mr_input(struct sk_buff *skb)
2198 {
2199         struct mfc6_cache *cache;
2200         struct net *net = dev_net(skb->dev);
2201         struct mr6_table *mrt;
2202         struct flowi6 fl6 = {
2203                 .flowi6_iif     = skb->dev->ifindex,
2204                 .flowi6_mark    = skb->mark,
2205         };
2206         int err;
2207 
2208         err = ip6mr_fib_lookup(net, &fl6, &mrt);
2209         if (err < 0) {
2210                 kfree_skb(skb);
2211                 return err;
2212         }
2213 
2214         read_lock(&mrt_lock);
2215         cache = ip6mr_cache_find(mrt,
2216                                  &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr);
2217         if (!cache) {
2218                 int vif = ip6mr_find_vif(mrt, skb->dev);
2219 
2220                 if (vif >= 0)
2221                         cache = ip6mr_cache_find_any(mrt,
2222                                                      &ipv6_hdr(skb)->daddr,
2223                                                      vif);
2224         }
2225 
2226         /*
2227          *      No usable cache entry
2228          */
2229         if (!cache) {
2230                 int vif;
2231 
2232                 vif = ip6mr_find_vif(mrt, skb->dev);
2233                 if (vif >= 0) {
2234                         int err = ip6mr_cache_unresolved(mrt, vif, skb);
2235                         read_unlock(&mrt_lock);
2236 
2237                         return err;
2238                 }
2239                 read_unlock(&mrt_lock);
2240                 kfree_skb(skb);
2241                 return -ENODEV;
2242         }
2243 
2244         ip6_mr_forward(net, mrt, skb, cache);
2245 
2246         read_unlock(&mrt_lock);
2247 
2248         return 0;
2249 }
2250 
2251 
2252 static int __ip6mr_fill_mroute(struct mr6_table *mrt, struct sk_buff *skb,
2253                                struct mfc6_cache *c, struct rtmsg *rtm)
2254 {
2255         struct rta_mfc_stats mfcs;
2256         struct nlattr *mp_attr;
2257         struct rtnexthop *nhp;
2258         unsigned long lastuse;
2259         int ct;
2260 
2261         /* If cache is unresolved, don't try to parse IIF and OIF */
2262         if (c->mf6c_parent >= MAXMIFS) {
2263                 rtm->rtm_flags |= RTNH_F_UNRESOLVED;
2264                 return -ENOENT;
2265         }
2266 
2267         if (MIF_EXISTS(mrt, c->mf6c_parent) &&
2268             nla_put_u32(skb, RTA_IIF, mrt->vif6_table[c->mf6c_parent].dev->ifindex) < 0)
2269                 return -EMSGSIZE;
2270         mp_attr = nla_nest_start(skb, RTA_MULTIPATH);
2271         if (!mp_attr)
2272                 return -EMSGSIZE;
2273 
2274         for (ct = c->mfc_un.res.minvif; ct < c->mfc_un.res.maxvif; ct++) {
2275                 if (MIF_EXISTS(mrt, ct) && c->mfc_un.res.ttls[ct] < 255) {
2276                         nhp = nla_reserve_nohdr(skb, sizeof(*nhp));
2277                         if (!nhp) {
2278                                 nla_nest_cancel(skb, mp_attr);
2279                                 return -EMSGSIZE;
2280                         }
2281 
2282                         nhp->rtnh_flags = 0;
2283                         nhp->rtnh_hops = c->mfc_un.res.ttls[ct];
2284                         nhp->rtnh_ifindex = mrt->vif6_table[ct].dev->ifindex;
2285                         nhp->rtnh_len = sizeof(*nhp);
2286                 }
2287         }
2288 
2289         nla_nest_end(skb, mp_attr);
2290 
2291         lastuse = READ_ONCE(c->mfc_un.res.lastuse);
2292         lastuse = time_after_eq(jiffies, lastuse) ? jiffies - lastuse : 0;
2293 
2294         mfcs.mfcs_packets = c->mfc_un.res.pkt;
2295         mfcs.mfcs_bytes = c->mfc_un.res.bytes;
2296         mfcs.mfcs_wrong_if = c->mfc_un.res.wrong_if;
2297         if (nla_put_64bit(skb, RTA_MFC_STATS, sizeof(mfcs), &mfcs, RTA_PAD) ||
2298             nla_put_u64_64bit(skb, RTA_EXPIRES, jiffies_to_clock_t(lastuse),
2299                               RTA_PAD))
2300                 return -EMSGSIZE;
2301 
2302         rtm->rtm_type = RTN_MULTICAST;
2303         return 1;
2304 }
2305 
2306 int ip6mr_get_route(struct net *net, struct sk_buff *skb, struct rtmsg *rtm,
2307                     u32 portid)
2308 {
2309         int err;
2310         struct mr6_table *mrt;
2311         struct mfc6_cache *cache;
2312         struct rt6_info *rt = (struct rt6_info *)skb_dst(skb);
2313 
2314         mrt = ip6mr_get_table(net, RT6_TABLE_DFLT);
2315         if (!mrt)
2316                 return -ENOENT;
2317 
2318         read_lock(&mrt_lock);
2319         cache = ip6mr_cache_find(mrt, &rt->rt6i_src.addr, &rt->rt6i_dst.addr);
2320         if (!cache && skb->dev) {
2321                 int vif = ip6mr_find_vif(mrt, skb->dev);
2322 
2323                 if (vif >= 0)
2324                         cache = ip6mr_cache_find_any(mrt, &rt->rt6i_dst.addr,
2325                                                      vif);
2326         }
2327 
2328         if (!cache) {
2329                 struct sk_buff *skb2;
2330                 struct ipv6hdr *iph;
2331                 struct net_device *dev;
2332                 int vif;
2333 
2334                 dev = skb->dev;
2335                 if (!dev || (vif = ip6mr_find_vif(mrt, dev)) < 0) {
2336                         read_unlock(&mrt_lock);
2337                         return -ENODEV;
2338                 }
2339 
2340                 /* really correct? */
2341                 skb2 = alloc_skb(sizeof(struct ipv6hdr), GFP_ATOMIC);
2342                 if (!skb2) {
2343                         read_unlock(&mrt_lock);
2344                         return -ENOMEM;
2345                 }
2346 
2347                 NETLINK_CB(skb2).portid = portid;
2348                 skb_reset_transport_header(skb2);
2349 
2350                 skb_put(skb2, sizeof(struct ipv6hdr));
2351                 skb_reset_network_header(skb2);
2352 
2353                 iph = ipv6_hdr(skb2);
2354                 iph->version = 0;
2355                 iph->priority = 0;
2356                 iph->flow_lbl[0] = 0;
2357                 iph->flow_lbl[1] = 0;
2358                 iph->flow_lbl[2] = 0;
2359                 iph->payload_len = 0;
2360                 iph->nexthdr = IPPROTO_NONE;
2361                 iph->hop_limit = 0;
2362                 iph->saddr = rt->rt6i_src.addr;
2363                 iph->daddr = rt->rt6i_dst.addr;
2364 
2365                 err = ip6mr_cache_unresolved(mrt, vif, skb2);
2366                 read_unlock(&mrt_lock);
2367 
2368                 return err;
2369         }
2370 
2371         if (rtm->rtm_flags & RTM_F_NOTIFY)
2372                 cache->mfc_flags |= MFC_NOTIFY;
2373 
2374         err = __ip6mr_fill_mroute(mrt, skb, cache, rtm);
2375         read_unlock(&mrt_lock);
2376         return err;
2377 }
2378 
2379 static int ip6mr_fill_mroute(struct mr6_table *mrt, struct sk_buff *skb,
2380                              u32 portid, u32 seq, struct mfc6_cache *c, int cmd,
2381                              int flags)
2382 {
2383         struct nlmsghdr *nlh;
2384         struct rtmsg *rtm;
2385         int err;
2386 
2387         nlh = nlmsg_put(skb, portid, seq, cmd, sizeof(*rtm), flags);
2388         if (!nlh)
2389                 return -EMSGSIZE;
2390 
2391         rtm = nlmsg_data(nlh);
2392         rtm->rtm_family   = RTNL_FAMILY_IP6MR;
2393         rtm->rtm_dst_len  = 128;
2394         rtm->rtm_src_len  = 128;
2395         rtm->rtm_tos      = 0;
2396         rtm->rtm_table    = mrt->id;
2397         if (nla_put_u32(skb, RTA_TABLE, mrt->id))
2398                 goto nla_put_failure;
2399         rtm->rtm_type = RTN_MULTICAST;
2400         rtm->rtm_scope    = RT_SCOPE_UNIVERSE;
2401         if (c->mfc_flags & MFC_STATIC)
2402                 rtm->rtm_protocol = RTPROT_STATIC;
2403         else
2404                 rtm->rtm_protocol = RTPROT_MROUTED;
2405         rtm->rtm_flags    = 0;
2406 
2407         if (nla_put_in6_addr(skb, RTA_SRC, &c->mf6c_origin) ||
2408             nla_put_in6_addr(skb, RTA_DST, &c->mf6c_mcastgrp))
2409                 goto nla_put_failure;
2410         err = __ip6mr_fill_mroute(mrt, skb, c, rtm);
2411         /* do not break the dump if cache is unresolved */
2412         if (err < 0 && err != -ENOENT)
2413                 goto nla_put_failure;
2414 
2415         nlmsg_end(skb, nlh);
2416         return 0;
2417 
2418 nla_put_failure:
2419         nlmsg_cancel(skb, nlh);
2420         return -EMSGSIZE;
2421 }
2422 
2423 static int mr6_msgsize(bool unresolved, int maxvif)
2424 {
2425         size_t len =
2426                 NLMSG_ALIGN(sizeof(struct rtmsg))
2427                 + nla_total_size(4)     /* RTA_TABLE */
2428                 + nla_total_size(sizeof(struct in6_addr))       /* RTA_SRC */
2429                 + nla_total_size(sizeof(struct in6_addr))       /* RTA_DST */
2430                 ;
2431 
2432         if (!unresolved)
2433                 len = len
2434                       + nla_total_size(4)       /* RTA_IIF */
2435                       + nla_total_size(0)       /* RTA_MULTIPATH */
2436                       + maxvif * NLA_ALIGN(sizeof(struct rtnexthop))
2437                                                 /* RTA_MFC_STATS */
2438                       + nla_total_size_64bit(sizeof(struct rta_mfc_stats))
2439                 ;
2440 
2441         return len;
2442 }
2443 
2444 static void mr6_netlink_event(struct mr6_table *mrt, struct mfc6_cache *mfc,
2445                               int cmd)
2446 {
2447         struct net *net = read_pnet(&mrt->net);
2448         struct sk_buff *skb;
2449         int err = -ENOBUFS;
2450 
2451         skb = nlmsg_new(mr6_msgsize(mfc->mf6c_parent >= MAXMIFS, mrt->maxvif),
2452                         GFP_ATOMIC);
2453         if (!skb)
2454                 goto errout;
2455 
2456         err = ip6mr_fill_mroute(mrt, skb, 0, 0, mfc, cmd, 0);
2457         if (err < 0)
2458                 goto errout;
2459 
2460         rtnl_notify(skb, net, 0, RTNLGRP_IPV6_MROUTE, NULL, GFP_ATOMIC);
2461         return;
2462 
2463 errout:
2464         kfree_skb(skb);
2465         if (err < 0)
2466                 rtnl_set_sk_err(net, RTNLGRP_IPV6_MROUTE, err);
2467 }
2468 
2469 static size_t mrt6msg_netlink_msgsize(size_t payloadlen)
2470 {
2471         size_t len =
2472                 NLMSG_ALIGN(sizeof(struct rtgenmsg))
2473                 + nla_total_size(1)     /* IP6MRA_CREPORT_MSGTYPE */
2474                 + nla_total_size(4)     /* IP6MRA_CREPORT_MIF_ID */
2475                                         /* IP6MRA_CREPORT_SRC_ADDR */
2476                 + nla_total_size(sizeof(struct in6_addr))
2477                                         /* IP6MRA_CREPORT_DST_ADDR */
2478                 + nla_total_size(sizeof(struct in6_addr))
2479                                         /* IP6MRA_CREPORT_PKT */
2480                 + nla_total_size(payloadlen)
2481                 ;
2482 
2483         return len;
2484 }
2485 
2486 static void mrt6msg_netlink_event(struct mr6_table *mrt, struct sk_buff *pkt)
2487 {
2488         struct net *net = read_pnet(&mrt->net);
2489         struct nlmsghdr *nlh;
2490         struct rtgenmsg *rtgenm;
2491         struct mrt6msg *msg;
2492         struct sk_buff *skb;
2493         struct nlattr *nla;
2494         int payloadlen;
2495 
2496         payloadlen = pkt->len - sizeof(struct mrt6msg);
2497         msg = (struct mrt6msg *)skb_transport_header(pkt);
2498 
2499         skb = nlmsg_new(mrt6msg_netlink_msgsize(payloadlen), GFP_ATOMIC);
2500         if (!skb)
2501                 goto errout;
2502 
2503         nlh = nlmsg_put(skb, 0, 0, RTM_NEWCACHEREPORT,
2504                         sizeof(struct rtgenmsg), 0);
2505         if (!nlh)
2506                 goto errout;
2507         rtgenm = nlmsg_data(nlh);
2508         rtgenm->rtgen_family = RTNL_FAMILY_IP6MR;
2509         if (nla_put_u8(skb, IP6MRA_CREPORT_MSGTYPE, msg->im6_msgtype) ||
2510             nla_put_u32(skb, IP6MRA_CREPORT_MIF_ID, msg->im6_mif) ||
2511             nla_put_in6_addr(skb, IP6MRA_CREPORT_SRC_ADDR,
2512                              &msg->im6_src) ||
2513             nla_put_in6_addr(skb, IP6MRA_CREPORT_DST_ADDR,
2514                              &msg->im6_dst))
2515                 goto nla_put_failure;
2516 
2517         nla = nla_reserve(skb, IP6MRA_CREPORT_PKT, payloadlen);
2518         if (!nla || skb_copy_bits(pkt, sizeof(struct mrt6msg),
2519                                   nla_data(nla), payloadlen))
2520                 goto nla_put_failure;
2521 
2522         nlmsg_end(skb, nlh);
2523 
2524         rtnl_notify(skb, net, 0, RTNLGRP_IPV6_MROUTE_R, NULL, GFP_ATOMIC);
2525         return;
2526 
2527 nla_put_failure:
2528         nlmsg_cancel(skb, nlh);
2529 errout:
2530         kfree_skb(skb);
2531         rtnl_set_sk_err(net, RTNLGRP_IPV6_MROUTE_R, -ENOBUFS);
2532 }
2533 
2534 static int ip6mr_rtm_dumproute(struct sk_buff *skb, struct netlink_callback *cb)
2535 {
2536         struct net *net = sock_net(skb->sk);
2537         struct mr6_table *mrt;
2538         struct mfc6_cache *mfc;
2539         unsigned int t = 0, s_t;
2540         unsigned int h = 0, s_h;
2541         unsigned int e = 0, s_e;
2542 
2543         s_t = cb->args[0];
2544         s_h = cb->args[1];
2545         s_e = cb->args[2];
2546 
2547         read_lock(&mrt_lock);
2548         ip6mr_for_each_table(mrt, net) {
2549                 if (t < s_t)
2550                         goto next_table;
2551                 if (t > s_t)
2552                         s_h = 0;
2553                 for (h = s_h; h < MFC6_LINES; h++) {
2554                         list_for_each_entry(mfc, &mrt->mfc6_cache_array[h], list) {
2555                                 if (e < s_e)
2556                                         goto next_entry;
2557                                 if (ip6mr_fill_mroute(mrt, skb,
2558                                                       NETLINK_CB(cb->skb).portid,
2559                                                       cb->nlh->nlmsg_seq,
2560                                                       mfc, RTM_NEWROUTE,
2561                                                       NLM_F_MULTI) < 0)
2562                                         goto done;
2563 next_entry:
2564                                 e++;
2565                         }
2566                         e = s_e = 0;
2567                 }
2568                 spin_lock_bh(&mfc_unres_lock);
2569                 list_for_each_entry(mfc, &mrt->mfc6_unres_queue, list) {
2570                         if (e < s_e)
2571                                 goto next_entry2;
2572                         if (ip6mr_fill_mroute(mrt, skb,
2573                                               NETLINK_CB(cb->skb).portid,
2574                                               cb->nlh->nlmsg_seq,
2575                                               mfc, RTM_NEWROUTE,
2576                                               NLM_F_MULTI) < 0) {
2577                                 spin_unlock_bh(&mfc_unres_lock);
2578                                 goto done;
2579                         }
2580 next_entry2:
2581                         e++;
2582                 }
2583                 spin_unlock_bh(&mfc_unres_lock);
2584                 e = s_e = 0;
2585                 s_h = 0;
2586 next_table:
2587                 t++;
2588         }
2589 done:
2590         read_unlock(&mrt_lock);
2591 
2592         cb->args[2] = e;
2593         cb->args[1] = h;
2594         cb->args[0] = t;
2595 
2596         return skb->len;
2597 }
2598 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp