fix possible NULL deref on low memory condition in capidrv.c::send_message()
[linux-2.6/linux-acpi-2.6/ibm-acpi-2.6.git] / net / ipv4 / ipmr.c
blob37bb497d92af2af2d714ed4d4694d25a4b9c5471
1 /*
2 * IP multicast routing support for mrouted 3.6/3.8
4 * (c) 1995 Alan Cox, <alan@redhat.com>
5 * Linux Consultancy and Custom Driver Development
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version
10 * 2 of the License, or (at your option) any later version.
12 * Version: $Id: ipmr.c,v 1.65 2001/10/31 21:55:54 davem Exp $
14 * Fixes:
15 * Michael Chastain : Incorrect size of copying.
16 * Alan Cox : Added the cache manager code
17 * Alan Cox : Fixed the clone/copy bug and device race.
18 * Mike McLagan : Routing by source
19 * Malcolm Beattie : Buffer handling fixes.
20 * Alexey Kuznetsov : Double buffer free and other fixes.
21 * SVR Anand : Fixed several multicast bugs and problems.
22 * Alexey Kuznetsov : Status, optimisations and more.
23 * Brad Parker : Better behaviour on mrouted upcall
24 * overflow.
25 * Carlos Picoto : PIMv1 Support
26 * Pavlin Ivanov Radoslavov: PIMv2 Registers must checksum only PIM header
27 * Relax this requrement to work with older peers.
31 #include <asm/system.h>
32 #include <asm/uaccess.h>
33 #include <linux/types.h>
34 #include <linux/capability.h>
35 #include <linux/errno.h>
36 #include <linux/timer.h>
37 #include <linux/mm.h>
38 #include <linux/kernel.h>
39 #include <linux/fcntl.h>
40 #include <linux/stat.h>
41 #include <linux/socket.h>
42 #include <linux/in.h>
43 #include <linux/inet.h>
44 #include <linux/netdevice.h>
45 #include <linux/inetdevice.h>
46 #include <linux/igmp.h>
47 #include <linux/proc_fs.h>
48 #include <linux/seq_file.h>
49 #include <linux/mroute.h>
50 #include <linux/init.h>
51 #include <linux/if_ether.h>
52 #include <net/net_namespace.h>
53 #include <net/ip.h>
54 #include <net/protocol.h>
55 #include <linux/skbuff.h>
56 #include <net/route.h>
57 #include <net/sock.h>
58 #include <net/icmp.h>
59 #include <net/udp.h>
60 #include <net/raw.h>
61 #include <linux/notifier.h>
62 #include <linux/if_arp.h>
63 #include <linux/netfilter_ipv4.h>
64 #include <net/ipip.h>
65 #include <net/checksum.h>
66 #include <net/netlink.h>
68 #if defined(CONFIG_IP_PIMSM_V1) || defined(CONFIG_IP_PIMSM_V2)
69 #define CONFIG_IP_PIMSM 1
70 #endif
72 static struct sock *mroute_socket;
75 /* Big lock, protecting vif table, mrt cache and mroute socket state.
76 Note that the changes are semaphored via rtnl_lock.
79 static DEFINE_RWLOCK(mrt_lock);
82 * Multicast router control variables
85 static struct vif_device vif_table[MAXVIFS]; /* Devices */
86 static int maxvif;
88 #define VIF_EXISTS(idx) (vif_table[idx].dev != NULL)
90 static int mroute_do_assert; /* Set in PIM assert */
91 static int mroute_do_pim;
93 static struct mfc_cache *mfc_cache_array[MFC_LINES]; /* Forwarding cache */
95 static struct mfc_cache *mfc_unres_queue; /* Queue of unresolved entries */
96 static atomic_t cache_resolve_queue_len; /* Size of unresolved */
98 /* Special spinlock for queue of unresolved entries */
99 static DEFINE_SPINLOCK(mfc_unres_lock);
101 /* We return to original Alan's scheme. Hash table of resolved
102 entries is changed only in process context and protected
103 with weak lock mrt_lock. Queue of unresolved entries is protected
104 with strong spinlock mfc_unres_lock.
106 In this case data path is free of exclusive locks at all.
109 static struct kmem_cache *mrt_cachep __read_mostly;
111 static int ip_mr_forward(struct sk_buff *skb, struct mfc_cache *cache, int local);
112 static int ipmr_cache_report(struct sk_buff *pkt, vifi_t vifi, int assert);
113 static int ipmr_fill_mroute(struct sk_buff *skb, struct mfc_cache *c, struct rtmsg *rtm);
115 #ifdef CONFIG_IP_PIMSM_V2
116 static struct net_protocol pim_protocol;
117 #endif
119 static struct timer_list ipmr_expire_timer;
121 /* Service routines creating virtual interfaces: DVMRP tunnels and PIMREG */
123 static
124 struct net_device *ipmr_new_tunnel(struct vifctl *v)
126 struct net_device *dev;
128 dev = __dev_get_by_name(&init_net, "tunl0");
130 if (dev) {
131 int err;
132 struct ifreq ifr;
133 mm_segment_t oldfs;
134 struct ip_tunnel_parm p;
135 struct in_device *in_dev;
137 memset(&p, 0, sizeof(p));
138 p.iph.daddr = v->vifc_rmt_addr.s_addr;
139 p.iph.saddr = v->vifc_lcl_addr.s_addr;
140 p.iph.version = 4;
141 p.iph.ihl = 5;
142 p.iph.protocol = IPPROTO_IPIP;
143 sprintf(p.name, "dvmrp%d", v->vifc_vifi);
144 ifr.ifr_ifru.ifru_data = (void*)&p;
146 oldfs = get_fs(); set_fs(KERNEL_DS);
147 err = dev->do_ioctl(dev, &ifr, SIOCADDTUNNEL);
148 set_fs(oldfs);
150 dev = NULL;
152 if (err == 0 && (dev = __dev_get_by_name(&init_net, p.name)) != NULL) {
153 dev->flags |= IFF_MULTICAST;
155 in_dev = __in_dev_get_rtnl(dev);
156 if (in_dev == NULL)
157 goto failure;
159 ipv4_devconf_setall(in_dev);
160 IPV4_DEVCONF(in_dev->cnf, RP_FILTER) = 0;
162 if (dev_open(dev))
163 goto failure;
166 return dev;
168 failure:
169 /* allow the register to be completed before unregistering. */
170 rtnl_unlock();
171 rtnl_lock();
173 unregister_netdevice(dev);
174 return NULL;
177 #ifdef CONFIG_IP_PIMSM
179 static int reg_vif_num = -1;
181 static int reg_vif_xmit(struct sk_buff *skb, struct net_device *dev)
183 read_lock(&mrt_lock);
184 ((struct net_device_stats*)netdev_priv(dev))->tx_bytes += skb->len;
185 ((struct net_device_stats*)netdev_priv(dev))->tx_packets++;
186 ipmr_cache_report(skb, reg_vif_num, IGMPMSG_WHOLEPKT);
187 read_unlock(&mrt_lock);
188 kfree_skb(skb);
189 return 0;
192 static struct net_device_stats *reg_vif_get_stats(struct net_device *dev)
194 return (struct net_device_stats*)netdev_priv(dev);
197 static void reg_vif_setup(struct net_device *dev)
199 dev->type = ARPHRD_PIMREG;
200 dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr) - 8;
201 dev->flags = IFF_NOARP;
202 dev->hard_start_xmit = reg_vif_xmit;
203 dev->get_stats = reg_vif_get_stats;
204 dev->destructor = free_netdev;
207 static struct net_device *ipmr_reg_vif(void)
209 struct net_device *dev;
210 struct in_device *in_dev;
212 dev = alloc_netdev(sizeof(struct net_device_stats), "pimreg",
213 reg_vif_setup);
215 if (dev == NULL)
216 return NULL;
218 if (register_netdevice(dev)) {
219 free_netdev(dev);
220 return NULL;
222 dev->iflink = 0;
224 rcu_read_lock();
225 if ((in_dev = __in_dev_get_rcu(dev)) == NULL) {
226 rcu_read_unlock();
227 goto failure;
230 ipv4_devconf_setall(in_dev);
231 IPV4_DEVCONF(in_dev->cnf, RP_FILTER) = 0;
232 rcu_read_unlock();
234 if (dev_open(dev))
235 goto failure;
237 return dev;
239 failure:
240 /* allow the register to be completed before unregistering. */
241 rtnl_unlock();
242 rtnl_lock();
244 unregister_netdevice(dev);
245 return NULL;
247 #endif
250 * Delete a VIF entry
253 static int vif_delete(int vifi)
255 struct vif_device *v;
256 struct net_device *dev;
257 struct in_device *in_dev;
259 if (vifi < 0 || vifi >= maxvif)
260 return -EADDRNOTAVAIL;
262 v = &vif_table[vifi];
264 write_lock_bh(&mrt_lock);
265 dev = v->dev;
266 v->dev = NULL;
268 if (!dev) {
269 write_unlock_bh(&mrt_lock);
270 return -EADDRNOTAVAIL;
273 #ifdef CONFIG_IP_PIMSM
274 if (vifi == reg_vif_num)
275 reg_vif_num = -1;
276 #endif
278 if (vifi+1 == maxvif) {
279 int tmp;
280 for (tmp=vifi-1; tmp>=0; tmp--) {
281 if (VIF_EXISTS(tmp))
282 break;
284 maxvif = tmp+1;
287 write_unlock_bh(&mrt_lock);
289 dev_set_allmulti(dev, -1);
291 if ((in_dev = __in_dev_get_rtnl(dev)) != NULL) {
292 IPV4_DEVCONF(in_dev->cnf, MC_FORWARDING)--;
293 ip_rt_multicast_event(in_dev);
296 if (v->flags&(VIFF_TUNNEL|VIFF_REGISTER))
297 unregister_netdevice(dev);
299 dev_put(dev);
300 return 0;
303 /* Destroy an unresolved cache entry, killing queued skbs
304 and reporting error to netlink readers.
307 static void ipmr_destroy_unres(struct mfc_cache *c)
309 struct sk_buff *skb;
310 struct nlmsgerr *e;
312 atomic_dec(&cache_resolve_queue_len);
314 while ((skb=skb_dequeue(&c->mfc_un.unres.unresolved))) {
315 if (ip_hdr(skb)->version == 0) {
316 struct nlmsghdr *nlh = (struct nlmsghdr *)skb_pull(skb, sizeof(struct iphdr));
317 nlh->nlmsg_type = NLMSG_ERROR;
318 nlh->nlmsg_len = NLMSG_LENGTH(sizeof(struct nlmsgerr));
319 skb_trim(skb, nlh->nlmsg_len);
320 e = NLMSG_DATA(nlh);
321 e->error = -ETIMEDOUT;
322 memset(&e->msg, 0, sizeof(e->msg));
324 rtnl_unicast(skb, NETLINK_CB(skb).pid);
325 } else
326 kfree_skb(skb);
329 kmem_cache_free(mrt_cachep, c);
333 /* Single timer process for all the unresolved queue. */
335 static void ipmr_expire_process(unsigned long dummy)
337 unsigned long now;
338 unsigned long expires;
339 struct mfc_cache *c, **cp;
341 if (!spin_trylock(&mfc_unres_lock)) {
342 mod_timer(&ipmr_expire_timer, jiffies+HZ/10);
343 return;
346 if (atomic_read(&cache_resolve_queue_len) == 0)
347 goto out;
349 now = jiffies;
350 expires = 10*HZ;
351 cp = &mfc_unres_queue;
353 while ((c=*cp) != NULL) {
354 if (time_after(c->mfc_un.unres.expires, now)) {
355 unsigned long interval = c->mfc_un.unres.expires - now;
356 if (interval < expires)
357 expires = interval;
358 cp = &c->next;
359 continue;
362 *cp = c->next;
364 ipmr_destroy_unres(c);
367 if (atomic_read(&cache_resolve_queue_len))
368 mod_timer(&ipmr_expire_timer, jiffies + expires);
370 out:
371 spin_unlock(&mfc_unres_lock);
374 /* Fill oifs list. It is called under write locked mrt_lock. */
376 static void ipmr_update_thresholds(struct mfc_cache *cache, unsigned char *ttls)
378 int vifi;
380 cache->mfc_un.res.minvif = MAXVIFS;
381 cache->mfc_un.res.maxvif = 0;
382 memset(cache->mfc_un.res.ttls, 255, MAXVIFS);
384 for (vifi=0; vifi<maxvif; vifi++) {
385 if (VIF_EXISTS(vifi) && ttls[vifi] && ttls[vifi] < 255) {
386 cache->mfc_un.res.ttls[vifi] = ttls[vifi];
387 if (cache->mfc_un.res.minvif > vifi)
388 cache->mfc_un.res.minvif = vifi;
389 if (cache->mfc_un.res.maxvif <= vifi)
390 cache->mfc_un.res.maxvif = vifi + 1;
395 static int vif_add(struct vifctl *vifc, int mrtsock)
397 int vifi = vifc->vifc_vifi;
398 struct vif_device *v = &vif_table[vifi];
399 struct net_device *dev;
400 struct in_device *in_dev;
402 /* Is vif busy ? */
403 if (VIF_EXISTS(vifi))
404 return -EADDRINUSE;
406 switch (vifc->vifc_flags) {
407 #ifdef CONFIG_IP_PIMSM
408 case VIFF_REGISTER:
410 * Special Purpose VIF in PIM
411 * All the packets will be sent to the daemon
413 if (reg_vif_num >= 0)
414 return -EADDRINUSE;
415 dev = ipmr_reg_vif();
416 if (!dev)
417 return -ENOBUFS;
418 break;
419 #endif
420 case VIFF_TUNNEL:
421 dev = ipmr_new_tunnel(vifc);
422 if (!dev)
423 return -ENOBUFS;
424 break;
425 case 0:
426 dev = ip_dev_find(vifc->vifc_lcl_addr.s_addr);
427 if (!dev)
428 return -EADDRNOTAVAIL;
429 dev_put(dev);
430 break;
431 default:
432 return -EINVAL;
435 if ((in_dev = __in_dev_get_rtnl(dev)) == NULL)
436 return -EADDRNOTAVAIL;
437 IPV4_DEVCONF(in_dev->cnf, MC_FORWARDING)++;
438 dev_set_allmulti(dev, +1);
439 ip_rt_multicast_event(in_dev);
442 * Fill in the VIF structures
444 v->rate_limit=vifc->vifc_rate_limit;
445 v->local=vifc->vifc_lcl_addr.s_addr;
446 v->remote=vifc->vifc_rmt_addr.s_addr;
447 v->flags=vifc->vifc_flags;
448 if (!mrtsock)
449 v->flags |= VIFF_STATIC;
450 v->threshold=vifc->vifc_threshold;
451 v->bytes_in = 0;
452 v->bytes_out = 0;
453 v->pkt_in = 0;
454 v->pkt_out = 0;
455 v->link = dev->ifindex;
456 if (v->flags&(VIFF_TUNNEL|VIFF_REGISTER))
457 v->link = dev->iflink;
459 /* And finish update writing critical data */
460 write_lock_bh(&mrt_lock);
461 dev_hold(dev);
462 v->dev=dev;
463 #ifdef CONFIG_IP_PIMSM
464 if (v->flags&VIFF_REGISTER)
465 reg_vif_num = vifi;
466 #endif
467 if (vifi+1 > maxvif)
468 maxvif = vifi+1;
469 write_unlock_bh(&mrt_lock);
470 return 0;
473 static struct mfc_cache *ipmr_cache_find(__be32 origin, __be32 mcastgrp)
475 int line=MFC_HASH(mcastgrp,origin);
476 struct mfc_cache *c;
478 for (c=mfc_cache_array[line]; c; c = c->next) {
479 if (c->mfc_origin==origin && c->mfc_mcastgrp==mcastgrp)
480 break;
482 return c;
486 * Allocate a multicast cache entry
488 static struct mfc_cache *ipmr_cache_alloc(void)
490 struct mfc_cache *c=kmem_cache_zalloc(mrt_cachep, GFP_KERNEL);
491 if (c==NULL)
492 return NULL;
493 c->mfc_un.res.minvif = MAXVIFS;
494 return c;
497 static struct mfc_cache *ipmr_cache_alloc_unres(void)
499 struct mfc_cache *c=kmem_cache_zalloc(mrt_cachep, GFP_ATOMIC);
500 if (c==NULL)
501 return NULL;
502 skb_queue_head_init(&c->mfc_un.unres.unresolved);
503 c->mfc_un.unres.expires = jiffies + 10*HZ;
504 return c;
508 * A cache entry has gone into a resolved state from queued
511 static void ipmr_cache_resolve(struct mfc_cache *uc, struct mfc_cache *c)
513 struct sk_buff *skb;
514 struct nlmsgerr *e;
517 * Play the pending entries through our router
520 while ((skb=__skb_dequeue(&uc->mfc_un.unres.unresolved))) {
521 if (ip_hdr(skb)->version == 0) {
522 struct nlmsghdr *nlh = (struct nlmsghdr *)skb_pull(skb, sizeof(struct iphdr));
524 if (ipmr_fill_mroute(skb, c, NLMSG_DATA(nlh)) > 0) {
525 nlh->nlmsg_len = (skb_tail_pointer(skb) -
526 (u8 *)nlh);
527 } else {
528 nlh->nlmsg_type = NLMSG_ERROR;
529 nlh->nlmsg_len = NLMSG_LENGTH(sizeof(struct nlmsgerr));
530 skb_trim(skb, nlh->nlmsg_len);
531 e = NLMSG_DATA(nlh);
532 e->error = -EMSGSIZE;
533 memset(&e->msg, 0, sizeof(e->msg));
536 rtnl_unicast(skb, NETLINK_CB(skb).pid);
537 } else
538 ip_mr_forward(skb, c, 0);
543 * Bounce a cache query up to mrouted. We could use netlink for this but mrouted
544 * expects the following bizarre scheme.
546 * Called under mrt_lock.
549 static int ipmr_cache_report(struct sk_buff *pkt, vifi_t vifi, int assert)
551 struct sk_buff *skb;
552 const int ihl = ip_hdrlen(pkt);
553 struct igmphdr *igmp;
554 struct igmpmsg *msg;
555 int ret;
557 #ifdef CONFIG_IP_PIMSM
558 if (assert == IGMPMSG_WHOLEPKT)
559 skb = skb_realloc_headroom(pkt, sizeof(struct iphdr));
560 else
561 #endif
562 skb = alloc_skb(128, GFP_ATOMIC);
564 if (!skb)
565 return -ENOBUFS;
567 #ifdef CONFIG_IP_PIMSM
568 if (assert == IGMPMSG_WHOLEPKT) {
569 /* Ugly, but we have no choice with this interface.
570 Duplicate old header, fix ihl, length etc.
571 And all this only to mangle msg->im_msgtype and
572 to set msg->im_mbz to "mbz" :-)
574 skb_push(skb, sizeof(struct iphdr));
575 skb_reset_network_header(skb);
576 skb_reset_transport_header(skb);
577 msg = (struct igmpmsg *)skb_network_header(skb);
578 memcpy(msg, skb_network_header(pkt), sizeof(struct iphdr));
579 msg->im_msgtype = IGMPMSG_WHOLEPKT;
580 msg->im_mbz = 0;
581 msg->im_vif = reg_vif_num;
582 ip_hdr(skb)->ihl = sizeof(struct iphdr) >> 2;
583 ip_hdr(skb)->tot_len = htons(ntohs(ip_hdr(pkt)->tot_len) +
584 sizeof(struct iphdr));
585 } else
586 #endif
590 * Copy the IP header
593 skb->network_header = skb->tail;
594 skb_put(skb, ihl);
595 skb_copy_to_linear_data(skb, pkt->data, ihl);
596 ip_hdr(skb)->protocol = 0; /* Flag to the kernel this is a route add */
597 msg = (struct igmpmsg *)skb_network_header(skb);
598 msg->im_vif = vifi;
599 skb->dst = dst_clone(pkt->dst);
602 * Add our header
605 igmp=(struct igmphdr *)skb_put(skb,sizeof(struct igmphdr));
606 igmp->type =
607 msg->im_msgtype = assert;
608 igmp->code = 0;
609 ip_hdr(skb)->tot_len = htons(skb->len); /* Fix the length */
610 skb->transport_header = skb->network_header;
613 if (mroute_socket == NULL) {
614 kfree_skb(skb);
615 return -EINVAL;
619 * Deliver to mrouted
621 if ((ret=sock_queue_rcv_skb(mroute_socket,skb))<0) {
622 if (net_ratelimit())
623 printk(KERN_WARNING "mroute: pending queue full, dropping entries.\n");
624 kfree_skb(skb);
627 return ret;
631 * Queue a packet for resolution. It gets locked cache entry!
634 static int
635 ipmr_cache_unresolved(vifi_t vifi, struct sk_buff *skb)
637 int err;
638 struct mfc_cache *c;
639 const struct iphdr *iph = ip_hdr(skb);
641 spin_lock_bh(&mfc_unres_lock);
642 for (c=mfc_unres_queue; c; c=c->next) {
643 if (c->mfc_mcastgrp == iph->daddr &&
644 c->mfc_origin == iph->saddr)
645 break;
648 if (c == NULL) {
650 * Create a new entry if allowable
653 if (atomic_read(&cache_resolve_queue_len)>=10 ||
654 (c=ipmr_cache_alloc_unres())==NULL) {
655 spin_unlock_bh(&mfc_unres_lock);
657 kfree_skb(skb);
658 return -ENOBUFS;
662 * Fill in the new cache entry
664 c->mfc_parent = -1;
665 c->mfc_origin = iph->saddr;
666 c->mfc_mcastgrp = iph->daddr;
669 * Reflect first query at mrouted.
671 if ((err = ipmr_cache_report(skb, vifi, IGMPMSG_NOCACHE))<0) {
672 /* If the report failed throw the cache entry
673 out - Brad Parker
675 spin_unlock_bh(&mfc_unres_lock);
677 kmem_cache_free(mrt_cachep, c);
678 kfree_skb(skb);
679 return err;
682 atomic_inc(&cache_resolve_queue_len);
683 c->next = mfc_unres_queue;
684 mfc_unres_queue = c;
686 mod_timer(&ipmr_expire_timer, c->mfc_un.unres.expires);
690 * See if we can append the packet
692 if (c->mfc_un.unres.unresolved.qlen>3) {
693 kfree_skb(skb);
694 err = -ENOBUFS;
695 } else {
696 skb_queue_tail(&c->mfc_un.unres.unresolved,skb);
697 err = 0;
700 spin_unlock_bh(&mfc_unres_lock);
701 return err;
705 * MFC cache manipulation by user space mroute daemon
708 static int ipmr_mfc_delete(struct mfcctl *mfc)
710 int line;
711 struct mfc_cache *c, **cp;
713 line=MFC_HASH(mfc->mfcc_mcastgrp.s_addr, mfc->mfcc_origin.s_addr);
715 for (cp=&mfc_cache_array[line]; (c=*cp) != NULL; cp = &c->next) {
716 if (c->mfc_origin == mfc->mfcc_origin.s_addr &&
717 c->mfc_mcastgrp == mfc->mfcc_mcastgrp.s_addr) {
718 write_lock_bh(&mrt_lock);
719 *cp = c->next;
720 write_unlock_bh(&mrt_lock);
722 kmem_cache_free(mrt_cachep, c);
723 return 0;
726 return -ENOENT;
729 static int ipmr_mfc_add(struct mfcctl *mfc, int mrtsock)
731 int line;
732 struct mfc_cache *uc, *c, **cp;
734 line=MFC_HASH(mfc->mfcc_mcastgrp.s_addr, mfc->mfcc_origin.s_addr);
736 for (cp=&mfc_cache_array[line]; (c=*cp) != NULL; cp = &c->next) {
737 if (c->mfc_origin == mfc->mfcc_origin.s_addr &&
738 c->mfc_mcastgrp == mfc->mfcc_mcastgrp.s_addr)
739 break;
742 if (c != NULL) {
743 write_lock_bh(&mrt_lock);
744 c->mfc_parent = mfc->mfcc_parent;
745 ipmr_update_thresholds(c, mfc->mfcc_ttls);
746 if (!mrtsock)
747 c->mfc_flags |= MFC_STATIC;
748 write_unlock_bh(&mrt_lock);
749 return 0;
752 if (!MULTICAST(mfc->mfcc_mcastgrp.s_addr))
753 return -EINVAL;
755 c=ipmr_cache_alloc();
756 if (c==NULL)
757 return -ENOMEM;
759 c->mfc_origin=mfc->mfcc_origin.s_addr;
760 c->mfc_mcastgrp=mfc->mfcc_mcastgrp.s_addr;
761 c->mfc_parent=mfc->mfcc_parent;
762 ipmr_update_thresholds(c, mfc->mfcc_ttls);
763 if (!mrtsock)
764 c->mfc_flags |= MFC_STATIC;
766 write_lock_bh(&mrt_lock);
767 c->next = mfc_cache_array[line];
768 mfc_cache_array[line] = c;
769 write_unlock_bh(&mrt_lock);
772 * Check to see if we resolved a queued list. If so we
773 * need to send on the frames and tidy up.
775 spin_lock_bh(&mfc_unres_lock);
776 for (cp = &mfc_unres_queue; (uc=*cp) != NULL;
777 cp = &uc->next) {
778 if (uc->mfc_origin == c->mfc_origin &&
779 uc->mfc_mcastgrp == c->mfc_mcastgrp) {
780 *cp = uc->next;
781 if (atomic_dec_and_test(&cache_resolve_queue_len))
782 del_timer(&ipmr_expire_timer);
783 break;
786 spin_unlock_bh(&mfc_unres_lock);
788 if (uc) {
789 ipmr_cache_resolve(uc, c);
790 kmem_cache_free(mrt_cachep, uc);
792 return 0;
796 * Close the multicast socket, and clear the vif tables etc
799 static void mroute_clean_tables(struct sock *sk)
801 int i;
804 * Shut down all active vif entries
806 for (i=0; i<maxvif; i++) {
807 if (!(vif_table[i].flags&VIFF_STATIC))
808 vif_delete(i);
812 * Wipe the cache
814 for (i=0;i<MFC_LINES;i++) {
815 struct mfc_cache *c, **cp;
817 cp = &mfc_cache_array[i];
818 while ((c = *cp) != NULL) {
819 if (c->mfc_flags&MFC_STATIC) {
820 cp = &c->next;
821 continue;
823 write_lock_bh(&mrt_lock);
824 *cp = c->next;
825 write_unlock_bh(&mrt_lock);
827 kmem_cache_free(mrt_cachep, c);
831 if (atomic_read(&cache_resolve_queue_len) != 0) {
832 struct mfc_cache *c;
834 spin_lock_bh(&mfc_unres_lock);
835 while (mfc_unres_queue != NULL) {
836 c = mfc_unres_queue;
837 mfc_unres_queue = c->next;
838 spin_unlock_bh(&mfc_unres_lock);
840 ipmr_destroy_unres(c);
842 spin_lock_bh(&mfc_unres_lock);
844 spin_unlock_bh(&mfc_unres_lock);
848 static void mrtsock_destruct(struct sock *sk)
850 rtnl_lock();
851 if (sk == mroute_socket) {
852 IPV4_DEVCONF_ALL(MC_FORWARDING)--;
854 write_lock_bh(&mrt_lock);
855 mroute_socket=NULL;
856 write_unlock_bh(&mrt_lock);
858 mroute_clean_tables(sk);
860 rtnl_unlock();
864 * Socket options and virtual interface manipulation. The whole
865 * virtual interface system is a complete heap, but unfortunately
866 * that's how BSD mrouted happens to think. Maybe one day with a proper
867 * MOSPF/PIM router set up we can clean this up.
870 int ip_mroute_setsockopt(struct sock *sk,int optname,char __user *optval,int optlen)
872 int ret;
873 struct vifctl vif;
874 struct mfcctl mfc;
876 if (optname != MRT_INIT) {
877 if (sk != mroute_socket && !capable(CAP_NET_ADMIN))
878 return -EACCES;
881 switch (optname) {
882 case MRT_INIT:
883 if (sk->sk_type != SOCK_RAW ||
884 inet_sk(sk)->num != IPPROTO_IGMP)
885 return -EOPNOTSUPP;
886 if (optlen!=sizeof(int))
887 return -ENOPROTOOPT;
889 rtnl_lock();
890 if (mroute_socket) {
891 rtnl_unlock();
892 return -EADDRINUSE;
895 ret = ip_ra_control(sk, 1, mrtsock_destruct);
896 if (ret == 0) {
897 write_lock_bh(&mrt_lock);
898 mroute_socket=sk;
899 write_unlock_bh(&mrt_lock);
901 IPV4_DEVCONF_ALL(MC_FORWARDING)++;
903 rtnl_unlock();
904 return ret;
905 case MRT_DONE:
906 if (sk!=mroute_socket)
907 return -EACCES;
908 return ip_ra_control(sk, 0, NULL);
909 case MRT_ADD_VIF:
910 case MRT_DEL_VIF:
911 if (optlen!=sizeof(vif))
912 return -EINVAL;
913 if (copy_from_user(&vif,optval,sizeof(vif)))
914 return -EFAULT;
915 if (vif.vifc_vifi >= MAXVIFS)
916 return -ENFILE;
917 rtnl_lock();
918 if (optname==MRT_ADD_VIF) {
919 ret = vif_add(&vif, sk==mroute_socket);
920 } else {
921 ret = vif_delete(vif.vifc_vifi);
923 rtnl_unlock();
924 return ret;
927 * Manipulate the forwarding caches. These live
928 * in a sort of kernel/user symbiosis.
930 case MRT_ADD_MFC:
931 case MRT_DEL_MFC:
932 if (optlen!=sizeof(mfc))
933 return -EINVAL;
934 if (copy_from_user(&mfc,optval, sizeof(mfc)))
935 return -EFAULT;
936 rtnl_lock();
937 if (optname==MRT_DEL_MFC)
938 ret = ipmr_mfc_delete(&mfc);
939 else
940 ret = ipmr_mfc_add(&mfc, sk==mroute_socket);
941 rtnl_unlock();
942 return ret;
944 * Control PIM assert.
946 case MRT_ASSERT:
948 int v;
949 if (get_user(v,(int __user *)optval))
950 return -EFAULT;
951 mroute_do_assert=(v)?1:0;
952 return 0;
954 #ifdef CONFIG_IP_PIMSM
955 case MRT_PIM:
957 int v, ret;
958 if (get_user(v,(int __user *)optval))
959 return -EFAULT;
960 v = (v)?1:0;
961 rtnl_lock();
962 ret = 0;
963 if (v != mroute_do_pim) {
964 mroute_do_pim = v;
965 mroute_do_assert = v;
966 #ifdef CONFIG_IP_PIMSM_V2
967 if (mroute_do_pim)
968 ret = inet_add_protocol(&pim_protocol,
969 IPPROTO_PIM);
970 else
971 ret = inet_del_protocol(&pim_protocol,
972 IPPROTO_PIM);
973 if (ret < 0)
974 ret = -EAGAIN;
975 #endif
977 rtnl_unlock();
978 return ret;
980 #endif
982 * Spurious command, or MRT_VERSION which you cannot
983 * set.
985 default:
986 return -ENOPROTOOPT;
991 * Getsock opt support for the multicast routing system.
994 int ip_mroute_getsockopt(struct sock *sk,int optname,char __user *optval,int __user *optlen)
996 int olr;
997 int val;
999 if (optname!=MRT_VERSION &&
1000 #ifdef CONFIG_IP_PIMSM
1001 optname!=MRT_PIM &&
1002 #endif
1003 optname!=MRT_ASSERT)
1004 return -ENOPROTOOPT;
1006 if (get_user(olr, optlen))
1007 return -EFAULT;
1009 olr = min_t(unsigned int, olr, sizeof(int));
1010 if (olr < 0)
1011 return -EINVAL;
1013 if (put_user(olr,optlen))
1014 return -EFAULT;
1015 if (optname==MRT_VERSION)
1016 val=0x0305;
1017 #ifdef CONFIG_IP_PIMSM
1018 else if (optname==MRT_PIM)
1019 val=mroute_do_pim;
1020 #endif
1021 else
1022 val=mroute_do_assert;
1023 if (copy_to_user(optval,&val,olr))
1024 return -EFAULT;
1025 return 0;
1029 * The IP multicast ioctl support routines.
1032 int ipmr_ioctl(struct sock *sk, int cmd, void __user *arg)
1034 struct sioc_sg_req sr;
1035 struct sioc_vif_req vr;
1036 struct vif_device *vif;
1037 struct mfc_cache *c;
1039 switch (cmd) {
1040 case SIOCGETVIFCNT:
1041 if (copy_from_user(&vr,arg,sizeof(vr)))
1042 return -EFAULT;
1043 if (vr.vifi>=maxvif)
1044 return -EINVAL;
1045 read_lock(&mrt_lock);
1046 vif=&vif_table[vr.vifi];
1047 if (VIF_EXISTS(vr.vifi)) {
1048 vr.icount=vif->pkt_in;
1049 vr.ocount=vif->pkt_out;
1050 vr.ibytes=vif->bytes_in;
1051 vr.obytes=vif->bytes_out;
1052 read_unlock(&mrt_lock);
1054 if (copy_to_user(arg,&vr,sizeof(vr)))
1055 return -EFAULT;
1056 return 0;
1058 read_unlock(&mrt_lock);
1059 return -EADDRNOTAVAIL;
1060 case SIOCGETSGCNT:
1061 if (copy_from_user(&sr,arg,sizeof(sr)))
1062 return -EFAULT;
1064 read_lock(&mrt_lock);
1065 c = ipmr_cache_find(sr.src.s_addr, sr.grp.s_addr);
1066 if (c) {
1067 sr.pktcnt = c->mfc_un.res.pkt;
1068 sr.bytecnt = c->mfc_un.res.bytes;
1069 sr.wrong_if = c->mfc_un.res.wrong_if;
1070 read_unlock(&mrt_lock);
1072 if (copy_to_user(arg,&sr,sizeof(sr)))
1073 return -EFAULT;
1074 return 0;
1076 read_unlock(&mrt_lock);
1077 return -EADDRNOTAVAIL;
1078 default:
1079 return -ENOIOCTLCMD;
1084 static int ipmr_device_event(struct notifier_block *this, unsigned long event, void *ptr)
1086 struct net_device *dev = ptr;
1087 struct vif_device *v;
1088 int ct;
1090 if (dev->nd_net != &init_net)
1091 return NOTIFY_DONE;
1093 if (event != NETDEV_UNREGISTER)
1094 return NOTIFY_DONE;
1095 v=&vif_table[0];
1096 for (ct=0;ct<maxvif;ct++,v++) {
1097 if (v->dev==dev)
1098 vif_delete(ct);
1100 return NOTIFY_DONE;
1104 static struct notifier_block ip_mr_notifier={
1105 .notifier_call = ipmr_device_event,
1109 * Encapsulate a packet by attaching a valid IPIP header to it.
1110 * This avoids tunnel drivers and other mess and gives us the speed so
1111 * important for multicast video.
1114 static void ip_encap(struct sk_buff *skb, __be32 saddr, __be32 daddr)
1116 struct iphdr *iph;
1117 struct iphdr *old_iph = ip_hdr(skb);
1119 skb_push(skb, sizeof(struct iphdr));
1120 skb->transport_header = skb->network_header;
1121 skb_reset_network_header(skb);
1122 iph = ip_hdr(skb);
1124 iph->version = 4;
1125 iph->tos = old_iph->tos;
1126 iph->ttl = old_iph->ttl;
1127 iph->frag_off = 0;
1128 iph->daddr = daddr;
1129 iph->saddr = saddr;
1130 iph->protocol = IPPROTO_IPIP;
1131 iph->ihl = 5;
1132 iph->tot_len = htons(skb->len);
1133 ip_select_ident(iph, skb->dst, NULL);
1134 ip_send_check(iph);
1136 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
1137 nf_reset(skb);
1140 static inline int ipmr_forward_finish(struct sk_buff *skb)
1142 struct ip_options * opt = &(IPCB(skb)->opt);
1144 IP_INC_STATS_BH(IPSTATS_MIB_OUTFORWDATAGRAMS);
1146 if (unlikely(opt->optlen))
1147 ip_forward_options(skb);
1149 return dst_output(skb);
1153 * Processing handlers for ipmr_forward
1156 static void ipmr_queue_xmit(struct sk_buff *skb, struct mfc_cache *c, int vifi)
1158 const struct iphdr *iph = ip_hdr(skb);
1159 struct vif_device *vif = &vif_table[vifi];
1160 struct net_device *dev;
1161 struct rtable *rt;
1162 int encap = 0;
1164 if (vif->dev == NULL)
1165 goto out_free;
1167 #ifdef CONFIG_IP_PIMSM
1168 if (vif->flags & VIFF_REGISTER) {
1169 vif->pkt_out++;
1170 vif->bytes_out+=skb->len;
1171 ((struct net_device_stats*)netdev_priv(vif->dev))->tx_bytes += skb->len;
1172 ((struct net_device_stats*)netdev_priv(vif->dev))->tx_packets++;
1173 ipmr_cache_report(skb, vifi, IGMPMSG_WHOLEPKT);
1174 kfree_skb(skb);
1175 return;
1177 #endif
1179 if (vif->flags&VIFF_TUNNEL) {
1180 struct flowi fl = { .oif = vif->link,
1181 .nl_u = { .ip4_u =
1182 { .daddr = vif->remote,
1183 .saddr = vif->local,
1184 .tos = RT_TOS(iph->tos) } },
1185 .proto = IPPROTO_IPIP };
1186 if (ip_route_output_key(&rt, &fl))
1187 goto out_free;
1188 encap = sizeof(struct iphdr);
1189 } else {
1190 struct flowi fl = { .oif = vif->link,
1191 .nl_u = { .ip4_u =
1192 { .daddr = iph->daddr,
1193 .tos = RT_TOS(iph->tos) } },
1194 .proto = IPPROTO_IPIP };
1195 if (ip_route_output_key(&rt, &fl))
1196 goto out_free;
1199 dev = rt->u.dst.dev;
1201 if (skb->len+encap > dst_mtu(&rt->u.dst) && (ntohs(iph->frag_off) & IP_DF)) {
1202 /* Do not fragment multicasts. Alas, IPv4 does not
1203 allow to send ICMP, so that packets will disappear
1204 to blackhole.
1207 IP_INC_STATS_BH(IPSTATS_MIB_FRAGFAILS);
1208 ip_rt_put(rt);
1209 goto out_free;
1212 encap += LL_RESERVED_SPACE(dev) + rt->u.dst.header_len;
1214 if (skb_cow(skb, encap)) {
1215 ip_rt_put(rt);
1216 goto out_free;
1219 vif->pkt_out++;
1220 vif->bytes_out+=skb->len;
1222 dst_release(skb->dst);
1223 skb->dst = &rt->u.dst;
1224 ip_decrease_ttl(ip_hdr(skb));
1226 /* FIXME: forward and output firewalls used to be called here.
1227 * What do we do with netfilter? -- RR */
1228 if (vif->flags & VIFF_TUNNEL) {
1229 ip_encap(skb, vif->local, vif->remote);
1230 /* FIXME: extra output firewall step used to be here. --RR */
1231 ((struct ip_tunnel *)netdev_priv(vif->dev))->stat.tx_packets++;
1232 ((struct ip_tunnel *)netdev_priv(vif->dev))->stat.tx_bytes+=skb->len;
1235 IPCB(skb)->flags |= IPSKB_FORWARDED;
1238 * RFC1584 teaches, that DVMRP/PIM router must deliver packets locally
1239 * not only before forwarding, but after forwarding on all output
1240 * interfaces. It is clear, if mrouter runs a multicasting
1241 * program, it should receive packets not depending to what interface
1242 * program is joined.
1243 * If we will not make it, the program will have to join on all
1244 * interfaces. On the other hand, multihoming host (or router, but
1245 * not mrouter) cannot join to more than one interface - it will
1246 * result in receiving multiple packets.
1248 NF_HOOK(PF_INET, NF_IP_FORWARD, skb, skb->dev, dev,
1249 ipmr_forward_finish);
1250 return;
1252 out_free:
1253 kfree_skb(skb);
1254 return;
1257 static int ipmr_find_vif(struct net_device *dev)
1259 int ct;
1260 for (ct=maxvif-1; ct>=0; ct--) {
1261 if (vif_table[ct].dev == dev)
1262 break;
1264 return ct;
1267 /* "local" means that we should preserve one skb (for local delivery) */
1269 static int ip_mr_forward(struct sk_buff *skb, struct mfc_cache *cache, int local)
1271 int psend = -1;
1272 int vif, ct;
1274 vif = cache->mfc_parent;
1275 cache->mfc_un.res.pkt++;
1276 cache->mfc_un.res.bytes += skb->len;
1279 * Wrong interface: drop packet and (maybe) send PIM assert.
1281 if (vif_table[vif].dev != skb->dev) {
1282 int true_vifi;
1284 if (((struct rtable*)skb->dst)->fl.iif == 0) {
1285 /* It is our own packet, looped back.
1286 Very complicated situation...
1288 The best workaround until routing daemons will be
1289 fixed is not to redistribute packet, if it was
1290 send through wrong interface. It means, that
1291 multicast applications WILL NOT work for
1292 (S,G), which have default multicast route pointing
1293 to wrong oif. In any case, it is not a good
1294 idea to use multicasting applications on router.
1296 goto dont_forward;
1299 cache->mfc_un.res.wrong_if++;
1300 true_vifi = ipmr_find_vif(skb->dev);
1302 if (true_vifi >= 0 && mroute_do_assert &&
1303 /* pimsm uses asserts, when switching from RPT to SPT,
1304 so that we cannot check that packet arrived on an oif.
1305 It is bad, but otherwise we would need to move pretty
1306 large chunk of pimd to kernel. Ough... --ANK
1308 (mroute_do_pim || cache->mfc_un.res.ttls[true_vifi] < 255) &&
1309 time_after(jiffies,
1310 cache->mfc_un.res.last_assert + MFC_ASSERT_THRESH)) {
1311 cache->mfc_un.res.last_assert = jiffies;
1312 ipmr_cache_report(skb, true_vifi, IGMPMSG_WRONGVIF);
1314 goto dont_forward;
1317 vif_table[vif].pkt_in++;
1318 vif_table[vif].bytes_in+=skb->len;
1321 * Forward the frame
1323 for (ct = cache->mfc_un.res.maxvif-1; ct >= cache->mfc_un.res.minvif; ct--) {
1324 if (ip_hdr(skb)->ttl > cache->mfc_un.res.ttls[ct]) {
1325 if (psend != -1) {
1326 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
1327 if (skb2)
1328 ipmr_queue_xmit(skb2, cache, psend);
1330 psend=ct;
1333 if (psend != -1) {
1334 if (local) {
1335 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
1336 if (skb2)
1337 ipmr_queue_xmit(skb2, cache, psend);
1338 } else {
1339 ipmr_queue_xmit(skb, cache, psend);
1340 return 0;
1344 dont_forward:
1345 if (!local)
1346 kfree_skb(skb);
1347 return 0;
1352 * Multicast packets for forwarding arrive here
1355 int ip_mr_input(struct sk_buff *skb)
1357 struct mfc_cache *cache;
1358 int local = ((struct rtable*)skb->dst)->rt_flags&RTCF_LOCAL;
1360 /* Packet is looped back after forward, it should not be
1361 forwarded second time, but still can be delivered locally.
1363 if (IPCB(skb)->flags&IPSKB_FORWARDED)
1364 goto dont_forward;
1366 if (!local) {
1367 if (IPCB(skb)->opt.router_alert) {
1368 if (ip_call_ra_chain(skb))
1369 return 0;
1370 } else if (ip_hdr(skb)->protocol == IPPROTO_IGMP){
1371 /* IGMPv1 (and broken IGMPv2 implementations sort of
1372 Cisco IOS <= 11.2(8)) do not put router alert
1373 option to IGMP packets destined to routable
1374 groups. It is very bad, because it means
1375 that we can forward NO IGMP messages.
1377 read_lock(&mrt_lock);
1378 if (mroute_socket) {
1379 nf_reset(skb);
1380 raw_rcv(mroute_socket, skb);
1381 read_unlock(&mrt_lock);
1382 return 0;
1384 read_unlock(&mrt_lock);
1388 read_lock(&mrt_lock);
1389 cache = ipmr_cache_find(ip_hdr(skb)->saddr, ip_hdr(skb)->daddr);
1392 * No usable cache entry
1394 if (cache==NULL) {
1395 int vif;
1397 if (local) {
1398 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
1399 ip_local_deliver(skb);
1400 if (skb2 == NULL) {
1401 read_unlock(&mrt_lock);
1402 return -ENOBUFS;
1404 skb = skb2;
1407 vif = ipmr_find_vif(skb->dev);
1408 if (vif >= 0) {
1409 int err = ipmr_cache_unresolved(vif, skb);
1410 read_unlock(&mrt_lock);
1412 return err;
1414 read_unlock(&mrt_lock);
1415 kfree_skb(skb);
1416 return -ENODEV;
1419 ip_mr_forward(skb, cache, local);
1421 read_unlock(&mrt_lock);
1423 if (local)
1424 return ip_local_deliver(skb);
1426 return 0;
1428 dont_forward:
1429 if (local)
1430 return ip_local_deliver(skb);
1431 kfree_skb(skb);
1432 return 0;
1435 #ifdef CONFIG_IP_PIMSM_V1
1437 * Handle IGMP messages of PIMv1
1440 int pim_rcv_v1(struct sk_buff * skb)
1442 struct igmphdr *pim;
1443 struct iphdr *encap;
1444 struct net_device *reg_dev = NULL;
1446 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(*encap)))
1447 goto drop;
1449 pim = igmp_hdr(skb);
1451 if (!mroute_do_pim ||
1452 skb->len < sizeof(*pim) + sizeof(*encap) ||
1453 pim->group != PIM_V1_VERSION || pim->code != PIM_V1_REGISTER)
1454 goto drop;
1456 encap = (struct iphdr *)(skb_transport_header(skb) +
1457 sizeof(struct igmphdr));
1459 Check that:
1460 a. packet is really destinted to a multicast group
1461 b. packet is not a NULL-REGISTER
1462 c. packet is not truncated
1464 if (!MULTICAST(encap->daddr) ||
1465 encap->tot_len == 0 ||
1466 ntohs(encap->tot_len) + sizeof(*pim) > skb->len)
1467 goto drop;
1469 read_lock(&mrt_lock);
1470 if (reg_vif_num >= 0)
1471 reg_dev = vif_table[reg_vif_num].dev;
1472 if (reg_dev)
1473 dev_hold(reg_dev);
1474 read_unlock(&mrt_lock);
1476 if (reg_dev == NULL)
1477 goto drop;
1479 skb->mac_header = skb->network_header;
1480 skb_pull(skb, (u8*)encap - skb->data);
1481 skb_reset_network_header(skb);
1482 skb->dev = reg_dev;
1483 skb->protocol = htons(ETH_P_IP);
1484 skb->ip_summed = 0;
1485 skb->pkt_type = PACKET_HOST;
1486 dst_release(skb->dst);
1487 skb->dst = NULL;
1488 ((struct net_device_stats*)netdev_priv(reg_dev))->rx_bytes += skb->len;
1489 ((struct net_device_stats*)netdev_priv(reg_dev))->rx_packets++;
1490 nf_reset(skb);
1491 netif_rx(skb);
1492 dev_put(reg_dev);
1493 return 0;
1494 drop:
1495 kfree_skb(skb);
1496 return 0;
1498 #endif
1500 #ifdef CONFIG_IP_PIMSM_V2
1501 static int pim_rcv(struct sk_buff * skb)
1503 struct pimreghdr *pim;
1504 struct iphdr *encap;
1505 struct net_device *reg_dev = NULL;
1507 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(*encap)))
1508 goto drop;
1510 pim = (struct pimreghdr *)skb_transport_header(skb);
1511 if (pim->type != ((PIM_VERSION<<4)|(PIM_REGISTER)) ||
1512 (pim->flags&PIM_NULL_REGISTER) ||
1513 (ip_compute_csum((void *)pim, sizeof(*pim)) != 0 &&
1514 csum_fold(skb_checksum(skb, 0, skb->len, 0))))
1515 goto drop;
1517 /* check if the inner packet is destined to mcast group */
1518 encap = (struct iphdr *)(skb_transport_header(skb) +
1519 sizeof(struct pimreghdr));
1520 if (!MULTICAST(encap->daddr) ||
1521 encap->tot_len == 0 ||
1522 ntohs(encap->tot_len) + sizeof(*pim) > skb->len)
1523 goto drop;
1525 read_lock(&mrt_lock);
1526 if (reg_vif_num >= 0)
1527 reg_dev = vif_table[reg_vif_num].dev;
1528 if (reg_dev)
1529 dev_hold(reg_dev);
1530 read_unlock(&mrt_lock);
1532 if (reg_dev == NULL)
1533 goto drop;
1535 skb->mac_header = skb->network_header;
1536 skb_pull(skb, (u8*)encap - skb->data);
1537 skb_reset_network_header(skb);
1538 skb->dev = reg_dev;
1539 skb->protocol = htons(ETH_P_IP);
1540 skb->ip_summed = 0;
1541 skb->pkt_type = PACKET_HOST;
1542 dst_release(skb->dst);
1543 ((struct net_device_stats*)netdev_priv(reg_dev))->rx_bytes += skb->len;
1544 ((struct net_device_stats*)netdev_priv(reg_dev))->rx_packets++;
1545 skb->dst = NULL;
1546 nf_reset(skb);
1547 netif_rx(skb);
1548 dev_put(reg_dev);
1549 return 0;
1550 drop:
1551 kfree_skb(skb);
1552 return 0;
1554 #endif
1556 static int
1557 ipmr_fill_mroute(struct sk_buff *skb, struct mfc_cache *c, struct rtmsg *rtm)
1559 int ct;
1560 struct rtnexthop *nhp;
1561 struct net_device *dev = vif_table[c->mfc_parent].dev;
1562 u8 *b = skb_tail_pointer(skb);
1563 struct rtattr *mp_head;
1565 if (dev)
1566 RTA_PUT(skb, RTA_IIF, 4, &dev->ifindex);
1568 mp_head = (struct rtattr*)skb_put(skb, RTA_LENGTH(0));
1570 for (ct = c->mfc_un.res.minvif; ct < c->mfc_un.res.maxvif; ct++) {
1571 if (c->mfc_un.res.ttls[ct] < 255) {
1572 if (skb_tailroom(skb) < RTA_ALIGN(RTA_ALIGN(sizeof(*nhp)) + 4))
1573 goto rtattr_failure;
1574 nhp = (struct rtnexthop*)skb_put(skb, RTA_ALIGN(sizeof(*nhp)));
1575 nhp->rtnh_flags = 0;
1576 nhp->rtnh_hops = c->mfc_un.res.ttls[ct];
1577 nhp->rtnh_ifindex = vif_table[ct].dev->ifindex;
1578 nhp->rtnh_len = sizeof(*nhp);
1581 mp_head->rta_type = RTA_MULTIPATH;
1582 mp_head->rta_len = skb_tail_pointer(skb) - (u8 *)mp_head;
1583 rtm->rtm_type = RTN_MULTICAST;
1584 return 1;
1586 rtattr_failure:
1587 nlmsg_trim(skb, b);
1588 return -EMSGSIZE;
1591 int ipmr_get_route(struct sk_buff *skb, struct rtmsg *rtm, int nowait)
1593 int err;
1594 struct mfc_cache *cache;
1595 struct rtable *rt = (struct rtable*)skb->dst;
1597 read_lock(&mrt_lock);
1598 cache = ipmr_cache_find(rt->rt_src, rt->rt_dst);
1600 if (cache==NULL) {
1601 struct sk_buff *skb2;
1602 struct iphdr *iph;
1603 struct net_device *dev;
1604 int vif;
1606 if (nowait) {
1607 read_unlock(&mrt_lock);
1608 return -EAGAIN;
1611 dev = skb->dev;
1612 if (dev == NULL || (vif = ipmr_find_vif(dev)) < 0) {
1613 read_unlock(&mrt_lock);
1614 return -ENODEV;
1616 skb2 = skb_clone(skb, GFP_ATOMIC);
1617 if (!skb2) {
1618 read_unlock(&mrt_lock);
1619 return -ENOMEM;
1622 skb_push(skb2, sizeof(struct iphdr));
1623 skb_reset_network_header(skb2);
1624 iph = ip_hdr(skb2);
1625 iph->ihl = sizeof(struct iphdr) >> 2;
1626 iph->saddr = rt->rt_src;
1627 iph->daddr = rt->rt_dst;
1628 iph->version = 0;
1629 err = ipmr_cache_unresolved(vif, skb2);
1630 read_unlock(&mrt_lock);
1631 return err;
1634 if (!nowait && (rtm->rtm_flags&RTM_F_NOTIFY))
1635 cache->mfc_flags |= MFC_NOTIFY;
1636 err = ipmr_fill_mroute(skb, cache, rtm);
1637 read_unlock(&mrt_lock);
1638 return err;
1641 #ifdef CONFIG_PROC_FS
1643 * The /proc interfaces to multicast routing /proc/ip_mr_cache /proc/ip_mr_vif
1645 struct ipmr_vif_iter {
1646 int ct;
1649 static struct vif_device *ipmr_vif_seq_idx(struct ipmr_vif_iter *iter,
1650 loff_t pos)
1652 for (iter->ct = 0; iter->ct < maxvif; ++iter->ct) {
1653 if (!VIF_EXISTS(iter->ct))
1654 continue;
1655 if (pos-- == 0)
1656 return &vif_table[iter->ct];
1658 return NULL;
1661 static void *ipmr_vif_seq_start(struct seq_file *seq, loff_t *pos)
1663 read_lock(&mrt_lock);
1664 return *pos ? ipmr_vif_seq_idx(seq->private, *pos - 1)
1665 : SEQ_START_TOKEN;
1668 static void *ipmr_vif_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1670 struct ipmr_vif_iter *iter = seq->private;
1672 ++*pos;
1673 if (v == SEQ_START_TOKEN)
1674 return ipmr_vif_seq_idx(iter, 0);
1676 while (++iter->ct < maxvif) {
1677 if (!VIF_EXISTS(iter->ct))
1678 continue;
1679 return &vif_table[iter->ct];
1681 return NULL;
1684 static void ipmr_vif_seq_stop(struct seq_file *seq, void *v)
1686 read_unlock(&mrt_lock);
1689 static int ipmr_vif_seq_show(struct seq_file *seq, void *v)
1691 if (v == SEQ_START_TOKEN) {
1692 seq_puts(seq,
1693 "Interface BytesIn PktsIn BytesOut PktsOut Flags Local Remote\n");
1694 } else {
1695 const struct vif_device *vif = v;
1696 const char *name = vif->dev ? vif->dev->name : "none";
1698 seq_printf(seq,
1699 "%2Zd %-10s %8ld %7ld %8ld %7ld %05X %08X %08X\n",
1700 vif - vif_table,
1701 name, vif->bytes_in, vif->pkt_in,
1702 vif->bytes_out, vif->pkt_out,
1703 vif->flags, vif->local, vif->remote);
1705 return 0;
1708 static const struct seq_operations ipmr_vif_seq_ops = {
1709 .start = ipmr_vif_seq_start,
1710 .next = ipmr_vif_seq_next,
1711 .stop = ipmr_vif_seq_stop,
1712 .show = ipmr_vif_seq_show,
1715 static int ipmr_vif_open(struct inode *inode, struct file *file)
1717 return seq_open_private(file, &ipmr_vif_seq_ops,
1718 sizeof(struct ipmr_vif_iter));
1721 static const struct file_operations ipmr_vif_fops = {
1722 .owner = THIS_MODULE,
1723 .open = ipmr_vif_open,
1724 .read = seq_read,
1725 .llseek = seq_lseek,
1726 .release = seq_release_private,
1729 struct ipmr_mfc_iter {
1730 struct mfc_cache **cache;
1731 int ct;
1735 static struct mfc_cache *ipmr_mfc_seq_idx(struct ipmr_mfc_iter *it, loff_t pos)
1737 struct mfc_cache *mfc;
1739 it->cache = mfc_cache_array;
1740 read_lock(&mrt_lock);
1741 for (it->ct = 0; it->ct < MFC_LINES; it->ct++)
1742 for (mfc = mfc_cache_array[it->ct]; mfc; mfc = mfc->next)
1743 if (pos-- == 0)
1744 return mfc;
1745 read_unlock(&mrt_lock);
1747 it->cache = &mfc_unres_queue;
1748 spin_lock_bh(&mfc_unres_lock);
1749 for (mfc = mfc_unres_queue; mfc; mfc = mfc->next)
1750 if (pos-- == 0)
1751 return mfc;
1752 spin_unlock_bh(&mfc_unres_lock);
1754 it->cache = NULL;
1755 return NULL;
1759 static void *ipmr_mfc_seq_start(struct seq_file *seq, loff_t *pos)
1761 struct ipmr_mfc_iter *it = seq->private;
1762 it->cache = NULL;
1763 it->ct = 0;
1764 return *pos ? ipmr_mfc_seq_idx(seq->private, *pos - 1)
1765 : SEQ_START_TOKEN;
1768 static void *ipmr_mfc_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1770 struct mfc_cache *mfc = v;
1771 struct ipmr_mfc_iter *it = seq->private;
1773 ++*pos;
1775 if (v == SEQ_START_TOKEN)
1776 return ipmr_mfc_seq_idx(seq->private, 0);
1778 if (mfc->next)
1779 return mfc->next;
1781 if (it->cache == &mfc_unres_queue)
1782 goto end_of_list;
1784 BUG_ON(it->cache != mfc_cache_array);
1786 while (++it->ct < MFC_LINES) {
1787 mfc = mfc_cache_array[it->ct];
1788 if (mfc)
1789 return mfc;
1792 /* exhausted cache_array, show unresolved */
1793 read_unlock(&mrt_lock);
1794 it->cache = &mfc_unres_queue;
1795 it->ct = 0;
1797 spin_lock_bh(&mfc_unres_lock);
1798 mfc = mfc_unres_queue;
1799 if (mfc)
1800 return mfc;
1802 end_of_list:
1803 spin_unlock_bh(&mfc_unres_lock);
1804 it->cache = NULL;
1806 return NULL;
1809 static void ipmr_mfc_seq_stop(struct seq_file *seq, void *v)
1811 struct ipmr_mfc_iter *it = seq->private;
1813 if (it->cache == &mfc_unres_queue)
1814 spin_unlock_bh(&mfc_unres_lock);
1815 else if (it->cache == mfc_cache_array)
1816 read_unlock(&mrt_lock);
1819 static int ipmr_mfc_seq_show(struct seq_file *seq, void *v)
1821 int n;
1823 if (v == SEQ_START_TOKEN) {
1824 seq_puts(seq,
1825 "Group Origin Iif Pkts Bytes Wrong Oifs\n");
1826 } else {
1827 const struct mfc_cache *mfc = v;
1828 const struct ipmr_mfc_iter *it = seq->private;
1830 seq_printf(seq, "%08lX %08lX %-3d %8ld %8ld %8ld",
1831 (unsigned long) mfc->mfc_mcastgrp,
1832 (unsigned long) mfc->mfc_origin,
1833 mfc->mfc_parent,
1834 mfc->mfc_un.res.pkt,
1835 mfc->mfc_un.res.bytes,
1836 mfc->mfc_un.res.wrong_if);
1838 if (it->cache != &mfc_unres_queue) {
1839 for (n = mfc->mfc_un.res.minvif;
1840 n < mfc->mfc_un.res.maxvif; n++ ) {
1841 if (VIF_EXISTS(n)
1842 && mfc->mfc_un.res.ttls[n] < 255)
1843 seq_printf(seq,
1844 " %2d:%-3d",
1845 n, mfc->mfc_un.res.ttls[n]);
1848 seq_putc(seq, '\n');
1850 return 0;
1853 static const struct seq_operations ipmr_mfc_seq_ops = {
1854 .start = ipmr_mfc_seq_start,
1855 .next = ipmr_mfc_seq_next,
1856 .stop = ipmr_mfc_seq_stop,
1857 .show = ipmr_mfc_seq_show,
1860 static int ipmr_mfc_open(struct inode *inode, struct file *file)
1862 return seq_open_private(file, &ipmr_mfc_seq_ops,
1863 sizeof(struct ipmr_mfc_iter));
1866 static const struct file_operations ipmr_mfc_fops = {
1867 .owner = THIS_MODULE,
1868 .open = ipmr_mfc_open,
1869 .read = seq_read,
1870 .llseek = seq_lseek,
1871 .release = seq_release_private,
1873 #endif
1875 #ifdef CONFIG_IP_PIMSM_V2
1876 static struct net_protocol pim_protocol = {
1877 .handler = pim_rcv,
1879 #endif
1883 * Setup for IP multicast routing
1886 void __init ip_mr_init(void)
1888 mrt_cachep = kmem_cache_create("ip_mrt_cache",
1889 sizeof(struct mfc_cache),
1890 0, SLAB_HWCACHE_ALIGN|SLAB_PANIC,
1891 NULL);
1892 init_timer(&ipmr_expire_timer);
1893 ipmr_expire_timer.function=ipmr_expire_process;
1894 register_netdevice_notifier(&ip_mr_notifier);
1895 #ifdef CONFIG_PROC_FS
1896 proc_net_fops_create(&init_net, "ip_mr_vif", 0, &ipmr_vif_fops);
1897 proc_net_fops_create(&init_net, "ip_mr_cache", 0, &ipmr_mfc_fops);
1898 #endif