projects / linux-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
net/ipv4/igmp: Use struct_size() helper
[linux-block.git] / net / ipv6 / mcast.c
CommitLineData
2874c5fd 1// SPDX-License-Identifier: GPL-2.0-or-later
1da177e4
LT		 2/*
3 * Multicast support for IPv6
1ab1457c 4 * Linux INET6 implementation
1da177e4
LT		 5 *
6 * Authors:
1ab1457c 7 * Pedro Roque <roque@di.fc.ul.pt>
1da177e4 8 *
1ab1457c 9 * Based on linux/ipv4/igmp.c and linux/ipv4/ip_sockglue.c
1da177e4
LT		 10 */
11
12/* Changes:
13 *
14 * yoshfuji : fix format of router-alert option
15 * YOSHIFUJI Hideaki @USAGI:
16 * Fixed source address for MLD message based on
17 * <draft-ietf-magma-mld-source-05.txt>.
18 * YOSHIFUJI Hideaki @USAGI:
19 * - Ignore Queries for invalid addresses.
20 * - MLD for link-local addresses.
21 * David L Stevens <dlstevens@us.ibm.com>:
22 * - MLDv2 support
23 */
24
1da177e4
LT		 25#include <linux/module.h>
26#include <linux/errno.h>
27#include <linux/types.h>
28#include <linux/string.h>
29#include <linux/socket.h>
30#include <linux/sockios.h>
31#include <linux/jiffies.h>
1da177e4
LT		 32#include <linux/net.h>
33#include <linux/in.h>
34#include <linux/in6.h>
35#include <linux/netdevice.h>
36#include <linux/if_arp.h>
37#include <linux/route.h>
38#include <linux/init.h>
39#include <linux/proc_fs.h>
40#include <linux/seq_file.h>
5a0e3ad6 41#include <linux/slab.h>
9d4a0314 42#include <linux/pkt_sched.h>
6e7cb837 43#include <net/mld.h>
2d9a93b4 44#include <linux/workqueue.h>
1da177e4
LT		 45
46#include <linux/netfilter.h>
47#include <linux/netfilter_ipv6.h>
48
457c4cbc 49#include <net/net_namespace.h>
1da177e4
LT		 50#include <net/sock.h>
51#include <net/snmp.h>
52
53#include <net/ipv6.h>
54#include <net/protocol.h>
55#include <net/if_inet6.h>
56#include <net/ndisc.h>
57#include <net/addrconf.h>
58#include <net/ip6_route.h>
1ed8516f 59#include <net/inet_common.h>
1da177e4
LT		 60
61#include <net/ip6_checksum.h>
62
6e7cb837 63/* Ensure that we have struct in6_addr aligned on 32bit word. */
32b395a1
MY		 64static int __mld2_query_bugs[] __attribute__((__unused__)) = {
65 BUILD_BUG_ON_ZERO(offsetof(struct mld2_query, mld2q_srcs) % 4),
66 BUILD_BUG_ON_ZERO(offsetof(struct mld2_report, mld2r_grec) % 4),
67 BUILD_BUG_ON_ZERO(offsetof(struct mld2_grec, grec_mca) % 4)
1da177e4
LT		 68};
69
2d9a93b4 70static struct workqueue_struct *mld_wq;
1da177e4
LT		 71static struct in6_addr mld2_all_mcr = MLD2_ALL_MCR_INIT;
72
1da177e4
LT		 73static void igmp6_join_group(struct ifmcaddr6 *ma);
74static void igmp6_leave_group(struct ifmcaddr6 *ma);
2d9a93b4 75static void mld_mca_work(struct work_struct *work);
1da177e4 76
1da177e4 77static void mld_ifc_event(struct inet6_dev *idev);
6c567b78 78static bool mld_in_v1_mode(const struct inet6_dev *idev);
1da177e4
LT		 79static int sf_setstate(struct ifmcaddr6 *pmc);
80static void sf_markstate(struct ifmcaddr6 *pmc);
81static void ip6_mc_clear_src(struct ifmcaddr6 *pmc);
b71d1d42
ED		 82static int ip6_mc_del_src(struct inet6_dev *idev, const struct in6_addr *pmca,
83 int sfmode, int sfcount, const struct in6_addr *psfsrc,
1da177e4 84 int delta);
b71d1d42
ED		 85static int ip6_mc_add_src(struct inet6_dev *idev, const struct in6_addr *pmca,
86 int sfmode, int sfcount, const struct in6_addr *psfsrc,
1da177e4
LT		 87 int delta);
88static int ip6_mc_leave_src(struct sock *sk, struct ipv6_mc_socklist *iml,
89 struct inet6_dev *idev);
c7ea20c9
HL		 90static int __ipv6_dev_mc_inc(struct net_device *dev,
91 const struct in6_addr *addr, unsigned int mode);
1da177e4 92
1da177e4 93#define MLD_QRV_DEFAULT 2
89225d1c
DB		 94/* RFC3810, 9.2. Query Interval */
95#define MLD_QI_DEFAULT (125 * HZ)
96/* RFC3810, 9.3. Query Response Interval */
97#define MLD_QRI_DEFAULT (10 * HZ)
1da177e4 98
9fd07841
DB		 99/* RFC3810, 8.1 Query Version Distinctions */
100#define MLD_V1_QUERY_LEN 24
101#define MLD_V2_QUERY_LEN_MIN 28
102
6f4353d8 103#define IPV6_MLD_MAX_MSF 64
1da177e4 104
ab32ea5d 105int sysctl_mld_max_msf __read_mostly = IPV6_MLD_MAX_MSF;
2f711939 106int sysctl_mld_qrv __read_mostly = MLD_QRV_DEFAULT;
1da177e4
LT		 107
108/*
109 * socket join on multicast group
110 */
63ed8de4
TY		 111#define mc_dereference(e, idev) \
112 rcu_dereference_protected(e, lockdep_is_held(&(idev)->mc_lock))
1da177e4 113
4b4b8446
TY		 114#define sock_dereference(e, sk) \
115 rcu_dereference_protected(e, lockdep_sock_is_held(sk))
116
117#define for_each_pmc_socklock(np, sk, pmc) \
118 for (pmc = sock_dereference((np)->ipv6_mc_list, sk); \
88e2ca30 119 pmc; \
4b4b8446 120 pmc = sock_dereference(pmc->next, sk))
88e2ca30 121
456b61bc 122#define for_each_pmc_rcu(np, pmc) \
4b200e39
TY		 123 for (pmc = rcu_dereference((np)->ipv6_mc_list); \
124 pmc; \
456b61bc
ED		 125 pmc = rcu_dereference(pmc->next))
126
63ed8de4
TY		 127#define for_each_psf_mclock(mc, psf) \
128 for (psf = mc_dereference((mc)->mca_sources, mc->idev); \
4b200e39 129 psf; \
63ed8de4 130 psf = mc_dereference(psf->sf_next, mc->idev))
4b200e39
TY		 131
132#define for_each_psf_rcu(mc, psf) \
133 for (psf = rcu_dereference((mc)->mca_sources); \
134 psf; \
135 psf = rcu_dereference(psf->sf_next))
136
137#define for_each_psf_tomb(mc, psf) \
63ed8de4 138 for (psf = mc_dereference((mc)->mca_tomb, mc->idev); \
4b200e39 139 psf; \
63ed8de4 140 psf = mc_dereference(psf->sf_next, mc->idev))
4b200e39 141
63ed8de4
TY		 142#define for_each_mc_mclock(idev, mc) \
143 for (mc = mc_dereference((idev)->mc_list, idev); \
88e2ca30 144 mc; \
63ed8de4 145 mc = mc_dereference(mc->next, idev))
88e2ca30
TY		 146
147#define for_each_mc_rcu(idev, mc) \
148 for (mc = rcu_dereference((idev)->mc_list); \
149 mc; \
150 mc = rcu_dereference(mc->next))
151
152#define for_each_mc_tomb(idev, mc) \
63ed8de4 153 for (mc = mc_dereference((idev)->mc_tomb, idev); \
88e2ca30 154 mc; \
63ed8de4 155 mc = mc_dereference(mc->next, idev))
88e2ca30 156
fc4eba58
HFS		 157static int unsolicited_report_interval(struct inet6_dev *idev)
158{
159 int iv;
160
6c567b78 161 if (mld_in_v1_mode(idev))
fc4eba58
HFS		 162 iv = idev->cnf.mldv1_unsolicited_report_interval;
163 else
164 iv = idev->cnf.mldv2_unsolicited_report_interval;
165
166 return iv > 0 ? iv : 1;
167}
168
c7ea20c9
HL		 169static int __ipv6_sock_mc_join(struct sock *sk, int ifindex,
170 const struct in6_addr *addr, unsigned int mode)
1da177e4
LT		 171{
172 struct net_device *dev = NULL;
173 struct ipv6_mc_socklist *mc_lst;
174 struct ipv6_pinfo *np = inet6_sk(sk);
3b1e0a65 175 struct net *net = sock_net(sk);
1da177e4
LT		 176 int err;
177
46a4dee0
MC		 178 ASSERT_RTNL();
179
1da177e4
LT		 180 if (!ipv6_addr_is_multicast(addr))
181 return -EINVAL;
182
4b4b8446 183 for_each_pmc_socklock(np, sk, mc_lst) {
c9e3e8b6 184 if ((ifindex == 0 || mc_lst->ifindex == ifindex) &&
88e2ca30 185 ipv6_addr_equal(&mc_lst->addr, addr))
c9e3e8b6 186 return -EADDRINUSE;
c9e3e8b6 187 }
c9e3e8b6 188
1da177e4
LT		 189 mc_lst = sock_kmalloc(sk, sizeof(struct ipv6_mc_socklist), GFP_KERNEL);
190
63159f29 191 if (!mc_lst)
1da177e4
LT		 192 return -ENOMEM;
193
194 mc_lst->next = NULL;
4e3fd7a0 195 mc_lst->addr = *addr;
1da177e4
LT		 196
197 if (ifindex == 0) {
198 struct rt6_info *rt;
b75cc8f9 199 rt = rt6_lookup(net, addr, NULL, 0, NULL, 0);
1da177e4 200 if (rt) {
d1918542 201 dev = rt->dst.dev;
94e187c0 202 ip6_rt_put(rt);
1da177e4
LT		 203 }
204 } else
414b6c94 205 dev = __dev_get_by_index(net, ifindex);
1da177e4 206
63159f29 207 if (!dev) {
1da177e4
LT		 208 sock_kfree_s(sk, mc_lst, sizeof(*mc_lst));
209 return -ENODEV;
210 }
211
212 mc_lst->ifindex = dev->ifindex;
c7ea20c9 213 mc_lst->sfmode = mode;
882ba1f7 214 RCU_INIT_POINTER(mc_lst->sflist, NULL);
1da177e4
LT		 215
216 /*
217 * now add/increase the group membership on the device
218 */
219
c7ea20c9 220 err = __ipv6_dev_mc_inc(dev, addr, mode);
1da177e4
LT		 221
222 if (err) {
223 sock_kfree_s(sk, mc_lst, sizeof(*mc_lst));
1da177e4
LT		 224 return err;
225 }
226
1da177e4 227 mc_lst->next = np->ipv6_mc_list;
456b61bc 228 rcu_assign_pointer(np->ipv6_mc_list, mc_lst);
1da177e4 229
46a4dee0
MC		 230 return 0;
231}
c7ea20c9
HL		 232
233int ipv6_sock_mc_join(struct sock *sk, int ifindex, const struct in6_addr *addr)
234{
235 return __ipv6_sock_mc_join(sk, ifindex, addr, MCAST_EXCLUDE);
236}
46a4dee0 237EXPORT_SYMBOL(ipv6_sock_mc_join);
1da177e4 238
c7ea20c9
HL		 239int ipv6_sock_mc_join_ssm(struct sock *sk, int ifindex,
240 const struct in6_addr *addr, unsigned int mode)
241{
242 return __ipv6_sock_mc_join(sk, ifindex, addr, mode);
243}
244
1da177e4
LT		 245/*
246 * socket leave on multicast group
247 */
54ff9ef3 248int ipv6_sock_mc_drop(struct sock *sk, int ifindex, const struct in6_addr *addr)
1da177e4
LT		 249{
250 struct ipv6_pinfo *np = inet6_sk(sk);
456b61bc
ED		 251 struct ipv6_mc_socklist *mc_lst;
252 struct ipv6_mc_socklist __rcu **lnk;
3b1e0a65 253 struct net *net = sock_net(sk);
1da177e4 254
46a4dee0
MC		 255 ASSERT_RTNL();
256
a858d64b
LW		 257 if (!ipv6_addr_is_multicast(addr))
258 return -EINVAL;
259
456b61bc 260 for (lnk = &np->ipv6_mc_list;
4b4b8446 261 (mc_lst = sock_dereference(*lnk, sk)) != NULL;
456b61bc 262 lnk = &mc_lst->next) {
1da177e4
LT		 263 if ((ifindex == 0 || mc_lst->ifindex == ifindex) &&
264 ipv6_addr_equal(&mc_lst->addr, addr)) {
265 struct net_device *dev;
266
267 *lnk = mc_lst->next;
1da177e4 268
414b6c94 269 dev = __dev_get_by_index(net, mc_lst->ifindex);
53b24b8f 270 if (dev) {
96b52e61 271 struct inet6_dev *idev = __in6_dev_get(dev);
1da177e4 272
63ed8de4 273 ip6_mc_leave_src(sk, mc_lst, idev);
96b52e61 274 if (idev)
1da177e4 275 __ipv6_dev_mc_dec(idev, &mc_lst->addr);
63ed8de4
TY		 276 } else {
277 ip6_mc_leave_src(sk, mc_lst, NULL);
278 }
a9ed4a29 279
456b61bc 280 atomic_sub(sizeof(*mc_lst), &sk->sk_omem_alloc);
e3cbf28f 281 kfree_rcu(mc_lst, rcu);
1da177e4
LT		 282 return 0;
283 }
284 }
1da177e4 285
9951f036 286 return -EADDRNOTAVAIL;
1da177e4 287}
46a4dee0 288EXPORT_SYMBOL(ipv6_sock_mc_drop);
1da177e4 289
88e2ca30
TY		 290static struct inet6_dev *ip6_mc_find_dev_rtnl(struct net *net,
291 const struct in6_addr *group,
292 int ifindex)
1da177e4
LT		 293{
294 struct net_device *dev = NULL;
295 struct inet6_dev *idev = NULL;
296
297 if (ifindex == 0) {
b75cc8f9 298 struct rt6_info *rt = rt6_lookup(net, group, NULL, 0, NULL, 0);
1da177e4 299
1da177e4 300 if (rt) {
d1918542 301 dev = rt->dst.dev;
94e187c0 302 ip6_rt_put(rt);
1da177e4 303 }
88e2ca30
TY		 304 } else {
305 dev = __dev_get_by_index(net, ifindex);
306 }
1da177e4
LT		 307
308 if (!dev)
96b52e61
ED		 309 return NULL;
310 idev = __in6_dev_get(dev);
448eb71f 311 if (!idev)
8a22c99a 312 return NULL;
88e2ca30 313 if (idev->dead)
96b52e61 314 return NULL;
1da177e4
LT		 315 return idev;
316}
317
8651be8f 318void __ipv6_sock_mc_close(struct sock *sk)
1da177e4
LT		 319{
320 struct ipv6_pinfo *np = inet6_sk(sk);
321 struct ipv6_mc_socklist *mc_lst;
3b1e0a65 322 struct net *net = sock_net(sk);
1da177e4 323
8651be8f 324 ASSERT_RTNL();
0e1efe9d 325
4b4b8446 326 while ((mc_lst = sock_dereference(np->ipv6_mc_list, sk)) != NULL) {
1da177e4
LT		 327 struct net_device *dev;
328
329 np->ipv6_mc_list = mc_lst->next;
1da177e4 330
414b6c94 331 dev = __dev_get_by_index(net, mc_lst->ifindex);
1da177e4 332 if (dev) {
96b52e61 333 struct inet6_dev *idev = __in6_dev_get(dev);
1da177e4 334
63ed8de4 335 ip6_mc_leave_src(sk, mc_lst, idev);
96b52e61 336 if (idev)
1da177e4 337 __ipv6_dev_mc_dec(idev, &mc_lst->addr);
63ed8de4
TY		 338 } else {
339 ip6_mc_leave_src(sk, mc_lst, NULL);
340 }
1da177e4 341
456b61bc 342 atomic_sub(sizeof(*mc_lst), &sk->sk_omem_alloc);
e3cbf28f 343 kfree_rcu(mc_lst, rcu);
1da177e4 344 }
8651be8f
WC		 345}
346
347void ipv6_sock_mc_close(struct sock *sk)
348{
349 struct ipv6_pinfo *np = inet6_sk(sk);
350
351 if (!rcu_access_pointer(np->ipv6_mc_list))
352 return;
4b4b8446 353
8651be8f 354 rtnl_lock();
4b4b8446 355 lock_sock(sk);
8651be8f 356 __ipv6_sock_mc_close(sk);
4b4b8446 357 release_sock(sk);
a9ed4a29 358 rtnl_unlock();
1da177e4
LT		 359}
360
361int ip6_mc_source(int add, int omode, struct sock *sk,
362 struct group_source_req *pgsr)
363{
364 struct in6_addr *source, *group;
365 struct ipv6_mc_socklist *pmc;
1da177e4
LT		 366 struct inet6_dev *idev;
367 struct ipv6_pinfo *inet6 = inet6_sk(sk);
368 struct ip6_sf_socklist *psl;
3b1e0a65 369 struct net *net = sock_net(sk);
1da177e4 370 int i, j, rv;
c9e3e8b6 371 int leavegroup = 0;
1da177e4
LT		 372 int err;
373
1da177e4
LT		 374 source = &((struct sockaddr_in6 *)&pgsr->gsr_source)->sin6_addr;
375 group = &((struct sockaddr_in6 *)&pgsr->gsr_group)->sin6_addr;
376
377 if (!ipv6_addr_is_multicast(group))
378 return -EINVAL;
379
88e2ca30
TY		 380 idev = ip6_mc_find_dev_rtnl(net, group, pgsr->gsr_interface);
381 if (!idev)
1da177e4 382 return -ENODEV;
1da177e4
LT		 383
384 err = -EADDRNOTAVAIL;
385
63ed8de4 386 mutex_lock(&idev->mc_lock);
4b4b8446 387 for_each_pmc_socklock(inet6, sk, pmc) {
1da177e4
LT		 388 if (pgsr->gsr_interface && pmc->ifindex != pgsr->gsr_interface)
389 continue;
390 if (ipv6_addr_equal(&pmc->addr, group))
391 break;
392 }
917f2f10
DS		 393 if (!pmc) { /* must have a prior join */
394 err = -EINVAL;
1da177e4 395 goto done;
917f2f10 396 }
1da177e4 397 /* if a source filter was set, must be the same mode as before */
882ba1f7 398 if (rcu_access_pointer(pmc->sflist)) {
917f2f10
DS		 399 if (pmc->sfmode != omode) {
400 err = -EINVAL;
1da177e4 401 goto done;
917f2f10 402 }
1da177e4
LT		 403 } else if (pmc->sfmode != omode) {
404 /* allow mode switches for empty-set filters */
405 ip6_mc_add_src(idev, group, omode, 0, NULL, 0);
406 ip6_mc_del_src(idev, group, pmc->sfmode, 0, NULL, 0);
407 pmc->sfmode = omode;
408 }
409
4b4b8446 410 psl = sock_dereference(pmc->sflist, sk);
1da177e4
LT		 411 if (!add) {
412 if (!psl)
917f2f10 413 goto done; /* err = -EADDRNOTAVAIL */
1da177e4 414 rv = !0;
67ba4152 415 for (i = 0; i < psl->sl_count; i++) {
07c2fecc 416 rv = !ipv6_addr_equal(&psl->sl_addr[i], source);
1da177e4
LT		 417 if (rv == 0)
418 break;
419 }
420 if (rv) /* source not found */
917f2f10 421 goto done; /* err = -EADDRNOTAVAIL */
1da177e4 422
c9e3e8b6
DS		 423 /* special case - (INCLUDE, empty) == LEAVE_GROUP */
424 if (psl->sl_count == 1 && omode == MCAST_INCLUDE) {
425 leavegroup = 1;
426 goto done;
427 }
428
1da177e4
LT		 429 /* update the interface filter */
430 ip6_mc_del_src(idev, group, omode, 1, source, 1);
431
67ba4152 432 for (j = i+1; j < psl->sl_count; j++)
1da177e4
LT		 433 psl->sl_addr[j-1] = psl->sl_addr[j];
434 psl->sl_count--;
435 err = 0;
436 goto done;
437 }
438 /* else, add a new source to the filter */
439
440 if (psl && psl->sl_count >= sysctl_mld_max_msf) {
441 err = -ENOBUFS;
442 goto done;
443 }
444 if (!psl || psl->sl_count == psl->sl_max) {
445 struct ip6_sf_socklist *newpsl;
446 int count = IP6_SFBLOCK;
447
448 if (psl)
449 count += psl->sl_max;
f185de28 450 newpsl = sock_kmalloc(sk, IP6_SFLSIZE(count), GFP_KERNEL);
1da177e4
LT		 451 if (!newpsl) {
452 err = -ENOBUFS;
453 goto done;
454 }
455 newpsl->sl_max = count;
456 newpsl->sl_count = count - IP6_SFBLOCK;
457 if (psl) {
67ba4152 458 for (i = 0; i < psl->sl_count; i++)
1da177e4 459 newpsl->sl_addr[i] = psl->sl_addr[i];
882ba1f7
TY		 460 atomic_sub(IP6_SFLSIZE(psl->sl_max), &sk->sk_omem_alloc);
461 kfree_rcu(psl, rcu);
1da177e4 462 }
882ba1f7
TY		 463 psl = newpsl;
464 rcu_assign_pointer(pmc->sflist, psl);
1da177e4
LT		 465 }
466 rv = 1; /* > 0 for insert logic below if sl_count is 0 */
67ba4152 467 for (i = 0; i < psl->sl_count; i++) {
07c2fecc 468 rv = !ipv6_addr_equal(&psl->sl_addr[i], source);
56db1c5f
JS		 469 if (rv == 0) /* There is an error in the address. */
470 goto done;
1da177e4 471 }
67ba4152 472 for (j = psl->sl_count-1; j >= i; j--)
1da177e4
LT		 473 psl->sl_addr[j+1] = psl->sl_addr[j];
474 psl->sl_addr[i] = *source;
475 psl->sl_count++;
476 err = 0;
477 /* update the interface list */
478 ip6_mc_add_src(idev, group, omode, 1, source, 1);
479done:
63ed8de4 480 mutex_unlock(&idev->mc_lock);
c9e3e8b6 481 if (leavegroup)
54ff9ef3 482 err = ipv6_sock_mc_drop(sk, pgsr->gsr_interface, group);
1da177e4
LT		 483 return err;
484}
485
d59eb177
AV		 486int ip6_mc_msfilter(struct sock *sk, struct group_filter *gsf,
487 struct sockaddr_storage *list)
1da177e4 488{
b71d1d42 489 const struct in6_addr *group;
1da177e4 490 struct ipv6_mc_socklist *pmc;
1da177e4
LT		 491 struct inet6_dev *idev;
492 struct ipv6_pinfo *inet6 = inet6_sk(sk);
493 struct ip6_sf_socklist *newpsl, *psl;
3b1e0a65 494 struct net *net = sock_net(sk);
9951f036 495 int leavegroup = 0;
1da177e4
LT		 496 int i, err;
497
498 group = &((struct sockaddr_in6 *)&gsf->gf_group)->sin6_addr;
499
500 if (!ipv6_addr_is_multicast(group))
501 return -EINVAL;
502 if (gsf->gf_fmode != MCAST_INCLUDE &&
503 gsf->gf_fmode != MCAST_EXCLUDE)
504 return -EINVAL;
505
88e2ca30
TY		 506 idev = ip6_mc_find_dev_rtnl(net, group, gsf->gf_interface);
507 if (!idev)
1da177e4 508 return -ENODEV;
1da177e4 509
9c05989b 510 err = 0;
5ab4a6c8 511
9951f036
DS		 512 if (gsf->gf_fmode == MCAST_INCLUDE && gsf->gf_numsrc == 0) {
513 leavegroup = 1;
514 goto done;
515 }
516
4b4b8446 517 for_each_pmc_socklock(inet6, sk, pmc) {
1da177e4
LT		 518 if (pmc->ifindex != gsf->gf_interface)
519 continue;
520 if (ipv6_addr_equal(&pmc->addr, group))
521 break;
522 }
917f2f10
DS		 523 if (!pmc) { /* must have a prior join */
524 err = -EINVAL;
1da177e4 525 goto done;
917f2f10 526 }
1da177e4 527 if (gsf->gf_numsrc) {
8b3a7005 528 newpsl = sock_kmalloc(sk, IP6_SFLSIZE(gsf->gf_numsrc),
f185de28 529 GFP_KERNEL);
1da177e4
LT		 530 if (!newpsl) {
531 err = -ENOBUFS;
532 goto done;
533 }
534 newpsl->sl_max = newpsl->sl_count = gsf->gf_numsrc;
d59eb177 535 for (i = 0; i < newpsl->sl_count; ++i, ++list) {
1da177e4
LT		 536 struct sockaddr_in6 *psin6;
537
d59eb177 538 psin6 = (struct sockaddr_in6 *)list;
1da177e4
LT		 539 newpsl->sl_addr[i] = psin6->sin6_addr;
540 }
63ed8de4 541 mutex_lock(&idev->mc_lock);
1da177e4 542 err = ip6_mc_add_src(idev, group, gsf->gf_fmode,
63ed8de4 543 newpsl->sl_count, newpsl->sl_addr, 0);
1da177e4 544 if (err) {
63ed8de4 545 mutex_unlock(&idev->mc_lock);
1da177e4
LT		 546 sock_kfree_s(sk, newpsl, IP6_SFLSIZE(newpsl->sl_max));
547 goto done;
548 }
63ed8de4 549 mutex_unlock(&idev->mc_lock);
8713dbf0 550 } else {
1da177e4 551 newpsl = NULL;
63ed8de4
TY		 552 mutex_lock(&idev->mc_lock);
553 ip6_mc_add_src(idev, group, gsf->gf_fmode, 0, NULL, 0);
554 mutex_unlock(&idev->mc_lock);
8713dbf0 555 }
5ab4a6c8 556
63ed8de4 557 mutex_lock(&idev->mc_lock);
4b4b8446 558 psl = sock_dereference(pmc->sflist, sk);
1da177e4 559 if (psl) {
63ed8de4
TY		 560 ip6_mc_del_src(idev, group, pmc->sfmode,
561 psl->sl_count, psl->sl_addr, 0);
882ba1f7
TY		 562 atomic_sub(IP6_SFLSIZE(psl->sl_max), &sk->sk_omem_alloc);
563 kfree_rcu(psl, rcu);
63ed8de4
TY		 564 } else {
565 ip6_mc_del_src(idev, group, pmc->sfmode, 0, NULL, 0);
566 }
567 mutex_unlock(&idev->mc_lock);
882ba1f7 568 rcu_assign_pointer(pmc->sflist, newpsl);
1da177e4 569 pmc->sfmode = gsf->gf_fmode;
917f2f10 570 err = 0;
1da177e4 571done:
9951f036
DS		 572 if (leavegroup)
573 err = ipv6_sock_mc_drop(sk, gsf->gf_interface, group);
1da177e4
LT		 574 return err;
575}
576
577int ip6_mc_msfget(struct sock *sk, struct group_filter *gsf,
400490ac 578 struct sockaddr_storage __user *p)
1da177e4 579{
4b4b8446 580 struct ipv6_pinfo *inet6 = inet6_sk(sk);
b71d1d42 581 const struct in6_addr *group;
1da177e4 582 struct ipv6_mc_socklist *pmc;
1da177e4 583 struct ip6_sf_socklist *psl;
4b4b8446 584 int i, count, copycount;
1da177e4
LT		 585
586 group = &((struct sockaddr_in6 *)&gsf->gf_group)->sin6_addr;
587
588 if (!ipv6_addr_is_multicast(group))
589 return -EINVAL;
590
f7ed925c 591 /* changes to the ipv6_mc_list require the socket lock and
4b4b8446 592 * rtnl lock. We have the socket lock, so reading the list is safe.
5ab4a6c8 593 */
1da177e4 594
4b4b8446 595 for_each_pmc_socklock(inet6, sk, pmc) {
1da177e4
LT		 596 if (pmc->ifindex != gsf->gf_interface)
597 continue;
598 if (ipv6_addr_equal(group, &pmc->addr))
599 break;
600 }
601 if (!pmc) /* must have a prior join */
4b4b8446 602 return -EADDRNOTAVAIL;
88e2ca30 603
1da177e4 604 gsf->gf_fmode = pmc->sfmode;
4b4b8446 605 psl = sock_dereference(pmc->sflist, sk);
1da177e4 606 count = psl ? psl->sl_count : 0;
1da177e4
LT		 607
608 copycount = count < gsf->gf_numsrc ? count : gsf->gf_numsrc;
609 gsf->gf_numsrc = count;
882ba1f7 610
931ca7ab 611 for (i = 0; i < copycount; i++, p++) {
1da177e4
LT		 612 struct sockaddr_in6 *psin6;
613 struct sockaddr_storage ss;
614
615 psin6 = (struct sockaddr_in6 *)&ss;
616 memset(&ss, 0, sizeof(ss));
617 psin6->sin6_family = AF_INET6;
618 psin6->sin6_addr = psl->sl_addr[i];
931ca7ab 619 if (copy_to_user(p, &ss, sizeof(ss)))
1da177e4
LT		 620 return -EFAULT;
621 }
622 return 0;
1da177e4
LT		 623}
624
a50feda5
ED		 625bool inet6_mc_check(struct sock *sk, const struct in6_addr *mc_addr,
626 const struct in6_addr *src_addr)
1da177e4
LT		 627{
628 struct ipv6_pinfo *np = inet6_sk(sk);
629 struct ipv6_mc_socklist *mc;
630 struct ip6_sf_socklist *psl;
a50feda5 631 bool rv = true;
1da177e4 632
456b61bc
ED		 633 rcu_read_lock();
634 for_each_pmc_rcu(np, mc) {
1da177e4
LT		 635 if (ipv6_addr_equal(&mc->addr, mc_addr))
636 break;
637 }
638 if (!mc) {
456b61bc 639 rcu_read_unlock();
15033f04 640 return np->mc_all;
1da177e4 641 }
882ba1f7 642 psl = rcu_dereference(mc->sflist);
1da177e4
LT		 643 if (!psl) {
644 rv = mc->sfmode == MCAST_EXCLUDE;
645 } else {
646 int i;
647
67ba4152 648 for (i = 0; i < psl->sl_count; i++) {
1da177e4
LT		 649 if (ipv6_addr_equal(&psl->sl_addr[i], src_addr))
650 break;
651 }
652 if (mc->sfmode == MCAST_INCLUDE && i >= psl->sl_count)
a50feda5 653 rv = false;
1da177e4 654 if (mc->sfmode == MCAST_EXCLUDE && i < psl->sl_count)
a50feda5 655 rv = false;
1da177e4 656 }
456b61bc 657 rcu_read_unlock();
1da177e4
LT		 658
659 return rv;
660}
661
63ed8de4 662/* called with mc_lock */
0ae0d60a 663static void igmp6_group_added(struct ifmcaddr6 *mc)
1da177e4
LT		 664{
665 struct net_device *dev = mc->idev->dev;
666 char buf[MAX_ADDR_LEN];
667
ec16ef22
YH		 668 if (IPV6_ADDR_MC_SCOPE(&mc->mca_addr) <
669 IPV6_ADDR_SCOPE_LINKLOCAL)
670 return;
671
1da177e4
LT		 672 if (!(mc->mca_flags&MAF_LOADED)) {
673 mc->mca_flags |= MAF_LOADED;
674 if (ndisc_mc_map(&mc->mca_addr, buf, dev, 0) == 0)
22bedad3 675 dev_mc_add(dev, buf);
1da177e4 676 }
1da177e4
LT		 677
678 if (!(dev->flags & IFF_UP) || (mc->mca_flags & MAF_NOREPORT))
679 return;
680
6c567b78 681 if (mld_in_v1_mode(mc->idev)) {
1da177e4
LT		 682 igmp6_join_group(mc);
683 return;
684 }
685 /* else v2 */
686
c7ea20c9
HL		 687 /* Based on RFC3810 6.1, for newly added INCLUDE SSM, we
688 * should not send filter-mode change record as the mode
689 * should be from IN() to IN(A).
690 */
0ae0d60a 691 if (mc->mca_sfmode == MCAST_EXCLUDE)
c7ea20c9
HL		 692 mc->mca_crcount = mc->idev->mc_qrv;
693
1da177e4
LT		 694 mld_ifc_event(mc->idev);
695}
696
63ed8de4 697/* called with mc_lock */
1da177e4
LT		 698static void igmp6_group_dropped(struct ifmcaddr6 *mc)
699{
700 struct net_device *dev = mc->idev->dev;
701 char buf[MAX_ADDR_LEN];
702
ec16ef22
YH		 703 if (IPV6_ADDR_MC_SCOPE(&mc->mca_addr) <
704 IPV6_ADDR_SCOPE_LINKLOCAL)
705 return;
706
1da177e4
LT		 707 if (mc->mca_flags&MAF_LOADED) {
708 mc->mca_flags &= ~MAF_LOADED;
709 if (ndisc_mc_map(&mc->mca_addr, buf, dev, 0) == 0)
22bedad3 710 dev_mc_del(dev, buf);
1da177e4
LT		 711 }
712
1666d49e
HL		 713 if (mc->mca_flags & MAF_NOREPORT)
714 return;
1da177e4
LT		 715
716 if (!mc->idev->dead)
717 igmp6_leave_group(mc);
718
2d9a93b4 719 if (cancel_delayed_work(&mc->mca_work))
d3981bc6 720 refcount_dec(&mc->mca_refcnt);
1da177e4
LT		 721}
722
723/*
724 * deleted ifmcaddr6 manipulation
63ed8de4 725 * called with mc_lock
1da177e4
LT		 726 */
727static void mld_add_delrec(struct inet6_dev *idev, struct ifmcaddr6 *im)
728{
729 struct ifmcaddr6 *pmc;
730
731 /* this is an "ifmcaddr6" for convenience; only the fields below
732 * are actually used. In particular, the refcnt and users are not
733 * used for management of the delete list. Using the same structure
734 * for deleted items allows change reports to use common code with
735 * non-deleted or query-response MCA's.
736 */
f185de28 737 pmc = kzalloc(sizeof(*pmc), GFP_KERNEL);
1da177e4
LT		 738 if (!pmc)
739 return;
0c600eda 740
1da177e4
LT		 741 pmc->idev = im->idev;
742 in6_dev_hold(idev);
743 pmc->mca_addr = im->mca_addr;
744 pmc->mca_crcount = idev->mc_qrv;
745 pmc->mca_sfmode = im->mca_sfmode;
746 if (pmc->mca_sfmode == MCAST_INCLUDE) {
747 struct ip6_sf_list *psf;
748
4b200e39 749 rcu_assign_pointer(pmc->mca_tomb,
63ed8de4 750 mc_dereference(im->mca_tomb, idev));
4b200e39 751 rcu_assign_pointer(pmc->mca_sources,
63ed8de4 752 mc_dereference(im->mca_sources, idev));
4b200e39
TY		 753 RCU_INIT_POINTER(im->mca_tomb, NULL);
754 RCU_INIT_POINTER(im->mca_sources, NULL);
755
63ed8de4 756 for_each_psf_mclock(pmc, psf)
1da177e4
LT		 757 psf->sf_crcount = pmc->mca_crcount;
758 }
1da177e4 759
88e2ca30
TY		 760 rcu_assign_pointer(pmc->next, idev->mc_tomb);
761 rcu_assign_pointer(idev->mc_tomb, pmc);
1da177e4
LT		 762}
763
63ed8de4 764/* called with mc_lock */
1666d49e 765static void mld_del_delrec(struct inet6_dev *idev, struct ifmcaddr6 *im)
1da177e4 766{
4b200e39 767 struct ip6_sf_list *psf, *sources, *tomb;
1666d49e 768 struct in6_addr *pmca = &im->mca_addr;
4b200e39 769 struct ifmcaddr6 *pmc, *pmc_prev;
1da177e4 770
1da177e4 771 pmc_prev = NULL;
88e2ca30 772 for_each_mc_tomb(idev, pmc) {
1da177e4
LT		 773 if (ipv6_addr_equal(&pmc->mca_addr, pmca))
774 break;
775 pmc_prev = pmc;
776 }
777 if (pmc) {
778 if (pmc_prev)
88e2ca30 779 rcu_assign_pointer(pmc_prev->next, pmc->next);
1da177e4 780 else
88e2ca30 781 rcu_assign_pointer(idev->mc_tomb, pmc->next);
1da177e4 782 }
6457d26b 783
1da177e4 784 if (pmc) {
1666d49e 785 im->idev = pmc->idev;
08d3ffcc 786 if (im->mca_sfmode == MCAST_INCLUDE) {
4b200e39 787 tomb = rcu_replace_pointer(im->mca_tomb,
63ed8de4
TY		 788 mc_dereference(pmc->mca_tomb, pmc->idev),
789 lockdep_is_held(&im->idev->mc_lock));
4b200e39
TY		 790 rcu_assign_pointer(pmc->mca_tomb, tomb);
791
792 sources = rcu_replace_pointer(im->mca_sources,
63ed8de4
TY		 793 mc_dereference(pmc->mca_sources, pmc->idev),
794 lockdep_is_held(&im->idev->mc_lock));
4b200e39 795 rcu_assign_pointer(pmc->mca_sources, sources);
63ed8de4 796 for_each_psf_mclock(im, psf)
c7ea20c9
HL		 797 psf->sf_crcount = idev->mc_qrv;
798 } else {
799 im->mca_crcount = idev->mc_qrv;
1da177e4
LT		 800 }
801 in6_dev_put(pmc->idev);
a84d0164 802 ip6_mc_clear_src(pmc);
88e2ca30 803 kfree_rcu(pmc, rcu);
1da177e4
LT		 804 }
805}
806
63ed8de4 807/* called with mc_lock */
1da177e4
LT		 808static void mld_clear_delrec(struct inet6_dev *idev)
809{
810 struct ifmcaddr6 *pmc, *nextpmc;
811
63ed8de4 812 pmc = mc_dereference(idev->mc_tomb, idev);
88e2ca30 813 RCU_INIT_POINTER(idev->mc_tomb, NULL);
1da177e4
LT		 814
815 for (; pmc; pmc = nextpmc) {
63ed8de4 816 nextpmc = mc_dereference(pmc->next, idev);
1da177e4
LT		 817 ip6_mc_clear_src(pmc);
818 in6_dev_put(pmc->idev);
88e2ca30 819 kfree_rcu(pmc, rcu);
1da177e4
LT		 820 }
821
822 /* clear dead sources, too */
63ed8de4 823 for_each_mc_mclock(idev, pmc) {
1da177e4
LT		 824 struct ip6_sf_list *psf, *psf_next;
825
63ed8de4 826 psf = mc_dereference(pmc->mca_tomb, idev);
4b200e39 827 RCU_INIT_POINTER(pmc->mca_tomb, NULL);
67ba4152 828 for (; psf; psf = psf_next) {
63ed8de4 829 psf_next = mc_dereference(psf->sf_next, idev);
4b200e39 830 kfree_rcu(psf, rcu);
1da177e4
LT		 831 }
832 }
1da177e4
LT		 833}
834
f185de28
TY		 835static void mld_clear_query(struct inet6_dev *idev)
836{
837 struct sk_buff *skb;
838
839 spin_lock_bh(&idev->mc_query_lock);
840 while ((skb = __skb_dequeue(&idev->mc_query_queue)))
841 kfree_skb(skb);
842 spin_unlock_bh(&idev->mc_query_lock);
843}
844
845static void mld_clear_report(struct inet6_dev *idev)
846{
847 struct sk_buff *skb;
848
849 spin_lock_bh(&idev->mc_report_lock);
850 while ((skb = __skb_dequeue(&idev->mc_report_queue)))
851 kfree_skb(skb);
852 spin_unlock_bh(&idev->mc_report_lock);
853}
854
1691c63e
WC		 855static void mca_get(struct ifmcaddr6 *mc)
856{
d3981bc6 857 refcount_inc(&mc->mca_refcnt);
1691c63e
WC		 858}
859
860static void ma_put(struct ifmcaddr6 *mc)
861{
d3981bc6 862 if (refcount_dec_and_test(&mc->mca_refcnt)) {
1691c63e 863 in6_dev_put(mc->idev);
88e2ca30 864 kfree_rcu(mc, rcu);
1691c63e
WC		 865 }
866}
867
63ed8de4 868/* called with mc_lock */
1691c63e 869static struct ifmcaddr6 *mca_alloc(struct inet6_dev *idev,
c7ea20c9
HL		 870 const struct in6_addr *addr,
871 unsigned int mode)
1691c63e
WC		 872{
873 struct ifmcaddr6 *mc;
874
f185de28 875 mc = kzalloc(sizeof(*mc), GFP_KERNEL);
63159f29 876 if (!mc)
1691c63e
WC		 877 return NULL;
878
2d9a93b4 879 INIT_DELAYED_WORK(&mc->mca_work, mld_mca_work);
1691c63e
WC		 880
881 mc->mca_addr = *addr;
882 mc->idev = idev; /* reference taken by caller */
883 mc->mca_users = 1;
884 /* mca_stamp should be updated upon changes */
885 mc->mca_cstamp = mc->mca_tstamp = jiffies;
d3981bc6 886 refcount_set(&mc->mca_refcnt, 1);
1691c63e 887
c7ea20c9
HL		 888 mc->mca_sfmode = mode;
889 mc->mca_sfcount[mode] = 1;
1691c63e
WC		 890
891 if (ipv6_addr_is_ll_all_nodes(&mc->mca_addr) ||
892 IPV6_ADDR_MC_SCOPE(&mc->mca_addr) < IPV6_ADDR_SCOPE_LINKLOCAL)
893 mc->mca_flags |= MAF_NOREPORT;
894
895 return mc;
896}
1da177e4
LT		 897
898/*
899 * device multicast group inc (add if not found)
900 */
c7ea20c9
HL		 901static int __ipv6_dev_mc_inc(struct net_device *dev,
902 const struct in6_addr *addr, unsigned int mode)
1da177e4
LT		 903{
904 struct ifmcaddr6 *mc;
905 struct inet6_dev *idev;
906
a9ed4a29
SD		 907 ASSERT_RTNL();
908
96b52e61 909 /* we need to take a reference on idev */
1da177e4
LT		 910 idev = in6_dev_get(dev);
911
63159f29 912 if (!idev)
1da177e4
LT		 913 return -EINVAL;
914
1da177e4 915 if (idev->dead) {
1da177e4
LT		 916 in6_dev_put(idev);
917 return -ENODEV;
918 }
919
63ed8de4
TY		 920 mutex_lock(&idev->mc_lock);
921 for_each_mc_mclock(idev, mc) {
1da177e4
LT		 922 if (ipv6_addr_equal(&mc->mca_addr, addr)) {
923 mc->mca_users++;
c7ea20c9 924 ip6_mc_add_src(idev, &mc->mca_addr, mode, 0, NULL, 0);
63ed8de4 925 mutex_unlock(&idev->mc_lock);
1da177e4
LT		 926 in6_dev_put(idev);
927 return 0;
928 }
929 }
930
c7ea20c9 931 mc = mca_alloc(idev, addr, mode);
1691c63e 932 if (!mc) {
63ed8de4 933 mutex_unlock(&idev->mc_lock);
1da177e4
LT		 934 in6_dev_put(idev);
935 return -ENOMEM;
936 }
937
88e2ca30
TY		 938 rcu_assign_pointer(mc->next, idev->mc_list);
939 rcu_assign_pointer(idev->mc_list, mc);
1691c63e 940
1691c63e 941 mca_get(mc);
1da177e4 942
1666d49e 943 mld_del_delrec(idev, mc);
0ae0d60a 944 igmp6_group_added(mc);
63ed8de4 945 mutex_unlock(&idev->mc_lock);
1da177e4
LT		 946 ma_put(mc);
947 return 0;
948}
949
c7ea20c9
HL		 950int ipv6_dev_mc_inc(struct net_device *dev, const struct in6_addr *addr)
951{
952 return __ipv6_dev_mc_inc(dev, addr, MCAST_EXCLUDE);
953}
4effd28c 954EXPORT_SYMBOL(ipv6_dev_mc_inc);
c7ea20c9 955
1da177e4 956/*
63ed8de4 957 * device multicast group del
1da177e4 958 */
9acd9f3a 959int __ipv6_dev_mc_dec(struct inet6_dev *idev, const struct in6_addr *addr)
1da177e4 960{
88e2ca30 961 struct ifmcaddr6 *ma, __rcu **map;
1da177e4 962
a9ed4a29
SD		 963 ASSERT_RTNL();
964
63ed8de4 965 mutex_lock(&idev->mc_lock);
88e2ca30 966 for (map = &idev->mc_list;
63ed8de4 967 (ma = mc_dereference(*map, idev));
88e2ca30 968 map = &ma->next) {
1da177e4
LT		 969 if (ipv6_addr_equal(&ma->mca_addr, addr)) {
970 if (--ma->mca_users == 0) {
971 *map = ma->next;
1da177e4
LT		 972
973 igmp6_group_dropped(ma);
1666d49e 974 ip6_mc_clear_src(ma);
63ed8de4 975 mutex_unlock(&idev->mc_lock);
1da177e4
LT		 976
977 ma_put(ma);
978 return 0;
979 }
63ed8de4 980 mutex_unlock(&idev->mc_lock);
1da177e4
LT		 981 return 0;
982 }
983 }
1da177e4 984
63ed8de4 985 mutex_unlock(&idev->mc_lock);
1da177e4
LT		 986 return -ENOENT;
987}
988
9acd9f3a 989int ipv6_dev_mc_dec(struct net_device *dev, const struct in6_addr *addr)
1da177e4 990{
96b52e61 991 struct inet6_dev *idev;
1da177e4
LT		 992 int err;
993
414b6c94 994 ASSERT_RTNL();
1da177e4 995
96b52e61
ED		 996 idev = __in6_dev_get(dev);
997 if (!idev)
998 err = -ENODEV;
999 else
1000 err = __ipv6_dev_mc_dec(idev, addr);
1da177e4
LT		 1001
1002 return err;
1003}
4effd28c 1004EXPORT_SYMBOL(ipv6_dev_mc_dec);
1da177e4 1005
1da177e4
LT		 1006/*
1007 * check if the interface/address pair is valid
1008 */
a50feda5
ED		 1009bool ipv6_chk_mcast_addr(struct net_device *dev, const struct in6_addr *group,
1010 const struct in6_addr *src_addr)
1da177e4
LT		 1011{
1012 struct inet6_dev *idev;
1013 struct ifmcaddr6 *mc;
a50feda5 1014 bool rv = false;
1da177e4 1015
96b52e61
ED		 1016 rcu_read_lock();
1017 idev = __in6_dev_get(dev);
1da177e4 1018 if (idev) {
88e2ca30 1019 for_each_mc_rcu(idev, mc) {
1da177e4
LT		 1020 if (ipv6_addr_equal(&mc->mca_addr, group))
1021 break;
1022 }
1023 if (mc) {
1024 if (src_addr && !ipv6_addr_any(src_addr)) {
1025 struct ip6_sf_list *psf;
1026
4b200e39 1027 for_each_psf_rcu(mc, psf) {
1da177e4
LT		 1028 if (ipv6_addr_equal(&psf->sf_addr, src_addr))
1029 break;
1030 }
1031 if (psf)
1032 rv = psf->sf_count[MCAST_INCLUDE] ||
1033 psf->sf_count[MCAST_EXCLUDE] !=
1034 mc->mca_sfcount[MCAST_EXCLUDE];
1035 else
67ba4152 1036 rv = mc->mca_sfcount[MCAST_EXCLUDE] != 0;
1da177e4 1037 } else
a50feda5 1038 rv = true; /* don't filter unspecified source */
1da177e4 1039 }
1da177e4 1040 }
96b52e61 1041 rcu_read_unlock();
1da177e4
LT		 1042 return rv;
1043}
1044
63ed8de4 1045/* called with mc_lock */
2d9a93b4 1046static void mld_gq_start_work(struct inet6_dev *idev)
1da177e4 1047{
63862b5b 1048 unsigned long tv = prandom_u32() % idev->mc_maxdelay;
1da177e4
LT		 1049
1050 idev->mc_gq_running = 1;
2d9a93b4 1051 if (!mod_delayed_work(mld_wq, &idev->mc_gq_work, tv + 2))
1da177e4
LT		 1052 in6_dev_hold(idev);
1053}
1054
63ed8de4 1055/* called with mc_lock */
2d9a93b4 1056static void mld_gq_stop_work(struct inet6_dev *idev)
b4af8def
DB		 1057{
1058 idev->mc_gq_running = 0;
2d9a93b4 1059 if (cancel_delayed_work(&idev->mc_gq_work))
b4af8def
DB		 1060 __in6_dev_put(idev);
1061}
1062
63ed8de4 1063/* called with mc_lock */
2d9a93b4 1064static void mld_ifc_start_work(struct inet6_dev *idev, unsigned long delay)
1da177e4 1065{
63862b5b 1066 unsigned long tv = prandom_u32() % delay;
1da177e4 1067
2d9a93b4 1068 if (!mod_delayed_work(mld_wq, &idev->mc_ifc_work, tv + 2))
1da177e4
LT		 1069 in6_dev_hold(idev);
1070}
1071
63ed8de4 1072/* called with mc_lock */
2d9a93b4 1073static void mld_ifc_stop_work(struct inet6_dev *idev)
b4af8def
DB		 1074{
1075 idev->mc_ifc_count = 0;
2d9a93b4 1076 if (cancel_delayed_work(&idev->mc_ifc_work))
b4af8def
DB		 1077 __in6_dev_put(idev);
1078}
1079
63ed8de4 1080/* called with mc_lock */
2d9a93b4 1081static void mld_dad_start_work(struct inet6_dev *idev, unsigned long delay)
b173ee48 1082{
63862b5b 1083 unsigned long tv = prandom_u32() % delay;
b173ee48 1084
2d9a93b4 1085 if (!mod_delayed_work(mld_wq, &idev->mc_dad_work, tv + 2))
b173ee48
HFS		 1086 in6_dev_hold(idev);
1087}
1088
2d9a93b4 1089static void mld_dad_stop_work(struct inet6_dev *idev)
b4af8def 1090{
2d9a93b4 1091 if (cancel_delayed_work(&idev->mc_dad_work))
b4af8def
DB		 1092 __in6_dev_put(idev);
1093}
1094
f185de28
TY		 1095static void mld_query_stop_work(struct inet6_dev *idev)
1096{
1097 spin_lock_bh(&idev->mc_query_lock);
1098 if (cancel_delayed_work(&idev->mc_query_work))
1099 __in6_dev_put(idev);
1100 spin_unlock_bh(&idev->mc_query_lock);
1101}
1102
1103static void mld_report_stop_work(struct inet6_dev *idev)
1104{
1105 if (cancel_delayed_work_sync(&idev->mc_report_work))
1106 __in6_dev_put(idev);
1107}
1108
1da177e4 1109/*
88e2ca30 1110 * IGMP handling (alias multicast ICMPv6 messages)
63ed8de4 1111 * called with mc_lock
1da177e4 1112 */
1da177e4
LT		 1113static void igmp6_group_queried(struct ifmcaddr6 *ma, unsigned long resptime)
1114{
1115 unsigned long delay = resptime;
1116
2d9a93b4 1117 /* Do not start work for these addresses */
1da177e4
LT		 1118 if (ipv6_addr_is_ll_all_nodes(&ma->mca_addr) ||
1119 IPV6_ADDR_MC_SCOPE(&ma->mca_addr) < IPV6_ADDR_SCOPE_LINKLOCAL)
1120 return;
1121
2d9a93b4 1122 if (cancel_delayed_work(&ma->mca_work)) {
d3981bc6 1123 refcount_dec(&ma->mca_refcnt);
2d9a93b4 1124 delay = ma->mca_work.timer.expires - jiffies;
1da177e4
LT		 1125 }
1126
cc7f7ab7 1127 if (delay >= resptime)
63862b5b 1128 delay = prandom_u32() % resptime;
cc7f7ab7 1129
2d9a93b4 1130 if (!mod_delayed_work(mld_wq, &ma->mca_work, delay))
d3981bc6 1131 refcount_inc(&ma->mca_refcnt);
1da177e4
LT		 1132 ma->mca_flags |= MAF_TIMER_RUNNING;
1133}
1134
63ed8de4
TY		 1135/* mark EXCLUDE-mode sources
1136 * called with mc_lock
1137 */
a50feda5
ED		 1138static bool mld_xmarksources(struct ifmcaddr6 *pmc, int nsrcs,
1139 const struct in6_addr *srcs)
1da177e4
LT		 1140{
1141 struct ip6_sf_list *psf;
1142 int i, scount;
1143
1144 scount = 0;
63ed8de4 1145 for_each_psf_mclock(pmc, psf) {
1da177e4
LT		 1146 if (scount == nsrcs)
1147 break;
67ba4152 1148 for (i = 0; i < nsrcs; i++) {
5ab4a6c8 1149 /* skip inactive filters */
e05c4ad3 1150 if (psf->sf_count[MCAST_INCLUDE] ||
5ab4a6c8
DS		 1151 pmc->mca_sfcount[MCAST_EXCLUDE] !=
1152 psf->sf_count[MCAST_EXCLUDE])
ce713ee5 1153 break;
5ab4a6c8
DS		 1154 if (ipv6_addr_equal(&srcs[i], &psf->sf_addr)) {
1155 scount++;
1156 break;
1157 }
1158 }
1159 }
1160 pmc->mca_flags &= ~MAF_GSQUERY;
1161 if (scount == nsrcs) /* all sources excluded */
a50feda5
ED		 1162 return false;
1163 return true;
5ab4a6c8
DS		 1164}
1165
63ed8de4 1166/* called with mc_lock */
a50feda5
ED		 1167static bool mld_marksources(struct ifmcaddr6 *pmc, int nsrcs,
1168 const struct in6_addr *srcs)
5ab4a6c8
DS		 1169{
1170 struct ip6_sf_list *psf;
1171 int i, scount;
1172
1173 if (pmc->mca_sfmode == MCAST_EXCLUDE)
1174 return mld_xmarksources(pmc, nsrcs, srcs);
1175
1176 /* mark INCLUDE-mode sources */
1177
1178 scount = 0;
63ed8de4 1179 for_each_psf_mclock(pmc, psf) {
5ab4a6c8
DS		 1180 if (scount == nsrcs)
1181 break;
67ba4152 1182 for (i = 0; i < nsrcs; i++) {
1da177e4
LT		 1183 if (ipv6_addr_equal(&srcs[i], &psf->sf_addr)) {
1184 psf->sf_gsresp = 1;
1185 scount++;
1186 break;
1187 }
5ab4a6c8
DS		 1188 }
1189 }
1190 if (!scount) {
1191 pmc->mca_flags &= ~MAF_GSQUERY;
a50feda5 1192 return false;
1da177e4 1193 }
5ab4a6c8 1194 pmc->mca_flags |= MAF_GSQUERY;
a50feda5 1195 return true;
1da177e4
LT		 1196}
1197
58c0ecfd
DB		 1198static int mld_force_mld_version(const struct inet6_dev *idev)
1199{
1200 /* Normally, both are 0 here. If enforcement to a particular is
1201 * being used, individual device enforcement will have a lower
1202 * precedence over 'all' device (.../conf/all/force_mld_version).
1203 */
1204
1205 if (dev_net(idev->dev)->ipv6.devconf_all->force_mld_version != 0)
1206 return dev_net(idev->dev)->ipv6.devconf_all->force_mld_version;
1207 else
1208 return idev->cnf.force_mld_version;
1209}
1210
1211static bool mld_in_v2_mode_only(const struct inet6_dev *idev)
1212{
1213 return mld_force_mld_version(idev) == 2;
1214}
1215
1216static bool mld_in_v1_mode_only(const struct inet6_dev *idev)
1217{
1218 return mld_force_mld_version(idev) == 1;
1219}
1220
6c567b78
DB		 1221static bool mld_in_v1_mode(const struct inet6_dev *idev)
1222{
58c0ecfd
DB		 1223 if (mld_in_v2_mode_only(idev))
1224 return false;
1225 if (mld_in_v1_mode_only(idev))
6c567b78
DB		 1226 return true;
1227 if (idev->mc_v1_seen && time_before(jiffies, idev->mc_v1_seen))
1228 return true;
1229
1230 return false;
1231}
1232
89225d1c
DB		 1233static void mld_set_v1_mode(struct inet6_dev *idev)
1234{
1235 /* RFC3810, relevant sections:
1236 * - 9.1. Robustness Variable
1237 * - 9.2. Query Interval
1238 * - 9.3. Query Response Interval
1239 * - 9.12. Older Version Querier Present Timeout
1240 */
1241 unsigned long switchback;
1242
1243 switchback = (idev->mc_qrv * idev->mc_qi) + idev->mc_qri;
1244
1245 idev->mc_v1_seen = jiffies + switchback;
1246}
1247
1248static void mld_update_qrv(struct inet6_dev *idev,
1249 const struct mld2_query *mlh2)
1250{
1251 /* RFC3810, relevant sections:
1252 * - 5.1.8. QRV (Querier's Robustness Variable)
1253 * - 9.1. Robustness Variable
1254 */
1255
1256 /* The value of the Robustness Variable MUST NOT be zero,
1257 * and SHOULD NOT be one. Catch this here if we ever run
1258 * into such a case in future.
1259 */
2f711939 1260 const int min_qrv = min(MLD_QRV_DEFAULT, sysctl_mld_qrv);
89225d1c
DB		 1261 WARN_ON(idev->mc_qrv == 0);
1262
1263 if (mlh2->mld2q_qrv > 0)
1264 idev->mc_qrv = mlh2->mld2q_qrv;
1265
2f711939 1266 if (unlikely(idev->mc_qrv < min_qrv)) {
89225d1c 1267 net_warn_ratelimited("IPv6: MLD: clamping QRV from %u to %u!\n",
2f711939
HFS		 1268 idev->mc_qrv, min_qrv);
1269 idev->mc_qrv = min_qrv;
89225d1c
DB		 1270 }
1271}
1272
1273static void mld_update_qi(struct inet6_dev *idev,
1274 const struct mld2_query *mlh2)
1275{
1276 /* RFC3810, relevant sections:
1277 * - 5.1.9. QQIC (Querier's Query Interval Code)
1278 * - 9.2. Query Interval
1279 * - 9.12. Older Version Querier Present Timeout
1280 * (the [Query Interval] in the last Query received)
1281 */
1282 unsigned long mc_qqi;
1283
1284 if (mlh2->mld2q_qqic < 128) {
1285 mc_qqi = mlh2->mld2q_qqic;
1286 } else {
1287 unsigned long mc_man, mc_exp;
1288
1289 mc_exp = MLDV2_QQIC_EXP(mlh2->mld2q_qqic);
1290 mc_man = MLDV2_QQIC_MAN(mlh2->mld2q_qqic);
1291
1292 mc_qqi = (mc_man | 0x10) << (mc_exp + 3);
1293 }
1294
1295 idev->mc_qi = mc_qqi * HZ;
1296}
1297
1298static void mld_update_qri(struct inet6_dev *idev,
1299 const struct mld2_query *mlh2)
1300{
1301 /* RFC3810, relevant sections:
1302 * - 5.1.3. Maximum Response Code
1303 * - 9.3. Query Response Interval
1304 */
e3f5b170 1305 idev->mc_qri = msecs_to_jiffies(mldv2_mrc(mlh2));
89225d1c
DB		 1306}
1307
2b7c121f 1308static int mld_process_v1(struct inet6_dev *idev, struct mld_msg *mld,
35f7aa53 1309 unsigned long *max_delay, bool v1_query)
2b7c121f
DB		 1310{
1311 unsigned long mldv1_md;
1312
1313 /* Ignore v1 queries */
1314 if (mld_in_v2_mode_only(idev))
1315 return -EINVAL;
1316
2b7c121f 1317 mldv1_md = ntohs(mld->mld_maxdelay);
35f7aa53
DB		 1318
1319 /* When in MLDv1 fallback and a MLDv2 router start-up being
1320 * unaware of current MLDv1 operation, the MRC == MRD mapping
1321 * only works when the exponential algorithm is not being
1322 * used (as MLDv1 is unaware of such things).
1323 *
1324 * According to the RFC author, the MLDv2 implementations
1325 * he's aware of all use a MRC < 32768 on start up queries.
1326 *
1327 * Thus, should we *ever* encounter something else larger
1328 * than that, just assume the maximum possible within our
1329 * reach.
1330 */
1331 if (!v1_query)
1332 mldv1_md = min(mldv1_md, MLDV1_MRD_MAX_COMPAT);
1333
2b7c121f
DB		 1334 *max_delay = max(msecs_to_jiffies(mldv1_md), 1UL);
1335
35f7aa53
DB		 1336 /* MLDv1 router present: we need to go into v1 mode *only*
1337 * when an MLDv1 query is received as per section 9.12. of
1338 * RFC3810! And we know from RFC2710 section 3.7 that MLDv1
1339 * queries MUST be of exactly 24 octets.
1340 */
1341 if (v1_query)
1342 mld_set_v1_mode(idev);
2b7c121f 1343
2d9a93b4
TY		 1344 /* cancel MLDv2 report work */
1345 mld_gq_stop_work(idev);
1346 /* cancel the interface change work */
1347 mld_ifc_stop_work(idev);
2b7c121f
DB		 1348 /* clear deleted report items */
1349 mld_clear_delrec(idev);
1350
1351 return 0;
1352}
1353
1354static int mld_process_v2(struct inet6_dev *idev, struct mld2_query *mld,
1355 unsigned long *max_delay)
1356{
2b7c121f
DB		 1357 *max_delay = max(msecs_to_jiffies(mldv2_mrc(mld)), 1UL);
1358
1359 mld_update_qrv(idev, mld);
1360 mld_update_qi(idev, mld);
1361 mld_update_qri(idev, mld);
1362
1363 idev->mc_maxdelay = *max_delay;
1364
1365 return 0;
1366}
1367
96b52e61 1368/* called with rcu_read_lock() */
1da177e4 1369int igmp6_event_query(struct sk_buff *skb)
f185de28
TY		 1370{
1371 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1372
1373 if (!idev)
1374 return -EINVAL;
1375
1376 if (idev->dead) {
1377 kfree_skb(skb);
1378 return -ENODEV;
1379 }
1380
1381 spin_lock_bh(&idev->mc_query_lock);
1382 if (skb_queue_len(&idev->mc_query_queue) < MLD_MAX_SKBS) {
1383 __skb_queue_tail(&idev->mc_query_queue, skb);
1384 if (!mod_delayed_work(mld_wq, &idev->mc_query_work, 0))
1385 in6_dev_hold(idev);
1386 }
1387 spin_unlock_bh(&idev->mc_query_lock);
1388
1389 return 0;
1390}
1391
1392static void __mld_query_work(struct sk_buff *skb)
1da177e4 1393{
97300b5f 1394 struct mld2_query *mlh2 = NULL;
b71d1d42 1395 const struct in6_addr *group;
1da177e4
LT		 1396 unsigned long max_delay;
1397 struct inet6_dev *idev;
f185de28 1398 struct ifmcaddr6 *ma;
6e7cb837 1399 struct mld_msg *mld;
1da177e4
LT		 1400 int group_type;
1401 int mark = 0;
2b7c121f 1402 int len, err;
1da177e4
LT		 1403
1404 if (!pskb_may_pull(skb, sizeof(struct in6_addr)))
63ed8de4 1405 goto kfree_skb;
1da177e4
LT		 1406
1407 /* compute payload length excluding extension headers */
0660e03f 1408 len = ntohs(ipv6_hdr(skb)->payload_len) + sizeof(struct ipv6hdr);
cfe1fc77 1409 len -= skb_network_header_len(skb);
1da177e4 1410
e940f5d6
HL		 1411 /* RFC3810 6.2
1412 * Upon reception of an MLD message that contains a Query, the node
1413 * checks if the source address of the message is a valid link-local
1414 * address, if the Hop Limit is set to 1, and if the Router Alert
1415 * option is present in the Hop-By-Hop Options header of the IPv6
1416 * packet. If any of these checks fails, the packet is dropped.
1417 */
1418 if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL) ||
1419 ipv6_hdr(skb)->hop_limit != 1 ||
1420 !(IP6CB(skb)->flags & IP6SKB_ROUTERALERT) ||
1421 IP6CB(skb)->ra != htons(IPV6_OPT_ROUTERALERT_MLD))
63ed8de4 1422 goto kfree_skb;
1da177e4 1423
63ed8de4 1424 idev = in6_dev_get(skb->dev);
63159f29 1425 if (!idev)
63ed8de4 1426 goto kfree_skb;
1da177e4 1427
6e7cb837
YH		 1428 mld = (struct mld_msg *)icmp6_hdr(skb);
1429 group = &mld->mld_mca;
1da177e4
LT		 1430 group_type = ipv6_addr_type(group);
1431
1432 if (group_type != IPV6_ADDR_ANY &&
96b52e61 1433 !(group_type&IPV6_ADDR_MULTICAST))
f185de28 1434 goto out;
1da177e4 1435
35f7aa53 1436 if (len < MLD_V1_QUERY_LEN) {
f185de28 1437 goto out;
35f7aa53
DB		 1438 } else if (len == MLD_V1_QUERY_LEN || mld_in_v1_mode(idev)) {
1439 err = mld_process_v1(idev, mld, &max_delay,
1440 len == MLD_V1_QUERY_LEN);
2b7c121f 1441 if (err < 0)
f185de28 1442 goto out;
9fd07841 1443 } else if (len >= MLD_V2_QUERY_LEN_MIN) {
1ab1457c 1444 int srcs_offset = sizeof(struct mld2_query) -
97300b5f 1445 sizeof(struct icmp6hdr);
89225d1c 1446
96b52e61 1447 if (!pskb_may_pull(skb, srcs_offset))
f185de28 1448 goto out;
96b52e61 1449
9c70220b 1450 mlh2 = (struct mld2_query *)skb_transport_header(skb);
84698963 1451
2b7c121f
DB		 1452 err = mld_process_v2(idev, mlh2, &max_delay);
1453 if (err < 0)
f185de28 1454 goto out;
89225d1c 1455
1da177e4 1456 if (group_type == IPV6_ADDR_ANY) { /* general query */
96b52e61 1457 if (mlh2->mld2q_nsrcs)
f185de28 1458 goto out; /* no sources allowed */
96b52e61 1459
2d9a93b4 1460 mld_gq_start_work(idev);
f185de28 1461 goto out;
1da177e4
LT		 1462 }
1463 /* mark sources to include, if group & source-specific */
6e7cb837 1464 if (mlh2->mld2q_nsrcs != 0) {
1ab1457c 1465 if (!pskb_may_pull(skb, srcs_offset +
96b52e61 1466 ntohs(mlh2->mld2q_nsrcs) * sizeof(struct in6_addr)))
f185de28 1467 goto out;
96b52e61 1468
9c70220b 1469 mlh2 = (struct mld2_query *)skb_transport_header(skb);
97300b5f
YZ		 1470 mark = 1;
1471 }
35f7aa53 1472 } else {
f185de28 1473 goto out;
35f7aa53 1474 }
1da177e4 1475
1da177e4 1476 if (group_type == IPV6_ADDR_ANY) {
63ed8de4 1477 for_each_mc_mclock(idev, ma) {
1da177e4 1478 igmp6_group_queried(ma, max_delay);
1da177e4
LT		 1479 }
1480 } else {
63ed8de4 1481 for_each_mc_mclock(idev, ma) {
7add2a43 1482 if (!ipv6_addr_equal(group, &ma->mca_addr))
1da177e4 1483 continue;
1da177e4
LT		 1484 if (ma->mca_flags & MAF_TIMER_RUNNING) {
1485 /* gsquery <- gsquery && mark */
1486 if (!mark)
1487 ma->mca_flags &= ~MAF_GSQUERY;
1488 } else {
1489 /* gsquery <- mark */
1490 if (mark)
1491 ma->mca_flags |= MAF_GSQUERY;
1492 else
1493 ma->mca_flags &= ~MAF_GSQUERY;
1494 }
5ab4a6c8 1495 if (!(ma->mca_flags & MAF_GSQUERY) ||
6e7cb837 1496 mld_marksources(ma, ntohs(mlh2->mld2q_nsrcs), mlh2->mld2q_srcs))
5ab4a6c8 1497 igmp6_group_queried(ma, max_delay);
7add2a43 1498 break;
1da177e4
LT		 1499 }
1500 }
1da177e4 1501
f185de28 1502out:
63ed8de4
TY		 1503 in6_dev_put(idev);
1504kfree_skb:
f185de28
TY		 1505 consume_skb(skb);
1506}
1507
1508static void mld_query_work(struct work_struct *work)
1509{
1510 struct inet6_dev *idev = container_of(to_delayed_work(work),
1511 struct inet6_dev,
1512 mc_query_work);
1513 struct sk_buff_head q;
1514 struct sk_buff *skb;
1515 bool rework = false;
1516 int cnt = 0;
1517
1518 skb_queue_head_init(&q);
1519
1520 spin_lock_bh(&idev->mc_query_lock);
1521 while ((skb = __skb_dequeue(&idev->mc_query_queue))) {
1522 __skb_queue_tail(&q, skb);
1523
1524 if (++cnt >= MLD_MAX_QUEUE) {
1525 rework = true;
1526 schedule_delayed_work(&idev->mc_query_work, 0);
1527 break;
1528 }
1529 }
1530 spin_unlock_bh(&idev->mc_query_lock);
1531
63ed8de4 1532 mutex_lock(&idev->mc_lock);
f185de28
TY		 1533 while ((skb = __skb_dequeue(&q)))
1534 __mld_query_work(skb);
63ed8de4 1535 mutex_unlock(&idev->mc_lock);
f185de28
TY		 1536
1537 if (!rework)
1538 in6_dev_put(idev);
1da177e4
LT		 1539}
1540
96b52e61 1541/* called with rcu_read_lock() */
1da177e4 1542int igmp6_event_report(struct sk_buff *skb)
f185de28
TY		 1543{
1544 struct inet6_dev *idev = __in6_dev_get(skb->dev);
1545
1546 if (!idev)
1547 return -EINVAL;
1548
1549 if (idev->dead) {
1550 kfree_skb(skb);
1551 return -ENODEV;
1552 }
1553
1554 spin_lock_bh(&idev->mc_report_lock);
1555 if (skb_queue_len(&idev->mc_report_queue) < MLD_MAX_SKBS) {
1556 __skb_queue_tail(&idev->mc_report_queue, skb);
1557 if (!mod_delayed_work(mld_wq, &idev->mc_report_work, 0))
1558 in6_dev_hold(idev);
1559 }
1560 spin_unlock_bh(&idev->mc_report_lock);
1561
1562 return 0;
1563}
1564
1565static void __mld_report_work(struct sk_buff *skb)
1da177e4 1566{
1da177e4 1567 struct inet6_dev *idev;
63ed8de4 1568 struct ifmcaddr6 *ma;
6e7cb837 1569 struct mld_msg *mld;
1da177e4
LT		 1570 int addr_type;
1571
1572 /* Our own report looped back. Ignore it. */
1573 if (skb->pkt_type == PACKET_LOOPBACK)
63ed8de4 1574 goto kfree_skb;
1da177e4 1575
24c69275
DS		 1576 /* send our report if the MC router may not have heard this report */
1577 if (skb->pkt_type != PACKET_MULTICAST &&
1578 skb->pkt_type != PACKET_BROADCAST)
63ed8de4 1579 goto kfree_skb;
24c69275 1580
6e7cb837 1581 if (!pskb_may_pull(skb, sizeof(*mld) - sizeof(struct icmp6hdr)))
63ed8de4 1582 goto kfree_skb;
1da177e4 1583
6e7cb837 1584 mld = (struct mld_msg *)icmp6_hdr(skb);
1da177e4
LT		 1585
1586 /* Drop reports with not link local source */
0660e03f 1587 addr_type = ipv6_addr_type(&ipv6_hdr(skb)->saddr);
1ab1457c 1588 if (addr_type != IPV6_ADDR_ANY &&
1da177e4 1589 !(addr_type&IPV6_ADDR_LINKLOCAL))
63ed8de4 1590 goto kfree_skb;
1da177e4 1591
63ed8de4 1592 idev = in6_dev_get(skb->dev);
63159f29 1593 if (!idev)
63ed8de4 1594 goto kfree_skb;
1da177e4
LT		 1595
1596 /*
2d9a93b4 1597 * Cancel the work for this group
1da177e4
LT		 1598 */
1599
63ed8de4 1600 for_each_mc_mclock(idev, ma) {
6e7cb837 1601 if (ipv6_addr_equal(&ma->mca_addr, &mld->mld_mca)) {
2d9a93b4 1602 if (cancel_delayed_work(&ma->mca_work))
d3981bc6 1603 refcount_dec(&ma->mca_refcnt);
88e2ca30
TY		 1604 ma->mca_flags &= ~(MAF_LAST_REPORTER |
1605 MAF_TIMER_RUNNING);
1da177e4
LT		 1606 break;
1607 }
1608 }
f185de28 1609
63ed8de4
TY		 1610 in6_dev_put(idev);
1611kfree_skb:
f185de28
TY		 1612 consume_skb(skb);
1613}
1614
1615static void mld_report_work(struct work_struct *work)
1616{
1617 struct inet6_dev *idev = container_of(to_delayed_work(work),
1618 struct inet6_dev,
1619 mc_report_work);
1620 struct sk_buff_head q;
1621 struct sk_buff *skb;
1622 bool rework = false;
1623 int cnt = 0;
1624
1625 skb_queue_head_init(&q);
1626 spin_lock_bh(&idev->mc_report_lock);
1627 while ((skb = __skb_dequeue(&idev->mc_report_queue))) {
1628 __skb_queue_tail(&q, skb);
1629
1630 if (++cnt >= MLD_MAX_QUEUE) {
1631 rework = true;
1632 schedule_delayed_work(&idev->mc_report_work, 0);
1633 break;
1634 }
1635 }
1636 spin_unlock_bh(&idev->mc_report_lock);
1637
63ed8de4 1638 mutex_lock(&idev->mc_lock);
f185de28
TY		 1639 while ((skb = __skb_dequeue(&q)))
1640 __mld_report_work(skb);
63ed8de4 1641 mutex_unlock(&idev->mc_lock);
f185de28
TY		 1642
1643 if (!rework)
1644 in6_dev_put(idev);
1da177e4
LT		 1645}
1646
a50feda5
ED		 1647static bool is_in(struct ifmcaddr6 *pmc, struct ip6_sf_list *psf, int type,
1648 int gdeleted, int sdeleted)
1da177e4
LT		 1649{
1650 switch (type) {
1651 case MLD2_MODE_IS_INCLUDE:
1652 case MLD2_MODE_IS_EXCLUDE:
1653 if (gdeleted || sdeleted)
a50feda5 1654 return false;
5ab4a6c8
DS		 1655 if (!((pmc->mca_flags & MAF_GSQUERY) && !psf->sf_gsresp)) {
1656 if (pmc->mca_sfmode == MCAST_INCLUDE)
a50feda5 1657 return true;
5ab4a6c8
DS		 1658 /* don't include if this source is excluded
1659 * in all filters
1660 */
1661 if (psf->sf_count[MCAST_INCLUDE])
7add2a43 1662 return type == MLD2_MODE_IS_INCLUDE;
5ab4a6c8
DS		 1663 return pmc->mca_sfcount[MCAST_EXCLUDE] ==
1664 psf->sf_count[MCAST_EXCLUDE];
1665 }
a50feda5 1666 return false;
1da177e4
LT		 1667 case MLD2_CHANGE_TO_INCLUDE:
1668 if (gdeleted || sdeleted)
a50feda5 1669 return false;
1da177e4
LT		 1670 return psf->sf_count[MCAST_INCLUDE] != 0;
1671 case MLD2_CHANGE_TO_EXCLUDE:
1672 if (gdeleted || sdeleted)
a50feda5 1673 return false;
1da177e4
LT		 1674 if (pmc->mca_sfcount[MCAST_EXCLUDE] == 0 ||
1675 psf->sf_count[MCAST_INCLUDE])
a50feda5 1676 return false;
1da177e4
LT		 1677 return pmc->mca_sfcount[MCAST_EXCLUDE] ==
1678 psf->sf_count[MCAST_EXCLUDE];
1679 case MLD2_ALLOW_NEW_SOURCES:
1680 if (gdeleted || !psf->sf_crcount)
a50feda5 1681 return false;
1da177e4
LT		 1682 return (pmc->mca_sfmode == MCAST_INCLUDE) ^ sdeleted;
1683 case MLD2_BLOCK_OLD_SOURCES:
1684 if (pmc->mca_sfmode == MCAST_INCLUDE)
1685 return gdeleted || (psf->sf_crcount && sdeleted);
1686 return psf->sf_crcount && !gdeleted && !sdeleted;
1687 }
a50feda5 1688 return false;
1da177e4
LT		 1689}
1690
1691static int
1692mld_scount(struct ifmcaddr6 *pmc, int type, int gdeleted, int sdeleted)
1693{
1694 struct ip6_sf_list *psf;
1695 int scount = 0;
1696
63ed8de4 1697 for_each_psf_mclock(pmc, psf) {
1da177e4
LT		 1698 if (!is_in(pmc, psf, type, gdeleted, sdeleted))
1699 continue;
1700 scount++;
1701 }
1702 return scount;
1703}
1704
2576f17d
YH		 1705static void ip6_mc_hdr(struct sock *sk, struct sk_buff *skb,
1706 struct net_device *dev,
1707 const struct in6_addr *saddr,
1708 const struct in6_addr *daddr,
1709 int proto, int len)
1710{
1711 struct ipv6hdr *hdr;
1712
1713 skb->protocol = htons(ETH_P_IPV6);
1714 skb->dev = dev;
1715
1716 skb_reset_network_header(skb);
1717 skb_put(skb, sizeof(struct ipv6hdr));
1718 hdr = ipv6_hdr(skb);
1719
1720 ip6_flow_hdr(hdr, 0, 0);
1721
1722 hdr->payload_len = htons(len);
1723 hdr->nexthdr = proto;
1724 hdr->hop_limit = inet6_sk(sk)->hop_limit;
1725
1726 hdr->saddr = *saddr;
1727 hdr->daddr = *daddr;
1728}
1729
4c672e4b 1730static struct sk_buff *mld_newpack(struct inet6_dev *idev, unsigned int mtu)
1da177e4 1731{
ffa85b73
TY		 1732 u8 ra[8] = { IPPROTO_ICMPV6, 0, IPV6_TLV_ROUTERALERT,
1733 2, 0, 0, IPV6_TLV_PADN, 0 };
8965779d 1734 struct net_device *dev = idev->dev;
a7ae1992
HX		 1735 int hlen = LL_RESERVED_SPACE(dev);
1736 int tlen = dev->needed_tailroom;
ffa85b73
TY		 1737 struct net *net = dev_net(dev);
1738 const struct in6_addr *saddr;
1739 struct in6_addr addr_buf;
1740 struct mld2_report *pmr;
1741 struct sk_buff *skb;
1742 unsigned int size;
1743 struct sock *sk;
1da177e4 1744 int err;
1da177e4 1745
ffa85b73
TY		 1746 sk = net->ipv6.igmp_sk;
1747 /* we assume size > sizeof(ra) here
1748 * Also try to not allocate high-order pages for big MTU
1749 */
1750 size = min_t(int, mtu, PAGE_SIZE / 2) + hlen + tlen;
72e09ad1 1751 skb = sock_alloc_send_skb(sk, size, 1, &err);
cfcabdcc 1752 if (!skb)
1da177e4
LT		 1753 return NULL;
1754
9d4a0314 1755 skb->priority = TC_PRIO_CONTROL;
a7ae1992 1756 skb_reserve(skb, hlen);
1837b2e2 1757 skb_tailroom_reserve(skb, mtu, tlen);
1da177e4 1758
8965779d 1759 if (__ipv6_get_lladdr(idev, &addr_buf, IFA_F_TENTATIVE)) {
1da177e4 1760 /* <draft-ietf-magma-mld-source-05.txt>:
1ab1457c 1761 * use unspecified address as the source address
1da177e4
LT		 1762 * when a valid link-local address is not available.
1763 */
d7aabf22
YH		 1764 saddr = &in6addr_any;
1765 } else
1766 saddr = &addr_buf;
1da177e4 1767
2576f17d 1768 ip6_mc_hdr(sk, skb, dev, saddr, &mld2_all_mcr, NEXTHDR_HOP, 0);
1da177e4 1769
59ae1d12 1770 skb_put_data(skb, ra, sizeof(ra));
1da177e4 1771
27a884dc 1772 skb_set_transport_header(skb, skb_tail_pointer(skb) - skb->data);
d10ba34b
ACM		 1773 skb_put(skb, sizeof(*pmr));
1774 pmr = (struct mld2_report *)skb_transport_header(skb);
6e7cb837
YH		 1775 pmr->mld2r_type = ICMPV6_MLD2_REPORT;
1776 pmr->mld2r_resv1 = 0;
1777 pmr->mld2r_cksum = 0;
1778 pmr->mld2r_resv2 = 0;
1779 pmr->mld2r_ngrec = 0;
1da177e4
LT		 1780 return skb;
1781}
1782
1783static void mld_sendpack(struct sk_buff *skb)
1784{
0660e03f 1785 struct ipv6hdr *pip6 = ipv6_hdr(skb);
9c70220b
ACM		 1786 struct mld2_report *pmr =
1787 (struct mld2_report *)skb_transport_header(skb);
1da177e4 1788 int payload_len, mldlen;
96b52e61 1789 struct inet6_dev *idev;
c346dca1 1790 struct net *net = dev_net(skb->dev);
1da177e4 1791 int err;
4c9483b2 1792 struct flowi6 fl6;
adf30907 1793 struct dst_entry *dst;
1da177e4 1794
96b52e61
ED		 1795 rcu_read_lock();
1796 idev = __in6_dev_get(skb->dev);
edf391ff
NH		 1797 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
1798
29a3cad5
SH		 1799 payload_len = (skb_tail_pointer(skb) - skb_network_header(skb)) -
1800 sizeof(*pip6);
1801 mldlen = skb_tail_pointer(skb) - skb_transport_header(skb);
1da177e4
LT		 1802 pip6->payload_len = htons(payload_len);
1803
6e7cb837
YH		 1804 pmr->mld2r_cksum = csum_ipv6_magic(&pip6->saddr, &pip6->daddr, mldlen,
1805 IPPROTO_ICMPV6,
1806 csum_partial(skb_transport_header(skb),
1807 mldlen, 0));
41927178 1808
4c9483b2 1809 icmpv6_flow_init(net->ipv6.igmp_sk, &fl6, ICMPV6_MLD2_REPORT,
41927178
YH		 1810 &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr,
1811 skb->dev->ifindex);
12fd84f4 1812 dst = icmp6_dst_alloc(skb->dev, &fl6);
41927178 1813
452edd59
DM		 1814 err = 0;
1815 if (IS_ERR(dst)) {
1816 err = PTR_ERR(dst);
1817 dst = NULL;
1818 }
adf30907 1819 skb_dst_set(skb, dst);
41927178
YH		 1820 if (err)
1821 goto err_out;
1822
7026b1dd 1823 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
29a26a56 1824 net, net->ipv6.igmp_sk, skb, NULL, skb->dev,
13206b6b 1825 dst_output);
41927178 1826out:
1da177e4 1827 if (!err) {
43a43b60
HFS		 1828 ICMP6MSGOUT_INC_STATS(net, idev, ICMPV6_MLD2_REPORT);
1829 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
43a43b60
HFS		 1830 } else {
1831 IP6_INC_STATS(net, idev, IPSTATS_MIB_OUTDISCARDS);
1832 }
1da177e4 1833
96b52e61 1834 rcu_read_unlock();
41927178
YH		 1835 return;
1836
1837err_out:
1838 kfree_skb(skb);
1839 goto out;
1da177e4
LT		 1840}
1841
1842static int grec_size(struct ifmcaddr6 *pmc, int type, int gdel, int sdel)
1843{
fab10fe3 1844 return sizeof(struct mld2_grec) + 16 * mld_scount(pmc,type,gdel,sdel);
1da177e4
LT		 1845}
1846
1847static struct sk_buff *add_grhead(struct sk_buff *skb, struct ifmcaddr6 *pmc,
b9b312a7 1848 int type, struct mld2_grec **ppgr, unsigned int mtu)
1da177e4 1849{
1da177e4
LT		 1850 struct mld2_report *pmr;
1851 struct mld2_grec *pgr;
1852
b9b312a7
ED		 1853 if (!skb) {
1854 skb = mld_newpack(pmc->idev, mtu);
1855 if (!skb)
1856 return NULL;
1857 }
4df864c1 1858 pgr = skb_put(skb, sizeof(struct mld2_grec));
1da177e4
LT		 1859 pgr->grec_type = type;
1860 pgr->grec_auxwords = 0;
1861 pgr->grec_nsrcs = 0;
1862 pgr->grec_mca = pmc->mca_addr; /* structure copy */
9c70220b 1863 pmr = (struct mld2_report *)skb_transport_header(skb);
6e7cb837 1864 pmr->mld2r_ngrec = htons(ntohs(pmr->mld2r_ngrec)+1);
1da177e4
LT		 1865 *ppgr = pgr;
1866 return skb;
1867}
1868
4c672e4b 1869#define AVAILABLE(skb) ((skb) ? skb_availroom(skb) : 0)
1da177e4 1870
63ed8de4 1871/* called with mc_lock */
1da177e4 1872static struct sk_buff *add_grec(struct sk_buff *skb, struct ifmcaddr6 *pmc,
4b200e39
TY		 1873 int type, int gdeleted, int sdeleted,
1874 int crsend)
1da177e4 1875{
4b200e39
TY		 1876 struct ip6_sf_list *psf, *psf_prev, *psf_next;
1877 int scount, stotal, first, isquery, truncate;
1878 struct ip6_sf_list __rcu **psf_list;
8965779d
AW		 1879 struct inet6_dev *idev = pmc->idev;
1880 struct net_device *dev = idev->dev;
1da177e4 1881 struct mld2_grec *pgr = NULL;
4b200e39 1882 struct mld2_report *pmr;
b9b312a7 1883 unsigned int mtu;
1da177e4
LT		 1884
1885 if (pmc->mca_flags & MAF_NOREPORT)
1886 return skb;
1887
b9b312a7
ED		 1888 mtu = READ_ONCE(dev->mtu);
1889 if (mtu < IPV6_MIN_MTU)
1890 return skb;
1891
1da177e4
LT		 1892 isquery = type == MLD2_MODE_IS_INCLUDE ||
1893 type == MLD2_MODE_IS_EXCLUDE;
1894 truncate = type == MLD2_MODE_IS_EXCLUDE ||
1895 type == MLD2_CHANGE_TO_EXCLUDE;
1896
5ab4a6c8
DS		 1897 stotal = scount = 0;
1898
1da177e4
LT		 1899 psf_list = sdeleted ? &pmc->mca_tomb : &pmc->mca_sources;
1900
4b200e39 1901 if (!rcu_access_pointer(*psf_list))
5ab4a6c8
DS		 1902 goto empty_source;
1903
9c70220b 1904 pmr = skb ? (struct mld2_report *)skb_transport_header(skb) : NULL;
1da177e4
LT		 1905
1906 /* EX and TO_EX get a fresh packet, if needed */
1907 if (truncate) {
6e7cb837 1908 if (pmr && pmr->mld2r_ngrec &&
1da177e4
LT		 1909 AVAILABLE(skb) < grec_size(pmc, type, gdeleted, sdeleted)) {
1910 if (skb)
1911 mld_sendpack(skb);
b9b312a7 1912 skb = mld_newpack(idev, mtu);
1da177e4
LT		 1913 }
1914 }
1915 first = 1;
1da177e4 1916 psf_prev = NULL;
63ed8de4 1917 for (psf = mc_dereference(*psf_list, idev);
4b200e39
TY		 1918 psf;
1919 psf = psf_next) {
1da177e4
LT		 1920 struct in6_addr *psrc;
1921
63ed8de4 1922 psf_next = mc_dereference(psf->sf_next, idev);
1da177e4 1923
c7ea20c9 1924 if (!is_in(pmc, psf, type, gdeleted, sdeleted) && !crsend) {
1da177e4
LT		 1925 psf_prev = psf;
1926 continue;
1927 }
1928
a052517a
HL		 1929 /* Based on RFC3810 6.1. Should not send source-list change
1930 * records when there is a filter mode change.
1931 */
1932 if (((gdeleted && pmc->mca_sfmode == MCAST_EXCLUDE) ||
1933 (!gdeleted && pmc->mca_crcount)) &&
1934 (type == MLD2_ALLOW_NEW_SOURCES ||
1935 type == MLD2_BLOCK_OLD_SOURCES) && psf->sf_crcount)
1936 goto decrease_sf_crcount;
1937
1da177e4
LT		 1938 /* clear marks on query responses */
1939 if (isquery)
1940 psf->sf_gsresp = 0;
1941
1942 if (AVAILABLE(skb) < sizeof(*psrc) +
1943 first*sizeof(struct mld2_grec)) {
1944 if (truncate && !first)
1945 break; /* truncate these */
1946 if (pgr)
1947 pgr->grec_nsrcs = htons(scount);
1948 if (skb)
1949 mld_sendpack(skb);
b9b312a7 1950 skb = mld_newpack(idev, mtu);
1da177e4
LT		 1951 first = 1;
1952 scount = 0;
1953 }
1954 if (first) {
b9b312a7 1955 skb = add_grhead(skb, pmc, type, &pgr, mtu);
1da177e4
LT		 1956 first = 0;
1957 }
cc63f70b
AD		 1958 if (!skb)
1959 return NULL;
4df864c1 1960 psrc = skb_put(skb, sizeof(*psrc));
1da177e4 1961 *psrc = psf->sf_addr;
5ab4a6c8 1962 scount++; stotal++;
1da177e4
LT		 1963 if ((type == MLD2_ALLOW_NEW_SOURCES ||
1964 type == MLD2_BLOCK_OLD_SOURCES) && psf->sf_crcount) {
a052517a 1965decrease_sf_crcount:
1da177e4
LT		 1966 psf->sf_crcount--;
1967 if ((sdeleted || gdeleted) && psf->sf_crcount == 0) {
1968 if (psf_prev)
4b200e39 1969 rcu_assign_pointer(psf_prev->sf_next,
63ed8de4 1970 mc_dereference(psf->sf_next, idev));
1da177e4 1971 else
4b200e39 1972 rcu_assign_pointer(*psf_list,
63ed8de4 1973 mc_dereference(psf->sf_next, idev));
4b200e39 1974 kfree_rcu(psf, rcu);
1da177e4
LT		 1975 continue;
1976 }
1977 }
1978 psf_prev = psf;
1979 }
5ab4a6c8
DS		 1980
1981empty_source:
1982 if (!stotal) {
1983 if (type == MLD2_ALLOW_NEW_SOURCES ||
1984 type == MLD2_BLOCK_OLD_SOURCES)
1985 return skb;
6a7cc418 1986 if (pmc->mca_crcount || isquery || crsend) {
5ab4a6c8
DS		 1987 /* make sure we have room for group header */
1988 if (skb && AVAILABLE(skb) < sizeof(struct mld2_grec)) {
1989 mld_sendpack(skb);
1990 skb = NULL; /* add_grhead will get a new one */
1991 }
b9b312a7 1992 skb = add_grhead(skb, pmc, type, &pgr, mtu);
5ab4a6c8
DS		 1993 }
1994 }
1da177e4
LT		 1995 if (pgr)
1996 pgr->grec_nsrcs = htons(scount);
1997
1998 if (isquery)
1999 pmc->mca_flags &= ~MAF_GSQUERY; /* clear query state */
2000 return skb;
2001}
2002
63ed8de4 2003/* called with mc_lock */
1da177e4
LT		 2004static void mld_send_report(struct inet6_dev *idev, struct ifmcaddr6 *pmc)
2005{
2006 struct sk_buff *skb = NULL;
2007 int type;
2008
2009 if (!pmc) {
63ed8de4 2010 for_each_mc_mclock(idev, pmc) {
1da177e4
LT		 2011 if (pmc->mca_flags & MAF_NOREPORT)
2012 continue;
1da177e4
LT		 2013 if (pmc->mca_sfcount[MCAST_EXCLUDE])
2014 type = MLD2_MODE_IS_EXCLUDE;
2015 else
2016 type = MLD2_MODE_IS_INCLUDE;
6a7cc418 2017 skb = add_grec(skb, pmc, type, 0, 0, 0);
1da177e4 2018 }
1da177e4 2019 } else {
1da177e4
LT		 2020 if (pmc->mca_sfcount[MCAST_EXCLUDE])
2021 type = MLD2_MODE_IS_EXCLUDE;
2022 else
2023 type = MLD2_MODE_IS_INCLUDE;
6a7cc418 2024 skb = add_grec(skb, pmc, type, 0, 0, 0);
1da177e4
LT		 2025 }
2026 if (skb)
2027 mld_sendpack(skb);
2028}
2029
2030/*
2031 * remove zero-count source records from a source filter list
63ed8de4 2032 * called with mc_lock
1da177e4 2033 */
63ed8de4 2034static void mld_clear_zeros(struct ip6_sf_list __rcu **ppsf, struct inet6_dev *idev)
1da177e4
LT		 2035{
2036 struct ip6_sf_list *psf_prev, *psf_next, *psf;
2037
2038 psf_prev = NULL;
63ed8de4 2039 for (psf = mc_dereference(*ppsf, idev);
4b200e39
TY		 2040 psf;
2041 psf = psf_next) {
63ed8de4 2042 psf_next = mc_dereference(psf->sf_next, idev);
1da177e4
LT		 2043 if (psf->sf_crcount == 0) {
2044 if (psf_prev)
4b200e39 2045 rcu_assign_pointer(psf_prev->sf_next,
63ed8de4 2046 mc_dereference(psf->sf_next, idev));
1da177e4 2047 else
4b200e39 2048 rcu_assign_pointer(*ppsf,
63ed8de4 2049 mc_dereference(psf->sf_next, idev));
4b200e39
TY		 2050 kfree_rcu(psf, rcu);
2051 } else {
1da177e4 2052 psf_prev = psf;
4b200e39 2053 }
1da177e4
LT		 2054 }
2055}
2056
63ed8de4 2057/* called with mc_lock */
1da177e4
LT		 2058static void mld_send_cr(struct inet6_dev *idev)
2059{
2060 struct ifmcaddr6 *pmc, *pmc_prev, *pmc_next;
2061 struct sk_buff *skb = NULL;
2062 int type, dtype;
2063
1da177e4
LT		 2064 /* deleted MCA's */
2065 pmc_prev = NULL;
63ed8de4 2066 for (pmc = mc_dereference(idev->mc_tomb, idev);
88e2ca30
TY		 2067 pmc;
2068 pmc = pmc_next) {
63ed8de4 2069 pmc_next = mc_dereference(pmc->next, idev);
1da177e4
LT		 2070 if (pmc->mca_sfmode == MCAST_INCLUDE) {
2071 type = MLD2_BLOCK_OLD_SOURCES;
2072 dtype = MLD2_BLOCK_OLD_SOURCES;
6a7cc418
FL		 2073 skb = add_grec(skb, pmc, type, 1, 0, 0);
2074 skb = add_grec(skb, pmc, dtype, 1, 1, 0);
1da177e4
LT		 2075 }
2076 if (pmc->mca_crcount) {
1da177e4
LT		 2077 if (pmc->mca_sfmode == MCAST_EXCLUDE) {
2078 type = MLD2_CHANGE_TO_INCLUDE;
6a7cc418 2079 skb = add_grec(skb, pmc, type, 1, 0, 0);
1da177e4 2080 }
5ab4a6c8 2081 pmc->mca_crcount--;
1da177e4 2082 if (pmc->mca_crcount == 0) {
63ed8de4
TY		 2083 mld_clear_zeros(&pmc->mca_tomb, idev);
2084 mld_clear_zeros(&pmc->mca_sources, idev);
1da177e4
LT		 2085 }
2086 }
4b200e39
TY		 2087 if (pmc->mca_crcount == 0 &&
2088 !rcu_access_pointer(pmc->mca_tomb) &&
2089 !rcu_access_pointer(pmc->mca_sources)) {
1da177e4 2090 if (pmc_prev)
88e2ca30 2091 rcu_assign_pointer(pmc_prev->next, pmc_next);
1da177e4 2092 else
88e2ca30 2093 rcu_assign_pointer(idev->mc_tomb, pmc_next);
1da177e4 2094 in6_dev_put(pmc->idev);
88e2ca30 2095 kfree_rcu(pmc, rcu);
1da177e4
LT		 2096 } else
2097 pmc_prev = pmc;
2098 }
1da177e4
LT		 2099
2100 /* change recs */
63ed8de4 2101 for_each_mc_mclock(idev, pmc) {
1da177e4
LT		 2102 if (pmc->mca_sfcount[MCAST_EXCLUDE]) {
2103 type = MLD2_BLOCK_OLD_SOURCES;
2104 dtype = MLD2_ALLOW_NEW_SOURCES;
2105 } else {
2106 type = MLD2_ALLOW_NEW_SOURCES;
2107 dtype = MLD2_BLOCK_OLD_SOURCES;
2108 }
6a7cc418
FL		 2109 skb = add_grec(skb, pmc, type, 0, 0, 0);
2110 skb = add_grec(skb, pmc, dtype, 0, 1, 0); /* deleted sources */
1da177e4
LT		 2111
2112 /* filter mode changes */
2113 if (pmc->mca_crcount) {
1da177e4
LT		 2114 if (pmc->mca_sfmode == MCAST_EXCLUDE)
2115 type = MLD2_CHANGE_TO_EXCLUDE;
2116 else
2117 type = MLD2_CHANGE_TO_INCLUDE;
6a7cc418 2118 skb = add_grec(skb, pmc, type, 0, 0, 0);
5ab4a6c8 2119 pmc->mca_crcount--;
1da177e4 2120 }
1da177e4 2121 }
1da177e4
LT		 2122 if (!skb)
2123 return;
2124 (void) mld_sendpack(skb);
2125}
2126
2127static void igmp6_send(struct in6_addr *addr, struct net_device *dev, int type)
2128{
c346dca1 2129 struct net *net = dev_net(dev);
b8ad0cbc 2130 struct sock *sk = net->ipv6.igmp_sk;
1da177e4 2131 struct inet6_dev *idev;
1ab1457c 2132 struct sk_buff *skb;
6e7cb837 2133 struct mld_msg *hdr;
d7aabf22 2134 const struct in6_addr *snd_addr, *saddr;
1da177e4 2135 struct in6_addr addr_buf;
a7ae1992
HX		 2136 int hlen = LL_RESERVED_SPACE(dev);
2137 int tlen = dev->needed_tailroom;
1da177e4
LT		 2138 int err, len, payload_len, full_len;
2139 u8 ra[8] = { IPPROTO_ICMPV6, 0,
2140 IPV6_TLV_ROUTERALERT, 2, 0, 0,
2141 IPV6_TLV_PADN, 0 };
4c9483b2 2142 struct flowi6 fl6;
adf30907 2143 struct dst_entry *dst;
1da177e4 2144
f3ee4010
YH		 2145 if (type == ICMPV6_MGM_REDUCTION)
2146 snd_addr = &in6addr_linklocal_allrouters;
2147 else
2148 snd_addr = addr;
1da177e4
LT		 2149
2150 len = sizeof(struct icmp6hdr) + sizeof(struct in6_addr);
2151 payload_len = len + sizeof(ra);
2152 full_len = sizeof(struct ipv6hdr) + payload_len;
2153
edf391ff
NH		 2154 rcu_read_lock();
2155 IP6_UPD_PO_STATS(net, __in6_dev_get(dev),
2156 IPSTATS_MIB_OUT, full_len);
2157 rcu_read_unlock();
2158
a7ae1992 2159 skb = sock_alloc_send_skb(sk, hlen + tlen + full_len, 1, &err);
1da177e4 2160
63159f29 2161 if (!skb) {
a11d206d 2162 rcu_read_lock();
3bd653c8 2163 IP6_INC_STATS(net, __in6_dev_get(dev),
a11d206d
YH		 2164 IPSTATS_MIB_OUTDISCARDS);
2165 rcu_read_unlock();
1da177e4
LT		 2166 return;
2167 }
9d4a0314 2168 skb->priority = TC_PRIO_CONTROL;
a7ae1992 2169 skb_reserve(skb, hlen);
1da177e4 2170
95c385b4 2171 if (ipv6_get_lladdr(dev, &addr_buf, IFA_F_TENTATIVE)) {
1da177e4 2172 /* <draft-ietf-magma-mld-source-05.txt>:
1ab1457c 2173 * use unspecified address as the source address
1da177e4
LT		 2174 * when a valid link-local address is not available.
2175 */
d7aabf22
YH		 2176 saddr = &in6addr_any;
2177 } else
2178 saddr = &addr_buf;
1da177e4 2179
2576f17d 2180 ip6_mc_hdr(sk, skb, dev, saddr, snd_addr, NEXTHDR_HOP, payload_len);
1da177e4 2181
59ae1d12 2182 skb_put_data(skb, ra, sizeof(ra));
1da177e4 2183
b080db58 2184 hdr = skb_put_zero(skb, sizeof(struct mld_msg));
6e7cb837 2185 hdr->mld_type = type;
4e3fd7a0 2186 hdr->mld_mca = *addr;
1da177e4 2187
6e7cb837
YH		 2188 hdr->mld_cksum = csum_ipv6_magic(saddr, snd_addr, len,
2189 IPPROTO_ICMPV6,
2190 csum_partial(hdr, len, 0));
1da177e4 2191
96b52e61
ED		 2192 rcu_read_lock();
2193 idev = __in6_dev_get(skb->dev);
1da177e4 2194
4c9483b2 2195 icmpv6_flow_init(sk, &fl6, type,
41927178
YH		 2196 &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr,
2197 skb->dev->ifindex);
12fd84f4 2198 dst = icmp6_dst_alloc(skb->dev, &fl6);
452edd59
DM		 2199 if (IS_ERR(dst)) {
2200 err = PTR_ERR(dst);
41927178 2201 goto err_out;
452edd59 2202 }
41927178 2203
adf30907 2204 skb_dst_set(skb, dst);
29a26a56
EB		 2205 err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
2206 net, sk, skb, NULL, skb->dev,
13206b6b 2207 dst_output);
41927178 2208out:
1da177e4 2209 if (!err) {
5c5d244b 2210 ICMP6MSGOUT_INC_STATS(net, idev, type);
a862f6a6 2211 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1da177e4 2212 } else
3bd653c8 2213 IP6_INC_STATS(net, idev, IPSTATS_MIB_OUTDISCARDS);
1da177e4 2214
96b52e61 2215 rcu_read_unlock();
1da177e4 2216 return;
41927178
YH		 2217
2218err_out:
2219 kfree_skb(skb);
2220 goto out;
1da177e4
LT		 2221}
2222
63ed8de4 2223/* called with mc_lock */
6a7cc418 2224static void mld_send_initial_cr(struct inet6_dev *idev)
b173ee48 2225{
6a7cc418
FL		 2226 struct sk_buff *skb;
2227 struct ifmcaddr6 *pmc;
2228 int type;
2229
2230 if (mld_in_v1_mode(idev))
2231 return;
2232
2233 skb = NULL;
63ed8de4 2234 for_each_mc_mclock(idev, pmc) {
6a7cc418
FL		 2235 if (pmc->mca_sfcount[MCAST_EXCLUDE])
2236 type = MLD2_CHANGE_TO_EXCLUDE;
2237 else
c7ea20c9 2238 type = MLD2_ALLOW_NEW_SOURCES;
6a7cc418 2239 skb = add_grec(skb, pmc, type, 0, 0, 1);
b173ee48 2240 }
6a7cc418
FL		 2241 if (skb)
2242 mld_sendpack(skb);
b173ee48
HFS		 2243}
2244
2245void ipv6_mc_dad_complete(struct inet6_dev *idev)
2246{
63ed8de4 2247 mutex_lock(&idev->mc_lock);
b173ee48
HFS		 2248 idev->mc_dad_count = idev->mc_qrv;
2249 if (idev->mc_dad_count) {
6a7cc418 2250 mld_send_initial_cr(idev);
b173ee48
HFS		 2251 idev->mc_dad_count--;
2252 if (idev->mc_dad_count)
2d9a93b4
TY		 2253 mld_dad_start_work(idev,
2254 unsolicited_report_interval(idev));
b173ee48 2255 }
63ed8de4 2256 mutex_unlock(&idev->mc_lock);
b173ee48
HFS		 2257}
2258
2d9a93b4 2259static void mld_dad_work(struct work_struct *work)
b173ee48 2260{
2d9a93b4
TY		 2261 struct inet6_dev *idev = container_of(to_delayed_work(work),
2262 struct inet6_dev,
2263 mc_dad_work);
63ed8de4 2264 mutex_lock(&idev->mc_lock);
6a7cc418 2265 mld_send_initial_cr(idev);
b173ee48
HFS		 2266 if (idev->mc_dad_count) {
2267 idev->mc_dad_count--;
2268 if (idev->mc_dad_count)
2d9a93b4
TY		 2269 mld_dad_start_work(idev,
2270 unsolicited_report_interval(idev));
b173ee48 2271 }
63ed8de4 2272 mutex_unlock(&idev->mc_lock);
9260d3e1 2273 in6_dev_put(idev);
b173ee48
HFS		 2274}
2275
63ed8de4 2276/* called with mc_lock */
1da177e4 2277static int ip6_mc_del1_src(struct ifmcaddr6 *pmc, int sfmode,
b71d1d42 2278 const struct in6_addr *psfsrc)
1da177e4
LT		 2279{
2280 struct ip6_sf_list *psf, *psf_prev;
2281 int rv = 0;
2282
2283 psf_prev = NULL;
63ed8de4 2284 for_each_psf_mclock(pmc, psf) {
1da177e4
LT		 2285 if (ipv6_addr_equal(&psf->sf_addr, psfsrc))
2286 break;
2287 psf_prev = psf;
2288 }
2289 if (!psf || psf->sf_count[sfmode] == 0) {
2290 /* source filter not found, or count wrong => bug */
2291 return -ESRCH;
2292 }
2293 psf->sf_count[sfmode]--;
2294 if (!psf->sf_count[MCAST_INCLUDE] && !psf->sf_count[MCAST_EXCLUDE]) {
2295 struct inet6_dev *idev = pmc->idev;
2296
2297 /* no more filters for this source */
2298 if (psf_prev)
4b200e39 2299 rcu_assign_pointer(psf_prev->sf_next,
63ed8de4 2300 mc_dereference(psf->sf_next, idev));
1da177e4 2301 else
4b200e39 2302 rcu_assign_pointer(pmc->mca_sources,
63ed8de4 2303 mc_dereference(psf->sf_next, idev));
4b200e39 2304
1da177e4 2305 if (psf->sf_oldin && !(pmc->mca_flags & MAF_NOREPORT) &&
6c567b78 2306 !mld_in_v1_mode(idev)) {
1da177e4 2307 psf->sf_crcount = idev->mc_qrv;
4b200e39 2308 rcu_assign_pointer(psf->sf_next,
63ed8de4 2309 mc_dereference(pmc->mca_tomb, idev));
4b200e39 2310 rcu_assign_pointer(pmc->mca_tomb, psf);
1da177e4 2311 rv = 1;
4b200e39
TY		 2312 } else {
2313 kfree_rcu(psf, rcu);
2314 }
1da177e4
LT		 2315 }
2316 return rv;
2317}
2318
63ed8de4 2319/* called with mc_lock */
b71d1d42
ED		 2320static int ip6_mc_del_src(struct inet6_dev *idev, const struct in6_addr *pmca,
2321 int sfmode, int sfcount, const struct in6_addr *psfsrc,
1da177e4
LT		 2322 int delta)
2323{
2324 struct ifmcaddr6 *pmc;
2325 int changerec = 0;
2326 int i, err;
2327
2328 if (!idev)
2329 return -ENODEV;
88e2ca30 2330
63ed8de4 2331 for_each_mc_mclock(idev, pmc) {
1da177e4
LT		 2332 if (ipv6_addr_equal(pmca, &pmc->mca_addr))
2333 break;
2334 }
88e2ca30 2335 if (!pmc)
1da177e4 2336 return -ESRCH;
88e2ca30 2337
1da177e4
LT		 2338 sf_markstate(pmc);
2339 if (!delta) {
63ed8de4 2340 if (!pmc->mca_sfcount[sfmode])
1da177e4 2341 return -EINVAL;
88e2ca30 2342
1da177e4
LT		 2343 pmc->mca_sfcount[sfmode]--;
2344 }
2345 err = 0;
67ba4152 2346 for (i = 0; i < sfcount; i++) {
1da177e4
LT		 2347 int rv = ip6_mc_del1_src(pmc, sfmode, &psfsrc[i]);
2348
2349 changerec |= rv > 0;
2350 if (!err && rv < 0)
2351 err = rv;
2352 }
2353 if (pmc->mca_sfmode == MCAST_EXCLUDE &&
2354 pmc->mca_sfcount[MCAST_EXCLUDE] == 0 &&
2355 pmc->mca_sfcount[MCAST_INCLUDE]) {
2356 struct ip6_sf_list *psf;
2357
2358 /* filter mode change */
2359 pmc->mca_sfmode = MCAST_INCLUDE;
2360 pmc->mca_crcount = idev->mc_qrv;
2361 idev->mc_ifc_count = pmc->mca_crcount;
63ed8de4 2362 for_each_psf_mclock(pmc, psf)
1da177e4
LT		 2363 psf->sf_crcount = 0;
2364 mld_ifc_event(pmc->idev);
63ed8de4 2365 } else if (sf_setstate(pmc) || changerec) {
1da177e4 2366 mld_ifc_event(pmc->idev);
63ed8de4
TY		 2367 }
2368
1da177e4
LT		 2369 return err;
2370}
2371
2372/*
2373 * Add multicast single-source filter to the interface list
63ed8de4 2374 * called with mc_lock
1da177e4
LT		 2375 */
2376static int ip6_mc_add1_src(struct ifmcaddr6 *pmc, int sfmode,
99d2f47a 2377 const struct in6_addr *psfsrc)
1da177e4
LT		 2378{
2379 struct ip6_sf_list *psf, *psf_prev;
2380
2381 psf_prev = NULL;
63ed8de4 2382 for_each_psf_mclock(pmc, psf) {
1da177e4
LT		 2383 if (ipv6_addr_equal(&psf->sf_addr, psfsrc))
2384 break;
2385 psf_prev = psf;
2386 }
2387 if (!psf) {
f185de28 2388 psf = kzalloc(sizeof(*psf), GFP_KERNEL);
1da177e4
LT		 2389 if (!psf)
2390 return -ENOBUFS;
0c600eda 2391
1da177e4
LT		 2392 psf->sf_addr = *psfsrc;
2393 if (psf_prev) {
4b200e39
TY		 2394 rcu_assign_pointer(psf_prev->sf_next, psf);
2395 } else {
2396 rcu_assign_pointer(pmc->mca_sources, psf);
2397 }
1da177e4
LT		 2398 }
2399 psf->sf_count[sfmode]++;
2400 return 0;
2401}
2402
63ed8de4 2403/* called with mc_lock */
1da177e4
LT		 2404static void sf_markstate(struct ifmcaddr6 *pmc)
2405{
2406 struct ip6_sf_list *psf;
2407 int mca_xcount = pmc->mca_sfcount[MCAST_EXCLUDE];
2408
63ed8de4 2409 for_each_psf_mclock(pmc, psf) {
1da177e4
LT		 2410 if (pmc->mca_sfcount[MCAST_EXCLUDE]) {
2411 psf->sf_oldin = mca_xcount ==
2412 psf->sf_count[MCAST_EXCLUDE] &&
2413 !psf->sf_count[MCAST_INCLUDE];
4b200e39 2414 } else {
1da177e4 2415 psf->sf_oldin = psf->sf_count[MCAST_INCLUDE] != 0;
4b200e39
TY		 2416 }
2417 }
1da177e4
LT		 2418}
2419
63ed8de4 2420/* called with mc_lock */
1da177e4
LT		 2421static int sf_setstate(struct ifmcaddr6 *pmc)
2422{
7add2a43 2423 struct ip6_sf_list *psf, *dpsf;
1da177e4
LT		 2424 int mca_xcount = pmc->mca_sfcount[MCAST_EXCLUDE];
2425 int qrv = pmc->idev->mc_qrv;
2426 int new_in, rv;
2427
2428 rv = 0;
63ed8de4 2429 for_each_psf_mclock(pmc, psf) {
1da177e4
LT		 2430 if (pmc->mca_sfcount[MCAST_EXCLUDE]) {
2431 new_in = mca_xcount == psf->sf_count[MCAST_EXCLUDE] &&
2432 !psf->sf_count[MCAST_INCLUDE];
2433 } else
2434 new_in = psf->sf_count[MCAST_INCLUDE] != 0;
7add2a43
DS		 2435 if (new_in) {
2436 if (!psf->sf_oldin) {
e80e28b6 2437 struct ip6_sf_list *prev = NULL;
7add2a43 2438
4b200e39 2439 for_each_psf_tomb(pmc, dpsf) {
7add2a43
DS		 2440 if (ipv6_addr_equal(&dpsf->sf_addr,
2441 &psf->sf_addr))
2442 break;
2443 prev = dpsf;
2444 }
2445 if (dpsf) {
2446 if (prev)
4b200e39 2447 rcu_assign_pointer(prev->sf_next,
63ed8de4
TY		 2448 mc_dereference(dpsf->sf_next,
2449 pmc->idev));
7add2a43 2450 else
4b200e39 2451 rcu_assign_pointer(pmc->mca_tomb,
63ed8de4
TY		 2452 mc_dereference(dpsf->sf_next,
2453 pmc->idev));
4b200e39 2454 kfree_rcu(dpsf, rcu);
7add2a43
DS		 2455 }
2456 psf->sf_crcount = qrv;
2457 rv++;
2458 }
2459 } else if (psf->sf_oldin) {
2460 psf->sf_crcount = 0;
2461 /*
2462 * add or update "delete" records if an active filter
2463 * is now inactive
2464 */
4b200e39
TY		 2465
2466 for_each_psf_tomb(pmc, dpsf)
7add2a43
DS		 2467 if (ipv6_addr_equal(&dpsf->sf_addr,
2468 &psf->sf_addr))
2469 break;
2470 if (!dpsf) {
f185de28 2471 dpsf = kmalloc(sizeof(*dpsf), GFP_KERNEL);
7add2a43
DS		 2472 if (!dpsf)
2473 continue;
2474 *dpsf = *psf;
4b200e39 2475 rcu_assign_pointer(dpsf->sf_next,
63ed8de4 2476 mc_dereference(pmc->mca_tomb, pmc->idev));
4b200e39 2477 rcu_assign_pointer(pmc->mca_tomb, dpsf);
7add2a43
DS		 2478 }
2479 dpsf->sf_crcount = qrv;
1da177e4
LT		 2480 rv++;
2481 }
2482 }
2483 return rv;
2484}
2485
2486/*
2487 * Add multicast source filter list to the interface list
63ed8de4 2488 * called with mc_lock
1da177e4 2489 */
b71d1d42
ED		 2490static int ip6_mc_add_src(struct inet6_dev *idev, const struct in6_addr *pmca,
2491 int sfmode, int sfcount, const struct in6_addr *psfsrc,
1da177e4
LT		 2492 int delta)
2493{
2494 struct ifmcaddr6 *pmc;
2495 int isexclude;
2496 int i, err;
2497
2498 if (!idev)
2499 return -ENODEV;
88e2ca30 2500
63ed8de4 2501 for_each_mc_mclock(idev, pmc) {
1da177e4
LT		 2502 if (ipv6_addr_equal(pmca, &pmc->mca_addr))
2503 break;
2504 }
88e2ca30 2505 if (!pmc)
1da177e4 2506 return -ESRCH;
1da177e4
LT		 2507
2508 sf_markstate(pmc);
2509 isexclude = pmc->mca_sfmode == MCAST_EXCLUDE;
2510 if (!delta)
2511 pmc->mca_sfcount[sfmode]++;
2512 err = 0;
67ba4152 2513 for (i = 0; i < sfcount; i++) {
99d2f47a 2514 err = ip6_mc_add1_src(pmc, sfmode, &psfsrc[i]);
1da177e4
LT		 2515 if (err)
2516 break;
2517 }
2518 if (err) {
2519 int j;
2520
2521 if (!delta)
2522 pmc->mca_sfcount[sfmode]--;
67ba4152 2523 for (j = 0; j < i; j++)
78d50217 2524 ip6_mc_del1_src(pmc, sfmode, &psfsrc[j]);
1da177e4 2525 } else if (isexclude != (pmc->mca_sfcount[MCAST_EXCLUDE] != 0)) {
1da177e4
LT		 2526 struct ip6_sf_list *psf;
2527
2528 /* filter mode change */
2529 if (pmc->mca_sfcount[MCAST_EXCLUDE])
2530 pmc->mca_sfmode = MCAST_EXCLUDE;
2531 else if (pmc->mca_sfcount[MCAST_INCLUDE])
2532 pmc->mca_sfmode = MCAST_INCLUDE;
2533 /* else no filters; keep old mode for reports */
2534
2535 pmc->mca_crcount = idev->mc_qrv;
2536 idev->mc_ifc_count = pmc->mca_crcount;
63ed8de4 2537 for_each_psf_mclock(pmc, psf)
1da177e4
LT		 2538 psf->sf_crcount = 0;
2539 mld_ifc_event(idev);
88e2ca30 2540 } else if (sf_setstate(pmc)) {
1da177e4 2541 mld_ifc_event(idev);
88e2ca30 2542 }
1da177e4
LT		 2543 return err;
2544}
2545
63ed8de4 2546/* called with mc_lock */
1da177e4
LT		 2547static void ip6_mc_clear_src(struct ifmcaddr6 *pmc)
2548{
2549 struct ip6_sf_list *psf, *nextpsf;
2550
63ed8de4 2551 for (psf = mc_dereference(pmc->mca_tomb, pmc->idev);
4b200e39
TY		 2552 psf;
2553 psf = nextpsf) {
63ed8de4 2554 nextpsf = mc_dereference(psf->sf_next, pmc->idev);
4b200e39 2555 kfree_rcu(psf, rcu);
1da177e4 2556 }
4b200e39 2557 RCU_INIT_POINTER(pmc->mca_tomb, NULL);
63ed8de4 2558 for (psf = mc_dereference(pmc->mca_sources, pmc->idev);
4b200e39
TY		 2559 psf;
2560 psf = nextpsf) {
63ed8de4 2561 nextpsf = mc_dereference(psf->sf_next, pmc->idev);
4b200e39 2562 kfree_rcu(psf, rcu);
1da177e4 2563 }
4b200e39 2564 RCU_INIT_POINTER(pmc->mca_sources, NULL);
1da177e4 2565 pmc->mca_sfmode = MCAST_EXCLUDE;
de9daad9 2566 pmc->mca_sfcount[MCAST_INCLUDE] = 0;
1da177e4
LT		 2567 pmc->mca_sfcount[MCAST_EXCLUDE] = 1;
2568}
2569
63ed8de4 2570/* called with mc_lock */
1da177e4
LT		 2571static void igmp6_join_group(struct ifmcaddr6 *ma)
2572{
2573 unsigned long delay;
2574
2575 if (ma->mca_flags & MAF_NOREPORT)
2576 return;
2577
2578 igmp6_send(&ma->mca_addr, ma->idev->dev, ICMPV6_MGM_REPORT);
2579
63862b5b 2580 delay = prandom_u32() % unsolicited_report_interval(ma->idev);
1da177e4 2581
2d9a93b4 2582 if (cancel_delayed_work(&ma->mca_work)) {
d3981bc6 2583 refcount_dec(&ma->mca_refcnt);
2d9a93b4 2584 delay = ma->mca_work.timer.expires - jiffies;
1da177e4
LT		 2585 }
2586
2d9a93b4 2587 if (!mod_delayed_work(mld_wq, &ma->mca_work, delay))
d3981bc6 2588 refcount_inc(&ma->mca_refcnt);
1da177e4 2589 ma->mca_flags |= MAF_TIMER_RUNNING | MAF_LAST_REPORTER;
1da177e4
LT		 2590}
2591
2592static int ip6_mc_leave_src(struct sock *sk, struct ipv6_mc_socklist *iml,
2593 struct inet6_dev *idev)
2594{
882ba1f7 2595 struct ip6_sf_socklist *psl;
1da177e4
LT		 2596 int err;
2597
4b4b8446 2598 psl = sock_dereference(iml->sflist, sk);
882ba1f7 2599
63ed8de4
TY		 2600 if (idev)
2601 mutex_lock(&idev->mc_lock);
2602
882ba1f7 2603 if (!psl) {
1da177e4 2604 /* any-source empty exclude case */
dc012f36
ED		 2605 err = ip6_mc_del_src(idev, &iml->addr, iml->sfmode, 0, NULL, 0);
2606 } else {
2607 err = ip6_mc_del_src(idev, &iml->addr, iml->sfmode,
63ed8de4 2608 psl->sl_count, psl->sl_addr, 0);
882ba1f7
TY		 2609 RCU_INIT_POINTER(iml->sflist, NULL);
2610 atomic_sub(IP6_SFLSIZE(psl->sl_max), &sk->sk_omem_alloc);
2611 kfree_rcu(psl, rcu);
1da177e4 2612 }
63ed8de4
TY		 2613
2614 if (idev)
2615 mutex_unlock(&idev->mc_lock);
2616
1da177e4
LT		 2617 return err;
2618}
2619
63ed8de4 2620/* called with mc_lock */
1da177e4
LT		 2621static void igmp6_leave_group(struct ifmcaddr6 *ma)
2622{
6c567b78 2623 if (mld_in_v1_mode(ma->idev)) {
88e2ca30 2624 if (ma->mca_flags & MAF_LAST_REPORTER) {
1da177e4
LT		 2625 igmp6_send(&ma->mca_addr, ma->idev->dev,
2626 ICMPV6_MGM_REDUCTION);
88e2ca30 2627 }
1da177e4
LT		 2628 } else {
2629 mld_add_delrec(ma->idev, ma);
2630 mld_ifc_event(ma->idev);
2631 }
2632}
2633
2d9a93b4 2634static void mld_gq_work(struct work_struct *work)
1da177e4 2635{
2d9a93b4
TY		 2636 struct inet6_dev *idev = container_of(to_delayed_work(work),
2637 struct inet6_dev,
2638 mc_gq_work);
1da177e4 2639
63ed8de4 2640 mutex_lock(&idev->mc_lock);
1da177e4 2641 mld_send_report(idev, NULL);
88e2ca30 2642 idev->mc_gq_running = 0;
63ed8de4 2643 mutex_unlock(&idev->mc_lock);
88e2ca30 2644
9260d3e1 2645 in6_dev_put(idev);
1da177e4
LT		 2646}
2647
2d9a93b4 2648static void mld_ifc_work(struct work_struct *work)
1da177e4 2649{
2d9a93b4
TY		 2650 struct inet6_dev *idev = container_of(to_delayed_work(work),
2651 struct inet6_dev,
2652 mc_ifc_work);
1da177e4 2653
63ed8de4 2654 mutex_lock(&idev->mc_lock);
1da177e4 2655 mld_send_cr(idev);
88e2ca30 2656
1da177e4
LT		 2657 if (idev->mc_ifc_count) {
2658 idev->mc_ifc_count--;
2659 if (idev->mc_ifc_count)
2d9a93b4
TY		 2660 mld_ifc_start_work(idev,
2661 unsolicited_report_interval(idev));
1da177e4 2662 }
63ed8de4 2663 mutex_unlock(&idev->mc_lock);
9260d3e1 2664 in6_dev_put(idev);
1da177e4
LT		 2665}
2666
63ed8de4 2667/* called with mc_lock */
1da177e4
LT		 2668static void mld_ifc_event(struct inet6_dev *idev)
2669{
6c567b78 2670 if (mld_in_v1_mode(idev))
1da177e4 2671 return;
88e2ca30 2672
1da177e4 2673 idev->mc_ifc_count = idev->mc_qrv;
2d9a93b4 2674 mld_ifc_start_work(idev, 1);
1da177e4
LT		 2675}
2676
2d9a93b4 2677static void mld_mca_work(struct work_struct *work)
1da177e4 2678{
2d9a93b4
TY		 2679 struct ifmcaddr6 *ma = container_of(to_delayed_work(work),
2680 struct ifmcaddr6, mca_work);
1da177e4 2681
63ed8de4 2682 mutex_lock(&ma->idev->mc_lock);
6c567b78 2683 if (mld_in_v1_mode(ma->idev))
1da177e4
LT		 2684 igmp6_send(&ma->mca_addr, ma->idev->dev, ICMPV6_MGM_REPORT);
2685 else
2686 mld_send_report(ma->idev, ma);
1da177e4
LT		 2687 ma->mca_flags |= MAF_LAST_REPORTER;
2688 ma->mca_flags &= ~MAF_TIMER_RUNNING;
63ed8de4 2689 mutex_unlock(&ma->idev->mc_lock);
f185de28 2690
1da177e4
LT		 2691 ma_put(ma);
2692}
2693
75c78500
MS		 2694/* Device changing type */
2695
2696void ipv6_mc_unmap(struct inet6_dev *idev)
2697{
2698 struct ifmcaddr6 *i;
2699
2700 /* Install multicast list, except for all-nodes (already installed) */
2701
63ed8de4
TY		 2702 mutex_lock(&idev->mc_lock);
2703 for_each_mc_mclock(idev, i)
75c78500 2704 igmp6_group_dropped(i);
63ed8de4 2705 mutex_unlock(&idev->mc_lock);
75c78500
MS		 2706}
2707
2708void ipv6_mc_remap(struct inet6_dev *idev)
2709{
2710 ipv6_mc_up(idev);
2711}
2712
1da177e4 2713/* Device going down */
1da177e4
LT		 2714void ipv6_mc_down(struct inet6_dev *idev)
2715{
2716 struct ifmcaddr6 *i;
2717
63ed8de4 2718 mutex_lock(&idev->mc_lock);
1da177e4 2719 /* Withdraw multicast list */
63ed8de4 2720 for_each_mc_mclock(idev, i)
1da177e4 2721 igmp6_group_dropped(i);
63ed8de4 2722 mutex_unlock(&idev->mc_lock);
1da177e4 2723
2d9a93b4
TY		 2724 /* Should stop work after group drop. or we will
2725 * start work again in mld_ifc_event()
1666d49e 2726 */
f185de28
TY		 2727 synchronize_net();
2728 mld_query_stop_work(idev);
2729 mld_report_stop_work(idev);
2d9a93b4
TY		 2730 mld_ifc_stop_work(idev);
2731 mld_gq_stop_work(idev);
2732 mld_dad_stop_work(idev);
1da177e4
LT		 2733}
2734
2f711939
HFS		 2735static void ipv6_mc_reset(struct inet6_dev *idev)
2736{
2737 idev->mc_qrv = sysctl_mld_qrv;
2738 idev->mc_qi = MLD_QI_DEFAULT;
2739 idev->mc_qri = MLD_QRI_DEFAULT;
2740 idev->mc_v1_seen = 0;
2741 idev->mc_maxdelay = unsolicited_report_interval(idev);
2742}
1da177e4
LT		 2743
2744/* Device going up */
2745
2746void ipv6_mc_up(struct inet6_dev *idev)
2747{
2748 struct ifmcaddr6 *i;
2749
2750 /* Install multicast list, except for all-nodes (already installed) */
2751
2f711939 2752 ipv6_mc_reset(idev);
63ed8de4
TY		 2753 mutex_lock(&idev->mc_lock);
2754 for_each_mc_mclock(idev, i) {
1666d49e 2755 mld_del_delrec(idev, i);
0ae0d60a 2756 igmp6_group_added(i);
1666d49e 2757 }
63ed8de4 2758 mutex_unlock(&idev->mc_lock);
1da177e4
LT		 2759}
2760
2761/* IPv6 device initialization. */
2762
2763void ipv6_mc_init_dev(struct inet6_dev *idev)
2764{
1da177e4 2765 idev->mc_gq_running = 0;
2d9a93b4 2766 INIT_DELAYED_WORK(&idev->mc_gq_work, mld_gq_work);
88e2ca30 2767 RCU_INIT_POINTER(idev->mc_tomb, NULL);
1da177e4 2768 idev->mc_ifc_count = 0;
2d9a93b4
TY		 2769 INIT_DELAYED_WORK(&idev->mc_ifc_work, mld_ifc_work);
2770 INIT_DELAYED_WORK(&idev->mc_dad_work, mld_dad_work);
f185de28
TY		 2771 INIT_DELAYED_WORK(&idev->mc_query_work, mld_query_work);
2772 INIT_DELAYED_WORK(&idev->mc_report_work, mld_report_work);
2773 skb_queue_head_init(&idev->mc_query_queue);
2774 skb_queue_head_init(&idev->mc_report_queue);
2775 spin_lock_init(&idev->mc_query_lock);
2776 spin_lock_init(&idev->mc_report_lock);
63ed8de4 2777 mutex_init(&idev->mc_lock);
2f711939 2778 ipv6_mc_reset(idev);
1da177e4
LT		 2779}
2780
2781/*
2782 * Device is about to be destroyed: clean up.
2783 */
2784
2785void ipv6_mc_destroy_dev(struct inet6_dev *idev)
2786{
2787 struct ifmcaddr6 *i;
1da177e4 2788
2d9a93b4 2789 /* Deactivate works */
1da177e4 2790 ipv6_mc_down(idev);
63ed8de4 2791 mutex_lock(&idev->mc_lock);
1666d49e 2792 mld_clear_delrec(idev);
63ed8de4 2793 mutex_unlock(&idev->mc_lock);
f185de28
TY		 2794 mld_clear_query(idev);
2795 mld_clear_report(idev);
1da177e4
LT		 2796
2797 /* Delete all-nodes address. */
1da177e4
LT		 2798 /* We cannot call ipv6_dev_mc_dec() directly, our caller in
2799 * addrconf.c has NULL'd out dev->ip6_ptr so in6_dev_get() will
2800 * fail.
2801 */
f3ee4010 2802 __ipv6_dev_mc_dec(idev, &in6addr_linklocal_allnodes);
1da177e4 2803
f3ee4010
YH		 2804 if (idev->cnf.forwarding)
2805 __ipv6_dev_mc_dec(idev, &in6addr_linklocal_allrouters);
1da177e4 2806
63ed8de4
TY		 2807 mutex_lock(&idev->mc_lock);
2808 while ((i = mc_dereference(idev->mc_list, idev))) {
2809 rcu_assign_pointer(idev->mc_list, mc_dereference(i->next, idev));
1da177e4 2810
ea2fce88 2811 ip6_mc_clear_src(i);
1da177e4 2812 ma_put(i);
1da177e4 2813 }
63ed8de4 2814 mutex_unlock(&idev->mc_lock);
1da177e4
LT		 2815}
2816
382ed724
VY		 2817static void ipv6_mc_rejoin_groups(struct inet6_dev *idev)
2818{
2819 struct ifmcaddr6 *pmc;
2820
2821 ASSERT_RTNL();
2822
63ed8de4 2823 mutex_lock(&idev->mc_lock);
382ed724 2824 if (mld_in_v1_mode(idev)) {
63ed8de4 2825 for_each_mc_mclock(idev, pmc)
382ed724 2826 igmp6_join_group(pmc);
88e2ca30 2827 } else {
382ed724 2828 mld_send_report(idev, NULL);
88e2ca30 2829 }
63ed8de4 2830 mutex_unlock(&idev->mc_lock);
382ed724
VY		 2831}
2832
2833static int ipv6_mc_netdev_event(struct notifier_block *this,
2834 unsigned long event,
2835 void *ptr)
2836{
2837 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
2838 struct inet6_dev *idev = __in6_dev_get(dev);
2839
2840 switch (event) {
2841 case NETDEV_RESEND_IGMP:
2842 if (idev)
2843 ipv6_mc_rejoin_groups(idev);
2844 break;
2845 default:
2846 break;
2847 }
2848
2849 return NOTIFY_DONE;
2850}
2851
2852static struct notifier_block igmp6_netdev_notifier = {
2853 .notifier_call = ipv6_mc_netdev_event,
2854};
2855
1da177e4
LT		 2856#ifdef CONFIG_PROC_FS
2857struct igmp6_mc_iter_state {
b8ad0cbc 2858 struct seq_net_private p;
1da177e4
LT		 2859 struct net_device *dev;
2860 struct inet6_dev *idev;
2861};
2862
2863#define igmp6_mc_seq_private(seq) ((struct igmp6_mc_iter_state *)(seq)->private)
2864
2865static inline struct ifmcaddr6 *igmp6_mc_get_first(struct seq_file *seq)
2866{
2867 struct ifmcaddr6 *im = NULL;
2868 struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq);
1218854a 2869 struct net *net = seq_file_net(seq);
1da177e4 2870
7562f876 2871 state->idev = NULL;
ce81b76a 2872 for_each_netdev_rcu(net, state->dev) {
1da177e4 2873 struct inet6_dev *idev;
ce81b76a 2874 idev = __in6_dev_get(state->dev);
1da177e4
LT		 2875 if (!idev)
2876 continue;
88e2ca30
TY		 2877
2878 im = rcu_dereference(idev->mc_list);
1da177e4
LT		 2879 if (im) {
2880 state->idev = idev;
2881 break;
2882 }
1da177e4
LT		 2883 }
2884 return im;
2885}
2886
2887static struct ifmcaddr6 *igmp6_mc_get_next(struct seq_file *seq, struct ifmcaddr6 *im)
2888{
2889 struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq);
2890
88e2ca30 2891 im = rcu_dereference(im->next);
1da177e4 2892 while (!im) {
ce81b76a 2893 state->dev = next_net_device_rcu(state->dev);
1da177e4
LT		 2894 if (!state->dev) {
2895 state->idev = NULL;
2896 break;
2897 }
ce81b76a 2898 state->idev = __in6_dev_get(state->dev);
1da177e4
LT		 2899 if (!state->idev)
2900 continue;
88e2ca30 2901 im = rcu_dereference(state->idev->mc_list);
1da177e4
LT		 2902 }
2903 return im;
2904}
2905
2906static struct ifmcaddr6 *igmp6_mc_get_idx(struct seq_file *seq, loff_t pos)
2907{
2908 struct ifmcaddr6 *im = igmp6_mc_get_first(seq);
2909 if (im)
2910 while (pos && (im = igmp6_mc_get_next(seq, im)) != NULL)
2911 --pos;
2912 return pos ? NULL : im;
2913}
2914
2915static void *igmp6_mc_seq_start(struct seq_file *seq, loff_t *pos)
ce81b76a 2916 __acquires(RCU)
1da177e4 2917{
ce81b76a 2918 rcu_read_lock();
1da177e4
LT		 2919 return igmp6_mc_get_idx(seq, *pos);
2920}
2921
2922static void *igmp6_mc_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2923{
ce81b76a
ED		 2924 struct ifmcaddr6 *im = igmp6_mc_get_next(seq, v);
2925
1da177e4
LT		 2926 ++*pos;
2927 return im;
2928}
2929
2930static void igmp6_mc_seq_stop(struct seq_file *seq, void *v)
ce81b76a 2931 __releases(RCU)
1da177e4
LT		 2932{
2933 struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq);
ce81b76a 2934
88e2ca30 2935 if (likely(state->idev))
1da177e4 2936 state->idev = NULL;
1da177e4 2937 state->dev = NULL;
ce81b76a 2938 rcu_read_unlock();
1da177e4
LT		 2939}
2940
2941static int igmp6_mc_seq_show(struct seq_file *seq, void *v)
2942{
2943 struct ifmcaddr6 *im = (struct ifmcaddr6 *)v;
2944 struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq);
2945
2946 seq_printf(seq,
4b7a4274 2947 "%-4d %-15s %pi6 %5d %08X %ld\n",
1da177e4 2948 state->dev->ifindex, state->dev->name,
b071195d 2949 &im->mca_addr,
1da177e4 2950 im->mca_users, im->mca_flags,
88e2ca30 2951 (im->mca_flags & MAF_TIMER_RUNNING) ?
2d9a93b4 2952 jiffies_to_clock_t(im->mca_work.timer.expires - jiffies) : 0);
1da177e4
LT		 2953 return 0;
2954}
2955
56b3d975 2956static const struct seq_operations igmp6_mc_seq_ops = {
1da177e4
LT		 2957 .start = igmp6_mc_seq_start,
2958 .next = igmp6_mc_seq_next,
2959 .stop = igmp6_mc_seq_stop,
2960 .show = igmp6_mc_seq_show,
2961};
2962
1da177e4 2963struct igmp6_mcf_iter_state {
b8ad0cbc 2964 struct seq_net_private p;
1da177e4
LT		 2965 struct net_device *dev;
2966 struct inet6_dev *idev;
2967 struct ifmcaddr6 *im;
2968};
2969
2970#define igmp6_mcf_seq_private(seq) ((struct igmp6_mcf_iter_state *)(seq)->private)
2971
2972static inline struct ip6_sf_list *igmp6_mcf_get_first(struct seq_file *seq)
2973{
2974 struct ip6_sf_list *psf = NULL;
2975 struct ifmcaddr6 *im = NULL;
2976 struct igmp6_mcf_iter_state *state = igmp6_mcf_seq_private(seq);
1218854a 2977 struct net *net = seq_file_net(seq);
1da177e4 2978
7562f876
PE		 2979 state->idev = NULL;
2980 state->im = NULL;
ce81b76a 2981 for_each_netdev_rcu(net, state->dev) {
1da177e4 2982 struct inet6_dev *idev;
ce81b76a 2983 idev = __in6_dev_get(state->dev);
1da177e4
LT		 2984 if (unlikely(idev == NULL))
2985 continue;
88e2ca30
TY		 2986
2987 im = rcu_dereference(idev->mc_list);
53b24b8f 2988 if (likely(im)) {
4b200e39 2989 psf = rcu_dereference(im->mca_sources);
53b24b8f 2990 if (likely(psf)) {
1da177e4
LT		 2991 state->im = im;
2992 state->idev = idev;
2993 break;
2994 }
1da177e4 2995 }
1da177e4
LT		 2996 }
2997 return psf;
2998}
2999
3000static struct ip6_sf_list *igmp6_mcf_get_next(struct seq_file *seq, struct ip6_sf_list *psf)
3001{
3002 struct igmp6_mcf_iter_state *state = igmp6_mcf_seq_private(seq);
3003
4b200e39 3004 psf = rcu_dereference(psf->sf_next);
1da177e4 3005 while (!psf) {
88e2ca30 3006 state->im = rcu_dereference(state->im->next);
1da177e4 3007 while (!state->im) {
ce81b76a 3008 state->dev = next_net_device_rcu(state->dev);
1da177e4
LT		 3009 if (!state->dev) {
3010 state->idev = NULL;
3011 goto out;
3012 }
ce81b76a 3013 state->idev = __in6_dev_get(state->dev);
1da177e4
LT		 3014 if (!state->idev)
3015 continue;
88e2ca30 3016 state->im = rcu_dereference(state->idev->mc_list);
1da177e4
LT		 3017 }
3018 if (!state->im)
3019 break;
4b200e39 3020 psf = rcu_dereference(state->im->mca_sources);
1da177e4
LT		 3021 }
3022out:
3023 return psf;
3024}
3025
3026static struct ip6_sf_list *igmp6_mcf_get_idx(struct seq_file *seq, loff_t pos)
3027{
3028 struct ip6_sf_list *psf = igmp6_mcf_get_first(seq);
3029 if (psf)
3030 while (pos && (psf = igmp6_mcf_get_next(seq, psf)) != NULL)
3031 --pos;
3032 return pos ? NULL : psf;
3033}
3034
3035static void *igmp6_mcf_seq_start(struct seq_file *seq, loff_t *pos)
ce81b76a 3036 __acquires(RCU)
1da177e4 3037{
ce81b76a 3038 rcu_read_lock();
1da177e4
LT		 3039 return *pos ? igmp6_mcf_get_idx(seq, *pos - 1) : SEQ_START_TOKEN;
3040}
3041
3042static void *igmp6_mcf_seq_next(struct seq_file *seq, void *v, loff_t *pos)
3043{
3044 struct ip6_sf_list *psf;
3045 if (v == SEQ_START_TOKEN)
3046 psf = igmp6_mcf_get_first(seq);
3047 else
3048 psf = igmp6_mcf_get_next(seq, v);
3049 ++*pos;
3050 return psf;
3051}
3052
3053static void igmp6_mcf_seq_stop(struct seq_file *seq, void *v)
ce81b76a 3054 __releases(RCU)
1da177e4
LT		 3055{
3056 struct igmp6_mcf_iter_state *state = igmp6_mcf_seq_private(seq);
88e2ca30 3057
f185de28 3058 if (likely(state->im))
1da177e4 3059 state->im = NULL;
88e2ca30 3060 if (likely(state->idev))
1da177e4 3061 state->idev = NULL;
88e2ca30 3062
1da177e4 3063 state->dev = NULL;
ce81b76a 3064 rcu_read_unlock();
1da177e4
LT		 3065}
3066
3067static int igmp6_mcf_seq_show(struct seq_file *seq, void *v)
3068{
3069 struct ip6_sf_list *psf = (struct ip6_sf_list *)v;
3070 struct igmp6_mcf_iter_state *state = igmp6_mcf_seq_private(seq);
3071
3072 if (v == SEQ_START_TOKEN) {
1744bea1 3073 seq_puts(seq, "Idx Device Multicast Address Source Address INC EXC\n");
1da177e4
LT		 3074 } else {
3075 seq_printf(seq,
4b7a4274 3076 "%3d %6.6s %pi6 %pi6 %6lu %6lu\n",
1da177e4 3077 state->dev->ifindex, state->dev->name,
b071195d
HH		 3078 &state->im->mca_addr,
3079 &psf->sf_addr,
1da177e4
LT		 3080 psf->sf_count[MCAST_INCLUDE],
3081 psf->sf_count[MCAST_EXCLUDE]);
3082 }
3083 return 0;
3084}
3085
56b3d975 3086static const struct seq_operations igmp6_mcf_seq_ops = {
1da177e4
LT		 3087 .start = igmp6_mcf_seq_start,
3088 .next = igmp6_mcf_seq_next,
3089 .stop = igmp6_mcf_seq_stop,
3090 .show = igmp6_mcf_seq_show,
3091};
3092
2c8c1e72 3093static int __net_init igmp6_proc_init(struct net *net)
ea82edf7
DL		 3094{
3095 int err;
3096
3097 err = -ENOMEM;
c3506372
CH		 3098 if (!proc_create_net("igmp6", 0444, net->proc_net, &igmp6_mc_seq_ops,
3099 sizeof(struct igmp6_mc_iter_state)))
ea82edf7 3100 goto out;
c3506372
CH		 3101 if (!proc_create_net("mcfilter6", 0444, net->proc_net,
3102 &igmp6_mcf_seq_ops,
3103 sizeof(struct igmp6_mcf_iter_state)))
ea82edf7
DL		 3104 goto out_proc_net_igmp6;
3105
3106 err = 0;
3107out:
3108 return err;
3109
3110out_proc_net_igmp6:
ece31ffd 3111 remove_proc_entry("igmp6", net->proc_net);
ea82edf7
DL		 3112 goto out;
3113}
3114
2c8c1e72 3115static void __net_exit igmp6_proc_exit(struct net *net)
ea82edf7 3116{
ece31ffd
G		 3117 remove_proc_entry("mcfilter6", net->proc_net);
3118 remove_proc_entry("igmp6", net->proc_net);
ea82edf7
DL		 3119}
3120#else
2c8c1e72 3121static inline int igmp6_proc_init(struct net *net)
ea82edf7
DL		 3122{
3123 return 0;
3124}
2c8c1e72 3125static inline void igmp6_proc_exit(struct net *net)
ea82edf7 3126{
ea82edf7 3127}
1da177e4
LT		 3128#endif
3129
2c8c1e72 3130static int __net_init igmp6_net_init(struct net *net)
1da177e4 3131{
1da177e4
LT		 3132 int err;
3133
1ed8516f
DL		 3134 err = inet_ctl_sock_create(&net->ipv6.igmp_sk, PF_INET6,
3135 SOCK_RAW, IPPROTO_ICMPV6, net);
1da177e4 3136 if (err < 0) {
f3213831 3137 pr_err("Failed to initialize the IGMP6 control socket (err %d)\n",
1da177e4 3138 err);
b8ad0cbc 3139 goto out;
1da177e4
LT		 3140 }
3141
1ed8516f 3142 inet6_sk(net->ipv6.igmp_sk)->hop_limit = 1;
f185de28 3143 net->ipv6.igmp_sk->sk_allocation = GFP_KERNEL;
1da177e4 3144
93a714d6
MC		 3145 err = inet_ctl_sock_create(&net->ipv6.mc_autojoin_sk, PF_INET6,
3146 SOCK_RAW, IPPROTO_ICMPV6, net);
3147 if (err < 0) {
3148 pr_err("Failed to initialize the IGMP6 autojoin socket (err %d)\n",
3149 err);
3150 goto out_sock_create;
3151 }
3152
ea82edf7
DL		 3153 err = igmp6_proc_init(net);
3154 if (err)
93a714d6
MC		 3155 goto out_sock_create_autojoin;
3156
3157 return 0;
b8ad0cbc 3158
93a714d6
MC		 3159out_sock_create_autojoin:
3160 inet_ctl_sock_destroy(net->ipv6.mc_autojoin_sk);
b8ad0cbc 3161out_sock_create:
1ed8516f 3162 inet_ctl_sock_destroy(net->ipv6.igmp_sk);
93a714d6
MC		 3163out:
3164 return err;
1da177e4
LT		 3165}
3166
2c8c1e72 3167static void __net_exit igmp6_net_exit(struct net *net)
1da177e4 3168{
1ed8516f 3169 inet_ctl_sock_destroy(net->ipv6.igmp_sk);
93a714d6 3170 inet_ctl_sock_destroy(net->ipv6.mc_autojoin_sk);
ea82edf7 3171 igmp6_proc_exit(net);
1da177e4 3172}
b8ad0cbc
DL		 3173
3174static struct pernet_operations igmp6_net_ops = {
3175 .init = igmp6_net_init,
3176 .exit = igmp6_net_exit,
3177};
3178
3179int __init igmp6_init(void)
3180{
2d9a93b4
TY		 3181 int err;
3182
3183 err = register_pernet_subsys(&igmp6_net_ops);
3184 if (err)
3185 return err;
3186
3187 mld_wq = create_workqueue("mld");
3188 if (!mld_wq) {
3189 unregister_pernet_subsys(&igmp6_net_ops);
3190 return -ENOMEM;
3191 }
3192
3193 return err;
b8ad0cbc
DL		 3194}
3195
382ed724
VY		 3196int __init igmp6_late_init(void)
3197{
3198 return register_netdevice_notifier(&igmp6_netdev_notifier);
3199}
3200
b8ad0cbc
DL		 3201void igmp6_cleanup(void)
3202{
3203 unregister_pernet_subsys(&igmp6_net_ops);
2d9a93b4 3204 destroy_workqueue(mld_wq);
b8ad0cbc 3205}
382ed724
VY		 3206
3207void igmp6_late_cleanup(void)
3208{
3209 unregister_netdevice_notifier(&igmp6_netdev_notifier);
3210}
Linux 6.x block layer and io_uring tree(s)