| 1 | // SPDX-License-Identifier: GPL-2.0-or-later |
|---|---|
| 2 | /* |
| 3 | * IPv6 input |
| 4 | * Linux INET6 implementation |
| 5 | * |
| 6 | * Authors: |
| 7 | * Pedro Roque <roque@di.fc.ul.pt> |
| 8 | * Ian P. Morris <I.P.Morris@soton.ac.uk> |
| 9 | * |
| 10 | * Based in linux/net/ipv4/ip_input.c |
| 11 | */ |
| 12 | /* Changes |
| 13 | * |
| 14 | * Mitsuru KANDA @USAGI and |
| 15 | * YOSHIFUJI Hideaki @USAGI: Remove ipv6_parse_exthdrs(). |
| 16 | */ |
| 17 | |
| 18 | #include <linux/errno.h> |
| 19 | #include <linux/types.h> |
| 20 | #include <linux/socket.h> |
| 21 | #include <linux/sockios.h> |
| 22 | #include <linux/net.h> |
| 23 | #include <linux/netdevice.h> |
| 24 | #include <linux/in6.h> |
| 25 | #include <linux/icmpv6.h> |
| 26 | #include <linux/mroute6.h> |
| 27 | #include <linux/slab.h> |
| 28 | #include <linux/indirect_call_wrapper.h> |
| 29 | |
| 30 | #include <linux/netfilter.h> |
| 31 | #include <linux/netfilter_ipv6.h> |
| 32 | |
| 33 | #include <net/sock.h> |
| 34 | #include <net/snmp.h> |
| 35 | #include <net/udp.h> |
| 36 | |
| 37 | #include <net/ipv6.h> |
| 38 | #include <net/protocol.h> |
| 39 | #include <net/transp_v6.h> |
| 40 | #include <net/rawv6.h> |
| 41 | #include <net/ndisc.h> |
| 42 | #include <net/ip6_route.h> |
| 43 | #include <net/addrconf.h> |
| 44 | #include <net/xfrm.h> |
| 45 | #include <net/inet_ecn.h> |
| 46 | #include <net/dst_metadata.h> |
| 47 | |
| 48 | static void ip6_rcv_finish_core(struct net *net, struct sock *sk, |
| 49 | struct sk_buff *skb) |
| 50 | { |
| 51 | if (READ_ONCE(net->ipv4.sysctl_ip_early_demux) && |
| 52 | !skb_dst(skb) && !skb->sk) { |
| 53 | switch (ipv6_hdr(skb)->nexthdr) { |
| 54 | case IPPROTO_TCP: |
| 55 | if (READ_ONCE(net->ipv4.sysctl_tcp_early_demux)) |
| 56 | tcp_v6_early_demux(skb); |
| 57 | break; |
| 58 | case IPPROTO_UDP: |
| 59 | if (READ_ONCE(net->ipv4.sysctl_udp_early_demux)) |
| 60 | udp_v6_early_demux(skb); |
| 61 | break; |
| 62 | } |
| 63 | } |
| 64 | |
| 65 | if (!skb_valid_dst(skb)) |
| 66 | ip6_route_input(skb); |
| 67 | } |
| 68 | |
| 69 | int ip6_rcv_finish(struct net *net, struct sock *sk, struct sk_buff *skb) |
| 70 | { |
| 71 | /* if ingress device is enslaved to an L3 master device pass the |
| 72 | * skb to its handler for processing |
| 73 | */ |
| 74 | skb = l3mdev_ip6_rcv(skb); |
| 75 | if (!skb) |
| 76 | return NET_RX_SUCCESS; |
| 77 | ip6_rcv_finish_core(net, sk, skb); |
| 78 | |
| 79 | return dst_input(skb); |
| 80 | } |
| 81 | |
| 82 | static void ip6_sublist_rcv_finish(struct list_head *head) |
| 83 | { |
| 84 | struct sk_buff *skb, *next; |
| 85 | |
| 86 | list_for_each_entry_safe(skb, next, head, list) { |
| 87 | skb_list_del_init(skb); |
| 88 | dst_input(skb); |
| 89 | } |
| 90 | } |
| 91 | |
| 92 | static bool ip6_can_use_hint(const struct sk_buff *skb, |
| 93 | const struct sk_buff *hint) |
| 94 | { |
| 95 | return hint && !skb_dst(skb) && |
| 96 | ipv6_addr_equal(a1: &ipv6_hdr(skb: hint)->daddr, a2: &ipv6_hdr(skb)->daddr); |
| 97 | } |
| 98 | |
| 99 | static struct sk_buff *ip6_extract_route_hint(const struct net *net, |
| 100 | struct sk_buff *skb) |
| 101 | { |
| 102 | if (fib6_routes_require_src(net) || fib6_has_custom_rules(net) || |
| 103 | IP6CB(skb)->flags & IP6SKB_MULTIPATH) |
| 104 | return NULL; |
| 105 | |
| 106 | return skb; |
| 107 | } |
| 108 | |
| 109 | static void ip6_list_rcv_finish(struct net *net, struct sock *sk, |
| 110 | struct list_head *head) |
| 111 | { |
| 112 | struct sk_buff *skb, *next, *hint = NULL; |
| 113 | struct dst_entry *curr_dst = NULL; |
| 114 | LIST_HEAD(sublist); |
| 115 | |
| 116 | list_for_each_entry_safe(skb, next, head, list) { |
| 117 | struct dst_entry *dst; |
| 118 | |
| 119 | skb_list_del_init(skb); |
| 120 | /* if ingress device is enslaved to an L3 master device pass the |
| 121 | * skb to its handler for processing |
| 122 | */ |
| 123 | skb = l3mdev_ip6_rcv(skb); |
| 124 | if (!skb) |
| 125 | continue; |
| 126 | |
| 127 | if (ip6_can_use_hint(skb, hint)) |
| 128 | skb_dst_copy(nskb: skb, oskb: hint); |
| 129 | else |
| 130 | ip6_rcv_finish_core(net, sk, skb); |
| 131 | dst = skb_dst(skb); |
| 132 | if (curr_dst != dst) { |
| 133 | hint = ip6_extract_route_hint(net, skb); |
| 134 | |
| 135 | /* dispatch old sublist */ |
| 136 | if (!list_empty(head: &sublist)) |
| 137 | ip6_sublist_rcv_finish(head: &sublist); |
| 138 | /* start new sublist */ |
| 139 | INIT_LIST_HEAD(list: &sublist); |
| 140 | curr_dst = dst; |
| 141 | } |
| 142 | list_add_tail(new: &skb->list, head: &sublist); |
| 143 | } |
| 144 | /* dispatch final sublist */ |
| 145 | ip6_sublist_rcv_finish(head: &sublist); |
| 146 | } |
| 147 | |
| 148 | static struct sk_buff *ip6_rcv_core(struct sk_buff *skb, struct net_device *dev, |
| 149 | struct net *net) |
| 150 | { |
| 151 | enum skb_drop_reason reason; |
| 152 | const struct ipv6hdr *hdr; |
| 153 | u32 pkt_len; |
| 154 | struct inet6_dev *idev; |
| 155 | |
| 156 | if (skb->pkt_type == PACKET_OTHERHOST) { |
| 157 | dev_core_stats_rx_otherhost_dropped_inc(dev: skb->dev); |
| 158 | kfree_skb_reason(skb, reason: SKB_DROP_REASON_OTHERHOST); |
| 159 | return NULL; |
| 160 | } |
| 161 | |
| 162 | rcu_read_lock(); |
| 163 | |
| 164 | idev = __in6_dev_get(dev: skb->dev); |
| 165 | |
| 166 | __IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_IN, skb->len); |
| 167 | |
| 168 | SKB_DR_SET(reason, NOT_SPECIFIED); |
| 169 | if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL || |
| 170 | !idev || unlikely(READ_ONCE(idev->cnf.disable_ipv6))) { |
| 171 | __IP6_INC_STATS(net, idev, IPSTATS_MIB_INDISCARDS); |
| 172 | if (idev && unlikely(READ_ONCE(idev->cnf.disable_ipv6))) |
| 173 | SKB_DR_SET(reason, IPV6DISABLED); |
| 174 | goto drop; |
| 175 | } |
| 176 | |
| 177 | memset(IP6CB(skb), c: 0, n: sizeof(struct inet6_skb_parm)); |
| 178 | |
| 179 | /* |
| 180 | * Store incoming device index. When the packet will |
| 181 | * be queued, we cannot refer to skb->dev anymore. |
| 182 | * |
| 183 | * BTW, when we send a packet for our own local address on a |
| 184 | * non-loopback interface (e.g. ethX), it is being delivered |
| 185 | * via the loopback interface (lo) here; skb->dev = loopback_dev. |
| 186 | * It, however, should be considered as if it is being |
| 187 | * arrived via the sending interface (ethX), because of the |
| 188 | * nature of scoping architecture. --yoshfuji |
| 189 | */ |
| 190 | IP6CB(skb)->iif = skb_valid_dst(skb) ? |
| 191 | ip6_dst_idev(dst: skb_dst(skb))->dev->ifindex : |
| 192 | dev->ifindex; |
| 193 | |
| 194 | if (unlikely(!pskb_may_pull(skb, sizeof(*hdr)))) |
| 195 | goto err; |
| 196 | |
| 197 | hdr = ipv6_hdr(skb); |
| 198 | |
| 199 | if (hdr->version != 6) { |
| 200 | SKB_DR_SET(reason, UNHANDLED_PROTO); |
| 201 | goto err; |
| 202 | } |
| 203 | |
| 204 | __IP6_ADD_STATS(net, idev, |
| 205 | IPSTATS_MIB_NOECTPKTS + |
| 206 | (ipv6_get_dsfield(hdr) & INET_ECN_MASK), |
| 207 | max_t(unsigned short, 1, skb_shinfo(skb)->gso_segs)); |
| 208 | /* |
| 209 | * RFC4291 2.5.3 |
| 210 | * The loopback address must not be used as the source address in IPv6 |
| 211 | * packets that are sent outside of a single node. [..] |
| 212 | * A packet received on an interface with a destination address |
| 213 | * of loopback must be dropped. |
| 214 | */ |
| 215 | if ((ipv6_addr_loopback(a: &hdr->saddr) || |
| 216 | ipv6_addr_loopback(a: &hdr->daddr)) && |
| 217 | !(dev->flags & IFF_LOOPBACK) && |
| 218 | !netif_is_l3_master(dev)) |
| 219 | goto err; |
| 220 | |
| 221 | /* RFC4291 Errata ID: 3480 |
| 222 | * Interface-Local scope spans only a single interface on a |
| 223 | * node and is useful only for loopback transmission of |
| 224 | * multicast. Packets with interface-local scope received |
| 225 | * from another node must be discarded. |
| 226 | */ |
| 227 | if (!(skb->pkt_type == PACKET_LOOPBACK || |
| 228 | dev->flags & IFF_LOOPBACK) && |
| 229 | ipv6_addr_is_multicast(addr: &hdr->daddr) && |
| 230 | IPV6_ADDR_MC_SCOPE(&hdr->daddr) == 1) |
| 231 | goto err; |
| 232 | |
| 233 | /* If enabled, drop unicast packets that were encapsulated in link-layer |
| 234 | * multicast or broadcast to protected against the so-called "hole-196" |
| 235 | * attack in 802.11 wireless. |
| 236 | */ |
| 237 | if (!ipv6_addr_is_multicast(addr: &hdr->daddr) && |
| 238 | (skb->pkt_type == PACKET_BROADCAST || |
| 239 | skb->pkt_type == PACKET_MULTICAST) && |
| 240 | READ_ONCE(idev->cnf.drop_unicast_in_l2_multicast)) { |
| 241 | SKB_DR_SET(reason, UNICAST_IN_L2_MULTICAST); |
| 242 | goto err; |
| 243 | } |
| 244 | |
| 245 | /* RFC4291 2.7 |
| 246 | * Nodes must not originate a packet to a multicast address whose scope |
| 247 | * field contains the reserved value 0; if such a packet is received, it |
| 248 | * must be silently dropped. |
| 249 | */ |
| 250 | if (ipv6_addr_is_multicast(addr: &hdr->daddr) && |
| 251 | IPV6_ADDR_MC_SCOPE(&hdr->daddr) == 0) |
| 252 | goto err; |
| 253 | |
| 254 | /* |
| 255 | * RFC4291 2.7 |
| 256 | * Multicast addresses must not be used as source addresses in IPv6 |
| 257 | * packets or appear in any Routing header. |
| 258 | */ |
| 259 | if (ipv6_addr_is_multicast(addr: &hdr->saddr)) |
| 260 | goto err; |
| 261 | |
| 262 | skb->transport_header = skb->network_header + sizeof(*hdr); |
| 263 | IP6CB(skb)->nhoff = offsetof(struct ipv6hdr, nexthdr); |
| 264 | |
| 265 | pkt_len = ntohs(hdr->payload_len); |
| 266 | |
| 267 | /* pkt_len may be zero if Jumbo payload option is present */ |
| 268 | if (pkt_len || hdr->nexthdr != NEXTHDR_HOP) { |
| 269 | if (pkt_len + sizeof(struct ipv6hdr) > skb->len) { |
| 270 | __IP6_INC_STATS(net, |
| 271 | idev, IPSTATS_MIB_INTRUNCATEDPKTS); |
| 272 | SKB_DR_SET(reason, PKT_TOO_SMALL); |
| 273 | goto drop; |
| 274 | } |
| 275 | if (pskb_trim_rcsum(skb, len: pkt_len + sizeof(struct ipv6hdr))) |
| 276 | goto err; |
| 277 | hdr = ipv6_hdr(skb); |
| 278 | } |
| 279 | |
| 280 | if (hdr->nexthdr == NEXTHDR_HOP) { |
| 281 | if (ipv6_parse_hopopts(skb) < 0) { |
| 282 | __IP6_INC_STATS(net, idev, IPSTATS_MIB_INHDRERRORS); |
| 283 | rcu_read_unlock(); |
| 284 | return NULL; |
| 285 | } |
| 286 | } |
| 287 | |
| 288 | rcu_read_unlock(); |
| 289 | |
| 290 | /* Must drop socket now because of tproxy. */ |
| 291 | if (!skb_sk_is_prefetched(skb)) |
| 292 | skb_orphan(skb); |
| 293 | |
| 294 | return skb; |
| 295 | err: |
| 296 | __IP6_INC_STATS(net, idev, IPSTATS_MIB_INHDRERRORS); |
| 297 | SKB_DR_OR(reason, IP_INHDR); |
| 298 | drop: |
| 299 | rcu_read_unlock(); |
| 300 | kfree_skb_reason(skb, reason); |
| 301 | return NULL; |
| 302 | } |
| 303 | |
| 304 | int ipv6_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev) |
| 305 | { |
| 306 | struct net *net = dev_net(dev: skb->dev); |
| 307 | |
| 308 | skb = ip6_rcv_core(skb, dev, net); |
| 309 | if (skb == NULL) |
| 310 | return NET_RX_DROP; |
| 311 | return NF_HOOK(pf: NFPROTO_IPV6, hook: NF_INET_PRE_ROUTING, |
| 312 | net, NULL, skb, in: dev, NULL, |
| 313 | okfn: ip6_rcv_finish); |
| 314 | } |
| 315 | |
| 316 | static void ip6_sublist_rcv(struct list_head *head, struct net_device *dev, |
| 317 | struct net *net) |
| 318 | { |
| 319 | NF_HOOK_LIST(pf: NFPROTO_IPV6, hook: NF_INET_PRE_ROUTING, net, NULL, |
| 320 | head, in: dev, NULL, okfn: ip6_rcv_finish); |
| 321 | ip6_list_rcv_finish(net, NULL, head); |
| 322 | } |
| 323 | |
| 324 | /* Receive a list of IPv6 packets */ |
| 325 | void ipv6_list_rcv(struct list_head *head, struct packet_type *pt, |
| 326 | struct net_device *orig_dev) |
| 327 | { |
| 328 | struct net_device *curr_dev = NULL; |
| 329 | struct net *curr_net = NULL; |
| 330 | struct sk_buff *skb, *next; |
| 331 | LIST_HEAD(sublist); |
| 332 | |
| 333 | list_for_each_entry_safe(skb, next, head, list) { |
| 334 | struct net_device *dev = skb->dev; |
| 335 | struct net *net = dev_net(dev); |
| 336 | |
| 337 | skb_list_del_init(skb); |
| 338 | skb = ip6_rcv_core(skb, dev, net); |
| 339 | if (skb == NULL) |
| 340 | continue; |
| 341 | |
| 342 | if (curr_dev != dev || curr_net != net) { |
| 343 | /* dispatch old sublist */ |
| 344 | if (!list_empty(head: &sublist)) |
| 345 | ip6_sublist_rcv(head: &sublist, dev: curr_dev, net: curr_net); |
| 346 | /* start new sublist */ |
| 347 | INIT_LIST_HEAD(list: &sublist); |
| 348 | curr_dev = dev; |
| 349 | curr_net = net; |
| 350 | } |
| 351 | list_add_tail(new: &skb->list, head: &sublist); |
| 352 | } |
| 353 | /* dispatch final sublist */ |
| 354 | if (!list_empty(head: &sublist)) |
| 355 | ip6_sublist_rcv(head: &sublist, dev: curr_dev, net: curr_net); |
| 356 | } |
| 357 | |
| 358 | INDIRECT_CALLABLE_DECLARE(int tcp_v6_rcv(struct sk_buff *)); |
| 359 | |
| 360 | /* |
| 361 | * Deliver the packet to the host |
| 362 | */ |
| 363 | void ip6_protocol_deliver_rcu(struct net *net, struct sk_buff *skb, int nexthdr, |
| 364 | bool have_final) |
| 365 | { |
| 366 | const struct inet6_protocol *ipprot; |
| 367 | struct inet6_dev *idev; |
| 368 | unsigned int nhoff; |
| 369 | SKB_DR(reason); |
| 370 | bool raw; |
| 371 | |
| 372 | /* |
| 373 | * Parse extension headers |
| 374 | */ |
| 375 | |
| 376 | resubmit: |
| 377 | idev = ip6_dst_idev(dst: skb_dst(skb)); |
| 378 | nhoff = IP6CB(skb)->nhoff; |
| 379 | if (!have_final) { |
| 380 | if (!pskb_pull(skb, len: skb_transport_offset(skb))) |
| 381 | goto discard; |
| 382 | nexthdr = skb_network_header(skb)[nhoff]; |
| 383 | } |
| 384 | |
| 385 | resubmit_final: |
| 386 | raw = raw6_local_deliver(skb, nexthdr); |
| 387 | ipprot = rcu_dereference(inet6_protos[nexthdr]); |
| 388 | if (ipprot) { |
| 389 | int ret; |
| 390 | |
| 391 | if (have_final) { |
| 392 | if (!(ipprot->flags & INET6_PROTO_FINAL)) { |
| 393 | /* Once we've seen a final protocol don't |
| 394 | * allow encapsulation on any non-final |
| 395 | * ones. This allows foo in UDP encapsulation |
| 396 | * to work. |
| 397 | */ |
| 398 | goto discard; |
| 399 | } |
| 400 | } else if (ipprot->flags & INET6_PROTO_FINAL) { |
| 401 | const struct ipv6hdr *hdr; |
| 402 | int sdif = inet6_sdif(skb); |
| 403 | struct net_device *dev; |
| 404 | |
| 405 | /* Only do this once for first final protocol */ |
| 406 | have_final = true; |
| 407 | |
| 408 | |
| 409 | skb_postpull_rcsum(skb, start: skb_network_header(skb), |
| 410 | len: skb_network_header_len(skb)); |
| 411 | hdr = ipv6_hdr(skb); |
| 412 | |
| 413 | /* skb->dev passed may be master dev for vrfs. */ |
| 414 | if (sdif) { |
| 415 | dev = dev_get_by_index_rcu(net, ifindex: sdif); |
| 416 | if (!dev) |
| 417 | goto discard; |
| 418 | } else { |
| 419 | dev = skb->dev; |
| 420 | } |
| 421 | |
| 422 | if (ipv6_addr_is_multicast(addr: &hdr->daddr) && |
| 423 | !ipv6_chk_mcast_addr(dev, group: &hdr->daddr, |
| 424 | src_addr: &hdr->saddr) && |
| 425 | !ipv6_is_mld(skb, nexthdr, offset: skb_network_header_len(skb))) { |
| 426 | SKB_DR_SET(reason, IP_INADDRERRORS); |
| 427 | goto discard; |
| 428 | } |
| 429 | } |
| 430 | if (!(ipprot->flags & INET6_PROTO_NOPOLICY)) { |
| 431 | if (!xfrm6_policy_check(NULL, dir: XFRM_POLICY_IN, skb)) { |
| 432 | SKB_DR_SET(reason, XFRM_POLICY); |
| 433 | goto discard; |
| 434 | } |
| 435 | nf_reset_ct(skb); |
| 436 | } |
| 437 | |
| 438 | ret = INDIRECT_CALL_2(ipprot->handler, tcp_v6_rcv, udpv6_rcv, |
| 439 | skb); |
| 440 | if (ret > 0) { |
| 441 | if (ipprot->flags & INET6_PROTO_FINAL) { |
| 442 | /* Not an extension header, most likely UDP |
| 443 | * encapsulation. Use return value as nexthdr |
| 444 | * protocol not nhoff (which presumably is |
| 445 | * not set by handler). |
| 446 | */ |
| 447 | nexthdr = ret; |
| 448 | goto resubmit_final; |
| 449 | } else { |
| 450 | goto resubmit; |
| 451 | } |
| 452 | } else if (ret == 0) { |
| 453 | __IP6_INC_STATS(net, idev, IPSTATS_MIB_INDELIVERS); |
| 454 | } |
| 455 | } else { |
| 456 | if (!raw) { |
| 457 | if (xfrm6_policy_check(NULL, dir: XFRM_POLICY_IN, skb)) { |
| 458 | __IP6_INC_STATS(net, idev, |
| 459 | IPSTATS_MIB_INUNKNOWNPROTOS); |
| 460 | icmpv6_send(skb, ICMPV6_PARAMPROB, |
| 461 | ICMPV6_UNK_NEXTHDR, info: nhoff); |
| 462 | SKB_DR_SET(reason, IP_NOPROTO); |
| 463 | } else { |
| 464 | SKB_DR_SET(reason, XFRM_POLICY); |
| 465 | } |
| 466 | kfree_skb_reason(skb, reason); |
| 467 | } else { |
| 468 | __IP6_INC_STATS(net, idev, IPSTATS_MIB_INDELIVERS); |
| 469 | consume_skb(skb); |
| 470 | } |
| 471 | } |
| 472 | return; |
| 473 | |
| 474 | discard: |
| 475 | __IP6_INC_STATS(net, idev, IPSTATS_MIB_INDISCARDS); |
| 476 | kfree_skb_reason(skb, reason); |
| 477 | } |
| 478 | |
| 479 | static int ip6_input_finish(struct net *net, struct sock *sk, struct sk_buff *skb) |
| 480 | { |
| 481 | if (unlikely(skb_orphan_frags_rx(skb, GFP_ATOMIC))) { |
| 482 | __IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), |
| 483 | IPSTATS_MIB_INDISCARDS); |
| 484 | kfree_skb_reason(skb, reason: SKB_DROP_REASON_NOMEM); |
| 485 | return 0; |
| 486 | } |
| 487 | |
| 488 | skb_clear_delivery_time(skb); |
| 489 | ip6_protocol_deliver_rcu(net, skb, nexthdr: 0, have_final: false); |
| 490 | |
| 491 | return 0; |
| 492 | } |
| 493 | |
| 494 | |
| 495 | int ip6_input(struct sk_buff *skb) |
| 496 | { |
| 497 | int res; |
| 498 | |
| 499 | rcu_read_lock(); |
| 500 | res = NF_HOOK(pf: NFPROTO_IPV6, hook: NF_INET_LOCAL_IN, |
| 501 | net: dev_net_rcu(dev: skb->dev), NULL, skb, in: skb->dev, NULL, |
| 502 | okfn: ip6_input_finish); |
| 503 | rcu_read_unlock(); |
| 504 | |
| 505 | return res; |
| 506 | } |
| 507 | EXPORT_SYMBOL_GPL(ip6_input); |
| 508 | |
| 509 | int ip6_mc_input(struct sk_buff *skb) |
| 510 | { |
| 511 | struct net_device *dev = skb->dev; |
| 512 | int sdif = inet6_sdif(skb); |
| 513 | const struct ipv6hdr *hdr; |
| 514 | bool deliver; |
| 515 | |
| 516 | __IP6_UPD_PO_STATS(skb_dst_dev_net_rcu(skb), |
| 517 | __in6_dev_get_safely(dev), IPSTATS_MIB_INMCAST, |
| 518 | skb->len); |
| 519 | |
| 520 | /* skb->dev passed may be master dev for vrfs. */ |
| 521 | if (sdif) { |
| 522 | dev = dev_get_by_index_rcu(net: dev_net_rcu(dev), ifindex: sdif); |
| 523 | if (!dev) { |
| 524 | kfree_skb(skb); |
| 525 | return -ENODEV; |
| 526 | } |
| 527 | } |
| 528 | |
| 529 | hdr = ipv6_hdr(skb); |
| 530 | deliver = ipv6_chk_mcast_addr(dev, group: &hdr->daddr, NULL); |
| 531 | |
| 532 | #ifdef CONFIG_IPV6_MROUTE |
| 533 | /* |
| 534 | * IPv6 multicast router mode is now supported ;) |
| 535 | */ |
| 536 | if (atomic_read(&dev_net_rcu(skb->dev)->ipv6.devconf_all->mc_forwarding) && |
| 537 | !(ipv6_addr_type(&hdr->daddr) & |
| 538 | (IPV6_ADDR_LOOPBACK|IPV6_ADDR_LINKLOCAL)) && |
| 539 | likely(!(IP6CB(skb)->flags & IP6SKB_FORWARDED))) { |
| 540 | /* |
| 541 | * Okay, we try to forward - split and duplicate |
| 542 | * packets. |
| 543 | */ |
| 544 | struct sk_buff *skb2; |
| 545 | struct inet6_skb_parm *opt = IP6CB(skb); |
| 546 | |
| 547 | /* Check for MLD */ |
| 548 | if (unlikely(opt->flags & IP6SKB_ROUTERALERT)) { |
| 549 | /* Check if this is a mld message */ |
| 550 | u8 nexthdr = hdr->nexthdr; |
| 551 | __be16 frag_off; |
| 552 | int offset; |
| 553 | |
| 554 | /* Check if the value of Router Alert |
| 555 | * is for MLD (0x0000). |
| 556 | */ |
| 557 | if (opt->ra == htons(IPV6_OPT_ROUTERALERT_MLD)) { |
| 558 | deliver = false; |
| 559 | |
| 560 | if (!ipv6_ext_hdr(nexthdr)) { |
| 561 | /* BUG */ |
| 562 | goto out; |
| 563 | } |
| 564 | offset = ipv6_skip_exthdr(skb, sizeof(*hdr), |
| 565 | &nexthdr, &frag_off); |
| 566 | if (offset < 0) |
| 567 | goto out; |
| 568 | |
| 569 | if (ipv6_is_mld(skb, nexthdr, offset)) |
| 570 | deliver = true; |
| 571 | |
| 572 | goto out; |
| 573 | } |
| 574 | /* unknown RA - process it normally */ |
| 575 | } |
| 576 | |
| 577 | if (deliver) { |
| 578 | skb2 = skb_clone(skb, GFP_ATOMIC); |
| 579 | } else { |
| 580 | skb2 = skb; |
| 581 | skb = NULL; |
| 582 | } |
| 583 | |
| 584 | if (skb2) |
| 585 | ip6_mr_input(skb2); |
| 586 | } |
| 587 | out: |
| 588 | #endif |
| 589 | if (likely(deliver)) { |
| 590 | ip6_input(skb); |
| 591 | } else { |
| 592 | /* discard */ |
| 593 | kfree_skb(skb); |
| 594 | } |
| 595 | |
| 596 | return 0; |
| 597 | } |
| 598 |
Generated on 2025-Oct-12 from project Linux revision 6.17.0 (67029a49db6c)
Powered by 
Code Browser 2.1
Generator usage only permitted with license.