int ipv6_sock_ac_join(struct sock *sk, int ifindex, const struct in6_addr *addr)
{
struct ipv6_pinfo *np = inet6_sk(sk);
struct net_device *dev = NULL;
struct inet6_dev *idev;
struct ipv6_ac_socklist *pac;
struct net *net = sock_net(sk);
int ishost = !net->ipv6.devconf_all->forwarding;
int err = 0;
if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
return -EPERM;
if (ipv6_addr_is_multicast(addr))
return -EINVAL;
if (ipv6_chk_addr(net, addr, NULL, 0))
return -EINVAL;
pac = sock_kmalloc(sk, sizeof(struct ipv6_ac_socklist), GFP_KERNEL);
if (pac == NULL)
return -ENOMEM;
pac->acl_next = NULL;
pac->acl_addr = *addr;
rtnl_lock();
rcu_read_lock();
if (ifindex == 0) {
struct rt6_info *rt;
rt = rt6_lookup(net, addr, NULL, 0, 0);
if (rt) {
dev = rt->dst.dev;
ip6_rt_put(rt);
} else if (ishost) {
err = -EADDRNOTAVAIL;
goto error;
} else {
/* router, no matching interface: just pick one */
dev = dev_get_by_flags_rcu(net, IFF_UP,
IFF_UP | IFF_LOOPBACK);
}
} else
dev = dev_get_by_index_rcu(net, ifindex);
if (dev == NULL) {
err = -ENODEV;
goto error;
}
idev = __in6_dev_get(dev);
if (!idev) {
if (ifindex)
err = -ENODEV;
else
err = -EADDRNOTAVAIL;
goto error;
}
/* reset ishost, now that we have a specific device */
ishost = !idev->cnf.forwarding;
pac->acl_ifindex = dev->ifindex;
/* XXX
* For hosts, allow link-local or matching prefix anycasts.
* This obviates the need for propagating anycast routes while
* still allowing some non-router anycast participation.
*/
if (!ipv6_chk_prefix(addr, dev)) {
if (ishost)
err = -EADDRNOTAVAIL;
if (err)
goto error;
}
err = ipv6_dev_ac_inc(dev, addr);
if (!err) {
spin_lock_bh(&ipv6_sk_ac_lock);
pac->acl_next = np->ipv6_ac_list;
np->ipv6_ac_list = pac;
spin_unlock_bh(&ipv6_sk_ac_lock);
pac = NULL;
}
error:
rcu_read_unlock();
rtnl_unlock();
if (pac)
sock_kfree_s(sk, pac, sizeof(*pac));
return err;
}
void addrconf_prefix_rcv(struct device *dev, u8 *opt, int len)
{
struct prefix_info *pinfo;
struct rt6_info *rt;
__u32 valid_lft;
__u32 prefered_lft;
int addr_type;
unsigned long rt_expires;
struct inet6_dev *in6_dev = ipv6_get_idev(dev);
if (in6_dev == NULL) {
printk(KERN_DEBUG "addrconf: device %s not configured\n", dev->name);
return;
}
pinfo = (struct prefix_info *) opt;
if (len < sizeof(struct prefix_info)) {
ADBG(("addrconf: prefix option too short\n"));
return;
}
/*
* Validation checks ([ADDRCONF], page 19)
*/
addr_type = ipv6_addr_type(&pinfo->prefix);
if (addr_type & (IPV6_ADDR_MULTICAST|IPV6_ADDR_LINKLOCAL))
return;
valid_lft = ntohl(pinfo->valid);
prefered_lft = ntohl(pinfo->prefered);
if (prefered_lft > valid_lft) {
printk(KERN_WARNING "addrconf: prefix option has invalid lifetime\n");
return;
}
/*
* Two things going on here:
* 1) Add routes for on-link prefixes
* 2) Configure prefixes with the auto flag set
*/
/* Avoid arithemtic overflow. Really, we could
save rt_expires in seconds, likely valid_lft,
but it would require division in fib gc, that it
not good.
*/
if (valid_lft >= 0x7FFFFFFF/HZ)
rt_expires = 0;
else
rt_expires = jiffies + valid_lft * HZ;
rt = rt6_lookup(&pinfo->prefix, NULL, dev->ifindex, 1);
if (rt && ((rt->rt6i_flags & (RTF_GATEWAY | RTF_DEFAULT)) == 0)) {
if (rt->rt6i_flags&RTF_EXPIRES) {
if (pinfo->onlink == 0 || valid_lft == 0) {
ip6_del_rt(rt);
} else {
rt->rt6i_expires = rt_expires;
}
}
} else if (pinfo->onlink && valid_lft) {
addrconf_prefix_route(&pinfo->prefix, pinfo->prefix_len,
dev, rt_expires, RTF_ADDRCONF|RTF_EXPIRES);
}
if (rt)
dst_release(&rt->u.dst);
/* Try to figure out our local address for this prefix */
if (pinfo->autoconf && in6_dev->cnf.autoconf) {
struct inet6_ifaddr * ifp;
struct in6_addr addr;
int plen;
plen = pinfo->prefix_len >> 3;
#ifdef CONFIG_IPV6_EUI64
if (pinfo->prefix_len == 64) {
memcpy(&addr, &pinfo->prefix, 8);
if (ipv6_generate_eui64(addr.s6_addr + 8, dev) &&
ipv6_inherit_eui64(addr.s6_addr + 8, in6_dev))
return;
goto ok;
}
#endif
#ifndef CONFIG_IPV6_NO_PB
if (pinfo->prefix_len == ((sizeof(struct in6_addr) - dev->addr_len)<<3)) {
memcpy(&addr, &pinfo->prefix, plen);
memcpy(addr.s6_addr + plen, dev->dev_addr,
dev->addr_len);
goto ok;
}
#endif
printk(KERN_DEBUG "IPv6 addrconf: prefix with wrong length %d\n", pinfo->prefix_len);
return;
ok:
ifp = ipv6_chk_addr(&addr, dev, 1);
if ((ifp == NULL || (ifp->flags&ADDR_INVALID)) && valid_lft) {
if (ifp == NULL)
ifp = ipv6_add_addr(in6_dev, &addr, addr_type & IPV6_ADDR_SCOPE_MASK);
if (ifp == NULL)
return;
ifp->prefix_len = pinfo->prefix_len;
addrconf_dad_start(ifp);
}
if (ifp && valid_lft == 0) {
ipv6_del_addr(ifp);
ifp = NULL;
}
if (ifp) {
int event = 0;
ifp->valid_lft = valid_lft;
ifp->prefered_lft = prefered_lft;
ifp->tstamp = jiffies;
if (ifp->flags & ADDR_INVALID)
event = RTM_NEWADDR;
ifp->flags &= ~(ADDR_DEPRECATED|ADDR_INVALID);
ipv6_ifa_notify(event, ifp);
}
}
}
int ipv6_sock_ac_join(struct sock *sk, int ifindex, struct in6_addr *addr)
{
struct ipv6_pinfo *np = inet6_sk(sk);
struct net_device *dev = NULL;
struct inet6_dev *idev;
struct ipv6_ac_socklist *pac;
int ishost = !ipv6_devconf.forwarding;
int err = 0;
if (!capable(CAP_NET_ADMIN))
return -EPERM;
if (ipv6_addr_is_multicast(addr))
return -EINVAL;
if (ipv6_chk_addr(addr, NULL, 0))
return -EINVAL;
pac = sock_kmalloc(sk, sizeof(struct ipv6_ac_socklist), GFP_KERNEL);
if (pac == NULL)
return -ENOMEM;
pac->acl_next = NULL;
ipv6_addr_copy(&pac->acl_addr, addr);
if (ifindex == 0) {
struct rt6_info *rt;
rt = rt6_lookup(addr, NULL, 0, 0);
if (rt) {
dev = rt->rt6i_dev;
dev_hold(dev);
dst_release(&rt->u.dst);
} else if (ishost) {
err = -EADDRNOTAVAIL;
goto out_free_pac;
} else {
/* router, no matching interface: just pick one */
dev = dev_get_by_flags(IFF_UP, IFF_UP|IFF_LOOPBACK);
}
} else
dev = dev_get_by_index(ifindex);
if (dev == NULL) {
err = -ENODEV;
goto out_free_pac;
}
idev = in6_dev_get(dev);
if (!idev) {
if (ifindex)
err = -ENODEV;
else
err = -EADDRNOTAVAIL;
goto out_dev_put;
}
/* reset ishost, now that we have a specific device */
ishost = !idev->cnf.forwarding;
in6_dev_put(idev);
pac->acl_ifindex = dev->ifindex;
/* XXX
* For hosts, allow link-local or matching prefix anycasts.
* This obviates the need for propagating anycast routes while
* still allowing some non-router anycast participation.
*/
if (!ip6_onlink(addr, dev)) {
if (ishost)
err = -EADDRNOTAVAIL;
if (err)
goto out_dev_put;
}
err = ipv6_dev_ac_inc(dev, addr);
if (err)
goto out_dev_put;
write_lock_bh(&ipv6_sk_ac_lock);
pac->acl_next = np->ipv6_ac_list;
np->ipv6_ac_list = pac;
write_unlock_bh(&ipv6_sk_ac_lock);
dev_put(dev);
return 0;
out_dev_put:
dev_put(dev);
out_free_pac:
sock_kfree_s(sk, pac, sizeof(*pac));
return err;
}
