mcast_snoop.c source code [linux/net/ipv6/mcast_snoop.c]

1	// SPDX-License-Identifier: GPL-2.0-only
2	/ Copyright (C) 2010: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>*
3	* Copyright (C) 2015: Linus Lüssing <linus.luessing@c0d3.blue>
4	*
5	* Based on the MLD support added to br_multicast.c by YOSHIFUJI Hideaki.
6	*/
7
8	#include <linux/skbuff.h>
9	#include <net/ipv6.h>
10	#include <net/mld.h>
11	#include <net/addrconf.h>
12	#include <net/ip6_checksum.h>
13
14	static int ipv6_mc_check_ip6hdr(struct sk_buff *skb)
15	{
16	const struct ipv6hdr *ip6h;
17	unsigned int len;
18	unsigned int offset = skb_network_offset(skb) + sizeof(*ip6h);
19
20	if (!pskb_may_pull(skb, len: offset))
21	return -EINVAL;
22
23	ip6h = ipv6_hdr(skb);
24
25	if (ip6h->version != `6`)
26	return -EINVAL;
27
28	len = offset + ntohs(ip6h->payload_len);
29	if (skb->len < len \|\| len <= offset)
30	return -EINVAL;
31
32	skb_set_transport_header(skb, offset);
33
34	return `0`;
35	}
36
37	static int ipv6_mc_check_exthdrs(struct sk_buff *skb)
38	{
39	const struct ipv6hdr *ip6h;
40	int offset;
41	u8 nexthdr;
42	__be16 frag_off;
43
44	ip6h = ipv6_hdr(skb);
45
46	if (ip6h->nexthdr != IPPROTO_HOPOPTS)
47	return -ENOMSG;
48
49	nexthdr = ip6h->nexthdr;
50	offset = skb_network_offset(skb) + sizeof(*ip6h);
51	offset = ipv6_skip_exthdr(skb, start: offset, nexthdrp: &nexthdr, frag_offp: &frag_off);
52
53	if (offset < `0`)
54	return -EINVAL;
55
56	if (nexthdr != IPPROTO_ICMPV6)
57	return -ENOMSG;
58
59	skb_set_transport_header(skb, offset);
60
61	return `0`;
62	}
63
64	static int ipv6_mc_check_mld_reportv2(struct sk_buff *skb)
65	{
66	unsigned int len = skb_transport_offset(skb);
67
68	len += sizeof(struct mld2_report);
69
70	return ipv6_mc_may_pull(skb, len) ? `0` : -EINVAL;
71	}
72
73	static int ipv6_mc_check_mld_query(struct sk_buff *skb)
74	{
75	unsigned int transport_len = ipv6_transport_len(skb);
76	struct mld_msg *mld;
77	unsigned int len;
78
79	/ RFC2710+RFC3810 (MLDv1+MLDv2) require link-local source addresses /
80	if (!(ipv6_addr_type(addr: &ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL))
81	return -EINVAL;
82
83	/ MLDv1? /
84	if (transport_len != sizeof(struct mld_msg)) {
85	/ or MLDv2? /
86	if (transport_len < sizeof(struct mld2_query))
87	return -EINVAL;
88
89	len = skb_transport_offset(skb) + sizeof(struct mld2_query);
90	if (!ipv6_mc_may_pull(skb, len))
91	return -EINVAL;
92	}
93
94	mld = (struct mld_msg *)skb_transport_header(skb);
95
96	/ RFC2710+RFC3810 (MLDv1+MLDv2) require the multicast link layer*
97	* all-nodes destination address (ff02::1) for general queries
98	*/
99	if (ipv6_addr_any(a: &mld->mld_mca) &&
100	!ipv6_addr_is_ll_all_nodes(addr: &ipv6_hdr(skb)->daddr))
101	return -EINVAL;
102
103	return `0`;
104	}
105
106	static int ipv6_mc_check_mld_msg(struct sk_buff *skb)
107	{
108	unsigned int len = skb_transport_offset(skb) + sizeof(struct mld_msg);
109	struct mld_msg *mld;
110
111	if (!ipv6_mc_may_pull(skb, len))
112	return -ENODATA;
113
114	mld = (struct mld_msg *)skb_transport_header(skb);
115
116	switch (mld->mld_type) {
117	case ICMPV6_MGM_REDUCTION:
118	case ICMPV6_MGM_REPORT:
119	return `0`;
120	case ICMPV6_MLD2_REPORT:
121	return ipv6_mc_check_mld_reportv2(skb);
122	case ICMPV6_MGM_QUERY:
123	return ipv6_mc_check_mld_query(skb);
124	default:
125	return -ENODATA;
126	}
127	}
128
129	static inline __sum16 ipv6_mc_validate_checksum(struct sk_buff *skb)
130	{
131	return skb_checksum_validate(skb, IPPROTO_ICMPV6, ip6_compute_pseudo);
132	}
133
134	static int ipv6_mc_check_icmpv6(struct sk_buff *skb)
135	{
136	unsigned int len = skb_transport_offset(skb) + sizeof(struct icmp6hdr);
137	unsigned int transport_len = ipv6_transport_len(skb);
138	struct sk_buff *skb_chk;
139
140	if (!ipv6_mc_may_pull(skb, len))
141	return -EINVAL;
142
143	skb_chk = skb_checksum_trimmed(skb, transport_len,
144	skb_chkf: ipv6_mc_validate_checksum);
145	if (!skb_chk)
146	return -EINVAL;
147
148	if (skb_chk != skb)
149	kfree_skb(skb: skb_chk);
150
151	return `0`;
152	}
153
154	/**
155	* ipv6_mc_check_mld - checks whether this is a sane MLD packet
156	* @skb: the skb to validate
157	*
158	* Checks whether an IPv6 packet is a valid MLD packet. If so sets
159	* skb transport header accordingly and returns zero.
160	*
161	* -EINVAL: A broken packet was detected, i.e. it violates some internet
162	* standard
163	* -ENOMSG: IP header validation succeeded but it is not an ICMPv6 packet
164	* with a hop-by-hop option.
165	* -ENODATA: IP+ICMPv6 header with hop-by-hop option validation succeeded
166	* but it is not an MLD packet.
167	* -ENOMEM: A memory allocation failure happened.
168	*
169	* Caller needs to set the skb network header and free any returned skb if it
170	* differs from the provided skb.
171	*/
172	int ipv6_mc_check_mld(struct sk_buff *skb)
173	{
174	int ret;
175
176	ret = ipv6_mc_check_ip6hdr(skb);
177	if (ret < `0`)
178	return ret;
179
180	ret = ipv6_mc_check_exthdrs(skb);
181	if (ret < `0`)
182	return ret;
183
184	ret = ipv6_mc_check_icmpv6(skb);
185	if (ret < `0`)
186	return ret;
187
188	return ipv6_mc_check_mld_msg(skb);
189	}
190	EXPORT_SYMBOL(ipv6_mc_check_mld);
191

source code of linux/net/ipv6/mcast_snoop.c