net/ipv6/mcast.c

   1 /*
   2  *      Multicast support for IPv6
   3  *      Linux INET6 implementation
   4  *
   5  *      Authors:
   6  *      Pedro Roque             <roque@di.fc.ul.pt>
   7  *
   8  *      $Id: mcast.c,v 1.40 2002/02/08 03:57:19 davem Exp $
   9  *
  10  *      Based on linux/ipv4/igmp.c and linux/ipv4/ip_sockglue.c
  11  *
  12  *      This program is free software; you can redistribute it and/or
  13  *      modify it under the terms of the GNU General Public License
  14  *      as published by the Free Software Foundation; either version
  15  *      2 of the License, or (at your option) any later version.
  16  */
  17
  18 /* Changes:
  19  *
  20  *      yoshfuji        : fix format of router-alert option
  21  *      YOSHIFUJI Hideaki @USAGI:
  22  *              Fixed source address for MLD message based on
  23  *              <draft-ietf-magma-mld-source-05.txt>.
  24  *      YOSHIFUJI Hideaki @USAGI:
  25  *              - Ignore Queries for invalid addresses.
  26  *              - MLD for link-local addresses.
  27  *      David L Stevens <dlstevens@us.ibm.com>:
  28  *              - MLDv2 support
  29  */
  30
  31 #include <linux/config.h>
  32 #include <linux/module.h>
  33 #include <linux/errno.h>
  34 #include <linux/types.h>
  35 #include <linux/string.h>
  36 #include <linux/socket.h>
  37 #include <linux/sockios.h>
  38 #include <linux/jiffies.h>
  39 #include <linux/times.h>
  40 #include <linux/net.h>
  41 #include <linux/in.h>
  42 #include <linux/in6.h>
  43 #include <linux/netdevice.h>
  44 #include <linux/if_arp.h>
  45 #include <linux/route.h>
  46 #include <linux/init.h>
  47 #include <linux/proc_fs.h>
  48 #include <linux/seq_file.h>
  49
  50 #include <linux/netfilter.h>
  51 #include <linux/netfilter_ipv6.h>
  52
  53 #include <net/sock.h>
  54 #include <net/snmp.h>
  55
  56 #include <net/ipv6.h>
  57 #include <net/protocol.h>
  58 #include <net/if_inet6.h>
  59 #include <net/ndisc.h>
  60 #include <net/addrconf.h>
  61 #include <net/ip6_route.h>
  62
  63 #include <net/checksum.h>
  64
  65 /* Set to 3 to get tracing... */
  66 #define MCAST_DEBUG 2
  67
  68 #if MCAST_DEBUG >= 3
  69 #define MDBG(x) printk x
  70 #else
  71 #define MDBG(x)
  72 #endif
  73
  74 /*
  75  *  These header formats should be in a separate include file, but icmpv6.h
  76  *  doesn't have in6_addr defined in all cases, there is no __u128, and no
  77  *  other files reference these.
  78  *
  79  *                      +-DLS 4/14/03
  80  */
  81
  82 /* Multicast Listener Discovery version 2 headers */
  83
  84 struct mld2_grec {
  85         __u8            grec_type;
  86         __u8            grec_auxwords;
  87         __u16           grec_nsrcs;
  88         struct in6_addr grec_mca;
  89         struct in6_addr grec_src[0];
  90 };
  91
  92 struct mld2_report {
  93         __u8    type;
  94         __u8    resv1;
  95         __u16   csum;
  96         __u16   resv2;
  97         __u16   ngrec;
  98         struct mld2_grec grec[0];
  99 };
 100
 101 struct mld2_query {
 102         __u8 type;
 103         __u8 code;
 104         __u16 csum;
 105         __u16 mrc;
 106         __u16 resv1;
 107         struct in6_addr mca;
 108 #if defined(__LITTLE_ENDIAN_BITFIELD)
 109         __u8 qrv:3,
 110              suppress:1,
 111              resv2:4;
 112 #elif defined(__BIG_ENDIAN_BITFIELD)
 113         __u8 resv2:4,
 114              suppress:1,
 115              qrv:3;
 116 #else
 117 #error "Please fix <asm/byteorder.h>"
 118 #endif
 119         __u8 qqic;
 120         __u16 nsrcs;
 121         struct in6_addr srcs[0];
 122 };
 123
 124 struct in6_addr mld2_all_mcr = MLD2_ALL_MCR_INIT;
 125
 126 /* Big mc list lock for all the sockets */
 127 static rwlock_t ipv6_sk_mc_lock = RW_LOCK_UNLOCKED;
 128
 129 static struct socket *igmp6_socket;
 130
 131 static void igmp6_join_group(struct ifmcaddr6 *ma);
 132 static void igmp6_leave_group(struct ifmcaddr6 *ma);
 133 static void igmp6_timer_handler(unsigned long data);
 134
 135 static void mld_gq_timer_expire(unsigned long data);
 136 static void mld_ifc_timer_expire(unsigned long data);
 137 static void mld_ifc_event(struct inet6_dev *idev);
 138 static void mld_add_delrec(struct inet6_dev *idev, struct ifmcaddr6 *pmc);
 139 static void mld_del_delrec(struct inet6_dev *idev, struct in6_addr *addr);
 140 static void mld_clear_delrec(struct inet6_dev *idev);
 141 static int sf_setstate(struct ifmcaddr6 *pmc);
 142 static void sf_markstate(struct ifmcaddr6 *pmc);
 143 static void ip6_mc_clear_src(struct ifmcaddr6 *pmc);
 144 int ip6_mc_del_src(struct inet6_dev *idev, struct in6_addr *pmca, int sfmode,
 145         int sfcount, struct in6_addr *psfsrc, int delta);
 146 int ip6_mc_add_src(struct inet6_dev *idev, struct in6_addr *pmca, int sfmode,
 147         int sfcount, struct in6_addr *psfsrc, int delta);
 148 int ip6_mc_leave_src(struct sock *sk, struct ipv6_mc_socklist *iml,
 149         struct inet6_dev *idev);
 150
 151
 152 #define IGMP6_UNSOLICITED_IVAL  (10*HZ)
 153 #define MLD_QRV_DEFAULT         2
 154
 155 #define MLD_V1_SEEN(idev) (ipv6_devconf.force_mld_version == 1 || \
 156                 (idev)->cnf.force_mld_version == 1 || \
 157                 ((idev)->mc_v1_seen && \
 158                 time_before(jiffies, (idev)->mc_v1_seen)))
 159
 160 #define MLDV2_MASK(value, nb) ((nb)>=32 ? (value) : ((1<<(nb))-1) & (value))
 161 #define MLDV2_EXP(thresh, nbmant, nbexp, value) \
 162         ((value) < (thresh) ? (value) : \
 163         ((MLDV2_MASK(value, nbmant) | (1<<(nbmant+nbexp))) << \
 164         (MLDV2_MASK((value) >> (nbmant), nbexp) + (nbexp))))
 165
 166 #define MLDV2_QQIC(value) MLDV2_EXP(0x80, 4, 3, value)
 167 #define MLDV2_MRC(value) MLDV2_EXP(0x8000, 12, 3, value)
 168
 169 #define IPV6_MLD_MAX_MSF        10
 170
 171 int sysctl_mld_max_msf = IPV6_MLD_MAX_MSF;
 172
 173 /*
 174  *      socket join on multicast group
 175  */
 176
 177 int ipv6_sock_mc_join(struct sock *sk, int ifindex, struct in6_addr *addr)
 178 {
 179         struct net_device *dev = NULL;
 180         struct ipv6_mc_socklist *mc_lst;
 181         struct ipv6_pinfo *np = inet6_sk(sk);
 182         int err;
 183
 184         if (!ipv6_addr_is_multicast(addr))
 185                 return -EINVAL;
 186
 187         mc_lst = sock_kmalloc(sk, sizeof(struct ipv6_mc_socklist), GFP_KERNEL);
 188
 189         if (mc_lst == NULL)
 190                 return -ENOMEM;
 191
 192         mc_lst->next = NULL;
 193         ipv6_addr_copy(&mc_lst->addr, addr);
 194
 195         if (ifindex == 0) {
 196                 struct rt6_info *rt;
 197                 rt = rt6_lookup(addr, NULL, 0, 0);
 198                 if (rt) {
 199                         dev = rt->rt6i_dev;
 200                         dev_hold(dev);
 201                         dst_release(&rt->u.dst);
 202                 }
 203         } else
 204                 dev = dev_get_by_index(ifindex);
 205
 206         if (dev == NULL) {
 207                 sock_kfree_s(sk, mc_lst, sizeof(*mc_lst));
 208                 return -ENODEV;
 209         }
 210
 211         mc_lst->ifindex = dev->ifindex;
 212         mc_lst->sfmode = MCAST_EXCLUDE;
 213         mc_lst->sflist = 0;
 214
 215         /*
 216          *      now add/increase the group membership on the device
 217          */
 218
 219         err = ipv6_dev_mc_inc(dev, addr);
 220
 221         if (err) {
 222                 sock_kfree_s(sk, mc_lst, sizeof(*mc_lst));
 223                 dev_put(dev);
 224                 return err;
 225         }
 226
 227         write_lock_bh(&ipv6_sk_mc_lock);
 228         mc_lst->next = np->ipv6_mc_list;
 229         np->ipv6_mc_list = mc_lst;
 230         write_unlock_bh(&ipv6_sk_mc_lock);
 231
 232         dev_put(dev);
 233
 234         return 0;
 235 }
 236
 237 /*
 238  *      socket leave on multicast group
 239  */
 240 int ipv6_sock_mc_drop(struct sock *sk, int ifindex, struct in6_addr *addr)
 241 {
 242         struct ipv6_pinfo *np = inet6_sk(sk);
 243         struct ipv6_mc_socklist *mc_lst, **lnk;
 244
 245         write_lock_bh(&ipv6_sk_mc_lock);
 246         for (lnk = &np->ipv6_mc_list; (mc_lst = *lnk) !=NULL ; lnk = &mc_lst->next) {
 247                 if ((ifindex == 0 || mc_lst->ifindex == ifindex) &&
 248                     ipv6_addr_cmp(&mc_lst->addr, addr) == 0) {
 249                         struct net_device *dev;
 250
 251                         *lnk = mc_lst->next;
 252                         write_unlock_bh(&ipv6_sk_mc_lock);
 253
 254                         if ((dev = dev_get_by_index(mc_lst->ifindex)) != NULL) {
 255                                 struct inet6_dev *idev = in6_dev_get(dev);
 256
 257                                 if (idev) {
 258                                         (void) ip6_mc_leave_src(sk,mc_lst,idev);
 259                                         in6_dev_put(idev);
 260                                 }
 261                                 ipv6_dev_mc_dec(dev, &mc_lst->addr);
 262                                 dev_put(dev);
 263                         }
 264                         sock_kfree_s(sk, mc_lst, sizeof(*mc_lst));
 265                         return 0;
 266                 }
 267         }
 268         write_unlock_bh(&ipv6_sk_mc_lock);
 269
 270         return -ENOENT;
 271 }
 272
 273 struct inet6_dev *ip6_mc_find_dev(struct in6_addr *group, int ifindex)
 274 {
 275         struct net_device *dev = 0;
 276         struct inet6_dev *idev = 0;
 277
 278         if (ifindex == 0) {
 279                 struct rt6_info *rt;
 280
 281                 rt = rt6_lookup(group, NULL, 0, 0);
 282                 if (rt) {
 283                         dev = rt->rt6i_dev;
 284                         dev_hold(dev);
 285                         dst_release(&rt->u.dst);
 286                 }
 287         } else
 288                 dev = dev_get_by_index(ifindex);
 289
 290         if (!dev)
 291                 return 0;
 292         idev = in6_dev_get(dev);
 293         if (!idev) {
 294                 dev_put(dev);
 295                 return 0;
 296         }
 297         read_lock_bh(&idev->lock);
 298         if (idev->dead) {
 299                 read_unlock_bh(&idev->lock);
 300                 in6_dev_put(idev);
 301                 dev_put(dev);
 302                 return 0;
 303         }
 304         return idev;
 305 }
 306
 307 void ipv6_sock_mc_close(struct sock *sk)
 308 {
 309         struct ipv6_pinfo *np = inet6_sk(sk);
 310         struct ipv6_mc_socklist *mc_lst;
 311
 312         write_lock_bh(&ipv6_sk_mc_lock);
 313         while ((mc_lst = np->ipv6_mc_list) != NULL) {
 314                 struct net_device *dev;
 315
 316                 np->ipv6_mc_list = mc_lst->next;
 317                 write_unlock_bh(&ipv6_sk_mc_lock);
 318
 319                 dev = dev_get_by_index(mc_lst->ifindex);
 320                 if (dev) {
 321                         struct inet6_dev *idev = in6_dev_get(dev);
 322
 323                         if (idev) {
 324                                 (void) ip6_mc_leave_src(sk, mc_lst, idev);
 325                                 in6_dev_put(idev);
 326                         }
 327                         ipv6_dev_mc_dec(dev, &mc_lst->addr);
 328                         dev_put(dev);
 329                 }
 330
 331                 sock_kfree_s(sk, mc_lst, sizeof(*mc_lst));
 332
 333                 write_lock_bh(&ipv6_sk_mc_lock);
 334         }
 335         write_unlock_bh(&ipv6_sk_mc_lock);
 336 }
 337
 338 int ip6_mc_source(int add, int omode, struct sock *sk,
 339         struct group_source_req *pgsr)
 340 {
 341         struct in6_addr *source, *group;
 342         struct ipv6_mc_socklist *pmc;
 343         struct net_device *dev;
 344         struct inet6_dev *idev;
 345         struct ipv6_pinfo *inet6 = inet6_sk(sk);
 346         struct ip6_sf_socklist *psl;
 347         int i, j, rv;
 348         int err;
 349
 350         if (pgsr->gsr_group.ss_family != AF_INET6 ||
 351             pgsr->gsr_source.ss_family != AF_INET6)
 352                 return -EINVAL;
 353
 354         source = &((struct sockaddr_in6 *)&pgsr->gsr_source)->sin6_addr;
 355         group = &((struct sockaddr_in6 *)&pgsr->gsr_group)->sin6_addr;
 356
 357         if (!ipv6_addr_is_multicast(group))
 358                 return -EINVAL;
 359
 360         idev = ip6_mc_find_dev(group, pgsr->gsr_interface);
 361         if (!idev)
 362                 return -ENODEV;
 363         dev = idev->dev;
 364
 365         err = -EADDRNOTAVAIL;
 366
 367         for (pmc=inet6->ipv6_mc_list; pmc; pmc=pmc->next) {
 368                 if (pmc->ifindex != pgsr->gsr_interface)
 369                         continue;
 370                 if (ipv6_addr_cmp(&pmc->addr, group) == 0)
 371                         break;
 372         }
 373         if (!pmc)               /* must have a prior join */
 374                 goto done;
 375         /* if a source filter was set, must be the same mode as before */
 376         if (pmc->sflist) {
 377                 if (pmc->sfmode != omode)
 378                         goto done;
 379         } else if (pmc->sfmode != omode) {
 380                 /* allow mode switches for empty-set filters */
 381                 ip6_mc_add_src(idev, group, omode, 0, 0, 0);
 382                 ip6_mc_del_src(idev, group, pmc->sfmode, 0, 0, 0);
 383                 pmc->sfmode = omode;
 384         }
 385
 386         psl = pmc->sflist;
 387         if (!add) {
 388                 if (!psl)
 389                         goto done;
 390                 rv = !0;
 391                 for (i=0; i<psl->sl_count; i++) {
 392                         rv = memcmp(&psl->sl_addr, group,
 393                                 sizeof(struct in6_addr));
 394                         if (rv >= 0)
 395                                 break;
 396                 }
 397                 if (!rv)        /* source not found */
 398                         goto done;
 399
 400                 /* update the interface filter */
 401                 ip6_mc_del_src(idev, group, omode, 1, source, 1);
 402
 403                 for (j=i+1; j<psl->sl_count; j++)
 404                         psl->sl_addr[j-1] = psl->sl_addr[j];
 405                 psl->sl_count--;
 406                 err = 0;
 407                 goto done;
 408         }
 409         /* else, add a new source to the filter */
 410
 411         if (psl && psl->sl_count >= sysctl_mld_max_msf) {
 412                 err = -ENOBUFS;
 413                 goto done;
 414         }
 415         if (!psl || psl->sl_count == psl->sl_max) {
 416                 struct ip6_sf_socklist *newpsl;
 417                 int count = IP6_SFBLOCK;
 418
 419                 if (psl)
 420                         count += psl->sl_max;
 421                 newpsl = (struct ip6_sf_socklist *)sock_kmalloc(sk,
 422                         IP6_SFLSIZE(count), GFP_ATOMIC);
 423                 if (!newpsl) {
 424                         err = -ENOBUFS;
 425                         goto done;
 426                 }
 427                 newpsl->sl_max = count;
 428                 newpsl->sl_count = count - IP6_SFBLOCK;
 429                 if (psl) {
 430                         for (i=0; i<psl->sl_count; i++)
 431                                 newpsl->sl_addr[i] = psl->sl_addr[i];
 432                         sock_kfree_s(sk, psl, IP6_SFLSIZE(psl->sl_max));
 433                 }
 434                 pmc->sflist = psl = newpsl;
 435         }
 436         rv = 1; /* > 0 for insert logic below if sl_count is 0 */
 437         for (i=0; i<psl->sl_count; i++) {
 438                 rv = memcmp(&psl->sl_addr, group, sizeof(struct in6_addr));
 439                 if (rv >= 0)
 440                         break;
 441         }
 442         if (rv == 0)            /* address already there is an error */
 443                 goto done;
 444         for (j=psl->sl_count-1; j>=i; j--)
 445                 psl->sl_addr[j+1] = psl->sl_addr[j];
 446         psl->sl_addr[i] = *source;
 447         psl->sl_count++;
 448         err = 0;
 449         /* update the interface list */
 450         ip6_mc_add_src(idev, group, omode, 1, source, 1);
 451 done:
 452         read_unlock_bh(&idev->lock);
 453         in6_dev_put(idev);
 454         dev_put(dev);
 455         return err;
 456 }
 457
 458 int ip6_mc_msfilter(struct sock *sk, struct group_filter *gsf)
 459 {
 460         struct in6_addr *group;
 461         struct ipv6_mc_socklist *pmc;
 462         struct net_device *dev;
 463         struct inet6_dev *idev;
 464         struct ipv6_pinfo *inet6 = inet6_sk(sk);
 465         struct ip6_sf_socklist *newpsl, *psl;
 466         int i, err;
 467
 468         group = &((struct sockaddr_in6 *)&gsf->gf_group)->sin6_addr;
 469
 470         if (!ipv6_addr_is_multicast(group))
 471                 return -EINVAL;
 472         if (gsf->gf_fmode != MCAST_INCLUDE &&
 473             gsf->gf_fmode != MCAST_EXCLUDE)
 474                 return -EINVAL;
 475
 476         idev = ip6_mc_find_dev(group, gsf->gf_interface);
 477
 478         if (!idev)
 479                 return -ENODEV;
 480         dev = idev->dev;
 481         err = -EADDRNOTAVAIL;
 482
 483         for (pmc=inet6->ipv6_mc_list; pmc; pmc=pmc->next) {
 484                 if (pmc->ifindex != gsf->gf_interface)
 485                         continue;
 486                 if (ipv6_addr_cmp(&pmc->addr, group) == 0)
 487                         break;
 488         }
 489         if (!pmc)               /* must have a prior join */
 490                 goto done;
 491         if (gsf->gf_numsrc) {
 492                 newpsl = (struct ip6_sf_socklist *)sock_kmalloc(sk,
 493                                 IP6_SFLSIZE(gsf->gf_numsrc), GFP_ATOMIC);
 494                 if (!newpsl) {
 495                         err = -ENOBUFS;
 496                         goto done;
 497                 }
 498                 newpsl->sl_max = newpsl->sl_count = gsf->gf_numsrc;
 499                 for (i=0; i<newpsl->sl_count; ++i) {
 500                         struct sockaddr_in6 *psin6;
 501
 502                         psin6 = (struct sockaddr_in6 *)&gsf->gf_slist[i];
 503                         newpsl->sl_addr[i] = psin6->sin6_addr;
 504                 }
 505                 err = ip6_mc_add_src(idev, group, gsf->gf_fmode,
 506                         newpsl->sl_count, newpsl->sl_addr, 0);
 507                 if (err) {
 508                         sock_kfree_s(sk, newpsl, IP6_SFLSIZE(newpsl->sl_max));
 509                         goto done;
 510                 }
 511         } else
 512                 newpsl = 0;
 513         psl = pmc->sflist;
 514         if (psl) {
 515                 (void) ip6_mc_del_src(idev, group, pmc->sfmode,
 516                         psl->sl_count, psl->sl_addr, 0);
 517                 sock_kfree_s(sk, psl, IP6_SFLSIZE(psl->sl_max));
 518         } else
 519                 (void) ip6_mc_del_src(idev, group, pmc->sfmode, 0, 0, 0);
 520         pmc->sflist = newpsl;
 521         pmc->sfmode = gsf->gf_fmode;
 522 done:
 523         read_unlock_bh(&idev->lock);
 524         in6_dev_put(idev);
 525         dev_put(dev);
 526         return err;
 527 }
 528
 529 int ip6_mc_msfget(struct sock *sk, struct group_filter *gsf,
 530         struct group_filter __user *optval, int __user *optlen)
 531 {
 532         int err, i, count, copycount;
 533         struct in6_addr *group;
 534         struct ipv6_mc_socklist *pmc;
 535         struct inet6_dev *idev;
 536         struct net_device *dev;
 537         struct ipv6_pinfo *inet6 = inet6_sk(sk);
 538         struct ip6_sf_socklist *psl;
 539
 540         group = &((struct sockaddr_in6 *)&gsf->gf_group)->sin6_addr;
 541
 542         if (!ipv6_addr_is_multicast(group))
 543                 return -EINVAL;
 544
 545         idev = ip6_mc_find_dev(group, gsf->gf_interface);
 546
 547         if (!idev)
 548                 return -ENODEV;
 549
 550         dev = idev->dev;
 551
 552         err = -EADDRNOTAVAIL;
 553
 554         for (pmc=inet6->ipv6_mc_list; pmc; pmc=pmc->next) {
 555                 if (pmc->ifindex != gsf->gf_interface)
 556                         continue;
 557                 if (ipv6_addr_cmp(group, &pmc->addr) == 0)
 558                         break;
 559         }
 560         if (!pmc)               /* must have a prior join */
 561                 goto done;
 562         gsf->gf_fmode = pmc->sfmode;
 563         psl = pmc->sflist;
 564         count = psl ? psl->sl_count : 0;
 565         read_unlock_bh(&idev->lock);
 566         in6_dev_put(idev);
 567         dev_put(dev);
 568
 569         copycount = count < gsf->gf_numsrc ? count : gsf->gf_numsrc;
 570         gsf->gf_numsrc = count;
 571         if (put_user(GROUP_FILTER_SIZE(copycount), optlen) ||
 572             copy_to_user(optval, gsf, GROUP_FILTER_SIZE(0))) {
 573                 return -EFAULT;
 574         }
 575         for (i=0; i<copycount; i++) {
 576                 struct sockaddr_in6 *psin6;
 577                 struct sockaddr_storage ss;
 578
 579                 psin6 = (struct sockaddr_in6 *)&ss;
 580                 memset(&ss, 0, sizeof(ss));
 581                 psin6->sin6_family = AF_INET6;
 582                 psin6->sin6_addr = psl->sl_addr[i];
 583                 if (copy_to_user(&optval->gf_slist[i], &ss, sizeof(ss)))
 584                         return -EFAULT;
 585         }
 586         return 0;
 587 done:
 588         read_unlock_bh(&idev->lock);
 589         in6_dev_put(idev);
 590         dev_put(dev);
 591         return err;
 592 }
 593
 594 int inet6_mc_check(struct sock *sk, struct in6_addr *mc_addr,
 595         struct in6_addr *src_addr)
 596 {
 597         struct ipv6_pinfo *np = inet6_sk(sk);
 598         struct ipv6_mc_socklist *mc;
 599         struct ip6_sf_socklist *psl;
 600         int rv = 1;
 601
 602         read_lock(&ipv6_sk_mc_lock);
 603         for (mc = np->ipv6_mc_list; mc; mc = mc->next) {
 604                 if (ipv6_addr_cmp(&mc->addr, mc_addr) == 0)
 605                         break;
 606         }
 607         if (!mc) {
 608                 read_unlock(&ipv6_sk_mc_lock);
 609                 return 1;
 610         }
 611         psl = mc->sflist;
 612         if (!psl) {
 613                 rv = mc->sfmode == MCAST_EXCLUDE;
 614         } else {
 615                 int i;
 616
 617                 for (i=0; i<psl->sl_count; i++) {
 618                         if (ipv6_addr_cmp(&psl->sl_addr[i], src_addr) == 0)
 619                                 break;
 620                 }
 621                 if (mc->sfmode == MCAST_INCLUDE && i >= psl->sl_count)
 622                         rv = 0;
 623                 if (mc->sfmode == MCAST_EXCLUDE && i < psl->sl_count)
 624                         rv = 0;
 625         }
 626         read_unlock(&ipv6_sk_mc_lock);
 627
 628         return rv;
 629 }
 630
 631 static void ma_put(struct ifmcaddr6 *mc)
 632 {
 633         if (atomic_dec_and_test(&mc->mca_refcnt)) {
 634                 in6_dev_put(mc->idev);
 635                 kfree(mc);
 636         }
 637 }
 638
 639 static void igmp6_group_added(struct ifmcaddr6 *mc)
 640 {
 641         struct net_device *dev = mc->idev->dev;
 642         char buf[MAX_ADDR_LEN];
 643
 644         spin_lock_bh(&mc->mca_lock);
 645         if (!(mc->mca_flags&MAF_LOADED)) {
 646                 mc->mca_flags |= MAF_LOADED;
 647                 if (ndisc_mc_map(&mc->mca_addr, buf, dev, 0) == 0)
 648                         dev_mc_add(dev, buf, dev->addr_len, 0);
 649         }
 650         spin_unlock_bh(&mc->mca_lock);
 651
 652         if (!(dev->flags & IFF_UP) || (mc->mca_flags & MAF_NOREPORT))
 653                 return;
 654
 655         if (MLD_V1_SEEN(mc->idev)) {
 656                 igmp6_join_group(mc);
 657                 return;
 658         }
 659         /* else v2 */
 660
 661         mc->mca_crcount = mc->idev->mc_qrv;
 662         mld_ifc_event(mc->idev);
 663 }
 664
 665 static void igmp6_group_dropped(struct ifmcaddr6 *mc)
 666 {
 667         struct net_device *dev = mc->idev->dev;
 668         char buf[MAX_ADDR_LEN];
 669
 670         spin_lock_bh(&mc->mca_lock);
 671         if (mc->mca_flags&MAF_LOADED) {
 672                 mc->mca_flags &= ~MAF_LOADED;
 673                 if (ndisc_mc_map(&mc->mca_addr, buf, dev, 0) == 0)
 674                         dev_mc_delete(dev, buf, dev->addr_len, 0);
 675         }
 676
 677         if (mc->mca_flags & MAF_NOREPORT)
 678                 goto done;
 679         spin_unlock_bh(&mc->mca_lock);
 680
 681         if (!mc->idev->dead)
 682                 igmp6_leave_group(mc);
 683
 684         spin_lock_bh(&mc->mca_lock);
 685         if (del_timer(&mc->mca_timer))
 686                 atomic_dec(&mc->mca_refcnt);
 687 done:
 688         ip6_mc_clear_src(mc);
 689         spin_unlock_bh(&mc->mca_lock);
 690 }
 691
 692 /*
 693  * deleted ifmcaddr6 manipulation
 694  */
 695 static void mld_add_delrec(struct inet6_dev *idev, struct ifmcaddr6 *im)
 696 {
 697         struct ifmcaddr6 *pmc;
 698
 699         /* this is an "ifmcaddr6" for convenience; only the fields below
 700          * are actually used. In particular, the refcnt and users are not
 701          * used for management of the delete list. Using the same structure
 702          * for deleted items allows change reports to use common code with
 703          * non-deleted or query-response MCA's.
 704          */
 705         pmc = (struct ifmcaddr6 *)kmalloc(sizeof(*pmc), GFP_ATOMIC);
 706         if (!pmc)
 707                 return;
 708         memset(pmc, 0, sizeof(*pmc));
 709         spin_lock_bh(&im->mca_lock);
 710         pmc->mca_lock = SPIN_LOCK_UNLOCKED;
 711         pmc->idev = im->idev;
 712         in6_dev_hold(idev);
 713         pmc->mca_addr = im->mca_addr;
 714         pmc->mca_crcount = idev->mc_qrv;
 715         pmc->mca_sfmode = im->mca_sfmode;
 716         if (pmc->mca_sfmode == MCAST_INCLUDE) {
 717                 struct ip6_sf_list *psf;
 718
 719                 pmc->mca_tomb = im->mca_tomb;
 720                 pmc->mca_sources = im->mca_sources;
 721                 im->mca_tomb = im->mca_sources = 0;
 722                 for (psf=pmc->mca_sources; psf; psf=psf->sf_next)
 723                         psf->sf_crcount = pmc->mca_crcount;
 724         }
 725         spin_unlock_bh(&im->mca_lock);
 726
 727         write_lock_bh(&idev->mc_lock);
 728         pmc->next = idev->mc_tomb;
 729         idev->mc_tomb = pmc;
 730         write_unlock_bh(&idev->mc_lock);
 731 }
 732
 733 static void mld_del_delrec(struct inet6_dev *idev, struct in6_addr *pmca)
 734 {
 735         struct ifmcaddr6 *pmc, *pmc_prev;
 736         struct ip6_sf_list *psf, *psf_next;
 737
 738         write_lock_bh(&idev->mc_lock);
 739         pmc_prev = 0;
 740         for (pmc=idev->mc_tomb; pmc; pmc=pmc->next) {
 741                 if (ipv6_addr_cmp(&pmc->mca_addr, pmca) == 0)
 742                         break;
 743                 pmc_prev = pmc;
 744         }
 745         if (pmc) {
 746                 if (pmc_prev)
 747                         pmc_prev->next = pmc->next;
 748                 else
 749                         idev->mc_tomb = pmc->next;
 750         }
 751         write_unlock_bh(&idev->mc_lock);
 752         if (pmc) {
 753                 for (psf=pmc->mca_tomb; psf; psf=psf_next) {
 754                         psf_next = psf->sf_next;
 755                         kfree(psf);
 756                 }
 757                 in6_dev_put(pmc->idev);
 758                 kfree(pmc);
 759         }
 760 }
 761
 762 static void mld_clear_delrec(struct inet6_dev *idev)
 763 {
 764         struct ifmcaddr6 *pmc, *nextpmc;
 765
 766         write_lock_bh(&idev->mc_lock);
 767         pmc = idev->mc_tomb;
 768         idev->mc_tomb = 0;
 769         write_unlock_bh(&idev->mc_lock);
 770
 771         for (; pmc; pmc = nextpmc) {
 772                 nextpmc = pmc->next;
 773                 ip6_mc_clear_src(pmc);
 774                 in6_dev_put(pmc->idev);
 775                 kfree(pmc);
 776         }
 777
 778         /* clear dead sources, too */
 779         read_lock_bh(&idev->lock);
 780         for (pmc=idev->mc_list; pmc; pmc=pmc->next) {
 781                 struct ip6_sf_list *psf, *psf_next;
 782
 783                 spin_lock_bh(&pmc->mca_lock);
 784                 psf = pmc->mca_tomb;
 785                 pmc->mca_tomb = 0;
 786                 spin_unlock_bh(&pmc->mca_lock);
 787                 for (; psf; psf=psf_next) {
 788                         psf_next = psf->sf_next;
 789                         kfree(psf);
 790                 }
 791         }
 792         read_unlock_bh(&idev->lock);
 793 }
 794
 795
 796 /*
 797  *      device multicast group inc (add if not found)
 798  */
 799 int ipv6_dev_mc_inc(struct net_device *dev, struct in6_addr *addr)
 800 {
 801         struct ifmcaddr6 *mc;
 802         struct inet6_dev *idev;
 803
 804         idev = in6_dev_get(dev);
 805
 806         if (idev == NULL)
 807                 return -EINVAL;
 808
 809         write_lock_bh(&idev->lock);
 810         if (idev->dead) {
 811                 write_unlock_bh(&idev->lock);
 812                 in6_dev_put(idev);
 813                 return -ENODEV;
 814         }
 815
 816         for (mc = idev->mc_list; mc; mc = mc->next) {
 817                 if (ipv6_addr_cmp(&mc->mca_addr, addr) == 0) {
 818                         mc->mca_users++;
 819                         write_unlock_bh(&idev->lock);
 820                         ip6_mc_add_src(idev, &mc->mca_addr, MCAST_EXCLUDE, 0,
 821                                 0, 0);
 822                         in6_dev_put(idev);
 823                         return 0;
 824                 }
 825         }
 826
 827         /*
 828          *      not found: create a new one.
 829          */
 830
 831         mc = kmalloc(sizeof(struct ifmcaddr6), GFP_ATOMIC);
 832
 833         if (mc == NULL) {
 834                 write_unlock_bh(&idev->lock);
 835                 in6_dev_put(idev);
 836                 return -ENOMEM;
 837         }
 838
 839         memset(mc, 0, sizeof(struct ifmcaddr6));
 840         init_timer(&mc->mca_timer);
 841         mc->mca_timer.function = igmp6_timer_handler;
 842         mc->mca_timer.data = (unsigned long) mc;
 843
 844         ipv6_addr_copy(&mc->mca_addr, addr);
 845         mc->idev = idev;
 846         mc->mca_users = 1;
 847         /* mca_stamp should be updated upon changes */
 848         mc->mca_cstamp = mc->mca_tstamp = jiffies;
 849         atomic_set(&mc->mca_refcnt, 2);
 850         mc->mca_lock = SPIN_LOCK_UNLOCKED;
 851
 852         /* initial mode is (EX, empty) */
 853         mc->mca_sfmode = MCAST_EXCLUDE;
 854         mc->mca_sfcount[MCAST_EXCLUDE] = 1;
 855
 856         if (ipv6_addr_is_ll_all_nodes(&mc->mca_addr) ||
 857             IPV6_ADDR_MC_SCOPE(&mc->mca_addr) < IPV6_ADDR_SCOPE_LINKLOCAL)
 858                 mc->mca_flags |= MAF_NOREPORT;
 859
 860         mc->next = idev->mc_list;
 861         idev->mc_list = mc;
 862         write_unlock_bh(&idev->lock);
 863
 864         mld_del_delrec(idev, &mc->mca_addr);
 865         igmp6_group_added(mc);
 866         ma_put(mc);
 867         return 0;
 868 }
 869
 870 /*
 871  *      device multicast group del
 872  */
 873 static int __ipv6_dev_mc_dec(struct net_device *dev, struct inet6_dev *idev, struct in6_addr *addr)
 874 {
 875         struct ifmcaddr6 *ma, **map;
 876
 877         write_lock_bh(&idev->lock);
 878         for (map = &idev->mc_list; (ma=*map) != NULL; map = &ma->next) {
 879                 if (ipv6_addr_cmp(&ma->mca_addr, addr) == 0) {
 880                         if (--ma->mca_users == 0) {
 881                                 *map = ma->next;
 882                                 write_unlock_bh(&idev->lock);
 883
 884                                 igmp6_group_dropped(ma);
 885
 886                                 ma_put(ma);
 887                                 return 0;
 888                         }
 889                         write_unlock_bh(&idev->lock);
 890                         return 0;
 891                 }
 892         }
 893         write_unlock_bh(&idev->lock);
 894
 895         return -ENOENT;
 896 }
 897
 898 int ipv6_dev_mc_dec(struct net_device *dev, struct in6_addr *addr)
 899 {
 900         struct inet6_dev *idev = in6_dev_get(dev);
 901         int err;
 902
 903         if (!idev)
 904                 return -ENODEV;
 905
 906         err = __ipv6_dev_mc_dec(dev, idev, addr);
 907
 908         in6_dev_put(idev);
 909
 910         return err;
 911 }
 912
 913 /*
 914  * identify MLD packets for MLD filter exceptions
 915  */
 916 int ipv6_is_mld(struct sk_buff *skb, int nexthdr)
 917 {
 918         struct icmp6hdr *pic;
 919
 920         if (nexthdr != IPPROTO_ICMPV6)
 921                 return 0;
 922
 923         if (!pskb_may_pull(skb, sizeof(struct icmp6hdr)))
 924                 return 0;
 925
 926         pic = (struct icmp6hdr *)skb->h.raw;
 927
 928         switch (pic->icmp6_type) {
 929         case ICMPV6_MGM_QUERY:
 930         case ICMPV6_MGM_REPORT:
 931         case ICMPV6_MGM_REDUCTION:
 932         case ICMPV6_MLD2_REPORT:
 933                 return 1;
 934         default:
 935                 break;
 936         }
 937         return 0;
 938 }
 939
 940 /*
 941  *      check if the interface/address pair is valid
 942  */
 943 int ipv6_chk_mcast_addr(struct net_device *dev, struct in6_addr *group,
 944         struct in6_addr *src_addr)
 945 {
 946         struct inet6_dev *idev;
 947         struct ifmcaddr6 *mc;
 948         int rv = 0;
 949
 950         idev = in6_dev_get(dev);
 951         if (idev) {
 952                 read_lock_bh(&idev->lock);
 953                 for (mc = idev->mc_list; mc; mc=mc->next) {
 954                         if (ipv6_addr_cmp(&mc->mca_addr, group) == 0)
 955                                 break;
 956                 }
 957                 if (mc) {
 958                         if (src_addr && !ipv6_addr_any(src_addr)) {
 959                                 struct ip6_sf_list *psf;
 960
 961                                 spin_lock_bh(&mc->mca_lock);
 962                                 for (psf=mc->mca_sources;psf;psf=psf->sf_next) {
 963                                         if (ipv6_addr_cmp(&psf->sf_addr,
 964                                             src_addr) == 0)
 965                                                 break;
 966                                 }
 967                                 if (psf)
 968                                         rv = psf->sf_count[MCAST_INCLUDE] ||
 969                                                 psf->sf_count[MCAST_EXCLUDE] !=
 970                                                 mc->mca_sfcount[MCAST_EXCLUDE];
 971                                 else
 972                                         rv = mc->mca_sfcount[MCAST_EXCLUDE] !=0;
 973                                 spin_unlock_bh(&mc->mca_lock);
 974                         } else
 975                                 rv = 1; /* don't filter unspecified source */
 976                 }
 977                 read_unlock_bh(&idev->lock);
 978                 in6_dev_put(idev);
 979         }
 980         return rv;
 981 }
 982
 983 static void mld_gq_start_timer(struct inet6_dev *idev)
 984 {
 985         int tv = net_random() % idev->mc_maxdelay;
 986
 987         idev->mc_gq_running = 1;
 988         if (!mod_timer(&idev->mc_gq_timer, jiffies+tv+2))
 989                 in6_dev_hold(idev);
 990 }
 991
 992 static void mld_ifc_start_timer(struct inet6_dev *idev, int delay)
 993 {
 994         int tv = net_random() % delay;
 995
 996         if (!mod_timer(&idev->mc_ifc_timer, jiffies+tv+2))
 997                 in6_dev_hold(idev);
 998 }
 999
1000 /*
1001  *      IGMP handling (alias multicast ICMPv6 messages)
1002  */
1003
1004 static void igmp6_group_queried(struct ifmcaddr6 *ma, unsigned long resptime)
1005 {
1006         unsigned long delay = resptime;
1007
1008         /* Do not start timer for these addresses */
1009         if (ipv6_addr_is_ll_all_nodes(&ma->mca_addr) ||
1010             IPV6_ADDR_MC_SCOPE(&ma->mca_addr) < IPV6_ADDR_SCOPE_LINKLOCAL)
1011                 return;
1012
1013         if (del_timer(&ma->mca_timer)) {
1014                 atomic_dec(&ma->mca_refcnt);
1015                 delay = ma->mca_timer.expires - jiffies;
1016         }
1017
1018         if (delay >= resptime) {
1019                 if (resptime)
1020                         delay = net_random() % resptime;
1021                 else
1022                         delay = 1;
1023         }
1024         ma->mca_timer.expires = jiffies + delay;
1025         if (!mod_timer(&ma->mca_timer, jiffies + delay))
1026                 atomic_inc(&ma->mca_refcnt);
1027         ma->mca_flags |= MAF_TIMER_RUNNING;
1028 }
1029
1030 static void mld_marksources(struct ifmcaddr6 *pmc, int nsrcs,
1031         struct in6_addr *srcs)
1032 {
1033         struct ip6_sf_list *psf;
1034         int i, scount;
1035
1036         scount = 0;
1037         for (psf=pmc->mca_sources; psf; psf=psf->sf_next) {
1038                 if (scount == nsrcs)
1039                         break;
1040                 for (i=0; i<nsrcs; i++)
1041                         if (ipv6_addr_cmp(&srcs[i], &psf->sf_addr) == 0) {
1042                                 psf->sf_gsresp = 1;
1043                                 scount++;
1044                                 break;
1045                         }
1046         }
1047 }
1048
1049 int igmp6_event_query(struct sk_buff *skb)
1050 {
1051         struct mld2_query *mlh2 = (struct mld2_query *) skb->h.raw;
1052         struct ifmcaddr6 *ma;
1053         struct in6_addr *group;
1054         unsigned long max_delay;
1055         struct inet6_dev *idev;
1056         struct icmp6hdr *hdr;
1057         int group_type;
1058         int mark = 0;
1059         int len;
1060
1061         if (!pskb_may_pull(skb, sizeof(struct in6_addr)))
1062                 return -EINVAL;
1063
1064         /* compute payload length excluding extension headers */
1065         len = ntohs(skb->nh.ipv6h->payload_len) + sizeof(struct ipv6hdr);
1066         len -= (char *)skb->h.raw - (char *)skb->nh.ipv6h;
1067
1068         /* Drop queries with not link local source */
1069         if (!(ipv6_addr_type(&skb->nh.ipv6h->saddr)&IPV6_ADDR_LINKLOCAL))
1070                 return -EINVAL;
1071
1072         idev = in6_dev_get(skb->dev);
1073
1074         if (idev == NULL)
1075                 return 0;
1076
1077         hdr = (struct icmp6hdr *) skb->h.raw;
1078         group = (struct in6_addr *) (hdr + 1);
1079         group_type = ipv6_addr_type(group);
1080
1081         if (group_type != IPV6_ADDR_ANY &&
1082             !(group_type&IPV6_ADDR_MULTICAST)) {
1083                 in6_dev_put(idev);
1084                 return -EINVAL;
1085         }
1086
1087         if (len == 24) {
1088                 int switchback;
1089                 /* MLDv1 router present */
1090
1091                 /* Translate milliseconds to jiffies */
1092                 max_delay = (ntohs(hdr->icmp6_maxdelay)*HZ)/1000;
1093
1094                 switchback = (idev->mc_qrv + 1) * max_delay;
1095                 idev->mc_v1_seen = jiffies + switchback;
1096
1097                 /* cancel the interface change timer */
1098                 idev->mc_ifc_count = 0;
1099                 if (del_timer(&idev->mc_ifc_timer))
1100                         __in6_dev_put(idev);
1101                 /* clear deleted report items */
1102                 mld_clear_delrec(idev);
1103         } else if (len >= 28) {
1104                 max_delay = (MLDV2_MRC(ntohs(mlh2->mrc))*HZ)/1000;
1105                 if (!max_delay)
1106                         max_delay = 1;
1107                 idev->mc_maxdelay = max_delay;
1108                 if (mlh2->qrv)
1109                         idev->mc_qrv = mlh2->qrv;
1110                 if (group_type == IPV6_ADDR_ANY) { /* general query */
1111                         if (mlh2->nsrcs) {
1112                                 in6_dev_put(idev);
1113                                 return -EINVAL; /* no sources allowed */
1114                         }
1115                         mld_gq_start_timer(idev);
1116                         in6_dev_put(idev);
1117                         return 0;
1118                 }
1119                 /* mark sources to include, if group & source-specific */
1120                 mark = mlh2->nsrcs != 0;
1121         } else {
1122                 in6_dev_put(idev);
1123                 return -EINVAL;
1124         }
1125
1126         read_lock_bh(&idev->lock);
1127         if (group_type == IPV6_ADDR_ANY) {
1128                 for (ma = idev->mc_list; ma; ma=ma->next) {
1129                         spin_lock_bh(&ma->mca_lock);
1130                         igmp6_group_queried(ma, max_delay);
1131                         spin_unlock_bh(&ma->mca_lock);
1132                 }
1133         } else {
1134                 for (ma = idev->mc_list; ma; ma=ma->next) {
1135                         if (group_type != IPV6_ADDR_ANY &&
1136                             ipv6_addr_cmp(group, &ma->mca_addr) != 0)
1137                                 continue;
1138                         spin_lock_bh(&ma->mca_lock);
1139                         if (ma->mca_flags & MAF_TIMER_RUNNING) {
1140                                 /* gsquery <- gsquery && mark */
1141                                 if (!mark)
1142                                         ma->mca_flags &= ~MAF_GSQUERY;
1143                         } else {
1144                                 /* gsquery <- mark */
1145                                 if (mark)
1146                                         ma->mca_flags |= MAF_GSQUERY;
1147                                 else
1148                                         ma->mca_flags &= ~MAF_GSQUERY;
1149                         }
1150                         if (ma->mca_flags & MAF_GSQUERY)
1151                                 mld_marksources(ma, ntohs(mlh2->nsrcs),
1152                                         mlh2->srcs);
1153                         igmp6_group_queried(ma, max_delay);
1154                         spin_unlock_bh(&ma->mca_lock);
1155                         if (group_type != IPV6_ADDR_ANY)
1156                                 break;
1157                 }
1158         }
1159         read_unlock_bh(&idev->lock);
1160         in6_dev_put(idev);
1161
1162         return 0;
1163 }
1164
1165
1166 int igmp6_event_report(struct sk_buff *skb)
1167 {
1168         struct ifmcaddr6 *ma;
1169         struct in6_addr *addrp;
1170         struct inet6_dev *idev;
1171         struct icmp6hdr *hdr;
1172         int addr_type;
1173
1174         /* Our own report looped back. Ignore it. */
1175         if (skb->pkt_type == PACKET_LOOPBACK)
1176                 return 0;
1177
1178         if (!pskb_may_pull(skb, sizeof(struct in6_addr)))
1179                 return -EINVAL;
1180
1181         hdr = (struct icmp6hdr*) skb->h.raw;
1182
1183         /* Drop reports with not link local source */
1184         addr_type = ipv6_addr_type(&skb->nh.ipv6h->saddr);
1185         if (addr_type != IPV6_ADDR_ANY &&
1186             !(addr_type&IPV6_ADDR_LINKLOCAL))
1187                 return -EINVAL;
1188
1189         addrp = (struct in6_addr *) (hdr + 1);
1190
1191         idev = in6_dev_get(skb->dev);
1192         if (idev == NULL)
1193                 return -ENODEV;
1194
1195         /*
1196          *      Cancel the timer for this group
1197          */
1198
1199         read_lock_bh(&idev->lock);
1200         for (ma = idev->mc_list; ma; ma=ma->next) {
1201                 if (ipv6_addr_cmp(&ma->mca_addr, addrp) == 0) {
1202                         spin_lock(&ma->mca_lock);
1203                         if (del_timer(&ma->mca_timer))
1204                                 atomic_dec(&ma->mca_refcnt);
1205                         ma->mca_flags &= ~(MAF_LAST_REPORTER|MAF_TIMER_RUNNING);
1206                         spin_unlock(&ma->mca_lock);
1207                         break;
1208                 }
1209         }
1210         read_unlock_bh(&idev->lock);
1211         in6_dev_put(idev);
1212         return 0;
1213 }
1214
1215 static int is_in(struct ifmcaddr6 *pmc, struct ip6_sf_list *psf, int type,
1216         int gdeleted, int sdeleted)
1217 {
1218         switch (type) {
1219         case MLD2_MODE_IS_INCLUDE:
1220         case MLD2_MODE_IS_EXCLUDE:
1221                 if (gdeleted || sdeleted)
1222                         return 0;
1223                 return !((pmc->mca_flags & MAF_GSQUERY) && !psf->sf_gsresp);
1224         case MLD2_CHANGE_TO_INCLUDE:
1225                 if (gdeleted || sdeleted)
1226                         return 0;
1227                 return psf->sf_count[MCAST_INCLUDE] != 0;
1228         case MLD2_CHANGE_TO_EXCLUDE:
1229                 if (gdeleted || sdeleted)
1230                         return 0;
1231                 if (pmc->mca_sfcount[MCAST_EXCLUDE] == 0 ||
1232                     psf->sf_count[MCAST_INCLUDE])
1233                         return 0;
1234                 return pmc->mca_sfcount[MCAST_EXCLUDE] ==
1235                         psf->sf_count[MCAST_EXCLUDE];
1236         case MLD2_ALLOW_NEW_SOURCES:
1237                 if (gdeleted || !psf->sf_crcount)
1238                         return 0;
1239                 return (pmc->mca_sfmode == MCAST_INCLUDE) ^ sdeleted;
1240         case MLD2_BLOCK_OLD_SOURCES:
1241                 if (pmc->mca_sfmode == MCAST_INCLUDE)
1242                         return gdeleted || (psf->sf_crcount && sdeleted);
1243                 return psf->sf_crcount && !gdeleted && !sdeleted;
1244         }
1245         return 0;
1246 }
1247
1248 static int
1249 mld_scount(struct ifmcaddr6 *pmc, int type, int gdeleted, int sdeleted)
1250 {
1251         struct ip6_sf_list *psf;
1252         int scount = 0;
1253
1254         for (psf=pmc->mca_sources; psf; psf=psf->sf_next) {
1255                 if (!is_in(pmc, psf, type, gdeleted, sdeleted))
1256                         continue;
1257                 scount++;
1258         }
1259         return scount;
1260 }
1261
1262 static struct sk_buff *mld_newpack(struct net_device *dev, int size)
1263 {
1264         struct sock *sk = igmp6_socket->sk;
1265         struct sk_buff *skb;
1266         struct mld2_report *pmr;
1267         struct in6_addr addr_buf;
1268         int err;
1269         u8 ra[8] = { IPPROTO_ICMPV6, 0,
1270                      IPV6_TLV_ROUTERALERT, 2, 0, 0,
1271                      IPV6_TLV_PADN, 0 };
1272
1273         /* we assume size > sizeof(ra) here */
1274         skb = sock_alloc_send_skb(sk, size + LL_RESERVED_SPACE(dev), 1, &err);
1275
1276         if (skb == 0)
1277                 return 0;
1278
1279         skb_reserve(skb, LL_RESERVED_SPACE(dev));
1280         if (dev->hard_header) {
1281                 unsigned char ha[MAX_ADDR_LEN];
1282
1283                 ndisc_mc_map(&mld2_all_mcr, ha, dev, 1);
1284                 if (dev->hard_header(skb, dev, ETH_P_IPV6,ha,NULL,size) < 0) {
1285                         kfree_skb(skb);
1286                         return 0;
1287                 }
1288         }
1289
1290         if (ipv6_get_lladdr(dev, &addr_buf)) {
1291                 /* <draft-ietf-magma-mld-source-05.txt>:
1292                  * use unspecified address as the source address
1293                  * when a valid link-local address is not available.
1294                  */
1295                 memset(&addr_buf, 0, sizeof(addr_buf));
1296         }
1297
1298         ip6_nd_hdr(sk, skb, dev, &addr_buf, &mld2_all_mcr, NEXTHDR_HOP, 0);
1299
1300         memcpy(skb_put(skb, sizeof(ra)), ra, sizeof(ra));
1301
1302         pmr =(struct mld2_report *)skb_put(skb, sizeof(*pmr));
1303         skb->h.raw = (unsigned char *)pmr;
1304         pmr->type = ICMPV6_MLD2_REPORT;
1305         pmr->resv1 = 0;
1306         pmr->csum = 0;
1307         pmr->resv2 = 0;
1308         pmr->ngrec = 0;
1309         return skb;
1310 }
1311
1312 static void mld_sendpack(struct sk_buff *skb)
1313 {
1314         struct ipv6hdr *pip6 = skb->nh.ipv6h;
1315         struct mld2_report *pmr = (struct mld2_report *)skb->h.raw;
1316         int payload_len, mldlen;
1317         struct inet6_dev *idev = in6_dev_get(skb->dev);
1318         int err;
1319
1320         IP6_INC_STATS(OutRequests);
1321         payload_len = skb->tail - (unsigned char *)skb->nh.ipv6h -
1322                 sizeof(struct ipv6hdr);
1323         mldlen = skb->tail - skb->h.raw;
1324         pip6->payload_len = htons(payload_len);
1325
1326         pmr->csum = csum_ipv6_magic(&pip6->saddr, &pip6->daddr, mldlen,
1327                 IPPROTO_ICMPV6, csum_partial(skb->h.raw, mldlen, 0));
1328         err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, skb->dev,
1329                 dev_queue_xmit);
1330         if (!err) {
1331                 ICMP6_INC_STATS(idev,Icmp6OutMsgs);
1332                 IP6_INC_STATS(OutMcastPkts);
1333         } else
1334                 IP6_INC_STATS(OutDiscards);
1335
1336         if (likely(idev != NULL))
1337                 in6_dev_put(idev);
1338 }
1339
1340 static int grec_size(struct ifmcaddr6 *pmc, int type, int gdel, int sdel)
1341 {
1342         return sizeof(struct mld2_grec) + 4*mld_scount(pmc,type,gdel,sdel);
1343 }
1344
1345 static struct sk_buff *add_grhead(struct sk_buff *skb, struct ifmcaddr6 *pmc,
1346         int type, struct mld2_grec **ppgr)
1347 {
1348         struct net_device *dev = pmc->idev->dev;
1349         struct mld2_report *pmr;
1350         struct mld2_grec *pgr;
1351
1352         if (!skb)
1353                 skb = mld_newpack(dev, dev->mtu);
1354         if (!skb)
1355                 return 0;
1356         pgr = (struct mld2_grec *)skb_put(skb, sizeof(struct mld2_grec));
1357         pgr->grec_type = type;
1358         pgr->grec_auxwords = 0;
1359         pgr->grec_nsrcs = 0;
1360         pgr->grec_mca = pmc->mca_addr;  /* structure copy */
1361         pmr = (struct mld2_report *)skb->h.raw;
1362         pmr->ngrec = htons(ntohs(pmr->ngrec)+1);
1363         *ppgr = pgr;
1364         return skb;
1365 }
1366
1367 #define AVAILABLE(skb) ((skb) ? ((skb)->dev ? (skb)->dev->mtu - (skb)->len : \
1368         skb_tailroom(skb)) : 0)
1369
1370 static struct sk_buff *add_grec(struct sk_buff *skb, struct ifmcaddr6 *pmc,
1371         int type, int gdeleted, int sdeleted)
1372 {
1373         struct net_device *dev = pmc->idev->dev;
1374         struct mld2_report *pmr;
1375         struct mld2_grec *pgr = 0;
1376         struct ip6_sf_list *psf, *psf_next, *psf_prev, **psf_list;
1377         int scount, first, isquery, truncate;
1378
1379         if (pmc->mca_flags & MAF_NOREPORT)
1380                 return skb;
1381
1382         isquery = type == MLD2_MODE_IS_INCLUDE ||
1383                   type == MLD2_MODE_IS_EXCLUDE;
1384         truncate = type == MLD2_MODE_IS_EXCLUDE ||
1385                     type == MLD2_CHANGE_TO_EXCLUDE;
1386
1387         psf_list = sdeleted ? &pmc->mca_tomb : &pmc->mca_sources;
1388
1389         if (!*psf_list) {
1390                 if (type == MLD2_ALLOW_NEW_SOURCES ||
1391                     type == MLD2_BLOCK_OLD_SOURCES)
1392                         return skb;
1393                 if (pmc->mca_crcount || isquery) {
1394                         /* make sure we have room for group header and at
1395                          * least one source.
1396                          */
1397                         if (skb && AVAILABLE(skb) < sizeof(struct mld2_grec)+
1398                             sizeof(struct in6_addr)) {
1399                                 mld_sendpack(skb);
1400                                 skb = 0; /* add_grhead will get a new one */
1401                         }
1402                         skb = add_grhead(skb, pmc, type, &pgr);
1403                 }
1404                 return skb;
1405         }
1406         pmr = skb ? (struct mld2_report *)skb->h.raw : 0;
1407
1408         /* EX and TO_EX get a fresh packet, if needed */
1409         if (truncate) {
1410                 if (pmr && pmr->ngrec &&
1411                     AVAILABLE(skb) < grec_size(pmc, type, gdeleted, sdeleted)) {
1412                         if (skb)
1413                                 mld_sendpack(skb);
1414                         skb = mld_newpack(dev, dev->mtu);
1415                 }
1416         }
1417         first = 1;
1418         scount = 0;
1419         psf_prev = 0;
1420         for (psf=*psf_list; psf; psf=psf_next) {
1421                 struct in6_addr *psrc;
1422
1423                 psf_next = psf->sf_next;
1424
1425                 if (!is_in(pmc, psf, type, gdeleted, sdeleted)) {
1426                         psf_prev = psf;
1427                         continue;
1428                 }
1429
1430                 /* clear marks on query responses */
1431                 if (isquery)
1432                         psf->sf_gsresp = 0;
1433
1434                 if (AVAILABLE(skb) < sizeof(*psrc) +
1435                     first*sizeof(struct mld2_grec)) {
1436                         if (truncate && !first)
1437                                 break;   /* truncate these */
1438                         if (pgr)
1439                                 pgr->grec_nsrcs = htons(scount);
1440                         if (skb)
1441                                 mld_sendpack(skb);
1442                         skb = mld_newpack(dev, dev->mtu);
1443                         first = 1;
1444                         scount = 0;
1445                 }
1446                 if (first) {
1447                         skb = add_grhead(skb, pmc, type, &pgr);
1448                         first = 0;
1449                 }
1450                 psrc = (struct in6_addr *)skb_put(skb, sizeof(*psrc));
1451                 *psrc = psf->sf_addr;
1452                 scount++;
1453                 if ((type == MLD2_ALLOW_NEW_SOURCES ||
1454                      type == MLD2_BLOCK_OLD_SOURCES) && psf->sf_crcount) {
1455                         psf->sf_crcount--;
1456                         if ((sdeleted || gdeleted) && psf->sf_crcount == 0) {
1457                                 if (psf_prev)
1458                                         psf_prev->sf_next = psf->sf_next;
1459                                 else
1460                                         *psf_list = psf->sf_next;
1461                                 kfree(psf);
1462                                 continue;
1463                         }
1464                 }
1465                 psf_prev = psf;
1466         }
1467         if (pgr)
1468                 pgr->grec_nsrcs = htons(scount);
1469
1470         if (isquery)
1471                 pmc->mca_flags &= ~MAF_GSQUERY; /* clear query state */
1472         return skb;
1473 }
1474
1475 static void mld_send_report(struct inet6_dev *idev, struct ifmcaddr6 *pmc)
1476 {
1477         struct sk_buff *skb = 0;
1478         int type;
1479
1480         if (!pmc) {
1481                 read_lock_bh(&idev->lock);
1482                 for (pmc=idev->mc_list; pmc; pmc=pmc->next) {
1483                         if (pmc->mca_flags & MAF_NOREPORT)
1484                                 continue;
1485                         spin_lock_bh(&pmc->mca_lock);
1486                         if (pmc->mca_sfcount[MCAST_EXCLUDE])
1487                                 type = MLD2_MODE_IS_EXCLUDE;
1488                         else
1489                                 type = MLD2_MODE_IS_INCLUDE;
1490                         skb = add_grec(skb, pmc, type, 0, 0);
1491                         spin_unlock_bh(&pmc->mca_lock);
1492                 }
1493                 read_unlock_bh(&idev->lock);
1494         } else {
1495                 spin_lock_bh(&pmc->mca_lock);
1496                 if (pmc->mca_sfcount[MCAST_EXCLUDE])
1497                         type = MLD2_MODE_IS_EXCLUDE;
1498                 else
1499                         type = MLD2_MODE_IS_INCLUDE;
1500                 skb = add_grec(skb, pmc, type, 0, 0);
1501                 spin_unlock_bh(&pmc->mca_lock);
1502         }
1503         if (skb)
1504                 mld_sendpack(skb);
1505 }
1506
1507 /*
1508  * remove zero-count source records from a source filter list
1509  */
1510 static void mld_clear_zeros(struct ip6_sf_list **ppsf)
1511 {
1512         struct ip6_sf_list *psf_prev, *psf_next, *psf;
1513
1514         psf_prev = 0;
1515         for (psf=*ppsf; psf; psf = psf_next) {
1516                 psf_next = psf->sf_next;
1517                 if (psf->sf_crcount == 0) {
1518                         if (psf_prev)
1519                                 psf_prev->sf_next = psf->sf_next;
1520                         else
1521                                 *ppsf = psf->sf_next;
1522                         kfree(psf);
1523                 } else
1524                         psf_prev = psf;
1525         }
1526 }
1527
1528 static void mld_send_cr(struct inet6_dev *idev)
1529 {
1530         struct ifmcaddr6 *pmc, *pmc_prev, *pmc_next;
1531         struct sk_buff *skb = 0;
1532         int type, dtype;
1533
1534         read_lock_bh(&idev->lock);
1535         write_lock_bh(&idev->mc_lock);
1536
1537         /* deleted MCA's */
1538         pmc_prev = 0;
1539         for (pmc=idev->mc_tomb; pmc; pmc=pmc_next) {
1540                 pmc_next = pmc->next;
1541                 if (pmc->mca_sfmode == MCAST_INCLUDE) {
1542                         type = MLD2_BLOCK_OLD_SOURCES;
1543                         dtype = MLD2_BLOCK_OLD_SOURCES;
1544                         skb = add_grec(skb, pmc, type, 1, 0);
1545                         skb = add_grec(skb, pmc, dtype, 1, 1);
1546                 }
1547                 if (pmc->mca_crcount) {
1548                         pmc->mca_crcount--;
1549                         if (pmc->mca_sfmode == MCAST_EXCLUDE) {
1550                                 type = MLD2_CHANGE_TO_INCLUDE;
1551                                 skb = add_grec(skb, pmc, type, 1, 0);
1552                         }
1553                         if (pmc->mca_crcount == 0) {
1554                                 mld_clear_zeros(&pmc->mca_tomb);
1555                                 mld_clear_zeros(&pmc->mca_sources);
1556                         }
1557                 }
1558                 if (pmc->mca_crcount == 0 && !pmc->mca_tomb &&
1559                     !pmc->mca_sources) {
1560                         if (pmc_prev)
1561                                 pmc_prev->next = pmc_next;
1562                         else
1563                                 idev->mc_tomb = pmc_next;
1564                         in6_dev_put(pmc->idev);
1565                         kfree(pmc);
1566                 } else
1567                         pmc_prev = pmc;
1568         }
1569         write_unlock_bh(&idev->mc_lock);
1570
1571         /* change recs */
1572         for (pmc=idev->mc_list; pmc; pmc=pmc->next) {
1573                 spin_lock_bh(&pmc->mca_lock);
1574                 if (pmc->mca_sfcount[MCAST_EXCLUDE]) {
1575                         type = MLD2_BLOCK_OLD_SOURCES;
1576                         dtype = MLD2_ALLOW_NEW_SOURCES;
1577                 } else {
1578                         type = MLD2_ALLOW_NEW_SOURCES;
1579                         dtype = MLD2_BLOCK_OLD_SOURCES;
1580                 }
1581                 skb = add_grec(skb, pmc, type, 0, 0);
1582                 skb = add_grec(skb, pmc, dtype, 0, 1);  /* deleted sources */
1583
1584                 /* filter mode changes */
1585                 if (pmc->mca_crcount) {
1586                         pmc->mca_crcount--;
1587                         if (pmc->mca_sfmode == MCAST_EXCLUDE)
1588                                 type = MLD2_CHANGE_TO_EXCLUDE;
1589                         else
1590                                 type = MLD2_CHANGE_TO_INCLUDE;
1591                         skb = add_grec(skb, pmc, type, 0, 0);
1592                 }
1593                 spin_unlock_bh(&pmc->mca_lock);
1594         }
1595         read_unlock_bh(&idev->lock);
1596         if (!skb)
1597                 return;
1598         (void) mld_sendpack(skb);
1599 }
1600
1601 static void igmp6_send(struct in6_addr *addr, struct net_device *dev, int type)
1602 {
1603         struct sock *sk = igmp6_socket->sk;
1604         struct inet6_dev *idev;
1605         struct sk_buff *skb;
1606         struct icmp6hdr *hdr;
1607         struct in6_addr *snd_addr;
1608         struct in6_addr *addrp;
1609         struct in6_addr addr_buf;
1610         struct in6_addr all_routers;
1611         int err, len, payload_len, full_len;
1612         u8 ra[8] = { IPPROTO_ICMPV6, 0,
1613                      IPV6_TLV_ROUTERALERT, 2, 0, 0,
1614                      IPV6_TLV_PADN, 0 };
1615
1616         IP6_INC_STATS(OutRequests);
1617         snd_addr = addr;
1618         if (type == ICMPV6_MGM_REDUCTION) {
1619                 snd_addr = &all_routers;
1620                 ipv6_addr_all_routers(&all_routers);
1621         }
1622
1623         len = sizeof(struct icmp6hdr) + sizeof(struct in6_addr);
1624         payload_len = len + sizeof(ra);
1625         full_len = sizeof(struct ipv6hdr) + payload_len;
1626
1627         skb = sock_alloc_send_skb(sk, LL_RESERVED_SPACE(dev) + full_len, 1, &err);
1628
1629         if (skb == NULL) {
1630                 IP6_INC_STATS(OutDiscards);
1631                 return;
1632         }
1633
1634         skb_reserve(skb, LL_RESERVED_SPACE(dev));
1635         if (dev->hard_header) {
1636                 unsigned char ha[MAX_ADDR_LEN];
1637                 ndisc_mc_map(snd_addr, ha, dev, 1);
1638                 if (dev->hard_header(skb, dev, ETH_P_IPV6, ha, NULL, full_len) < 0)
1639                         goto out;
1640         }
1641
1642         if (ipv6_get_lladdr(dev, &addr_buf)) {
1643                 /* <draft-ietf-magma-mld-source-05.txt>:
1644                  * use unspecified address as the source address
1645                  * when a valid link-local address is not available.
1646                  */
1647                 memset(&addr_buf, 0, sizeof(addr_buf));
1648         }
1649
1650         ip6_nd_hdr(sk, skb, dev, &addr_buf, snd_addr, NEXTHDR_HOP, payload_len);
1651
1652         memcpy(skb_put(skb, sizeof(ra)), ra, sizeof(ra));
1653
1654         hdr = (struct icmp6hdr *) skb_put(skb, sizeof(struct icmp6hdr));
1655         memset(hdr, 0, sizeof(struct icmp6hdr));
1656         hdr->icmp6_type = type;
1657
1658         addrp = (struct in6_addr *) skb_put(skb, sizeof(struct in6_addr));
1659         ipv6_addr_copy(addrp, addr);
1660
1661         hdr->icmp6_cksum = csum_ipv6_magic(&addr_buf, snd_addr, len,
1662                                            IPPROTO_ICMPV6,
1663                                            csum_partial((__u8 *) hdr, len, 0));
1664
1665         idev = in6_dev_get(skb->dev);
1666
1667         err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, skb->dev,
1668                 dev_queue_xmit);
1669         if (!err) {
1670                 if (type == ICMPV6_MGM_REDUCTION)
1671                         ICMP6_INC_STATS(idev, Icmp6OutGroupMembReductions);
1672                 else
1673                         ICMP6_INC_STATS(idev, Icmp6OutGroupMembResponses);
1674                 ICMP6_INC_STATS(idev, Icmp6OutMsgs);
1675                 IP6_INC_STATS(OutMcastPkts);
1676         } else
1677                 IP6_INC_STATS(OutDiscards);
1678
1679         if (likely(idev != NULL))
1680                 in6_dev_put(idev);
1681         return;
1682
1683 out:
1684         IP6_INC_STATS(OutDiscards);
1685         kfree_skb(skb);
1686 }
1687
1688 static int ip6_mc_del1_src(struct ifmcaddr6 *pmc, int sfmode,
1689         struct in6_addr *psfsrc)
1690 {
1691         struct ip6_sf_list *psf, *psf_prev;
1692         int rv = 0;
1693
1694         psf_prev = 0;
1695         for (psf=pmc->mca_sources; psf; psf=psf->sf_next) {
1696                 if (ipv6_addr_cmp(&psf->sf_addr, psfsrc) == 0)
1697                         break;
1698                 psf_prev = psf;
1699         }
1700         if (!psf || psf->sf_count[sfmode] == 0) {
1701                 /* source filter not found, or count wrong =>  bug */
1702                 return -ESRCH;
1703         }
1704         psf->sf_count[sfmode]--;
1705         if (!psf->sf_count[MCAST_INCLUDE] && !psf->sf_count[MCAST_EXCLUDE]) {
1706                 struct inet6_dev *idev = pmc->idev;
1707
1708                 /* no more filters for this source */
1709                 if (psf_prev)
1710                         psf_prev->sf_next = psf->sf_next;
1711                 else
1712                         pmc->mca_sources = psf->sf_next;
1713                 if (psf->sf_oldin && !(pmc->mca_flags & MAF_NOREPORT) &&
1714                     !MLD_V1_SEEN(idev)) {
1715                         psf->sf_crcount = idev->mc_qrv;
1716                         psf->sf_next = pmc->mca_tomb;
1717                         pmc->mca_tomb = psf;
1718                         rv = 1;
1719                 } else
1720                         kfree(psf);
1721         }
1722         return rv;
1723 }
1724
1725 int ip6_mc_del_src(struct inet6_dev *idev, struct in6_addr *pmca, int sfmode,
1726         int sfcount, struct in6_addr *psfsrc, int delta)
1727 {
1728         struct ifmcaddr6 *pmc;
1729         int     changerec = 0;
1730         int     i, err;
1731
1732         if (!idev)
1733                 return -ENODEV;
1734         read_lock_bh(&idev->lock);
1735         for (pmc=idev->mc_list; pmc; pmc=pmc->next) {
1736                 if (ipv6_addr_cmp(pmca, &pmc->mca_addr) == 0)
1737                         break;
1738         }
1739         if (!pmc) {
1740                 /* MCA not found?? bug */
1741                 read_unlock_bh(&idev->lock);
1742                 return -ESRCH;
1743         }
1744         spin_lock_bh(&pmc->mca_lock);
1745         sf_markstate(pmc);
1746         if (!delta) {
1747                 if (!pmc->mca_sfcount[sfmode]) {
1748                         spin_unlock_bh(&pmc->mca_lock);
1749                         read_unlock_bh(&idev->lock);
1750                         return -EINVAL;
1751                 }
1752                 pmc->mca_sfcount[sfmode]--;
1753         }
1754         err = 0;
1755         for (i=0; i<sfcount; i++) {
1756                 int rv = ip6_mc_del1_src(pmc, sfmode, &psfsrc[i]);
1757
1758                 changerec |= rv > 0;
1759                 if (!err && rv < 0)
1760                         err = rv;
1761         }
1762         if (pmc->mca_sfmode == MCAST_EXCLUDE &&
1763             pmc->mca_sfcount[MCAST_EXCLUDE] == 0 &&
1764             pmc->mca_sfcount[MCAST_INCLUDE]) {
1765                 struct ip6_sf_list *psf;
1766
1767                 /* filter mode change */
1768                 pmc->mca_sfmode = MCAST_INCLUDE;
1769                 pmc->mca_crcount = idev->mc_qrv;
1770                 idev->mc_ifc_count = pmc->mca_crcount;
1771                 for (psf=pmc->mca_sources; psf; psf = psf->sf_next)
1772                         psf->sf_crcount = 0;
1773                 mld_ifc_event(pmc->idev);
1774         } else if (sf_setstate(pmc) || changerec)
1775                 mld_ifc_event(pmc->idev);
1776         spin_unlock_bh(&pmc->mca_lock);
1777         read_unlock_bh(&idev->lock);
1778         return err;
1779 }
1780
1781 /*
1782  * Add multicast single-source filter to the interface list
1783  */
1784 static int ip6_mc_add1_src(struct ifmcaddr6 *pmc, int sfmode,
1785         struct in6_addr *psfsrc, int delta)
1786 {
1787         struct ip6_sf_list *psf, *psf_prev;
1788
1789         psf_prev = 0;
1790         for (psf=pmc->mca_sources; psf; psf=psf->sf_next) {
1791                 if (ipv6_addr_cmp(&psf->sf_addr, psfsrc) == 0)
1792                         break;
1793                 psf_prev = psf;
1794         }
1795         if (!psf) {
1796                 psf = (struct ip6_sf_list *)kmalloc(sizeof(*psf), GFP_ATOMIC);
1797                 if (!psf)
1798                         return -ENOBUFS;
1799                 memset(psf, 0, sizeof(*psf));
1800                 psf->sf_addr = *psfsrc;
1801                 if (psf_prev) {
1802                         psf_prev->sf_next = psf;
1803                 } else
1804                         pmc->mca_sources = psf;
1805         }
1806         psf->sf_count[sfmode]++;
1807         return 0;
1808 }
1809
1810 static void sf_markstate(struct ifmcaddr6 *pmc)
1811 {
1812         struct ip6_sf_list *psf;
1813         int mca_xcount = pmc->mca_sfcount[MCAST_EXCLUDE];
1814
1815         for (psf=pmc->mca_sources; psf; psf=psf->sf_next)
1816                 if (pmc->mca_sfcount[MCAST_EXCLUDE]) {
1817                         psf->sf_oldin = mca_xcount ==
1818                                 psf->sf_count[MCAST_EXCLUDE] &&
1819                                 !psf->sf_count[MCAST_INCLUDE];
1820                 } else
1821                         psf->sf_oldin = psf->sf_count[MCAST_INCLUDE] != 0;
1822 }
1823
1824 static int sf_setstate(struct ifmcaddr6 *pmc)
1825 {
1826         struct ip6_sf_list *psf;
1827         int mca_xcount = pmc->mca_sfcount[MCAST_EXCLUDE];
1828         int qrv = pmc->idev->mc_qrv;
1829         int new_in, rv;
1830
1831         rv = 0;
1832         for (psf=pmc->mca_sources; psf; psf=psf->sf_next) {
1833                 if (pmc->mca_sfcount[MCAST_EXCLUDE]) {
1834                         new_in = mca_xcount == psf->sf_count[MCAST_EXCLUDE] &&
1835                                 !psf->sf_count[MCAST_INCLUDE];
1836                 } else
1837                         new_in = psf->sf_count[MCAST_INCLUDE] != 0;
1838                 if (new_in != psf->sf_oldin) {
1839                         psf->sf_crcount = qrv;
1840                         rv++;
1841                 }
1842         }
1843         return rv;
1844 }
1845
1846 /*
1847  * Add multicast source filter list to the interface list
1848  */
1849 int ip6_mc_add_src(struct inet6_dev *idev, struct in6_addr *pmca, int sfmode,
1850         int sfcount, struct in6_addr *psfsrc, int delta)
1851 {
1852         struct ifmcaddr6 *pmc;
1853         int     isexclude;
1854         int     i, err;
1855
1856         if (!idev)
1857                 return -ENODEV;
1858         read_lock_bh(&idev->lock);
1859         for (pmc=idev->mc_list; pmc; pmc=pmc->next) {
1860                 if (ipv6_addr_cmp(pmca, &pmc->mca_addr) == 0)
1861                         break;
1862         }
1863         if (!pmc) {
1864                 /* MCA not found?? bug */
1865                 read_unlock_bh(&idev->lock);
1866                 return -ESRCH;
1867         }
1868         spin_lock_bh(&pmc->mca_lock);
1869
1870         sf_markstate(pmc);
1871         isexclude = pmc->mca_sfmode == MCAST_EXCLUDE;
1872         if (!delta)
1873                 pmc->mca_sfcount[sfmode]++;
1874         err = 0;
1875         for (i=0; i<sfcount; i++) {
1876                 err = ip6_mc_add1_src(pmc, sfmode, &psfsrc[i], delta);
1877                 if (err)
1878                         break;
1879         }
1880         if (err) {
1881                 int j;
1882
1883                 pmc->mca_sfcount[sfmode]--;
1884                 for (j=0; j<i; j++)
1885                         (void) ip6_mc_del1_src(pmc, sfmode, &psfsrc[i]);
1886         } else if (isexclude != (pmc->mca_sfcount[MCAST_EXCLUDE] != 0)) {
1887                 struct inet6_dev *idev = pmc->idev;
1888                 struct ip6_sf_list *psf;
1889
1890                 /* filter mode change */
1891                 if (pmc->mca_sfcount[MCAST_EXCLUDE])
1892                         pmc->mca_sfmode = MCAST_EXCLUDE;
1893                 else if (pmc->mca_sfcount[MCAST_INCLUDE])
1894                         pmc->mca_sfmode = MCAST_INCLUDE;
1895                 /* else no filters; keep old mode for reports */
1896
1897                 pmc->mca_crcount = idev->mc_qrv;
1898                 idev->mc_ifc_count = pmc->mca_crcount;
1899                 for (psf=pmc->mca_sources; psf; psf = psf->sf_next)
1900                         psf->sf_crcount = 0;
1901                 mld_ifc_event(idev);
1902         } else if (sf_setstate(pmc))
1903                 mld_ifc_event(idev);
1904         spin_unlock_bh(&pmc->mca_lock);
1905         read_unlock_bh(&idev->lock);
1906         return err;
1907 }
1908
1909 static void ip6_mc_clear_src(struct ifmcaddr6 *pmc)
1910 {
1911         struct ip6_sf_list *psf, *nextpsf;
1912
1913         for (psf=pmc->mca_tomb; psf; psf=nextpsf) {
1914                 nextpsf = psf->sf_next;
1915                 kfree(psf);
1916         }
1917         pmc->mca_tomb = 0;
1918         for (psf=pmc->mca_sources; psf; psf=nextpsf) {
1919                 nextpsf = psf->sf_next;
1920                 kfree(psf);
1921         }
1922         pmc->mca_sources = 0;
1923         pmc->mca_sfmode = MCAST_EXCLUDE;
1924         pmc->mca_sfcount[MCAST_EXCLUDE] = 0;
1925         pmc->mca_sfcount[MCAST_EXCLUDE] = 1;
1926 }
1927
1928
1929 static void igmp6_join_group(struct ifmcaddr6 *ma)
1930 {
1931         unsigned long delay;
1932
1933         if (ma->mca_flags & MAF_NOREPORT)
1934                 return;
1935
1936         igmp6_send(&ma->mca_addr, ma->idev->dev, ICMPV6_MGM_REPORT);
1937
1938         delay = net_random() % IGMP6_UNSOLICITED_IVAL;
1939
1940         spin_lock_bh(&ma->mca_lock);
1941         if (del_timer(&ma->mca_timer)) {
1942                 atomic_dec(&ma->mca_refcnt);
1943                 delay = ma->mca_timer.expires - jiffies;
1944         }
1945
1946         if (!mod_timer(&ma->mca_timer, jiffies + delay))
1947                 atomic_inc(&ma->mca_refcnt);
1948         ma->mca_flags |= MAF_TIMER_RUNNING | MAF_LAST_REPORTER;
1949         spin_unlock_bh(&ma->mca_lock);
1950 }
1951
1952 int ip6_mc_leave_src(struct sock *sk, struct ipv6_mc_socklist *iml,
1953         struct inet6_dev *idev)
1954 {
1955         int err;
1956
1957         if (iml->sflist == 0) {
1958                 /* any-source empty exclude case */
1959                 return ip6_mc_del_src(idev, &iml->addr, iml->sfmode, 0, 0, 0);
1960         }
1961         err = ip6_mc_del_src(idev, &iml->addr, iml->sfmode,
1962                 iml->sflist->sl_count, iml->sflist->sl_addr, 0);
1963         sock_kfree_s(sk, iml->sflist, IP6_SFLSIZE(iml->sflist->sl_max));
1964         iml->sflist = 0;
1965         return err;
1966 }
1967
1968 static void igmp6_leave_group(struct ifmcaddr6 *ma)
1969 {
1970         if (MLD_V1_SEEN(ma->idev)) {
1971                 if (ma->mca_flags & MAF_LAST_REPORTER)
1972                         igmp6_send(&ma->mca_addr, ma->idev->dev,
1973                                 ICMPV6_MGM_REDUCTION);
1974         } else {
1975                 mld_add_delrec(ma->idev, ma);
1976                 mld_ifc_event(ma->idev);
1977         }
1978 }
1979
1980 static void mld_gq_timer_expire(unsigned long data)
1981 {
1982         struct inet6_dev *idev = (struct inet6_dev *)data;
1983
1984         idev->mc_gq_running = 0;
1985         mld_send_report(idev, 0);
1986         __in6_dev_put(idev);
1987 }
1988
1989 static void mld_ifc_timer_expire(unsigned long data)
1990 {
1991         struct inet6_dev *idev = (struct inet6_dev *)data;
1992
1993         mld_send_cr(idev);
1994         if (idev->mc_ifc_count) {
1995                 idev->mc_ifc_count--;
1996                 if (idev->mc_ifc_count)
1997                         mld_ifc_start_timer(idev, idev->mc_maxdelay);
1998         }
1999         __in6_dev_put(idev);
2000 }
2001
2002 static void mld_ifc_event(struct inet6_dev *idev)
2003 {
2004         if (MLD_V1_SEEN(idev))
2005                 return;
2006         idev->mc_ifc_count = idev->mc_qrv;
2007         mld_ifc_start_timer(idev, 1);
2008 }
2009
2010
2011 static void igmp6_timer_handler(unsigned long data)
2012 {
2013         struct ifmcaddr6 *ma = (struct ifmcaddr6 *) data;
2014
2015         if (MLD_V1_SEEN(ma->idev))
2016                 igmp6_send(&ma->mca_addr, ma->idev->dev, ICMPV6_MGM_REPORT);
2017         else
2018                 mld_send_report(ma->idev, ma);
2019
2020         spin_lock(&ma->mca_lock);
2021         ma->mca_flags |=  MAF_LAST_REPORTER;
2022         ma->mca_flags &= ~MAF_TIMER_RUNNING;
2023         spin_unlock(&ma->mca_lock);
2024         ma_put(ma);
2025 }
2026
2027 /* Device going down */
2028
2029 void ipv6_mc_down(struct inet6_dev *idev)
2030 {
2031         struct ifmcaddr6 *i;
2032
2033         /* Withdraw multicast list */
2034
2035         read_lock_bh(&idev->lock);
2036         idev->mc_ifc_count = 0;
2037         if (del_timer(&idev->mc_ifc_timer))
2038                 __in6_dev_put(idev);
2039         idev->mc_gq_running = 0;
2040         if (del_timer(&idev->mc_gq_timer))
2041                 __in6_dev_put(idev);
2042
2043         for (i = idev->mc_list; i; i=i->next)
2044                 igmp6_group_dropped(i);
2045         read_unlock_bh(&idev->lock);
2046
2047         mld_clear_delrec(idev);
2048 }
2049
2050
2051 /* Device going up */
2052
2053 void ipv6_mc_up(struct inet6_dev *idev)
2054 {
2055         struct ifmcaddr6 *i;
2056
2057         /* Install multicast list, except for all-nodes (already installed) */
2058
2059         read_lock_bh(&idev->lock);
2060         for (i = idev->mc_list; i; i=i->next)
2061                 igmp6_group_added(i);
2062         read_unlock_bh(&idev->lock);
2063 }
2064
2065 /* IPv6 device initialization. */
2066
2067 void ipv6_mc_init_dev(struct inet6_dev *idev)
2068 {
2069         struct in6_addr maddr;
2070
2071         write_lock_bh(&idev->lock);
2072         idev->mc_lock = RW_LOCK_UNLOCKED;
2073         idev->mc_gq_running = 0;
2074         init_timer(&idev->mc_gq_timer);
2075         idev->mc_gq_timer.data = (unsigned long) idev;
2076         idev->mc_gq_timer.function = &mld_gq_timer_expire;
2077         idev->mc_tomb = 0;
2078         idev->mc_ifc_count = 0;
2079         init_timer(&idev->mc_ifc_timer);
2080         idev->mc_ifc_timer.data = (unsigned long) idev;
2081         idev->mc_ifc_timer.function = &mld_ifc_timer_expire;
2082         idev->mc_qrv = MLD_QRV_DEFAULT;
2083         idev->mc_maxdelay = IGMP6_UNSOLICITED_IVAL;
2084         idev->mc_v1_seen = 0;
2085         write_unlock_bh(&idev->lock);
2086
2087         /* Add all-nodes address. */
2088         ipv6_addr_all_nodes(&maddr);
2089         ipv6_dev_mc_inc(idev->dev, &maddr);
2090 }
2091
2092 /*
2093  *      Device is about to be destroyed: clean up.
2094  */
2095
2096 void ipv6_mc_destroy_dev(struct inet6_dev *idev)
2097 {
2098         struct ifmcaddr6 *i;
2099         struct in6_addr maddr;
2100
2101         /* Deactivate timers */
2102         ipv6_mc_down(idev);
2103
2104         /* Delete all-nodes address. */
2105         ipv6_addr_all_nodes(&maddr);
2106
2107         /* We cannot call ipv6_dev_mc_dec() directly, our caller in
2108          * addrconf.c has NULL'd out dev->ip6_ptr so in6_dev_get() will
2109          * fail.
2110          */
2111         __ipv6_dev_mc_dec(idev->dev, idev, &maddr);
2112
2113         write_lock_bh(&idev->lock);
2114         while ((i = idev->mc_list) != NULL) {
2115                 idev->mc_list = i->next;
2116                 write_unlock_bh(&idev->lock);
2117
2118                 igmp6_group_dropped(i);
2119                 ma_put(i);
2120
2121                 write_lock_bh(&idev->lock);
2122         }
2123         write_unlock_bh(&idev->lock);
2124 }
2125
2126 #ifdef CONFIG_PROC_FS
2127 struct igmp6_mc_iter_state {
2128         struct net_device *dev;
2129         struct inet6_dev *idev;
2130 };
2131
2132 #define igmp6_mc_seq_private(seq)       ((struct igmp6_mc_iter_state *)(seq)->private)
2133
2134 static inline struct ifmcaddr6 *igmp6_mc_get_first(struct seq_file *seq)
2135 {
2136         struct ifmcaddr6 *im = NULL;
2137         struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq);
2138
2139         for (state->dev = dev_base, state->idev = NULL;
2140              state->dev;
2141              state->dev = state->dev->next) {
2142                 struct inet6_dev *idev;
2143                 idev = in6_dev_get(state->dev);
2144                 if (!idev)
2145                         continue;
2146                 read_lock_bh(&idev->lock);
2147                 im = idev->mc_list;
2148                 if (im) {
2149                         state->idev = idev;
2150                         break;
2151                 }
2152                 read_unlock_bh(&idev->lock);
2153                 in6_dev_put(idev);
2154         }
2155         return im;
2156 }
2157
2158 static struct ifmcaddr6 *igmp6_mc_get_next(struct seq_file *seq, struct ifmcaddr6 *im)
2159 {
2160         struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq);
2161
2162         im = im->next;
2163         while (!im) {
2164                 if (likely(state->idev != NULL)) {
2165                         read_unlock_bh(&state->idev->lock);
2166                         in6_dev_put(state->idev);
2167                 }
2168                 state->dev = state->dev->next;
2169                 if (!state->dev) {
2170                         state->idev = NULL;
2171                         break;
2172                 }
2173                 state->idev = in6_dev_get(state->dev);
2174                 if (!state->idev)
2175                         continue;
2176                 read_lock_bh(&state->idev->lock);
2177                 im = state->idev->mc_list;
2178         }
2179         return im;
2180 }
2181
2182 static struct ifmcaddr6 *igmp6_mc_get_idx(struct seq_file *seq, loff_t pos)
2183 {
2184         struct ifmcaddr6 *im = igmp6_mc_get_first(seq);
2185         if (im)
2186                 while (pos && (im = igmp6_mc_get_next(seq, im)) != NULL)
2187                         --pos;
2188         return pos ? NULL : im;
2189 }
2190
2191 static void *igmp6_mc_seq_start(struct seq_file *seq, loff_t *pos)
2192 {
2193         read_lock(&dev_base_lock);
2194         return igmp6_mc_get_idx(seq, *pos);
2195 }
2196
2197 static void *igmp6_mc_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2198 {
2199         struct ifmcaddr6 *im;
2200         im = igmp6_mc_get_next(seq, v);
2201         ++*pos;
2202         return im;
2203 }
2204
2205 static void igmp6_mc_seq_stop(struct seq_file *seq, void *v)
2206 {
2207         struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq);
2208         if (likely(state->idev != NULL)) {
2209                 read_unlock_bh(&state->idev->lock);
2210                 in6_dev_put(state->idev);
2211                 state->idev = NULL;
2212         }
2213         state->dev = NULL;
2214         read_unlock(&dev_base_lock);
2215 }
2216
2217 static int igmp6_mc_seq_show(struct seq_file *seq, void *v)
2218 {
2219         struct ifmcaddr6 *im = (struct ifmcaddr6 *)v;
2220         struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq);
2221
2222         seq_printf(seq,
2223                    "%-4d %-15s %04x%04x%04x%04x%04x%04x%04x%04x %5d %08X %ld\n",
2224                    state->dev->ifindex, state->dev->name,
2225                    NIP6(im->mca_addr),
2226                    im->mca_users, im->mca_flags,
2227                    (im->mca_flags&MAF_TIMER_RUNNING) ?
2228                    jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0);
2229         return 0;
2230 }
2231
2232 static struct seq_operations igmp6_mc_seq_ops = {
2233         .start  =       igmp6_mc_seq_start,
2234         .next   =       igmp6_mc_seq_next,
2235         .stop   =       igmp6_mc_seq_stop,
2236         .show   =       igmp6_mc_seq_show,
2237 };
2238
2239 static int igmp6_mc_seq_open(struct inode *inode, struct file *file)
2240 {
2241         struct seq_file *seq;
2242         int rc = -ENOMEM;
2243         struct igmp6_mc_iter_state *s = kmalloc(sizeof(*s), GFP_KERNEL);
2244
2245         if (!s)
2246                 goto out;
2247
2248         rc = seq_open(file, &igmp6_mc_seq_ops);
2249         if (rc)
2250                 goto out_kfree;
2251
2252         seq = file->private_data;
2253         seq->private = s;
2254         memset(s, 0, sizeof(*s));
2255 out:
2256         return rc;
2257 out_kfree:
2258         kfree(s);
2259         goto out;
2260 }
2261
2262 static struct file_operations igmp6_mc_seq_fops = {
2263         .owner          =       THIS_MODULE,
2264         .open           =       igmp6_mc_seq_open,
2265         .read           =       seq_read,
2266         .llseek         =       seq_lseek,
2267         .release        =       seq_release_private,
2268 };
2269
2270 struct igmp6_mcf_iter_state {
2271         struct net_device *dev;
2272         struct inet6_dev *idev;
2273         struct ifmcaddr6 *im;
2274 };
2275
2276 #define igmp6_mcf_seq_private(seq)      ((struct igmp6_mcf_iter_state *)(seq)->private)
2277
2278 static inline struct ip6_sf_list *igmp6_mcf_get_first(struct seq_file *seq)
2279 {
2280         struct ip6_sf_list *psf = NULL;
2281         struct ifmcaddr6 *im = NULL;
2282         struct igmp6_mcf_iter_state *state = igmp6_mcf_seq_private(seq);
2283
2284         for (state->dev = dev_base, state->idev = NULL, state->im = NULL;
2285              state->dev;
2286              state->dev = state->dev->next) {
2287                 struct inet6_dev *idev;
2288                 idev = in6_dev_get(state->dev);
2289                 if (unlikely(idev == NULL))
2290                         continue;
2291                 read_lock_bh(&idev->lock);
2292                 im = idev->mc_list;
2293                 if (likely(im != NULL)) {
2294                         spin_lock_bh(&im->mca_lock);
2295                         psf = im->mca_sources;
2296                         if (likely(psf != NULL)) {
2297                                 state->im = im;
2298                                 state->idev = idev;
2299                                 break;
2300                         }
2301                         spin_unlock_bh(&im->mca_lock);
2302                 }
2303                 read_unlock_bh(&idev->lock);
2304                 in6_dev_put(idev);
2305         }
2306         return psf;
2307 }
2308
2309 static struct ip6_sf_list *igmp6_mcf_get_next(struct seq_file *seq, struct ip6_sf_list *psf)
2310 {
2311         struct igmp6_mcf_iter_state *state = igmp6_mcf_seq_private(seq);
2312
2313         psf = psf->sf_next;
2314         while (!psf) {
2315                 spin_unlock_bh(&state->im->mca_lock);
2316                 state->im = state->im->next;
2317                 while (!state->im) {
2318                         if (likely(state->idev != NULL)) {
2319                                 read_unlock_bh(&state->idev->lock);
2320                                 in6_dev_put(state->idev);
2321                         }
2322                         state->dev = state->dev->next;
2323                         if (!state->dev) {
2324                                 state->idev = NULL;
2325                                 goto out;
2326                         }
2327                         state->idev = in6_dev_get(state->dev);
2328                         if (!state->idev)
2329                                 continue;
2330                         read_lock_bh(&state->idev->lock);
2331                         state->im = state->idev->mc_list;
2332                 }
2333                 if (!state->im)
2334                         break;
2335                 spin_lock_bh(&state->im->mca_lock);
2336                 psf = state->im->mca_sources;
2337         }
2338 out:
2339         return psf;
2340 }
2341
2342 static struct ip6_sf_list *igmp6_mcf_get_idx(struct seq_file *seq, loff_t pos)
2343 {
2344         struct ip6_sf_list *psf = igmp6_mcf_get_first(seq);
2345         if (psf)
2346                 while (pos && (psf = igmp6_mcf_get_next(seq, psf)) != NULL)
2347                         --pos;
2348         return pos ? NULL : psf;
2349 }
2350
2351 static void *igmp6_mcf_seq_start(struct seq_file *seq, loff_t *pos)
2352 {
2353         read_lock(&dev_base_lock);
2354         return *pos ? igmp6_mcf_get_idx(seq, *pos - 1) : SEQ_START_TOKEN;
2355 }
2356
2357 static void *igmp6_mcf_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2358 {
2359         struct ip6_sf_list *psf;
2360         if (v == SEQ_START_TOKEN)
2361                 psf = igmp6_mcf_get_first(seq);
2362         else
2363                 psf = igmp6_mcf_get_next(seq, v);
2364         ++*pos;
2365         return psf;
2366 }
2367
2368 static void igmp6_mcf_seq_stop(struct seq_file *seq, void *v)
2369 {
2370         struct igmp6_mcf_iter_state *state = igmp6_mcf_seq_private(seq);
2371         if (likely(state->im != NULL)) {
2372                 spin_unlock_bh(&state->im->mca_lock);
2373                 state->im = NULL;
2374         }
2375         if (likely(state->idev != NULL)) {
2376                 read_unlock_bh(&state->idev->lock);
2377                 in6_dev_put(state->idev);
2378                 state->idev = NULL;
2379         }
2380         state->dev = NULL;
2381         read_unlock(&dev_base_lock);
2382 }
2383
2384 static int igmp6_mcf_seq_show(struct seq_file *seq, void *v)
2385 {
2386         struct ip6_sf_list *psf = (struct ip6_sf_list *)v;
2387         struct igmp6_mcf_iter_state *state = igmp6_mcf_seq_private(seq);
2388
2389         if (v == SEQ_START_TOKEN) {
2390                 seq_printf(seq,
2391                            "%3s %6s "
2392                            "%32s %32s %6s %6s\n", "Idx",
2393                            "Device", "Multicast Address",
2394                            "Source Address", "INC", "EXC");
2395         } else {
2396                 seq_printf(seq,
2397                            "%3d %6.6s "
2398                            "%04x%04x%04x%04x%04x%04x%04x%04x "
2399                            "%04x%04x%04x%04x%04x%04x%04x%04x "
2400                            "%6lu %6lu\n",
2401                            state->dev->ifindex, state->dev->name,
2402                            NIP6(state->im->mca_addr),
2403                            NIP6(psf->sf_addr),
2404                            psf->sf_count[MCAST_INCLUDE],
2405                            psf->sf_count[MCAST_EXCLUDE]);
2406         }
2407         return 0;
2408 }
2409
2410 static struct seq_operations igmp6_mcf_seq_ops = {
2411         .start  =       igmp6_mcf_seq_start,
2412         .next   =       igmp6_mcf_seq_next,
2413         .stop   =       igmp6_mcf_seq_stop,
2414         .show   =       igmp6_mcf_seq_show,
2415 };
2416
2417 static int igmp6_mcf_seq_open(struct inode *inode, struct file *file)
2418 {
2419         struct seq_file *seq;
2420         int rc = -ENOMEM;
2421         struct igmp6_mcf_iter_state *s = kmalloc(sizeof(*s), GFP_KERNEL);
2422
2423         if (!s)
2424                 goto out;
2425
2426         rc = seq_open(file, &igmp6_mcf_seq_ops);
2427         if (rc)
2428                 goto out_kfree;
2429
2430         seq = file->private_data;
2431         seq->private = s;
2432         memset(s, 0, sizeof(*s));
2433 out:
2434         return rc;
2435 out_kfree:
2436         kfree(s);
2437         goto out;
2438 }
2439
2440 static struct file_operations igmp6_mcf_seq_fops = {
2441         .owner          =       THIS_MODULE,
2442         .open           =       igmp6_mcf_seq_open,
2443         .read           =       seq_read,
2444         .llseek         =       seq_lseek,
2445         .release        =       seq_release_private,
2446 };
2447 #endif
2448
2449 int __init igmp6_init(struct net_proto_family *ops)
2450 {
2451         struct ipv6_pinfo *np;
2452         struct sock *sk;
2453         int err;
2454
2455         err = sock_create_kern(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6, &igmp6_socket);
2456         if (err < 0) {
2457                 printk(KERN_ERR
2458                        "Failed to initialize the IGMP6 control socket (err %d).\n",
2459                        err);
2460                 igmp6_socket = NULL; /* For safety. */
2461                 return err;
2462         }
2463
2464         sk = igmp6_socket->sk;
2465         sk->sk_allocation = GFP_ATOMIC;
2466         sk->sk_prot->unhash(sk);
2467
2468         np = inet6_sk(sk);
2469         np->hop_limit = 1;
2470
2471 #ifdef CONFIG_PROC_FS
2472         proc_net_fops_create("igmp6", S_IRUGO, &igmp6_mc_seq_fops);
2473         proc_net_fops_create("mcfilter6", S_IRUGO, &igmp6_mcf_seq_fops);
2474 #endif
2475
2476         return 0;
2477 }
2478
2479 void igmp6_cleanup(void)
2480 {
2481         sock_release(igmp6_socket);
2482         igmp6_socket = NULL; /* for safety */
2483
2484 #ifdef CONFIG_PROC_FS
2485         proc_net_remove("mcfilter6");
2486         proc_net_remove("igmp6");
2487 #endif
2488 }