1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Bridge multicast support. 4 * 5 * Copyright (c) 2010 Herbert Xu <herbert@gondor.apana.org.au> 6 */ 7 8 #include <linux/err.h> 9 #include <linux/export.h> 10 #include <linux/if_ether.h> 11 #include <linux/igmp.h> 12 #include <linux/in.h> 13 #include <linux/jhash.h> 14 #include <linux/kernel.h> 15 #include <linux/log2.h> 16 #include <linux/netdevice.h> 17 #include <linux/netfilter_bridge.h> 18 #include <linux/random.h> 19 #include <linux/rculist.h> 20 #include <linux/skbuff.h> 21 #include <linux/slab.h> 22 #include <linux/timer.h> 23 #include <linux/inetdevice.h> 24 #include <linux/mroute.h> 25 #include <net/ip.h> 26 #include <net/switchdev.h> 27 #if IS_ENABLED(CONFIG_IPV6) 28 #include <linux/icmpv6.h> 29 #include <net/ipv6.h> 30 #include <net/mld.h> 31 #include <net/ip6_checksum.h> 32 #include <net/addrconf.h> 33 #endif 34 #include <trace/events/bridge.h> 35 36 #include "br_private.h" 37 #include "br_private_mcast_eht.h" 38 39 static const struct rhashtable_params br_mdb_rht_params = { 40 .head_offset = offsetof(struct net_bridge_mdb_entry, rhnode), 41 .key_offset = offsetof(struct net_bridge_mdb_entry, addr), 42 .key_len = sizeof(struct br_ip), 43 .automatic_shrinking = true, 44 }; 45 46 static const struct rhashtable_params br_sg_port_rht_params = { 47 .head_offset = offsetof(struct net_bridge_port_group, rhnode), 48 .key_offset = offsetof(struct net_bridge_port_group, key), 49 .key_len = sizeof(struct net_bridge_port_group_sg_key), 50 .automatic_shrinking = true, 51 }; 52 53 static void br_multicast_start_querier(struct net_bridge_mcast *brmctx, 54 struct bridge_mcast_own_query *query); 55 static void br_ip4_multicast_add_router(struct net_bridge_mcast *brmctx, 56 struct net_bridge_mcast_port *pmctx); 57 static void br_ip4_multicast_leave_group(struct net_bridge_mcast *brmctx, 58 struct net_bridge_mcast_port *pmctx, 59 __be32 group, 60 __u16 vid, 61 const unsigned char *src); 62 static void br_multicast_port_group_rexmit(struct timer_list *t); 63 64 static void 65 br_multicast_rport_del_notify(struct net_bridge_mcast_port *pmctx, bool deleted); 66 static void br_ip6_multicast_add_router(struct net_bridge_mcast *brmctx, 67 struct net_bridge_mcast_port *pmctx); 68 #if IS_ENABLED(CONFIG_IPV6) 69 static void br_ip6_multicast_leave_group(struct net_bridge_mcast *brmctx, 70 struct net_bridge_mcast_port *pmctx, 71 const struct in6_addr *group, 72 __u16 vid, const unsigned char *src); 73 #endif 74 static struct net_bridge_port_group * 75 __br_multicast_add_group(struct net_bridge_mcast *brmctx, 76 struct net_bridge_mcast_port *pmctx, 77 struct br_ip *group, 78 const unsigned char *src, 79 u8 filter_mode, 80 bool igmpv2_mldv1, 81 bool blocked); 82 static void br_multicast_find_del_pg(struct net_bridge *br, 83 struct net_bridge_port_group *pg); 84 static void __br_multicast_stop(struct net_bridge_mcast *brmctx); 85 86 static int br_mc_disabled_update(struct net_device *dev, bool value, 87 struct netlink_ext_ack *extack); 88 89 static struct net_bridge_port_group * 90 br_sg_port_find(struct net_bridge *br, 91 struct net_bridge_port_group_sg_key *sg_p) 92 { 93 lockdep_assert_held_once(&br->multicast_lock); 94 95 return rhashtable_lookup_fast(&br->sg_port_tbl, sg_p, 96 br_sg_port_rht_params); 97 } 98 99 static struct net_bridge_mdb_entry *br_mdb_ip_get_rcu(struct net_bridge *br, 100 struct br_ip *dst) 101 { 102 return rhashtable_lookup(&br->mdb_hash_tbl, dst, br_mdb_rht_params); 103 } 104 105 struct net_bridge_mdb_entry *br_mdb_ip_get(struct net_bridge *br, 106 struct br_ip *dst) 107 { 108 struct net_bridge_mdb_entry *ent; 109 110 lockdep_assert_held_once(&br->multicast_lock); 111 112 rcu_read_lock(); 113 ent = rhashtable_lookup(&br->mdb_hash_tbl, dst, br_mdb_rht_params); 114 rcu_read_unlock(); 115 116 return ent; 117 } 118 119 static struct net_bridge_mdb_entry *br_mdb_ip4_get(struct net_bridge *br, 120 __be32 dst, __u16 vid) 121 { 122 struct br_ip br_dst; 123 124 memset(&br_dst, 0, sizeof(br_dst)); 125 br_dst.dst.ip4 = dst; 126 br_dst.proto = htons(ETH_P_IP); 127 br_dst.vid = vid; 128 129 return br_mdb_ip_get(br, &br_dst); 130 } 131 132 #if IS_ENABLED(CONFIG_IPV6) 133 static struct net_bridge_mdb_entry *br_mdb_ip6_get(struct net_bridge *br, 134 const struct in6_addr *dst, 135 __u16 vid) 136 { 137 struct br_ip br_dst; 138 139 memset(&br_dst, 0, sizeof(br_dst)); 140 br_dst.dst.ip6 = *dst; 141 br_dst.proto = htons(ETH_P_IPV6); 142 br_dst.vid = vid; 143 144 return br_mdb_ip_get(br, &br_dst); 145 } 146 #endif 147 148 struct net_bridge_mdb_entry * 149 br_mdb_entry_skb_get(struct net_bridge_mcast *brmctx, struct sk_buff *skb, 150 u16 vid) 151 { 152 struct net_bridge *br = brmctx->br; 153 struct br_ip ip; 154 155 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED) || 156 br_multicast_ctx_vlan_global_disabled(brmctx)) 157 return NULL; 158 159 if (BR_INPUT_SKB_CB(skb)->igmp) 160 return NULL; 161 162 memset(&ip, 0, sizeof(ip)); 163 ip.proto = skb->protocol; 164 ip.vid = vid; 165 166 switch (skb->protocol) { 167 case htons(ETH_P_IP): 168 ip.dst.ip4 = ip_hdr(skb)->daddr; 169 if (brmctx->multicast_igmp_version == 3) { 170 struct net_bridge_mdb_entry *mdb; 171 172 ip.src.ip4 = ip_hdr(skb)->saddr; 173 mdb = br_mdb_ip_get_rcu(br, &ip); 174 if (mdb) 175 return mdb; 176 ip.src.ip4 = 0; 177 } 178 break; 179 #if IS_ENABLED(CONFIG_IPV6) 180 case htons(ETH_P_IPV6): 181 ip.dst.ip6 = ipv6_hdr(skb)->daddr; 182 if (brmctx->multicast_mld_version == 2) { 183 struct net_bridge_mdb_entry *mdb; 184 185 ip.src.ip6 = ipv6_hdr(skb)->saddr; 186 mdb = br_mdb_ip_get_rcu(br, &ip); 187 if (mdb) 188 return mdb; 189 memset(&ip.src.ip6, 0, sizeof(ip.src.ip6)); 190 } 191 break; 192 #endif 193 default: 194 ip.proto = 0; 195 ether_addr_copy(ip.dst.mac_addr, eth_hdr(skb)->h_dest); 196 } 197 198 return br_mdb_ip_get_rcu(br, &ip); 199 } 200 201 /* IMPORTANT: this function must be used only when the contexts cannot be 202 * passed down (e.g. timer) and must be used for read-only purposes because 203 * the vlan snooping option can change, so it can return any context 204 * (non-vlan or vlan). Its initial intended purpose is to read timer values 205 * from the *current* context based on the option. At worst that could lead 206 * to inconsistent timers when the contexts are changed, i.e. src timer 207 * which needs to re-arm with a specific delay taken from the old context 208 */ 209 static struct net_bridge_mcast_port * 210 br_multicast_pg_to_port_ctx(const struct net_bridge_port_group *pg) 211 { 212 struct net_bridge_mcast_port *pmctx = &pg->key.port->multicast_ctx; 213 struct net_bridge_vlan *vlan; 214 215 lockdep_assert_held_once(&pg->key.port->br->multicast_lock); 216 217 /* if vlan snooping is disabled use the port's multicast context */ 218 if (!pg->key.addr.vid || 219 !br_opt_get(pg->key.port->br, BROPT_MCAST_VLAN_SNOOPING_ENABLED)) 220 goto out; 221 222 /* locking is tricky here, due to different rules for multicast and 223 * vlans we need to take rcu to find the vlan and make sure it has 224 * the BR_VLFLAG_MCAST_ENABLED flag set, it can only change under 225 * multicast_lock which must be already held here, so the vlan's pmctx 226 * can safely be used on return 227 */ 228 rcu_read_lock(); 229 vlan = br_vlan_find(nbp_vlan_group_rcu(pg->key.port), pg->key.addr.vid); 230 if (vlan && !br_multicast_port_ctx_vlan_disabled(&vlan->port_mcast_ctx)) 231 pmctx = &vlan->port_mcast_ctx; 232 else 233 pmctx = NULL; 234 rcu_read_unlock(); 235 out: 236 return pmctx; 237 } 238 239 static struct net_bridge_mcast_port * 240 br_multicast_port_vid_to_port_ctx(struct net_bridge_port *port, u16 vid) 241 { 242 struct net_bridge_mcast_port *pmctx = NULL; 243 struct net_bridge_vlan *vlan; 244 245 lockdep_assert_held_once(&port->br->multicast_lock); 246 247 /* Take RCU to access the vlan. */ 248 rcu_read_lock(); 249 250 vlan = br_vlan_find(nbp_vlan_group_rcu(port), vid); 251 if (vlan) 252 pmctx = &vlan->port_mcast_ctx; 253 254 rcu_read_unlock(); 255 256 return pmctx; 257 } 258 259 /* when snooping we need to check if the contexts should be used 260 * in the following order: 261 * - if pmctx is non-NULL (port), check if it should be used 262 * - if pmctx is NULL (bridge), check if brmctx should be used 263 */ 264 static bool 265 br_multicast_ctx_should_use(const struct net_bridge_mcast *brmctx, 266 const struct net_bridge_mcast_port *pmctx) 267 { 268 if (!netif_running(brmctx->br->dev)) 269 return false; 270 271 if (pmctx) 272 return !br_multicast_port_ctx_state_disabled(pmctx); 273 else 274 return !br_multicast_ctx_vlan_disabled(brmctx); 275 } 276 277 static bool br_port_group_equal(struct net_bridge_port_group *p, 278 struct net_bridge_port *port, 279 const unsigned char *src) 280 { 281 if (p->key.port != port) 282 return false; 283 284 if (!test_bit(BR_MULTICAST_TO_UNICAST_BIT, &port->flags)) 285 return true; 286 287 return ether_addr_equal(src, p->eth_addr); 288 } 289 290 static void __fwd_add_star_excl(struct net_bridge_mcast_port *pmctx, 291 struct net_bridge_port_group *pg, 292 struct br_ip *sg_ip) 293 { 294 struct net_bridge_port_group_sg_key sg_key; 295 struct net_bridge_port_group *src_pg; 296 struct net_bridge_mcast *brmctx; 297 298 memset(&sg_key, 0, sizeof(sg_key)); 299 brmctx = br_multicast_port_ctx_get_global(pmctx); 300 sg_key.port = pg->key.port; 301 sg_key.addr = *sg_ip; 302 if (br_sg_port_find(brmctx->br, &sg_key)) 303 return; 304 305 src_pg = __br_multicast_add_group(brmctx, pmctx, 306 sg_ip, pg->eth_addr, 307 MCAST_INCLUDE, false, false); 308 if (IS_ERR_OR_NULL(src_pg) || 309 src_pg->rt_protocol != RTPROT_KERNEL) 310 return; 311 312 src_pg->flags |= MDB_PG_FLAGS_STAR_EXCL; 313 } 314 315 static void __fwd_del_star_excl(struct net_bridge_port_group *pg, 316 struct br_ip *sg_ip) 317 { 318 struct net_bridge_port_group_sg_key sg_key; 319 struct net_bridge *br = pg->key.port->br; 320 struct net_bridge_port_group *src_pg; 321 322 memset(&sg_key, 0, sizeof(sg_key)); 323 sg_key.port = pg->key.port; 324 sg_key.addr = *sg_ip; 325 src_pg = br_sg_port_find(br, &sg_key); 326 if (!src_pg || !(src_pg->flags & MDB_PG_FLAGS_STAR_EXCL) || 327 src_pg->rt_protocol != RTPROT_KERNEL) 328 return; 329 330 br_multicast_find_del_pg(br, src_pg); 331 } 332 333 /* When a port group transitions to (or is added as) EXCLUDE we need to add it 334 * to all other ports' S,G entries which are not blocked by the current group 335 * for proper replication, the assumption is that any S,G blocked entries 336 * are already added so the S,G,port lookup should skip them. 337 * When a port group transitions from EXCLUDE -> INCLUDE mode or is being 338 * deleted we need to remove it from all ports' S,G entries where it was 339 * automatically installed before (i.e. where it's MDB_PG_FLAGS_STAR_EXCL). 340 */ 341 void br_multicast_star_g_handle_mode(struct net_bridge_port_group *pg, 342 u8 filter_mode) 343 { 344 struct net_bridge *br = pg->key.port->br; 345 struct net_bridge_port_group *pg_lst; 346 struct net_bridge_mcast_port *pmctx; 347 struct net_bridge_mdb_entry *mp; 348 struct br_ip sg_ip; 349 350 if (WARN_ON(!br_multicast_is_star_g(&pg->key.addr))) 351 return; 352 353 mp = br_mdb_ip_get(br, &pg->key.addr); 354 if (!mp) 355 return; 356 pmctx = br_multicast_pg_to_port_ctx(pg); 357 if (!pmctx) 358 return; 359 360 memset(&sg_ip, 0, sizeof(sg_ip)); 361 sg_ip = pg->key.addr; 362 363 for (pg_lst = mlock_dereference(mp->ports, br); 364 pg_lst; 365 pg_lst = mlock_dereference(pg_lst->next, br)) { 366 struct net_bridge_group_src *src_ent; 367 368 if (pg_lst == pg) 369 continue; 370 hlist_for_each_entry(src_ent, &pg_lst->src_list, node) { 371 if (!(src_ent->flags & BR_SGRP_F_INSTALLED)) 372 continue; 373 sg_ip.src = src_ent->addr.src; 374 switch (filter_mode) { 375 case MCAST_INCLUDE: 376 __fwd_del_star_excl(pg, &sg_ip); 377 break; 378 case MCAST_EXCLUDE: 379 __fwd_add_star_excl(pmctx, pg, &sg_ip); 380 break; 381 } 382 } 383 } 384 } 385 386 /* called when adding a new S,G with host_joined == false by default */ 387 static void br_multicast_sg_host_state(struct net_bridge_mdb_entry *star_mp, 388 struct net_bridge_port_group *sg) 389 { 390 struct net_bridge_mdb_entry *sg_mp; 391 392 if (WARN_ON(!br_multicast_is_star_g(&star_mp->addr))) 393 return; 394 if (!star_mp->host_joined) 395 return; 396 397 sg_mp = br_mdb_ip_get(star_mp->br, &sg->key.addr); 398 if (!sg_mp) 399 return; 400 sg_mp->host_joined = true; 401 } 402 403 /* set the host_joined state of all of *,G's S,G entries */ 404 static void br_multicast_star_g_host_state(struct net_bridge_mdb_entry *star_mp) 405 { 406 struct net_bridge *br = star_mp->br; 407 struct net_bridge_mdb_entry *sg_mp; 408 struct net_bridge_port_group *pg; 409 struct br_ip sg_ip; 410 411 if (WARN_ON(!br_multicast_is_star_g(&star_mp->addr))) 412 return; 413 414 memset(&sg_ip, 0, sizeof(sg_ip)); 415 sg_ip = star_mp->addr; 416 for (pg = mlock_dereference(star_mp->ports, br); 417 pg; 418 pg = mlock_dereference(pg->next, br)) { 419 struct net_bridge_group_src *src_ent; 420 421 hlist_for_each_entry(src_ent, &pg->src_list, node) { 422 if (!(src_ent->flags & BR_SGRP_F_INSTALLED)) 423 continue; 424 sg_ip.src = src_ent->addr.src; 425 sg_mp = br_mdb_ip_get(br, &sg_ip); 426 if (!sg_mp) 427 continue; 428 sg_mp->host_joined = star_mp->host_joined; 429 } 430 } 431 } 432 433 static void br_multicast_sg_del_exclude_ports(struct net_bridge_mdb_entry *sgmp) 434 { 435 struct net_bridge_port_group __rcu **pp; 436 struct net_bridge_port_group *p; 437 438 /* *,G exclude ports are only added to S,G entries */ 439 if (WARN_ON(br_multicast_is_star_g(&sgmp->addr))) 440 return; 441 442 /* we need the STAR_EXCLUDE ports if there are non-STAR_EXCLUDE ports 443 * we should ignore perm entries since they're managed by user-space 444 */ 445 for (pp = &sgmp->ports; 446 (p = mlock_dereference(*pp, sgmp->br)) != NULL; 447 pp = &p->next) 448 if (!(p->flags & (MDB_PG_FLAGS_STAR_EXCL | 449 MDB_PG_FLAGS_PERMANENT))) 450 return; 451 452 /* currently the host can only have joined the *,G which means 453 * we treat it as EXCLUDE {}, so for an S,G it's considered a 454 * STAR_EXCLUDE entry and we can safely leave it 455 */ 456 sgmp->host_joined = false; 457 458 for (pp = &sgmp->ports; 459 (p = mlock_dereference(*pp, sgmp->br)) != NULL;) { 460 if (!(p->flags & MDB_PG_FLAGS_PERMANENT)) 461 br_multicast_del_pg(sgmp, p, pp); 462 else 463 pp = &p->next; 464 } 465 } 466 467 void br_multicast_sg_add_exclude_ports(struct net_bridge_mdb_entry *star_mp, 468 struct net_bridge_port_group *sg) 469 { 470 struct net_bridge_port_group_sg_key sg_key; 471 struct net_bridge *br = star_mp->br; 472 struct net_bridge_mcast_port *pmctx; 473 struct net_bridge_port_group *pg; 474 struct net_bridge_mcast *brmctx; 475 476 if (WARN_ON(br_multicast_is_star_g(&sg->key.addr))) 477 return; 478 if (WARN_ON(!br_multicast_is_star_g(&star_mp->addr))) 479 return; 480 481 br_multicast_sg_host_state(star_mp, sg); 482 memset(&sg_key, 0, sizeof(sg_key)); 483 sg_key.addr = sg->key.addr; 484 /* we need to add all exclude ports to the S,G */ 485 for (pg = mlock_dereference(star_mp->ports, br); 486 pg; 487 pg = mlock_dereference(pg->next, br)) { 488 struct net_bridge_port_group *src_pg; 489 490 if (pg == sg || pg->filter_mode == MCAST_INCLUDE) 491 continue; 492 493 sg_key.port = pg->key.port; 494 if (br_sg_port_find(br, &sg_key)) 495 continue; 496 497 pmctx = br_multicast_pg_to_port_ctx(pg); 498 if (!pmctx) 499 continue; 500 brmctx = br_multicast_port_ctx_get_global(pmctx); 501 502 src_pg = __br_multicast_add_group(brmctx, pmctx, 503 &sg->key.addr, 504 sg->eth_addr, 505 MCAST_INCLUDE, false, false); 506 if (IS_ERR_OR_NULL(src_pg) || 507 src_pg->rt_protocol != RTPROT_KERNEL) 508 continue; 509 src_pg->flags |= MDB_PG_FLAGS_STAR_EXCL; 510 } 511 } 512 513 static void br_multicast_fwd_src_add(struct net_bridge_group_src *src) 514 { 515 struct net_bridge_mdb_entry *star_mp; 516 struct net_bridge_mcast_port *pmctx; 517 struct net_bridge_port_group *sg; 518 struct net_bridge_mcast *brmctx; 519 struct br_ip sg_ip; 520 521 if (src->flags & BR_SGRP_F_INSTALLED) 522 return; 523 524 memset(&sg_ip, 0, sizeof(sg_ip)); 525 pmctx = br_multicast_pg_to_port_ctx(src->pg); 526 if (!pmctx) 527 return; 528 brmctx = br_multicast_port_ctx_get_global(pmctx); 529 sg_ip = src->pg->key.addr; 530 sg_ip.src = src->addr.src; 531 532 sg = __br_multicast_add_group(brmctx, pmctx, &sg_ip, 533 src->pg->eth_addr, MCAST_INCLUDE, false, 534 !timer_pending(&src->timer)); 535 if (IS_ERR_OR_NULL(sg)) 536 return; 537 src->flags |= BR_SGRP_F_INSTALLED; 538 sg->flags &= ~MDB_PG_FLAGS_STAR_EXCL; 539 540 /* if it was added by user-space as perm we can skip next steps */ 541 if (sg->rt_protocol != RTPROT_KERNEL && 542 (sg->flags & MDB_PG_FLAGS_PERMANENT)) 543 return; 544 545 /* the kernel is now responsible for removing this S,G */ 546 timer_delete(&sg->timer); 547 star_mp = br_mdb_ip_get(src->br, &src->pg->key.addr); 548 if (!star_mp) 549 return; 550 551 br_multicast_sg_add_exclude_ports(star_mp, sg); 552 } 553 554 static void br_multicast_fwd_src_remove(struct net_bridge_group_src *src, 555 bool fastleave) 556 { 557 struct net_bridge_port_group *p, *pg = src->pg; 558 struct net_bridge_port_group __rcu **pp; 559 struct net_bridge_mdb_entry *mp; 560 struct br_ip sg_ip; 561 562 memset(&sg_ip, 0, sizeof(sg_ip)); 563 sg_ip = pg->key.addr; 564 sg_ip.src = src->addr.src; 565 566 mp = br_mdb_ip_get(src->br, &sg_ip); 567 if (!mp) 568 return; 569 570 for (pp = &mp->ports; 571 (p = mlock_dereference(*pp, src->br)) != NULL; 572 pp = &p->next) { 573 if (!br_port_group_equal(p, pg->key.port, pg->eth_addr)) 574 continue; 575 576 if (p->rt_protocol != RTPROT_KERNEL && 577 (p->flags & MDB_PG_FLAGS_PERMANENT) && 578 !(src->flags & BR_SGRP_F_USER_ADDED)) 579 break; 580 581 if (fastleave) 582 p->flags |= MDB_PG_FLAGS_FAST_LEAVE; 583 br_multicast_del_pg(mp, p, pp); 584 break; 585 } 586 src->flags &= ~BR_SGRP_F_INSTALLED; 587 } 588 589 /* install S,G and based on src's timer enable or disable forwarding */ 590 static void br_multicast_fwd_src_handle(struct net_bridge_group_src *src) 591 { 592 struct net_bridge_port_group_sg_key sg_key; 593 struct net_bridge_port_group *sg; 594 u8 old_flags; 595 596 br_multicast_fwd_src_add(src); 597 598 memset(&sg_key, 0, sizeof(sg_key)); 599 sg_key.addr = src->pg->key.addr; 600 sg_key.addr.src = src->addr.src; 601 sg_key.port = src->pg->key.port; 602 603 sg = br_sg_port_find(src->br, &sg_key); 604 if (!sg || (sg->flags & MDB_PG_FLAGS_PERMANENT)) 605 return; 606 607 old_flags = sg->flags; 608 if (timer_pending(&src->timer)) 609 sg->flags &= ~MDB_PG_FLAGS_BLOCKED; 610 else 611 sg->flags |= MDB_PG_FLAGS_BLOCKED; 612 613 if (old_flags != sg->flags) { 614 struct net_bridge_mdb_entry *sg_mp; 615 616 sg_mp = br_mdb_ip_get(src->br, &sg_key.addr); 617 if (!sg_mp) 618 return; 619 br_mdb_notify(src->br->dev, sg_mp, sg, RTM_NEWMDB); 620 } 621 } 622 623 static void br_multicast_destroy_mdb_entry(struct net_bridge_mcast_gc *gc) 624 { 625 struct net_bridge_mdb_entry *mp; 626 627 mp = container_of(gc, struct net_bridge_mdb_entry, mcast_gc); 628 WARN_ON(!hlist_unhashed(&mp->mdb_node)); 629 WARN_ON(mp->ports); 630 631 timer_shutdown_sync(&mp->timer); 632 kfree_rcu(mp, rcu); 633 } 634 635 static void br_multicast_del_mdb_entry(struct net_bridge_mdb_entry *mp) 636 { 637 struct net_bridge *br = mp->br; 638 639 rhashtable_remove_fast(&br->mdb_hash_tbl, &mp->rhnode, 640 br_mdb_rht_params); 641 hlist_del_init_rcu(&mp->mdb_node); 642 hlist_add_head(&mp->mcast_gc.gc_node, &br->mcast_gc_list); 643 queue_work(system_long_wq, &br->mcast_gc_work); 644 } 645 646 static void br_multicast_group_expired(struct timer_list *t) 647 { 648 struct net_bridge_mdb_entry *mp = timer_container_of(mp, t, timer); 649 struct net_bridge *br = mp->br; 650 651 spin_lock(&br->multicast_lock); 652 if (hlist_unhashed(&mp->mdb_node) || !netif_running(br->dev) || 653 timer_pending(&mp->timer)) 654 goto out; 655 656 br_multicast_host_leave(mp, true); 657 658 if (mp->ports) 659 goto out; 660 br_multicast_del_mdb_entry(mp); 661 out: 662 spin_unlock(&br->multicast_lock); 663 } 664 665 static void br_multicast_destroy_group_src(struct net_bridge_mcast_gc *gc) 666 { 667 struct net_bridge_group_src *src; 668 669 src = container_of(gc, struct net_bridge_group_src, mcast_gc); 670 WARN_ON(!hlist_unhashed(&src->node)); 671 672 timer_shutdown_sync(&src->timer); 673 kfree_rcu(src, rcu); 674 } 675 676 void __br_multicast_del_group_src(struct net_bridge_group_src *src) 677 { 678 struct net_bridge *br = src->pg->key.port->br; 679 680 hlist_del_init_rcu(&src->node); 681 src->pg->src_ents--; 682 hlist_add_head(&src->mcast_gc.gc_node, &br->mcast_gc_list); 683 queue_work(system_long_wq, &br->mcast_gc_work); 684 } 685 686 void br_multicast_del_group_src(struct net_bridge_group_src *src, 687 bool fastleave) 688 { 689 br_multicast_fwd_src_remove(src, fastleave); 690 __br_multicast_del_group_src(src); 691 } 692 693 static int 694 br_multicast_port_ngroups_inc_one(struct net_bridge_mcast_port *pmctx, 695 struct netlink_ext_ack *extack, 696 const char *what) 697 { 698 u32 max = READ_ONCE(pmctx->mdb_max_entries); 699 u32 n = READ_ONCE(pmctx->mdb_n_entries); 700 701 /* enforce the max limit when it's a port pmctx or a port-vlan pmctx 702 * with snooping enabled 703 */ 704 if (!br_multicast_port_ctx_vlan_disabled(pmctx) && max && n >= max) { 705 NL_SET_ERR_MSG_FMT_MOD(extack, "%s is already in %u groups, and mcast_max_groups=%u", 706 what, n, max); 707 return -E2BIG; 708 } 709 710 WRITE_ONCE(pmctx->mdb_n_entries, n + 1); 711 return 0; 712 } 713 714 static void br_multicast_port_ngroups_dec_one(struct net_bridge_mcast_port *pmctx) 715 { 716 u32 n = READ_ONCE(pmctx->mdb_n_entries); 717 718 WARN_ON_ONCE(n == 0); 719 WRITE_ONCE(pmctx->mdb_n_entries, n - 1); 720 } 721 722 static int br_multicast_port_ngroups_inc(struct net_bridge_port *port, 723 const struct br_ip *group, 724 struct netlink_ext_ack *extack) 725 { 726 struct net_bridge_mcast_port *pmctx; 727 int err; 728 729 lockdep_assert_held_once(&port->br->multicast_lock); 730 731 /* Always count on the port context. */ 732 err = br_multicast_port_ngroups_inc_one(&port->multicast_ctx, extack, 733 "Port"); 734 if (err) { 735 trace_br_mdb_full(port->dev, group); 736 return err; 737 } 738 739 /* Only count on the VLAN context if VID is given */ 740 if (!group->vid) 741 return 0; 742 743 pmctx = br_multicast_port_vid_to_port_ctx(port, group->vid); 744 if (!pmctx) 745 return 0; 746 747 err = br_multicast_port_ngroups_inc_one(pmctx, extack, "Port-VLAN"); 748 if (err) { 749 trace_br_mdb_full(port->dev, group); 750 goto dec_one_out; 751 } 752 753 return 0; 754 755 dec_one_out: 756 br_multicast_port_ngroups_dec_one(&port->multicast_ctx); 757 return err; 758 } 759 760 static void br_multicast_port_ngroups_dec(struct net_bridge_port *port, u16 vid) 761 { 762 struct net_bridge_mcast_port *pmctx; 763 764 lockdep_assert_held_once(&port->br->multicast_lock); 765 766 if (vid) { 767 pmctx = br_multicast_port_vid_to_port_ctx(port, vid); 768 if (pmctx) 769 br_multicast_port_ngroups_dec_one(pmctx); 770 } 771 br_multicast_port_ngroups_dec_one(&port->multicast_ctx); 772 } 773 774 u32 br_multicast_ngroups_get(const struct net_bridge_mcast_port *pmctx) 775 { 776 return READ_ONCE(pmctx->mdb_n_entries); 777 } 778 779 void br_multicast_ngroups_set_max(struct net_bridge_mcast_port *pmctx, u32 max) 780 { 781 WRITE_ONCE(pmctx->mdb_max_entries, max); 782 } 783 784 u32 br_multicast_ngroups_get_max(const struct net_bridge_mcast_port *pmctx) 785 { 786 return READ_ONCE(pmctx->mdb_max_entries); 787 } 788 789 static void br_multicast_destroy_port_group(struct net_bridge_mcast_gc *gc) 790 { 791 struct net_bridge_port_group *pg; 792 793 pg = container_of(gc, struct net_bridge_port_group, mcast_gc); 794 WARN_ON(!hlist_unhashed(&pg->mglist)); 795 WARN_ON(!hlist_empty(&pg->src_list)); 796 797 timer_shutdown_sync(&pg->rexmit_timer); 798 timer_shutdown_sync(&pg->timer); 799 kfree_rcu(pg, rcu); 800 } 801 802 void br_multicast_del_pg(struct net_bridge_mdb_entry *mp, 803 struct net_bridge_port_group *pg, 804 struct net_bridge_port_group __rcu **pp) 805 { 806 struct net_bridge *br = pg->key.port->br; 807 struct net_bridge_group_src *ent; 808 struct hlist_node *tmp; 809 810 rcu_assign_pointer(*pp, pg->next); 811 hlist_del_init(&pg->mglist); 812 br_multicast_eht_clean_sets(pg); 813 hlist_for_each_entry_safe(ent, tmp, &pg->src_list, node) 814 br_multicast_del_group_src(ent, false); 815 br_mdb_notify(br->dev, mp, pg, RTM_DELMDB); 816 if (!br_multicast_is_star_g(&mp->addr)) { 817 rhashtable_remove_fast(&br->sg_port_tbl, &pg->rhnode, 818 br_sg_port_rht_params); 819 br_multicast_sg_del_exclude_ports(mp); 820 } else { 821 br_multicast_star_g_handle_mode(pg, MCAST_INCLUDE); 822 } 823 br_multicast_port_ngroups_dec(pg->key.port, pg->key.addr.vid); 824 hlist_add_head(&pg->mcast_gc.gc_node, &br->mcast_gc_list); 825 queue_work(system_long_wq, &br->mcast_gc_work); 826 827 if (!mp->ports && !mp->host_joined && netif_running(br->dev)) 828 mod_timer(&mp->timer, jiffies); 829 } 830 831 static void br_multicast_find_del_pg(struct net_bridge *br, 832 struct net_bridge_port_group *pg) 833 { 834 struct net_bridge_port_group __rcu **pp; 835 struct net_bridge_mdb_entry *mp; 836 struct net_bridge_port_group *p; 837 838 mp = br_mdb_ip_get(br, &pg->key.addr); 839 if (WARN_ON(!mp)) 840 return; 841 842 for (pp = &mp->ports; 843 (p = mlock_dereference(*pp, br)) != NULL; 844 pp = &p->next) { 845 if (p != pg) 846 continue; 847 848 br_multicast_del_pg(mp, pg, pp); 849 return; 850 } 851 852 WARN_ON(1); 853 } 854 855 static void br_multicast_port_group_expired(struct timer_list *t) 856 { 857 struct net_bridge_port_group *pg = timer_container_of(pg, t, timer); 858 struct net_bridge_group_src *src_ent; 859 struct net_bridge *br = pg->key.port->br; 860 struct hlist_node *tmp; 861 bool changed; 862 863 spin_lock(&br->multicast_lock); 864 if (!netif_running(br->dev) || timer_pending(&pg->timer) || 865 hlist_unhashed(&pg->mglist) || pg->flags & MDB_PG_FLAGS_PERMANENT) 866 goto out; 867 868 changed = !!(pg->filter_mode == MCAST_EXCLUDE); 869 pg->filter_mode = MCAST_INCLUDE; 870 hlist_for_each_entry_safe(src_ent, tmp, &pg->src_list, node) { 871 if (!timer_pending(&src_ent->timer)) { 872 br_multicast_del_group_src(src_ent, false); 873 changed = true; 874 } 875 } 876 877 if (hlist_empty(&pg->src_list)) { 878 br_multicast_find_del_pg(br, pg); 879 } else if (changed) { 880 struct net_bridge_mdb_entry *mp = br_mdb_ip_get(br, &pg->key.addr); 881 882 if (changed && br_multicast_is_star_g(&pg->key.addr)) 883 br_multicast_star_g_handle_mode(pg, MCAST_INCLUDE); 884 885 if (WARN_ON(!mp)) 886 goto out; 887 br_mdb_notify(br->dev, mp, pg, RTM_NEWMDB); 888 } 889 out: 890 spin_unlock(&br->multicast_lock); 891 } 892 893 static void br_multicast_gc(struct hlist_head *head) 894 { 895 struct net_bridge_mcast_gc *gcent; 896 struct hlist_node *tmp; 897 898 hlist_for_each_entry_safe(gcent, tmp, head, gc_node) { 899 hlist_del_init(&gcent->gc_node); 900 gcent->destroy(gcent); 901 } 902 } 903 904 static void __br_multicast_query_handle_vlan(struct net_bridge_mcast *brmctx, 905 struct net_bridge_mcast_port *pmctx, 906 struct sk_buff *skb) 907 { 908 struct net_bridge_vlan *vlan = NULL; 909 910 if (pmctx && br_multicast_port_ctx_is_vlan(pmctx)) 911 vlan = pmctx->vlan; 912 else if (br_multicast_ctx_is_vlan(brmctx)) 913 vlan = brmctx->vlan; 914 915 if (vlan && !(vlan->flags & BRIDGE_VLAN_INFO_UNTAGGED)) { 916 u16 vlan_proto; 917 918 if (br_vlan_get_proto(brmctx->br->dev, &vlan_proto) != 0) 919 return; 920 __vlan_hwaccel_put_tag(skb, htons(vlan_proto), vlan->vid); 921 } 922 } 923 924 static struct sk_buff *br_ip4_multicast_alloc_query(struct net_bridge_mcast *brmctx, 925 struct net_bridge_mcast_port *pmctx, 926 struct net_bridge_port_group *pg, 927 __be32 ip_dst, __be32 group, 928 bool with_srcs, bool over_lmqt, 929 u8 sflag, u8 *igmp_type, 930 bool *need_rexmit) 931 { 932 struct net_bridge_port *p = pg ? pg->key.port : NULL; 933 struct net_bridge_group_src *ent; 934 size_t pkt_size, igmp_hdr_size; 935 unsigned long now = jiffies; 936 struct igmpv3_query *ihv3; 937 unsigned long lmqt, mrt; 938 void *csum_start = NULL; 939 __sum16 *csum = NULL; 940 struct sk_buff *skb; 941 struct igmphdr *ih; 942 struct ethhdr *eth; 943 struct iphdr *iph; 944 u16 lmqt_srcs = 0; 945 946 igmp_hdr_size = sizeof(*ih); 947 if (brmctx->multicast_igmp_version == 3) { 948 igmp_hdr_size = sizeof(*ihv3); 949 if (pg && with_srcs) { 950 lmqt = now + (brmctx->multicast_last_member_interval * 951 brmctx->multicast_last_member_count); 952 hlist_for_each_entry(ent, &pg->src_list, node) { 953 if (over_lmqt == time_after(ent->timer.expires, 954 lmqt) && 955 ent->src_query_rexmit_cnt > 0) 956 lmqt_srcs++; 957 } 958 959 if (!lmqt_srcs) 960 return NULL; 961 igmp_hdr_size += lmqt_srcs * sizeof(__be32); 962 } 963 } 964 965 pkt_size = sizeof(*eth) + sizeof(*iph) + 4 + igmp_hdr_size; 966 if ((p && pkt_size > p->dev->mtu) || 967 pkt_size > brmctx->br->dev->mtu) 968 return NULL; 969 970 skb = netdev_alloc_skb_ip_align(brmctx->br->dev, pkt_size); 971 if (!skb) 972 goto out; 973 974 __br_multicast_query_handle_vlan(brmctx, pmctx, skb); 975 skb->protocol = htons(ETH_P_IP); 976 977 skb_reset_mac_header(skb); 978 eth = eth_hdr(skb); 979 980 ether_addr_copy(eth->h_source, brmctx->br->dev->dev_addr); 981 ip_eth_mc_map(ip_dst, eth->h_dest); 982 eth->h_proto = htons(ETH_P_IP); 983 skb_put(skb, sizeof(*eth)); 984 985 skb_set_network_header(skb, skb->len); 986 iph = ip_hdr(skb); 987 iph->tot_len = htons(pkt_size - sizeof(*eth)); 988 989 iph->version = 4; 990 iph->ihl = 6; 991 iph->tos = 0xc0; 992 iph->id = 0; 993 iph->frag_off = htons(IP_DF); 994 iph->ttl = 1; 995 iph->protocol = IPPROTO_IGMP; 996 iph->saddr = br_opt_get(brmctx->br, BROPT_MULTICAST_QUERY_USE_IFADDR) ? 997 inet_select_addr(brmctx->br->dev, 0, RT_SCOPE_LINK) : 0; 998 iph->daddr = ip_dst; 999 ((u8 *)&iph[1])[0] = IPOPT_RA; 1000 ((u8 *)&iph[1])[1] = 4; 1001 ((u8 *)&iph[1])[2] = 0; 1002 ((u8 *)&iph[1])[3] = 0; 1003 ip_send_check(iph); 1004 skb_put(skb, 24); 1005 1006 skb_set_transport_header(skb, skb->len); 1007 mrt = group ? brmctx->multicast_last_member_interval : 1008 brmctx->multicast_query_response_interval; 1009 *igmp_type = IGMP_HOST_MEMBERSHIP_QUERY; 1010 1011 switch (brmctx->multicast_igmp_version) { 1012 case 2: 1013 ih = igmp_hdr(skb); 1014 ih->type = IGMP_HOST_MEMBERSHIP_QUERY; 1015 ih->code = mrt / (HZ / IGMP_TIMER_SCALE); 1016 ih->group = group; 1017 ih->csum = 0; 1018 csum = &ih->csum; 1019 csum_start = (void *)ih; 1020 break; 1021 case 3: 1022 ihv3 = igmpv3_query_hdr(skb); 1023 ihv3->type = IGMP_HOST_MEMBERSHIP_QUERY; 1024 ihv3->code = igmpv3_mrc(mrt / (HZ / IGMP_TIMER_SCALE)); 1025 ihv3->group = group; 1026 ihv3->qqic = igmpv3_qqic(brmctx->multicast_query_interval / HZ); 1027 ihv3->nsrcs = htons(lmqt_srcs); 1028 ihv3->resv = 0; 1029 ihv3->suppress = sflag; 1030 ihv3->qrv = 2; 1031 ihv3->csum = 0; 1032 csum = &ihv3->csum; 1033 csum_start = (void *)ihv3; 1034 if (!pg || !with_srcs) 1035 break; 1036 1037 lmqt_srcs = 0; 1038 hlist_for_each_entry(ent, &pg->src_list, node) { 1039 if (over_lmqt == time_after(ent->timer.expires, 1040 lmqt) && 1041 ent->src_query_rexmit_cnt > 0) { 1042 ihv3->srcs[lmqt_srcs++] = ent->addr.src.ip4; 1043 ent->src_query_rexmit_cnt--; 1044 if (need_rexmit && ent->src_query_rexmit_cnt) 1045 *need_rexmit = true; 1046 } 1047 } 1048 if (WARN_ON(lmqt_srcs != ntohs(ihv3->nsrcs))) { 1049 kfree_skb(skb); 1050 return NULL; 1051 } 1052 break; 1053 } 1054 1055 if (WARN_ON(!csum || !csum_start)) { 1056 kfree_skb(skb); 1057 return NULL; 1058 } 1059 1060 *csum = ip_compute_csum(csum_start, igmp_hdr_size); 1061 skb_put(skb, igmp_hdr_size); 1062 __skb_pull(skb, sizeof(*eth)); 1063 1064 out: 1065 return skb; 1066 } 1067 1068 #if IS_ENABLED(CONFIG_IPV6) 1069 static struct sk_buff *br_ip6_multicast_alloc_query(struct net_bridge_mcast *brmctx, 1070 struct net_bridge_mcast_port *pmctx, 1071 struct net_bridge_port_group *pg, 1072 const struct in6_addr *ip6_dst, 1073 const struct in6_addr *group, 1074 bool with_srcs, bool over_llqt, 1075 u8 sflag, u8 *igmp_type, 1076 bool *need_rexmit) 1077 { 1078 struct net_bridge_port *p = pg ? pg->key.port : NULL; 1079 struct net_bridge_group_src *ent; 1080 size_t pkt_size, mld_hdr_size; 1081 unsigned long now = jiffies; 1082 struct mld2_query *mld2q; 1083 void *csum_start = NULL; 1084 unsigned long interval; 1085 __sum16 *csum = NULL; 1086 struct ipv6hdr *ip6h; 1087 struct mld_msg *mldq; 1088 struct sk_buff *skb; 1089 unsigned long llqt; 1090 struct ethhdr *eth; 1091 u16 llqt_srcs = 0; 1092 u8 *hopopt; 1093 1094 mld_hdr_size = sizeof(*mldq); 1095 if (brmctx->multicast_mld_version == 2) { 1096 mld_hdr_size = sizeof(*mld2q); 1097 if (pg && with_srcs) { 1098 llqt = now + (brmctx->multicast_last_member_interval * 1099 brmctx->multicast_last_member_count); 1100 hlist_for_each_entry(ent, &pg->src_list, node) { 1101 if (over_llqt == time_after(ent->timer.expires, 1102 llqt) && 1103 ent->src_query_rexmit_cnt > 0) 1104 llqt_srcs++; 1105 } 1106 1107 if (!llqt_srcs) 1108 return NULL; 1109 mld_hdr_size += llqt_srcs * sizeof(struct in6_addr); 1110 } 1111 } 1112 1113 pkt_size = sizeof(*eth) + sizeof(*ip6h) + 8 + mld_hdr_size; 1114 if ((p && pkt_size > p->dev->mtu) || 1115 pkt_size > brmctx->br->dev->mtu) 1116 return NULL; 1117 1118 skb = netdev_alloc_skb_ip_align(brmctx->br->dev, pkt_size); 1119 if (!skb) 1120 goto out; 1121 1122 __br_multicast_query_handle_vlan(brmctx, pmctx, skb); 1123 skb->protocol = htons(ETH_P_IPV6); 1124 1125 /* Ethernet header */ 1126 skb_reset_mac_header(skb); 1127 eth = eth_hdr(skb); 1128 1129 ether_addr_copy(eth->h_source, brmctx->br->dev->dev_addr); 1130 eth->h_proto = htons(ETH_P_IPV6); 1131 skb_put(skb, sizeof(*eth)); 1132 1133 /* IPv6 header + HbH option */ 1134 skb_set_network_header(skb, skb->len); 1135 ip6h = ipv6_hdr(skb); 1136 1137 *(__force __be32 *)ip6h = htonl(0x60000000); 1138 ip6h->payload_len = htons(8 + mld_hdr_size); 1139 ip6h->nexthdr = IPPROTO_HOPOPTS; 1140 ip6h->hop_limit = 1; 1141 ip6h->daddr = *ip6_dst; 1142 if (ipv6_dev_get_saddr(dev_net(brmctx->br->dev), brmctx->br->dev, 1143 &ip6h->daddr, 0, &ip6h->saddr)) { 1144 kfree_skb(skb); 1145 br_opt_toggle(brmctx->br, BROPT_HAS_IPV6_ADDR, false); 1146 return NULL; 1147 } 1148 1149 br_opt_toggle(brmctx->br, BROPT_HAS_IPV6_ADDR, true); 1150 ipv6_eth_mc_map(&ip6h->daddr, eth->h_dest); 1151 1152 hopopt = (u8 *)(ip6h + 1); 1153 hopopt[0] = IPPROTO_ICMPV6; /* next hdr */ 1154 hopopt[1] = 0; /* length of HbH */ 1155 hopopt[2] = IPV6_TLV_ROUTERALERT; /* Router Alert */ 1156 hopopt[3] = 2; /* Length of RA Option */ 1157 hopopt[4] = 0; /* Type = 0x0000 (MLD) */ 1158 hopopt[5] = 0; 1159 hopopt[6] = IPV6_TLV_PAD1; /* Pad1 */ 1160 hopopt[7] = IPV6_TLV_PAD1; /* Pad1 */ 1161 1162 skb_put(skb, sizeof(*ip6h) + 8); 1163 1164 /* ICMPv6 */ 1165 skb_set_transport_header(skb, skb->len); 1166 interval = ipv6_addr_any(group) ? 1167 brmctx->multicast_query_response_interval : 1168 brmctx->multicast_last_member_interval; 1169 *igmp_type = ICMPV6_MGM_QUERY; 1170 switch (brmctx->multicast_mld_version) { 1171 case 1: 1172 mldq = (struct mld_msg *)icmp6_hdr(skb); 1173 mldq->mld_type = ICMPV6_MGM_QUERY; 1174 mldq->mld_code = 0; 1175 mldq->mld_cksum = 0; 1176 mldq->mld_maxdelay = htons((u16)jiffies_to_msecs(interval)); 1177 mldq->mld_reserved = 0; 1178 mldq->mld_mca = *group; 1179 csum = &mldq->mld_cksum; 1180 csum_start = (void *)mldq; 1181 break; 1182 case 2: 1183 mld2q = (struct mld2_query *)icmp6_hdr(skb); 1184 mld2q->mld2q_mrc = htons(mldv2_mrc(jiffies_to_msecs(interval))); 1185 mld2q->mld2q_type = ICMPV6_MGM_QUERY; 1186 mld2q->mld2q_code = 0; 1187 mld2q->mld2q_cksum = 0; 1188 mld2q->mld2q_resv1 = 0; 1189 mld2q->mld2q_resv2 = 0; 1190 mld2q->mld2q_suppress = sflag; 1191 mld2q->mld2q_qrv = 2; 1192 mld2q->mld2q_nsrcs = htons(llqt_srcs); 1193 mld2q->mld2q_qqic = mldv2_qqic(brmctx->multicast_query_interval / HZ); 1194 mld2q->mld2q_mca = *group; 1195 csum = &mld2q->mld2q_cksum; 1196 csum_start = (void *)mld2q; 1197 if (!pg || !with_srcs) 1198 break; 1199 1200 llqt_srcs = 0; 1201 hlist_for_each_entry(ent, &pg->src_list, node) { 1202 if (over_llqt == time_after(ent->timer.expires, 1203 llqt) && 1204 ent->src_query_rexmit_cnt > 0) { 1205 mld2q->mld2q_srcs[llqt_srcs++] = ent->addr.src.ip6; 1206 ent->src_query_rexmit_cnt--; 1207 if (need_rexmit && ent->src_query_rexmit_cnt) 1208 *need_rexmit = true; 1209 } 1210 } 1211 if (WARN_ON(llqt_srcs != ntohs(mld2q->mld2q_nsrcs))) { 1212 kfree_skb(skb); 1213 return NULL; 1214 } 1215 break; 1216 } 1217 1218 if (WARN_ON(!csum || !csum_start)) { 1219 kfree_skb(skb); 1220 return NULL; 1221 } 1222 1223 *csum = csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr, mld_hdr_size, 1224 IPPROTO_ICMPV6, 1225 csum_partial(csum_start, mld_hdr_size, 0)); 1226 skb_put(skb, mld_hdr_size); 1227 __skb_pull(skb, sizeof(*eth)); 1228 1229 out: 1230 return skb; 1231 } 1232 #endif 1233 1234 static struct sk_buff *br_multicast_alloc_query(struct net_bridge_mcast *brmctx, 1235 struct net_bridge_mcast_port *pmctx, 1236 struct net_bridge_port_group *pg, 1237 struct br_ip *ip_dst, 1238 struct br_ip *group, 1239 bool with_srcs, bool over_lmqt, 1240 u8 sflag, u8 *igmp_type, 1241 bool *need_rexmit) 1242 { 1243 __be32 ip4_dst; 1244 1245 switch (group->proto) { 1246 case htons(ETH_P_IP): 1247 ip4_dst = ip_dst ? ip_dst->dst.ip4 : htonl(INADDR_ALLHOSTS_GROUP); 1248 return br_ip4_multicast_alloc_query(brmctx, pmctx, pg, 1249 ip4_dst, group->dst.ip4, 1250 with_srcs, over_lmqt, 1251 sflag, igmp_type, 1252 need_rexmit); 1253 #if IS_ENABLED(CONFIG_IPV6) 1254 case htons(ETH_P_IPV6): { 1255 struct in6_addr ip6_dst; 1256 1257 if (ip_dst) 1258 ip6_dst = ip_dst->dst.ip6; 1259 else 1260 ipv6_addr_set(&ip6_dst, htonl(0xff020000), 0, 0, 1261 htonl(1)); 1262 1263 return br_ip6_multicast_alloc_query(brmctx, pmctx, pg, 1264 &ip6_dst, &group->dst.ip6, 1265 with_srcs, over_lmqt, 1266 sflag, igmp_type, 1267 need_rexmit); 1268 } 1269 #endif 1270 } 1271 return NULL; 1272 } 1273 1274 struct net_bridge_mdb_entry *br_multicast_new_group(struct net_bridge *br, 1275 struct br_ip *group) 1276 { 1277 struct net_bridge_mdb_entry *mp; 1278 int err; 1279 1280 mp = br_mdb_ip_get(br, group); 1281 if (mp) 1282 return mp; 1283 1284 if (atomic_read(&br->mdb_hash_tbl.nelems) >= br->hash_max) { 1285 trace_br_mdb_full(br->dev, group); 1286 br_mc_disabled_update(br->dev, false, NULL); 1287 br_opt_toggle(br, BROPT_MULTICAST_ENABLED, false); 1288 return ERR_PTR(-E2BIG); 1289 } 1290 1291 mp = kzalloc_obj(*mp, GFP_ATOMIC); 1292 if (unlikely(!mp)) 1293 return ERR_PTR(-ENOMEM); 1294 1295 mp->br = br; 1296 mp->addr = *group; 1297 mp->mcast_gc.destroy = br_multicast_destroy_mdb_entry; 1298 timer_setup(&mp->timer, br_multicast_group_expired, 0); 1299 err = rhashtable_lookup_insert_fast(&br->mdb_hash_tbl, &mp->rhnode, 1300 br_mdb_rht_params); 1301 if (err) { 1302 kfree(mp); 1303 mp = ERR_PTR(err); 1304 } else { 1305 hlist_add_head_rcu(&mp->mdb_node, &br->mdb_list); 1306 } 1307 1308 return mp; 1309 } 1310 1311 static void br_multicast_group_src_expired(struct timer_list *t) 1312 { 1313 struct net_bridge_group_src *src = timer_container_of(src, t, timer); 1314 struct net_bridge_port_group *pg; 1315 struct net_bridge *br = src->br; 1316 1317 spin_lock(&br->multicast_lock); 1318 if (hlist_unhashed(&src->node) || !netif_running(br->dev) || 1319 timer_pending(&src->timer)) 1320 goto out; 1321 1322 pg = src->pg; 1323 if (pg->filter_mode == MCAST_INCLUDE) { 1324 br_multicast_del_group_src(src, false); 1325 if (!hlist_empty(&pg->src_list)) 1326 goto out; 1327 br_multicast_find_del_pg(br, pg); 1328 } else { 1329 br_multicast_fwd_src_handle(src); 1330 } 1331 1332 out: 1333 spin_unlock(&br->multicast_lock); 1334 } 1335 1336 struct net_bridge_group_src * 1337 br_multicast_find_group_src(struct net_bridge_port_group *pg, struct br_ip *ip) 1338 { 1339 struct net_bridge_group_src *ent; 1340 1341 switch (ip->proto) { 1342 case htons(ETH_P_IP): 1343 hlist_for_each_entry(ent, &pg->src_list, node) 1344 if (ip->src.ip4 == ent->addr.src.ip4) 1345 return ent; 1346 break; 1347 #if IS_ENABLED(CONFIG_IPV6) 1348 case htons(ETH_P_IPV6): 1349 hlist_for_each_entry(ent, &pg->src_list, node) 1350 if (!ipv6_addr_cmp(&ent->addr.src.ip6, &ip->src.ip6)) 1351 return ent; 1352 break; 1353 #endif 1354 } 1355 1356 return NULL; 1357 } 1358 1359 struct net_bridge_group_src * 1360 br_multicast_new_group_src(struct net_bridge_port_group *pg, struct br_ip *src_ip) 1361 { 1362 struct net_bridge_group_src *grp_src; 1363 1364 if (unlikely(pg->src_ents >= PG_SRC_ENT_LIMIT)) 1365 return NULL; 1366 1367 switch (src_ip->proto) { 1368 case htons(ETH_P_IP): 1369 if (ipv4_is_zeronet(src_ip->src.ip4) || 1370 ipv4_is_multicast(src_ip->src.ip4)) 1371 return NULL; 1372 break; 1373 #if IS_ENABLED(CONFIG_IPV6) 1374 case htons(ETH_P_IPV6): 1375 if (ipv6_addr_any(&src_ip->src.ip6) || 1376 ipv6_addr_is_multicast(&src_ip->src.ip6)) 1377 return NULL; 1378 break; 1379 #endif 1380 } 1381 1382 grp_src = kzalloc_obj(*grp_src, GFP_ATOMIC); 1383 if (unlikely(!grp_src)) 1384 return NULL; 1385 1386 grp_src->pg = pg; 1387 grp_src->br = pg->key.port->br; 1388 grp_src->addr = *src_ip; 1389 grp_src->mcast_gc.destroy = br_multicast_destroy_group_src; 1390 timer_setup(&grp_src->timer, br_multicast_group_src_expired, 0); 1391 1392 hlist_add_head_rcu(&grp_src->node, &pg->src_list); 1393 pg->src_ents++; 1394 1395 return grp_src; 1396 } 1397 1398 struct net_bridge_port_group *br_multicast_new_port_group( 1399 struct net_bridge_port *port, 1400 const struct br_ip *group, 1401 struct net_bridge_port_group __rcu *next, 1402 unsigned char flags, 1403 const unsigned char *src, 1404 u8 filter_mode, 1405 u8 rt_protocol, 1406 struct netlink_ext_ack *extack) 1407 { 1408 struct net_bridge_port_group *p; 1409 int err; 1410 1411 err = br_multicast_port_ngroups_inc(port, group, extack); 1412 if (err) 1413 return NULL; 1414 1415 p = kzalloc_obj(*p, GFP_ATOMIC); 1416 if (unlikely(!p)) { 1417 NL_SET_ERR_MSG_MOD(extack, "Couldn't allocate new port group"); 1418 goto dec_out; 1419 } 1420 1421 p->key.addr = *group; 1422 p->key.port = port; 1423 p->flags = flags; 1424 p->filter_mode = filter_mode; 1425 p->rt_protocol = rt_protocol; 1426 p->eht_host_tree = RB_ROOT; 1427 p->eht_set_tree = RB_ROOT; 1428 p->mcast_gc.destroy = br_multicast_destroy_port_group; 1429 INIT_HLIST_HEAD(&p->src_list); 1430 1431 if (!br_multicast_is_star_g(group) && 1432 rhashtable_lookup_insert_fast(&port->br->sg_port_tbl, &p->rhnode, 1433 br_sg_port_rht_params)) { 1434 NL_SET_ERR_MSG_MOD(extack, "Couldn't insert new port group"); 1435 goto free_out; 1436 } 1437 1438 rcu_assign_pointer(p->next, next); 1439 timer_setup(&p->timer, br_multicast_port_group_expired, 0); 1440 timer_setup(&p->rexmit_timer, br_multicast_port_group_rexmit, 0); 1441 hlist_add_head(&p->mglist, &port->mglist); 1442 1443 if (src) 1444 memcpy(p->eth_addr, src, ETH_ALEN); 1445 else 1446 eth_broadcast_addr(p->eth_addr); 1447 1448 return p; 1449 1450 free_out: 1451 kfree(p); 1452 dec_out: 1453 br_multicast_port_ngroups_dec(port, group->vid); 1454 return NULL; 1455 } 1456 1457 void br_multicast_del_port_group(struct net_bridge_port_group *p) 1458 { 1459 struct net_bridge_port *port = p->key.port; 1460 __u16 vid = p->key.addr.vid; 1461 1462 hlist_del_init(&p->mglist); 1463 if (!br_multicast_is_star_g(&p->key.addr)) 1464 rhashtable_remove_fast(&port->br->sg_port_tbl, &p->rhnode, 1465 br_sg_port_rht_params); 1466 kfree(p); 1467 br_multicast_port_ngroups_dec(port, vid); 1468 } 1469 1470 void br_multicast_host_join(const struct net_bridge_mcast *brmctx, 1471 struct net_bridge_mdb_entry *mp, bool notify) 1472 { 1473 if (!mp->host_joined) { 1474 mp->host_joined = true; 1475 if (br_multicast_is_star_g(&mp->addr)) 1476 br_multicast_star_g_host_state(mp); 1477 if (notify) 1478 br_mdb_notify(mp->br->dev, mp, NULL, RTM_NEWMDB); 1479 } 1480 1481 if (br_group_is_l2(&mp->addr)) 1482 return; 1483 1484 mod_timer(&mp->timer, jiffies + brmctx->multicast_membership_interval); 1485 } 1486 1487 void br_multicast_host_leave(struct net_bridge_mdb_entry *mp, bool notify) 1488 { 1489 if (!mp->host_joined) 1490 return; 1491 1492 mp->host_joined = false; 1493 if (br_multicast_is_star_g(&mp->addr)) 1494 br_multicast_star_g_host_state(mp); 1495 if (notify) 1496 br_mdb_notify(mp->br->dev, mp, NULL, RTM_DELMDB); 1497 } 1498 1499 static struct net_bridge_port_group * 1500 __br_multicast_add_group(struct net_bridge_mcast *brmctx, 1501 struct net_bridge_mcast_port *pmctx, 1502 struct br_ip *group, 1503 const unsigned char *src, 1504 u8 filter_mode, 1505 bool igmpv2_mldv1, 1506 bool blocked) 1507 { 1508 struct net_bridge_port_group __rcu **pp; 1509 struct net_bridge_port_group *p = NULL; 1510 struct net_bridge_mdb_entry *mp; 1511 unsigned long now = jiffies; 1512 1513 if (!br_multicast_ctx_should_use(brmctx, pmctx)) 1514 goto out; 1515 1516 mp = br_multicast_new_group(brmctx->br, group); 1517 if (IS_ERR(mp)) 1518 return ERR_CAST(mp); 1519 1520 if (!pmctx) { 1521 br_multicast_host_join(brmctx, mp, true); 1522 goto out; 1523 } 1524 1525 for (pp = &mp->ports; 1526 (p = mlock_dereference(*pp, brmctx->br)) != NULL; 1527 pp = &p->next) { 1528 if (br_port_group_equal(p, pmctx->port, src)) 1529 goto found; 1530 if ((unsigned long)p->key.port < (unsigned long)pmctx->port) 1531 break; 1532 } 1533 1534 p = br_multicast_new_port_group(pmctx->port, group, *pp, 0, src, 1535 filter_mode, RTPROT_KERNEL, NULL); 1536 if (unlikely(!p)) { 1537 p = ERR_PTR(-ENOMEM); 1538 goto out; 1539 } 1540 rcu_assign_pointer(*pp, p); 1541 if (blocked) 1542 p->flags |= MDB_PG_FLAGS_BLOCKED; 1543 br_mdb_notify(brmctx->br->dev, mp, p, RTM_NEWMDB); 1544 1545 found: 1546 if (igmpv2_mldv1) 1547 mod_timer(&p->timer, 1548 now + brmctx->multicast_membership_interval); 1549 1550 out: 1551 return p; 1552 } 1553 1554 static int br_multicast_add_group(struct net_bridge_mcast *brmctx, 1555 struct net_bridge_mcast_port *pmctx, 1556 struct br_ip *group, 1557 const unsigned char *src, 1558 u8 filter_mode, 1559 bool igmpv2_mldv1) 1560 { 1561 struct net_bridge_port_group *pg; 1562 int err; 1563 1564 spin_lock(&brmctx->br->multicast_lock); 1565 pg = __br_multicast_add_group(brmctx, pmctx, group, src, filter_mode, 1566 igmpv2_mldv1, false); 1567 /* NULL is considered valid for host joined groups */ 1568 err = PTR_ERR_OR_ZERO(pg); 1569 spin_unlock(&brmctx->br->multicast_lock); 1570 1571 return err; 1572 } 1573 1574 static int br_ip4_multicast_add_group(struct net_bridge_mcast *brmctx, 1575 struct net_bridge_mcast_port *pmctx, 1576 __be32 group, 1577 __u16 vid, 1578 const unsigned char *src, 1579 bool igmpv2) 1580 { 1581 struct br_ip br_group; 1582 u8 filter_mode; 1583 1584 if (ipv4_is_local_multicast(group)) 1585 return 0; 1586 1587 memset(&br_group, 0, sizeof(br_group)); 1588 br_group.dst.ip4 = group; 1589 br_group.proto = htons(ETH_P_IP); 1590 br_group.vid = vid; 1591 filter_mode = igmpv2 ? MCAST_EXCLUDE : MCAST_INCLUDE; 1592 1593 return br_multicast_add_group(brmctx, pmctx, &br_group, src, 1594 filter_mode, igmpv2); 1595 } 1596 1597 #if IS_ENABLED(CONFIG_IPV6) 1598 static int br_ip6_multicast_add_group(struct net_bridge_mcast *brmctx, 1599 struct net_bridge_mcast_port *pmctx, 1600 const struct in6_addr *group, 1601 __u16 vid, 1602 const unsigned char *src, 1603 bool mldv1) 1604 { 1605 struct br_ip br_group; 1606 u8 filter_mode; 1607 1608 if (ipv6_addr_is_ll_all_nodes(group)) 1609 return 0; 1610 1611 memset(&br_group, 0, sizeof(br_group)); 1612 br_group.dst.ip6 = *group; 1613 br_group.proto = htons(ETH_P_IPV6); 1614 br_group.vid = vid; 1615 filter_mode = mldv1 ? MCAST_EXCLUDE : MCAST_INCLUDE; 1616 1617 return br_multicast_add_group(brmctx, pmctx, &br_group, src, 1618 filter_mode, mldv1); 1619 } 1620 #endif 1621 1622 static bool br_multicast_rport_del(struct hlist_node *rlist) 1623 { 1624 if (hlist_unhashed(rlist)) 1625 return false; 1626 1627 hlist_del_init_rcu(rlist); 1628 return true; 1629 } 1630 1631 static bool br_ip4_multicast_rport_del(struct net_bridge_mcast_port *pmctx) 1632 { 1633 return br_multicast_rport_del(&pmctx->ip4_rlist); 1634 } 1635 1636 static bool br_ip6_multicast_rport_del(struct net_bridge_mcast_port *pmctx) 1637 { 1638 #if IS_ENABLED(CONFIG_IPV6) 1639 return br_multicast_rport_del(&pmctx->ip6_rlist); 1640 #else 1641 return false; 1642 #endif 1643 } 1644 1645 static void br_multicast_router_expired(struct net_bridge_mcast_port *pmctx, 1646 struct timer_list *t, 1647 struct hlist_node *rlist) 1648 { 1649 struct net_bridge *br = pmctx->port->br; 1650 bool del; 1651 1652 spin_lock(&br->multicast_lock); 1653 if (pmctx->multicast_router == MDB_RTR_TYPE_DISABLED || 1654 pmctx->multicast_router == MDB_RTR_TYPE_PERM || 1655 timer_pending(t)) 1656 goto out; 1657 1658 del = br_multicast_rport_del(rlist); 1659 br_multicast_rport_del_notify(pmctx, del); 1660 out: 1661 spin_unlock(&br->multicast_lock); 1662 } 1663 1664 static void br_ip4_multicast_router_expired(struct timer_list *t) 1665 { 1666 struct net_bridge_mcast_port *pmctx = timer_container_of(pmctx, t, 1667 ip4_mc_router_timer); 1668 1669 br_multicast_router_expired(pmctx, t, &pmctx->ip4_rlist); 1670 } 1671 1672 #if IS_ENABLED(CONFIG_IPV6) 1673 static void br_ip6_multicast_router_expired(struct timer_list *t) 1674 { 1675 struct net_bridge_mcast_port *pmctx = timer_container_of(pmctx, t, 1676 ip6_mc_router_timer); 1677 1678 br_multicast_router_expired(pmctx, t, &pmctx->ip6_rlist); 1679 } 1680 #endif 1681 1682 static void br_mc_router_state_change(struct net_bridge *p, 1683 bool is_mc_router) 1684 { 1685 struct switchdev_attr attr = { 1686 .orig_dev = p->dev, 1687 .id = SWITCHDEV_ATTR_ID_BRIDGE_MROUTER, 1688 .flags = SWITCHDEV_F_DEFER, 1689 .u.mrouter = is_mc_router, 1690 }; 1691 1692 switchdev_port_attr_set(p->dev, &attr, NULL); 1693 } 1694 1695 static void br_multicast_local_router_expired(struct net_bridge_mcast *brmctx, 1696 struct timer_list *timer) 1697 { 1698 spin_lock(&brmctx->br->multicast_lock); 1699 if (brmctx->multicast_router == MDB_RTR_TYPE_DISABLED || 1700 brmctx->multicast_router == MDB_RTR_TYPE_PERM || 1701 br_ip4_multicast_is_router(brmctx) || 1702 br_ip6_multicast_is_router(brmctx)) 1703 goto out; 1704 1705 br_mc_router_state_change(brmctx->br, false); 1706 out: 1707 spin_unlock(&brmctx->br->multicast_lock); 1708 } 1709 1710 static void br_ip4_multicast_local_router_expired(struct timer_list *t) 1711 { 1712 struct net_bridge_mcast *brmctx = timer_container_of(brmctx, t, 1713 ip4_mc_router_timer); 1714 1715 br_multicast_local_router_expired(brmctx, t); 1716 } 1717 1718 #if IS_ENABLED(CONFIG_IPV6) 1719 static void br_ip6_multicast_local_router_expired(struct timer_list *t) 1720 { 1721 struct net_bridge_mcast *brmctx = timer_container_of(brmctx, t, 1722 ip6_mc_router_timer); 1723 1724 br_multicast_local_router_expired(brmctx, t); 1725 } 1726 #endif 1727 1728 static void br_multicast_querier_expired(struct net_bridge_mcast *brmctx, 1729 struct bridge_mcast_own_query *query) 1730 { 1731 spin_lock(&brmctx->br->multicast_lock); 1732 if (!netif_running(brmctx->br->dev) || 1733 br_multicast_ctx_vlan_global_disabled(brmctx) || 1734 !br_opt_get(brmctx->br, BROPT_MULTICAST_ENABLED)) 1735 goto out; 1736 1737 br_multicast_start_querier(brmctx, query); 1738 1739 out: 1740 spin_unlock(&brmctx->br->multicast_lock); 1741 } 1742 1743 static void br_ip4_multicast_querier_expired(struct timer_list *t) 1744 { 1745 struct net_bridge_mcast *brmctx = timer_container_of(brmctx, t, 1746 ip4_other_query.timer); 1747 1748 br_multicast_querier_expired(brmctx, &brmctx->ip4_own_query); 1749 } 1750 1751 #if IS_ENABLED(CONFIG_IPV6) 1752 static void br_ip6_multicast_querier_expired(struct timer_list *t) 1753 { 1754 struct net_bridge_mcast *brmctx = timer_container_of(brmctx, t, 1755 ip6_other_query.timer); 1756 1757 br_multicast_querier_expired(brmctx, &brmctx->ip6_own_query); 1758 } 1759 #endif 1760 1761 static void br_multicast_query_delay_expired(struct timer_list *t) 1762 { 1763 } 1764 1765 static void br_multicast_select_own_querier(struct net_bridge_mcast *brmctx, 1766 struct br_ip *ip, 1767 struct sk_buff *skb) 1768 { 1769 if (ip->proto == htons(ETH_P_IP)) 1770 brmctx->ip4_querier.addr.src.ip4 = ip_hdr(skb)->saddr; 1771 #if IS_ENABLED(CONFIG_IPV6) 1772 else 1773 brmctx->ip6_querier.addr.src.ip6 = ipv6_hdr(skb)->saddr; 1774 #endif 1775 } 1776 1777 static void __br_multicast_send_query(struct net_bridge_mcast *brmctx, 1778 struct net_bridge_mcast_port *pmctx, 1779 struct net_bridge_port_group *pg, 1780 struct br_ip *ip_dst, 1781 struct br_ip *group, 1782 bool with_srcs, 1783 u8 sflag, 1784 bool *need_rexmit) 1785 { 1786 bool over_lmqt = !!sflag; 1787 struct sk_buff *skb; 1788 u8 igmp_type; 1789 1790 if (!br_multicast_ctx_should_use(brmctx, pmctx) || 1791 !br_multicast_ctx_matches_vlan_snooping(brmctx)) 1792 return; 1793 1794 again_under_lmqt: 1795 skb = br_multicast_alloc_query(brmctx, pmctx, pg, ip_dst, group, 1796 with_srcs, over_lmqt, sflag, &igmp_type, 1797 need_rexmit); 1798 if (!skb) 1799 return; 1800 1801 if (pmctx) { 1802 skb->dev = pmctx->port->dev; 1803 br_multicast_count(brmctx->br, pmctx->port, skb, igmp_type, 1804 BR_MCAST_DIR_TX); 1805 NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, 1806 dev_net(pmctx->port->dev), NULL, skb, NULL, skb->dev, 1807 br_dev_queue_push_xmit); 1808 1809 if (over_lmqt && with_srcs && sflag) { 1810 over_lmqt = false; 1811 goto again_under_lmqt; 1812 } 1813 } else { 1814 br_multicast_select_own_querier(brmctx, group, skb); 1815 br_multicast_count(brmctx->br, NULL, skb, igmp_type, 1816 BR_MCAST_DIR_RX); 1817 netif_rx(skb); 1818 } 1819 } 1820 1821 static void br_multicast_read_querier(const struct bridge_mcast_querier *querier, 1822 struct bridge_mcast_querier *dest) 1823 { 1824 unsigned int seq; 1825 1826 memset(dest, 0, sizeof(*dest)); 1827 do { 1828 seq = read_seqcount_begin(&querier->seq); 1829 dest->port_ifidx = querier->port_ifidx; 1830 memcpy(&dest->addr, &querier->addr, sizeof(struct br_ip)); 1831 } while (read_seqcount_retry(&querier->seq, seq)); 1832 } 1833 1834 static void br_multicast_update_querier(struct net_bridge_mcast *brmctx, 1835 struct bridge_mcast_querier *querier, 1836 int ifindex, 1837 struct br_ip *saddr) 1838 { 1839 write_seqcount_begin(&querier->seq); 1840 querier->port_ifidx = ifindex; 1841 memcpy(&querier->addr, saddr, sizeof(*saddr)); 1842 write_seqcount_end(&querier->seq); 1843 } 1844 1845 static void br_multicast_send_query(struct net_bridge_mcast *brmctx, 1846 struct net_bridge_mcast_port *pmctx, 1847 struct bridge_mcast_own_query *own_query) 1848 { 1849 struct bridge_mcast_other_query *other_query = NULL; 1850 struct bridge_mcast_querier *querier; 1851 struct br_ip br_group; 1852 unsigned long time; 1853 1854 if (!br_multicast_ctx_should_use(brmctx, pmctx) || 1855 !br_opt_get(brmctx->br, BROPT_MULTICAST_ENABLED) || 1856 !brmctx->multicast_querier) 1857 return; 1858 1859 memset(&br_group.dst, 0, sizeof(br_group.dst)); 1860 1861 if (pmctx ? (own_query == &pmctx->ip4_own_query) : 1862 (own_query == &brmctx->ip4_own_query)) { 1863 querier = &brmctx->ip4_querier; 1864 other_query = &brmctx->ip4_other_query; 1865 br_group.proto = htons(ETH_P_IP); 1866 #if IS_ENABLED(CONFIG_IPV6) 1867 } else { 1868 querier = &brmctx->ip6_querier; 1869 other_query = &brmctx->ip6_other_query; 1870 br_group.proto = htons(ETH_P_IPV6); 1871 #endif 1872 } 1873 1874 if (!other_query || timer_pending(&other_query->timer)) 1875 return; 1876 1877 /* we're about to select ourselves as querier */ 1878 if (!pmctx && querier->port_ifidx) { 1879 struct br_ip zeroip = {}; 1880 1881 br_multicast_update_querier(brmctx, querier, 0, &zeroip); 1882 } 1883 1884 __br_multicast_send_query(brmctx, pmctx, NULL, NULL, &br_group, false, 1885 0, NULL); 1886 1887 time = jiffies; 1888 time += own_query->startup_sent < brmctx->multicast_startup_query_count ? 1889 brmctx->multicast_startup_query_interval : 1890 brmctx->multicast_query_interval; 1891 mod_timer(&own_query->timer, time); 1892 } 1893 1894 static void 1895 br_multicast_port_query_expired(struct net_bridge_mcast_port *pmctx, 1896 struct bridge_mcast_own_query *query) 1897 { 1898 struct net_bridge *br = pmctx->port->br; 1899 struct net_bridge_mcast *brmctx; 1900 1901 spin_lock(&br->multicast_lock); 1902 if (br_multicast_port_ctx_state_stopped(pmctx)) 1903 goto out; 1904 1905 brmctx = br_multicast_port_ctx_get_global(pmctx); 1906 if (query->startup_sent < brmctx->multicast_startup_query_count) 1907 query->startup_sent++; 1908 1909 br_multicast_send_query(brmctx, pmctx, query); 1910 1911 out: 1912 spin_unlock(&br->multicast_lock); 1913 } 1914 1915 static void br_ip4_multicast_port_query_expired(struct timer_list *t) 1916 { 1917 struct net_bridge_mcast_port *pmctx = timer_container_of(pmctx, t, 1918 ip4_own_query.timer); 1919 1920 br_multicast_port_query_expired(pmctx, &pmctx->ip4_own_query); 1921 } 1922 1923 #if IS_ENABLED(CONFIG_IPV6) 1924 static void br_ip6_multicast_port_query_expired(struct timer_list *t) 1925 { 1926 struct net_bridge_mcast_port *pmctx = timer_container_of(pmctx, t, 1927 ip6_own_query.timer); 1928 1929 br_multicast_port_query_expired(pmctx, &pmctx->ip6_own_query); 1930 } 1931 #endif 1932 1933 static void br_multicast_port_group_rexmit(struct timer_list *t) 1934 { 1935 struct net_bridge_port_group *pg = timer_container_of(pg, t, 1936 rexmit_timer); 1937 struct bridge_mcast_other_query *other_query = NULL; 1938 struct net_bridge *br = pg->key.port->br; 1939 struct net_bridge_mcast_port *pmctx; 1940 struct net_bridge_mcast *brmctx; 1941 bool need_rexmit = false; 1942 1943 spin_lock(&br->multicast_lock); 1944 if (!netif_running(br->dev) || hlist_unhashed(&pg->mglist) || 1945 !br_opt_get(br, BROPT_MULTICAST_ENABLED)) 1946 goto out; 1947 1948 pmctx = br_multicast_pg_to_port_ctx(pg); 1949 if (!pmctx) 1950 goto out; 1951 brmctx = br_multicast_port_ctx_get_global(pmctx); 1952 if (!brmctx->multicast_querier) 1953 goto out; 1954 1955 if (pg->key.addr.proto == htons(ETH_P_IP)) 1956 other_query = &brmctx->ip4_other_query; 1957 #if IS_ENABLED(CONFIG_IPV6) 1958 else 1959 other_query = &brmctx->ip6_other_query; 1960 #endif 1961 1962 if (!other_query || timer_pending(&other_query->timer)) 1963 goto out; 1964 1965 if (pg->grp_query_rexmit_cnt) { 1966 pg->grp_query_rexmit_cnt--; 1967 __br_multicast_send_query(brmctx, pmctx, pg, &pg->key.addr, 1968 &pg->key.addr, false, 1, NULL); 1969 } 1970 __br_multicast_send_query(brmctx, pmctx, pg, &pg->key.addr, 1971 &pg->key.addr, true, 0, &need_rexmit); 1972 1973 if (pg->grp_query_rexmit_cnt || need_rexmit) 1974 mod_timer(&pg->rexmit_timer, jiffies + 1975 brmctx->multicast_last_member_interval); 1976 out: 1977 spin_unlock(&br->multicast_lock); 1978 } 1979 1980 static int br_mc_disabled_update(struct net_device *dev, bool value, 1981 struct netlink_ext_ack *extack) 1982 { 1983 struct switchdev_attr attr = { 1984 .orig_dev = dev, 1985 .id = SWITCHDEV_ATTR_ID_BRIDGE_MC_DISABLED, 1986 .flags = SWITCHDEV_F_DEFER, 1987 .u.mc_disabled = !value, 1988 }; 1989 1990 return switchdev_port_attr_set(dev, &attr, extack); 1991 } 1992 1993 void br_multicast_port_ctx_init(struct net_bridge_port *port, 1994 struct net_bridge_vlan *vlan, 1995 struct net_bridge_mcast_port *pmctx) 1996 { 1997 pmctx->port = port; 1998 pmctx->vlan = vlan; 1999 pmctx->multicast_router = MDB_RTR_TYPE_TEMP_QUERY; 2000 timer_setup(&pmctx->ip4_mc_router_timer, 2001 br_ip4_multicast_router_expired, 0); 2002 timer_setup(&pmctx->ip4_own_query.timer, 2003 br_ip4_multicast_port_query_expired, 0); 2004 #if IS_ENABLED(CONFIG_IPV6) 2005 timer_setup(&pmctx->ip6_mc_router_timer, 2006 br_ip6_multicast_router_expired, 0); 2007 timer_setup(&pmctx->ip6_own_query.timer, 2008 br_ip6_multicast_port_query_expired, 0); 2009 #endif 2010 /* initialize mdb_n_entries if a new port vlan is being created */ 2011 if (vlan) { 2012 struct net_bridge_port_group *pg; 2013 u32 n = 0; 2014 2015 spin_lock_bh(&port->br->multicast_lock); 2016 hlist_for_each_entry(pg, &port->mglist, mglist) 2017 if (pg->key.addr.vid == vlan->vid) 2018 n++; 2019 WRITE_ONCE(pmctx->mdb_n_entries, n); 2020 spin_unlock_bh(&port->br->multicast_lock); 2021 } 2022 } 2023 2024 void br_multicast_port_ctx_deinit(struct net_bridge_mcast_port *pmctx) 2025 { 2026 struct net_bridge *br = pmctx->port->br; 2027 bool del = false; 2028 2029 #if IS_ENABLED(CONFIG_IPV6) 2030 timer_shutdown_sync(&pmctx->ip6_own_query.timer); 2031 timer_shutdown_sync(&pmctx->ip6_mc_router_timer); 2032 #endif 2033 timer_shutdown_sync(&pmctx->ip4_own_query.timer); 2034 timer_shutdown_sync(&pmctx->ip4_mc_router_timer); 2035 2036 spin_lock_bh(&br->multicast_lock); 2037 del |= br_ip6_multicast_rport_del(pmctx); 2038 del |= br_ip4_multicast_rport_del(pmctx); 2039 br_multicast_rport_del_notify(pmctx, del); 2040 spin_unlock_bh(&br->multicast_lock); 2041 } 2042 2043 int br_multicast_add_port(struct net_bridge_port *port) 2044 { 2045 int err; 2046 2047 port->multicast_eht_hosts_limit = BR_MCAST_DEFAULT_EHT_HOSTS_LIMIT; 2048 br_multicast_port_ctx_init(port, NULL, &port->multicast_ctx); 2049 2050 err = br_mc_disabled_update(port->dev, 2051 br_opt_get(port->br, 2052 BROPT_MULTICAST_ENABLED), 2053 NULL); 2054 if (err && err != -EOPNOTSUPP) 2055 return err; 2056 2057 port->mcast_stats = netdev_alloc_pcpu_stats(struct bridge_mcast_stats); 2058 if (!port->mcast_stats) 2059 return -ENOMEM; 2060 2061 return 0; 2062 } 2063 2064 void br_multicast_del_port(struct net_bridge_port *port) 2065 { 2066 struct net_bridge *br = port->br; 2067 struct net_bridge_port_group *pg; 2068 struct hlist_node *n; 2069 2070 /* Take care of the remaining groups, only perm ones should be left */ 2071 spin_lock_bh(&br->multicast_lock); 2072 hlist_for_each_entry_safe(pg, n, &port->mglist, mglist) 2073 br_multicast_find_del_pg(br, pg); 2074 spin_unlock_bh(&br->multicast_lock); 2075 flush_work(&br->mcast_gc_work); 2076 br_multicast_port_ctx_deinit(&port->multicast_ctx); 2077 free_percpu(port->mcast_stats); 2078 } 2079 2080 static void br_multicast_enable(struct bridge_mcast_own_query *query) 2081 { 2082 query->startup_sent = 0; 2083 2084 if (timer_delete_sync_try(&query->timer) >= 0 || 2085 timer_delete(&query->timer)) 2086 mod_timer(&query->timer, jiffies); 2087 } 2088 2089 static void __br_multicast_enable_port_ctx(struct net_bridge_mcast_port *pmctx) 2090 { 2091 struct net_bridge *br = pmctx->port->br; 2092 struct net_bridge_mcast *brmctx; 2093 2094 brmctx = br_multicast_port_ctx_get_global(pmctx); 2095 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED) || 2096 !netif_running(br->dev)) 2097 return; 2098 2099 br_multicast_enable(&pmctx->ip4_own_query); 2100 #if IS_ENABLED(CONFIG_IPV6) 2101 br_multicast_enable(&pmctx->ip6_own_query); 2102 #endif 2103 if (pmctx->multicast_router == MDB_RTR_TYPE_PERM) { 2104 br_ip4_multicast_add_router(brmctx, pmctx); 2105 br_ip6_multicast_add_router(brmctx, pmctx); 2106 } 2107 } 2108 2109 static void br_multicast_enable_port_ctx(struct net_bridge_mcast_port *pmctx) 2110 { 2111 struct net_bridge *br = pmctx->port->br; 2112 2113 spin_lock_bh(&br->multicast_lock); 2114 if (br_multicast_port_ctx_is_vlan(pmctx) && 2115 !(pmctx->vlan->priv_flags & BR_VLFLAG_MCAST_ENABLED)) { 2116 spin_unlock_bh(&br->multicast_lock); 2117 return; 2118 } 2119 __br_multicast_enable_port_ctx(pmctx); 2120 spin_unlock_bh(&br->multicast_lock); 2121 } 2122 2123 static void __br_multicast_disable_port_ctx(struct net_bridge_mcast_port *pmctx) 2124 { 2125 struct net_bridge_port_group *pg; 2126 struct hlist_node *n; 2127 bool del = false; 2128 2129 hlist_for_each_entry_safe(pg, n, &pmctx->port->mglist, mglist) 2130 if (!(pg->flags & MDB_PG_FLAGS_PERMANENT) && 2131 (!br_multicast_port_ctx_is_vlan(pmctx) || 2132 pg->key.addr.vid == pmctx->vlan->vid)) 2133 br_multicast_find_del_pg(pmctx->port->br, pg); 2134 2135 del |= br_ip4_multicast_rport_del(pmctx); 2136 timer_delete(&pmctx->ip4_mc_router_timer); 2137 timer_delete(&pmctx->ip4_own_query.timer); 2138 del |= br_ip6_multicast_rport_del(pmctx); 2139 #if IS_ENABLED(CONFIG_IPV6) 2140 timer_delete(&pmctx->ip6_mc_router_timer); 2141 timer_delete(&pmctx->ip6_own_query.timer); 2142 #endif 2143 br_multicast_rport_del_notify(pmctx, del); 2144 } 2145 2146 static void br_multicast_disable_port_ctx(struct net_bridge_mcast_port *pmctx) 2147 { 2148 struct net_bridge *br = pmctx->port->br; 2149 2150 spin_lock_bh(&br->multicast_lock); 2151 if (br_multicast_port_ctx_is_vlan(pmctx) && 2152 !(pmctx->vlan->priv_flags & BR_VLFLAG_MCAST_ENABLED)) { 2153 spin_unlock_bh(&br->multicast_lock); 2154 return; 2155 } 2156 2157 __br_multicast_disable_port_ctx(pmctx); 2158 spin_unlock_bh(&br->multicast_lock); 2159 } 2160 2161 static void br_multicast_toggle_port(struct net_bridge_port *port, bool on) 2162 { 2163 #if IS_ENABLED(CONFIG_BRIDGE_VLAN_FILTERING) 2164 if (br_opt_get(port->br, BROPT_MCAST_VLAN_SNOOPING_ENABLED)) { 2165 struct net_bridge_vlan_group *vg; 2166 struct net_bridge_vlan *vlan; 2167 2168 rcu_read_lock(); 2169 vg = nbp_vlan_group_rcu(port); 2170 if (!vg) { 2171 rcu_read_unlock(); 2172 return; 2173 } 2174 2175 /* iterate each vlan, toggle vlan multicast context */ 2176 list_for_each_entry_rcu(vlan, &vg->vlan_list, vlist) { 2177 struct net_bridge_mcast_port *pmctx = 2178 &vlan->port_mcast_ctx; 2179 u8 state = br_vlan_get_state(vlan); 2180 /* enable vlan multicast context when state is 2181 * LEARNING or FORWARDING 2182 */ 2183 if (on && br_vlan_state_allowed(state, true)) 2184 br_multicast_enable_port_ctx(pmctx); 2185 else 2186 br_multicast_disable_port_ctx(pmctx); 2187 } 2188 rcu_read_unlock(); 2189 return; 2190 } 2191 #endif 2192 /* toggle port multicast context when vlan snooping is disabled */ 2193 if (on) 2194 br_multicast_enable_port_ctx(&port->multicast_ctx); 2195 else 2196 br_multicast_disable_port_ctx(&port->multicast_ctx); 2197 } 2198 2199 void br_multicast_enable_port(struct net_bridge_port *port) 2200 { 2201 br_multicast_toggle_port(port, true); 2202 } 2203 2204 void br_multicast_disable_port(struct net_bridge_port *port) 2205 { 2206 br_multicast_toggle_port(port, false); 2207 } 2208 2209 static int __grp_src_delete_marked(struct net_bridge_port_group *pg) 2210 { 2211 struct net_bridge_group_src *ent; 2212 struct hlist_node *tmp; 2213 int deleted = 0; 2214 2215 hlist_for_each_entry_safe(ent, tmp, &pg->src_list, node) 2216 if (ent->flags & BR_SGRP_F_DELETE) { 2217 br_multicast_del_group_src(ent, false); 2218 deleted++; 2219 } 2220 2221 return deleted; 2222 } 2223 2224 static void __grp_src_mod_timer(struct net_bridge_group_src *src, 2225 unsigned long expires) 2226 { 2227 mod_timer(&src->timer, expires); 2228 br_multicast_fwd_src_handle(src); 2229 } 2230 2231 static void __grp_src_query_marked_and_rexmit(struct net_bridge_mcast *brmctx, 2232 struct net_bridge_mcast_port *pmctx, 2233 struct net_bridge_port_group *pg) 2234 { 2235 struct bridge_mcast_other_query *other_query = NULL; 2236 u32 lmqc = brmctx->multicast_last_member_count; 2237 unsigned long lmqt, lmi, now = jiffies; 2238 struct net_bridge_group_src *ent; 2239 2240 if (!netif_running(brmctx->br->dev) || 2241 !br_opt_get(brmctx->br, BROPT_MULTICAST_ENABLED)) 2242 return; 2243 2244 if (pg->key.addr.proto == htons(ETH_P_IP)) 2245 other_query = &brmctx->ip4_other_query; 2246 #if IS_ENABLED(CONFIG_IPV6) 2247 else 2248 other_query = &brmctx->ip6_other_query; 2249 #endif 2250 2251 lmqt = now + br_multicast_lmqt(brmctx); 2252 hlist_for_each_entry(ent, &pg->src_list, node) { 2253 if (ent->flags & BR_SGRP_F_SEND) { 2254 ent->flags &= ~BR_SGRP_F_SEND; 2255 if (ent->timer.expires > lmqt) { 2256 if (brmctx->multicast_querier && 2257 other_query && 2258 !timer_pending(&other_query->timer)) 2259 ent->src_query_rexmit_cnt = lmqc; 2260 __grp_src_mod_timer(ent, lmqt); 2261 } 2262 } 2263 } 2264 2265 if (!brmctx->multicast_querier || 2266 !other_query || timer_pending(&other_query->timer)) 2267 return; 2268 2269 __br_multicast_send_query(brmctx, pmctx, pg, &pg->key.addr, 2270 &pg->key.addr, true, 1, NULL); 2271 2272 lmi = now + brmctx->multicast_last_member_interval; 2273 if (!timer_pending(&pg->rexmit_timer) || 2274 time_after(pg->rexmit_timer.expires, lmi)) 2275 mod_timer(&pg->rexmit_timer, lmi); 2276 } 2277 2278 static void __grp_send_query_and_rexmit(struct net_bridge_mcast *brmctx, 2279 struct net_bridge_mcast_port *pmctx, 2280 struct net_bridge_port_group *pg) 2281 { 2282 struct bridge_mcast_other_query *other_query = NULL; 2283 unsigned long now = jiffies, lmi; 2284 2285 if (!netif_running(brmctx->br->dev) || 2286 !br_opt_get(brmctx->br, BROPT_MULTICAST_ENABLED)) 2287 return; 2288 2289 if (pg->key.addr.proto == htons(ETH_P_IP)) 2290 other_query = &brmctx->ip4_other_query; 2291 #if IS_ENABLED(CONFIG_IPV6) 2292 else 2293 other_query = &brmctx->ip6_other_query; 2294 #endif 2295 2296 if (brmctx->multicast_querier && 2297 other_query && !timer_pending(&other_query->timer)) { 2298 lmi = now + brmctx->multicast_last_member_interval; 2299 pg->grp_query_rexmit_cnt = brmctx->multicast_last_member_count - 1; 2300 __br_multicast_send_query(brmctx, pmctx, pg, &pg->key.addr, 2301 &pg->key.addr, false, 0, NULL); 2302 if (!timer_pending(&pg->rexmit_timer) || 2303 time_after(pg->rexmit_timer.expires, lmi)) 2304 mod_timer(&pg->rexmit_timer, lmi); 2305 } 2306 2307 if (pg->filter_mode == MCAST_EXCLUDE && 2308 (!timer_pending(&pg->timer) || 2309 time_after(pg->timer.expires, now + br_multicast_lmqt(brmctx)))) 2310 mod_timer(&pg->timer, now + br_multicast_lmqt(brmctx)); 2311 } 2312 2313 /* State Msg type New state Actions 2314 * INCLUDE (A) IS_IN (B) INCLUDE (A+B) (B)=GMI 2315 * INCLUDE (A) ALLOW (B) INCLUDE (A+B) (B)=GMI 2316 * EXCLUDE (X,Y) ALLOW (A) EXCLUDE (X+A,Y-A) (A)=GMI 2317 */ 2318 static bool br_multicast_isinc_allow(const struct net_bridge_mcast *brmctx, 2319 struct net_bridge_port_group *pg, void *h_addr, 2320 void *srcs, u32 nsrcs, size_t addr_size, 2321 int grec_type) 2322 { 2323 struct net_bridge_group_src *ent; 2324 unsigned long now = jiffies; 2325 bool changed = false; 2326 struct br_ip src_ip; 2327 u32 src_idx; 2328 2329 memset(&src_ip, 0, sizeof(src_ip)); 2330 src_ip.proto = pg->key.addr.proto; 2331 for (src_idx = 0; src_idx < nsrcs; src_idx++) { 2332 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size); 2333 ent = br_multicast_find_group_src(pg, &src_ip); 2334 if (!ent) { 2335 ent = br_multicast_new_group_src(pg, &src_ip); 2336 if (ent) 2337 changed = true; 2338 } 2339 2340 if (ent) 2341 __grp_src_mod_timer(ent, now + br_multicast_gmi(brmctx)); 2342 } 2343 2344 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size, 2345 grec_type)) 2346 changed = true; 2347 2348 return changed; 2349 } 2350 2351 /* State Msg type New state Actions 2352 * INCLUDE (A) IS_EX (B) EXCLUDE (A*B,B-A) (B-A)=0 2353 * Delete (A-B) 2354 * Group Timer=GMI 2355 */ 2356 static void __grp_src_isexc_incl(const struct net_bridge_mcast *brmctx, 2357 struct net_bridge_port_group *pg, void *h_addr, 2358 void *srcs, u32 nsrcs, size_t addr_size, 2359 int grec_type) 2360 { 2361 struct net_bridge_group_src *ent; 2362 struct br_ip src_ip; 2363 u32 src_idx; 2364 2365 hlist_for_each_entry(ent, &pg->src_list, node) 2366 ent->flags |= BR_SGRP_F_DELETE; 2367 2368 memset(&src_ip, 0, sizeof(src_ip)); 2369 src_ip.proto = pg->key.addr.proto; 2370 for (src_idx = 0; src_idx < nsrcs; src_idx++) { 2371 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size); 2372 ent = br_multicast_find_group_src(pg, &src_ip); 2373 if (ent) 2374 ent->flags &= ~BR_SGRP_F_DELETE; 2375 else 2376 ent = br_multicast_new_group_src(pg, &src_ip); 2377 if (ent) 2378 br_multicast_fwd_src_handle(ent); 2379 } 2380 2381 br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size, 2382 grec_type); 2383 2384 __grp_src_delete_marked(pg); 2385 } 2386 2387 /* State Msg type New state Actions 2388 * EXCLUDE (X,Y) IS_EX (A) EXCLUDE (A-Y,Y*A) (A-X-Y)=GMI 2389 * Delete (X-A) 2390 * Delete (Y-A) 2391 * Group Timer=GMI 2392 */ 2393 static bool __grp_src_isexc_excl(const struct net_bridge_mcast *brmctx, 2394 struct net_bridge_port_group *pg, void *h_addr, 2395 void *srcs, u32 nsrcs, size_t addr_size, 2396 int grec_type) 2397 { 2398 struct net_bridge_group_src *ent; 2399 unsigned long now = jiffies; 2400 bool changed = false; 2401 struct br_ip src_ip; 2402 u32 src_idx; 2403 2404 hlist_for_each_entry(ent, &pg->src_list, node) 2405 ent->flags |= BR_SGRP_F_DELETE; 2406 2407 memset(&src_ip, 0, sizeof(src_ip)); 2408 src_ip.proto = pg->key.addr.proto; 2409 for (src_idx = 0; src_idx < nsrcs; src_idx++) { 2410 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size); 2411 ent = br_multicast_find_group_src(pg, &src_ip); 2412 if (ent) { 2413 ent->flags &= ~BR_SGRP_F_DELETE; 2414 } else { 2415 ent = br_multicast_new_group_src(pg, &src_ip); 2416 if (ent) { 2417 __grp_src_mod_timer(ent, 2418 now + br_multicast_gmi(brmctx)); 2419 changed = true; 2420 } 2421 } 2422 } 2423 2424 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size, 2425 grec_type)) 2426 changed = true; 2427 2428 if (__grp_src_delete_marked(pg)) 2429 changed = true; 2430 2431 return changed; 2432 } 2433 2434 static bool br_multicast_isexc(const struct net_bridge_mcast *brmctx, 2435 struct net_bridge_port_group *pg, void *h_addr, 2436 void *srcs, u32 nsrcs, size_t addr_size, 2437 int grec_type) 2438 { 2439 bool changed = false; 2440 2441 switch (pg->filter_mode) { 2442 case MCAST_INCLUDE: 2443 __grp_src_isexc_incl(brmctx, pg, h_addr, srcs, nsrcs, addr_size, 2444 grec_type); 2445 br_multicast_star_g_handle_mode(pg, MCAST_EXCLUDE); 2446 changed = true; 2447 break; 2448 case MCAST_EXCLUDE: 2449 changed = __grp_src_isexc_excl(brmctx, pg, h_addr, srcs, nsrcs, 2450 addr_size, grec_type); 2451 break; 2452 } 2453 2454 pg->filter_mode = MCAST_EXCLUDE; 2455 mod_timer(&pg->timer, jiffies + br_multicast_gmi(brmctx)); 2456 2457 return changed; 2458 } 2459 2460 /* State Msg type New state Actions 2461 * INCLUDE (A) TO_IN (B) INCLUDE (A+B) (B)=GMI 2462 * Send Q(G,A-B) 2463 */ 2464 static bool __grp_src_toin_incl(struct net_bridge_mcast *brmctx, 2465 struct net_bridge_mcast_port *pmctx, 2466 struct net_bridge_port_group *pg, void *h_addr, 2467 void *srcs, u32 nsrcs, size_t addr_size, 2468 int grec_type) 2469 { 2470 u32 src_idx, to_send = pg->src_ents; 2471 struct net_bridge_group_src *ent; 2472 unsigned long now = jiffies; 2473 bool changed = false; 2474 struct br_ip src_ip; 2475 2476 hlist_for_each_entry(ent, &pg->src_list, node) 2477 ent->flags |= BR_SGRP_F_SEND; 2478 2479 memset(&src_ip, 0, sizeof(src_ip)); 2480 src_ip.proto = pg->key.addr.proto; 2481 for (src_idx = 0; src_idx < nsrcs; src_idx++) { 2482 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size); 2483 ent = br_multicast_find_group_src(pg, &src_ip); 2484 if (ent) { 2485 ent->flags &= ~BR_SGRP_F_SEND; 2486 to_send--; 2487 } else { 2488 ent = br_multicast_new_group_src(pg, &src_ip); 2489 if (ent) 2490 changed = true; 2491 } 2492 if (ent) 2493 __grp_src_mod_timer(ent, now + br_multicast_gmi(brmctx)); 2494 } 2495 2496 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size, 2497 grec_type)) 2498 changed = true; 2499 2500 if (to_send) 2501 __grp_src_query_marked_and_rexmit(brmctx, pmctx, pg); 2502 2503 return changed; 2504 } 2505 2506 /* State Msg type New state Actions 2507 * EXCLUDE (X,Y) TO_IN (A) EXCLUDE (X+A,Y-A) (A)=GMI 2508 * Send Q(G,X-A) 2509 * Send Q(G) 2510 */ 2511 static bool __grp_src_toin_excl(struct net_bridge_mcast *brmctx, 2512 struct net_bridge_mcast_port *pmctx, 2513 struct net_bridge_port_group *pg, void *h_addr, 2514 void *srcs, u32 nsrcs, size_t addr_size, 2515 int grec_type) 2516 { 2517 u32 src_idx, to_send = pg->src_ents; 2518 struct net_bridge_group_src *ent; 2519 unsigned long now = jiffies; 2520 bool changed = false; 2521 struct br_ip src_ip; 2522 2523 hlist_for_each_entry(ent, &pg->src_list, node) 2524 if (timer_pending(&ent->timer)) 2525 ent->flags |= BR_SGRP_F_SEND; 2526 2527 memset(&src_ip, 0, sizeof(src_ip)); 2528 src_ip.proto = pg->key.addr.proto; 2529 for (src_idx = 0; src_idx < nsrcs; src_idx++) { 2530 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size); 2531 ent = br_multicast_find_group_src(pg, &src_ip); 2532 if (ent) { 2533 if (timer_pending(&ent->timer)) { 2534 ent->flags &= ~BR_SGRP_F_SEND; 2535 to_send--; 2536 } 2537 } else { 2538 ent = br_multicast_new_group_src(pg, &src_ip); 2539 if (ent) 2540 changed = true; 2541 } 2542 if (ent) 2543 __grp_src_mod_timer(ent, now + br_multicast_gmi(brmctx)); 2544 } 2545 2546 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size, 2547 grec_type)) 2548 changed = true; 2549 2550 if (to_send) 2551 __grp_src_query_marked_and_rexmit(brmctx, pmctx, pg); 2552 2553 __grp_send_query_and_rexmit(brmctx, pmctx, pg); 2554 2555 return changed; 2556 } 2557 2558 static bool br_multicast_toin(struct net_bridge_mcast *brmctx, 2559 struct net_bridge_mcast_port *pmctx, 2560 struct net_bridge_port_group *pg, void *h_addr, 2561 void *srcs, u32 nsrcs, size_t addr_size, 2562 int grec_type) 2563 { 2564 bool changed = false; 2565 2566 switch (pg->filter_mode) { 2567 case MCAST_INCLUDE: 2568 changed = __grp_src_toin_incl(brmctx, pmctx, pg, h_addr, srcs, 2569 nsrcs, addr_size, grec_type); 2570 break; 2571 case MCAST_EXCLUDE: 2572 changed = __grp_src_toin_excl(brmctx, pmctx, pg, h_addr, srcs, 2573 nsrcs, addr_size, grec_type); 2574 break; 2575 } 2576 2577 if (br_multicast_eht_should_del_pg(pg)) { 2578 pg->flags |= MDB_PG_FLAGS_FAST_LEAVE; 2579 br_multicast_find_del_pg(pg->key.port->br, pg); 2580 /* a notification has already been sent and we shouldn't 2581 * access pg after the delete so we have to return false 2582 */ 2583 changed = false; 2584 } 2585 2586 return changed; 2587 } 2588 2589 /* State Msg type New state Actions 2590 * INCLUDE (A) TO_EX (B) EXCLUDE (A*B,B-A) (B-A)=0 2591 * Delete (A-B) 2592 * Send Q(G,A*B) 2593 * Group Timer=GMI 2594 */ 2595 static void __grp_src_toex_incl(struct net_bridge_mcast *brmctx, 2596 struct net_bridge_mcast_port *pmctx, 2597 struct net_bridge_port_group *pg, void *h_addr, 2598 void *srcs, u32 nsrcs, size_t addr_size, 2599 int grec_type) 2600 { 2601 struct net_bridge_group_src *ent; 2602 u32 src_idx, to_send = 0; 2603 struct br_ip src_ip; 2604 2605 hlist_for_each_entry(ent, &pg->src_list, node) 2606 ent->flags = (ent->flags & ~BR_SGRP_F_SEND) | BR_SGRP_F_DELETE; 2607 2608 memset(&src_ip, 0, sizeof(src_ip)); 2609 src_ip.proto = pg->key.addr.proto; 2610 for (src_idx = 0; src_idx < nsrcs; src_idx++) { 2611 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size); 2612 ent = br_multicast_find_group_src(pg, &src_ip); 2613 if (ent) { 2614 ent->flags = (ent->flags & ~BR_SGRP_F_DELETE) | 2615 BR_SGRP_F_SEND; 2616 to_send++; 2617 } else { 2618 ent = br_multicast_new_group_src(pg, &src_ip); 2619 } 2620 if (ent) 2621 br_multicast_fwd_src_handle(ent); 2622 } 2623 2624 br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size, 2625 grec_type); 2626 2627 __grp_src_delete_marked(pg); 2628 if (to_send) 2629 __grp_src_query_marked_and_rexmit(brmctx, pmctx, pg); 2630 } 2631 2632 /* State Msg type New state Actions 2633 * EXCLUDE (X,Y) TO_EX (A) EXCLUDE (A-Y,Y*A) (A-X-Y)=Group Timer 2634 * Delete (X-A) 2635 * Delete (Y-A) 2636 * Send Q(G,A-Y) 2637 * Group Timer=GMI 2638 */ 2639 static bool __grp_src_toex_excl(struct net_bridge_mcast *brmctx, 2640 struct net_bridge_mcast_port *pmctx, 2641 struct net_bridge_port_group *pg, void *h_addr, 2642 void *srcs, u32 nsrcs, size_t addr_size, 2643 int grec_type) 2644 { 2645 struct net_bridge_group_src *ent; 2646 u32 src_idx, to_send = 0; 2647 bool changed = false; 2648 struct br_ip src_ip; 2649 2650 hlist_for_each_entry(ent, &pg->src_list, node) 2651 ent->flags = (ent->flags & ~BR_SGRP_F_SEND) | BR_SGRP_F_DELETE; 2652 2653 memset(&src_ip, 0, sizeof(src_ip)); 2654 src_ip.proto = pg->key.addr.proto; 2655 for (src_idx = 0; src_idx < nsrcs; src_idx++) { 2656 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size); 2657 ent = br_multicast_find_group_src(pg, &src_ip); 2658 if (ent) { 2659 ent->flags &= ~BR_SGRP_F_DELETE; 2660 } else { 2661 ent = br_multicast_new_group_src(pg, &src_ip); 2662 if (ent) { 2663 __grp_src_mod_timer(ent, pg->timer.expires); 2664 changed = true; 2665 } 2666 } 2667 if (ent && timer_pending(&ent->timer)) { 2668 ent->flags |= BR_SGRP_F_SEND; 2669 to_send++; 2670 } 2671 } 2672 2673 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size, 2674 grec_type)) 2675 changed = true; 2676 2677 if (__grp_src_delete_marked(pg)) 2678 changed = true; 2679 if (to_send) 2680 __grp_src_query_marked_and_rexmit(brmctx, pmctx, pg); 2681 2682 return changed; 2683 } 2684 2685 static bool br_multicast_toex(struct net_bridge_mcast *brmctx, 2686 struct net_bridge_mcast_port *pmctx, 2687 struct net_bridge_port_group *pg, void *h_addr, 2688 void *srcs, u32 nsrcs, size_t addr_size, 2689 int grec_type) 2690 { 2691 bool changed = false; 2692 2693 switch (pg->filter_mode) { 2694 case MCAST_INCLUDE: 2695 __grp_src_toex_incl(brmctx, pmctx, pg, h_addr, srcs, nsrcs, 2696 addr_size, grec_type); 2697 br_multicast_star_g_handle_mode(pg, MCAST_EXCLUDE); 2698 changed = true; 2699 break; 2700 case MCAST_EXCLUDE: 2701 changed = __grp_src_toex_excl(brmctx, pmctx, pg, h_addr, srcs, 2702 nsrcs, addr_size, grec_type); 2703 break; 2704 } 2705 2706 pg->filter_mode = MCAST_EXCLUDE; 2707 mod_timer(&pg->timer, jiffies + br_multicast_gmi(brmctx)); 2708 2709 return changed; 2710 } 2711 2712 /* State Msg type New state Actions 2713 * INCLUDE (A) BLOCK (B) INCLUDE (A) Send Q(G,A*B) 2714 */ 2715 static bool __grp_src_block_incl(struct net_bridge_mcast *brmctx, 2716 struct net_bridge_mcast_port *pmctx, 2717 struct net_bridge_port_group *pg, void *h_addr, 2718 void *srcs, u32 nsrcs, size_t addr_size, int grec_type) 2719 { 2720 struct net_bridge_group_src *ent; 2721 u32 src_idx, to_send = 0; 2722 bool changed = false; 2723 struct br_ip src_ip; 2724 2725 hlist_for_each_entry(ent, &pg->src_list, node) 2726 ent->flags &= ~BR_SGRP_F_SEND; 2727 2728 memset(&src_ip, 0, sizeof(src_ip)); 2729 src_ip.proto = pg->key.addr.proto; 2730 for (src_idx = 0; src_idx < nsrcs; src_idx++) { 2731 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size); 2732 ent = br_multicast_find_group_src(pg, &src_ip); 2733 if (ent) { 2734 ent->flags |= BR_SGRP_F_SEND; 2735 to_send++; 2736 } 2737 } 2738 2739 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size, 2740 grec_type)) 2741 changed = true; 2742 2743 if (to_send) 2744 __grp_src_query_marked_and_rexmit(brmctx, pmctx, pg); 2745 2746 return changed; 2747 } 2748 2749 /* State Msg type New state Actions 2750 * EXCLUDE (X,Y) BLOCK (A) EXCLUDE (X+(A-Y),Y) (A-X-Y)=Group Timer 2751 * Send Q(G,A-Y) 2752 */ 2753 static bool __grp_src_block_excl(struct net_bridge_mcast *brmctx, 2754 struct net_bridge_mcast_port *pmctx, 2755 struct net_bridge_port_group *pg, void *h_addr, 2756 void *srcs, u32 nsrcs, size_t addr_size, int grec_type) 2757 { 2758 struct net_bridge_group_src *ent; 2759 u32 src_idx, to_send = 0; 2760 bool changed = false; 2761 struct br_ip src_ip; 2762 2763 hlist_for_each_entry(ent, &pg->src_list, node) 2764 ent->flags &= ~BR_SGRP_F_SEND; 2765 2766 memset(&src_ip, 0, sizeof(src_ip)); 2767 src_ip.proto = pg->key.addr.proto; 2768 for (src_idx = 0; src_idx < nsrcs; src_idx++) { 2769 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size); 2770 ent = br_multicast_find_group_src(pg, &src_ip); 2771 if (!ent) { 2772 ent = br_multicast_new_group_src(pg, &src_ip); 2773 if (ent) { 2774 __grp_src_mod_timer(ent, pg->timer.expires); 2775 changed = true; 2776 } 2777 } 2778 if (ent && timer_pending(&ent->timer)) { 2779 ent->flags |= BR_SGRP_F_SEND; 2780 to_send++; 2781 } 2782 } 2783 2784 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size, 2785 grec_type)) 2786 changed = true; 2787 2788 if (to_send) 2789 __grp_src_query_marked_and_rexmit(brmctx, pmctx, pg); 2790 2791 return changed; 2792 } 2793 2794 static bool br_multicast_block(struct net_bridge_mcast *brmctx, 2795 struct net_bridge_mcast_port *pmctx, 2796 struct net_bridge_port_group *pg, void *h_addr, 2797 void *srcs, u32 nsrcs, size_t addr_size, int grec_type) 2798 { 2799 bool changed = false; 2800 2801 switch (pg->filter_mode) { 2802 case MCAST_INCLUDE: 2803 changed = __grp_src_block_incl(brmctx, pmctx, pg, h_addr, srcs, 2804 nsrcs, addr_size, grec_type); 2805 break; 2806 case MCAST_EXCLUDE: 2807 changed = __grp_src_block_excl(brmctx, pmctx, pg, h_addr, srcs, 2808 nsrcs, addr_size, grec_type); 2809 break; 2810 } 2811 2812 if ((pg->filter_mode == MCAST_INCLUDE && hlist_empty(&pg->src_list)) || 2813 br_multicast_eht_should_del_pg(pg)) { 2814 if (br_multicast_eht_should_del_pg(pg)) 2815 pg->flags |= MDB_PG_FLAGS_FAST_LEAVE; 2816 br_multicast_find_del_pg(pg->key.port->br, pg); 2817 /* a notification has already been sent and we shouldn't 2818 * access pg after the delete so we have to return false 2819 */ 2820 changed = false; 2821 } 2822 2823 return changed; 2824 } 2825 2826 static struct net_bridge_port_group * 2827 br_multicast_find_port(struct net_bridge_mdb_entry *mp, 2828 struct net_bridge_port *p, 2829 const unsigned char *src) 2830 { 2831 struct net_bridge *br __maybe_unused = mp->br; 2832 struct net_bridge_port_group *pg; 2833 2834 for (pg = mlock_dereference(mp->ports, br); 2835 pg; 2836 pg = mlock_dereference(pg->next, br)) 2837 if (br_port_group_equal(pg, p, src)) 2838 return pg; 2839 2840 return NULL; 2841 } 2842 2843 static int br_ip4_multicast_igmp3_report(struct net_bridge_mcast *brmctx, 2844 struct net_bridge_mcast_port *pmctx, 2845 struct sk_buff *skb, 2846 u16 vid) 2847 { 2848 bool igmpv2 = brmctx->multicast_igmp_version == 2; 2849 struct net_bridge_mdb_entry *mdst; 2850 struct net_bridge_port_group *pg; 2851 const unsigned char *src; 2852 struct igmpv3_report *ih; 2853 struct igmpv3_grec *grec; 2854 int i, len, num, type; 2855 __be32 group, *h_addr; 2856 bool changed = false; 2857 int err = 0; 2858 u16 nsrcs; 2859 2860 ih = igmpv3_report_hdr(skb); 2861 num = ntohs(ih->ngrec); 2862 len = skb_transport_offset(skb) + sizeof(*ih); 2863 2864 for (i = 0; i < num; i++) { 2865 len += sizeof(*grec); 2866 if (!ip_mc_may_pull(skb, len)) 2867 return -EINVAL; 2868 2869 grec = (void *)(skb->data + len - sizeof(*grec)); 2870 group = grec->grec_mca; 2871 type = grec->grec_type; 2872 nsrcs = ntohs(grec->grec_nsrcs); 2873 2874 len += nsrcs * 4; 2875 if (!ip_mc_may_pull(skb, len)) 2876 return -EINVAL; 2877 2878 switch (type) { 2879 case IGMPV3_MODE_IS_INCLUDE: 2880 case IGMPV3_MODE_IS_EXCLUDE: 2881 case IGMPV3_CHANGE_TO_INCLUDE: 2882 case IGMPV3_CHANGE_TO_EXCLUDE: 2883 case IGMPV3_ALLOW_NEW_SOURCES: 2884 case IGMPV3_BLOCK_OLD_SOURCES: 2885 break; 2886 2887 default: 2888 continue; 2889 } 2890 2891 src = eth_hdr(skb)->h_source; 2892 if (nsrcs == 0 && 2893 (type == IGMPV3_CHANGE_TO_INCLUDE || 2894 type == IGMPV3_MODE_IS_INCLUDE)) { 2895 if (!pmctx || igmpv2) { 2896 br_ip4_multicast_leave_group(brmctx, pmctx, 2897 group, vid, src); 2898 continue; 2899 } 2900 } else { 2901 err = br_ip4_multicast_add_group(brmctx, pmctx, group, 2902 vid, src, igmpv2); 2903 if (err) 2904 break; 2905 } 2906 2907 if (!pmctx || igmpv2) 2908 continue; 2909 2910 spin_lock(&brmctx->br->multicast_lock); 2911 if (!br_multicast_ctx_should_use(brmctx, pmctx)) 2912 goto unlock_continue; 2913 2914 mdst = br_mdb_ip4_get(brmctx->br, group, vid); 2915 if (!mdst) 2916 goto unlock_continue; 2917 pg = br_multicast_find_port(mdst, pmctx->port, src); 2918 if (!pg || (pg->flags & MDB_PG_FLAGS_PERMANENT)) 2919 goto unlock_continue; 2920 /* reload grec and host addr */ 2921 grec = (void *)(skb->data + len - sizeof(*grec) - (nsrcs * 4)); 2922 h_addr = &ip_hdr(skb)->saddr; 2923 switch (type) { 2924 case IGMPV3_ALLOW_NEW_SOURCES: 2925 changed = br_multicast_isinc_allow(brmctx, pg, h_addr, 2926 grec->grec_src, 2927 nsrcs, sizeof(__be32), type); 2928 break; 2929 case IGMPV3_MODE_IS_INCLUDE: 2930 changed = br_multicast_isinc_allow(brmctx, pg, h_addr, 2931 grec->grec_src, 2932 nsrcs, sizeof(__be32), type); 2933 break; 2934 case IGMPV3_MODE_IS_EXCLUDE: 2935 changed = br_multicast_isexc(brmctx, pg, h_addr, 2936 grec->grec_src, 2937 nsrcs, sizeof(__be32), type); 2938 break; 2939 case IGMPV3_CHANGE_TO_INCLUDE: 2940 changed = br_multicast_toin(brmctx, pmctx, pg, h_addr, 2941 grec->grec_src, 2942 nsrcs, sizeof(__be32), type); 2943 break; 2944 case IGMPV3_CHANGE_TO_EXCLUDE: 2945 changed = br_multicast_toex(brmctx, pmctx, pg, h_addr, 2946 grec->grec_src, 2947 nsrcs, sizeof(__be32), type); 2948 break; 2949 case IGMPV3_BLOCK_OLD_SOURCES: 2950 changed = br_multicast_block(brmctx, pmctx, pg, h_addr, 2951 grec->grec_src, 2952 nsrcs, sizeof(__be32), type); 2953 break; 2954 } 2955 if (changed) 2956 br_mdb_notify(brmctx->br->dev, mdst, pg, RTM_NEWMDB); 2957 unlock_continue: 2958 spin_unlock(&brmctx->br->multicast_lock); 2959 } 2960 2961 return err; 2962 } 2963 2964 #if IS_ENABLED(CONFIG_IPV6) 2965 static int br_ip6_multicast_mld2_report(struct net_bridge_mcast *brmctx, 2966 struct net_bridge_mcast_port *pmctx, 2967 struct sk_buff *skb, 2968 u16 vid) 2969 { 2970 bool mldv1 = brmctx->multicast_mld_version == 1; 2971 struct net_bridge_mdb_entry *mdst; 2972 struct net_bridge_port_group *pg; 2973 unsigned int nsrcs_offset; 2974 struct mld2_report *mld2r; 2975 const unsigned char *src; 2976 struct in6_addr *h_addr; 2977 struct mld2_grec *grec; 2978 unsigned int grec_len; 2979 bool changed = false; 2980 int i, len, num; 2981 int err = 0; 2982 2983 if (!ipv6_mc_may_pull(skb, sizeof(*mld2r))) 2984 return -EINVAL; 2985 2986 mld2r = (struct mld2_report *)icmp6_hdr(skb); 2987 num = ntohs(mld2r->mld2r_ngrec); 2988 len = skb_transport_offset(skb) + sizeof(*mld2r); 2989 2990 for (i = 0; i < num; i++) { 2991 __be16 *_nsrcs, __nsrcs; 2992 u16 nsrcs; 2993 2994 nsrcs_offset = len + offsetof(struct mld2_grec, grec_nsrcs); 2995 2996 if (skb_transport_offset(skb) + ipv6_transport_len(skb) < 2997 nsrcs_offset + sizeof(__nsrcs)) 2998 return -EINVAL; 2999 3000 _nsrcs = skb_header_pointer(skb, nsrcs_offset, 3001 sizeof(__nsrcs), &__nsrcs); 3002 if (!_nsrcs) 3003 return -EINVAL; 3004 3005 nsrcs = ntohs(*_nsrcs); 3006 grec_len = struct_size(grec, grec_src, nsrcs); 3007 3008 if (!ipv6_mc_may_pull(skb, len + grec_len)) 3009 return -EINVAL; 3010 3011 grec = (struct mld2_grec *)(skb->data + len); 3012 len += grec_len; 3013 3014 switch (grec->grec_type) { 3015 case MLD2_MODE_IS_INCLUDE: 3016 case MLD2_MODE_IS_EXCLUDE: 3017 case MLD2_CHANGE_TO_INCLUDE: 3018 case MLD2_CHANGE_TO_EXCLUDE: 3019 case MLD2_ALLOW_NEW_SOURCES: 3020 case MLD2_BLOCK_OLD_SOURCES: 3021 break; 3022 3023 default: 3024 continue; 3025 } 3026 3027 src = eth_hdr(skb)->h_source; 3028 if ((grec->grec_type == MLD2_CHANGE_TO_INCLUDE || 3029 grec->grec_type == MLD2_MODE_IS_INCLUDE) && 3030 nsrcs == 0) { 3031 if (!pmctx || mldv1) { 3032 br_ip6_multicast_leave_group(brmctx, pmctx, 3033 &grec->grec_mca, 3034 vid, src); 3035 continue; 3036 } 3037 } else { 3038 err = br_ip6_multicast_add_group(brmctx, pmctx, 3039 &grec->grec_mca, vid, 3040 src, mldv1); 3041 if (err) 3042 break; 3043 } 3044 3045 if (!pmctx || mldv1) 3046 continue; 3047 3048 spin_lock(&brmctx->br->multicast_lock); 3049 if (!br_multicast_ctx_should_use(brmctx, pmctx)) 3050 goto unlock_continue; 3051 3052 mdst = br_mdb_ip6_get(brmctx->br, &grec->grec_mca, vid); 3053 if (!mdst) 3054 goto unlock_continue; 3055 pg = br_multicast_find_port(mdst, pmctx->port, src); 3056 if (!pg || (pg->flags & MDB_PG_FLAGS_PERMANENT)) 3057 goto unlock_continue; 3058 h_addr = &ipv6_hdr(skb)->saddr; 3059 switch (grec->grec_type) { 3060 case MLD2_ALLOW_NEW_SOURCES: 3061 changed = br_multicast_isinc_allow(brmctx, pg, h_addr, 3062 grec->grec_src, nsrcs, 3063 sizeof(struct in6_addr), 3064 grec->grec_type); 3065 break; 3066 case MLD2_MODE_IS_INCLUDE: 3067 changed = br_multicast_isinc_allow(brmctx, pg, h_addr, 3068 grec->grec_src, nsrcs, 3069 sizeof(struct in6_addr), 3070 grec->grec_type); 3071 break; 3072 case MLD2_MODE_IS_EXCLUDE: 3073 changed = br_multicast_isexc(brmctx, pg, h_addr, 3074 grec->grec_src, nsrcs, 3075 sizeof(struct in6_addr), 3076 grec->grec_type); 3077 break; 3078 case MLD2_CHANGE_TO_INCLUDE: 3079 changed = br_multicast_toin(brmctx, pmctx, pg, h_addr, 3080 grec->grec_src, nsrcs, 3081 sizeof(struct in6_addr), 3082 grec->grec_type); 3083 break; 3084 case MLD2_CHANGE_TO_EXCLUDE: 3085 changed = br_multicast_toex(brmctx, pmctx, pg, h_addr, 3086 grec->grec_src, nsrcs, 3087 sizeof(struct in6_addr), 3088 grec->grec_type); 3089 break; 3090 case MLD2_BLOCK_OLD_SOURCES: 3091 changed = br_multicast_block(brmctx, pmctx, pg, h_addr, 3092 grec->grec_src, nsrcs, 3093 sizeof(struct in6_addr), 3094 grec->grec_type); 3095 break; 3096 } 3097 if (changed) 3098 br_mdb_notify(brmctx->br->dev, mdst, pg, RTM_NEWMDB); 3099 unlock_continue: 3100 spin_unlock(&brmctx->br->multicast_lock); 3101 } 3102 3103 return err; 3104 } 3105 #endif 3106 3107 static bool br_multicast_select_querier(struct net_bridge_mcast *brmctx, 3108 struct net_bridge_mcast_port *pmctx, 3109 struct br_ip *saddr) 3110 { 3111 int port_ifidx = pmctx ? pmctx->port->dev->ifindex : 0; 3112 struct timer_list *own_timer, *other_timer; 3113 struct bridge_mcast_querier *querier; 3114 3115 switch (saddr->proto) { 3116 case htons(ETH_P_IP): 3117 querier = &brmctx->ip4_querier; 3118 own_timer = &brmctx->ip4_own_query.timer; 3119 other_timer = &brmctx->ip4_other_query.timer; 3120 if (!querier->addr.src.ip4 || 3121 ntohl(saddr->src.ip4) <= ntohl(querier->addr.src.ip4)) 3122 goto update; 3123 break; 3124 #if IS_ENABLED(CONFIG_IPV6) 3125 case htons(ETH_P_IPV6): 3126 querier = &brmctx->ip6_querier; 3127 own_timer = &brmctx->ip6_own_query.timer; 3128 other_timer = &brmctx->ip6_other_query.timer; 3129 if (ipv6_addr_cmp(&saddr->src.ip6, &querier->addr.src.ip6) <= 0) 3130 goto update; 3131 break; 3132 #endif 3133 default: 3134 return false; 3135 } 3136 3137 if (!timer_pending(own_timer) && !timer_pending(other_timer)) 3138 goto update; 3139 3140 return false; 3141 3142 update: 3143 br_multicast_update_querier(brmctx, querier, port_ifidx, saddr); 3144 3145 return true; 3146 } 3147 3148 static struct net_bridge_port * 3149 __br_multicast_get_querier_port(struct net_bridge *br, 3150 const struct bridge_mcast_querier *querier) 3151 { 3152 int port_ifidx = READ_ONCE(querier->port_ifidx); 3153 struct net_bridge_port *p; 3154 struct net_device *dev; 3155 3156 if (port_ifidx == 0) 3157 return NULL; 3158 3159 dev = dev_get_by_index_rcu(dev_net(br->dev), port_ifidx); 3160 if (!dev) 3161 return NULL; 3162 p = br_port_get_rtnl_rcu(dev); 3163 if (!p || p->br != br) 3164 return NULL; 3165 3166 return p; 3167 } 3168 3169 size_t br_multicast_querier_state_size(void) 3170 { 3171 return nla_total_size(0) + /* nest attribute */ 3172 nla_total_size(sizeof(__be32)) + /* BRIDGE_QUERIER_IP_ADDRESS */ 3173 nla_total_size(sizeof(int)) + /* BRIDGE_QUERIER_IP_PORT */ 3174 nla_total_size_64bit(sizeof(u64)) + /* BRIDGE_QUERIER_IP_OTHER_TIMER */ 3175 #if IS_ENABLED(CONFIG_IPV6) 3176 nla_total_size(sizeof(struct in6_addr)) + /* BRIDGE_QUERIER_IPV6_ADDRESS */ 3177 nla_total_size(sizeof(int)) + /* BRIDGE_QUERIER_IPV6_PORT */ 3178 nla_total_size_64bit(sizeof(u64)) + /* BRIDGE_QUERIER_IPV6_OTHER_TIMER */ 3179 #endif 3180 0; 3181 } 3182 3183 /* protected by rtnl or rcu */ 3184 int br_multicast_dump_querier_state(struct sk_buff *skb, 3185 const struct net_bridge_mcast *brmctx, 3186 int nest_attr) 3187 { 3188 struct bridge_mcast_querier querier = {}; 3189 struct net_bridge_port *p; 3190 struct nlattr *nest; 3191 3192 if (!br_opt_get(brmctx->br, BROPT_MULTICAST_ENABLED) || 3193 br_multicast_ctx_vlan_global_disabled(brmctx)) 3194 return 0; 3195 3196 nest = nla_nest_start(skb, nest_attr); 3197 if (!nest) 3198 return -EMSGSIZE; 3199 3200 rcu_read_lock(); 3201 if (!brmctx->multicast_querier && 3202 !timer_pending(&brmctx->ip4_other_query.timer)) 3203 goto out_v6; 3204 3205 br_multicast_read_querier(&brmctx->ip4_querier, &querier); 3206 if (nla_put_in_addr(skb, BRIDGE_QUERIER_IP_ADDRESS, 3207 querier.addr.src.ip4)) { 3208 rcu_read_unlock(); 3209 goto out_err; 3210 } 3211 3212 p = __br_multicast_get_querier_port(brmctx->br, &querier); 3213 if (timer_pending(&brmctx->ip4_other_query.timer) && 3214 (nla_put_u64_64bit(skb, BRIDGE_QUERIER_IP_OTHER_TIMER, 3215 br_timer_value(&brmctx->ip4_other_query.timer), 3216 BRIDGE_QUERIER_PAD) || 3217 (p && nla_put_u32(skb, BRIDGE_QUERIER_IP_PORT, p->dev->ifindex)))) { 3218 rcu_read_unlock(); 3219 goto out_err; 3220 } 3221 3222 out_v6: 3223 #if IS_ENABLED(CONFIG_IPV6) 3224 if (!brmctx->multicast_querier && 3225 !timer_pending(&brmctx->ip6_other_query.timer)) 3226 goto out; 3227 3228 br_multicast_read_querier(&brmctx->ip6_querier, &querier); 3229 if (nla_put_in6_addr(skb, BRIDGE_QUERIER_IPV6_ADDRESS, 3230 &querier.addr.src.ip6)) { 3231 rcu_read_unlock(); 3232 goto out_err; 3233 } 3234 3235 p = __br_multicast_get_querier_port(brmctx->br, &querier); 3236 if (timer_pending(&brmctx->ip6_other_query.timer) && 3237 (nla_put_u64_64bit(skb, BRIDGE_QUERIER_IPV6_OTHER_TIMER, 3238 br_timer_value(&brmctx->ip6_other_query.timer), 3239 BRIDGE_QUERIER_PAD) || 3240 (p && nla_put_u32(skb, BRIDGE_QUERIER_IPV6_PORT, 3241 p->dev->ifindex)))) { 3242 rcu_read_unlock(); 3243 goto out_err; 3244 } 3245 out: 3246 #endif 3247 rcu_read_unlock(); 3248 nla_nest_end(skb, nest); 3249 if (!nla_len(nest)) 3250 nla_nest_cancel(skb, nest); 3251 3252 return 0; 3253 3254 out_err: 3255 nla_nest_cancel(skb, nest); 3256 return -EMSGSIZE; 3257 } 3258 3259 static void 3260 br_multicast_update_query_timer(struct net_bridge_mcast *brmctx, 3261 struct bridge_mcast_other_query *query, 3262 unsigned long max_delay) 3263 { 3264 if (!timer_pending(&query->timer)) 3265 mod_timer(&query->delay_timer, jiffies + max_delay); 3266 3267 mod_timer(&query->timer, jiffies + brmctx->multicast_querier_interval); 3268 } 3269 3270 static void br_port_mc_router_state_change(struct net_bridge_port *p, 3271 bool is_mc_router) 3272 { 3273 struct switchdev_attr attr = { 3274 .orig_dev = p->dev, 3275 .id = SWITCHDEV_ATTR_ID_PORT_MROUTER, 3276 .flags = SWITCHDEV_F_DEFER, 3277 .u.mrouter = is_mc_router, 3278 }; 3279 3280 switchdev_port_attr_set(p->dev, &attr, NULL); 3281 } 3282 3283 static struct net_bridge_port * 3284 br_multicast_rport_from_node(struct net_bridge_mcast *brmctx, 3285 struct hlist_head *mc_router_list, 3286 struct hlist_node *rlist) 3287 { 3288 struct net_bridge_mcast_port *pmctx; 3289 3290 #if IS_ENABLED(CONFIG_IPV6) 3291 if (mc_router_list == &brmctx->ip6_mc_router_list) 3292 pmctx = hlist_entry(rlist, struct net_bridge_mcast_port, 3293 ip6_rlist); 3294 else 3295 #endif 3296 pmctx = hlist_entry(rlist, struct net_bridge_mcast_port, 3297 ip4_rlist); 3298 3299 return pmctx->port; 3300 } 3301 3302 static struct hlist_node * 3303 br_multicast_get_rport_slot(struct net_bridge_mcast *brmctx, 3304 struct net_bridge_port *port, 3305 struct hlist_head *mc_router_list) 3306 3307 { 3308 struct hlist_node *slot = NULL; 3309 struct net_bridge_port *p; 3310 struct hlist_node *rlist; 3311 3312 hlist_for_each(rlist, mc_router_list) { 3313 p = br_multicast_rport_from_node(brmctx, mc_router_list, rlist); 3314 3315 if ((unsigned long)port >= (unsigned long)p) 3316 break; 3317 3318 slot = rlist; 3319 } 3320 3321 return slot; 3322 } 3323 3324 static bool br_multicast_no_router_otherpf(struct net_bridge_mcast_port *pmctx, 3325 struct hlist_node *rnode) 3326 { 3327 #if IS_ENABLED(CONFIG_IPV6) 3328 if (rnode != &pmctx->ip6_rlist) 3329 return hlist_unhashed(&pmctx->ip6_rlist); 3330 else 3331 return hlist_unhashed(&pmctx->ip4_rlist); 3332 #else 3333 return true; 3334 #endif 3335 } 3336 3337 /* Add port to router_list 3338 * list is maintained ordered by pointer value 3339 * and locked by br->multicast_lock and RCU 3340 */ 3341 static void br_multicast_add_router(struct net_bridge_mcast *brmctx, 3342 struct net_bridge_mcast_port *pmctx, 3343 struct hlist_node *rlist, 3344 struct hlist_head *mc_router_list) 3345 { 3346 struct hlist_node *slot; 3347 3348 if (!hlist_unhashed(rlist)) 3349 return; 3350 3351 slot = br_multicast_get_rport_slot(brmctx, pmctx->port, mc_router_list); 3352 3353 if (slot) 3354 hlist_add_behind_rcu(rlist, slot); 3355 else 3356 hlist_add_head_rcu(rlist, mc_router_list); 3357 3358 /* For backwards compatibility for now, only notify if we 3359 * switched from no IPv4/IPv6 multicast router to a new 3360 * IPv4 or IPv6 multicast router. 3361 */ 3362 if (br_multicast_no_router_otherpf(pmctx, rlist)) { 3363 br_rtr_notify(pmctx->port->br->dev, pmctx, RTM_NEWMDB); 3364 br_port_mc_router_state_change(pmctx->port, true); 3365 } 3366 } 3367 3368 /* Add port to router_list 3369 * list is maintained ordered by pointer value 3370 * and locked by br->multicast_lock and RCU 3371 */ 3372 static void br_ip4_multicast_add_router(struct net_bridge_mcast *brmctx, 3373 struct net_bridge_mcast_port *pmctx) 3374 { 3375 br_multicast_add_router(brmctx, pmctx, &pmctx->ip4_rlist, 3376 &brmctx->ip4_mc_router_list); 3377 } 3378 3379 /* Add port to router_list 3380 * list is maintained ordered by pointer value 3381 * and locked by br->multicast_lock and RCU 3382 */ 3383 static void br_ip6_multicast_add_router(struct net_bridge_mcast *brmctx, 3384 struct net_bridge_mcast_port *pmctx) 3385 { 3386 #if IS_ENABLED(CONFIG_IPV6) 3387 br_multicast_add_router(brmctx, pmctx, &pmctx->ip6_rlist, 3388 &brmctx->ip6_mc_router_list); 3389 #endif 3390 } 3391 3392 static void br_multicast_mark_router(struct net_bridge_mcast *brmctx, 3393 struct net_bridge_mcast_port *pmctx, 3394 struct timer_list *timer, 3395 struct hlist_node *rlist, 3396 struct hlist_head *mc_router_list) 3397 { 3398 unsigned long now = jiffies; 3399 3400 if (!br_multicast_ctx_should_use(brmctx, pmctx)) 3401 return; 3402 3403 if (!pmctx) { 3404 if (brmctx->multicast_router == MDB_RTR_TYPE_TEMP_QUERY) { 3405 if (!br_ip4_multicast_is_router(brmctx) && 3406 !br_ip6_multicast_is_router(brmctx)) 3407 br_mc_router_state_change(brmctx->br, true); 3408 mod_timer(timer, now + brmctx->multicast_querier_interval); 3409 } 3410 return; 3411 } 3412 3413 if (pmctx->multicast_router == MDB_RTR_TYPE_DISABLED || 3414 pmctx->multicast_router == MDB_RTR_TYPE_PERM) 3415 return; 3416 3417 br_multicast_add_router(brmctx, pmctx, rlist, mc_router_list); 3418 mod_timer(timer, now + brmctx->multicast_querier_interval); 3419 } 3420 3421 static void br_ip4_multicast_mark_router(struct net_bridge_mcast *brmctx, 3422 struct net_bridge_mcast_port *pmctx) 3423 { 3424 struct timer_list *timer = &brmctx->ip4_mc_router_timer; 3425 struct hlist_node *rlist = NULL; 3426 3427 if (pmctx) { 3428 timer = &pmctx->ip4_mc_router_timer; 3429 rlist = &pmctx->ip4_rlist; 3430 } 3431 3432 br_multicast_mark_router(brmctx, pmctx, timer, rlist, 3433 &brmctx->ip4_mc_router_list); 3434 } 3435 3436 static void br_ip6_multicast_mark_router(struct net_bridge_mcast *brmctx, 3437 struct net_bridge_mcast_port *pmctx) 3438 { 3439 #if IS_ENABLED(CONFIG_IPV6) 3440 struct timer_list *timer = &brmctx->ip6_mc_router_timer; 3441 struct hlist_node *rlist = NULL; 3442 3443 if (pmctx) { 3444 timer = &pmctx->ip6_mc_router_timer; 3445 rlist = &pmctx->ip6_rlist; 3446 } 3447 3448 br_multicast_mark_router(brmctx, pmctx, timer, rlist, 3449 &brmctx->ip6_mc_router_list); 3450 #endif 3451 } 3452 3453 static void 3454 br_ip4_multicast_query_received(struct net_bridge_mcast *brmctx, 3455 struct net_bridge_mcast_port *pmctx, 3456 struct bridge_mcast_other_query *query, 3457 struct br_ip *saddr, 3458 unsigned long max_delay) 3459 { 3460 if (!br_multicast_select_querier(brmctx, pmctx, saddr)) 3461 return; 3462 3463 br_multicast_update_query_timer(brmctx, query, max_delay); 3464 br_ip4_multicast_mark_router(brmctx, pmctx); 3465 } 3466 3467 #if IS_ENABLED(CONFIG_IPV6) 3468 static void 3469 br_ip6_multicast_query_received(struct net_bridge_mcast *brmctx, 3470 struct net_bridge_mcast_port *pmctx, 3471 struct bridge_mcast_other_query *query, 3472 struct br_ip *saddr, 3473 unsigned long max_delay) 3474 { 3475 if (!br_multicast_select_querier(brmctx, pmctx, saddr)) 3476 return; 3477 3478 br_multicast_update_query_timer(brmctx, query, max_delay); 3479 br_ip6_multicast_mark_router(brmctx, pmctx); 3480 } 3481 #endif 3482 3483 static void br_ip4_multicast_query(struct net_bridge_mcast *brmctx, 3484 struct net_bridge_mcast_port *pmctx, 3485 struct sk_buff *skb, 3486 u16 vid) 3487 { 3488 unsigned int transport_len = ip_transport_len(skb); 3489 const struct iphdr *iph = ip_hdr(skb); 3490 struct igmphdr *ih = igmp_hdr(skb); 3491 struct net_bridge_mdb_entry *mp; 3492 struct igmpv3_query *ih3; 3493 struct net_bridge_port_group *p; 3494 struct net_bridge_port_group __rcu **pp; 3495 struct br_ip saddr = {}; 3496 unsigned long max_delay; 3497 unsigned long now = jiffies; 3498 __be32 group; 3499 3500 spin_lock(&brmctx->br->multicast_lock); 3501 if (!br_multicast_ctx_should_use(brmctx, pmctx)) 3502 goto out; 3503 3504 group = ih->group; 3505 3506 if (transport_len == sizeof(*ih)) { 3507 max_delay = ih->code * (HZ / IGMP_TIMER_SCALE); 3508 3509 if (!max_delay) { 3510 max_delay = 10 * HZ; 3511 group = 0; 3512 } 3513 } else if (transport_len >= sizeof(*ih3)) { 3514 ih3 = igmpv3_query_hdr(skb); 3515 if (ih3->nsrcs || 3516 (brmctx->multicast_igmp_version == 3 && group && 3517 ih3->suppress)) 3518 goto out; 3519 3520 max_delay = ih3->code ? 3521 igmpv3_mrt(ih3) * (HZ / IGMP_TIMER_SCALE) : 1; 3522 } else { 3523 goto out; 3524 } 3525 3526 if (!group) { 3527 saddr.proto = htons(ETH_P_IP); 3528 saddr.src.ip4 = iph->saddr; 3529 3530 br_ip4_multicast_query_received(brmctx, pmctx, 3531 &brmctx->ip4_other_query, 3532 &saddr, max_delay); 3533 goto out; 3534 } 3535 3536 mp = br_mdb_ip4_get(brmctx->br, group, vid); 3537 if (!mp) 3538 goto out; 3539 3540 max_delay *= brmctx->multicast_last_member_count; 3541 3542 if (mp->host_joined && 3543 (timer_pending(&mp->timer) ? 3544 time_after(mp->timer.expires, now + max_delay) : 3545 timer_delete_sync_try(&mp->timer) >= 0)) 3546 mod_timer(&mp->timer, now + max_delay); 3547 3548 for (pp = &mp->ports; 3549 (p = mlock_dereference(*pp, brmctx->br)) != NULL; 3550 pp = &p->next) { 3551 if (timer_pending(&p->timer) ? 3552 time_after(p->timer.expires, now + max_delay) : 3553 timer_delete_sync_try(&p->timer) >= 0 && 3554 (brmctx->multicast_igmp_version == 2 || 3555 p->filter_mode == MCAST_EXCLUDE)) 3556 mod_timer(&p->timer, now + max_delay); 3557 } 3558 3559 out: 3560 spin_unlock(&brmctx->br->multicast_lock); 3561 } 3562 3563 #if IS_ENABLED(CONFIG_IPV6) 3564 static int br_ip6_multicast_query(struct net_bridge_mcast *brmctx, 3565 struct net_bridge_mcast_port *pmctx, 3566 struct sk_buff *skb, 3567 u16 vid) 3568 { 3569 unsigned int transport_len = ipv6_transport_len(skb); 3570 struct mld_msg *mld; 3571 struct net_bridge_mdb_entry *mp; 3572 struct mld2_query *mld2q; 3573 struct net_bridge_port_group *p; 3574 struct net_bridge_port_group __rcu **pp; 3575 struct br_ip saddr = {}; 3576 unsigned long max_delay; 3577 unsigned long now = jiffies; 3578 unsigned int offset = skb_transport_offset(skb); 3579 const struct in6_addr *group = NULL; 3580 bool is_general_query; 3581 int err = 0; 3582 3583 spin_lock(&brmctx->br->multicast_lock); 3584 if (!br_multicast_ctx_should_use(brmctx, pmctx)) 3585 goto out; 3586 3587 if (transport_len == sizeof(*mld)) { 3588 if (!pskb_may_pull(skb, offset + sizeof(*mld))) { 3589 err = -EINVAL; 3590 goto out; 3591 } 3592 mld = (struct mld_msg *) icmp6_hdr(skb); 3593 max_delay = msecs_to_jiffies(ntohs(mld->mld_maxdelay)); 3594 if (max_delay) 3595 group = &mld->mld_mca; 3596 } else { 3597 if (!pskb_may_pull(skb, offset + sizeof(*mld2q))) { 3598 err = -EINVAL; 3599 goto out; 3600 } 3601 mld2q = (struct mld2_query *)icmp6_hdr(skb); 3602 if (!mld2q->mld2q_nsrcs) 3603 group = &mld2q->mld2q_mca; 3604 if (brmctx->multicast_mld_version == 2 && 3605 !ipv6_addr_any(&mld2q->mld2q_mca) && 3606 mld2q->mld2q_suppress) 3607 goto out; 3608 3609 max_delay = max(msecs_to_jiffies(mldv2_mrd(mld2q)), 1UL); 3610 } 3611 3612 is_general_query = group && ipv6_addr_any(group); 3613 3614 if (is_general_query) { 3615 saddr.proto = htons(ETH_P_IPV6); 3616 saddr.src.ip6 = ipv6_hdr(skb)->saddr; 3617 3618 br_ip6_multicast_query_received(brmctx, pmctx, 3619 &brmctx->ip6_other_query, 3620 &saddr, max_delay); 3621 goto out; 3622 } else if (!group) { 3623 goto out; 3624 } 3625 3626 mp = br_mdb_ip6_get(brmctx->br, group, vid); 3627 if (!mp) 3628 goto out; 3629 3630 max_delay *= brmctx->multicast_last_member_count; 3631 if (mp->host_joined && 3632 (timer_pending(&mp->timer) ? 3633 time_after(mp->timer.expires, now + max_delay) : 3634 timer_delete_sync_try(&mp->timer) >= 0)) 3635 mod_timer(&mp->timer, now + max_delay); 3636 3637 for (pp = &mp->ports; 3638 (p = mlock_dereference(*pp, brmctx->br)) != NULL; 3639 pp = &p->next) { 3640 if (timer_pending(&p->timer) ? 3641 time_after(p->timer.expires, now + max_delay) : 3642 timer_delete_sync_try(&p->timer) >= 0 && 3643 (brmctx->multicast_mld_version == 1 || 3644 p->filter_mode == MCAST_EXCLUDE)) 3645 mod_timer(&p->timer, now + max_delay); 3646 } 3647 3648 out: 3649 spin_unlock(&brmctx->br->multicast_lock); 3650 return err; 3651 } 3652 #endif 3653 3654 static void 3655 br_multicast_leave_group(struct net_bridge_mcast *brmctx, 3656 struct net_bridge_mcast_port *pmctx, 3657 struct br_ip *group, 3658 struct bridge_mcast_other_query *other_query, 3659 struct bridge_mcast_own_query *own_query, 3660 const unsigned char *src) 3661 { 3662 struct net_bridge_mdb_entry *mp; 3663 struct net_bridge_port_group *p; 3664 unsigned long now; 3665 unsigned long time; 3666 3667 spin_lock(&brmctx->br->multicast_lock); 3668 if (!br_multicast_ctx_should_use(brmctx, pmctx)) 3669 goto out; 3670 3671 mp = br_mdb_ip_get(brmctx->br, group); 3672 if (!mp) 3673 goto out; 3674 3675 if (pmctx && 3676 test_bit(BR_MULTICAST_FAST_LEAVE_BIT, &pmctx->port->flags)) { 3677 struct net_bridge_port_group __rcu **pp; 3678 3679 for (pp = &mp->ports; 3680 (p = mlock_dereference(*pp, brmctx->br)) != NULL; 3681 pp = &p->next) { 3682 if (!br_port_group_equal(p, pmctx->port, src)) 3683 continue; 3684 3685 if (p->flags & MDB_PG_FLAGS_PERMANENT) 3686 break; 3687 3688 p->flags |= MDB_PG_FLAGS_FAST_LEAVE; 3689 br_multicast_del_pg(mp, p, pp); 3690 } 3691 goto out; 3692 } 3693 3694 if (timer_pending(&other_query->timer)) 3695 goto out; 3696 3697 if (brmctx->multicast_querier) { 3698 __br_multicast_send_query(brmctx, pmctx, NULL, NULL, &mp->addr, 3699 false, 0, NULL); 3700 3701 time = jiffies + brmctx->multicast_last_member_count * 3702 brmctx->multicast_last_member_interval; 3703 3704 mod_timer(&own_query->timer, time); 3705 3706 for (p = mlock_dereference(mp->ports, brmctx->br); 3707 p != NULL && pmctx != NULL; 3708 p = mlock_dereference(p->next, brmctx->br)) { 3709 if (!br_port_group_equal(p, pmctx->port, src)) 3710 continue; 3711 3712 if (!hlist_unhashed(&p->mglist) && 3713 (timer_pending(&p->timer) ? 3714 time_after(p->timer.expires, time) : 3715 timer_delete_sync_try(&p->timer) >= 0)) { 3716 mod_timer(&p->timer, time); 3717 } 3718 3719 break; 3720 } 3721 } 3722 3723 now = jiffies; 3724 time = now + brmctx->multicast_last_member_count * 3725 brmctx->multicast_last_member_interval; 3726 3727 if (!pmctx) { 3728 if (mp->host_joined && 3729 (timer_pending(&mp->timer) ? 3730 time_after(mp->timer.expires, time) : 3731 timer_delete_sync_try(&mp->timer) >= 0)) { 3732 mod_timer(&mp->timer, time); 3733 } 3734 3735 goto out; 3736 } 3737 3738 for (p = mlock_dereference(mp->ports, brmctx->br); 3739 p != NULL; 3740 p = mlock_dereference(p->next, brmctx->br)) { 3741 if (p->key.port != pmctx->port) 3742 continue; 3743 3744 if (!hlist_unhashed(&p->mglist) && 3745 (timer_pending(&p->timer) ? 3746 time_after(p->timer.expires, time) : 3747 timer_delete_sync_try(&p->timer) >= 0)) { 3748 mod_timer(&p->timer, time); 3749 } 3750 3751 break; 3752 } 3753 out: 3754 spin_unlock(&brmctx->br->multicast_lock); 3755 } 3756 3757 static void br_ip4_multicast_leave_group(struct net_bridge_mcast *brmctx, 3758 struct net_bridge_mcast_port *pmctx, 3759 __be32 group, 3760 __u16 vid, 3761 const unsigned char *src) 3762 { 3763 struct br_ip br_group; 3764 struct bridge_mcast_own_query *own_query; 3765 3766 if (ipv4_is_local_multicast(group)) 3767 return; 3768 3769 own_query = pmctx ? &pmctx->ip4_own_query : &brmctx->ip4_own_query; 3770 3771 memset(&br_group, 0, sizeof(br_group)); 3772 br_group.dst.ip4 = group; 3773 br_group.proto = htons(ETH_P_IP); 3774 br_group.vid = vid; 3775 3776 br_multicast_leave_group(brmctx, pmctx, &br_group, 3777 &brmctx->ip4_other_query, 3778 own_query, src); 3779 } 3780 3781 #if IS_ENABLED(CONFIG_IPV6) 3782 static void br_ip6_multicast_leave_group(struct net_bridge_mcast *brmctx, 3783 struct net_bridge_mcast_port *pmctx, 3784 const struct in6_addr *group, 3785 __u16 vid, 3786 const unsigned char *src) 3787 { 3788 struct br_ip br_group; 3789 struct bridge_mcast_own_query *own_query; 3790 3791 if (ipv6_addr_is_ll_all_nodes(group)) 3792 return; 3793 3794 own_query = pmctx ? &pmctx->ip6_own_query : &brmctx->ip6_own_query; 3795 3796 memset(&br_group, 0, sizeof(br_group)); 3797 br_group.dst.ip6 = *group; 3798 br_group.proto = htons(ETH_P_IPV6); 3799 br_group.vid = vid; 3800 3801 br_multicast_leave_group(brmctx, pmctx, &br_group, 3802 &brmctx->ip6_other_query, 3803 own_query, src); 3804 } 3805 #endif 3806 3807 static void br_multicast_err_count(const struct net_bridge *br, 3808 const struct net_bridge_port *p, 3809 __be16 proto) 3810 { 3811 struct bridge_mcast_stats __percpu *stats; 3812 struct bridge_mcast_stats *pstats; 3813 3814 if (!br_opt_get(br, BROPT_MULTICAST_STATS_ENABLED)) 3815 return; 3816 3817 if (p) 3818 stats = p->mcast_stats; 3819 else 3820 stats = br->mcast_stats; 3821 if (WARN_ON(!stats)) 3822 return; 3823 3824 pstats = this_cpu_ptr(stats); 3825 3826 u64_stats_update_begin(&pstats->syncp); 3827 switch (proto) { 3828 case htons(ETH_P_IP): 3829 pstats->mstats.igmp_parse_errors++; 3830 break; 3831 #if IS_ENABLED(CONFIG_IPV6) 3832 case htons(ETH_P_IPV6): 3833 pstats->mstats.mld_parse_errors++; 3834 break; 3835 #endif 3836 } 3837 u64_stats_update_end(&pstats->syncp); 3838 } 3839 3840 static void br_multicast_pim(struct net_bridge_mcast *brmctx, 3841 struct net_bridge_mcast_port *pmctx, 3842 const struct sk_buff *skb) 3843 { 3844 unsigned int offset = skb_transport_offset(skb); 3845 struct pimhdr *pimhdr, _pimhdr; 3846 3847 pimhdr = skb_header_pointer(skb, offset, sizeof(_pimhdr), &_pimhdr); 3848 if (!pimhdr || pim_hdr_version(pimhdr) != PIM_VERSION || 3849 pim_hdr_type(pimhdr) != PIM_TYPE_HELLO) 3850 return; 3851 3852 spin_lock(&brmctx->br->multicast_lock); 3853 br_ip4_multicast_mark_router(brmctx, pmctx); 3854 spin_unlock(&brmctx->br->multicast_lock); 3855 } 3856 3857 static int br_ip4_multicast_mrd_rcv(struct net_bridge_mcast *brmctx, 3858 struct net_bridge_mcast_port *pmctx, 3859 struct sk_buff *skb) 3860 { 3861 if (ip_hdr(skb)->protocol != IPPROTO_IGMP || 3862 igmp_hdr(skb)->type != IGMP_MRDISC_ADV) 3863 return -ENOMSG; 3864 3865 spin_lock(&brmctx->br->multicast_lock); 3866 br_ip4_multicast_mark_router(brmctx, pmctx); 3867 spin_unlock(&brmctx->br->multicast_lock); 3868 3869 return 0; 3870 } 3871 3872 static int br_multicast_ipv4_rcv(struct net_bridge_mcast *brmctx, 3873 struct net_bridge_mcast_port *pmctx, 3874 struct sk_buff *skb, 3875 u16 vid) 3876 { 3877 struct net_bridge_port *p = pmctx ? pmctx->port : NULL; 3878 const unsigned char *src; 3879 struct igmphdr *ih; 3880 int err; 3881 3882 err = ip_mc_check_igmp(skb); 3883 3884 if (err == -ENOMSG) { 3885 if (!ipv4_is_local_multicast(ip_hdr(skb)->daddr)) { 3886 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 3887 } else if (pim_ipv4_all_pim_routers(ip_hdr(skb)->daddr)) { 3888 if (ip_hdr(skb)->protocol == IPPROTO_PIM) 3889 br_multicast_pim(brmctx, pmctx, skb); 3890 } else if (ipv4_is_all_snoopers(ip_hdr(skb)->daddr)) { 3891 br_ip4_multicast_mrd_rcv(brmctx, pmctx, skb); 3892 } 3893 3894 return 0; 3895 } else if (err < 0) { 3896 br_multicast_err_count(brmctx->br, p, skb->protocol); 3897 return err; 3898 } 3899 3900 ih = igmp_hdr(skb); 3901 src = eth_hdr(skb)->h_source; 3902 BR_INPUT_SKB_CB(skb)->igmp = ih->type; 3903 3904 switch (ih->type) { 3905 case IGMP_HOST_MEMBERSHIP_REPORT: 3906 case IGMPV2_HOST_MEMBERSHIP_REPORT: 3907 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 3908 err = br_ip4_multicast_add_group(brmctx, pmctx, ih->group, vid, 3909 src, true); 3910 break; 3911 case IGMPV3_HOST_MEMBERSHIP_REPORT: 3912 err = br_ip4_multicast_igmp3_report(brmctx, pmctx, skb, vid); 3913 break; 3914 case IGMP_HOST_MEMBERSHIP_QUERY: 3915 br_ip4_multicast_query(brmctx, pmctx, skb, vid); 3916 break; 3917 case IGMP_HOST_LEAVE_MESSAGE: 3918 br_ip4_multicast_leave_group(brmctx, pmctx, ih->group, vid, src); 3919 break; 3920 } 3921 3922 br_multicast_count(brmctx->br, p, skb, BR_INPUT_SKB_CB(skb)->igmp, 3923 BR_MCAST_DIR_RX); 3924 3925 return err; 3926 } 3927 3928 #if IS_ENABLED(CONFIG_IPV6) 3929 static void br_ip6_multicast_mrd_rcv(struct net_bridge_mcast *brmctx, 3930 struct net_bridge_mcast_port *pmctx, 3931 struct sk_buff *skb) 3932 { 3933 if (icmp6_hdr(skb)->icmp6_type != ICMPV6_MRDISC_ADV) 3934 return; 3935 3936 spin_lock(&brmctx->br->multicast_lock); 3937 br_ip6_multicast_mark_router(brmctx, pmctx); 3938 spin_unlock(&brmctx->br->multicast_lock); 3939 } 3940 3941 static int br_multicast_ipv6_rcv(struct net_bridge_mcast *brmctx, 3942 struct net_bridge_mcast_port *pmctx, 3943 struct sk_buff *skb, 3944 u16 vid) 3945 { 3946 struct net_bridge_port *p = pmctx ? pmctx->port : NULL; 3947 const unsigned char *src; 3948 struct mld_msg *mld; 3949 int err; 3950 3951 err = ipv6_mc_check_mld(skb); 3952 3953 if (err == -ENOMSG || err == -ENODATA) { 3954 if (!ipv6_addr_is_ll_all_nodes(&ipv6_hdr(skb)->daddr)) 3955 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 3956 if (err == -ENODATA && 3957 ipv6_addr_is_all_snoopers(&ipv6_hdr(skb)->daddr)) 3958 br_ip6_multicast_mrd_rcv(brmctx, pmctx, skb); 3959 3960 return 0; 3961 } else if (err < 0) { 3962 br_multicast_err_count(brmctx->br, p, skb->protocol); 3963 return err; 3964 } 3965 3966 mld = (struct mld_msg *)skb_transport_header(skb); 3967 BR_INPUT_SKB_CB(skb)->igmp = mld->mld_type; 3968 3969 switch (mld->mld_type) { 3970 case ICMPV6_MGM_REPORT: 3971 src = eth_hdr(skb)->h_source; 3972 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 3973 err = br_ip6_multicast_add_group(brmctx, pmctx, &mld->mld_mca, 3974 vid, src, true); 3975 break; 3976 case ICMPV6_MLD2_REPORT: 3977 err = br_ip6_multicast_mld2_report(brmctx, pmctx, skb, vid); 3978 break; 3979 case ICMPV6_MGM_QUERY: 3980 err = br_ip6_multicast_query(brmctx, pmctx, skb, vid); 3981 break; 3982 case ICMPV6_MGM_REDUCTION: 3983 src = eth_hdr(skb)->h_source; 3984 br_ip6_multicast_leave_group(brmctx, pmctx, &mld->mld_mca, vid, 3985 src); 3986 break; 3987 } 3988 3989 br_multicast_count(brmctx->br, p, skb, BR_INPUT_SKB_CB(skb)->igmp, 3990 BR_MCAST_DIR_RX); 3991 3992 return err; 3993 } 3994 #endif 3995 3996 int br_multicast_rcv(struct net_bridge_mcast **brmctx, 3997 struct net_bridge_mcast_port **pmctx, 3998 struct net_bridge_vlan *vlan, 3999 struct sk_buff *skb, u16 vid) 4000 { 4001 int ret = 0; 4002 4003 BR_INPUT_SKB_CB(skb)->igmp = 0; 4004 BR_INPUT_SKB_CB(skb)->mrouters_only = 0; 4005 4006 if (!br_opt_get((*brmctx)->br, BROPT_MULTICAST_ENABLED)) 4007 return 0; 4008 4009 if (br_opt_get((*brmctx)->br, BROPT_MCAST_VLAN_SNOOPING_ENABLED) && vlan) { 4010 const struct net_bridge_vlan *masterv; 4011 4012 /* the vlan has the master flag set only when transmitting 4013 * through the bridge device 4014 */ 4015 if (br_vlan_is_master(vlan)) { 4016 masterv = vlan; 4017 *brmctx = &vlan->br_mcast_ctx; 4018 *pmctx = NULL; 4019 } else { 4020 masterv = vlan->brvlan; 4021 *brmctx = &vlan->brvlan->br_mcast_ctx; 4022 *pmctx = &vlan->port_mcast_ctx; 4023 } 4024 4025 if (!(masterv->priv_flags & BR_VLFLAG_GLOBAL_MCAST_ENABLED)) 4026 return 0; 4027 } 4028 4029 switch (skb->protocol) { 4030 case htons(ETH_P_IP): 4031 ret = br_multicast_ipv4_rcv(*brmctx, *pmctx, skb, vid); 4032 break; 4033 #if IS_ENABLED(CONFIG_IPV6) 4034 case htons(ETH_P_IPV6): 4035 ret = br_multicast_ipv6_rcv(*brmctx, *pmctx, skb, vid); 4036 break; 4037 #endif 4038 } 4039 4040 return ret; 4041 } 4042 4043 static void br_multicast_query_expired(struct net_bridge_mcast *brmctx, 4044 struct bridge_mcast_own_query *query) 4045 { 4046 spin_lock(&brmctx->br->multicast_lock); 4047 if (br_multicast_ctx_vlan_disabled(brmctx)) 4048 goto out; 4049 4050 if (query->startup_sent < brmctx->multicast_startup_query_count) 4051 query->startup_sent++; 4052 4053 br_multicast_send_query(brmctx, NULL, query); 4054 out: 4055 spin_unlock(&brmctx->br->multicast_lock); 4056 } 4057 4058 static void br_ip4_multicast_query_expired(struct timer_list *t) 4059 { 4060 struct net_bridge_mcast *brmctx = timer_container_of(brmctx, t, 4061 ip4_own_query.timer); 4062 4063 br_multicast_query_expired(brmctx, &brmctx->ip4_own_query); 4064 } 4065 4066 #if IS_ENABLED(CONFIG_IPV6) 4067 static void br_ip6_multicast_query_expired(struct timer_list *t) 4068 { 4069 struct net_bridge_mcast *brmctx = timer_container_of(brmctx, t, 4070 ip6_own_query.timer); 4071 4072 br_multicast_query_expired(brmctx, &brmctx->ip6_own_query); 4073 } 4074 #endif 4075 4076 static void br_multicast_gc_work(struct work_struct *work) 4077 { 4078 struct net_bridge *br = container_of(work, struct net_bridge, 4079 mcast_gc_work); 4080 HLIST_HEAD(deleted_head); 4081 4082 spin_lock_bh(&br->multicast_lock); 4083 hlist_move_list(&br->mcast_gc_list, &deleted_head); 4084 spin_unlock_bh(&br->multicast_lock); 4085 4086 br_multicast_gc(&deleted_head); 4087 } 4088 4089 void br_multicast_ctx_init(struct net_bridge *br, 4090 struct net_bridge_vlan *vlan, 4091 struct net_bridge_mcast *brmctx) 4092 { 4093 brmctx->br = br; 4094 brmctx->vlan = vlan; 4095 brmctx->multicast_router = MDB_RTR_TYPE_TEMP_QUERY; 4096 brmctx->multicast_last_member_count = 2; 4097 brmctx->multicast_startup_query_count = 2; 4098 4099 brmctx->multicast_last_member_interval = HZ; 4100 brmctx->multicast_query_response_interval = 10 * HZ; 4101 brmctx->multicast_startup_query_interval = 125 * HZ / 4; 4102 brmctx->multicast_query_interval = 125 * HZ; 4103 brmctx->multicast_querier_interval = 255 * HZ; 4104 brmctx->multicast_membership_interval = 260 * HZ; 4105 4106 brmctx->ip4_querier.port_ifidx = 0; 4107 seqcount_spinlock_init(&brmctx->ip4_querier.seq, &br->multicast_lock); 4108 brmctx->multicast_igmp_version = 2; 4109 #if IS_ENABLED(CONFIG_IPV6) 4110 brmctx->multicast_mld_version = 1; 4111 brmctx->ip6_querier.port_ifidx = 0; 4112 seqcount_spinlock_init(&brmctx->ip6_querier.seq, &br->multicast_lock); 4113 #endif 4114 4115 timer_setup(&brmctx->ip4_mc_router_timer, 4116 br_ip4_multicast_local_router_expired, 0); 4117 timer_setup(&brmctx->ip4_other_query.timer, 4118 br_ip4_multicast_querier_expired, 0); 4119 timer_setup(&brmctx->ip4_other_query.delay_timer, 4120 br_multicast_query_delay_expired, 0); 4121 timer_setup(&brmctx->ip4_own_query.timer, 4122 br_ip4_multicast_query_expired, 0); 4123 #if IS_ENABLED(CONFIG_IPV6) 4124 timer_setup(&brmctx->ip6_mc_router_timer, 4125 br_ip6_multicast_local_router_expired, 0); 4126 timer_setup(&brmctx->ip6_other_query.timer, 4127 br_ip6_multicast_querier_expired, 0); 4128 timer_setup(&brmctx->ip6_other_query.delay_timer, 4129 br_multicast_query_delay_expired, 0); 4130 timer_setup(&brmctx->ip6_own_query.timer, 4131 br_ip6_multicast_query_expired, 0); 4132 #endif 4133 } 4134 4135 void br_multicast_ctx_deinit(struct net_bridge_mcast *brmctx) 4136 { 4137 __br_multicast_stop(brmctx); 4138 } 4139 4140 void br_multicast_init(struct net_bridge *br) 4141 { 4142 br->hash_max = BR_MULTICAST_DEFAULT_HASH_MAX; 4143 4144 br_multicast_ctx_init(br, NULL, &br->multicast_ctx); 4145 4146 br_opt_toggle(br, BROPT_MULTICAST_ENABLED, true); 4147 br_opt_toggle(br, BROPT_HAS_IPV6_ADDR, true); 4148 4149 spin_lock_init(&br->multicast_lock); 4150 INIT_HLIST_HEAD(&br->mdb_list); 4151 INIT_HLIST_HEAD(&br->mcast_gc_list); 4152 INIT_WORK(&br->mcast_gc_work, br_multicast_gc_work); 4153 } 4154 4155 static void br_ip4_multicast_join_snoopers(struct net_bridge *br) 4156 { 4157 struct in_device *in_dev = in_dev_get(br->dev); 4158 4159 if (!in_dev) 4160 return; 4161 4162 __ip_mc_inc_group(in_dev, htonl(INADDR_ALLSNOOPERS_GROUP), GFP_ATOMIC); 4163 in_dev_put(in_dev); 4164 } 4165 4166 #if IS_ENABLED(CONFIG_IPV6) 4167 static void br_ip6_multicast_join_snoopers(struct net_bridge *br) 4168 { 4169 struct in6_addr addr; 4170 4171 ipv6_addr_set(&addr, htonl(0xff020000), 0, 0, htonl(0x6a)); 4172 ipv6_dev_mc_inc(br->dev, &addr); 4173 } 4174 #else 4175 static inline void br_ip6_multicast_join_snoopers(struct net_bridge *br) 4176 { 4177 } 4178 #endif 4179 4180 void br_multicast_join_snoopers(struct net_bridge *br) 4181 { 4182 br_ip4_multicast_join_snoopers(br); 4183 br_ip6_multicast_join_snoopers(br); 4184 } 4185 4186 static void br_ip4_multicast_leave_snoopers(struct net_bridge *br) 4187 { 4188 struct in_device *in_dev = in_dev_get(br->dev); 4189 4190 if (WARN_ON(!in_dev)) 4191 return; 4192 4193 __ip_mc_dec_group(in_dev, htonl(INADDR_ALLSNOOPERS_GROUP), GFP_ATOMIC); 4194 in_dev_put(in_dev); 4195 } 4196 4197 #if IS_ENABLED(CONFIG_IPV6) 4198 static void br_ip6_multicast_leave_snoopers(struct net_bridge *br) 4199 { 4200 struct in6_addr addr; 4201 4202 ipv6_addr_set(&addr, htonl(0xff020000), 0, 0, htonl(0x6a)); 4203 ipv6_dev_mc_dec(br->dev, &addr); 4204 } 4205 #else 4206 static inline void br_ip6_multicast_leave_snoopers(struct net_bridge *br) 4207 { 4208 } 4209 #endif 4210 4211 void br_multicast_leave_snoopers(struct net_bridge *br) 4212 { 4213 br_ip4_multicast_leave_snoopers(br); 4214 br_ip6_multicast_leave_snoopers(br); 4215 } 4216 4217 static void __br_multicast_open_query(struct net_bridge *br, 4218 struct bridge_mcast_own_query *query) 4219 { 4220 query->startup_sent = 0; 4221 4222 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED)) 4223 return; 4224 4225 mod_timer(&query->timer, jiffies); 4226 } 4227 4228 static void __br_multicast_open(struct net_bridge_mcast *brmctx) 4229 { 4230 __br_multicast_open_query(brmctx->br, &brmctx->ip4_own_query); 4231 #if IS_ENABLED(CONFIG_IPV6) 4232 __br_multicast_open_query(brmctx->br, &brmctx->ip6_own_query); 4233 #endif 4234 } 4235 4236 void br_multicast_open(struct net_bridge *br) 4237 { 4238 ASSERT_RTNL(); 4239 4240 if (br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED)) { 4241 struct net_bridge_vlan_group *vg; 4242 struct net_bridge_vlan *vlan; 4243 4244 vg = br_vlan_group(br); 4245 if (vg) { 4246 list_for_each_entry(vlan, &vg->vlan_list, vlist) { 4247 struct net_bridge_mcast *brmctx; 4248 4249 brmctx = &vlan->br_mcast_ctx; 4250 if (br_vlan_is_brentry(vlan) && 4251 !br_multicast_ctx_vlan_disabled(brmctx)) 4252 __br_multicast_open(&vlan->br_mcast_ctx); 4253 } 4254 } 4255 } else { 4256 __br_multicast_open(&br->multicast_ctx); 4257 } 4258 } 4259 4260 static void __br_multicast_stop(struct net_bridge_mcast *brmctx) 4261 { 4262 timer_delete_sync(&brmctx->ip4_mc_router_timer); 4263 timer_delete_sync(&brmctx->ip4_other_query.timer); 4264 timer_delete_sync(&brmctx->ip4_other_query.delay_timer); 4265 timer_delete_sync(&brmctx->ip4_own_query.timer); 4266 #if IS_ENABLED(CONFIG_IPV6) 4267 timer_delete_sync(&brmctx->ip6_mc_router_timer); 4268 timer_delete_sync(&brmctx->ip6_other_query.timer); 4269 timer_delete_sync(&brmctx->ip6_other_query.delay_timer); 4270 timer_delete_sync(&brmctx->ip6_own_query.timer); 4271 #endif 4272 } 4273 4274 void br_multicast_update_vlan_mcast_ctx(struct net_bridge_vlan *v, u8 state) 4275 { 4276 #if IS_ENABLED(CONFIG_BRIDGE_VLAN_FILTERING) 4277 struct net_bridge *br; 4278 4279 if (!br_vlan_should_use(v)) 4280 return; 4281 4282 if (br_vlan_is_master(v)) 4283 return; 4284 4285 br = v->port->br; 4286 4287 if (!br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED)) 4288 return; 4289 4290 if (br_vlan_state_allowed(state, true)) 4291 br_multicast_enable_port_ctx(&v->port_mcast_ctx); 4292 4293 /* Multicast is not disabled for the vlan when it goes in 4294 * blocking state because the timers will expire and stop by 4295 * themselves without sending more queries. 4296 */ 4297 #endif 4298 } 4299 4300 void br_multicast_toggle_one_vlan(struct net_bridge_vlan *vlan, bool on) 4301 { 4302 struct net_bridge *br; 4303 4304 /* it's okay to check for the flag without the multicast lock because it 4305 * can only change under RTNL -> multicast_lock, we need the latter to 4306 * sync with timers and packets 4307 */ 4308 if (on == !!(vlan->priv_flags & BR_VLFLAG_MCAST_ENABLED)) 4309 return; 4310 4311 if (br_vlan_is_master(vlan)) { 4312 br = vlan->br; 4313 4314 if (!br_vlan_is_brentry(vlan) || 4315 (on && 4316 br_multicast_ctx_vlan_global_disabled(&vlan->br_mcast_ctx))) 4317 return; 4318 4319 spin_lock_bh(&br->multicast_lock); 4320 vlan->priv_flags ^= BR_VLFLAG_MCAST_ENABLED; 4321 spin_unlock_bh(&br->multicast_lock); 4322 4323 if (on) 4324 __br_multicast_open(&vlan->br_mcast_ctx); 4325 else 4326 __br_multicast_stop(&vlan->br_mcast_ctx); 4327 } else { 4328 struct net_bridge_mcast *brmctx; 4329 4330 brmctx = br_multicast_port_ctx_get_global(&vlan->port_mcast_ctx); 4331 if (on && br_multicast_ctx_vlan_global_disabled(brmctx)) 4332 return; 4333 4334 br = vlan->port->br; 4335 spin_lock_bh(&br->multicast_lock); 4336 vlan->priv_flags ^= BR_VLFLAG_MCAST_ENABLED; 4337 if (on) 4338 __br_multicast_enable_port_ctx(&vlan->port_mcast_ctx); 4339 else 4340 __br_multicast_disable_port_ctx(&vlan->port_mcast_ctx); 4341 spin_unlock_bh(&br->multicast_lock); 4342 } 4343 } 4344 4345 static void br_multicast_toggle_vlan(struct net_bridge_vlan *vlan, bool on) 4346 { 4347 struct net_bridge_port *p; 4348 4349 if (WARN_ON_ONCE(!br_vlan_is_master(vlan))) 4350 return; 4351 4352 list_for_each_entry(p, &vlan->br->port_list, list) { 4353 struct net_bridge_vlan *vport; 4354 4355 vport = br_vlan_find(nbp_vlan_group(p), vlan->vid); 4356 if (!vport) 4357 continue; 4358 br_multicast_toggle_one_vlan(vport, on); 4359 } 4360 4361 if (br_vlan_is_brentry(vlan)) 4362 br_multicast_toggle_one_vlan(vlan, on); 4363 } 4364 4365 int br_multicast_toggle_vlan_snooping(struct net_bridge *br, bool on, 4366 struct netlink_ext_ack *extack) 4367 { 4368 struct net_bridge_vlan_group *vg; 4369 struct net_bridge_vlan *vlan; 4370 struct net_bridge_port *p; 4371 4372 if (br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED) == on) 4373 return 0; 4374 4375 if (on && !br_opt_get(br, BROPT_VLAN_ENABLED)) { 4376 NL_SET_ERR_MSG_MOD(extack, "Cannot enable multicast vlan snooping with vlan filtering disabled"); 4377 return -EINVAL; 4378 } 4379 4380 vg = br_vlan_group(br); 4381 if (!vg) 4382 return 0; 4383 4384 br_opt_toggle(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED, on); 4385 4386 /* disable/enable non-vlan mcast contexts based on vlan snooping */ 4387 if (on) 4388 __br_multicast_stop(&br->multicast_ctx); 4389 else 4390 __br_multicast_open(&br->multicast_ctx); 4391 list_for_each_entry(p, &br->port_list, list) { 4392 if (on) 4393 br_multicast_disable_port_ctx(&p->multicast_ctx); 4394 else 4395 br_multicast_enable_port_ctx(&p->multicast_ctx); 4396 } 4397 4398 list_for_each_entry(vlan, &vg->vlan_list, vlist) 4399 br_multicast_toggle_vlan(vlan, on); 4400 4401 return 0; 4402 } 4403 4404 bool br_multicast_toggle_global_vlan(struct net_bridge_vlan *vlan, bool on) 4405 { 4406 ASSERT_RTNL(); 4407 4408 /* BR_VLFLAG_GLOBAL_MCAST_ENABLED relies on eventual consistency and 4409 * requires only RTNL to change 4410 */ 4411 if (on == !!(vlan->priv_flags & BR_VLFLAG_GLOBAL_MCAST_ENABLED)) 4412 return false; 4413 4414 vlan->priv_flags ^= BR_VLFLAG_GLOBAL_MCAST_ENABLED; 4415 br_multicast_toggle_vlan(vlan, on); 4416 4417 return true; 4418 } 4419 4420 void br_multicast_stop(struct net_bridge *br) 4421 { 4422 ASSERT_RTNL(); 4423 4424 if (br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED)) { 4425 struct net_bridge_vlan_group *vg; 4426 struct net_bridge_vlan *vlan; 4427 4428 vg = br_vlan_group(br); 4429 if (vg) { 4430 list_for_each_entry(vlan, &vg->vlan_list, vlist) { 4431 struct net_bridge_mcast *brmctx; 4432 4433 brmctx = &vlan->br_mcast_ctx; 4434 if (br_vlan_is_brentry(vlan) && 4435 !br_multicast_ctx_vlan_disabled(brmctx)) 4436 __br_multicast_stop(&vlan->br_mcast_ctx); 4437 } 4438 } 4439 } else { 4440 __br_multicast_stop(&br->multicast_ctx); 4441 } 4442 } 4443 4444 void br_multicast_dev_del(struct net_bridge *br) 4445 { 4446 struct net_bridge_mdb_entry *mp; 4447 HLIST_HEAD(deleted_head); 4448 struct hlist_node *tmp; 4449 4450 spin_lock_bh(&br->multicast_lock); 4451 hlist_for_each_entry_safe(mp, tmp, &br->mdb_list, mdb_node) 4452 br_multicast_del_mdb_entry(mp); 4453 hlist_move_list(&br->mcast_gc_list, &deleted_head); 4454 spin_unlock_bh(&br->multicast_lock); 4455 4456 br_multicast_ctx_deinit(&br->multicast_ctx); 4457 br_multicast_gc(&deleted_head); 4458 cancel_work_sync(&br->mcast_gc_work); 4459 } 4460 4461 int br_multicast_set_router(struct net_bridge_mcast *brmctx, unsigned long val) 4462 { 4463 int err = -EINVAL; 4464 4465 spin_lock_bh(&brmctx->br->multicast_lock); 4466 4467 switch (val) { 4468 case MDB_RTR_TYPE_DISABLED: 4469 case MDB_RTR_TYPE_PERM: 4470 br_mc_router_state_change(brmctx->br, val == MDB_RTR_TYPE_PERM); 4471 timer_delete(&brmctx->ip4_mc_router_timer); 4472 #if IS_ENABLED(CONFIG_IPV6) 4473 timer_delete(&brmctx->ip6_mc_router_timer); 4474 #endif 4475 brmctx->multicast_router = val; 4476 err = 0; 4477 break; 4478 case MDB_RTR_TYPE_TEMP_QUERY: 4479 if (brmctx->multicast_router != MDB_RTR_TYPE_TEMP_QUERY) 4480 br_mc_router_state_change(brmctx->br, false); 4481 brmctx->multicast_router = val; 4482 err = 0; 4483 break; 4484 } 4485 4486 spin_unlock_bh(&brmctx->br->multicast_lock); 4487 4488 return err; 4489 } 4490 4491 static void 4492 br_multicast_rport_del_notify(struct net_bridge_mcast_port *pmctx, bool deleted) 4493 { 4494 if (!deleted) 4495 return; 4496 4497 /* For backwards compatibility for now, only notify if there is 4498 * no multicast router anymore for both IPv4 and IPv6. 4499 */ 4500 if (!hlist_unhashed(&pmctx->ip4_rlist)) 4501 return; 4502 #if IS_ENABLED(CONFIG_IPV6) 4503 if (!hlist_unhashed(&pmctx->ip6_rlist)) 4504 return; 4505 #endif 4506 4507 br_rtr_notify(pmctx->port->br->dev, pmctx, RTM_DELMDB); 4508 br_port_mc_router_state_change(pmctx->port, false); 4509 4510 /* don't allow timer refresh */ 4511 if (pmctx->multicast_router == MDB_RTR_TYPE_TEMP) 4512 pmctx->multicast_router = MDB_RTR_TYPE_TEMP_QUERY; 4513 } 4514 4515 int br_multicast_set_port_router(struct net_bridge_mcast_port *pmctx, 4516 unsigned long val) 4517 { 4518 struct net_bridge_mcast *brmctx; 4519 unsigned long now = jiffies; 4520 int err = -EINVAL; 4521 bool del = false; 4522 4523 brmctx = br_multicast_port_ctx_get_global(pmctx); 4524 spin_lock_bh(&brmctx->br->multicast_lock); 4525 if (pmctx->multicast_router == val) { 4526 /* Refresh the temp router port timer */ 4527 if (pmctx->multicast_router == MDB_RTR_TYPE_TEMP) { 4528 mod_timer(&pmctx->ip4_mc_router_timer, 4529 now + brmctx->multicast_querier_interval); 4530 #if IS_ENABLED(CONFIG_IPV6) 4531 mod_timer(&pmctx->ip6_mc_router_timer, 4532 now + brmctx->multicast_querier_interval); 4533 #endif 4534 } 4535 err = 0; 4536 goto unlock; 4537 } 4538 switch (val) { 4539 case MDB_RTR_TYPE_DISABLED: 4540 pmctx->multicast_router = MDB_RTR_TYPE_DISABLED; 4541 del |= br_ip4_multicast_rport_del(pmctx); 4542 timer_delete(&pmctx->ip4_mc_router_timer); 4543 del |= br_ip6_multicast_rport_del(pmctx); 4544 #if IS_ENABLED(CONFIG_IPV6) 4545 timer_delete(&pmctx->ip6_mc_router_timer); 4546 #endif 4547 br_multicast_rport_del_notify(pmctx, del); 4548 break; 4549 case MDB_RTR_TYPE_TEMP_QUERY: 4550 pmctx->multicast_router = MDB_RTR_TYPE_TEMP_QUERY; 4551 del |= br_ip4_multicast_rport_del(pmctx); 4552 del |= br_ip6_multicast_rport_del(pmctx); 4553 br_multicast_rport_del_notify(pmctx, del); 4554 break; 4555 case MDB_RTR_TYPE_PERM: 4556 pmctx->multicast_router = MDB_RTR_TYPE_PERM; 4557 timer_delete(&pmctx->ip4_mc_router_timer); 4558 br_ip4_multicast_add_router(brmctx, pmctx); 4559 #if IS_ENABLED(CONFIG_IPV6) 4560 timer_delete(&pmctx->ip6_mc_router_timer); 4561 #endif 4562 br_ip6_multicast_add_router(brmctx, pmctx); 4563 break; 4564 case MDB_RTR_TYPE_TEMP: 4565 pmctx->multicast_router = MDB_RTR_TYPE_TEMP; 4566 br_ip4_multicast_mark_router(brmctx, pmctx); 4567 br_ip6_multicast_mark_router(brmctx, pmctx); 4568 break; 4569 default: 4570 goto unlock; 4571 } 4572 err = 0; 4573 unlock: 4574 spin_unlock_bh(&brmctx->br->multicast_lock); 4575 4576 return err; 4577 } 4578 4579 int br_multicast_set_vlan_router(struct net_bridge_vlan *v, u8 mcast_router) 4580 { 4581 int err; 4582 4583 if (br_vlan_is_master(v)) 4584 err = br_multicast_set_router(&v->br_mcast_ctx, mcast_router); 4585 else 4586 err = br_multicast_set_port_router(&v->port_mcast_ctx, 4587 mcast_router); 4588 4589 return err; 4590 } 4591 4592 static void br_multicast_start_querier(struct net_bridge_mcast *brmctx, 4593 struct bridge_mcast_own_query *query) 4594 { 4595 struct net_bridge_port *port; 4596 4597 if (!br_multicast_ctx_matches_vlan_snooping(brmctx)) 4598 return; 4599 4600 __br_multicast_open_query(brmctx->br, query); 4601 4602 rcu_read_lock(); 4603 list_for_each_entry_rcu(port, &brmctx->br->port_list, list) { 4604 struct bridge_mcast_own_query *ip4_own_query; 4605 #if IS_ENABLED(CONFIG_IPV6) 4606 struct bridge_mcast_own_query *ip6_own_query; 4607 #endif 4608 4609 if (br_multicast_port_ctx_state_stopped(&port->multicast_ctx)) 4610 continue; 4611 4612 if (br_multicast_ctx_is_vlan(brmctx)) { 4613 struct net_bridge_vlan *vlan; 4614 4615 vlan = br_vlan_find(nbp_vlan_group_rcu(port), 4616 brmctx->vlan->vid); 4617 if (!vlan || 4618 br_multicast_port_ctx_state_stopped(&vlan->port_mcast_ctx)) 4619 continue; 4620 4621 ip4_own_query = &vlan->port_mcast_ctx.ip4_own_query; 4622 #if IS_ENABLED(CONFIG_IPV6) 4623 ip6_own_query = &vlan->port_mcast_ctx.ip6_own_query; 4624 #endif 4625 } else { 4626 ip4_own_query = &port->multicast_ctx.ip4_own_query; 4627 #if IS_ENABLED(CONFIG_IPV6) 4628 ip6_own_query = &port->multicast_ctx.ip6_own_query; 4629 #endif 4630 } 4631 4632 if (query == &brmctx->ip4_own_query) 4633 br_multicast_enable(ip4_own_query); 4634 #if IS_ENABLED(CONFIG_IPV6) 4635 else 4636 br_multicast_enable(ip6_own_query); 4637 #endif 4638 } 4639 rcu_read_unlock(); 4640 } 4641 4642 static void br_multicast_enable_all_ports(struct net_bridge *br) 4643 { 4644 struct net_bridge_port *port; 4645 4646 if (br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED)) 4647 return; 4648 4649 list_for_each_entry(port, &br->port_list, list) 4650 __br_multicast_enable_port_ctx(&port->multicast_ctx); 4651 } 4652 4653 static void br_multicast_disable_all_ports(struct net_bridge *br) 4654 { 4655 struct net_bridge_port *port; 4656 4657 if (br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED)) 4658 return; 4659 4660 list_for_each_entry(port, &br->port_list, list) 4661 __br_multicast_disable_port_ctx(&port->multicast_ctx); 4662 } 4663 4664 int br_multicast_toggle(struct net_bridge *br, unsigned long val, 4665 struct netlink_ext_ack *extack) 4666 { 4667 bool change_snoopers = false; 4668 int err = 0; 4669 4670 spin_lock_bh(&br->multicast_lock); 4671 if (!!br_opt_get(br, BROPT_MULTICAST_ENABLED) == !!val) 4672 goto unlock; 4673 4674 err = br_mc_disabled_update(br->dev, val, extack); 4675 if (err == -EOPNOTSUPP) 4676 err = 0; 4677 if (err) 4678 goto unlock; 4679 4680 br_opt_toggle(br, BROPT_MULTICAST_ENABLED, !!val); 4681 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED)) { 4682 change_snoopers = true; 4683 br_multicast_disable_all_ports(br); 4684 goto unlock; 4685 } 4686 4687 if (!netif_running(br->dev)) 4688 goto unlock; 4689 4690 br_multicast_open(br); 4691 br_multicast_enable_all_ports(br); 4692 4693 change_snoopers = true; 4694 4695 unlock: 4696 spin_unlock_bh(&br->multicast_lock); 4697 4698 /* br_multicast_join_snoopers has the potential to cause 4699 * an MLD Report/Leave to be delivered to br_multicast_rcv, 4700 * which would in turn call br_multicast_add_group, which would 4701 * attempt to acquire multicast_lock. This function should be 4702 * called after the lock has been released to avoid deadlocks on 4703 * multicast_lock. 4704 * 4705 * br_multicast_leave_snoopers does not have the problem since 4706 * br_multicast_rcv first checks BROPT_MULTICAST_ENABLED, and 4707 * returns without calling br_multicast_ipv4/6_rcv if it's not 4708 * enabled. Moved both functions out just for symmetry. 4709 */ 4710 if (change_snoopers) { 4711 if (br_opt_get(br, BROPT_MULTICAST_ENABLED)) 4712 br_multicast_join_snoopers(br); 4713 else 4714 br_multicast_leave_snoopers(br); 4715 } 4716 4717 return err; 4718 } 4719 4720 bool br_multicast_enabled(const struct net_device *dev) 4721 { 4722 struct net_bridge *br = netdev_priv(dev); 4723 4724 return !!br_opt_get(br, BROPT_MULTICAST_ENABLED); 4725 } 4726 EXPORT_SYMBOL_GPL(br_multicast_enabled); 4727 4728 bool br_multicast_router(const struct net_device *dev) 4729 { 4730 struct net_bridge *br = netdev_priv(dev); 4731 bool is_router; 4732 4733 spin_lock_bh(&br->multicast_lock); 4734 is_router = br_multicast_is_router(&br->multicast_ctx, NULL); 4735 spin_unlock_bh(&br->multicast_lock); 4736 return is_router; 4737 } 4738 EXPORT_SYMBOL_GPL(br_multicast_router); 4739 4740 int br_multicast_set_querier(struct net_bridge_mcast *brmctx, unsigned long val) 4741 { 4742 unsigned long max_delay; 4743 4744 val = !!val; 4745 4746 spin_lock_bh(&brmctx->br->multicast_lock); 4747 if (brmctx->multicast_querier == val) 4748 goto unlock; 4749 4750 WRITE_ONCE(brmctx->multicast_querier, val); 4751 if (!val) 4752 goto unlock; 4753 4754 max_delay = brmctx->multicast_query_response_interval; 4755 4756 if (!timer_pending(&brmctx->ip4_other_query.timer)) 4757 mod_timer(&brmctx->ip4_other_query.delay_timer, 4758 jiffies + max_delay); 4759 4760 br_multicast_start_querier(brmctx, &brmctx->ip4_own_query); 4761 4762 #if IS_ENABLED(CONFIG_IPV6) 4763 if (!timer_pending(&brmctx->ip6_other_query.timer)) 4764 mod_timer(&brmctx->ip6_other_query.delay_timer, 4765 jiffies + max_delay); 4766 4767 br_multicast_start_querier(brmctx, &brmctx->ip6_own_query); 4768 #endif 4769 4770 unlock: 4771 spin_unlock_bh(&brmctx->br->multicast_lock); 4772 4773 return 0; 4774 } 4775 4776 int br_multicast_set_igmp_version(struct net_bridge_mcast *brmctx, 4777 unsigned long val) 4778 { 4779 /* Currently we support only version 2 and 3 */ 4780 switch (val) { 4781 case 2: 4782 case 3: 4783 break; 4784 default: 4785 return -EINVAL; 4786 } 4787 4788 spin_lock_bh(&brmctx->br->multicast_lock); 4789 brmctx->multicast_igmp_version = val; 4790 spin_unlock_bh(&brmctx->br->multicast_lock); 4791 4792 return 0; 4793 } 4794 4795 #if IS_ENABLED(CONFIG_IPV6) 4796 int br_multicast_set_mld_version(struct net_bridge_mcast *brmctx, 4797 unsigned long val) 4798 { 4799 /* Currently we support version 1 and 2 */ 4800 switch (val) { 4801 case 1: 4802 case 2: 4803 break; 4804 default: 4805 return -EINVAL; 4806 } 4807 4808 spin_lock_bh(&brmctx->br->multicast_lock); 4809 brmctx->multicast_mld_version = val; 4810 spin_unlock_bh(&brmctx->br->multicast_lock); 4811 4812 return 0; 4813 } 4814 #endif 4815 4816 void br_multicast_set_query_intvl(struct net_bridge_mcast *brmctx, 4817 unsigned long val) 4818 { 4819 unsigned long intvl_jiffies = clock_t_to_jiffies(val); 4820 4821 if (intvl_jiffies < BR_MULTICAST_QUERY_INTVL_MIN) { 4822 br_info(brmctx->br, 4823 "trying to set multicast query interval below minimum, setting to %lu (%ums)\n", 4824 jiffies_to_clock_t(BR_MULTICAST_QUERY_INTVL_MIN), 4825 jiffies_to_msecs(BR_MULTICAST_QUERY_INTVL_MIN)); 4826 intvl_jiffies = BR_MULTICAST_QUERY_INTVL_MIN; 4827 } 4828 4829 if (intvl_jiffies > BR_MULTICAST_QUERY_INTVL_MAX) { 4830 br_info(brmctx->br, 4831 "trying to set multicast query interval above maximum, setting to %lu (%ums)\n", 4832 jiffies_to_clock_t(BR_MULTICAST_QUERY_INTVL_MAX), 4833 jiffies_to_msecs(BR_MULTICAST_QUERY_INTVL_MAX)); 4834 intvl_jiffies = BR_MULTICAST_QUERY_INTVL_MAX; 4835 } 4836 4837 brmctx->multicast_query_interval = intvl_jiffies; 4838 } 4839 4840 void br_multicast_set_startup_query_intvl(struct net_bridge_mcast *brmctx, 4841 unsigned long val) 4842 { 4843 unsigned long intvl_jiffies = clock_t_to_jiffies(val); 4844 4845 if (intvl_jiffies < BR_MULTICAST_STARTUP_QUERY_INTVL_MIN) { 4846 br_info(brmctx->br, 4847 "trying to set multicast startup query interval below minimum, setting to %lu (%ums)\n", 4848 jiffies_to_clock_t(BR_MULTICAST_STARTUP_QUERY_INTVL_MIN), 4849 jiffies_to_msecs(BR_MULTICAST_STARTUP_QUERY_INTVL_MIN)); 4850 intvl_jiffies = BR_MULTICAST_STARTUP_QUERY_INTVL_MIN; 4851 } 4852 4853 if (intvl_jiffies > BR_MULTICAST_STARTUP_QUERY_INTVL_MAX) { 4854 br_info(brmctx->br, 4855 "trying to set multicast startup query interval above maximum, setting to %lu (%ums)\n", 4856 jiffies_to_clock_t(BR_MULTICAST_STARTUP_QUERY_INTVL_MAX), 4857 jiffies_to_msecs(BR_MULTICAST_STARTUP_QUERY_INTVL_MAX)); 4858 intvl_jiffies = BR_MULTICAST_STARTUP_QUERY_INTVL_MAX; 4859 } 4860 4861 brmctx->multicast_startup_query_interval = intvl_jiffies; 4862 } 4863 4864 /** 4865 * br_multicast_list_adjacent - Returns snooped multicast addresses 4866 * @dev: The bridge port adjacent to which to retrieve addresses 4867 * @br_ip_list: The list to store found, snooped multicast IP addresses in 4868 * 4869 * Creates a list of IP addresses (struct br_ip_list) sensed by the multicast 4870 * snooping feature on all bridge ports of dev's bridge device, excluding 4871 * the addresses from dev itself. 4872 * 4873 * Returns the number of items added to br_ip_list. 4874 * 4875 * Notes: 4876 * - br_ip_list needs to be initialized by caller 4877 * - br_ip_list might contain duplicates in the end 4878 * (needs to be taken care of by caller) 4879 * - br_ip_list needs to be freed by caller 4880 */ 4881 int br_multicast_list_adjacent(struct net_device *dev, 4882 struct list_head *br_ip_list) 4883 { 4884 struct net_bridge *br; 4885 struct net_bridge_port *port; 4886 struct net_bridge_port_group *group; 4887 struct br_ip_list *entry; 4888 int count = 0; 4889 4890 rcu_read_lock(); 4891 if (!br_ip_list || !netif_is_bridge_port(dev)) 4892 goto unlock; 4893 4894 port = br_port_get_rcu(dev); 4895 if (!port || !port->br) 4896 goto unlock; 4897 4898 br = port->br; 4899 4900 list_for_each_entry_rcu(port, &br->port_list, list) { 4901 if (!port->dev || port->dev == dev) 4902 continue; 4903 4904 hlist_for_each_entry_rcu(group, &port->mglist, mglist) { 4905 entry = kmalloc_obj(*entry, GFP_ATOMIC); 4906 if (!entry) 4907 goto unlock; 4908 4909 entry->addr = group->key.addr; 4910 list_add(&entry->list, br_ip_list); 4911 count++; 4912 } 4913 } 4914 4915 unlock: 4916 rcu_read_unlock(); 4917 return count; 4918 } 4919 EXPORT_SYMBOL_GPL(br_multicast_list_adjacent); 4920 4921 /** 4922 * br_multicast_has_querier_anywhere - Checks for a querier on a bridge 4923 * @dev: The bridge port providing the bridge on which to check for a querier 4924 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6 4925 * 4926 * Checks whether the given interface has a bridge on top and if so returns 4927 * true if a valid querier exists anywhere on the bridged link layer. 4928 * Otherwise returns false. 4929 */ 4930 bool br_multicast_has_querier_anywhere(struct net_device *dev, int proto) 4931 { 4932 struct net_bridge *br; 4933 struct net_bridge_port *port; 4934 struct ethhdr eth; 4935 bool ret = false; 4936 4937 rcu_read_lock(); 4938 if (!netif_is_bridge_port(dev)) 4939 goto unlock; 4940 4941 port = br_port_get_rcu(dev); 4942 if (!port || !port->br) 4943 goto unlock; 4944 4945 br = port->br; 4946 4947 memset(ð, 0, sizeof(eth)); 4948 eth.h_proto = htons(proto); 4949 4950 ret = br_multicast_querier_exists(&br->multicast_ctx, ð, NULL); 4951 4952 unlock: 4953 rcu_read_unlock(); 4954 return ret; 4955 } 4956 EXPORT_SYMBOL_GPL(br_multicast_has_querier_anywhere); 4957 4958 /** 4959 * br_multicast_has_querier_adjacent - Checks for a querier behind a bridge port 4960 * @dev: The bridge port adjacent to which to check for a querier 4961 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6 4962 * 4963 * Checks whether the given interface has a bridge on top and if so returns 4964 * true if a selected querier is behind one of the other ports of this 4965 * bridge. Otherwise returns false. 4966 */ 4967 bool br_multicast_has_querier_adjacent(struct net_device *dev, int proto) 4968 { 4969 struct net_bridge_mcast *brmctx; 4970 struct net_bridge *br; 4971 struct net_bridge_port *port; 4972 bool ret = false; 4973 int port_ifidx; 4974 4975 rcu_read_lock(); 4976 if (!netif_is_bridge_port(dev)) 4977 goto unlock; 4978 4979 port = br_port_get_rcu(dev); 4980 if (!port || !port->br) 4981 goto unlock; 4982 4983 br = port->br; 4984 brmctx = &br->multicast_ctx; 4985 4986 switch (proto) { 4987 case ETH_P_IP: 4988 port_ifidx = brmctx->ip4_querier.port_ifidx; 4989 if (!timer_pending(&brmctx->ip4_other_query.timer) || 4990 port_ifidx == port->dev->ifindex) 4991 goto unlock; 4992 break; 4993 #if IS_ENABLED(CONFIG_IPV6) 4994 case ETH_P_IPV6: 4995 port_ifidx = brmctx->ip6_querier.port_ifidx; 4996 if (!timer_pending(&brmctx->ip6_other_query.timer) || 4997 port_ifidx == port->dev->ifindex) 4998 goto unlock; 4999 break; 5000 #endif 5001 default: 5002 goto unlock; 5003 } 5004 5005 ret = true; 5006 unlock: 5007 rcu_read_unlock(); 5008 return ret; 5009 } 5010 EXPORT_SYMBOL_GPL(br_multicast_has_querier_adjacent); 5011 5012 /** 5013 * br_multicast_has_router_adjacent - Checks for a router behind a bridge port 5014 * @dev: The bridge port adjacent to which to check for a multicast router 5015 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6 5016 * 5017 * Checks whether the given interface has a bridge on top and if so returns 5018 * true if a multicast router is behind one of the other ports of this 5019 * bridge. Otherwise returns false. 5020 */ 5021 bool br_multicast_has_router_adjacent(struct net_device *dev, int proto) 5022 { 5023 struct net_bridge_mcast_port *pmctx; 5024 struct net_bridge_mcast *brmctx; 5025 struct net_bridge_port *port; 5026 bool ret = false; 5027 5028 rcu_read_lock(); 5029 port = br_port_get_check_rcu(dev); 5030 if (!port) 5031 goto unlock; 5032 5033 brmctx = &port->br->multicast_ctx; 5034 switch (proto) { 5035 case ETH_P_IP: 5036 hlist_for_each_entry_rcu(pmctx, &brmctx->ip4_mc_router_list, 5037 ip4_rlist) { 5038 if (pmctx->port == port) 5039 continue; 5040 5041 ret = true; 5042 goto unlock; 5043 } 5044 break; 5045 #if IS_ENABLED(CONFIG_IPV6) 5046 case ETH_P_IPV6: 5047 hlist_for_each_entry_rcu(pmctx, &brmctx->ip6_mc_router_list, 5048 ip6_rlist) { 5049 if (pmctx->port == port) 5050 continue; 5051 5052 ret = true; 5053 goto unlock; 5054 } 5055 break; 5056 #endif 5057 default: 5058 /* when compiled without IPv6 support, be conservative and 5059 * always assume presence of an IPv6 multicast router 5060 */ 5061 ret = true; 5062 } 5063 5064 unlock: 5065 rcu_read_unlock(); 5066 return ret; 5067 } 5068 EXPORT_SYMBOL_GPL(br_multicast_has_router_adjacent); 5069 5070 static void br_mcast_stats_add(struct bridge_mcast_stats __percpu *stats, 5071 const struct sk_buff *skb, u8 type, u8 dir) 5072 { 5073 struct bridge_mcast_stats *pstats = this_cpu_ptr(stats); 5074 __be16 proto = skb->protocol; 5075 unsigned int t_len; 5076 5077 u64_stats_update_begin(&pstats->syncp); 5078 switch (proto) { 5079 case htons(ETH_P_IP): 5080 t_len = ntohs(ip_hdr(skb)->tot_len) - ip_hdrlen(skb); 5081 switch (type) { 5082 case IGMP_HOST_MEMBERSHIP_REPORT: 5083 pstats->mstats.igmp_v1reports[dir]++; 5084 break; 5085 case IGMPV2_HOST_MEMBERSHIP_REPORT: 5086 pstats->mstats.igmp_v2reports[dir]++; 5087 break; 5088 case IGMPV3_HOST_MEMBERSHIP_REPORT: 5089 pstats->mstats.igmp_v3reports[dir]++; 5090 break; 5091 case IGMP_HOST_MEMBERSHIP_QUERY: 5092 if (t_len != sizeof(struct igmphdr)) { 5093 pstats->mstats.igmp_v3queries[dir]++; 5094 } else { 5095 unsigned int offset = skb_transport_offset(skb); 5096 struct igmphdr *ih, _ihdr; 5097 5098 ih = skb_header_pointer(skb, offset, 5099 sizeof(_ihdr), &_ihdr); 5100 if (!ih) 5101 break; 5102 if (!ih->code) 5103 pstats->mstats.igmp_v1queries[dir]++; 5104 else 5105 pstats->mstats.igmp_v2queries[dir]++; 5106 } 5107 break; 5108 case IGMP_HOST_LEAVE_MESSAGE: 5109 pstats->mstats.igmp_leaves[dir]++; 5110 break; 5111 } 5112 break; 5113 #if IS_ENABLED(CONFIG_IPV6) 5114 case htons(ETH_P_IPV6): 5115 t_len = ntohs(ipv6_hdr(skb)->payload_len) + 5116 sizeof(struct ipv6hdr); 5117 t_len -= skb_network_header_len(skb); 5118 switch (type) { 5119 case ICMPV6_MGM_REPORT: 5120 pstats->mstats.mld_v1reports[dir]++; 5121 break; 5122 case ICMPV6_MLD2_REPORT: 5123 pstats->mstats.mld_v2reports[dir]++; 5124 break; 5125 case ICMPV6_MGM_QUERY: 5126 if (t_len != sizeof(struct mld_msg)) 5127 pstats->mstats.mld_v2queries[dir]++; 5128 else 5129 pstats->mstats.mld_v1queries[dir]++; 5130 break; 5131 case ICMPV6_MGM_REDUCTION: 5132 pstats->mstats.mld_leaves[dir]++; 5133 break; 5134 } 5135 break; 5136 #endif /* CONFIG_IPV6 */ 5137 } 5138 u64_stats_update_end(&pstats->syncp); 5139 } 5140 5141 void br_multicast_count(struct net_bridge *br, 5142 const struct net_bridge_port *p, 5143 const struct sk_buff *skb, u8 type, u8 dir) 5144 { 5145 struct bridge_mcast_stats __percpu *stats; 5146 5147 /* if multicast_disabled is true then igmp type can't be set */ 5148 if (!type || !br_opt_get(br, BROPT_MULTICAST_STATS_ENABLED)) 5149 return; 5150 5151 if (p) 5152 stats = p->mcast_stats; 5153 else 5154 stats = br->mcast_stats; 5155 if (WARN_ON(!stats)) 5156 return; 5157 5158 br_mcast_stats_add(stats, skb, type, dir); 5159 } 5160 5161 int br_multicast_init_stats(struct net_bridge *br) 5162 { 5163 br->mcast_stats = netdev_alloc_pcpu_stats(struct bridge_mcast_stats); 5164 if (!br->mcast_stats) 5165 return -ENOMEM; 5166 5167 return 0; 5168 } 5169 5170 void br_multicast_uninit_stats(struct net_bridge *br) 5171 { 5172 free_percpu(br->mcast_stats); 5173 } 5174 5175 /* noinline for https://llvm.org/pr45802#c9 */ 5176 static noinline_for_stack void mcast_stats_add_dir(u64 *dst, u64 *src) 5177 { 5178 dst[BR_MCAST_DIR_RX] += src[BR_MCAST_DIR_RX]; 5179 dst[BR_MCAST_DIR_TX] += src[BR_MCAST_DIR_TX]; 5180 } 5181 5182 void br_multicast_get_stats(const struct net_bridge *br, 5183 const struct net_bridge_port *p, 5184 struct br_mcast_stats *dest) 5185 { 5186 struct bridge_mcast_stats __percpu *stats; 5187 struct br_mcast_stats tdst; 5188 int i; 5189 5190 memset(dest, 0, sizeof(*dest)); 5191 if (p) 5192 stats = p->mcast_stats; 5193 else 5194 stats = br->mcast_stats; 5195 if (WARN_ON(!stats)) 5196 return; 5197 5198 memset(&tdst, 0, sizeof(tdst)); 5199 for_each_possible_cpu(i) { 5200 struct bridge_mcast_stats *cpu_stats = per_cpu_ptr(stats, i); 5201 struct br_mcast_stats temp; 5202 unsigned int start; 5203 5204 do { 5205 start = u64_stats_fetch_begin(&cpu_stats->syncp); 5206 u64_stats_copy(&temp, &cpu_stats->mstats, sizeof(temp)); 5207 } while (u64_stats_fetch_retry(&cpu_stats->syncp, start)); 5208 5209 mcast_stats_add_dir(tdst.igmp_v1queries, temp.igmp_v1queries); 5210 mcast_stats_add_dir(tdst.igmp_v2queries, temp.igmp_v2queries); 5211 mcast_stats_add_dir(tdst.igmp_v3queries, temp.igmp_v3queries); 5212 mcast_stats_add_dir(tdst.igmp_leaves, temp.igmp_leaves); 5213 mcast_stats_add_dir(tdst.igmp_v1reports, temp.igmp_v1reports); 5214 mcast_stats_add_dir(tdst.igmp_v2reports, temp.igmp_v2reports); 5215 mcast_stats_add_dir(tdst.igmp_v3reports, temp.igmp_v3reports); 5216 tdst.igmp_parse_errors += temp.igmp_parse_errors; 5217 5218 mcast_stats_add_dir(tdst.mld_v1queries, temp.mld_v1queries); 5219 mcast_stats_add_dir(tdst.mld_v2queries, temp.mld_v2queries); 5220 mcast_stats_add_dir(tdst.mld_leaves, temp.mld_leaves); 5221 mcast_stats_add_dir(tdst.mld_v1reports, temp.mld_v1reports); 5222 mcast_stats_add_dir(tdst.mld_v2reports, temp.mld_v2reports); 5223 tdst.mld_parse_errors += temp.mld_parse_errors; 5224 } 5225 memcpy(dest, &tdst, sizeof(*dest)); 5226 } 5227 5228 int br_mdb_hash_init(struct net_bridge *br) 5229 { 5230 int err; 5231 5232 err = rhashtable_init(&br->sg_port_tbl, &br_sg_port_rht_params); 5233 if (err) 5234 return err; 5235 5236 err = rhashtable_init(&br->mdb_hash_tbl, &br_mdb_rht_params); 5237 if (err) { 5238 rhashtable_destroy(&br->sg_port_tbl); 5239 return err; 5240 } 5241 5242 return 0; 5243 } 5244 5245 void br_mdb_hash_fini(struct net_bridge *br) 5246 { 5247 rhashtable_destroy(&br->sg_port_tbl); 5248 rhashtable_destroy(&br->mdb_hash_tbl); 5249 } 5250