1 /*- 2 * Copyright (c) 1988 Stephen Deering. 3 * Copyright (c) 1992, 1993 4 * The Regents of the University of California. All rights reserved. 5 * 6 * This code is derived from software contributed to Berkeley by 7 * Stephen Deering of Stanford University. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)igmp.c 8.1 (Berkeley) 7/19/93 34 */ 35 36 /* 37 * Internet Group Management Protocol (IGMP) routines. 38 * 39 * Written by Steve Deering, Stanford, May 1988. 40 * Modified by Rosen Sharma, Stanford, Aug 1994. 41 * Modified by Bill Fenner, Xerox PARC, Feb 1995. 42 * Modified to fully comply to IGMPv2 by Bill Fenner, Oct 1995. 43 * 44 * MULTICAST Revision: 3.5.1.4 45 */ 46 47 #include <sys/cdefs.h> 48 __FBSDID("$FreeBSD$"); 49 50 #include "opt_mac.h" 51 52 #include <sys/param.h> 53 #include <sys/systm.h> 54 #include <sys/malloc.h> 55 #include <sys/mbuf.h> 56 #include <sys/socket.h> 57 #include <sys/protosw.h> 58 #include <sys/kernel.h> 59 #include <sys/sysctl.h> 60 61 #include <net/if.h> 62 #include <net/route.h> 63 64 #include <netinet/in.h> 65 #include <netinet/in_var.h> 66 #include <netinet/in_systm.h> 67 #include <netinet/ip.h> 68 #include <netinet/ip_var.h> 69 #include <netinet/ip_options.h> 70 #include <netinet/igmp.h> 71 #include <netinet/igmp_var.h> 72 73 #include <machine/in_cksum.h> 74 75 #include <security/mac/mac_framework.h> 76 77 static MALLOC_DEFINE(M_IGMP, "igmp", "igmp state"); 78 79 static struct router_info *find_rti(struct ifnet *ifp); 80 static void igmp_sendpkt(struct in_multi *, int, unsigned long); 81 82 static struct igmpstat igmpstat; 83 84 SYSCTL_STRUCT(_net_inet_igmp, IGMPCTL_STATS, stats, CTLFLAG_RW, &igmpstat, 85 igmpstat, ""); 86 87 /* 88 * igmp_mtx protects all mutable global variables in igmp.c, as well as the 89 * data fields in struct router_info. In general, a router_info structure 90 * will be valid as long as the referencing struct in_multi is valid, so no 91 * reference counting is used. We allow unlocked reads of router_info data 92 * when accessed via an in_multi read-only. 93 */ 94 static struct mtx igmp_mtx; 95 static SLIST_HEAD(, router_info) router_info_head; 96 static int igmp_timers_are_running; 97 98 /* 99 * XXXRW: can we define these such that these can be made const? In any 100 * case, these shouldn't be changed after igmp_init() and therefore don't 101 * need locking. 102 */ 103 static u_long igmp_all_hosts_group; 104 static u_long igmp_all_rtrs_group; 105 106 static struct mbuf *router_alert; 107 static struct route igmprt; 108 109 #ifdef IGMP_DEBUG 110 #define IGMP_PRINTF(x) printf(x) 111 #else 112 #define IGMP_PRINTF(x) 113 #endif 114 115 void 116 igmp_init(void) 117 { 118 struct ipoption *ra; 119 120 /* 121 * To avoid byte-swapping the same value over and over again. 122 */ 123 igmp_all_hosts_group = htonl(INADDR_ALLHOSTS_GROUP); 124 igmp_all_rtrs_group = htonl(INADDR_ALLRTRS_GROUP); 125 126 igmp_timers_are_running = 0; 127 128 /* 129 * Construct a Router Alert option to use in outgoing packets. 130 */ 131 MGET(router_alert, M_DONTWAIT, MT_DATA); 132 ra = mtod(router_alert, struct ipoption *); 133 ra->ipopt_dst.s_addr = 0; 134 ra->ipopt_list[0] = IPOPT_RA; /* Router Alert Option */ 135 ra->ipopt_list[1] = 0x04; /* 4 bytes long */ 136 ra->ipopt_list[2] = 0x00; 137 ra->ipopt_list[3] = 0x00; 138 router_alert->m_len = sizeof(ra->ipopt_dst) + ra->ipopt_list[1]; 139 140 mtx_init(&igmp_mtx, "igmp_mtx", NULL, MTX_DEF); 141 SLIST_INIT(&router_info_head); 142 } 143 144 static struct router_info * 145 find_rti(struct ifnet *ifp) 146 { 147 struct router_info *rti; 148 149 mtx_assert(&igmp_mtx, MA_OWNED); 150 IGMP_PRINTF("[igmp.c, _find_rti] --> entering \n"); 151 SLIST_FOREACH(rti, &router_info_head, rti_list) { 152 if (rti->rti_ifp == ifp) { 153 IGMP_PRINTF( 154 "[igmp.c, _find_rti] --> found old entry \n"); 155 return (rti); 156 } 157 } 158 MALLOC(rti, struct router_info *, sizeof *rti, M_IGMP, M_NOWAIT); 159 if (rti == NULL) { 160 IGMP_PRINTF("[igmp.c, _find_rti] --> no memory for entry\n"); 161 return (NULL); 162 } 163 rti->rti_ifp = ifp; 164 rti->rti_type = IGMP_V2_ROUTER; 165 rti->rti_time = 0; 166 SLIST_INSERT_HEAD(&router_info_head, rti, rti_list); 167 IGMP_PRINTF("[igmp.c, _find_rti] --> created an entry \n"); 168 return (rti); 169 } 170 171 void 172 igmp_input(register struct mbuf *m, int off) 173 { 174 register int iphlen = off; 175 register struct igmp *igmp; 176 register struct ip *ip; 177 register int igmplen; 178 register struct ifnet *ifp = m->m_pkthdr.rcvif; 179 register int minlen; 180 register struct in_multi *inm; 181 register struct in_ifaddr *ia; 182 struct in_multistep step; 183 struct router_info *rti; 184 int timer; /** timer value in the igmp query header **/ 185 186 ++igmpstat.igps_rcv_total; 187 188 ip = mtod(m, struct ip *); 189 igmplen = ip->ip_len; 190 191 /* 192 * Validate lengths. 193 */ 194 if (igmplen < IGMP_MINLEN) { 195 ++igmpstat.igps_rcv_tooshort; 196 m_freem(m); 197 return; 198 } 199 minlen = iphlen + IGMP_MINLEN; 200 if ((m->m_flags & M_EXT || m->m_len < minlen) && 201 (m = m_pullup(m, minlen)) == 0) { 202 ++igmpstat.igps_rcv_tooshort; 203 return; 204 } 205 206 /* 207 * Validate checksum. 208 */ 209 m->m_data += iphlen; 210 m->m_len -= iphlen; 211 igmp = mtod(m, struct igmp *); 212 if (in_cksum(m, igmplen)) { 213 ++igmpstat.igps_rcv_badsum; 214 m_freem(m); 215 return; 216 } 217 m->m_data -= iphlen; 218 m->m_len += iphlen; 219 220 ip = mtod(m, struct ip *); 221 timer = igmp->igmp_code * PR_FASTHZ / IGMP_TIMER_SCALE; 222 if (timer == 0) 223 timer = 1; 224 225 /* 226 * In the IGMPv2 specification, there are 3 states and a flag. 227 * 228 * In Non-Member state, we simply don't have a membership record. 229 * In Delaying Member state, our timer is running (inm->inm_timer). 230 * In Idle Member state, our timer is not running (inm->inm_timer==0). 231 * 232 * The flag is inm->inm_state, it is set to IGMP_OTHERMEMBER if we 233 * have heard a report from another member, or IGMP_IREPORTEDLAST if 234 * I sent the last report. 235 */ 236 switch (igmp->igmp_type) { 237 case IGMP_MEMBERSHIP_QUERY: 238 ++igmpstat.igps_rcv_queries; 239 240 if (ifp->if_flags & IFF_LOOPBACK) 241 break; 242 243 if (igmp->igmp_code == 0) { 244 /* 245 * Old router. Remember that the querier on this 246 * interface is old, and set the timer to the value 247 * in RFC 1112. 248 */ 249 250 mtx_lock(&igmp_mtx); 251 rti = find_rti(ifp); 252 if (rti == NULL) { 253 mtx_unlock(&igmp_mtx); 254 m_freem(m); 255 return; 256 } 257 rti->rti_type = IGMP_V1_ROUTER; 258 rti->rti_time = 0; 259 mtx_unlock(&igmp_mtx); 260 261 timer = IGMP_MAX_HOST_REPORT_DELAY * PR_FASTHZ; 262 263 if (ip->ip_dst.s_addr != igmp_all_hosts_group || 264 igmp->igmp_group.s_addr != 0) { 265 ++igmpstat.igps_rcv_badqueries; 266 m_freem(m); 267 return; 268 } 269 } else { 270 /* 271 * New router. Simply do the new validity check. 272 */ 273 274 if (igmp->igmp_group.s_addr != 0 && 275 !IN_MULTICAST(ntohl(igmp->igmp_group.s_addr))) { 276 ++igmpstat.igps_rcv_badqueries; 277 m_freem(m); 278 return; 279 } 280 } 281 282 /* 283 * - Start the timers in all of our membership records that 284 * the query applies to for the interface on which the 285 * query arrived excl. those that belong to the "all-hosts" 286 * group (224.0.0.1). 287 * - Restart any timer that is already running but has a 288 * value longer than the requested timeout. 289 * - Use the value specified in the query message as the 290 * maximum timeout. 291 */ 292 IN_MULTI_LOCK(); 293 IN_FIRST_MULTI(step, inm); 294 while (inm != NULL) { 295 if (inm->inm_ifp == ifp && 296 inm->inm_addr.s_addr != igmp_all_hosts_group && 297 (igmp->igmp_group.s_addr == 0 || 298 igmp->igmp_group.s_addr == inm->inm_addr.s_addr)) { 299 if (inm->inm_timer == 0 || 300 inm->inm_timer > timer) { 301 inm->inm_timer = 302 IGMP_RANDOM_DELAY(timer); 303 igmp_timers_are_running = 1; 304 } 305 } 306 IN_NEXT_MULTI(step, inm); 307 } 308 IN_MULTI_UNLOCK(); 309 break; 310 311 case IGMP_V1_MEMBERSHIP_REPORT: 312 case IGMP_V2_MEMBERSHIP_REPORT: 313 /* 314 * For fast leave to work, we have to know that we are the 315 * last person to send a report for this group. Reports can 316 * potentially get looped back if we are a multicast router, 317 * so discard reports sourced by me. 318 */ 319 IFP_TO_IA(ifp, ia); 320 if (ia != NULL && 321 ip->ip_src.s_addr == IA_SIN(ia)->sin_addr.s_addr) 322 break; 323 324 ++igmpstat.igps_rcv_reports; 325 326 if (ifp->if_flags & IFF_LOOPBACK) 327 break; 328 329 if (!IN_MULTICAST(ntohl(igmp->igmp_group.s_addr))) { 330 ++igmpstat.igps_rcv_badreports; 331 m_freem(m); 332 return; 333 } 334 335 /* 336 * KLUDGE: if the IP source address of the report has an 337 * unspecified (i.e., zero) subnet number, as is allowed for 338 * a booting host, replace it with the correct subnet number 339 * so that a process-level multicast routing daemon can 340 * determine which subnet it arrived from. This is necessary 341 * to compensate for the lack of any way for a process to 342 * determine the arrival interface of an incoming packet. 343 */ 344 if ((ntohl(ip->ip_src.s_addr) & IN_CLASSA_NET) == 0) { 345 if (ia != NULL) 346 ip->ip_src.s_addr = htonl(ia->ia_subnet); 347 } 348 349 /* 350 * If we belong to the group being reported, stop our timer 351 * for that group. 352 */ 353 IN_MULTI_LOCK(); 354 IN_LOOKUP_MULTI(igmp->igmp_group, ifp, inm); 355 if (inm != NULL) { 356 inm->inm_timer = 0; 357 ++igmpstat.igps_rcv_ourreports; 358 inm->inm_state = IGMP_OTHERMEMBER; 359 } 360 IN_MULTI_UNLOCK(); 361 break; 362 } 363 364 /* 365 * Pass all valid IGMP packets up to any process(es) listening on a 366 * raw IGMP socket. 367 */ 368 rip_input(m, off); 369 } 370 371 void 372 igmp_joingroup(struct in_multi *inm) 373 { 374 375 IN_MULTI_LOCK_ASSERT(); 376 377 if (inm->inm_addr.s_addr == igmp_all_hosts_group 378 || inm->inm_ifp->if_flags & IFF_LOOPBACK) { 379 inm->inm_timer = 0; 380 inm->inm_state = IGMP_OTHERMEMBER; 381 } else { 382 mtx_lock(&igmp_mtx); 383 inm->inm_rti = find_rti(inm->inm_ifp); 384 mtx_unlock(&igmp_mtx); 385 if (inm->inm_rti != NULL) { 386 igmp_sendpkt(inm, inm->inm_rti->rti_type, 0); 387 inm->inm_timer = IGMP_RANDOM_DELAY( 388 IGMP_MAX_HOST_REPORT_DELAY*PR_FASTHZ); 389 inm->inm_state = IGMP_IREPORTEDLAST; 390 igmp_timers_are_running = 1; 391 } 392 /* XXX handling of failure case? */ 393 } 394 } 395 396 void 397 igmp_leavegroup(struct in_multi *inm) 398 { 399 400 IN_MULTI_LOCK_ASSERT(); 401 402 if (inm->inm_state == IGMP_IREPORTEDLAST && 403 inm->inm_addr.s_addr != igmp_all_hosts_group && 404 !(inm->inm_ifp->if_flags & IFF_LOOPBACK) && 405 inm->inm_rti->rti_type != IGMP_V1_ROUTER) 406 igmp_sendpkt(inm, IGMP_V2_LEAVE_GROUP, igmp_all_rtrs_group); 407 } 408 409 void 410 igmp_fasttimo(void) 411 { 412 register struct in_multi *inm; 413 struct in_multistep step; 414 415 /* 416 * Quick check to see if any work needs to be done, in order to 417 * minimize the overhead of fasttimo processing. 418 */ 419 420 if (!igmp_timers_are_running) 421 return; 422 423 IN_MULTI_LOCK(); 424 igmp_timers_are_running = 0; 425 IN_FIRST_MULTI(step, inm); 426 while (inm != NULL) { 427 if (inm->inm_timer == 0) { 428 /* do nothing */ 429 } else if (--inm->inm_timer == 0) { 430 igmp_sendpkt(inm, inm->inm_rti->rti_type, 0); 431 inm->inm_state = IGMP_IREPORTEDLAST; 432 } else { 433 igmp_timers_are_running = 1; 434 } 435 IN_NEXT_MULTI(step, inm); 436 } 437 IN_MULTI_UNLOCK(); 438 } 439 440 void 441 igmp_slowtimo(void) 442 { 443 struct router_info *rti; 444 445 IGMP_PRINTF("[igmp.c,_slowtimo] -- > entering \n"); 446 mtx_lock(&igmp_mtx); 447 SLIST_FOREACH(rti, &router_info_head, rti_list) { 448 if (rti->rti_type == IGMP_V1_ROUTER) { 449 rti->rti_time++; 450 if (rti->rti_time >= IGMP_AGE_THRESHOLD) 451 rti->rti_type = IGMP_V2_ROUTER; 452 } 453 } 454 mtx_unlock(&igmp_mtx); 455 IGMP_PRINTF("[igmp.c,_slowtimo] -- > exiting \n"); 456 } 457 458 static void 459 igmp_sendpkt(struct in_multi *inm, int type, unsigned long addr) 460 { 461 struct mbuf *m; 462 struct igmp *igmp; 463 struct ip *ip; 464 struct ip_moptions imo; 465 466 IN_MULTI_LOCK_ASSERT(); 467 468 MGETHDR(m, M_DONTWAIT, MT_DATA); 469 if (m == NULL) 470 return; 471 472 m->m_pkthdr.rcvif = loif; 473 #ifdef MAC 474 mac_netinet_igmp_send(inm->inm_ifp, m); 475 #endif 476 m->m_pkthdr.len = sizeof(struct ip) + IGMP_MINLEN; 477 MH_ALIGN(m, IGMP_MINLEN + sizeof(struct ip)); 478 m->m_data += sizeof(struct ip); 479 m->m_len = IGMP_MINLEN; 480 igmp = mtod(m, struct igmp *); 481 igmp->igmp_type = type; 482 igmp->igmp_code = 0; 483 igmp->igmp_group = inm->inm_addr; 484 igmp->igmp_cksum = 0; 485 igmp->igmp_cksum = in_cksum(m, IGMP_MINLEN); 486 487 m->m_data -= sizeof(struct ip); 488 m->m_len += sizeof(struct ip); 489 ip = mtod(m, struct ip *); 490 ip->ip_tos = 0; 491 ip->ip_len = sizeof(struct ip) + IGMP_MINLEN; 492 ip->ip_off = 0; 493 ip->ip_p = IPPROTO_IGMP; 494 ip->ip_src.s_addr = INADDR_ANY; 495 ip->ip_dst.s_addr = addr ? addr : igmp->igmp_group.s_addr; 496 497 imo.imo_multicast_ifp = inm->inm_ifp; 498 imo.imo_multicast_ttl = 1; 499 imo.imo_multicast_vif = -1; 500 /* 501 * Request loopback of the report if we are acting as a multicast 502 * router, so that the process-level routing daemon can hear it. 503 */ 504 imo.imo_multicast_loop = (ip_mrouter != NULL); 505 506 /* 507 * XXX: Do we have to worry about reentrancy here? Don't think so. 508 */ 509 ip_output(m, router_alert, &igmprt, 0, &imo, NULL); 510 511 ++igmpstat.igps_snd_reports; 512 } 513