xref: /freebsd/sys/netinet/igmp.c (revision 1e413cf93298b5b97441a21d9a50fdcd0ee9945e)
1 /*-
2  * Copyright (c) 1988 Stephen Deering.
3  * Copyright (c) 1992, 1993
4  *	The Regents of the University of California.  All rights reserved.
5  *
6  * This code is derived from software contributed to Berkeley by
7  * Stephen Deering of Stanford University.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in the
16  *    documentation and/or other materials provided with the distribution.
17  * 4. Neither the name of the University nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  *
33  *	@(#)igmp.c	8.1 (Berkeley) 7/19/93
34  */
35 
36 /*
37  * Internet Group Management Protocol (IGMP) routines.
38  *
39  * Written by Steve Deering, Stanford, May 1988.
40  * Modified by Rosen Sharma, Stanford, Aug 1994.
41  * Modified by Bill Fenner, Xerox PARC, Feb 1995.
42  * Modified to fully comply to IGMPv2 by Bill Fenner, Oct 1995.
43  *
44  * MULTICAST Revision: 3.5.1.4
45  */
46 
47 #include <sys/cdefs.h>
48 __FBSDID("$FreeBSD$");
49 
50 #include "opt_mac.h"
51 
52 #include <sys/param.h>
53 #include <sys/systm.h>
54 #include <sys/malloc.h>
55 #include <sys/mbuf.h>
56 #include <sys/socket.h>
57 #include <sys/protosw.h>
58 #include <sys/kernel.h>
59 #include <sys/sysctl.h>
60 
61 #include <net/if.h>
62 #include <net/route.h>
63 
64 #include <netinet/in.h>
65 #include <netinet/in_var.h>
66 #include <netinet/in_systm.h>
67 #include <netinet/ip.h>
68 #include <netinet/ip_var.h>
69 #include <netinet/ip_options.h>
70 #include <netinet/igmp.h>
71 #include <netinet/igmp_var.h>
72 
73 #include <machine/in_cksum.h>
74 
75 #include <security/mac/mac_framework.h>
76 
77 static MALLOC_DEFINE(M_IGMP, "igmp", "igmp state");
78 
79 static struct router_info	*find_rti(struct ifnet *ifp);
80 static void	igmp_sendpkt(struct in_multi *, int, unsigned long);
81 
82 static struct igmpstat igmpstat;
83 
84 SYSCTL_STRUCT(_net_inet_igmp, IGMPCTL_STATS, stats, CTLFLAG_RW, &igmpstat,
85     igmpstat, "");
86 
87 /*
88  * igmp_mtx protects all mutable global variables in igmp.c, as well as the
89  * data fields in struct router_info.  In general, a router_info structure
90  * will be valid as long as the referencing struct in_multi is valid, so no
91  * reference counting is used.  We allow unlocked reads of router_info data
92  * when accessed via an in_multi read-only.
93  */
94 static struct mtx igmp_mtx;
95 static SLIST_HEAD(, router_info) router_info_head;
96 static int igmp_timers_are_running;
97 
98 /*
99  * XXXRW: can we define these such that these can be made const?  In any
100  * case, these shouldn't be changed after igmp_init() and therefore don't
101  * need locking.
102  */
103 static u_long igmp_all_hosts_group;
104 static u_long igmp_all_rtrs_group;
105 
106 static struct mbuf *router_alert;
107 static struct route igmprt;
108 
109 #ifdef IGMP_DEBUG
110 #define	IGMP_PRINTF(x)	printf(x)
111 #else
112 #define	IGMP_PRINTF(x)
113 #endif
114 
115 void
116 igmp_init(void)
117 {
118 	struct ipoption *ra;
119 
120 	/*
121 	 * To avoid byte-swapping the same value over and over again.
122 	 */
123 	igmp_all_hosts_group = htonl(INADDR_ALLHOSTS_GROUP);
124 	igmp_all_rtrs_group = htonl(INADDR_ALLRTRS_GROUP);
125 
126 	igmp_timers_are_running = 0;
127 
128 	/*
129 	 * Construct a Router Alert option to use in outgoing packets.
130 	 */
131 	MGET(router_alert, M_DONTWAIT, MT_DATA);
132 	ra = mtod(router_alert, struct ipoption *);
133 	ra->ipopt_dst.s_addr = 0;
134 	ra->ipopt_list[0] = IPOPT_RA;	/* Router Alert Option */
135 	ra->ipopt_list[1] = 0x04;	/* 4 bytes long */
136 	ra->ipopt_list[2] = 0x00;
137 	ra->ipopt_list[3] = 0x00;
138 	router_alert->m_len = sizeof(ra->ipopt_dst) + ra->ipopt_list[1];
139 
140 	mtx_init(&igmp_mtx, "igmp_mtx", NULL, MTX_DEF);
141 	SLIST_INIT(&router_info_head);
142 }
143 
144 static struct router_info *
145 find_rti(struct ifnet *ifp)
146 {
147 	struct router_info *rti;
148 
149 	mtx_assert(&igmp_mtx, MA_OWNED);
150 	IGMP_PRINTF("[igmp.c, _find_rti] --> entering \n");
151 	SLIST_FOREACH(rti, &router_info_head, rti_list) {
152 		if (rti->rti_ifp == ifp) {
153 			IGMP_PRINTF(
154 			    "[igmp.c, _find_rti] --> found old entry \n");
155 			return (rti);
156 		}
157 	}
158 	MALLOC(rti, struct router_info *, sizeof *rti, M_IGMP, M_NOWAIT);
159 	if (rti == NULL) {
160 		IGMP_PRINTF("[igmp.c, _find_rti] --> no memory for entry\n");
161 		return (NULL);
162 	}
163 	rti->rti_ifp = ifp;
164 	rti->rti_type = IGMP_V2_ROUTER;
165 	rti->rti_time = 0;
166 	SLIST_INSERT_HEAD(&router_info_head, rti, rti_list);
167 	IGMP_PRINTF("[igmp.c, _find_rti] --> created an entry \n");
168 	return (rti);
169 }
170 
171 void
172 igmp_input(register struct mbuf *m, int off)
173 {
174 	register int iphlen = off;
175 	register struct igmp *igmp;
176 	register struct ip *ip;
177 	register int igmplen;
178 	register struct ifnet *ifp = m->m_pkthdr.rcvif;
179 	register int minlen;
180 	register struct in_multi *inm;
181 	register struct in_ifaddr *ia;
182 	struct in_multistep step;
183 	struct router_info *rti;
184 	int timer; /** timer value in the igmp query header **/
185 
186 	++igmpstat.igps_rcv_total;
187 
188 	ip = mtod(m, struct ip *);
189 	igmplen = ip->ip_len;
190 
191 	/*
192 	 * Validate lengths.
193 	 */
194 	if (igmplen < IGMP_MINLEN) {
195 		++igmpstat.igps_rcv_tooshort;
196 		m_freem(m);
197 		return;
198 	}
199 	minlen = iphlen + IGMP_MINLEN;
200 	if ((m->m_flags & M_EXT || m->m_len < minlen) &&
201 	    (m = m_pullup(m, minlen)) == 0) {
202 		++igmpstat.igps_rcv_tooshort;
203 		return;
204 	}
205 
206 	/*
207 	 * Validate checksum.
208 	 */
209 	m->m_data += iphlen;
210 	m->m_len -= iphlen;
211 	igmp = mtod(m, struct igmp *);
212 	if (in_cksum(m, igmplen)) {
213 		++igmpstat.igps_rcv_badsum;
214 		m_freem(m);
215 		return;
216 	}
217 	m->m_data -= iphlen;
218 	m->m_len += iphlen;
219 
220 	ip = mtod(m, struct ip *);
221 	timer = igmp->igmp_code * PR_FASTHZ / IGMP_TIMER_SCALE;
222 	if (timer == 0)
223 		timer = 1;
224 
225 	/*
226 	 * In the IGMPv2 specification, there are 3 states and a flag.
227 	 *
228 	 * In Non-Member state, we simply don't have a membership record.
229 	 * In Delaying Member state, our timer is running (inm->inm_timer).
230 	 * In Idle Member state, our timer is not running (inm->inm_timer==0).
231 	 *
232 	 * The flag is inm->inm_state, it is set to IGMP_OTHERMEMBER if we
233 	 * have heard a report from another member, or IGMP_IREPORTEDLAST if
234 	 * I sent the last report.
235 	 */
236 	switch (igmp->igmp_type) {
237 	case IGMP_MEMBERSHIP_QUERY:
238 		++igmpstat.igps_rcv_queries;
239 
240 		if (ifp->if_flags & IFF_LOOPBACK)
241 			break;
242 
243 		if (igmp->igmp_code == 0) {
244 			/*
245 			 * Old router.  Remember that the querier on this
246 			 * interface is old, and set the timer to the value
247 			 * in RFC 1112.
248 			 */
249 
250 			mtx_lock(&igmp_mtx);
251 			rti = find_rti(ifp);
252 			if (rti == NULL) {
253 				mtx_unlock(&igmp_mtx);
254 				m_freem(m);
255 				return;
256 			}
257 			rti->rti_type = IGMP_V1_ROUTER;
258 			rti->rti_time = 0;
259 			mtx_unlock(&igmp_mtx);
260 
261 			timer = IGMP_MAX_HOST_REPORT_DELAY * PR_FASTHZ;
262 
263 			if (ip->ip_dst.s_addr != igmp_all_hosts_group ||
264 			    igmp->igmp_group.s_addr != 0) {
265 				++igmpstat.igps_rcv_badqueries;
266 				m_freem(m);
267 				return;
268 			}
269 		} else {
270 			/*
271 			 * New router.  Simply do the new validity check.
272 			 */
273 
274 			if (igmp->igmp_group.s_addr != 0 &&
275 			    !IN_MULTICAST(ntohl(igmp->igmp_group.s_addr))) {
276 				++igmpstat.igps_rcv_badqueries;
277 				m_freem(m);
278 				return;
279 			}
280 		}
281 
282 		/*
283 		 * - Start the timers in all of our membership records that
284 		 *   the query applies to for the interface on which the
285 		 *   query arrived excl. those that belong to the "all-hosts"
286 		 *   group (224.0.0.1).
287 		 * - Restart any timer that is already running but has a
288 		 *   value longer than the requested timeout.
289 		 * - Use the value specified in the query message as the
290 		 *   maximum timeout.
291 		 */
292 		IN_MULTI_LOCK();
293 		IN_FIRST_MULTI(step, inm);
294 		while (inm != NULL) {
295 			if (inm->inm_ifp == ifp &&
296 			    inm->inm_addr.s_addr != igmp_all_hosts_group &&
297 			    (igmp->igmp_group.s_addr == 0 ||
298 			     igmp->igmp_group.s_addr == inm->inm_addr.s_addr)) {
299 				if (inm->inm_timer == 0 ||
300 				    inm->inm_timer > timer) {
301 					inm->inm_timer =
302 						IGMP_RANDOM_DELAY(timer);
303 					igmp_timers_are_running = 1;
304 				}
305 			}
306 			IN_NEXT_MULTI(step, inm);
307 		}
308 		IN_MULTI_UNLOCK();
309 		break;
310 
311 	case IGMP_V1_MEMBERSHIP_REPORT:
312 	case IGMP_V2_MEMBERSHIP_REPORT:
313 		/*
314 		 * For fast leave to work, we have to know that we are the
315 		 * last person to send a report for this group.  Reports can
316 		 * potentially get looped back if we are a multicast router,
317 		 * so discard reports sourced by me.
318 		 */
319 		IFP_TO_IA(ifp, ia);
320 		if (ia != NULL &&
321 		    ip->ip_src.s_addr == IA_SIN(ia)->sin_addr.s_addr)
322 			break;
323 
324 		++igmpstat.igps_rcv_reports;
325 
326 		if (ifp->if_flags & IFF_LOOPBACK)
327 			break;
328 
329 		if (!IN_MULTICAST(ntohl(igmp->igmp_group.s_addr))) {
330 			++igmpstat.igps_rcv_badreports;
331 			m_freem(m);
332 			return;
333 		}
334 
335 		/*
336 		 * KLUDGE: if the IP source address of the report has an
337 		 * unspecified (i.e., zero) subnet number, as is allowed for
338 		 * a booting host, replace it with the correct subnet number
339 		 * so that a process-level multicast routing daemon can
340 		 * determine which subnet it arrived from.  This is necessary
341 		 * to compensate for the lack of any way for a process to
342 		 * determine the arrival interface of an incoming packet.
343 		 */
344 		if ((ntohl(ip->ip_src.s_addr) & IN_CLASSA_NET) == 0) {
345 			if (ia != NULL)
346 				ip->ip_src.s_addr = htonl(ia->ia_subnet);
347 		}
348 
349 		/*
350 		 * If we belong to the group being reported, stop our timer
351 		 * for that group.
352 		 */
353 		IN_MULTI_LOCK();
354 		IN_LOOKUP_MULTI(igmp->igmp_group, ifp, inm);
355 		if (inm != NULL) {
356 			inm->inm_timer = 0;
357 			++igmpstat.igps_rcv_ourreports;
358 			inm->inm_state = IGMP_OTHERMEMBER;
359 		}
360 		IN_MULTI_UNLOCK();
361 		break;
362 	}
363 
364 	/*
365 	 * Pass all valid IGMP packets up to any process(es) listening on a
366 	 * raw IGMP socket.
367 	 */
368 	rip_input(m, off);
369 }
370 
371 void
372 igmp_joingroup(struct in_multi *inm)
373 {
374 
375 	IN_MULTI_LOCK_ASSERT();
376 
377 	if (inm->inm_addr.s_addr == igmp_all_hosts_group
378 	    || inm->inm_ifp->if_flags & IFF_LOOPBACK) {
379 		inm->inm_timer = 0;
380 		inm->inm_state = IGMP_OTHERMEMBER;
381 	} else {
382 		mtx_lock(&igmp_mtx);
383 		inm->inm_rti = find_rti(inm->inm_ifp);
384 		mtx_unlock(&igmp_mtx);
385 		if (inm->inm_rti != NULL) {
386 			igmp_sendpkt(inm, inm->inm_rti->rti_type, 0);
387 			inm->inm_timer = IGMP_RANDOM_DELAY(
388 					IGMP_MAX_HOST_REPORT_DELAY*PR_FASTHZ);
389 			inm->inm_state = IGMP_IREPORTEDLAST;
390 			igmp_timers_are_running = 1;
391 		}
392 		/* XXX handling of failure case? */
393 	}
394 }
395 
396 void
397 igmp_leavegroup(struct in_multi *inm)
398 {
399 
400 	IN_MULTI_LOCK_ASSERT();
401 
402 	if (inm->inm_state == IGMP_IREPORTEDLAST &&
403 	    inm->inm_addr.s_addr != igmp_all_hosts_group &&
404 	    !(inm->inm_ifp->if_flags & IFF_LOOPBACK) &&
405 	    inm->inm_rti->rti_type != IGMP_V1_ROUTER)
406 		igmp_sendpkt(inm, IGMP_V2_LEAVE_GROUP, igmp_all_rtrs_group);
407 }
408 
409 void
410 igmp_fasttimo(void)
411 {
412 	register struct in_multi *inm;
413 	struct in_multistep step;
414 
415 	/*
416 	 * Quick check to see if any work needs to be done, in order to
417 	 * minimize the overhead of fasttimo processing.
418 	 */
419 
420 	if (!igmp_timers_are_running)
421 		return;
422 
423 	IN_MULTI_LOCK();
424 	igmp_timers_are_running = 0;
425 	IN_FIRST_MULTI(step, inm);
426 	while (inm != NULL) {
427 		if (inm->inm_timer == 0) {
428 			/* do nothing */
429 		} else if (--inm->inm_timer == 0) {
430 			igmp_sendpkt(inm, inm->inm_rti->rti_type, 0);
431 			inm->inm_state = IGMP_IREPORTEDLAST;
432 		} else {
433 			igmp_timers_are_running = 1;
434 		}
435 		IN_NEXT_MULTI(step, inm);
436 	}
437 	IN_MULTI_UNLOCK();
438 }
439 
440 void
441 igmp_slowtimo(void)
442 {
443 	struct router_info *rti;
444 
445 	IGMP_PRINTF("[igmp.c,_slowtimo] -- > entering \n");
446 	mtx_lock(&igmp_mtx);
447 	SLIST_FOREACH(rti, &router_info_head, rti_list) {
448 		if (rti->rti_type == IGMP_V1_ROUTER) {
449 			rti->rti_time++;
450 			if (rti->rti_time >= IGMP_AGE_THRESHOLD)
451 				rti->rti_type = IGMP_V2_ROUTER;
452 		}
453 	}
454 	mtx_unlock(&igmp_mtx);
455 	IGMP_PRINTF("[igmp.c,_slowtimo] -- > exiting \n");
456 }
457 
458 static void
459 igmp_sendpkt(struct in_multi *inm, int type, unsigned long addr)
460 {
461 	struct mbuf *m;
462 	struct igmp *igmp;
463 	struct ip *ip;
464 	struct ip_moptions imo;
465 
466 	IN_MULTI_LOCK_ASSERT();
467 
468 	MGETHDR(m, M_DONTWAIT, MT_DATA);
469 	if (m == NULL)
470 		return;
471 
472 	m->m_pkthdr.rcvif = loif;
473 #ifdef MAC
474 	mac_netinet_igmp_send(inm->inm_ifp, m);
475 #endif
476 	m->m_pkthdr.len = sizeof(struct ip) + IGMP_MINLEN;
477 	MH_ALIGN(m, IGMP_MINLEN + sizeof(struct ip));
478 	m->m_data += sizeof(struct ip);
479 	m->m_len = IGMP_MINLEN;
480 	igmp = mtod(m, struct igmp *);
481 	igmp->igmp_type = type;
482 	igmp->igmp_code = 0;
483 	igmp->igmp_group = inm->inm_addr;
484 	igmp->igmp_cksum = 0;
485 	igmp->igmp_cksum = in_cksum(m, IGMP_MINLEN);
486 
487 	m->m_data -= sizeof(struct ip);
488 	m->m_len += sizeof(struct ip);
489 	ip = mtod(m, struct ip *);
490 	ip->ip_tos = 0;
491 	ip->ip_len = sizeof(struct ip) + IGMP_MINLEN;
492 	ip->ip_off = 0;
493 	ip->ip_p = IPPROTO_IGMP;
494 	ip->ip_src.s_addr = INADDR_ANY;
495 	ip->ip_dst.s_addr = addr ? addr : igmp->igmp_group.s_addr;
496 
497 	imo.imo_multicast_ifp  = inm->inm_ifp;
498 	imo.imo_multicast_ttl  = 1;
499 	imo.imo_multicast_vif  = -1;
500 	/*
501 	 * Request loopback of the report if we are acting as a multicast
502 	 * router, so that the process-level routing daemon can hear it.
503 	 */
504 	imo.imo_multicast_loop = (ip_mrouter != NULL);
505 
506 	/*
507 	 * XXX: Do we have to worry about reentrancy here?  Don't think so.
508 	 */
509 	ip_output(m, router_alert, &igmprt, 0, &imo, NULL);
510 
511 	++igmpstat.igps_snd_reports;
512 }
513