1 /*- 2 * Copyright (c) 1988 Stephen Deering. 3 * Copyright (c) 1992, 1993 4 * The Regents of the University of California. All rights reserved. 5 * 6 * This code is derived from software contributed to Berkeley by 7 * Stephen Deering of Stanford University. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)igmp.c 8.1 (Berkeley) 7/19/93 34 */ 35 36 /* 37 * Internet Group Management Protocol (IGMP) routines. 38 * 39 * Written by Steve Deering, Stanford, May 1988. 40 * Modified by Rosen Sharma, Stanford, Aug 1994. 41 * Modified by Bill Fenner, Xerox PARC, Feb 1995. 42 * Modified to fully comply to IGMPv2 by Bill Fenner, Oct 1995. 43 * 44 * MULTICAST Revision: 3.5.1.4 45 */ 46 47 #include <sys/cdefs.h> 48 __FBSDID("$FreeBSD$"); 49 50 #include "opt_mac.h" 51 52 #include <sys/param.h> 53 #include <sys/systm.h> 54 #include <sys/malloc.h> 55 #include <sys/mbuf.h> 56 #include <sys/socket.h> 57 #include <sys/protosw.h> 58 #include <sys/kernel.h> 59 #include <sys/sysctl.h> 60 #include <sys/vimage.h> 61 62 #include <net/if.h> 63 #include <net/route.h> 64 #include <net/vnet.h> 65 66 #include <netinet/in.h> 67 #include <netinet/in_var.h> 68 #include <netinet/in_systm.h> 69 #include <netinet/ip.h> 70 #include <netinet/ip_var.h> 71 #include <netinet/ip_options.h> 72 #include <netinet/igmp.h> 73 #include <netinet/igmp_var.h> 74 #include <netinet/vinet.h> 75 76 #include <machine/in_cksum.h> 77 78 #include <security/mac/mac_framework.h> 79 80 static MALLOC_DEFINE(M_IGMP, "igmp", "igmp state"); 81 82 static struct router_info *find_rti(struct ifnet *ifp); 83 static void igmp_sendpkt(struct in_multi *, int, unsigned long); 84 85 #ifdef VIMAGE_GLOBALS 86 static struct igmpstat igmpstat; 87 #endif 88 89 SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_igmp, IGMPCTL_STATS, 90 stats, CTLFLAG_RW, igmpstat, igmpstat, ""); 91 92 /* 93 * igmp_mtx protects all mutable global variables in igmp.c, as well as the 94 * data fields in struct router_info. In general, a router_info structure 95 * will be valid as long as the referencing struct in_multi is valid, so no 96 * reference counting is used. We allow unlocked reads of router_info data 97 * when accessed via an in_multi read-only. 98 */ 99 #ifdef VIMAGE_GLOBALS 100 static SLIST_HEAD(, router_info) router_info_head; 101 #endif 102 static struct mtx igmp_mtx; 103 static int igmp_timers_are_running; 104 105 /* 106 * XXXRW: can we define these such that these can be made const? In any 107 * case, these shouldn't be changed after igmp_init() and therefore don't 108 * need locking. 109 */ 110 static u_long igmp_all_hosts_group; 111 static u_long igmp_all_rtrs_group; 112 113 static struct mbuf *router_alert; 114 static struct route igmprt; 115 116 #ifdef IGMP_DEBUG 117 #define IGMP_PRINTF(x) printf(x) 118 #else 119 #define IGMP_PRINTF(x) 120 #endif 121 122 void 123 igmp_init(void) 124 { 125 INIT_VNET_INET(curvnet); 126 struct ipoption *ra; 127 128 /* 129 * To avoid byte-swapping the same value over and over again. 130 */ 131 igmp_all_hosts_group = htonl(INADDR_ALLHOSTS_GROUP); 132 igmp_all_rtrs_group = htonl(INADDR_ALLRTRS_GROUP); 133 134 igmp_timers_are_running = 0; 135 136 /* 137 * Construct a Router Alert option to use in outgoing packets. 138 */ 139 MGET(router_alert, M_DONTWAIT, MT_DATA); 140 ra = mtod(router_alert, struct ipoption *); 141 ra->ipopt_dst.s_addr = 0; 142 ra->ipopt_list[0] = IPOPT_RA; /* Router Alert Option */ 143 ra->ipopt_list[1] = 0x04; /* 4 bytes long */ 144 ra->ipopt_list[2] = 0x00; 145 ra->ipopt_list[3] = 0x00; 146 router_alert->m_len = sizeof(ra->ipopt_dst) + ra->ipopt_list[1]; 147 148 mtx_init(&igmp_mtx, "igmp_mtx", NULL, MTX_DEF); 149 SLIST_INIT(&V_router_info_head); 150 } 151 152 static struct router_info * 153 find_rti(struct ifnet *ifp) 154 { 155 INIT_VNET_INET(ifp->if_vnet); 156 struct router_info *rti; 157 158 mtx_assert(&igmp_mtx, MA_OWNED); 159 IGMP_PRINTF("[igmp.c, _find_rti] --> entering \n"); 160 SLIST_FOREACH(rti, &V_router_info_head, rti_list) { 161 if (rti->rti_ifp == ifp) { 162 IGMP_PRINTF( 163 "[igmp.c, _find_rti] --> found old entry \n"); 164 return (rti); 165 } 166 } 167 rti = malloc(sizeof *rti, M_IGMP, M_NOWAIT); 168 if (rti == NULL) { 169 IGMP_PRINTF("[igmp.c, _find_rti] --> no memory for entry\n"); 170 return (NULL); 171 } 172 rti->rti_ifp = ifp; 173 rti->rti_type = IGMP_V2_ROUTER; 174 rti->rti_time = 0; 175 SLIST_INSERT_HEAD(&V_router_info_head, rti, rti_list); 176 IGMP_PRINTF("[igmp.c, _find_rti] --> created an entry \n"); 177 return (rti); 178 } 179 180 void 181 igmp_input(register struct mbuf *m, int off) 182 { 183 register int iphlen = off; 184 register struct igmp *igmp; 185 register struct ip *ip; 186 register int igmplen; 187 register struct ifnet *ifp = m->m_pkthdr.rcvif; 188 register int minlen; 189 register struct in_multi *inm; 190 register struct in_ifaddr *ia; 191 struct in_multistep step; 192 struct router_info *rti; 193 int timer; /** timer value in the igmp query header **/ 194 INIT_VNET_INET(ifp->if_vnet); 195 196 ++V_igmpstat.igps_rcv_total; 197 198 ip = mtod(m, struct ip *); 199 igmplen = ip->ip_len; 200 201 /* 202 * Validate lengths. 203 */ 204 if (igmplen < IGMP_MINLEN) { 205 ++V_igmpstat.igps_rcv_tooshort; 206 m_freem(m); 207 return; 208 } 209 minlen = iphlen + IGMP_MINLEN; 210 if ((m->m_flags & M_EXT || m->m_len < minlen) && 211 (m = m_pullup(m, minlen)) == 0) { 212 ++V_igmpstat.igps_rcv_tooshort; 213 return; 214 } 215 216 /* 217 * Validate checksum. 218 */ 219 m->m_data += iphlen; 220 m->m_len -= iphlen; 221 igmp = mtod(m, struct igmp *); 222 if (in_cksum(m, igmplen)) { 223 ++V_igmpstat.igps_rcv_badsum; 224 m_freem(m); 225 return; 226 } 227 m->m_data -= iphlen; 228 m->m_len += iphlen; 229 230 ip = mtod(m, struct ip *); 231 timer = igmp->igmp_code * PR_FASTHZ / IGMP_TIMER_SCALE; 232 if (timer == 0) 233 timer = 1; 234 235 /* 236 * In the IGMPv2 specification, there are 3 states and a flag. 237 * 238 * In Non-Member state, we simply don't have a membership record. 239 * In Delaying Member state, our timer is running (inm->inm_timer). 240 * In Idle Member state, our timer is not running (inm->inm_timer==0). 241 * 242 * The flag is inm->inm_state, it is set to IGMP_OTHERMEMBER if we 243 * have heard a report from another member, or IGMP_IREPORTEDLAST if 244 * I sent the last report. 245 */ 246 switch (igmp->igmp_type) { 247 case IGMP_MEMBERSHIP_QUERY: 248 ++V_igmpstat.igps_rcv_queries; 249 250 if (ifp->if_flags & IFF_LOOPBACK) 251 break; 252 253 if (igmp->igmp_code == 0) { 254 /* 255 * Old router. Remember that the querier on this 256 * interface is old, and set the timer to the value 257 * in RFC 1112. 258 */ 259 260 mtx_lock(&igmp_mtx); 261 rti = find_rti(ifp); 262 if (rti == NULL) { 263 mtx_unlock(&igmp_mtx); 264 m_freem(m); 265 return; 266 } 267 rti->rti_type = IGMP_V1_ROUTER; 268 rti->rti_time = 0; 269 mtx_unlock(&igmp_mtx); 270 271 timer = IGMP_MAX_HOST_REPORT_DELAY * PR_FASTHZ; 272 273 if (ip->ip_dst.s_addr != igmp_all_hosts_group || 274 igmp->igmp_group.s_addr != 0) { 275 ++V_igmpstat.igps_rcv_badqueries; 276 m_freem(m); 277 return; 278 } 279 } else { 280 /* 281 * New router. Simply do the new validity check. 282 */ 283 284 if (igmp->igmp_group.s_addr != 0 && 285 !IN_MULTICAST(ntohl(igmp->igmp_group.s_addr))) { 286 ++V_igmpstat.igps_rcv_badqueries; 287 m_freem(m); 288 return; 289 } 290 } 291 292 /* 293 * - Start the timers in all of our membership records that 294 * the query applies to for the interface on which the 295 * query arrived excl. those that belong to the "all-hosts" 296 * group (224.0.0.1). 297 * - Restart any timer that is already running but has a 298 * value longer than the requested timeout. 299 * - Use the value specified in the query message as the 300 * maximum timeout. 301 */ 302 IN_MULTI_LOCK(); 303 IN_FIRST_MULTI(step, inm); 304 while (inm != NULL) { 305 if (inm->inm_ifp == ifp && 306 inm->inm_addr.s_addr != igmp_all_hosts_group && 307 (igmp->igmp_group.s_addr == 0 || 308 igmp->igmp_group.s_addr == inm->inm_addr.s_addr)) { 309 if (inm->inm_timer == 0 || 310 inm->inm_timer > timer) { 311 inm->inm_timer = 312 IGMP_RANDOM_DELAY(timer); 313 igmp_timers_are_running = 1; 314 } 315 } 316 IN_NEXT_MULTI(step, inm); 317 } 318 IN_MULTI_UNLOCK(); 319 break; 320 321 case IGMP_V1_MEMBERSHIP_REPORT: 322 case IGMP_V2_MEMBERSHIP_REPORT: 323 /* 324 * For fast leave to work, we have to know that we are the 325 * last person to send a report for this group. Reports can 326 * potentially get looped back if we are a multicast router, 327 * so discard reports sourced by me. 328 */ 329 IFP_TO_IA(ifp, ia); 330 if (ia != NULL && 331 ip->ip_src.s_addr == IA_SIN(ia)->sin_addr.s_addr) 332 break; 333 334 ++V_igmpstat.igps_rcv_reports; 335 336 if (ifp->if_flags & IFF_LOOPBACK) 337 break; 338 339 if (!IN_MULTICAST(ntohl(igmp->igmp_group.s_addr))) { 340 ++V_igmpstat.igps_rcv_badreports; 341 m_freem(m); 342 return; 343 } 344 345 /* 346 * KLUDGE: if the IP source address of the report has an 347 * unspecified (i.e., zero) subnet number, as is allowed for 348 * a booting host, replace it with the correct subnet number 349 * so that a process-level multicast routing daemon can 350 * determine which subnet it arrived from. This is necessary 351 * to compensate for the lack of any way for a process to 352 * determine the arrival interface of an incoming packet. 353 */ 354 if ((ntohl(ip->ip_src.s_addr) & IN_CLASSA_NET) == 0) { 355 if (ia != NULL) 356 ip->ip_src.s_addr = htonl(ia->ia_subnet); 357 } 358 359 /* 360 * If we belong to the group being reported, stop our timer 361 * for that group. 362 */ 363 IN_MULTI_LOCK(); 364 IN_LOOKUP_MULTI(igmp->igmp_group, ifp, inm); 365 if (inm != NULL) { 366 inm->inm_timer = 0; 367 ++V_igmpstat.igps_rcv_ourreports; 368 inm->inm_state = IGMP_OTHERMEMBER; 369 } 370 IN_MULTI_UNLOCK(); 371 break; 372 } 373 374 /* 375 * Pass all valid IGMP packets up to any process(es) listening on a 376 * raw IGMP socket. 377 */ 378 rip_input(m, off); 379 } 380 381 void 382 igmp_joingroup(struct in_multi *inm) 383 { 384 385 IN_MULTI_LOCK_ASSERT(); 386 387 if (inm->inm_addr.s_addr == igmp_all_hosts_group 388 || inm->inm_ifp->if_flags & IFF_LOOPBACK) { 389 inm->inm_timer = 0; 390 inm->inm_state = IGMP_OTHERMEMBER; 391 } else { 392 mtx_lock(&igmp_mtx); 393 inm->inm_rti = find_rti(inm->inm_ifp); 394 mtx_unlock(&igmp_mtx); 395 if (inm->inm_rti != NULL) { 396 igmp_sendpkt(inm, inm->inm_rti->rti_type, 0); 397 inm->inm_timer = IGMP_RANDOM_DELAY( 398 IGMP_MAX_HOST_REPORT_DELAY*PR_FASTHZ); 399 inm->inm_state = IGMP_IREPORTEDLAST; 400 igmp_timers_are_running = 1; 401 } 402 /* XXX handling of failure case? */ 403 } 404 } 405 406 void 407 igmp_leavegroup(struct in_multi *inm) 408 { 409 410 IN_MULTI_LOCK_ASSERT(); 411 412 if (inm->inm_state == IGMP_IREPORTEDLAST && 413 inm->inm_addr.s_addr != igmp_all_hosts_group && 414 !(inm->inm_ifp->if_flags & IFF_LOOPBACK) && 415 inm->inm_rti->rti_type != IGMP_V1_ROUTER) 416 igmp_sendpkt(inm, IGMP_V2_LEAVE_GROUP, igmp_all_rtrs_group); 417 } 418 419 void 420 igmp_fasttimo(void) 421 { 422 VNET_ITERATOR_DECL(vnet_iter); 423 register struct in_multi *inm; 424 struct in_multistep step; 425 426 /* 427 * Quick check to see if any work needs to be done, in order to 428 * minimize the overhead of fasttimo processing. 429 */ 430 431 if (!igmp_timers_are_running) 432 return; 433 434 IN_MULTI_LOCK(); 435 igmp_timers_are_running = 0; 436 VNET_LIST_RLOCK(); 437 VNET_FOREACH(vnet_iter) { 438 CURVNET_SET(vnet_iter); 439 INIT_VNET_INET(vnet_iter); 440 IN_FIRST_MULTI(step, inm); 441 while (inm != NULL) { 442 if (inm->inm_timer == 0) { 443 /* do nothing */ 444 } else if (--inm->inm_timer == 0) { 445 igmp_sendpkt(inm, inm->inm_rti->rti_type, 0); 446 inm->inm_state = IGMP_IREPORTEDLAST; 447 } else { 448 igmp_timers_are_running = 1; 449 } 450 IN_NEXT_MULTI(step, inm); 451 } 452 CURVNET_RESTORE(); 453 } 454 VNET_LIST_RUNLOCK(); 455 IN_MULTI_UNLOCK(); 456 } 457 458 void 459 igmp_slowtimo(void) 460 { 461 VNET_ITERATOR_DECL(vnet_iter); 462 struct router_info *rti; 463 464 IGMP_PRINTF("[igmp.c,_slowtimo] -- > entering \n"); 465 mtx_lock(&igmp_mtx); 466 VNET_LIST_RLOCK(); 467 VNET_FOREACH(vnet_iter) { 468 CURVNET_SET(vnet_iter); 469 INIT_VNET_INET(vnet_iter); 470 SLIST_FOREACH(rti, &V_router_info_head, rti_list) { 471 if (rti->rti_type == IGMP_V1_ROUTER) { 472 rti->rti_time++; 473 if (rti->rti_time >= IGMP_AGE_THRESHOLD) 474 rti->rti_type = IGMP_V2_ROUTER; 475 } 476 } 477 CURVNET_RESTORE(); 478 } 479 VNET_LIST_RUNLOCK(); 480 mtx_unlock(&igmp_mtx); 481 IGMP_PRINTF("[igmp.c,_slowtimo] -- > exiting \n"); 482 } 483 484 static void 485 igmp_sendpkt(struct in_multi *inm, int type, unsigned long addr) 486 { 487 INIT_VNET_NET(curvnet); 488 INIT_VNET_INET(curvnet); 489 struct mbuf *m; 490 struct igmp *igmp; 491 struct ip *ip; 492 struct ip_moptions imo; 493 494 IN_MULTI_LOCK_ASSERT(); 495 496 MGETHDR(m, M_DONTWAIT, MT_DATA); 497 if (m == NULL) 498 return; 499 500 m->m_pkthdr.rcvif = V_loif; 501 #ifdef MAC 502 mac_netinet_igmp_send(inm->inm_ifp, m); 503 #endif 504 m->m_pkthdr.len = sizeof(struct ip) + IGMP_MINLEN; 505 MH_ALIGN(m, IGMP_MINLEN + sizeof(struct ip)); 506 m->m_data += sizeof(struct ip); 507 m->m_len = IGMP_MINLEN; 508 igmp = mtod(m, struct igmp *); 509 igmp->igmp_type = type; 510 igmp->igmp_code = 0; 511 igmp->igmp_group = inm->inm_addr; 512 igmp->igmp_cksum = 0; 513 igmp->igmp_cksum = in_cksum(m, IGMP_MINLEN); 514 515 m->m_data -= sizeof(struct ip); 516 m->m_len += sizeof(struct ip); 517 ip = mtod(m, struct ip *); 518 ip->ip_tos = 0; 519 ip->ip_len = sizeof(struct ip) + IGMP_MINLEN; 520 ip->ip_off = 0; 521 ip->ip_p = IPPROTO_IGMP; 522 ip->ip_src.s_addr = INADDR_ANY; 523 ip->ip_dst.s_addr = addr ? addr : igmp->igmp_group.s_addr; 524 525 imo.imo_multicast_ifp = inm->inm_ifp; 526 imo.imo_multicast_ttl = 1; 527 imo.imo_multicast_vif = -1; 528 /* 529 * Request loopback of the report if we are acting as a multicast 530 * router, so that the process-level routing daemon can hear it. 531 */ 532 imo.imo_multicast_loop = (V_ip_mrouter != NULL); 533 534 /* 535 * XXX: Do we have to worry about reentrancy here? Don't think so. 536 */ 537 ip_output(m, router_alert, &igmprt, 0, &imo, NULL); 538 539 ++V_igmpstat.igps_snd_reports; 540 } 541