1 /*- 2 * Copyright (c) 1988 Stephen Deering. 3 * Copyright (c) 1992, 1993 4 * The Regents of the University of California. All rights reserved. 5 * 6 * This code is derived from software contributed to Berkeley by 7 * Stephen Deering of Stanford University. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)igmp.c 8.1 (Berkeley) 7/19/93 34 * $FreeBSD$ 35 */ 36 37 /* 38 * Internet Group Management Protocol (IGMP) routines. 39 * 40 * Written by Steve Deering, Stanford, May 1988. 41 * Modified by Rosen Sharma, Stanford, Aug 1994. 42 * Modified by Bill Fenner, Xerox PARC, Feb 1995. 43 * Modified to fully comply to IGMPv2 by Bill Fenner, Oct 1995. 44 * 45 * MULTICAST Revision: 3.5.1.4 46 */ 47 48 #include "opt_mac.h" 49 50 #include <sys/param.h> 51 #include <sys/systm.h> 52 #include <sys/malloc.h> 53 #include <sys/mbuf.h> 54 #include <sys/socket.h> 55 #include <sys/protosw.h> 56 #include <sys/kernel.h> 57 #include <sys/sysctl.h> 58 59 #include <net/if.h> 60 #include <net/route.h> 61 62 #include <netinet/in.h> 63 #include <netinet/in_var.h> 64 #include <netinet/in_systm.h> 65 #include <netinet/ip.h> 66 #include <netinet/ip_var.h> 67 #include <netinet/ip_options.h> 68 #include <netinet/igmp.h> 69 #include <netinet/igmp_var.h> 70 71 #include <machine/in_cksum.h> 72 73 #include <security/mac/mac_framework.h> 74 75 static MALLOC_DEFINE(M_IGMP, "igmp", "igmp state"); 76 77 static struct router_info *find_rti(struct ifnet *ifp); 78 static void igmp_sendpkt(struct in_multi *, int, unsigned long); 79 80 static struct igmpstat igmpstat; 81 82 SYSCTL_STRUCT(_net_inet_igmp, IGMPCTL_STATS, stats, CTLFLAG_RW, &igmpstat, 83 igmpstat, ""); 84 85 /* 86 * igmp_mtx protects all mutable global variables in igmp.c, as well as 87 * the data fields in struct router_info. In general, a router_info 88 * structure will be valid as long as the referencing struct in_multi is 89 * valid, so no reference counting is used. We allow unlocked reads of 90 * router_info data when accessed via an in_multi read-only. 91 */ 92 static struct mtx igmp_mtx; 93 static SLIST_HEAD(, router_info) router_info_head; 94 static int igmp_timers_are_running; 95 96 /* 97 * XXXRW: can we define these such that these can be made const? In any 98 * case, these shouldn't be changed after igmp_init() and therefore don't 99 * need locking. 100 */ 101 static u_long igmp_all_hosts_group; 102 static u_long igmp_all_rtrs_group; 103 104 static struct mbuf *router_alert; 105 static struct route igmprt; 106 107 #ifdef IGMP_DEBUG 108 #define IGMP_PRINTF(x) printf(x) 109 #else 110 #define IGMP_PRINTF(x) 111 #endif 112 113 void 114 igmp_init(void) 115 { 116 struct ipoption *ra; 117 118 /* 119 * To avoid byte-swapping the same value over and over again. 120 */ 121 igmp_all_hosts_group = htonl(INADDR_ALLHOSTS_GROUP); 122 igmp_all_rtrs_group = htonl(INADDR_ALLRTRS_GROUP); 123 124 igmp_timers_are_running = 0; 125 126 /* 127 * Construct a Router Alert option to use in outgoing packets 128 */ 129 MGET(router_alert, M_DONTWAIT, MT_DATA); 130 ra = mtod(router_alert, struct ipoption *); 131 ra->ipopt_dst.s_addr = 0; 132 ra->ipopt_list[0] = IPOPT_RA; /* Router Alert Option */ 133 ra->ipopt_list[1] = 0x04; /* 4 bytes long */ 134 ra->ipopt_list[2] = 0x00; 135 ra->ipopt_list[3] = 0x00; 136 router_alert->m_len = sizeof(ra->ipopt_dst) + ra->ipopt_list[1]; 137 138 mtx_init(&igmp_mtx, "igmp_mtx", NULL, MTX_DEF); 139 SLIST_INIT(&router_info_head); 140 } 141 142 static struct router_info * 143 find_rti(struct ifnet *ifp) 144 { 145 struct router_info *rti; 146 147 mtx_assert(&igmp_mtx, MA_OWNED); 148 IGMP_PRINTF("[igmp.c, _find_rti] --> entering \n"); 149 SLIST_FOREACH(rti, &router_info_head, rti_list) { 150 if (rti->rti_ifp == ifp) { 151 IGMP_PRINTF( 152 "[igmp.c, _find_rti] --> found old entry \n"); 153 return rti; 154 } 155 } 156 MALLOC(rti, struct router_info *, sizeof *rti, M_IGMP, M_NOWAIT); 157 if (rti == NULL) { 158 IGMP_PRINTF( "[igmp.c, _find_rti] --> no memory for entry\n"); 159 return NULL; 160 } 161 rti->rti_ifp = ifp; 162 rti->rti_type = IGMP_V2_ROUTER; 163 rti->rti_time = 0; 164 SLIST_INSERT_HEAD(&router_info_head, rti, rti_list); 165 166 IGMP_PRINTF("[igmp.c, _find_rti] --> created an entry \n"); 167 return rti; 168 } 169 170 void 171 igmp_input(register struct mbuf *m, int off) 172 { 173 register int iphlen = off; 174 register struct igmp *igmp; 175 register struct ip *ip; 176 register int igmplen; 177 register struct ifnet *ifp = m->m_pkthdr.rcvif; 178 register int minlen; 179 register struct in_multi *inm; 180 register struct in_ifaddr *ia; 181 struct in_multistep step; 182 struct router_info *rti; 183 int timer; /** timer value in the igmp query header **/ 184 185 ++igmpstat.igps_rcv_total; 186 187 ip = mtod(m, struct ip *); 188 igmplen = ip->ip_len; 189 190 /* 191 * Validate lengths 192 */ 193 if (igmplen < IGMP_MINLEN) { 194 ++igmpstat.igps_rcv_tooshort; 195 m_freem(m); 196 return; 197 } 198 minlen = iphlen + IGMP_MINLEN; 199 if ((m->m_flags & M_EXT || m->m_len < minlen) && 200 (m = m_pullup(m, minlen)) == 0) { 201 ++igmpstat.igps_rcv_tooshort; 202 return; 203 } 204 205 /* 206 * Validate checksum 207 */ 208 m->m_data += iphlen; 209 m->m_len -= iphlen; 210 igmp = mtod(m, struct igmp *); 211 if (in_cksum(m, igmplen)) { 212 ++igmpstat.igps_rcv_badsum; 213 m_freem(m); 214 return; 215 } 216 m->m_data -= iphlen; 217 m->m_len += iphlen; 218 219 ip = mtod(m, struct ip *); 220 timer = igmp->igmp_code * PR_FASTHZ / IGMP_TIMER_SCALE; 221 if (timer == 0) 222 timer = 1; 223 224 /* 225 * In the IGMPv2 specification, there are 3 states and a flag. 226 * 227 * In Non-Member state, we simply don't have a membership record. 228 * In Delaying Member state, our timer is running (inm->inm_timer) 229 * In Idle Member state, our timer is not running (inm->inm_timer==0) 230 * 231 * The flag is inm->inm_state, it is set to IGMP_OTHERMEMBER if 232 * we have heard a report from another member, or IGMP_IREPORTEDLAST 233 * if I sent the last report. 234 */ 235 switch (igmp->igmp_type) { 236 case IGMP_MEMBERSHIP_QUERY: 237 ++igmpstat.igps_rcv_queries; 238 239 if (ifp->if_flags & IFF_LOOPBACK) 240 break; 241 242 if (igmp->igmp_code == 0) { 243 /* 244 * Old router. Remember that the querier on this 245 * interface is old, and set the timer to the 246 * value in RFC 1112. 247 */ 248 249 mtx_lock(&igmp_mtx); 250 rti = find_rti(ifp); 251 if (rti == NULL) { 252 mtx_unlock(&igmp_mtx); 253 m_freem(m); 254 return; 255 } 256 rti->rti_type = IGMP_V1_ROUTER; 257 rti->rti_time = 0; 258 mtx_unlock(&igmp_mtx); 259 260 timer = IGMP_MAX_HOST_REPORT_DELAY * PR_FASTHZ; 261 262 if (ip->ip_dst.s_addr != igmp_all_hosts_group || 263 igmp->igmp_group.s_addr != 0) { 264 ++igmpstat.igps_rcv_badqueries; 265 m_freem(m); 266 return; 267 } 268 } else { 269 /* 270 * New router. Simply do the new validity check. 271 */ 272 273 if (igmp->igmp_group.s_addr != 0 && 274 !IN_MULTICAST(ntohl(igmp->igmp_group.s_addr))) { 275 ++igmpstat.igps_rcv_badqueries; 276 m_freem(m); 277 return; 278 } 279 } 280 281 /* 282 * - Start the timers in all of our membership records 283 * that the query applies to for the interface on 284 * which the query arrived excl. those that belong 285 * to the "all-hosts" group (224.0.0.1). 286 * - Restart any timer that is already running but has 287 * a value longer than the requested timeout. 288 * - Use the value specified in the query message as 289 * the maximum timeout. 290 */ 291 IN_MULTI_LOCK(); 292 IN_FIRST_MULTI(step, inm); 293 while (inm != NULL) { 294 if (inm->inm_ifp == ifp && 295 inm->inm_addr.s_addr != igmp_all_hosts_group && 296 (igmp->igmp_group.s_addr == 0 || 297 igmp->igmp_group.s_addr == inm->inm_addr.s_addr)) { 298 if (inm->inm_timer == 0 || 299 inm->inm_timer > timer) { 300 inm->inm_timer = 301 IGMP_RANDOM_DELAY(timer); 302 igmp_timers_are_running = 1; 303 } 304 } 305 IN_NEXT_MULTI(step, inm); 306 } 307 IN_MULTI_UNLOCK(); 308 309 break; 310 311 case IGMP_V1_MEMBERSHIP_REPORT: 312 case IGMP_V2_MEMBERSHIP_REPORT: 313 /* 314 * For fast leave to work, we have to know that we are the 315 * last person to send a report for this group. Reports 316 * can potentially get looped back if we are a multicast 317 * router, so discard reports sourced by me. 318 */ 319 IFP_TO_IA(ifp, ia); 320 if (ia && ip->ip_src.s_addr == IA_SIN(ia)->sin_addr.s_addr) 321 break; 322 323 ++igmpstat.igps_rcv_reports; 324 325 if (ifp->if_flags & IFF_LOOPBACK) 326 break; 327 328 if (!IN_MULTICAST(ntohl(igmp->igmp_group.s_addr))) { 329 ++igmpstat.igps_rcv_badreports; 330 m_freem(m); 331 return; 332 } 333 334 /* 335 * KLUDGE: if the IP source address of the report has an 336 * unspecified (i.e., zero) subnet number, as is allowed for 337 * a booting host, replace it with the correct subnet number 338 * so that a process-level multicast routing daemon can 339 * determine which subnet it arrived from. This is necessary 340 * to compensate for the lack of any way for a process to 341 * determine the arrival interface of an incoming packet. 342 */ 343 if ((ntohl(ip->ip_src.s_addr) & IN_CLASSA_NET) == 0) 344 if (ia) ip->ip_src.s_addr = htonl(ia->ia_subnet); 345 346 /* 347 * If we belong to the group being reported, stop 348 * our timer for that group. 349 */ 350 IN_MULTI_LOCK(); 351 IN_LOOKUP_MULTI(igmp->igmp_group, ifp, inm); 352 if (inm != NULL) { 353 inm->inm_timer = 0; 354 ++igmpstat.igps_rcv_ourreports; 355 356 inm->inm_state = IGMP_OTHERMEMBER; 357 } 358 IN_MULTI_UNLOCK(); 359 360 break; 361 } 362 363 /* 364 * Pass all valid IGMP packets up to any process(es) listening 365 * on a raw IGMP socket. 366 */ 367 rip_input(m, off); 368 } 369 370 void 371 igmp_joingroup(struct in_multi *inm) 372 { 373 374 IN_MULTI_LOCK_ASSERT(); 375 376 if (inm->inm_addr.s_addr == igmp_all_hosts_group 377 || inm->inm_ifp->if_flags & IFF_LOOPBACK) { 378 inm->inm_timer = 0; 379 inm->inm_state = IGMP_OTHERMEMBER; 380 } else { 381 mtx_lock(&igmp_mtx); 382 inm->inm_rti = find_rti(inm->inm_ifp); 383 mtx_unlock(&igmp_mtx); 384 if (inm->inm_rti != NULL) { 385 igmp_sendpkt(inm, inm->inm_rti->rti_type, 0); 386 inm->inm_timer = IGMP_RANDOM_DELAY( 387 IGMP_MAX_HOST_REPORT_DELAY*PR_FASTHZ); 388 inm->inm_state = IGMP_IREPORTEDLAST; 389 igmp_timers_are_running = 1; 390 } 391 /* XXX handling of failure case? */ 392 } 393 } 394 395 void 396 igmp_leavegroup(struct in_multi *inm) 397 { 398 399 IN_MULTI_LOCK_ASSERT(); 400 401 if (inm->inm_state == IGMP_IREPORTEDLAST && 402 inm->inm_addr.s_addr != igmp_all_hosts_group && 403 !(inm->inm_ifp->if_flags & IFF_LOOPBACK) && 404 inm->inm_rti->rti_type != IGMP_V1_ROUTER) 405 igmp_sendpkt(inm, IGMP_V2_LEAVE_GROUP, igmp_all_rtrs_group); 406 } 407 408 void 409 igmp_fasttimo(void) 410 { 411 register struct in_multi *inm; 412 struct in_multistep step; 413 414 /* 415 * Quick check to see if any work needs to be done, in order 416 * to minimize the overhead of fasttimo processing. 417 */ 418 419 if (!igmp_timers_are_running) 420 return; 421 422 IN_MULTI_LOCK(); 423 igmp_timers_are_running = 0; 424 IN_FIRST_MULTI(step, inm); 425 while (inm != NULL) { 426 if (inm->inm_timer == 0) { 427 /* do nothing */ 428 } else if (--inm->inm_timer == 0) { 429 igmp_sendpkt(inm, inm->inm_rti->rti_type, 0); 430 inm->inm_state = IGMP_IREPORTEDLAST; 431 } else { 432 igmp_timers_are_running = 1; 433 } 434 IN_NEXT_MULTI(step, inm); 435 } 436 IN_MULTI_UNLOCK(); 437 } 438 439 void 440 igmp_slowtimo(void) 441 { 442 struct router_info *rti; 443 444 IGMP_PRINTF("[igmp.c,_slowtimo] -- > entering \n"); 445 mtx_lock(&igmp_mtx); 446 SLIST_FOREACH(rti, &router_info_head, rti_list) { 447 if (rti->rti_type == IGMP_V1_ROUTER) { 448 rti->rti_time++; 449 if (rti->rti_time >= IGMP_AGE_THRESHOLD) 450 rti->rti_type = IGMP_V2_ROUTER; 451 } 452 } 453 mtx_unlock(&igmp_mtx); 454 IGMP_PRINTF("[igmp.c,_slowtimo] -- > exiting \n"); 455 } 456 457 static void 458 igmp_sendpkt(struct in_multi *inm, int type, unsigned long addr) 459 { 460 struct mbuf *m; 461 struct igmp *igmp; 462 struct ip *ip; 463 struct ip_moptions imo; 464 465 IN_MULTI_LOCK_ASSERT(); 466 467 MGETHDR(m, M_DONTWAIT, MT_DATA); 468 if (m == NULL) 469 return; 470 471 m->m_pkthdr.rcvif = loif; 472 #ifdef MAC 473 mac_create_mbuf_linklayer(inm->inm_ifp, m); 474 #endif 475 m->m_pkthdr.len = sizeof(struct ip) + IGMP_MINLEN; 476 MH_ALIGN(m, IGMP_MINLEN + sizeof(struct ip)); 477 m->m_data += sizeof(struct ip); 478 m->m_len = IGMP_MINLEN; 479 igmp = mtod(m, struct igmp *); 480 igmp->igmp_type = type; 481 igmp->igmp_code = 0; 482 igmp->igmp_group = inm->inm_addr; 483 igmp->igmp_cksum = 0; 484 igmp->igmp_cksum = in_cksum(m, IGMP_MINLEN); 485 486 m->m_data -= sizeof(struct ip); 487 m->m_len += sizeof(struct ip); 488 ip = mtod(m, struct ip *); 489 ip->ip_tos = 0; 490 ip->ip_len = sizeof(struct ip) + IGMP_MINLEN; 491 ip->ip_off = 0; 492 ip->ip_p = IPPROTO_IGMP; 493 ip->ip_src.s_addr = INADDR_ANY; 494 ip->ip_dst.s_addr = addr ? addr : igmp->igmp_group.s_addr; 495 496 imo.imo_multicast_ifp = inm->inm_ifp; 497 imo.imo_multicast_ttl = 1; 498 imo.imo_multicast_vif = -1; 499 /* 500 * Request loopback of the report if we are acting as a multicast 501 * router, so that the process-level routing daemon can hear it. 502 */ 503 imo.imo_multicast_loop = (ip_mrouter != NULL); 504 505 /* 506 * XXX 507 * Do we have to worry about reentrancy here? Don't think so. 508 */ 509 ip_output(m, router_alert, &igmprt, 0, &imo, NULL); 510 511 ++igmpstat.igps_snd_reports; 512 } 513