xref: /linux/net/bridge/br_mdb.c (revision 2187af84e5d0062090f5e0e89281a00d0b8afa40)
1 // SPDX-License-Identifier: GPL-2.0
2 #include <linux/err.h>
3 #include <linux/igmp.h>
4 #include <linux/kernel.h>
5 #include <linux/netdevice.h>
6 #include <linux/rculist.h>
7 #include <linux/skbuff.h>
8 #include <linux/if_ether.h>
9 #include <net/ip.h>
10 #include <net/netlink.h>
11 #include <net/switchdev.h>
12 #if IS_ENABLED(CONFIG_IPV6)
13 #include <net/ipv6.h>
14 #include <net/addrconf.h>
15 #endif
16 
17 #include "br_private.h"
18 
19 static bool
20 br_ip4_rports_get_timer(struct net_bridge_mcast_port *pmctx,
21 			unsigned long *timer)
22 {
23 	*timer = br_timer_value(&pmctx->ip4_mc_router_timer);
24 	return !hlist_unhashed(&pmctx->ip4_rlist);
25 }
26 
27 static bool
28 br_ip6_rports_get_timer(struct net_bridge_mcast_port *pmctx,
29 			unsigned long *timer)
30 {
31 #if IS_ENABLED(CONFIG_IPV6)
32 	*timer = br_timer_value(&pmctx->ip6_mc_router_timer);
33 	return !hlist_unhashed(&pmctx->ip6_rlist);
34 #else
35 	*timer = 0;
36 	return false;
37 #endif
38 }
39 
40 static size_t __br_rports_one_size(void)
41 {
42 	return nla_total_size(sizeof(u32)) + /* MDBA_ROUTER_PORT */
43 	       nla_total_size(sizeof(u32)) + /* MDBA_ROUTER_PATTR_TIMER */
44 	       nla_total_size(sizeof(u8)) +  /* MDBA_ROUTER_PATTR_TYPE */
45 	       nla_total_size(sizeof(u32)) + /* MDBA_ROUTER_PATTR_INET_TIMER */
46 	       nla_total_size(sizeof(u32)) + /* MDBA_ROUTER_PATTR_INET6_TIMER */
47 	       nla_total_size(sizeof(u32));  /* MDBA_ROUTER_PATTR_VID */
48 }
49 
50 size_t br_rports_size(const struct net_bridge_mcast *brmctx)
51 {
52 	struct net_bridge_mcast_port *pmctx;
53 	size_t size = nla_total_size(0); /* MDBA_ROUTER */
54 
55 	rcu_read_lock();
56 	hlist_for_each_entry_rcu(pmctx, &brmctx->ip4_mc_router_list,
57 				 ip4_rlist)
58 		size += __br_rports_one_size();
59 
60 #if IS_ENABLED(CONFIG_IPV6)
61 	hlist_for_each_entry_rcu(pmctx, &brmctx->ip6_mc_router_list,
62 				 ip6_rlist)
63 		size += __br_rports_one_size();
64 #endif
65 	rcu_read_unlock();
66 
67 	return size;
68 }
69 
70 int br_rports_fill_info(struct sk_buff *skb,
71 			const struct net_bridge_mcast *brmctx)
72 {
73 	u16 vid = brmctx->vlan ? brmctx->vlan->vid : 0;
74 	bool have_ip4_mc_rtr, have_ip6_mc_rtr;
75 	unsigned long ip4_timer, ip6_timer;
76 	struct nlattr *nest, *port_nest;
77 	struct net_bridge_port *p;
78 
79 	if (!brmctx->multicast_router || !br_rports_have_mc_router(brmctx))
80 		return 0;
81 
82 	nest = nla_nest_start_noflag(skb, MDBA_ROUTER);
83 	if (nest == NULL)
84 		return -EMSGSIZE;
85 
86 	list_for_each_entry_rcu(p, &brmctx->br->port_list, list) {
87 		struct net_bridge_mcast_port *pmctx;
88 
89 		if (vid) {
90 			struct net_bridge_vlan *v;
91 
92 			v = br_vlan_find(nbp_vlan_group(p), vid);
93 			if (!v)
94 				continue;
95 			pmctx = &v->port_mcast_ctx;
96 		} else {
97 			pmctx = &p->multicast_ctx;
98 		}
99 
100 		have_ip4_mc_rtr = br_ip4_rports_get_timer(pmctx, &ip4_timer);
101 		have_ip6_mc_rtr = br_ip6_rports_get_timer(pmctx, &ip6_timer);
102 
103 		if (!have_ip4_mc_rtr && !have_ip6_mc_rtr)
104 			continue;
105 
106 		port_nest = nla_nest_start_noflag(skb, MDBA_ROUTER_PORT);
107 		if (!port_nest)
108 			goto fail;
109 
110 		if (nla_put_nohdr(skb, sizeof(u32), &p->dev->ifindex) ||
111 		    nla_put_u32(skb, MDBA_ROUTER_PATTR_TIMER,
112 				max(ip4_timer, ip6_timer)) ||
113 		    nla_put_u8(skb, MDBA_ROUTER_PATTR_TYPE,
114 			       p->multicast_ctx.multicast_router) ||
115 		    (have_ip4_mc_rtr &&
116 		     nla_put_u32(skb, MDBA_ROUTER_PATTR_INET_TIMER,
117 				 ip4_timer)) ||
118 		    (have_ip6_mc_rtr &&
119 		     nla_put_u32(skb, MDBA_ROUTER_PATTR_INET6_TIMER,
120 				 ip6_timer)) ||
121 		    (vid && nla_put_u16(skb, MDBA_ROUTER_PATTR_VID, vid))) {
122 			nla_nest_cancel(skb, port_nest);
123 			goto fail;
124 		}
125 		nla_nest_end(skb, port_nest);
126 	}
127 
128 	nla_nest_end(skb, nest);
129 	return 0;
130 fail:
131 	nla_nest_cancel(skb, nest);
132 	return -EMSGSIZE;
133 }
134 
135 static void __mdb_entry_fill_flags(struct br_mdb_entry *e, unsigned char flags)
136 {
137 	e->state = flags & MDB_PG_FLAGS_PERMANENT;
138 	e->flags = 0;
139 	if (flags & MDB_PG_FLAGS_OFFLOAD)
140 		e->flags |= MDB_FLAGS_OFFLOAD;
141 	if (flags & MDB_PG_FLAGS_FAST_LEAVE)
142 		e->flags |= MDB_FLAGS_FAST_LEAVE;
143 	if (flags & MDB_PG_FLAGS_STAR_EXCL)
144 		e->flags |= MDB_FLAGS_STAR_EXCL;
145 	if (flags & MDB_PG_FLAGS_BLOCKED)
146 		e->flags |= MDB_FLAGS_BLOCKED;
147 }
148 
149 static void __mdb_entry_to_br_ip(struct br_mdb_entry *entry, struct br_ip *ip,
150 				 struct nlattr **mdb_attrs)
151 {
152 	memset(ip, 0, sizeof(struct br_ip));
153 	ip->vid = entry->vid;
154 	ip->proto = entry->addr.proto;
155 	switch (ip->proto) {
156 	case htons(ETH_P_IP):
157 		ip->dst.ip4 = entry->addr.u.ip4;
158 		if (mdb_attrs && mdb_attrs[MDBE_ATTR_SOURCE])
159 			ip->src.ip4 = nla_get_in_addr(mdb_attrs[MDBE_ATTR_SOURCE]);
160 		break;
161 #if IS_ENABLED(CONFIG_IPV6)
162 	case htons(ETH_P_IPV6):
163 		ip->dst.ip6 = entry->addr.u.ip6;
164 		if (mdb_attrs && mdb_attrs[MDBE_ATTR_SOURCE])
165 			ip->src.ip6 = nla_get_in6_addr(mdb_attrs[MDBE_ATTR_SOURCE]);
166 		break;
167 #endif
168 	default:
169 		ether_addr_copy(ip->dst.mac_addr, entry->addr.u.mac_addr);
170 	}
171 
172 }
173 
174 static int __mdb_fill_srcs(struct sk_buff *skb,
175 			   struct net_bridge_port_group *p)
176 {
177 	struct net_bridge_group_src *ent;
178 	struct nlattr *nest, *nest_ent;
179 
180 	if (hlist_empty(&p->src_list))
181 		return 0;
182 
183 	nest = nla_nest_start(skb, MDBA_MDB_EATTR_SRC_LIST);
184 	if (!nest)
185 		return -EMSGSIZE;
186 
187 	hlist_for_each_entry_rcu(ent, &p->src_list, node,
188 				 lockdep_is_held(&p->key.port->br->multicast_lock)) {
189 		nest_ent = nla_nest_start(skb, MDBA_MDB_SRCLIST_ENTRY);
190 		if (!nest_ent)
191 			goto out_cancel_err;
192 		switch (ent->addr.proto) {
193 		case htons(ETH_P_IP):
194 			if (nla_put_in_addr(skb, MDBA_MDB_SRCATTR_ADDRESS,
195 					    ent->addr.src.ip4)) {
196 				nla_nest_cancel(skb, nest_ent);
197 				goto out_cancel_err;
198 			}
199 			break;
200 #if IS_ENABLED(CONFIG_IPV6)
201 		case htons(ETH_P_IPV6):
202 			if (nla_put_in6_addr(skb, MDBA_MDB_SRCATTR_ADDRESS,
203 					     &ent->addr.src.ip6)) {
204 				nla_nest_cancel(skb, nest_ent);
205 				goto out_cancel_err;
206 			}
207 			break;
208 #endif
209 		default:
210 			nla_nest_cancel(skb, nest_ent);
211 			continue;
212 		}
213 		if (nla_put_u32(skb, MDBA_MDB_SRCATTR_TIMER,
214 				br_timer_value(&ent->timer))) {
215 			nla_nest_cancel(skb, nest_ent);
216 			goto out_cancel_err;
217 		}
218 		nla_nest_end(skb, nest_ent);
219 	}
220 
221 	nla_nest_end(skb, nest);
222 
223 	return 0;
224 
225 out_cancel_err:
226 	nla_nest_cancel(skb, nest);
227 	return -EMSGSIZE;
228 }
229 
230 static int __mdb_fill_info(struct sk_buff *skb,
231 			   struct net_bridge_mdb_entry *mp,
232 			   struct net_bridge_port_group *p)
233 {
234 	bool dump_srcs_mode = false;
235 	struct timer_list *mtimer;
236 	struct nlattr *nest_ent;
237 	struct br_mdb_entry e;
238 	u8 flags = 0;
239 	int ifindex;
240 
241 	memset(&e, 0, sizeof(e));
242 	if (p) {
243 		ifindex = p->key.port->dev->ifindex;
244 		mtimer = &p->timer;
245 		flags = p->flags;
246 	} else {
247 		ifindex = mp->br->dev->ifindex;
248 		mtimer = &mp->timer;
249 	}
250 
251 	__mdb_entry_fill_flags(&e, flags);
252 	e.ifindex = ifindex;
253 	e.vid = mp->addr.vid;
254 	if (mp->addr.proto == htons(ETH_P_IP)) {
255 		e.addr.u.ip4 = mp->addr.dst.ip4;
256 #if IS_ENABLED(CONFIG_IPV6)
257 	} else if (mp->addr.proto == htons(ETH_P_IPV6)) {
258 		e.addr.u.ip6 = mp->addr.dst.ip6;
259 #endif
260 	} else {
261 		ether_addr_copy(e.addr.u.mac_addr, mp->addr.dst.mac_addr);
262 		e.state = MDB_PERMANENT;
263 	}
264 	e.addr.proto = mp->addr.proto;
265 	nest_ent = nla_nest_start_noflag(skb,
266 					 MDBA_MDB_ENTRY_INFO);
267 	if (!nest_ent)
268 		return -EMSGSIZE;
269 
270 	if (nla_put_nohdr(skb, sizeof(e), &e) ||
271 	    nla_put_u32(skb,
272 			MDBA_MDB_EATTR_TIMER,
273 			br_timer_value(mtimer)))
274 		goto nest_err;
275 
276 	switch (mp->addr.proto) {
277 	case htons(ETH_P_IP):
278 		dump_srcs_mode = !!(mp->br->multicast_ctx.multicast_igmp_version == 3);
279 		if (mp->addr.src.ip4) {
280 			if (nla_put_in_addr(skb, MDBA_MDB_EATTR_SOURCE,
281 					    mp->addr.src.ip4))
282 				goto nest_err;
283 			break;
284 		}
285 		break;
286 #if IS_ENABLED(CONFIG_IPV6)
287 	case htons(ETH_P_IPV6):
288 		dump_srcs_mode = !!(mp->br->multicast_ctx.multicast_mld_version == 2);
289 		if (!ipv6_addr_any(&mp->addr.src.ip6)) {
290 			if (nla_put_in6_addr(skb, MDBA_MDB_EATTR_SOURCE,
291 					     &mp->addr.src.ip6))
292 				goto nest_err;
293 			break;
294 		}
295 		break;
296 #endif
297 	default:
298 		ether_addr_copy(e.addr.u.mac_addr, mp->addr.dst.mac_addr);
299 	}
300 	if (p) {
301 		if (nla_put_u8(skb, MDBA_MDB_EATTR_RTPROT, p->rt_protocol))
302 			goto nest_err;
303 		if (dump_srcs_mode &&
304 		    (__mdb_fill_srcs(skb, p) ||
305 		     nla_put_u8(skb, MDBA_MDB_EATTR_GROUP_MODE,
306 				p->filter_mode)))
307 			goto nest_err;
308 	}
309 	nla_nest_end(skb, nest_ent);
310 
311 	return 0;
312 
313 nest_err:
314 	nla_nest_cancel(skb, nest_ent);
315 	return -EMSGSIZE;
316 }
317 
318 static int br_mdb_fill_info(struct sk_buff *skb, struct netlink_callback *cb,
319 			    struct net_device *dev)
320 {
321 	int idx = 0, s_idx = cb->args[1], err = 0, pidx = 0, s_pidx = cb->args[2];
322 	struct net_bridge *br = netdev_priv(dev);
323 	struct net_bridge_mdb_entry *mp;
324 	struct nlattr *nest, *nest2;
325 
326 	if (!br_opt_get(br, BROPT_MULTICAST_ENABLED))
327 		return 0;
328 
329 	nest = nla_nest_start_noflag(skb, MDBA_MDB);
330 	if (nest == NULL)
331 		return -EMSGSIZE;
332 
333 	hlist_for_each_entry_rcu(mp, &br->mdb_list, mdb_node) {
334 		struct net_bridge_port_group *p;
335 		struct net_bridge_port_group __rcu **pp;
336 
337 		if (idx < s_idx)
338 			goto skip;
339 
340 		nest2 = nla_nest_start_noflag(skb, MDBA_MDB_ENTRY);
341 		if (!nest2) {
342 			err = -EMSGSIZE;
343 			break;
344 		}
345 
346 		if (!s_pidx && mp->host_joined) {
347 			err = __mdb_fill_info(skb, mp, NULL);
348 			if (err) {
349 				nla_nest_cancel(skb, nest2);
350 				break;
351 			}
352 		}
353 
354 		for (pp = &mp->ports; (p = rcu_dereference(*pp)) != NULL;
355 		      pp = &p->next) {
356 			if (!p->key.port)
357 				continue;
358 			if (pidx < s_pidx)
359 				goto skip_pg;
360 
361 			err = __mdb_fill_info(skb, mp, p);
362 			if (err) {
363 				nla_nest_end(skb, nest2);
364 				goto out;
365 			}
366 skip_pg:
367 			pidx++;
368 		}
369 		pidx = 0;
370 		s_pidx = 0;
371 		nla_nest_end(skb, nest2);
372 skip:
373 		idx++;
374 	}
375 
376 out:
377 	cb->args[1] = idx;
378 	cb->args[2] = pidx;
379 	nla_nest_end(skb, nest);
380 	return err;
381 }
382 
383 static int br_mdb_valid_dump_req(const struct nlmsghdr *nlh,
384 				 struct netlink_ext_ack *extack)
385 {
386 	struct br_port_msg *bpm;
387 
388 	if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*bpm))) {
389 		NL_SET_ERR_MSG_MOD(extack, "Invalid header for mdb dump request");
390 		return -EINVAL;
391 	}
392 
393 	bpm = nlmsg_data(nlh);
394 	if (bpm->ifindex) {
395 		NL_SET_ERR_MSG_MOD(extack, "Filtering by device index is not supported for mdb dump request");
396 		return -EINVAL;
397 	}
398 	if (nlmsg_attrlen(nlh, sizeof(*bpm))) {
399 		NL_SET_ERR_MSG(extack, "Invalid data after header in mdb dump request");
400 		return -EINVAL;
401 	}
402 
403 	return 0;
404 }
405 
406 static int br_mdb_dump(struct sk_buff *skb, struct netlink_callback *cb)
407 {
408 	struct net_device *dev;
409 	struct net *net = sock_net(skb->sk);
410 	struct nlmsghdr *nlh = NULL;
411 	int idx = 0, s_idx;
412 
413 	if (cb->strict_check) {
414 		int err = br_mdb_valid_dump_req(cb->nlh, cb->extack);
415 
416 		if (err < 0)
417 			return err;
418 	}
419 
420 	s_idx = cb->args[0];
421 
422 	rcu_read_lock();
423 
424 	for_each_netdev_rcu(net, dev) {
425 		if (netif_is_bridge_master(dev)) {
426 			struct net_bridge *br = netdev_priv(dev);
427 			struct br_port_msg *bpm;
428 
429 			if (idx < s_idx)
430 				goto skip;
431 
432 			nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid,
433 					cb->nlh->nlmsg_seq, RTM_GETMDB,
434 					sizeof(*bpm), NLM_F_MULTI);
435 			if (nlh == NULL)
436 				break;
437 
438 			bpm = nlmsg_data(nlh);
439 			memset(bpm, 0, sizeof(*bpm));
440 			bpm->ifindex = dev->ifindex;
441 			if (br_mdb_fill_info(skb, cb, dev) < 0)
442 				goto out;
443 			if (br_rports_fill_info(skb, &br->multicast_ctx) < 0)
444 				goto out;
445 
446 			cb->args[1] = 0;
447 			nlmsg_end(skb, nlh);
448 		skip:
449 			idx++;
450 		}
451 	}
452 
453 out:
454 	if (nlh)
455 		nlmsg_end(skb, nlh);
456 	rcu_read_unlock();
457 	cb->args[0] = idx;
458 	return skb->len;
459 }
460 
461 static int nlmsg_populate_mdb_fill(struct sk_buff *skb,
462 				   struct net_device *dev,
463 				   struct net_bridge_mdb_entry *mp,
464 				   struct net_bridge_port_group *pg,
465 				   int type)
466 {
467 	struct nlmsghdr *nlh;
468 	struct br_port_msg *bpm;
469 	struct nlattr *nest, *nest2;
470 
471 	nlh = nlmsg_put(skb, 0, 0, type, sizeof(*bpm), 0);
472 	if (!nlh)
473 		return -EMSGSIZE;
474 
475 	bpm = nlmsg_data(nlh);
476 	memset(bpm, 0, sizeof(*bpm));
477 	bpm->family  = AF_BRIDGE;
478 	bpm->ifindex = dev->ifindex;
479 	nest = nla_nest_start_noflag(skb, MDBA_MDB);
480 	if (nest == NULL)
481 		goto cancel;
482 	nest2 = nla_nest_start_noflag(skb, MDBA_MDB_ENTRY);
483 	if (nest2 == NULL)
484 		goto end;
485 
486 	if (__mdb_fill_info(skb, mp, pg))
487 		goto end;
488 
489 	nla_nest_end(skb, nest2);
490 	nla_nest_end(skb, nest);
491 	nlmsg_end(skb, nlh);
492 	return 0;
493 
494 end:
495 	nla_nest_end(skb, nest);
496 cancel:
497 	nlmsg_cancel(skb, nlh);
498 	return -EMSGSIZE;
499 }
500 
501 static size_t rtnl_mdb_nlmsg_size(struct net_bridge_port_group *pg)
502 {
503 	size_t nlmsg_size = NLMSG_ALIGN(sizeof(struct br_port_msg)) +
504 			    nla_total_size(sizeof(struct br_mdb_entry)) +
505 			    nla_total_size(sizeof(u32));
506 	struct net_bridge_group_src *ent;
507 	size_t addr_size = 0;
508 
509 	if (!pg)
510 		goto out;
511 
512 	/* MDBA_MDB_EATTR_RTPROT */
513 	nlmsg_size += nla_total_size(sizeof(u8));
514 
515 	switch (pg->key.addr.proto) {
516 	case htons(ETH_P_IP):
517 		/* MDBA_MDB_EATTR_SOURCE */
518 		if (pg->key.addr.src.ip4)
519 			nlmsg_size += nla_total_size(sizeof(__be32));
520 		if (pg->key.port->br->multicast_ctx.multicast_igmp_version == 2)
521 			goto out;
522 		addr_size = sizeof(__be32);
523 		break;
524 #if IS_ENABLED(CONFIG_IPV6)
525 	case htons(ETH_P_IPV6):
526 		/* MDBA_MDB_EATTR_SOURCE */
527 		if (!ipv6_addr_any(&pg->key.addr.src.ip6))
528 			nlmsg_size += nla_total_size(sizeof(struct in6_addr));
529 		if (pg->key.port->br->multicast_ctx.multicast_mld_version == 1)
530 			goto out;
531 		addr_size = sizeof(struct in6_addr);
532 		break;
533 #endif
534 	}
535 
536 	/* MDBA_MDB_EATTR_GROUP_MODE */
537 	nlmsg_size += nla_total_size(sizeof(u8));
538 
539 	/* MDBA_MDB_EATTR_SRC_LIST nested attr */
540 	if (!hlist_empty(&pg->src_list))
541 		nlmsg_size += nla_total_size(0);
542 
543 	hlist_for_each_entry(ent, &pg->src_list, node) {
544 		/* MDBA_MDB_SRCLIST_ENTRY nested attr +
545 		 * MDBA_MDB_SRCATTR_ADDRESS + MDBA_MDB_SRCATTR_TIMER
546 		 */
547 		nlmsg_size += nla_total_size(0) +
548 			      nla_total_size(addr_size) +
549 			      nla_total_size(sizeof(u32));
550 	}
551 out:
552 	return nlmsg_size;
553 }
554 
555 void br_mdb_notify(struct net_device *dev,
556 		   struct net_bridge_mdb_entry *mp,
557 		   struct net_bridge_port_group *pg,
558 		   int type)
559 {
560 	struct net *net = dev_net(dev);
561 	struct sk_buff *skb;
562 	int err = -ENOBUFS;
563 
564 	br_switchdev_mdb_notify(dev, mp, pg, type);
565 
566 	skb = nlmsg_new(rtnl_mdb_nlmsg_size(pg), GFP_ATOMIC);
567 	if (!skb)
568 		goto errout;
569 
570 	err = nlmsg_populate_mdb_fill(skb, dev, mp, pg, type);
571 	if (err < 0) {
572 		kfree_skb(skb);
573 		goto errout;
574 	}
575 
576 	rtnl_notify(skb, net, 0, RTNLGRP_MDB, NULL, GFP_ATOMIC);
577 	return;
578 errout:
579 	rtnl_set_sk_err(net, RTNLGRP_MDB, err);
580 }
581 
582 static int nlmsg_populate_rtr_fill(struct sk_buff *skb,
583 				   struct net_device *dev,
584 				   int ifindex, u16 vid, u32 pid,
585 				   u32 seq, int type, unsigned int flags)
586 {
587 	struct nlattr *nest, *port_nest;
588 	struct br_port_msg *bpm;
589 	struct nlmsghdr *nlh;
590 
591 	nlh = nlmsg_put(skb, pid, seq, type, sizeof(*bpm), 0);
592 	if (!nlh)
593 		return -EMSGSIZE;
594 
595 	bpm = nlmsg_data(nlh);
596 	memset(bpm, 0, sizeof(*bpm));
597 	bpm->family = AF_BRIDGE;
598 	bpm->ifindex = dev->ifindex;
599 	nest = nla_nest_start_noflag(skb, MDBA_ROUTER);
600 	if (!nest)
601 		goto cancel;
602 
603 	port_nest = nla_nest_start_noflag(skb, MDBA_ROUTER_PORT);
604 	if (!port_nest)
605 		goto end;
606 	if (nla_put_nohdr(skb, sizeof(u32), &ifindex)) {
607 		nla_nest_cancel(skb, port_nest);
608 		goto end;
609 	}
610 	if (vid && nla_put_u16(skb, MDBA_ROUTER_PATTR_VID, vid)) {
611 		nla_nest_cancel(skb, port_nest);
612 		goto end;
613 	}
614 	nla_nest_end(skb, port_nest);
615 
616 	nla_nest_end(skb, nest);
617 	nlmsg_end(skb, nlh);
618 	return 0;
619 
620 end:
621 	nla_nest_end(skb, nest);
622 cancel:
623 	nlmsg_cancel(skb, nlh);
624 	return -EMSGSIZE;
625 }
626 
627 static inline size_t rtnl_rtr_nlmsg_size(void)
628 {
629 	return NLMSG_ALIGN(sizeof(struct br_port_msg))
630 		+ nla_total_size(sizeof(__u32))
631 		+ nla_total_size(sizeof(u16));
632 }
633 
634 void br_rtr_notify(struct net_device *dev, struct net_bridge_mcast_port *pmctx,
635 		   int type)
636 {
637 	struct net *net = dev_net(dev);
638 	struct sk_buff *skb;
639 	int err = -ENOBUFS;
640 	int ifindex;
641 	u16 vid;
642 
643 	ifindex = pmctx ? pmctx->port->dev->ifindex : 0;
644 	vid = pmctx && br_multicast_port_ctx_is_vlan(pmctx) ? pmctx->vlan->vid :
645 							      0;
646 	skb = nlmsg_new(rtnl_rtr_nlmsg_size(), GFP_ATOMIC);
647 	if (!skb)
648 		goto errout;
649 
650 	err = nlmsg_populate_rtr_fill(skb, dev, ifindex, vid, 0, 0, type,
651 				      NTF_SELF);
652 	if (err < 0) {
653 		kfree_skb(skb);
654 		goto errout;
655 	}
656 
657 	rtnl_notify(skb, net, 0, RTNLGRP_MDB, NULL, GFP_ATOMIC);
658 	return;
659 
660 errout:
661 	rtnl_set_sk_err(net, RTNLGRP_MDB, err);
662 }
663 
664 static const struct nla_policy
665 br_mdbe_src_list_entry_pol[MDBE_SRCATTR_MAX + 1] = {
666 	[MDBE_SRCATTR_ADDRESS] = NLA_POLICY_RANGE(NLA_BINARY,
667 						  sizeof(struct in_addr),
668 						  sizeof(struct in6_addr)),
669 };
670 
671 static const struct nla_policy
672 br_mdbe_src_list_pol[MDBE_SRC_LIST_MAX + 1] = {
673 	[MDBE_SRC_LIST_ENTRY] = NLA_POLICY_NESTED(br_mdbe_src_list_entry_pol),
674 };
675 
676 static const struct nla_policy br_mdbe_attrs_pol[MDBE_ATTR_MAX + 1] = {
677 	[MDBE_ATTR_SOURCE] = NLA_POLICY_RANGE(NLA_BINARY,
678 					      sizeof(struct in_addr),
679 					      sizeof(struct in6_addr)),
680 	[MDBE_ATTR_GROUP_MODE] = NLA_POLICY_RANGE(NLA_U8, MCAST_EXCLUDE,
681 						  MCAST_INCLUDE),
682 	[MDBE_ATTR_SRC_LIST] = NLA_POLICY_NESTED(br_mdbe_src_list_pol),
683 	[MDBE_ATTR_RTPROT] = NLA_POLICY_MIN(NLA_U8, RTPROT_STATIC),
684 };
685 
686 static int validate_mdb_entry(const struct nlattr *attr,
687 			      struct netlink_ext_ack *extack)
688 {
689 	struct br_mdb_entry *entry = nla_data(attr);
690 
691 	if (nla_len(attr) != sizeof(struct br_mdb_entry)) {
692 		NL_SET_ERR_MSG_MOD(extack, "Invalid MDBA_SET_ENTRY attribute length");
693 		return -EINVAL;
694 	}
695 
696 	if (entry->ifindex == 0) {
697 		NL_SET_ERR_MSG_MOD(extack, "Zero entry ifindex is not allowed");
698 		return -EINVAL;
699 	}
700 
701 	if (entry->addr.proto == htons(ETH_P_IP)) {
702 		if (!ipv4_is_multicast(entry->addr.u.ip4)) {
703 			NL_SET_ERR_MSG_MOD(extack, "IPv4 entry group address is not multicast");
704 			return -EINVAL;
705 		}
706 		if (ipv4_is_local_multicast(entry->addr.u.ip4)) {
707 			NL_SET_ERR_MSG_MOD(extack, "IPv4 entry group address is local multicast");
708 			return -EINVAL;
709 		}
710 #if IS_ENABLED(CONFIG_IPV6)
711 	} else if (entry->addr.proto == htons(ETH_P_IPV6)) {
712 		if (ipv6_addr_is_ll_all_nodes(&entry->addr.u.ip6)) {
713 			NL_SET_ERR_MSG_MOD(extack, "IPv6 entry group address is link-local all nodes");
714 			return -EINVAL;
715 		}
716 #endif
717 	} else if (entry->addr.proto == 0) {
718 		/* L2 mdb */
719 		if (!is_multicast_ether_addr(entry->addr.u.mac_addr)) {
720 			NL_SET_ERR_MSG_MOD(extack, "L2 entry group is not multicast");
721 			return -EINVAL;
722 		}
723 	} else {
724 		NL_SET_ERR_MSG_MOD(extack, "Unknown entry protocol");
725 		return -EINVAL;
726 	}
727 
728 	if (entry->state != MDB_PERMANENT && entry->state != MDB_TEMPORARY) {
729 		NL_SET_ERR_MSG_MOD(extack, "Unknown entry state");
730 		return -EINVAL;
731 	}
732 	if (entry->vid >= VLAN_VID_MASK) {
733 		NL_SET_ERR_MSG_MOD(extack, "Invalid entry VLAN id");
734 		return -EINVAL;
735 	}
736 
737 	return 0;
738 }
739 
740 static bool is_valid_mdb_source(struct nlattr *attr, __be16 proto,
741 				struct netlink_ext_ack *extack)
742 {
743 	switch (proto) {
744 	case htons(ETH_P_IP):
745 		if (nla_len(attr) != sizeof(struct in_addr)) {
746 			NL_SET_ERR_MSG_MOD(extack, "IPv4 invalid source address length");
747 			return false;
748 		}
749 		if (ipv4_is_multicast(nla_get_in_addr(attr))) {
750 			NL_SET_ERR_MSG_MOD(extack, "IPv4 multicast source address is not allowed");
751 			return false;
752 		}
753 		break;
754 #if IS_ENABLED(CONFIG_IPV6)
755 	case htons(ETH_P_IPV6): {
756 		struct in6_addr src;
757 
758 		if (nla_len(attr) != sizeof(struct in6_addr)) {
759 			NL_SET_ERR_MSG_MOD(extack, "IPv6 invalid source address length");
760 			return false;
761 		}
762 		src = nla_get_in6_addr(attr);
763 		if (ipv6_addr_is_multicast(&src)) {
764 			NL_SET_ERR_MSG_MOD(extack, "IPv6 multicast source address is not allowed");
765 			return false;
766 		}
767 		break;
768 	}
769 #endif
770 	default:
771 		NL_SET_ERR_MSG_MOD(extack, "Invalid protocol used with source address");
772 		return false;
773 	}
774 
775 	return true;
776 }
777 
778 static struct net_bridge_mcast *
779 __br_mdb_choose_context(struct net_bridge *br,
780 			const struct br_mdb_entry *entry,
781 			struct netlink_ext_ack *extack)
782 {
783 	struct net_bridge_mcast *brmctx = NULL;
784 	struct net_bridge_vlan *v;
785 
786 	if (!br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED)) {
787 		brmctx = &br->multicast_ctx;
788 		goto out;
789 	}
790 
791 	if (!entry->vid) {
792 		NL_SET_ERR_MSG_MOD(extack, "Cannot add an entry without a vlan when vlan snooping is enabled");
793 		goto out;
794 	}
795 
796 	v = br_vlan_find(br_vlan_group(br), entry->vid);
797 	if (!v) {
798 		NL_SET_ERR_MSG_MOD(extack, "Vlan is not configured");
799 		goto out;
800 	}
801 	if (br_multicast_ctx_vlan_global_disabled(&v->br_mcast_ctx)) {
802 		NL_SET_ERR_MSG_MOD(extack, "Vlan's multicast processing is disabled");
803 		goto out;
804 	}
805 	brmctx = &v->br_mcast_ctx;
806 out:
807 	return brmctx;
808 }
809 
810 static int br_mdb_replace_group_sg(const struct br_mdb_config *cfg,
811 				   struct net_bridge_mdb_entry *mp,
812 				   struct net_bridge_port_group *pg,
813 				   struct net_bridge_mcast *brmctx,
814 				   unsigned char flags)
815 {
816 	unsigned long now = jiffies;
817 
818 	pg->flags = flags;
819 	pg->rt_protocol = cfg->rt_protocol;
820 	if (!(flags & MDB_PG_FLAGS_PERMANENT) && !cfg->src_entry)
821 		mod_timer(&pg->timer,
822 			  now + brmctx->multicast_membership_interval);
823 	else
824 		del_timer(&pg->timer);
825 
826 	br_mdb_notify(cfg->br->dev, mp, pg, RTM_NEWMDB);
827 
828 	return 0;
829 }
830 
831 static int br_mdb_add_group_sg(const struct br_mdb_config *cfg,
832 			       struct net_bridge_mdb_entry *mp,
833 			       struct net_bridge_mcast *brmctx,
834 			       unsigned char flags,
835 			       struct netlink_ext_ack *extack)
836 {
837 	struct net_bridge_port_group __rcu **pp;
838 	struct net_bridge_port_group *p;
839 	unsigned long now = jiffies;
840 
841 	for (pp = &mp->ports;
842 	     (p = mlock_dereference(*pp, cfg->br)) != NULL;
843 	     pp = &p->next) {
844 		if (p->key.port == cfg->p) {
845 			if (!(cfg->nlflags & NLM_F_REPLACE)) {
846 				NL_SET_ERR_MSG_MOD(extack, "(S, G) group is already joined by port");
847 				return -EEXIST;
848 			}
849 			return br_mdb_replace_group_sg(cfg, mp, p, brmctx,
850 						       flags);
851 		}
852 		if ((unsigned long)p->key.port < (unsigned long)cfg->p)
853 			break;
854 	}
855 
856 	p = br_multicast_new_port_group(cfg->p, &cfg->group, *pp, flags, NULL,
857 					MCAST_INCLUDE, cfg->rt_protocol, extack);
858 	if (unlikely(!p))
859 		return -ENOMEM;
860 
861 	rcu_assign_pointer(*pp, p);
862 	if (!(flags & MDB_PG_FLAGS_PERMANENT) && !cfg->src_entry)
863 		mod_timer(&p->timer,
864 			  now + brmctx->multicast_membership_interval);
865 	br_mdb_notify(cfg->br->dev, mp, p, RTM_NEWMDB);
866 
867 	/* All of (*, G) EXCLUDE ports need to be added to the new (S, G) for
868 	 * proper replication.
869 	 */
870 	if (br_multicast_should_handle_mode(brmctx, cfg->group.proto)) {
871 		struct net_bridge_mdb_entry *star_mp;
872 		struct br_ip star_group;
873 
874 		star_group = p->key.addr;
875 		memset(&star_group.src, 0, sizeof(star_group.src));
876 		star_mp = br_mdb_ip_get(cfg->br, &star_group);
877 		if (star_mp)
878 			br_multicast_sg_add_exclude_ports(star_mp, p);
879 	}
880 
881 	return 0;
882 }
883 
884 static int br_mdb_add_group_src_fwd(const struct br_mdb_config *cfg,
885 				    struct br_ip *src_ip,
886 				    struct net_bridge_mcast *brmctx,
887 				    struct netlink_ext_ack *extack)
888 {
889 	struct net_bridge_mdb_entry *sgmp;
890 	struct br_mdb_config sg_cfg;
891 	struct br_ip sg_ip;
892 	u8 flags = 0;
893 
894 	sg_ip = cfg->group;
895 	sg_ip.src = src_ip->src;
896 	sgmp = br_multicast_new_group(cfg->br, &sg_ip);
897 	if (IS_ERR(sgmp)) {
898 		NL_SET_ERR_MSG_MOD(extack, "Failed to add (S, G) MDB entry");
899 		return PTR_ERR(sgmp);
900 	}
901 
902 	if (cfg->entry->state == MDB_PERMANENT)
903 		flags |= MDB_PG_FLAGS_PERMANENT;
904 	if (cfg->filter_mode == MCAST_EXCLUDE)
905 		flags |= MDB_PG_FLAGS_BLOCKED;
906 
907 	memset(&sg_cfg, 0, sizeof(sg_cfg));
908 	sg_cfg.br = cfg->br;
909 	sg_cfg.p = cfg->p;
910 	sg_cfg.entry = cfg->entry;
911 	sg_cfg.group = sg_ip;
912 	sg_cfg.src_entry = true;
913 	sg_cfg.filter_mode = MCAST_INCLUDE;
914 	sg_cfg.rt_protocol = cfg->rt_protocol;
915 	sg_cfg.nlflags = cfg->nlflags;
916 	return br_mdb_add_group_sg(&sg_cfg, sgmp, brmctx, flags, extack);
917 }
918 
919 static int br_mdb_add_group_src(const struct br_mdb_config *cfg,
920 				struct net_bridge_port_group *pg,
921 				struct net_bridge_mcast *brmctx,
922 				struct br_mdb_src_entry *src,
923 				struct netlink_ext_ack *extack)
924 {
925 	struct net_bridge_group_src *ent;
926 	unsigned long now = jiffies;
927 	int err;
928 
929 	ent = br_multicast_find_group_src(pg, &src->addr);
930 	if (!ent) {
931 		ent = br_multicast_new_group_src(pg, &src->addr);
932 		if (!ent) {
933 			NL_SET_ERR_MSG_MOD(extack, "Failed to add new source entry");
934 			return -ENOSPC;
935 		}
936 	} else if (!(cfg->nlflags & NLM_F_REPLACE)) {
937 		NL_SET_ERR_MSG_MOD(extack, "Source entry already exists");
938 		return -EEXIST;
939 	}
940 
941 	if (cfg->filter_mode == MCAST_INCLUDE &&
942 	    cfg->entry->state == MDB_TEMPORARY)
943 		mod_timer(&ent->timer, now + br_multicast_gmi(brmctx));
944 	else
945 		del_timer(&ent->timer);
946 
947 	/* Install a (S, G) forwarding entry for the source. */
948 	err = br_mdb_add_group_src_fwd(cfg, &src->addr, brmctx, extack);
949 	if (err)
950 		goto err_del_sg;
951 
952 	ent->flags = BR_SGRP_F_INSTALLED | BR_SGRP_F_USER_ADDED;
953 
954 	return 0;
955 
956 err_del_sg:
957 	__br_multicast_del_group_src(ent);
958 	return err;
959 }
960 
961 static void br_mdb_del_group_src(struct net_bridge_port_group *pg,
962 				 struct br_mdb_src_entry *src)
963 {
964 	struct net_bridge_group_src *ent;
965 
966 	ent = br_multicast_find_group_src(pg, &src->addr);
967 	if (WARN_ON_ONCE(!ent))
968 		return;
969 	br_multicast_del_group_src(ent, false);
970 }
971 
972 static int br_mdb_add_group_srcs(const struct br_mdb_config *cfg,
973 				 struct net_bridge_port_group *pg,
974 				 struct net_bridge_mcast *brmctx,
975 				 struct netlink_ext_ack *extack)
976 {
977 	int i, err;
978 
979 	for (i = 0; i < cfg->num_src_entries; i++) {
980 		err = br_mdb_add_group_src(cfg, pg, brmctx,
981 					   &cfg->src_entries[i], extack);
982 		if (err)
983 			goto err_del_group_srcs;
984 	}
985 
986 	return 0;
987 
988 err_del_group_srcs:
989 	for (i--; i >= 0; i--)
990 		br_mdb_del_group_src(pg, &cfg->src_entries[i]);
991 	return err;
992 }
993 
994 static int br_mdb_replace_group_srcs(const struct br_mdb_config *cfg,
995 				     struct net_bridge_port_group *pg,
996 				     struct net_bridge_mcast *brmctx,
997 				     struct netlink_ext_ack *extack)
998 {
999 	struct net_bridge_group_src *ent;
1000 	struct hlist_node *tmp;
1001 	int err;
1002 
1003 	hlist_for_each_entry(ent, &pg->src_list, node)
1004 		ent->flags |= BR_SGRP_F_DELETE;
1005 
1006 	err = br_mdb_add_group_srcs(cfg, pg, brmctx, extack);
1007 	if (err)
1008 		goto err_clear_delete;
1009 
1010 	hlist_for_each_entry_safe(ent, tmp, &pg->src_list, node) {
1011 		if (ent->flags & BR_SGRP_F_DELETE)
1012 			br_multicast_del_group_src(ent, false);
1013 	}
1014 
1015 	return 0;
1016 
1017 err_clear_delete:
1018 	hlist_for_each_entry(ent, &pg->src_list, node)
1019 		ent->flags &= ~BR_SGRP_F_DELETE;
1020 	return err;
1021 }
1022 
1023 static int br_mdb_replace_group_star_g(const struct br_mdb_config *cfg,
1024 				       struct net_bridge_mdb_entry *mp,
1025 				       struct net_bridge_port_group *pg,
1026 				       struct net_bridge_mcast *brmctx,
1027 				       unsigned char flags,
1028 				       struct netlink_ext_ack *extack)
1029 {
1030 	unsigned long now = jiffies;
1031 	int err;
1032 
1033 	err = br_mdb_replace_group_srcs(cfg, pg, brmctx, extack);
1034 	if (err)
1035 		return err;
1036 
1037 	pg->flags = flags;
1038 	pg->filter_mode = cfg->filter_mode;
1039 	pg->rt_protocol = cfg->rt_protocol;
1040 	if (!(flags & MDB_PG_FLAGS_PERMANENT) &&
1041 	    cfg->filter_mode == MCAST_EXCLUDE)
1042 		mod_timer(&pg->timer,
1043 			  now + brmctx->multicast_membership_interval);
1044 	else
1045 		del_timer(&pg->timer);
1046 
1047 	br_mdb_notify(cfg->br->dev, mp, pg, RTM_NEWMDB);
1048 
1049 	if (br_multicast_should_handle_mode(brmctx, cfg->group.proto))
1050 		br_multicast_star_g_handle_mode(pg, cfg->filter_mode);
1051 
1052 	return 0;
1053 }
1054 
1055 static int br_mdb_add_group_star_g(const struct br_mdb_config *cfg,
1056 				   struct net_bridge_mdb_entry *mp,
1057 				   struct net_bridge_mcast *brmctx,
1058 				   unsigned char flags,
1059 				   struct netlink_ext_ack *extack)
1060 {
1061 	struct net_bridge_port_group __rcu **pp;
1062 	struct net_bridge_port_group *p;
1063 	unsigned long now = jiffies;
1064 	int err;
1065 
1066 	for (pp = &mp->ports;
1067 	     (p = mlock_dereference(*pp, cfg->br)) != NULL;
1068 	     pp = &p->next) {
1069 		if (p->key.port == cfg->p) {
1070 			if (!(cfg->nlflags & NLM_F_REPLACE)) {
1071 				NL_SET_ERR_MSG_MOD(extack, "(*, G) group is already joined by port");
1072 				return -EEXIST;
1073 			}
1074 			return br_mdb_replace_group_star_g(cfg, mp, p, brmctx,
1075 							   flags, extack);
1076 		}
1077 		if ((unsigned long)p->key.port < (unsigned long)cfg->p)
1078 			break;
1079 	}
1080 
1081 	p = br_multicast_new_port_group(cfg->p, &cfg->group, *pp, flags, NULL,
1082 					cfg->filter_mode, cfg->rt_protocol,
1083 					extack);
1084 	if (unlikely(!p))
1085 		return -ENOMEM;
1086 
1087 	err = br_mdb_add_group_srcs(cfg, p, brmctx, extack);
1088 	if (err)
1089 		goto err_del_port_group;
1090 
1091 	rcu_assign_pointer(*pp, p);
1092 	if (!(flags & MDB_PG_FLAGS_PERMANENT) &&
1093 	    cfg->filter_mode == MCAST_EXCLUDE)
1094 		mod_timer(&p->timer,
1095 			  now + brmctx->multicast_membership_interval);
1096 	br_mdb_notify(cfg->br->dev, mp, p, RTM_NEWMDB);
1097 	/* If we are adding a new EXCLUDE port group (*, G), it needs to be
1098 	 * also added to all (S, G) entries for proper replication.
1099 	 */
1100 	if (br_multicast_should_handle_mode(brmctx, cfg->group.proto) &&
1101 	    cfg->filter_mode == MCAST_EXCLUDE)
1102 		br_multicast_star_g_handle_mode(p, MCAST_EXCLUDE);
1103 
1104 	return 0;
1105 
1106 err_del_port_group:
1107 	br_multicast_del_port_group(p);
1108 	return err;
1109 }
1110 
1111 static int br_mdb_add_group(const struct br_mdb_config *cfg,
1112 			    struct netlink_ext_ack *extack)
1113 {
1114 	struct br_mdb_entry *entry = cfg->entry;
1115 	struct net_bridge_port *port = cfg->p;
1116 	struct net_bridge_mdb_entry *mp;
1117 	struct net_bridge *br = cfg->br;
1118 	struct net_bridge_mcast *brmctx;
1119 	struct br_ip group = cfg->group;
1120 	unsigned char flags = 0;
1121 
1122 	brmctx = __br_mdb_choose_context(br, entry, extack);
1123 	if (!brmctx)
1124 		return -EINVAL;
1125 
1126 	mp = br_multicast_new_group(br, &group);
1127 	if (IS_ERR(mp))
1128 		return PTR_ERR(mp);
1129 
1130 	/* host join */
1131 	if (!port) {
1132 		if (mp->host_joined) {
1133 			NL_SET_ERR_MSG_MOD(extack, "Group is already joined by host");
1134 			return -EEXIST;
1135 		}
1136 
1137 		br_multicast_host_join(brmctx, mp, false);
1138 		br_mdb_notify(br->dev, mp, NULL, RTM_NEWMDB);
1139 
1140 		return 0;
1141 	}
1142 
1143 	if (entry->state == MDB_PERMANENT)
1144 		flags |= MDB_PG_FLAGS_PERMANENT;
1145 
1146 	if (br_multicast_is_star_g(&group))
1147 		return br_mdb_add_group_star_g(cfg, mp, brmctx, flags, extack);
1148 	else
1149 		return br_mdb_add_group_sg(cfg, mp, brmctx, flags, extack);
1150 }
1151 
1152 static int __br_mdb_add(const struct br_mdb_config *cfg,
1153 			struct netlink_ext_ack *extack)
1154 {
1155 	int ret;
1156 
1157 	spin_lock_bh(&cfg->br->multicast_lock);
1158 	ret = br_mdb_add_group(cfg, extack);
1159 	spin_unlock_bh(&cfg->br->multicast_lock);
1160 
1161 	return ret;
1162 }
1163 
1164 static int br_mdb_config_src_entry_init(struct nlattr *src_entry,
1165 					struct br_mdb_src_entry *src,
1166 					__be16 proto,
1167 					struct netlink_ext_ack *extack)
1168 {
1169 	struct nlattr *tb[MDBE_SRCATTR_MAX + 1];
1170 	int err;
1171 
1172 	err = nla_parse_nested(tb, MDBE_SRCATTR_MAX, src_entry,
1173 			       br_mdbe_src_list_entry_pol, extack);
1174 	if (err)
1175 		return err;
1176 
1177 	if (NL_REQ_ATTR_CHECK(extack, src_entry, tb, MDBE_SRCATTR_ADDRESS))
1178 		return -EINVAL;
1179 
1180 	if (!is_valid_mdb_source(tb[MDBE_SRCATTR_ADDRESS], proto, extack))
1181 		return -EINVAL;
1182 
1183 	src->addr.proto = proto;
1184 	nla_memcpy(&src->addr.src, tb[MDBE_SRCATTR_ADDRESS],
1185 		   nla_len(tb[MDBE_SRCATTR_ADDRESS]));
1186 
1187 	return 0;
1188 }
1189 
1190 static int br_mdb_config_src_list_init(struct nlattr *src_list,
1191 				       struct br_mdb_config *cfg,
1192 				       struct netlink_ext_ack *extack)
1193 {
1194 	struct nlattr *src_entry;
1195 	int rem, err;
1196 	int i = 0;
1197 
1198 	nla_for_each_nested(src_entry, src_list, rem)
1199 		cfg->num_src_entries++;
1200 
1201 	if (cfg->num_src_entries >= PG_SRC_ENT_LIMIT) {
1202 		NL_SET_ERR_MSG_FMT_MOD(extack, "Exceeded maximum number of source entries (%u)",
1203 				       PG_SRC_ENT_LIMIT - 1);
1204 		return -EINVAL;
1205 	}
1206 
1207 	cfg->src_entries = kcalloc(cfg->num_src_entries,
1208 				   sizeof(struct br_mdb_src_entry), GFP_KERNEL);
1209 	if (!cfg->src_entries)
1210 		return -ENOMEM;
1211 
1212 	nla_for_each_nested(src_entry, src_list, rem) {
1213 		err = br_mdb_config_src_entry_init(src_entry,
1214 						   &cfg->src_entries[i],
1215 						   cfg->entry->addr.proto,
1216 						   extack);
1217 		if (err)
1218 			goto err_src_entry_init;
1219 		i++;
1220 	}
1221 
1222 	return 0;
1223 
1224 err_src_entry_init:
1225 	kfree(cfg->src_entries);
1226 	return err;
1227 }
1228 
1229 static void br_mdb_config_src_list_fini(struct br_mdb_config *cfg)
1230 {
1231 	kfree(cfg->src_entries);
1232 }
1233 
1234 static int br_mdb_config_attrs_init(struct nlattr *set_attrs,
1235 				    struct br_mdb_config *cfg,
1236 				    struct netlink_ext_ack *extack)
1237 {
1238 	struct nlattr *mdb_attrs[MDBE_ATTR_MAX + 1];
1239 	int err;
1240 
1241 	err = nla_parse_nested(mdb_attrs, MDBE_ATTR_MAX, set_attrs,
1242 			       br_mdbe_attrs_pol, extack);
1243 	if (err)
1244 		return err;
1245 
1246 	if (mdb_attrs[MDBE_ATTR_SOURCE] &&
1247 	    !is_valid_mdb_source(mdb_attrs[MDBE_ATTR_SOURCE],
1248 				 cfg->entry->addr.proto, extack))
1249 		return -EINVAL;
1250 
1251 	__mdb_entry_to_br_ip(cfg->entry, &cfg->group, mdb_attrs);
1252 
1253 	if (mdb_attrs[MDBE_ATTR_GROUP_MODE]) {
1254 		if (!cfg->p) {
1255 			NL_SET_ERR_MSG_MOD(extack, "Filter mode cannot be set for host groups");
1256 			return -EINVAL;
1257 		}
1258 		if (!br_multicast_is_star_g(&cfg->group)) {
1259 			NL_SET_ERR_MSG_MOD(extack, "Filter mode can only be set for (*, G) entries");
1260 			return -EINVAL;
1261 		}
1262 		cfg->filter_mode = nla_get_u8(mdb_attrs[MDBE_ATTR_GROUP_MODE]);
1263 	} else {
1264 		cfg->filter_mode = MCAST_EXCLUDE;
1265 	}
1266 
1267 	if (mdb_attrs[MDBE_ATTR_SRC_LIST]) {
1268 		if (!cfg->p) {
1269 			NL_SET_ERR_MSG_MOD(extack, "Source list cannot be set for host groups");
1270 			return -EINVAL;
1271 		}
1272 		if (!br_multicast_is_star_g(&cfg->group)) {
1273 			NL_SET_ERR_MSG_MOD(extack, "Source list can only be set for (*, G) entries");
1274 			return -EINVAL;
1275 		}
1276 		if (!mdb_attrs[MDBE_ATTR_GROUP_MODE]) {
1277 			NL_SET_ERR_MSG_MOD(extack, "Source list cannot be set without filter mode");
1278 			return -EINVAL;
1279 		}
1280 		err = br_mdb_config_src_list_init(mdb_attrs[MDBE_ATTR_SRC_LIST],
1281 						  cfg, extack);
1282 		if (err)
1283 			return err;
1284 	}
1285 
1286 	if (!cfg->num_src_entries && cfg->filter_mode == MCAST_INCLUDE) {
1287 		NL_SET_ERR_MSG_MOD(extack, "Cannot add (*, G) INCLUDE with an empty source list");
1288 		return -EINVAL;
1289 	}
1290 
1291 	if (mdb_attrs[MDBE_ATTR_RTPROT]) {
1292 		if (!cfg->p) {
1293 			NL_SET_ERR_MSG_MOD(extack, "Protocol cannot be set for host groups");
1294 			return -EINVAL;
1295 		}
1296 		cfg->rt_protocol = nla_get_u8(mdb_attrs[MDBE_ATTR_RTPROT]);
1297 	}
1298 
1299 	return 0;
1300 }
1301 
1302 static const struct nla_policy mdba_policy[MDBA_SET_ENTRY_MAX + 1] = {
1303 	[MDBA_SET_ENTRY_UNSPEC] = { .strict_start_type = MDBA_SET_ENTRY_ATTRS + 1 },
1304 	[MDBA_SET_ENTRY] = NLA_POLICY_VALIDATE_FN(NLA_BINARY,
1305 						  validate_mdb_entry,
1306 						  sizeof(struct br_mdb_entry)),
1307 	[MDBA_SET_ENTRY_ATTRS] = { .type = NLA_NESTED },
1308 };
1309 
1310 static int br_mdb_config_init(struct net *net, const struct nlmsghdr *nlh,
1311 			      struct br_mdb_config *cfg,
1312 			      struct netlink_ext_ack *extack)
1313 {
1314 	struct nlattr *tb[MDBA_SET_ENTRY_MAX + 1];
1315 	struct br_port_msg *bpm;
1316 	struct net_device *dev;
1317 	int err;
1318 
1319 	err = nlmsg_parse_deprecated(nlh, sizeof(*bpm), tb,
1320 				     MDBA_SET_ENTRY_MAX, mdba_policy, extack);
1321 	if (err)
1322 		return err;
1323 
1324 	memset(cfg, 0, sizeof(*cfg));
1325 	cfg->filter_mode = MCAST_EXCLUDE;
1326 	cfg->rt_protocol = RTPROT_STATIC;
1327 	cfg->nlflags = nlh->nlmsg_flags;
1328 
1329 	bpm = nlmsg_data(nlh);
1330 	if (!bpm->ifindex) {
1331 		NL_SET_ERR_MSG_MOD(extack, "Invalid bridge ifindex");
1332 		return -EINVAL;
1333 	}
1334 
1335 	dev = __dev_get_by_index(net, bpm->ifindex);
1336 	if (!dev) {
1337 		NL_SET_ERR_MSG_MOD(extack, "Bridge device doesn't exist");
1338 		return -ENODEV;
1339 	}
1340 
1341 	if (!netif_is_bridge_master(dev)) {
1342 		NL_SET_ERR_MSG_MOD(extack, "Device is not a bridge");
1343 		return -EOPNOTSUPP;
1344 	}
1345 
1346 	cfg->br = netdev_priv(dev);
1347 
1348 	if (!netif_running(cfg->br->dev)) {
1349 		NL_SET_ERR_MSG_MOD(extack, "Bridge device is not running");
1350 		return -EINVAL;
1351 	}
1352 
1353 	if (!br_opt_get(cfg->br, BROPT_MULTICAST_ENABLED)) {
1354 		NL_SET_ERR_MSG_MOD(extack, "Bridge's multicast processing is disabled");
1355 		return -EINVAL;
1356 	}
1357 
1358 	if (NL_REQ_ATTR_CHECK(extack, NULL, tb, MDBA_SET_ENTRY)) {
1359 		NL_SET_ERR_MSG_MOD(extack, "Missing MDBA_SET_ENTRY attribute");
1360 		return -EINVAL;
1361 	}
1362 
1363 	cfg->entry = nla_data(tb[MDBA_SET_ENTRY]);
1364 
1365 	if (cfg->entry->ifindex != cfg->br->dev->ifindex) {
1366 		struct net_device *pdev;
1367 
1368 		pdev = __dev_get_by_index(net, cfg->entry->ifindex);
1369 		if (!pdev) {
1370 			NL_SET_ERR_MSG_MOD(extack, "Port net device doesn't exist");
1371 			return -ENODEV;
1372 		}
1373 
1374 		cfg->p = br_port_get_rtnl(pdev);
1375 		if (!cfg->p) {
1376 			NL_SET_ERR_MSG_MOD(extack, "Net device is not a bridge port");
1377 			return -EINVAL;
1378 		}
1379 
1380 		if (cfg->p->br != cfg->br) {
1381 			NL_SET_ERR_MSG_MOD(extack, "Port belongs to a different bridge device");
1382 			return -EINVAL;
1383 		}
1384 	}
1385 
1386 	if (tb[MDBA_SET_ENTRY_ATTRS])
1387 		return br_mdb_config_attrs_init(tb[MDBA_SET_ENTRY_ATTRS], cfg,
1388 						extack);
1389 	else
1390 		__mdb_entry_to_br_ip(cfg->entry, &cfg->group, NULL);
1391 
1392 	return 0;
1393 }
1394 
1395 static void br_mdb_config_fini(struct br_mdb_config *cfg)
1396 {
1397 	br_mdb_config_src_list_fini(cfg);
1398 }
1399 
1400 static int br_mdb_add(struct sk_buff *skb, struct nlmsghdr *nlh,
1401 		      struct netlink_ext_ack *extack)
1402 {
1403 	struct net *net = sock_net(skb->sk);
1404 	struct net_bridge_vlan_group *vg;
1405 	struct net_bridge_vlan *v;
1406 	struct br_mdb_config cfg;
1407 	int err;
1408 
1409 	err = br_mdb_config_init(net, nlh, &cfg, extack);
1410 	if (err)
1411 		return err;
1412 
1413 	err = -EINVAL;
1414 	/* host join errors which can happen before creating the group */
1415 	if (!cfg.p && !br_group_is_l2(&cfg.group)) {
1416 		/* don't allow any flags for host-joined IP groups */
1417 		if (cfg.entry->state) {
1418 			NL_SET_ERR_MSG_MOD(extack, "Flags are not allowed for host groups");
1419 			goto out;
1420 		}
1421 		if (!br_multicast_is_star_g(&cfg.group)) {
1422 			NL_SET_ERR_MSG_MOD(extack, "Groups with sources cannot be manually host joined");
1423 			goto out;
1424 		}
1425 	}
1426 
1427 	if (br_group_is_l2(&cfg.group) && cfg.entry->state != MDB_PERMANENT) {
1428 		NL_SET_ERR_MSG_MOD(extack, "Only permanent L2 entries allowed");
1429 		goto out;
1430 	}
1431 
1432 	if (cfg.p) {
1433 		if (cfg.p->state == BR_STATE_DISABLED && cfg.entry->state != MDB_PERMANENT) {
1434 			NL_SET_ERR_MSG_MOD(extack, "Port is in disabled state and entry is not permanent");
1435 			goto out;
1436 		}
1437 		vg = nbp_vlan_group(cfg.p);
1438 	} else {
1439 		vg = br_vlan_group(cfg.br);
1440 	}
1441 
1442 	/* If vlan filtering is enabled and VLAN is not specified
1443 	 * install mdb entry on all vlans configured on the port.
1444 	 */
1445 	if (br_vlan_enabled(cfg.br->dev) && vg && cfg.entry->vid == 0) {
1446 		list_for_each_entry(v, &vg->vlan_list, vlist) {
1447 			cfg.entry->vid = v->vid;
1448 			cfg.group.vid = v->vid;
1449 			err = __br_mdb_add(&cfg, extack);
1450 			if (err)
1451 				break;
1452 		}
1453 	} else {
1454 		err = __br_mdb_add(&cfg, extack);
1455 	}
1456 
1457 out:
1458 	br_mdb_config_fini(&cfg);
1459 	return err;
1460 }
1461 
1462 static int __br_mdb_del(const struct br_mdb_config *cfg)
1463 {
1464 	struct br_mdb_entry *entry = cfg->entry;
1465 	struct net_bridge *br = cfg->br;
1466 	struct net_bridge_mdb_entry *mp;
1467 	struct net_bridge_port_group *p;
1468 	struct net_bridge_port_group __rcu **pp;
1469 	struct br_ip ip = cfg->group;
1470 	int err = -EINVAL;
1471 
1472 	spin_lock_bh(&br->multicast_lock);
1473 	mp = br_mdb_ip_get(br, &ip);
1474 	if (!mp)
1475 		goto unlock;
1476 
1477 	/* host leave */
1478 	if (entry->ifindex == mp->br->dev->ifindex && mp->host_joined) {
1479 		br_multicast_host_leave(mp, false);
1480 		err = 0;
1481 		br_mdb_notify(br->dev, mp, NULL, RTM_DELMDB);
1482 		if (!mp->ports && netif_running(br->dev))
1483 			mod_timer(&mp->timer, jiffies);
1484 		goto unlock;
1485 	}
1486 
1487 	for (pp = &mp->ports;
1488 	     (p = mlock_dereference(*pp, br)) != NULL;
1489 	     pp = &p->next) {
1490 		if (!p->key.port || p->key.port->dev->ifindex != entry->ifindex)
1491 			continue;
1492 
1493 		br_multicast_del_pg(mp, p, pp);
1494 		err = 0;
1495 		break;
1496 	}
1497 
1498 unlock:
1499 	spin_unlock_bh(&br->multicast_lock);
1500 	return err;
1501 }
1502 
1503 static int br_mdb_del(struct sk_buff *skb, struct nlmsghdr *nlh,
1504 		      struct netlink_ext_ack *extack)
1505 {
1506 	struct net *net = sock_net(skb->sk);
1507 	struct net_bridge_vlan_group *vg;
1508 	struct net_bridge_vlan *v;
1509 	struct br_mdb_config cfg;
1510 	int err;
1511 
1512 	err = br_mdb_config_init(net, nlh, &cfg, extack);
1513 	if (err)
1514 		return err;
1515 
1516 	if (cfg.p)
1517 		vg = nbp_vlan_group(cfg.p);
1518 	else
1519 		vg = br_vlan_group(cfg.br);
1520 
1521 	/* If vlan filtering is enabled and VLAN is not specified
1522 	 * delete mdb entry on all vlans configured on the port.
1523 	 */
1524 	if (br_vlan_enabled(cfg.br->dev) && vg && cfg.entry->vid == 0) {
1525 		list_for_each_entry(v, &vg->vlan_list, vlist) {
1526 			cfg.entry->vid = v->vid;
1527 			cfg.group.vid = v->vid;
1528 			err = __br_mdb_del(&cfg);
1529 		}
1530 	} else {
1531 		err = __br_mdb_del(&cfg);
1532 	}
1533 
1534 	br_mdb_config_fini(&cfg);
1535 	return err;
1536 }
1537 
1538 void br_mdb_init(void)
1539 {
1540 	rtnl_register_module(THIS_MODULE, PF_BRIDGE, RTM_GETMDB, NULL, br_mdb_dump, 0);
1541 	rtnl_register_module(THIS_MODULE, PF_BRIDGE, RTM_NEWMDB, br_mdb_add, NULL, 0);
1542 	rtnl_register_module(THIS_MODULE, PF_BRIDGE, RTM_DELMDB, br_mdb_del, NULL, 0);
1543 }
1544 
1545 void br_mdb_uninit(void)
1546 {
1547 	rtnl_unregister(PF_BRIDGE, RTM_GETMDB);
1548 	rtnl_unregister(PF_BRIDGE, RTM_NEWMDB);
1549 	rtnl_unregister(PF_BRIDGE, RTM_DELMDB);
1550 }
1551