1 /* 2 * Bridge multicast support. 3 * 4 * Copyright (c) 2010 Herbert Xu <herbert@gondor.apana.org.au> 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License as published by the Free 8 * Software Foundation; either version 2 of the License, or (at your option) 9 * any later version. 10 * 11 */ 12 13 #include <linux/err.h> 14 #include <linux/export.h> 15 #include <linux/if_ether.h> 16 #include <linux/igmp.h> 17 #include <linux/jhash.h> 18 #include <linux/kernel.h> 19 #include <linux/log2.h> 20 #include <linux/netdevice.h> 21 #include <linux/netfilter_bridge.h> 22 #include <linux/random.h> 23 #include <linux/rculist.h> 24 #include <linux/skbuff.h> 25 #include <linux/slab.h> 26 #include <linux/timer.h> 27 #include <linux/inetdevice.h> 28 #include <net/ip.h> 29 #if IS_ENABLED(CONFIG_IPV6) 30 #include <net/ipv6.h> 31 #include <net/mld.h> 32 #include <net/ip6_checksum.h> 33 #include <net/addrconf.h> 34 #endif 35 36 #include "br_private.h" 37 38 static void br_multicast_start_querier(struct net_bridge *br, 39 struct bridge_mcast_own_query *query); 40 static void br_multicast_add_router(struct net_bridge *br, 41 struct net_bridge_port *port); 42 static void br_ip4_multicast_leave_group(struct net_bridge *br, 43 struct net_bridge_port *port, 44 __be32 group, 45 __u16 vid); 46 #if IS_ENABLED(CONFIG_IPV6) 47 static void br_ip6_multicast_leave_group(struct net_bridge *br, 48 struct net_bridge_port *port, 49 const struct in6_addr *group, 50 __u16 vid); 51 #endif 52 unsigned int br_mdb_rehash_seq; 53 54 static inline int br_ip_equal(const struct br_ip *a, const struct br_ip *b) 55 { 56 if (a->proto != b->proto) 57 return 0; 58 if (a->vid != b->vid) 59 return 0; 60 switch (a->proto) { 61 case htons(ETH_P_IP): 62 return a->u.ip4 == b->u.ip4; 63 #if IS_ENABLED(CONFIG_IPV6) 64 case htons(ETH_P_IPV6): 65 return ipv6_addr_equal(&a->u.ip6, &b->u.ip6); 66 #endif 67 } 68 return 0; 69 } 70 71 static inline int __br_ip4_hash(struct net_bridge_mdb_htable *mdb, __be32 ip, 72 __u16 vid) 73 { 74 return jhash_2words((__force u32)ip, vid, mdb->secret) & (mdb->max - 1); 75 } 76 77 #if IS_ENABLED(CONFIG_IPV6) 78 static inline int __br_ip6_hash(struct net_bridge_mdb_htable *mdb, 79 const struct in6_addr *ip, 80 __u16 vid) 81 { 82 return jhash_2words(ipv6_addr_hash(ip), vid, 83 mdb->secret) & (mdb->max - 1); 84 } 85 #endif 86 87 static inline int br_ip_hash(struct net_bridge_mdb_htable *mdb, 88 struct br_ip *ip) 89 { 90 switch (ip->proto) { 91 case htons(ETH_P_IP): 92 return __br_ip4_hash(mdb, ip->u.ip4, ip->vid); 93 #if IS_ENABLED(CONFIG_IPV6) 94 case htons(ETH_P_IPV6): 95 return __br_ip6_hash(mdb, &ip->u.ip6, ip->vid); 96 #endif 97 } 98 return 0; 99 } 100 101 static struct net_bridge_mdb_entry *__br_mdb_ip_get( 102 struct net_bridge_mdb_htable *mdb, struct br_ip *dst, int hash) 103 { 104 struct net_bridge_mdb_entry *mp; 105 106 hlist_for_each_entry_rcu(mp, &mdb->mhash[hash], hlist[mdb->ver]) { 107 if (br_ip_equal(&mp->addr, dst)) 108 return mp; 109 } 110 111 return NULL; 112 } 113 114 struct net_bridge_mdb_entry *br_mdb_ip_get(struct net_bridge_mdb_htable *mdb, 115 struct br_ip *dst) 116 { 117 if (!mdb) 118 return NULL; 119 120 return __br_mdb_ip_get(mdb, dst, br_ip_hash(mdb, dst)); 121 } 122 123 static struct net_bridge_mdb_entry *br_mdb_ip4_get( 124 struct net_bridge_mdb_htable *mdb, __be32 dst, __u16 vid) 125 { 126 struct br_ip br_dst; 127 128 br_dst.u.ip4 = dst; 129 br_dst.proto = htons(ETH_P_IP); 130 br_dst.vid = vid; 131 132 return br_mdb_ip_get(mdb, &br_dst); 133 } 134 135 #if IS_ENABLED(CONFIG_IPV6) 136 static struct net_bridge_mdb_entry *br_mdb_ip6_get( 137 struct net_bridge_mdb_htable *mdb, const struct in6_addr *dst, 138 __u16 vid) 139 { 140 struct br_ip br_dst; 141 142 br_dst.u.ip6 = *dst; 143 br_dst.proto = htons(ETH_P_IPV6); 144 br_dst.vid = vid; 145 146 return br_mdb_ip_get(mdb, &br_dst); 147 } 148 #endif 149 150 struct net_bridge_mdb_entry *br_mdb_get(struct net_bridge *br, 151 struct sk_buff *skb, u16 vid) 152 { 153 struct net_bridge_mdb_htable *mdb = rcu_dereference(br->mdb); 154 struct br_ip ip; 155 156 if (br->multicast_disabled) 157 return NULL; 158 159 if (BR_INPUT_SKB_CB(skb)->igmp) 160 return NULL; 161 162 ip.proto = skb->protocol; 163 ip.vid = vid; 164 165 switch (skb->protocol) { 166 case htons(ETH_P_IP): 167 ip.u.ip4 = ip_hdr(skb)->daddr; 168 break; 169 #if IS_ENABLED(CONFIG_IPV6) 170 case htons(ETH_P_IPV6): 171 ip.u.ip6 = ipv6_hdr(skb)->daddr; 172 break; 173 #endif 174 default: 175 return NULL; 176 } 177 178 return br_mdb_ip_get(mdb, &ip); 179 } 180 181 static void br_mdb_free(struct rcu_head *head) 182 { 183 struct net_bridge_mdb_htable *mdb = 184 container_of(head, struct net_bridge_mdb_htable, rcu); 185 struct net_bridge_mdb_htable *old = mdb->old; 186 187 mdb->old = NULL; 188 kfree(old->mhash); 189 kfree(old); 190 } 191 192 static int br_mdb_copy(struct net_bridge_mdb_htable *new, 193 struct net_bridge_mdb_htable *old, 194 int elasticity) 195 { 196 struct net_bridge_mdb_entry *mp; 197 int maxlen; 198 int len; 199 int i; 200 201 for (i = 0; i < old->max; i++) 202 hlist_for_each_entry(mp, &old->mhash[i], hlist[old->ver]) 203 hlist_add_head(&mp->hlist[new->ver], 204 &new->mhash[br_ip_hash(new, &mp->addr)]); 205 206 if (!elasticity) 207 return 0; 208 209 maxlen = 0; 210 for (i = 0; i < new->max; i++) { 211 len = 0; 212 hlist_for_each_entry(mp, &new->mhash[i], hlist[new->ver]) 213 len++; 214 if (len > maxlen) 215 maxlen = len; 216 } 217 218 return maxlen > elasticity ? -EINVAL : 0; 219 } 220 221 void br_multicast_free_pg(struct rcu_head *head) 222 { 223 struct net_bridge_port_group *p = 224 container_of(head, struct net_bridge_port_group, rcu); 225 226 kfree(p); 227 } 228 229 static void br_multicast_free_group(struct rcu_head *head) 230 { 231 struct net_bridge_mdb_entry *mp = 232 container_of(head, struct net_bridge_mdb_entry, rcu); 233 234 kfree(mp); 235 } 236 237 static void br_multicast_group_expired(unsigned long data) 238 { 239 struct net_bridge_mdb_entry *mp = (void *)data; 240 struct net_bridge *br = mp->br; 241 struct net_bridge_mdb_htable *mdb; 242 243 spin_lock(&br->multicast_lock); 244 if (!netif_running(br->dev) || timer_pending(&mp->timer)) 245 goto out; 246 247 mp->mglist = false; 248 249 if (mp->ports) 250 goto out; 251 252 mdb = mlock_dereference(br->mdb, br); 253 254 hlist_del_rcu(&mp->hlist[mdb->ver]); 255 mdb->size--; 256 257 call_rcu_bh(&mp->rcu, br_multicast_free_group); 258 259 out: 260 spin_unlock(&br->multicast_lock); 261 } 262 263 static void br_multicast_del_pg(struct net_bridge *br, 264 struct net_bridge_port_group *pg) 265 { 266 struct net_bridge_mdb_htable *mdb; 267 struct net_bridge_mdb_entry *mp; 268 struct net_bridge_port_group *p; 269 struct net_bridge_port_group __rcu **pp; 270 271 mdb = mlock_dereference(br->mdb, br); 272 273 mp = br_mdb_ip_get(mdb, &pg->addr); 274 if (WARN_ON(!mp)) 275 return; 276 277 for (pp = &mp->ports; 278 (p = mlock_dereference(*pp, br)) != NULL; 279 pp = &p->next) { 280 if (p != pg) 281 continue; 282 283 rcu_assign_pointer(*pp, p->next); 284 hlist_del_init(&p->mglist); 285 del_timer(&p->timer); 286 br_mdb_notify(br->dev, p, RTM_DELMDB); 287 call_rcu_bh(&p->rcu, br_multicast_free_pg); 288 289 if (!mp->ports && !mp->mglist && 290 netif_running(br->dev)) 291 mod_timer(&mp->timer, jiffies); 292 293 return; 294 } 295 296 WARN_ON(1); 297 } 298 299 static void br_multicast_port_group_expired(unsigned long data) 300 { 301 struct net_bridge_port_group *pg = (void *)data; 302 struct net_bridge *br = pg->port->br; 303 304 spin_lock(&br->multicast_lock); 305 if (!netif_running(br->dev) || timer_pending(&pg->timer) || 306 hlist_unhashed(&pg->mglist) || pg->flags & MDB_PG_FLAGS_PERMANENT) 307 goto out; 308 309 br_multicast_del_pg(br, pg); 310 311 out: 312 spin_unlock(&br->multicast_lock); 313 } 314 315 static int br_mdb_rehash(struct net_bridge_mdb_htable __rcu **mdbp, int max, 316 int elasticity) 317 { 318 struct net_bridge_mdb_htable *old = rcu_dereference_protected(*mdbp, 1); 319 struct net_bridge_mdb_htable *mdb; 320 int err; 321 322 mdb = kmalloc(sizeof(*mdb), GFP_ATOMIC); 323 if (!mdb) 324 return -ENOMEM; 325 326 mdb->max = max; 327 mdb->old = old; 328 329 mdb->mhash = kzalloc(max * sizeof(*mdb->mhash), GFP_ATOMIC); 330 if (!mdb->mhash) { 331 kfree(mdb); 332 return -ENOMEM; 333 } 334 335 mdb->size = old ? old->size : 0; 336 mdb->ver = old ? old->ver ^ 1 : 0; 337 338 if (!old || elasticity) 339 get_random_bytes(&mdb->secret, sizeof(mdb->secret)); 340 else 341 mdb->secret = old->secret; 342 343 if (!old) 344 goto out; 345 346 err = br_mdb_copy(mdb, old, elasticity); 347 if (err) { 348 kfree(mdb->mhash); 349 kfree(mdb); 350 return err; 351 } 352 353 br_mdb_rehash_seq++; 354 call_rcu_bh(&mdb->rcu, br_mdb_free); 355 356 out: 357 rcu_assign_pointer(*mdbp, mdb); 358 359 return 0; 360 } 361 362 static struct sk_buff *br_ip4_multicast_alloc_query(struct net_bridge *br, 363 __be32 group) 364 { 365 struct sk_buff *skb; 366 struct igmphdr *ih; 367 struct ethhdr *eth; 368 struct iphdr *iph; 369 370 skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*iph) + 371 sizeof(*ih) + 4); 372 if (!skb) 373 goto out; 374 375 skb->protocol = htons(ETH_P_IP); 376 377 skb_reset_mac_header(skb); 378 eth = eth_hdr(skb); 379 380 ether_addr_copy(eth->h_source, br->dev->dev_addr); 381 eth->h_dest[0] = 1; 382 eth->h_dest[1] = 0; 383 eth->h_dest[2] = 0x5e; 384 eth->h_dest[3] = 0; 385 eth->h_dest[4] = 0; 386 eth->h_dest[5] = 1; 387 eth->h_proto = htons(ETH_P_IP); 388 skb_put(skb, sizeof(*eth)); 389 390 skb_set_network_header(skb, skb->len); 391 iph = ip_hdr(skb); 392 393 iph->version = 4; 394 iph->ihl = 6; 395 iph->tos = 0xc0; 396 iph->tot_len = htons(sizeof(*iph) + sizeof(*ih) + 4); 397 iph->id = 0; 398 iph->frag_off = htons(IP_DF); 399 iph->ttl = 1; 400 iph->protocol = IPPROTO_IGMP; 401 iph->saddr = br->multicast_query_use_ifaddr ? 402 inet_select_addr(br->dev, 0, RT_SCOPE_LINK) : 0; 403 iph->daddr = htonl(INADDR_ALLHOSTS_GROUP); 404 ((u8 *)&iph[1])[0] = IPOPT_RA; 405 ((u8 *)&iph[1])[1] = 4; 406 ((u8 *)&iph[1])[2] = 0; 407 ((u8 *)&iph[1])[3] = 0; 408 ip_send_check(iph); 409 skb_put(skb, 24); 410 411 skb_set_transport_header(skb, skb->len); 412 ih = igmp_hdr(skb); 413 ih->type = IGMP_HOST_MEMBERSHIP_QUERY; 414 ih->code = (group ? br->multicast_last_member_interval : 415 br->multicast_query_response_interval) / 416 (HZ / IGMP_TIMER_SCALE); 417 ih->group = group; 418 ih->csum = 0; 419 ih->csum = ip_compute_csum((void *)ih, sizeof(struct igmphdr)); 420 skb_put(skb, sizeof(*ih)); 421 422 __skb_pull(skb, sizeof(*eth)); 423 424 out: 425 return skb; 426 } 427 428 #if IS_ENABLED(CONFIG_IPV6) 429 static struct sk_buff *br_ip6_multicast_alloc_query(struct net_bridge *br, 430 const struct in6_addr *group) 431 { 432 struct sk_buff *skb; 433 struct ipv6hdr *ip6h; 434 struct mld_msg *mldq; 435 struct ethhdr *eth; 436 u8 *hopopt; 437 unsigned long interval; 438 439 skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*ip6h) + 440 8 + sizeof(*mldq)); 441 if (!skb) 442 goto out; 443 444 skb->protocol = htons(ETH_P_IPV6); 445 446 /* Ethernet header */ 447 skb_reset_mac_header(skb); 448 eth = eth_hdr(skb); 449 450 ether_addr_copy(eth->h_source, br->dev->dev_addr); 451 eth->h_proto = htons(ETH_P_IPV6); 452 skb_put(skb, sizeof(*eth)); 453 454 /* IPv6 header + HbH option */ 455 skb_set_network_header(skb, skb->len); 456 ip6h = ipv6_hdr(skb); 457 458 *(__force __be32 *)ip6h = htonl(0x60000000); 459 ip6h->payload_len = htons(8 + sizeof(*mldq)); 460 ip6h->nexthdr = IPPROTO_HOPOPTS; 461 ip6h->hop_limit = 1; 462 ipv6_addr_set(&ip6h->daddr, htonl(0xff020000), 0, 0, htonl(1)); 463 if (ipv6_dev_get_saddr(dev_net(br->dev), br->dev, &ip6h->daddr, 0, 464 &ip6h->saddr)) { 465 kfree_skb(skb); 466 return NULL; 467 } 468 ipv6_eth_mc_map(&ip6h->daddr, eth->h_dest); 469 470 hopopt = (u8 *)(ip6h + 1); 471 hopopt[0] = IPPROTO_ICMPV6; /* next hdr */ 472 hopopt[1] = 0; /* length of HbH */ 473 hopopt[2] = IPV6_TLV_ROUTERALERT; /* Router Alert */ 474 hopopt[3] = 2; /* Length of RA Option */ 475 hopopt[4] = 0; /* Type = 0x0000 (MLD) */ 476 hopopt[5] = 0; 477 hopopt[6] = IPV6_TLV_PAD1; /* Pad1 */ 478 hopopt[7] = IPV6_TLV_PAD1; /* Pad1 */ 479 480 skb_put(skb, sizeof(*ip6h) + 8); 481 482 /* ICMPv6 */ 483 skb_set_transport_header(skb, skb->len); 484 mldq = (struct mld_msg *) icmp6_hdr(skb); 485 486 interval = ipv6_addr_any(group) ? 487 br->multicast_query_response_interval : 488 br->multicast_last_member_interval; 489 490 mldq->mld_type = ICMPV6_MGM_QUERY; 491 mldq->mld_code = 0; 492 mldq->mld_cksum = 0; 493 mldq->mld_maxdelay = htons((u16)jiffies_to_msecs(interval)); 494 mldq->mld_reserved = 0; 495 mldq->mld_mca = *group; 496 497 /* checksum */ 498 mldq->mld_cksum = csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr, 499 sizeof(*mldq), IPPROTO_ICMPV6, 500 csum_partial(mldq, 501 sizeof(*mldq), 0)); 502 skb_put(skb, sizeof(*mldq)); 503 504 __skb_pull(skb, sizeof(*eth)); 505 506 out: 507 return skb; 508 } 509 #endif 510 511 static struct sk_buff *br_multicast_alloc_query(struct net_bridge *br, 512 struct br_ip *addr) 513 { 514 switch (addr->proto) { 515 case htons(ETH_P_IP): 516 return br_ip4_multicast_alloc_query(br, addr->u.ip4); 517 #if IS_ENABLED(CONFIG_IPV6) 518 case htons(ETH_P_IPV6): 519 return br_ip6_multicast_alloc_query(br, &addr->u.ip6); 520 #endif 521 } 522 return NULL; 523 } 524 525 static struct net_bridge_mdb_entry *br_multicast_get_group( 526 struct net_bridge *br, struct net_bridge_port *port, 527 struct br_ip *group, int hash) 528 { 529 struct net_bridge_mdb_htable *mdb; 530 struct net_bridge_mdb_entry *mp; 531 unsigned int count = 0; 532 unsigned int max; 533 int elasticity; 534 int err; 535 536 mdb = rcu_dereference_protected(br->mdb, 1); 537 hlist_for_each_entry(mp, &mdb->mhash[hash], hlist[mdb->ver]) { 538 count++; 539 if (unlikely(br_ip_equal(group, &mp->addr))) 540 return mp; 541 } 542 543 elasticity = 0; 544 max = mdb->max; 545 546 if (unlikely(count > br->hash_elasticity && count)) { 547 if (net_ratelimit()) 548 br_info(br, "Multicast hash table " 549 "chain limit reached: %s\n", 550 port ? port->dev->name : br->dev->name); 551 552 elasticity = br->hash_elasticity; 553 } 554 555 if (mdb->size >= max) { 556 max *= 2; 557 if (unlikely(max > br->hash_max)) { 558 br_warn(br, "Multicast hash table maximum of %d " 559 "reached, disabling snooping: %s\n", 560 br->hash_max, 561 port ? port->dev->name : br->dev->name); 562 err = -E2BIG; 563 disable: 564 br->multicast_disabled = 1; 565 goto err; 566 } 567 } 568 569 if (max > mdb->max || elasticity) { 570 if (mdb->old) { 571 if (net_ratelimit()) 572 br_info(br, "Multicast hash table " 573 "on fire: %s\n", 574 port ? port->dev->name : br->dev->name); 575 err = -EEXIST; 576 goto err; 577 } 578 579 err = br_mdb_rehash(&br->mdb, max, elasticity); 580 if (err) { 581 br_warn(br, "Cannot rehash multicast " 582 "hash table, disabling snooping: %s, %d, %d\n", 583 port ? port->dev->name : br->dev->name, 584 mdb->size, err); 585 goto disable; 586 } 587 588 err = -EAGAIN; 589 goto err; 590 } 591 592 return NULL; 593 594 err: 595 mp = ERR_PTR(err); 596 return mp; 597 } 598 599 struct net_bridge_mdb_entry *br_multicast_new_group(struct net_bridge *br, 600 struct net_bridge_port *port, struct br_ip *group) 601 { 602 struct net_bridge_mdb_htable *mdb; 603 struct net_bridge_mdb_entry *mp; 604 int hash; 605 int err; 606 607 mdb = rcu_dereference_protected(br->mdb, 1); 608 if (!mdb) { 609 err = br_mdb_rehash(&br->mdb, BR_HASH_SIZE, 0); 610 if (err) 611 return ERR_PTR(err); 612 goto rehash; 613 } 614 615 hash = br_ip_hash(mdb, group); 616 mp = br_multicast_get_group(br, port, group, hash); 617 switch (PTR_ERR(mp)) { 618 case 0: 619 break; 620 621 case -EAGAIN: 622 rehash: 623 mdb = rcu_dereference_protected(br->mdb, 1); 624 hash = br_ip_hash(mdb, group); 625 break; 626 627 default: 628 goto out; 629 } 630 631 mp = kzalloc(sizeof(*mp), GFP_ATOMIC); 632 if (unlikely(!mp)) 633 return ERR_PTR(-ENOMEM); 634 635 mp->br = br; 636 mp->addr = *group; 637 setup_timer(&mp->timer, br_multicast_group_expired, 638 (unsigned long)mp); 639 640 hlist_add_head_rcu(&mp->hlist[mdb->ver], &mdb->mhash[hash]); 641 mdb->size++; 642 643 out: 644 return mp; 645 } 646 647 struct net_bridge_port_group *br_multicast_new_port_group( 648 struct net_bridge_port *port, 649 struct br_ip *group, 650 struct net_bridge_port_group __rcu *next, 651 unsigned char flags) 652 { 653 struct net_bridge_port_group *p; 654 655 p = kzalloc(sizeof(*p), GFP_ATOMIC); 656 if (unlikely(!p)) 657 return NULL; 658 659 p->addr = *group; 660 p->port = port; 661 p->flags = flags; 662 rcu_assign_pointer(p->next, next); 663 hlist_add_head(&p->mglist, &port->mglist); 664 setup_timer(&p->timer, br_multicast_port_group_expired, 665 (unsigned long)p); 666 return p; 667 } 668 669 static int br_multicast_add_group(struct net_bridge *br, 670 struct net_bridge_port *port, 671 struct br_ip *group) 672 { 673 struct net_bridge_mdb_entry *mp; 674 struct net_bridge_port_group *p; 675 struct net_bridge_port_group __rcu **pp; 676 unsigned long now = jiffies; 677 int err; 678 679 spin_lock(&br->multicast_lock); 680 if (!netif_running(br->dev) || 681 (port && port->state == BR_STATE_DISABLED)) 682 goto out; 683 684 mp = br_multicast_new_group(br, port, group); 685 err = PTR_ERR(mp); 686 if (IS_ERR(mp)) 687 goto err; 688 689 if (!port) { 690 mp->mglist = true; 691 mod_timer(&mp->timer, now + br->multicast_membership_interval); 692 goto out; 693 } 694 695 for (pp = &mp->ports; 696 (p = mlock_dereference(*pp, br)) != NULL; 697 pp = &p->next) { 698 if (p->port == port) 699 goto found; 700 if ((unsigned long)p->port < (unsigned long)port) 701 break; 702 } 703 704 p = br_multicast_new_port_group(port, group, *pp, 0); 705 if (unlikely(!p)) 706 goto err; 707 rcu_assign_pointer(*pp, p); 708 br_mdb_notify(br->dev, p, RTM_NEWMDB); 709 710 found: 711 mod_timer(&p->timer, now + br->multicast_membership_interval); 712 out: 713 err = 0; 714 715 err: 716 spin_unlock(&br->multicast_lock); 717 return err; 718 } 719 720 static int br_ip4_multicast_add_group(struct net_bridge *br, 721 struct net_bridge_port *port, 722 __be32 group, 723 __u16 vid) 724 { 725 struct br_ip br_group; 726 727 if (ipv4_is_local_multicast(group)) 728 return 0; 729 730 br_group.u.ip4 = group; 731 br_group.proto = htons(ETH_P_IP); 732 br_group.vid = vid; 733 734 return br_multicast_add_group(br, port, &br_group); 735 } 736 737 #if IS_ENABLED(CONFIG_IPV6) 738 static int br_ip6_multicast_add_group(struct net_bridge *br, 739 struct net_bridge_port *port, 740 const struct in6_addr *group, 741 __u16 vid) 742 { 743 struct br_ip br_group; 744 745 if (ipv6_addr_is_ll_all_nodes(group)) 746 return 0; 747 748 br_group.u.ip6 = *group; 749 br_group.proto = htons(ETH_P_IPV6); 750 br_group.vid = vid; 751 752 return br_multicast_add_group(br, port, &br_group); 753 } 754 #endif 755 756 static void br_multicast_router_expired(unsigned long data) 757 { 758 struct net_bridge_port *port = (void *)data; 759 struct net_bridge *br = port->br; 760 761 spin_lock(&br->multicast_lock); 762 if (port->multicast_router != 1 || 763 timer_pending(&port->multicast_router_timer) || 764 hlist_unhashed(&port->rlist)) 765 goto out; 766 767 hlist_del_init_rcu(&port->rlist); 768 br_rtr_notify(br->dev, port, RTM_DELMDB); 769 770 out: 771 spin_unlock(&br->multicast_lock); 772 } 773 774 static void br_multicast_local_router_expired(unsigned long data) 775 { 776 } 777 778 static void br_multicast_querier_expired(struct net_bridge *br, 779 struct bridge_mcast_own_query *query) 780 { 781 spin_lock(&br->multicast_lock); 782 if (!netif_running(br->dev) || br->multicast_disabled) 783 goto out; 784 785 br_multicast_start_querier(br, query); 786 787 out: 788 spin_unlock(&br->multicast_lock); 789 } 790 791 static void br_ip4_multicast_querier_expired(unsigned long data) 792 { 793 struct net_bridge *br = (void *)data; 794 795 br_multicast_querier_expired(br, &br->ip4_own_query); 796 } 797 798 #if IS_ENABLED(CONFIG_IPV6) 799 static void br_ip6_multicast_querier_expired(unsigned long data) 800 { 801 struct net_bridge *br = (void *)data; 802 803 br_multicast_querier_expired(br, &br->ip6_own_query); 804 } 805 #endif 806 807 static void br_multicast_select_own_querier(struct net_bridge *br, 808 struct br_ip *ip, 809 struct sk_buff *skb) 810 { 811 if (ip->proto == htons(ETH_P_IP)) 812 br->ip4_querier.addr.u.ip4 = ip_hdr(skb)->saddr; 813 #if IS_ENABLED(CONFIG_IPV6) 814 else 815 br->ip6_querier.addr.u.ip6 = ipv6_hdr(skb)->saddr; 816 #endif 817 } 818 819 static void __br_multicast_send_query(struct net_bridge *br, 820 struct net_bridge_port *port, 821 struct br_ip *ip) 822 { 823 struct sk_buff *skb; 824 825 skb = br_multicast_alloc_query(br, ip); 826 if (!skb) 827 return; 828 829 if (port) { 830 skb->dev = port->dev; 831 NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, 832 dev_net(port->dev), NULL, skb, NULL, skb->dev, 833 br_dev_queue_push_xmit); 834 } else { 835 br_multicast_select_own_querier(br, ip, skb); 836 netif_rx(skb); 837 } 838 } 839 840 static void br_multicast_send_query(struct net_bridge *br, 841 struct net_bridge_port *port, 842 struct bridge_mcast_own_query *own_query) 843 { 844 unsigned long time; 845 struct br_ip br_group; 846 struct bridge_mcast_other_query *other_query = NULL; 847 848 if (!netif_running(br->dev) || br->multicast_disabled || 849 !br->multicast_querier) 850 return; 851 852 memset(&br_group.u, 0, sizeof(br_group.u)); 853 854 if (port ? (own_query == &port->ip4_own_query) : 855 (own_query == &br->ip4_own_query)) { 856 other_query = &br->ip4_other_query; 857 br_group.proto = htons(ETH_P_IP); 858 #if IS_ENABLED(CONFIG_IPV6) 859 } else { 860 other_query = &br->ip6_other_query; 861 br_group.proto = htons(ETH_P_IPV6); 862 #endif 863 } 864 865 if (!other_query || timer_pending(&other_query->timer)) 866 return; 867 868 __br_multicast_send_query(br, port, &br_group); 869 870 time = jiffies; 871 time += own_query->startup_sent < br->multicast_startup_query_count ? 872 br->multicast_startup_query_interval : 873 br->multicast_query_interval; 874 mod_timer(&own_query->timer, time); 875 } 876 877 static void 878 br_multicast_port_query_expired(struct net_bridge_port *port, 879 struct bridge_mcast_own_query *query) 880 { 881 struct net_bridge *br = port->br; 882 883 spin_lock(&br->multicast_lock); 884 if (port->state == BR_STATE_DISABLED || 885 port->state == BR_STATE_BLOCKING) 886 goto out; 887 888 if (query->startup_sent < br->multicast_startup_query_count) 889 query->startup_sent++; 890 891 br_multicast_send_query(port->br, port, query); 892 893 out: 894 spin_unlock(&br->multicast_lock); 895 } 896 897 static void br_ip4_multicast_port_query_expired(unsigned long data) 898 { 899 struct net_bridge_port *port = (void *)data; 900 901 br_multicast_port_query_expired(port, &port->ip4_own_query); 902 } 903 904 #if IS_ENABLED(CONFIG_IPV6) 905 static void br_ip6_multicast_port_query_expired(unsigned long data) 906 { 907 struct net_bridge_port *port = (void *)data; 908 909 br_multicast_port_query_expired(port, &port->ip6_own_query); 910 } 911 #endif 912 913 void br_multicast_add_port(struct net_bridge_port *port) 914 { 915 port->multicast_router = 1; 916 917 setup_timer(&port->multicast_router_timer, br_multicast_router_expired, 918 (unsigned long)port); 919 setup_timer(&port->ip4_own_query.timer, 920 br_ip4_multicast_port_query_expired, (unsigned long)port); 921 #if IS_ENABLED(CONFIG_IPV6) 922 setup_timer(&port->ip6_own_query.timer, 923 br_ip6_multicast_port_query_expired, (unsigned long)port); 924 #endif 925 } 926 927 void br_multicast_del_port(struct net_bridge_port *port) 928 { 929 struct net_bridge *br = port->br; 930 struct net_bridge_port_group *pg; 931 struct hlist_node *n; 932 933 /* Take care of the remaining groups, only perm ones should be left */ 934 spin_lock_bh(&br->multicast_lock); 935 hlist_for_each_entry_safe(pg, n, &port->mglist, mglist) 936 br_multicast_del_pg(br, pg); 937 spin_unlock_bh(&br->multicast_lock); 938 del_timer_sync(&port->multicast_router_timer); 939 } 940 941 static void br_multicast_enable(struct bridge_mcast_own_query *query) 942 { 943 query->startup_sent = 0; 944 945 if (try_to_del_timer_sync(&query->timer) >= 0 || 946 del_timer(&query->timer)) 947 mod_timer(&query->timer, jiffies); 948 } 949 950 void br_multicast_enable_port(struct net_bridge_port *port) 951 { 952 struct net_bridge *br = port->br; 953 954 spin_lock(&br->multicast_lock); 955 if (br->multicast_disabled || !netif_running(br->dev)) 956 goto out; 957 958 br_multicast_enable(&port->ip4_own_query); 959 #if IS_ENABLED(CONFIG_IPV6) 960 br_multicast_enable(&port->ip6_own_query); 961 #endif 962 if (port->multicast_router == 2 && hlist_unhashed(&port->rlist)) 963 br_multicast_add_router(br, port); 964 965 out: 966 spin_unlock(&br->multicast_lock); 967 } 968 969 void br_multicast_disable_port(struct net_bridge_port *port) 970 { 971 struct net_bridge *br = port->br; 972 struct net_bridge_port_group *pg; 973 struct hlist_node *n; 974 975 spin_lock(&br->multicast_lock); 976 hlist_for_each_entry_safe(pg, n, &port->mglist, mglist) 977 if (!(pg->flags & MDB_PG_FLAGS_PERMANENT)) 978 br_multicast_del_pg(br, pg); 979 980 if (!hlist_unhashed(&port->rlist)) { 981 hlist_del_init_rcu(&port->rlist); 982 br_rtr_notify(br->dev, port, RTM_DELMDB); 983 } 984 del_timer(&port->multicast_router_timer); 985 del_timer(&port->ip4_own_query.timer); 986 #if IS_ENABLED(CONFIG_IPV6) 987 del_timer(&port->ip6_own_query.timer); 988 #endif 989 spin_unlock(&br->multicast_lock); 990 } 991 992 static int br_ip4_multicast_igmp3_report(struct net_bridge *br, 993 struct net_bridge_port *port, 994 struct sk_buff *skb, 995 u16 vid) 996 { 997 struct igmpv3_report *ih; 998 struct igmpv3_grec *grec; 999 int i; 1000 int len; 1001 int num; 1002 int type; 1003 int err = 0; 1004 __be32 group; 1005 1006 ih = igmpv3_report_hdr(skb); 1007 num = ntohs(ih->ngrec); 1008 len = skb_transport_offset(skb) + sizeof(*ih); 1009 1010 for (i = 0; i < num; i++) { 1011 len += sizeof(*grec); 1012 if (!pskb_may_pull(skb, len)) 1013 return -EINVAL; 1014 1015 grec = (void *)(skb->data + len - sizeof(*grec)); 1016 group = grec->grec_mca; 1017 type = grec->grec_type; 1018 1019 len += ntohs(grec->grec_nsrcs) * 4; 1020 if (!pskb_may_pull(skb, len)) 1021 return -EINVAL; 1022 1023 /* We treat this as an IGMPv2 report for now. */ 1024 switch (type) { 1025 case IGMPV3_MODE_IS_INCLUDE: 1026 case IGMPV3_MODE_IS_EXCLUDE: 1027 case IGMPV3_CHANGE_TO_INCLUDE: 1028 case IGMPV3_CHANGE_TO_EXCLUDE: 1029 case IGMPV3_ALLOW_NEW_SOURCES: 1030 case IGMPV3_BLOCK_OLD_SOURCES: 1031 break; 1032 1033 default: 1034 continue; 1035 } 1036 1037 if ((type == IGMPV3_CHANGE_TO_INCLUDE || 1038 type == IGMPV3_MODE_IS_INCLUDE) && 1039 ntohs(grec->grec_nsrcs) == 0) { 1040 br_ip4_multicast_leave_group(br, port, group, vid); 1041 } else { 1042 err = br_ip4_multicast_add_group(br, port, group, vid); 1043 if (err) 1044 break; 1045 } 1046 } 1047 1048 return err; 1049 } 1050 1051 #if IS_ENABLED(CONFIG_IPV6) 1052 static int br_ip6_multicast_mld2_report(struct net_bridge *br, 1053 struct net_bridge_port *port, 1054 struct sk_buff *skb, 1055 u16 vid) 1056 { 1057 struct icmp6hdr *icmp6h; 1058 struct mld2_grec *grec; 1059 int i; 1060 int len; 1061 int num; 1062 int err = 0; 1063 1064 if (!pskb_may_pull(skb, sizeof(*icmp6h))) 1065 return -EINVAL; 1066 1067 icmp6h = icmp6_hdr(skb); 1068 num = ntohs(icmp6h->icmp6_dataun.un_data16[1]); 1069 len = skb_transport_offset(skb) + sizeof(*icmp6h); 1070 1071 for (i = 0; i < num; i++) { 1072 __be16 *nsrcs, _nsrcs; 1073 1074 nsrcs = skb_header_pointer(skb, 1075 len + offsetof(struct mld2_grec, 1076 grec_nsrcs), 1077 sizeof(_nsrcs), &_nsrcs); 1078 if (!nsrcs) 1079 return -EINVAL; 1080 1081 if (!pskb_may_pull(skb, 1082 len + sizeof(*grec) + 1083 sizeof(struct in6_addr) * ntohs(*nsrcs))) 1084 return -EINVAL; 1085 1086 grec = (struct mld2_grec *)(skb->data + len); 1087 len += sizeof(*grec) + 1088 sizeof(struct in6_addr) * ntohs(*nsrcs); 1089 1090 /* We treat these as MLDv1 reports for now. */ 1091 switch (grec->grec_type) { 1092 case MLD2_MODE_IS_INCLUDE: 1093 case MLD2_MODE_IS_EXCLUDE: 1094 case MLD2_CHANGE_TO_INCLUDE: 1095 case MLD2_CHANGE_TO_EXCLUDE: 1096 case MLD2_ALLOW_NEW_SOURCES: 1097 case MLD2_BLOCK_OLD_SOURCES: 1098 break; 1099 1100 default: 1101 continue; 1102 } 1103 1104 if ((grec->grec_type == MLD2_CHANGE_TO_INCLUDE || 1105 grec->grec_type == MLD2_MODE_IS_INCLUDE) && 1106 ntohs(*nsrcs) == 0) { 1107 br_ip6_multicast_leave_group(br, port, &grec->grec_mca, 1108 vid); 1109 } else { 1110 err = br_ip6_multicast_add_group(br, port, 1111 &grec->grec_mca, vid); 1112 if (!err) 1113 break; 1114 } 1115 } 1116 1117 return err; 1118 } 1119 #endif 1120 1121 static bool br_ip4_multicast_select_querier(struct net_bridge *br, 1122 struct net_bridge_port *port, 1123 __be32 saddr) 1124 { 1125 if (!timer_pending(&br->ip4_own_query.timer) && 1126 !timer_pending(&br->ip4_other_query.timer)) 1127 goto update; 1128 1129 if (!br->ip4_querier.addr.u.ip4) 1130 goto update; 1131 1132 if (ntohl(saddr) <= ntohl(br->ip4_querier.addr.u.ip4)) 1133 goto update; 1134 1135 return false; 1136 1137 update: 1138 br->ip4_querier.addr.u.ip4 = saddr; 1139 1140 /* update protected by general multicast_lock by caller */ 1141 rcu_assign_pointer(br->ip4_querier.port, port); 1142 1143 return true; 1144 } 1145 1146 #if IS_ENABLED(CONFIG_IPV6) 1147 static bool br_ip6_multicast_select_querier(struct net_bridge *br, 1148 struct net_bridge_port *port, 1149 struct in6_addr *saddr) 1150 { 1151 if (!timer_pending(&br->ip6_own_query.timer) && 1152 !timer_pending(&br->ip6_other_query.timer)) 1153 goto update; 1154 1155 if (ipv6_addr_cmp(saddr, &br->ip6_querier.addr.u.ip6) <= 0) 1156 goto update; 1157 1158 return false; 1159 1160 update: 1161 br->ip6_querier.addr.u.ip6 = *saddr; 1162 1163 /* update protected by general multicast_lock by caller */ 1164 rcu_assign_pointer(br->ip6_querier.port, port); 1165 1166 return true; 1167 } 1168 #endif 1169 1170 static bool br_multicast_select_querier(struct net_bridge *br, 1171 struct net_bridge_port *port, 1172 struct br_ip *saddr) 1173 { 1174 switch (saddr->proto) { 1175 case htons(ETH_P_IP): 1176 return br_ip4_multicast_select_querier(br, port, saddr->u.ip4); 1177 #if IS_ENABLED(CONFIG_IPV6) 1178 case htons(ETH_P_IPV6): 1179 return br_ip6_multicast_select_querier(br, port, &saddr->u.ip6); 1180 #endif 1181 } 1182 1183 return false; 1184 } 1185 1186 static void 1187 br_multicast_update_query_timer(struct net_bridge *br, 1188 struct bridge_mcast_other_query *query, 1189 unsigned long max_delay) 1190 { 1191 if (!timer_pending(&query->timer)) 1192 query->delay_time = jiffies + max_delay; 1193 1194 mod_timer(&query->timer, jiffies + br->multicast_querier_interval); 1195 } 1196 1197 /* 1198 * Add port to router_list 1199 * list is maintained ordered by pointer value 1200 * and locked by br->multicast_lock and RCU 1201 */ 1202 static void br_multicast_add_router(struct net_bridge *br, 1203 struct net_bridge_port *port) 1204 { 1205 struct net_bridge_port *p; 1206 struct hlist_node *slot = NULL; 1207 1208 if (!hlist_unhashed(&port->rlist)) 1209 return; 1210 1211 hlist_for_each_entry(p, &br->router_list, rlist) { 1212 if ((unsigned long) port >= (unsigned long) p) 1213 break; 1214 slot = &p->rlist; 1215 } 1216 1217 if (slot) 1218 hlist_add_behind_rcu(&port->rlist, slot); 1219 else 1220 hlist_add_head_rcu(&port->rlist, &br->router_list); 1221 br_rtr_notify(br->dev, port, RTM_NEWMDB); 1222 } 1223 1224 static void br_multicast_mark_router(struct net_bridge *br, 1225 struct net_bridge_port *port) 1226 { 1227 unsigned long now = jiffies; 1228 1229 if (!port) { 1230 if (br->multicast_router == 1) 1231 mod_timer(&br->multicast_router_timer, 1232 now + br->multicast_querier_interval); 1233 return; 1234 } 1235 1236 if (port->multicast_router != 1) 1237 return; 1238 1239 br_multicast_add_router(br, port); 1240 1241 mod_timer(&port->multicast_router_timer, 1242 now + br->multicast_querier_interval); 1243 } 1244 1245 static void br_multicast_query_received(struct net_bridge *br, 1246 struct net_bridge_port *port, 1247 struct bridge_mcast_other_query *query, 1248 struct br_ip *saddr, 1249 unsigned long max_delay) 1250 { 1251 if (!br_multicast_select_querier(br, port, saddr)) 1252 return; 1253 1254 br_multicast_update_query_timer(br, query, max_delay); 1255 br_multicast_mark_router(br, port); 1256 } 1257 1258 static int br_ip4_multicast_query(struct net_bridge *br, 1259 struct net_bridge_port *port, 1260 struct sk_buff *skb, 1261 u16 vid) 1262 { 1263 const struct iphdr *iph = ip_hdr(skb); 1264 struct igmphdr *ih = igmp_hdr(skb); 1265 struct net_bridge_mdb_entry *mp; 1266 struct igmpv3_query *ih3; 1267 struct net_bridge_port_group *p; 1268 struct net_bridge_port_group __rcu **pp; 1269 struct br_ip saddr; 1270 unsigned long max_delay; 1271 unsigned long now = jiffies; 1272 __be32 group; 1273 int err = 0; 1274 1275 spin_lock(&br->multicast_lock); 1276 if (!netif_running(br->dev) || 1277 (port && port->state == BR_STATE_DISABLED)) 1278 goto out; 1279 1280 group = ih->group; 1281 1282 if (skb->len == sizeof(*ih)) { 1283 max_delay = ih->code * (HZ / IGMP_TIMER_SCALE); 1284 1285 if (!max_delay) { 1286 max_delay = 10 * HZ; 1287 group = 0; 1288 } 1289 } else if (skb->len >= sizeof(*ih3)) { 1290 ih3 = igmpv3_query_hdr(skb); 1291 if (ih3->nsrcs) 1292 goto out; 1293 1294 max_delay = ih3->code ? 1295 IGMPV3_MRC(ih3->code) * (HZ / IGMP_TIMER_SCALE) : 1; 1296 } else { 1297 goto out; 1298 } 1299 1300 if (!group) { 1301 saddr.proto = htons(ETH_P_IP); 1302 saddr.u.ip4 = iph->saddr; 1303 1304 br_multicast_query_received(br, port, &br->ip4_other_query, 1305 &saddr, max_delay); 1306 goto out; 1307 } 1308 1309 mp = br_mdb_ip4_get(mlock_dereference(br->mdb, br), group, vid); 1310 if (!mp) 1311 goto out; 1312 1313 max_delay *= br->multicast_last_member_count; 1314 1315 if (mp->mglist && 1316 (timer_pending(&mp->timer) ? 1317 time_after(mp->timer.expires, now + max_delay) : 1318 try_to_del_timer_sync(&mp->timer) >= 0)) 1319 mod_timer(&mp->timer, now + max_delay); 1320 1321 for (pp = &mp->ports; 1322 (p = mlock_dereference(*pp, br)) != NULL; 1323 pp = &p->next) { 1324 if (timer_pending(&p->timer) ? 1325 time_after(p->timer.expires, now + max_delay) : 1326 try_to_del_timer_sync(&p->timer) >= 0) 1327 mod_timer(&p->timer, now + max_delay); 1328 } 1329 1330 out: 1331 spin_unlock(&br->multicast_lock); 1332 return err; 1333 } 1334 1335 #if IS_ENABLED(CONFIG_IPV6) 1336 static int br_ip6_multicast_query(struct net_bridge *br, 1337 struct net_bridge_port *port, 1338 struct sk_buff *skb, 1339 u16 vid) 1340 { 1341 const struct ipv6hdr *ip6h = ipv6_hdr(skb); 1342 struct mld_msg *mld; 1343 struct net_bridge_mdb_entry *mp; 1344 struct mld2_query *mld2q; 1345 struct net_bridge_port_group *p; 1346 struct net_bridge_port_group __rcu **pp; 1347 struct br_ip saddr; 1348 unsigned long max_delay; 1349 unsigned long now = jiffies; 1350 const struct in6_addr *group = NULL; 1351 bool is_general_query; 1352 int err = 0; 1353 1354 spin_lock(&br->multicast_lock); 1355 if (!netif_running(br->dev) || 1356 (port && port->state == BR_STATE_DISABLED)) 1357 goto out; 1358 1359 if (skb->len == sizeof(*mld)) { 1360 if (!pskb_may_pull(skb, sizeof(*mld))) { 1361 err = -EINVAL; 1362 goto out; 1363 } 1364 mld = (struct mld_msg *) icmp6_hdr(skb); 1365 max_delay = msecs_to_jiffies(ntohs(mld->mld_maxdelay)); 1366 if (max_delay) 1367 group = &mld->mld_mca; 1368 } else { 1369 if (!pskb_may_pull(skb, sizeof(*mld2q))) { 1370 err = -EINVAL; 1371 goto out; 1372 } 1373 mld2q = (struct mld2_query *)icmp6_hdr(skb); 1374 if (!mld2q->mld2q_nsrcs) 1375 group = &mld2q->mld2q_mca; 1376 1377 max_delay = max(msecs_to_jiffies(mldv2_mrc(mld2q)), 1UL); 1378 } 1379 1380 is_general_query = group && ipv6_addr_any(group); 1381 1382 if (is_general_query) { 1383 saddr.proto = htons(ETH_P_IPV6); 1384 saddr.u.ip6 = ip6h->saddr; 1385 1386 br_multicast_query_received(br, port, &br->ip6_other_query, 1387 &saddr, max_delay); 1388 goto out; 1389 } else if (!group) { 1390 goto out; 1391 } 1392 1393 mp = br_mdb_ip6_get(mlock_dereference(br->mdb, br), group, vid); 1394 if (!mp) 1395 goto out; 1396 1397 max_delay *= br->multicast_last_member_count; 1398 if (mp->mglist && 1399 (timer_pending(&mp->timer) ? 1400 time_after(mp->timer.expires, now + max_delay) : 1401 try_to_del_timer_sync(&mp->timer) >= 0)) 1402 mod_timer(&mp->timer, now + max_delay); 1403 1404 for (pp = &mp->ports; 1405 (p = mlock_dereference(*pp, br)) != NULL; 1406 pp = &p->next) { 1407 if (timer_pending(&p->timer) ? 1408 time_after(p->timer.expires, now + max_delay) : 1409 try_to_del_timer_sync(&p->timer) >= 0) 1410 mod_timer(&p->timer, now + max_delay); 1411 } 1412 1413 out: 1414 spin_unlock(&br->multicast_lock); 1415 return err; 1416 } 1417 #endif 1418 1419 static void 1420 br_multicast_leave_group(struct net_bridge *br, 1421 struct net_bridge_port *port, 1422 struct br_ip *group, 1423 struct bridge_mcast_other_query *other_query, 1424 struct bridge_mcast_own_query *own_query) 1425 { 1426 struct net_bridge_mdb_htable *mdb; 1427 struct net_bridge_mdb_entry *mp; 1428 struct net_bridge_port_group *p; 1429 unsigned long now; 1430 unsigned long time; 1431 1432 spin_lock(&br->multicast_lock); 1433 if (!netif_running(br->dev) || 1434 (port && port->state == BR_STATE_DISABLED)) 1435 goto out; 1436 1437 mdb = mlock_dereference(br->mdb, br); 1438 mp = br_mdb_ip_get(mdb, group); 1439 if (!mp) 1440 goto out; 1441 1442 if (port && (port->flags & BR_MULTICAST_FAST_LEAVE)) { 1443 struct net_bridge_port_group __rcu **pp; 1444 1445 for (pp = &mp->ports; 1446 (p = mlock_dereference(*pp, br)) != NULL; 1447 pp = &p->next) { 1448 if (p->port != port) 1449 continue; 1450 1451 rcu_assign_pointer(*pp, p->next); 1452 hlist_del_init(&p->mglist); 1453 del_timer(&p->timer); 1454 call_rcu_bh(&p->rcu, br_multicast_free_pg); 1455 br_mdb_notify(br->dev, p, RTM_DELMDB); 1456 1457 if (!mp->ports && !mp->mglist && 1458 netif_running(br->dev)) 1459 mod_timer(&mp->timer, jiffies); 1460 } 1461 goto out; 1462 } 1463 1464 if (timer_pending(&other_query->timer)) 1465 goto out; 1466 1467 if (br->multicast_querier) { 1468 __br_multicast_send_query(br, port, &mp->addr); 1469 1470 time = jiffies + br->multicast_last_member_count * 1471 br->multicast_last_member_interval; 1472 1473 mod_timer(&own_query->timer, time); 1474 1475 for (p = mlock_dereference(mp->ports, br); 1476 p != NULL; 1477 p = mlock_dereference(p->next, br)) { 1478 if (p->port != port) 1479 continue; 1480 1481 if (!hlist_unhashed(&p->mglist) && 1482 (timer_pending(&p->timer) ? 1483 time_after(p->timer.expires, time) : 1484 try_to_del_timer_sync(&p->timer) >= 0)) { 1485 mod_timer(&p->timer, time); 1486 } 1487 1488 break; 1489 } 1490 } 1491 1492 now = jiffies; 1493 time = now + br->multicast_last_member_count * 1494 br->multicast_last_member_interval; 1495 1496 if (!port) { 1497 if (mp->mglist && 1498 (timer_pending(&mp->timer) ? 1499 time_after(mp->timer.expires, time) : 1500 try_to_del_timer_sync(&mp->timer) >= 0)) { 1501 mod_timer(&mp->timer, time); 1502 } 1503 1504 goto out; 1505 } 1506 1507 for (p = mlock_dereference(mp->ports, br); 1508 p != NULL; 1509 p = mlock_dereference(p->next, br)) { 1510 if (p->port != port) 1511 continue; 1512 1513 if (!hlist_unhashed(&p->mglist) && 1514 (timer_pending(&p->timer) ? 1515 time_after(p->timer.expires, time) : 1516 try_to_del_timer_sync(&p->timer) >= 0)) { 1517 mod_timer(&p->timer, time); 1518 } 1519 1520 break; 1521 } 1522 out: 1523 spin_unlock(&br->multicast_lock); 1524 } 1525 1526 static void br_ip4_multicast_leave_group(struct net_bridge *br, 1527 struct net_bridge_port *port, 1528 __be32 group, 1529 __u16 vid) 1530 { 1531 struct br_ip br_group; 1532 struct bridge_mcast_own_query *own_query; 1533 1534 if (ipv4_is_local_multicast(group)) 1535 return; 1536 1537 own_query = port ? &port->ip4_own_query : &br->ip4_own_query; 1538 1539 br_group.u.ip4 = group; 1540 br_group.proto = htons(ETH_P_IP); 1541 br_group.vid = vid; 1542 1543 br_multicast_leave_group(br, port, &br_group, &br->ip4_other_query, 1544 own_query); 1545 } 1546 1547 #if IS_ENABLED(CONFIG_IPV6) 1548 static void br_ip6_multicast_leave_group(struct net_bridge *br, 1549 struct net_bridge_port *port, 1550 const struct in6_addr *group, 1551 __u16 vid) 1552 { 1553 struct br_ip br_group; 1554 struct bridge_mcast_own_query *own_query; 1555 1556 if (ipv6_addr_is_ll_all_nodes(group)) 1557 return; 1558 1559 own_query = port ? &port->ip6_own_query : &br->ip6_own_query; 1560 1561 br_group.u.ip6 = *group; 1562 br_group.proto = htons(ETH_P_IPV6); 1563 br_group.vid = vid; 1564 1565 br_multicast_leave_group(br, port, &br_group, &br->ip6_other_query, 1566 own_query); 1567 } 1568 #endif 1569 1570 static int br_multicast_ipv4_rcv(struct net_bridge *br, 1571 struct net_bridge_port *port, 1572 struct sk_buff *skb, 1573 u16 vid) 1574 { 1575 struct sk_buff *skb_trimmed = NULL; 1576 struct igmphdr *ih; 1577 int err; 1578 1579 err = ip_mc_check_igmp(skb, &skb_trimmed); 1580 1581 if (err == -ENOMSG) { 1582 if (!ipv4_is_local_multicast(ip_hdr(skb)->daddr)) 1583 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 1584 return 0; 1585 } else if (err < 0) { 1586 return err; 1587 } 1588 1589 BR_INPUT_SKB_CB(skb)->igmp = 1; 1590 ih = igmp_hdr(skb); 1591 1592 switch (ih->type) { 1593 case IGMP_HOST_MEMBERSHIP_REPORT: 1594 case IGMPV2_HOST_MEMBERSHIP_REPORT: 1595 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 1596 err = br_ip4_multicast_add_group(br, port, ih->group, vid); 1597 break; 1598 case IGMPV3_HOST_MEMBERSHIP_REPORT: 1599 err = br_ip4_multicast_igmp3_report(br, port, skb_trimmed, vid); 1600 break; 1601 case IGMP_HOST_MEMBERSHIP_QUERY: 1602 err = br_ip4_multicast_query(br, port, skb_trimmed, vid); 1603 break; 1604 case IGMP_HOST_LEAVE_MESSAGE: 1605 br_ip4_multicast_leave_group(br, port, ih->group, vid); 1606 break; 1607 } 1608 1609 if (skb_trimmed && skb_trimmed != skb) 1610 kfree_skb(skb_trimmed); 1611 1612 return err; 1613 } 1614 1615 #if IS_ENABLED(CONFIG_IPV6) 1616 static int br_multicast_ipv6_rcv(struct net_bridge *br, 1617 struct net_bridge_port *port, 1618 struct sk_buff *skb, 1619 u16 vid) 1620 { 1621 struct sk_buff *skb_trimmed = NULL; 1622 struct mld_msg *mld; 1623 int err; 1624 1625 err = ipv6_mc_check_mld(skb, &skb_trimmed); 1626 1627 if (err == -ENOMSG) { 1628 if (!ipv6_addr_is_ll_all_nodes(&ipv6_hdr(skb)->daddr)) 1629 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 1630 return 0; 1631 } else if (err < 0) { 1632 return err; 1633 } 1634 1635 BR_INPUT_SKB_CB(skb)->igmp = 1; 1636 mld = (struct mld_msg *)skb_transport_header(skb); 1637 1638 switch (mld->mld_type) { 1639 case ICMPV6_MGM_REPORT: 1640 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 1641 err = br_ip6_multicast_add_group(br, port, &mld->mld_mca, vid); 1642 break; 1643 case ICMPV6_MLD2_REPORT: 1644 err = br_ip6_multicast_mld2_report(br, port, skb_trimmed, vid); 1645 break; 1646 case ICMPV6_MGM_QUERY: 1647 err = br_ip6_multicast_query(br, port, skb_trimmed, vid); 1648 break; 1649 case ICMPV6_MGM_REDUCTION: 1650 br_ip6_multicast_leave_group(br, port, &mld->mld_mca, vid); 1651 break; 1652 } 1653 1654 if (skb_trimmed && skb_trimmed != skb) 1655 kfree_skb(skb_trimmed); 1656 1657 return err; 1658 } 1659 #endif 1660 1661 int br_multicast_rcv(struct net_bridge *br, struct net_bridge_port *port, 1662 struct sk_buff *skb, u16 vid) 1663 { 1664 BR_INPUT_SKB_CB(skb)->igmp = 0; 1665 BR_INPUT_SKB_CB(skb)->mrouters_only = 0; 1666 1667 if (br->multicast_disabled) 1668 return 0; 1669 1670 switch (skb->protocol) { 1671 case htons(ETH_P_IP): 1672 return br_multicast_ipv4_rcv(br, port, skb, vid); 1673 #if IS_ENABLED(CONFIG_IPV6) 1674 case htons(ETH_P_IPV6): 1675 return br_multicast_ipv6_rcv(br, port, skb, vid); 1676 #endif 1677 } 1678 1679 return 0; 1680 } 1681 1682 static void br_multicast_query_expired(struct net_bridge *br, 1683 struct bridge_mcast_own_query *query, 1684 struct bridge_mcast_querier *querier) 1685 { 1686 spin_lock(&br->multicast_lock); 1687 if (query->startup_sent < br->multicast_startup_query_count) 1688 query->startup_sent++; 1689 1690 RCU_INIT_POINTER(querier->port, NULL); 1691 br_multicast_send_query(br, NULL, query); 1692 spin_unlock(&br->multicast_lock); 1693 } 1694 1695 static void br_ip4_multicast_query_expired(unsigned long data) 1696 { 1697 struct net_bridge *br = (void *)data; 1698 1699 br_multicast_query_expired(br, &br->ip4_own_query, &br->ip4_querier); 1700 } 1701 1702 #if IS_ENABLED(CONFIG_IPV6) 1703 static void br_ip6_multicast_query_expired(unsigned long data) 1704 { 1705 struct net_bridge *br = (void *)data; 1706 1707 br_multicast_query_expired(br, &br->ip6_own_query, &br->ip6_querier); 1708 } 1709 #endif 1710 1711 void br_multicast_init(struct net_bridge *br) 1712 { 1713 br->hash_elasticity = 4; 1714 br->hash_max = 512; 1715 1716 br->multicast_router = 1; 1717 br->multicast_querier = 0; 1718 br->multicast_query_use_ifaddr = 0; 1719 br->multicast_last_member_count = 2; 1720 br->multicast_startup_query_count = 2; 1721 1722 br->multicast_last_member_interval = HZ; 1723 br->multicast_query_response_interval = 10 * HZ; 1724 br->multicast_startup_query_interval = 125 * HZ / 4; 1725 br->multicast_query_interval = 125 * HZ; 1726 br->multicast_querier_interval = 255 * HZ; 1727 br->multicast_membership_interval = 260 * HZ; 1728 1729 br->ip4_other_query.delay_time = 0; 1730 br->ip4_querier.port = NULL; 1731 #if IS_ENABLED(CONFIG_IPV6) 1732 br->ip6_other_query.delay_time = 0; 1733 br->ip6_querier.port = NULL; 1734 #endif 1735 1736 spin_lock_init(&br->multicast_lock); 1737 setup_timer(&br->multicast_router_timer, 1738 br_multicast_local_router_expired, 0); 1739 setup_timer(&br->ip4_other_query.timer, 1740 br_ip4_multicast_querier_expired, (unsigned long)br); 1741 setup_timer(&br->ip4_own_query.timer, br_ip4_multicast_query_expired, 1742 (unsigned long)br); 1743 #if IS_ENABLED(CONFIG_IPV6) 1744 setup_timer(&br->ip6_other_query.timer, 1745 br_ip6_multicast_querier_expired, (unsigned long)br); 1746 setup_timer(&br->ip6_own_query.timer, br_ip6_multicast_query_expired, 1747 (unsigned long)br); 1748 #endif 1749 } 1750 1751 static void __br_multicast_open(struct net_bridge *br, 1752 struct bridge_mcast_own_query *query) 1753 { 1754 query->startup_sent = 0; 1755 1756 if (br->multicast_disabled) 1757 return; 1758 1759 mod_timer(&query->timer, jiffies); 1760 } 1761 1762 void br_multicast_open(struct net_bridge *br) 1763 { 1764 __br_multicast_open(br, &br->ip4_own_query); 1765 #if IS_ENABLED(CONFIG_IPV6) 1766 __br_multicast_open(br, &br->ip6_own_query); 1767 #endif 1768 } 1769 1770 void br_multicast_stop(struct net_bridge *br) 1771 { 1772 del_timer_sync(&br->multicast_router_timer); 1773 del_timer_sync(&br->ip4_other_query.timer); 1774 del_timer_sync(&br->ip4_own_query.timer); 1775 #if IS_ENABLED(CONFIG_IPV6) 1776 del_timer_sync(&br->ip6_other_query.timer); 1777 del_timer_sync(&br->ip6_own_query.timer); 1778 #endif 1779 } 1780 1781 void br_multicast_dev_del(struct net_bridge *br) 1782 { 1783 struct net_bridge_mdb_htable *mdb; 1784 struct net_bridge_mdb_entry *mp; 1785 struct hlist_node *n; 1786 u32 ver; 1787 int i; 1788 1789 spin_lock_bh(&br->multicast_lock); 1790 mdb = mlock_dereference(br->mdb, br); 1791 if (!mdb) 1792 goto out; 1793 1794 br->mdb = NULL; 1795 1796 ver = mdb->ver; 1797 for (i = 0; i < mdb->max; i++) { 1798 hlist_for_each_entry_safe(mp, n, &mdb->mhash[i], 1799 hlist[ver]) { 1800 del_timer(&mp->timer); 1801 call_rcu_bh(&mp->rcu, br_multicast_free_group); 1802 } 1803 } 1804 1805 if (mdb->old) { 1806 spin_unlock_bh(&br->multicast_lock); 1807 rcu_barrier_bh(); 1808 spin_lock_bh(&br->multicast_lock); 1809 WARN_ON(mdb->old); 1810 } 1811 1812 mdb->old = mdb; 1813 call_rcu_bh(&mdb->rcu, br_mdb_free); 1814 1815 out: 1816 spin_unlock_bh(&br->multicast_lock); 1817 } 1818 1819 int br_multicast_set_router(struct net_bridge *br, unsigned long val) 1820 { 1821 int err = -EINVAL; 1822 1823 spin_lock_bh(&br->multicast_lock); 1824 1825 switch (val) { 1826 case 0: 1827 case 2: 1828 del_timer(&br->multicast_router_timer); 1829 /* fall through */ 1830 case 1: 1831 br->multicast_router = val; 1832 err = 0; 1833 break; 1834 } 1835 1836 spin_unlock_bh(&br->multicast_lock); 1837 1838 return err; 1839 } 1840 1841 int br_multicast_set_port_router(struct net_bridge_port *p, unsigned long val) 1842 { 1843 struct net_bridge *br = p->br; 1844 int err = -EINVAL; 1845 1846 spin_lock(&br->multicast_lock); 1847 1848 switch (val) { 1849 case 0: 1850 case 1: 1851 case 2: 1852 p->multicast_router = val; 1853 err = 0; 1854 1855 if (val < 2 && !hlist_unhashed(&p->rlist)) { 1856 hlist_del_init_rcu(&p->rlist); 1857 br_rtr_notify(br->dev, p, RTM_DELMDB); 1858 } 1859 1860 if (val == 1) 1861 break; 1862 1863 del_timer(&p->multicast_router_timer); 1864 1865 if (val == 0) 1866 break; 1867 1868 br_multicast_add_router(br, p); 1869 break; 1870 } 1871 1872 spin_unlock(&br->multicast_lock); 1873 1874 return err; 1875 } 1876 1877 static void br_multicast_start_querier(struct net_bridge *br, 1878 struct bridge_mcast_own_query *query) 1879 { 1880 struct net_bridge_port *port; 1881 1882 __br_multicast_open(br, query); 1883 1884 list_for_each_entry(port, &br->port_list, list) { 1885 if (port->state == BR_STATE_DISABLED || 1886 port->state == BR_STATE_BLOCKING) 1887 continue; 1888 1889 if (query == &br->ip4_own_query) 1890 br_multicast_enable(&port->ip4_own_query); 1891 #if IS_ENABLED(CONFIG_IPV6) 1892 else 1893 br_multicast_enable(&port->ip6_own_query); 1894 #endif 1895 } 1896 } 1897 1898 int br_multicast_toggle(struct net_bridge *br, unsigned long val) 1899 { 1900 int err = 0; 1901 struct net_bridge_mdb_htable *mdb; 1902 1903 spin_lock_bh(&br->multicast_lock); 1904 if (br->multicast_disabled == !val) 1905 goto unlock; 1906 1907 br->multicast_disabled = !val; 1908 if (br->multicast_disabled) 1909 goto unlock; 1910 1911 if (!netif_running(br->dev)) 1912 goto unlock; 1913 1914 mdb = mlock_dereference(br->mdb, br); 1915 if (mdb) { 1916 if (mdb->old) { 1917 err = -EEXIST; 1918 rollback: 1919 br->multicast_disabled = !!val; 1920 goto unlock; 1921 } 1922 1923 err = br_mdb_rehash(&br->mdb, mdb->max, 1924 br->hash_elasticity); 1925 if (err) 1926 goto rollback; 1927 } 1928 1929 br_multicast_start_querier(br, &br->ip4_own_query); 1930 #if IS_ENABLED(CONFIG_IPV6) 1931 br_multicast_start_querier(br, &br->ip6_own_query); 1932 #endif 1933 1934 unlock: 1935 spin_unlock_bh(&br->multicast_lock); 1936 1937 return err; 1938 } 1939 1940 int br_multicast_set_querier(struct net_bridge *br, unsigned long val) 1941 { 1942 unsigned long max_delay; 1943 1944 val = !!val; 1945 1946 spin_lock_bh(&br->multicast_lock); 1947 if (br->multicast_querier == val) 1948 goto unlock; 1949 1950 br->multicast_querier = val; 1951 if (!val) 1952 goto unlock; 1953 1954 max_delay = br->multicast_query_response_interval; 1955 1956 if (!timer_pending(&br->ip4_other_query.timer)) 1957 br->ip4_other_query.delay_time = jiffies + max_delay; 1958 1959 br_multicast_start_querier(br, &br->ip4_own_query); 1960 1961 #if IS_ENABLED(CONFIG_IPV6) 1962 if (!timer_pending(&br->ip6_other_query.timer)) 1963 br->ip6_other_query.delay_time = jiffies + max_delay; 1964 1965 br_multicast_start_querier(br, &br->ip6_own_query); 1966 #endif 1967 1968 unlock: 1969 spin_unlock_bh(&br->multicast_lock); 1970 1971 return 0; 1972 } 1973 1974 int br_multicast_set_hash_max(struct net_bridge *br, unsigned long val) 1975 { 1976 int err = -EINVAL; 1977 u32 old; 1978 struct net_bridge_mdb_htable *mdb; 1979 1980 spin_lock_bh(&br->multicast_lock); 1981 if (!is_power_of_2(val)) 1982 goto unlock; 1983 1984 mdb = mlock_dereference(br->mdb, br); 1985 if (mdb && val < mdb->size) 1986 goto unlock; 1987 1988 err = 0; 1989 1990 old = br->hash_max; 1991 br->hash_max = val; 1992 1993 if (mdb) { 1994 if (mdb->old) { 1995 err = -EEXIST; 1996 rollback: 1997 br->hash_max = old; 1998 goto unlock; 1999 } 2000 2001 err = br_mdb_rehash(&br->mdb, br->hash_max, 2002 br->hash_elasticity); 2003 if (err) 2004 goto rollback; 2005 } 2006 2007 unlock: 2008 spin_unlock_bh(&br->multicast_lock); 2009 2010 return err; 2011 } 2012 2013 /** 2014 * br_multicast_list_adjacent - Returns snooped multicast addresses 2015 * @dev: The bridge port adjacent to which to retrieve addresses 2016 * @br_ip_list: The list to store found, snooped multicast IP addresses in 2017 * 2018 * Creates a list of IP addresses (struct br_ip_list) sensed by the multicast 2019 * snooping feature on all bridge ports of dev's bridge device, excluding 2020 * the addresses from dev itself. 2021 * 2022 * Returns the number of items added to br_ip_list. 2023 * 2024 * Notes: 2025 * - br_ip_list needs to be initialized by caller 2026 * - br_ip_list might contain duplicates in the end 2027 * (needs to be taken care of by caller) 2028 * - br_ip_list needs to be freed by caller 2029 */ 2030 int br_multicast_list_adjacent(struct net_device *dev, 2031 struct list_head *br_ip_list) 2032 { 2033 struct net_bridge *br; 2034 struct net_bridge_port *port; 2035 struct net_bridge_port_group *group; 2036 struct br_ip_list *entry; 2037 int count = 0; 2038 2039 rcu_read_lock(); 2040 if (!br_ip_list || !br_port_exists(dev)) 2041 goto unlock; 2042 2043 port = br_port_get_rcu(dev); 2044 if (!port || !port->br) 2045 goto unlock; 2046 2047 br = port->br; 2048 2049 list_for_each_entry_rcu(port, &br->port_list, list) { 2050 if (!port->dev || port->dev == dev) 2051 continue; 2052 2053 hlist_for_each_entry_rcu(group, &port->mglist, mglist) { 2054 entry = kmalloc(sizeof(*entry), GFP_ATOMIC); 2055 if (!entry) 2056 goto unlock; 2057 2058 entry->addr = group->addr; 2059 list_add(&entry->list, br_ip_list); 2060 count++; 2061 } 2062 } 2063 2064 unlock: 2065 rcu_read_unlock(); 2066 return count; 2067 } 2068 EXPORT_SYMBOL_GPL(br_multicast_list_adjacent); 2069 2070 /** 2071 * br_multicast_has_querier_anywhere - Checks for a querier on a bridge 2072 * @dev: The bridge port providing the bridge on which to check for a querier 2073 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6 2074 * 2075 * Checks whether the given interface has a bridge on top and if so returns 2076 * true if a valid querier exists anywhere on the bridged link layer. 2077 * Otherwise returns false. 2078 */ 2079 bool br_multicast_has_querier_anywhere(struct net_device *dev, int proto) 2080 { 2081 struct net_bridge *br; 2082 struct net_bridge_port *port; 2083 struct ethhdr eth; 2084 bool ret = false; 2085 2086 rcu_read_lock(); 2087 if (!br_port_exists(dev)) 2088 goto unlock; 2089 2090 port = br_port_get_rcu(dev); 2091 if (!port || !port->br) 2092 goto unlock; 2093 2094 br = port->br; 2095 2096 memset(ð, 0, sizeof(eth)); 2097 eth.h_proto = htons(proto); 2098 2099 ret = br_multicast_querier_exists(br, ð); 2100 2101 unlock: 2102 rcu_read_unlock(); 2103 return ret; 2104 } 2105 EXPORT_SYMBOL_GPL(br_multicast_has_querier_anywhere); 2106 2107 /** 2108 * br_multicast_has_querier_adjacent - Checks for a querier behind a bridge port 2109 * @dev: The bridge port adjacent to which to check for a querier 2110 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6 2111 * 2112 * Checks whether the given interface has a bridge on top and if so returns 2113 * true if a selected querier is behind one of the other ports of this 2114 * bridge. Otherwise returns false. 2115 */ 2116 bool br_multicast_has_querier_adjacent(struct net_device *dev, int proto) 2117 { 2118 struct net_bridge *br; 2119 struct net_bridge_port *port; 2120 bool ret = false; 2121 2122 rcu_read_lock(); 2123 if (!br_port_exists(dev)) 2124 goto unlock; 2125 2126 port = br_port_get_rcu(dev); 2127 if (!port || !port->br) 2128 goto unlock; 2129 2130 br = port->br; 2131 2132 switch (proto) { 2133 case ETH_P_IP: 2134 if (!timer_pending(&br->ip4_other_query.timer) || 2135 rcu_dereference(br->ip4_querier.port) == port) 2136 goto unlock; 2137 break; 2138 #if IS_ENABLED(CONFIG_IPV6) 2139 case ETH_P_IPV6: 2140 if (!timer_pending(&br->ip6_other_query.timer) || 2141 rcu_dereference(br->ip6_querier.port) == port) 2142 goto unlock; 2143 break; 2144 #endif 2145 default: 2146 goto unlock; 2147 } 2148 2149 ret = true; 2150 unlock: 2151 rcu_read_unlock(); 2152 return ret; 2153 } 2154 EXPORT_SYMBOL_GPL(br_multicast_has_querier_adjacent); 2155