1 /* 2 * Bridge multicast support. 3 * 4 * Copyright (c) 2010 Herbert Xu <herbert@gondor.apana.org.au> 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License as published by the Free 8 * Software Foundation; either version 2 of the License, or (at your option) 9 * any later version. 10 * 11 */ 12 13 #include <linux/err.h> 14 #include <linux/export.h> 15 #include <linux/if_ether.h> 16 #include <linux/igmp.h> 17 #include <linux/jhash.h> 18 #include <linux/kernel.h> 19 #include <linux/log2.h> 20 #include <linux/netdevice.h> 21 #include <linux/netfilter_bridge.h> 22 #include <linux/random.h> 23 #include <linux/rculist.h> 24 #include <linux/skbuff.h> 25 #include <linux/slab.h> 26 #include <linux/timer.h> 27 #include <linux/inetdevice.h> 28 #include <linux/mroute.h> 29 #include <net/ip.h> 30 #include <net/switchdev.h> 31 #if IS_ENABLED(CONFIG_IPV6) 32 #include <net/ipv6.h> 33 #include <net/mld.h> 34 #include <net/ip6_checksum.h> 35 #include <net/addrconf.h> 36 #endif 37 38 #include "br_private.h" 39 40 static void br_multicast_start_querier(struct net_bridge *br, 41 struct bridge_mcast_own_query *query); 42 static void br_multicast_add_router(struct net_bridge *br, 43 struct net_bridge_port *port); 44 static void br_ip4_multicast_leave_group(struct net_bridge *br, 45 struct net_bridge_port *port, 46 __be32 group, 47 __u16 vid, 48 const unsigned char *src); 49 50 static void __del_port_router(struct net_bridge_port *p); 51 #if IS_ENABLED(CONFIG_IPV6) 52 static void br_ip6_multicast_leave_group(struct net_bridge *br, 53 struct net_bridge_port *port, 54 const struct in6_addr *group, 55 __u16 vid, const unsigned char *src); 56 #endif 57 unsigned int br_mdb_rehash_seq; 58 59 static inline int br_ip_equal(const struct br_ip *a, const struct br_ip *b) 60 { 61 if (a->proto != b->proto) 62 return 0; 63 if (a->vid != b->vid) 64 return 0; 65 switch (a->proto) { 66 case htons(ETH_P_IP): 67 return a->u.ip4 == b->u.ip4; 68 #if IS_ENABLED(CONFIG_IPV6) 69 case htons(ETH_P_IPV6): 70 return ipv6_addr_equal(&a->u.ip6, &b->u.ip6); 71 #endif 72 } 73 return 0; 74 } 75 76 static inline int __br_ip4_hash(struct net_bridge_mdb_htable *mdb, __be32 ip, 77 __u16 vid) 78 { 79 return jhash_2words((__force u32)ip, vid, mdb->secret) & (mdb->max - 1); 80 } 81 82 #if IS_ENABLED(CONFIG_IPV6) 83 static inline int __br_ip6_hash(struct net_bridge_mdb_htable *mdb, 84 const struct in6_addr *ip, 85 __u16 vid) 86 { 87 return jhash_2words(ipv6_addr_hash(ip), vid, 88 mdb->secret) & (mdb->max - 1); 89 } 90 #endif 91 92 static inline int br_ip_hash(struct net_bridge_mdb_htable *mdb, 93 struct br_ip *ip) 94 { 95 switch (ip->proto) { 96 case htons(ETH_P_IP): 97 return __br_ip4_hash(mdb, ip->u.ip4, ip->vid); 98 #if IS_ENABLED(CONFIG_IPV6) 99 case htons(ETH_P_IPV6): 100 return __br_ip6_hash(mdb, &ip->u.ip6, ip->vid); 101 #endif 102 } 103 return 0; 104 } 105 106 static struct net_bridge_mdb_entry *__br_mdb_ip_get( 107 struct net_bridge_mdb_htable *mdb, struct br_ip *dst, int hash) 108 { 109 struct net_bridge_mdb_entry *mp; 110 111 hlist_for_each_entry_rcu(mp, &mdb->mhash[hash], hlist[mdb->ver]) { 112 if (br_ip_equal(&mp->addr, dst)) 113 return mp; 114 } 115 116 return NULL; 117 } 118 119 struct net_bridge_mdb_entry *br_mdb_ip_get(struct net_bridge_mdb_htable *mdb, 120 struct br_ip *dst) 121 { 122 if (!mdb) 123 return NULL; 124 125 return __br_mdb_ip_get(mdb, dst, br_ip_hash(mdb, dst)); 126 } 127 128 static struct net_bridge_mdb_entry *br_mdb_ip4_get( 129 struct net_bridge_mdb_htable *mdb, __be32 dst, __u16 vid) 130 { 131 struct br_ip br_dst; 132 133 br_dst.u.ip4 = dst; 134 br_dst.proto = htons(ETH_P_IP); 135 br_dst.vid = vid; 136 137 return br_mdb_ip_get(mdb, &br_dst); 138 } 139 140 #if IS_ENABLED(CONFIG_IPV6) 141 static struct net_bridge_mdb_entry *br_mdb_ip6_get( 142 struct net_bridge_mdb_htable *mdb, const struct in6_addr *dst, 143 __u16 vid) 144 { 145 struct br_ip br_dst; 146 147 br_dst.u.ip6 = *dst; 148 br_dst.proto = htons(ETH_P_IPV6); 149 br_dst.vid = vid; 150 151 return br_mdb_ip_get(mdb, &br_dst); 152 } 153 #endif 154 155 struct net_bridge_mdb_entry *br_mdb_get(struct net_bridge *br, 156 struct sk_buff *skb, u16 vid) 157 { 158 struct net_bridge_mdb_htable *mdb = rcu_dereference(br->mdb); 159 struct br_ip ip; 160 161 if (br->multicast_disabled) 162 return NULL; 163 164 if (BR_INPUT_SKB_CB(skb)->igmp) 165 return NULL; 166 167 ip.proto = skb->protocol; 168 ip.vid = vid; 169 170 switch (skb->protocol) { 171 case htons(ETH_P_IP): 172 ip.u.ip4 = ip_hdr(skb)->daddr; 173 break; 174 #if IS_ENABLED(CONFIG_IPV6) 175 case htons(ETH_P_IPV6): 176 ip.u.ip6 = ipv6_hdr(skb)->daddr; 177 break; 178 #endif 179 default: 180 return NULL; 181 } 182 183 return br_mdb_ip_get(mdb, &ip); 184 } 185 186 static void br_mdb_free(struct rcu_head *head) 187 { 188 struct net_bridge_mdb_htable *mdb = 189 container_of(head, struct net_bridge_mdb_htable, rcu); 190 struct net_bridge_mdb_htable *old = mdb->old; 191 192 mdb->old = NULL; 193 kfree(old->mhash); 194 kfree(old); 195 } 196 197 static int br_mdb_copy(struct net_bridge_mdb_htable *new, 198 struct net_bridge_mdb_htable *old, 199 int elasticity) 200 { 201 struct net_bridge_mdb_entry *mp; 202 int maxlen; 203 int len; 204 int i; 205 206 for (i = 0; i < old->max; i++) 207 hlist_for_each_entry(mp, &old->mhash[i], hlist[old->ver]) 208 hlist_add_head(&mp->hlist[new->ver], 209 &new->mhash[br_ip_hash(new, &mp->addr)]); 210 211 if (!elasticity) 212 return 0; 213 214 maxlen = 0; 215 for (i = 0; i < new->max; i++) { 216 len = 0; 217 hlist_for_each_entry(mp, &new->mhash[i], hlist[new->ver]) 218 len++; 219 if (len > maxlen) 220 maxlen = len; 221 } 222 223 return maxlen > elasticity ? -EINVAL : 0; 224 } 225 226 void br_multicast_free_pg(struct rcu_head *head) 227 { 228 struct net_bridge_port_group *p = 229 container_of(head, struct net_bridge_port_group, rcu); 230 231 kfree(p); 232 } 233 234 static void br_multicast_free_group(struct rcu_head *head) 235 { 236 struct net_bridge_mdb_entry *mp = 237 container_of(head, struct net_bridge_mdb_entry, rcu); 238 239 kfree(mp); 240 } 241 242 static void br_multicast_group_expired(unsigned long data) 243 { 244 struct net_bridge_mdb_entry *mp = (void *)data; 245 struct net_bridge *br = mp->br; 246 struct net_bridge_mdb_htable *mdb; 247 248 spin_lock(&br->multicast_lock); 249 if (!netif_running(br->dev) || timer_pending(&mp->timer)) 250 goto out; 251 252 mp->mglist = false; 253 254 if (mp->ports) 255 goto out; 256 257 mdb = mlock_dereference(br->mdb, br); 258 259 hlist_del_rcu(&mp->hlist[mdb->ver]); 260 mdb->size--; 261 262 call_rcu_bh(&mp->rcu, br_multicast_free_group); 263 264 out: 265 spin_unlock(&br->multicast_lock); 266 } 267 268 static void br_multicast_del_pg(struct net_bridge *br, 269 struct net_bridge_port_group *pg) 270 { 271 struct net_bridge_mdb_htable *mdb; 272 struct net_bridge_mdb_entry *mp; 273 struct net_bridge_port_group *p; 274 struct net_bridge_port_group __rcu **pp; 275 276 mdb = mlock_dereference(br->mdb, br); 277 278 mp = br_mdb_ip_get(mdb, &pg->addr); 279 if (WARN_ON(!mp)) 280 return; 281 282 for (pp = &mp->ports; 283 (p = mlock_dereference(*pp, br)) != NULL; 284 pp = &p->next) { 285 if (p != pg) 286 continue; 287 288 rcu_assign_pointer(*pp, p->next); 289 hlist_del_init(&p->mglist); 290 del_timer(&p->timer); 291 br_mdb_notify(br->dev, p->port, &pg->addr, RTM_DELMDB, 292 p->flags); 293 call_rcu_bh(&p->rcu, br_multicast_free_pg); 294 295 if (!mp->ports && !mp->mglist && 296 netif_running(br->dev)) 297 mod_timer(&mp->timer, jiffies); 298 299 return; 300 } 301 302 WARN_ON(1); 303 } 304 305 static void br_multicast_port_group_expired(unsigned long data) 306 { 307 struct net_bridge_port_group *pg = (void *)data; 308 struct net_bridge *br = pg->port->br; 309 310 spin_lock(&br->multicast_lock); 311 if (!netif_running(br->dev) || timer_pending(&pg->timer) || 312 hlist_unhashed(&pg->mglist) || pg->flags & MDB_PG_FLAGS_PERMANENT) 313 goto out; 314 315 br_multicast_del_pg(br, pg); 316 317 out: 318 spin_unlock(&br->multicast_lock); 319 } 320 321 static int br_mdb_rehash(struct net_bridge_mdb_htable __rcu **mdbp, int max, 322 int elasticity) 323 { 324 struct net_bridge_mdb_htable *old = rcu_dereference_protected(*mdbp, 1); 325 struct net_bridge_mdb_htable *mdb; 326 int err; 327 328 mdb = kmalloc(sizeof(*mdb), GFP_ATOMIC); 329 if (!mdb) 330 return -ENOMEM; 331 332 mdb->max = max; 333 mdb->old = old; 334 335 mdb->mhash = kzalloc(max * sizeof(*mdb->mhash), GFP_ATOMIC); 336 if (!mdb->mhash) { 337 kfree(mdb); 338 return -ENOMEM; 339 } 340 341 mdb->size = old ? old->size : 0; 342 mdb->ver = old ? old->ver ^ 1 : 0; 343 344 if (!old || elasticity) 345 get_random_bytes(&mdb->secret, sizeof(mdb->secret)); 346 else 347 mdb->secret = old->secret; 348 349 if (!old) 350 goto out; 351 352 err = br_mdb_copy(mdb, old, elasticity); 353 if (err) { 354 kfree(mdb->mhash); 355 kfree(mdb); 356 return err; 357 } 358 359 br_mdb_rehash_seq++; 360 call_rcu_bh(&mdb->rcu, br_mdb_free); 361 362 out: 363 rcu_assign_pointer(*mdbp, mdb); 364 365 return 0; 366 } 367 368 static struct sk_buff *br_ip4_multicast_alloc_query(struct net_bridge *br, 369 __be32 group, 370 u8 *igmp_type) 371 { 372 struct igmpv3_query *ihv3; 373 size_t igmp_hdr_size; 374 struct sk_buff *skb; 375 struct igmphdr *ih; 376 struct ethhdr *eth; 377 struct iphdr *iph; 378 379 igmp_hdr_size = sizeof(*ih); 380 if (br->multicast_igmp_version == 3) 381 igmp_hdr_size = sizeof(*ihv3); 382 skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*iph) + 383 igmp_hdr_size + 4); 384 if (!skb) 385 goto out; 386 387 skb->protocol = htons(ETH_P_IP); 388 389 skb_reset_mac_header(skb); 390 eth = eth_hdr(skb); 391 392 ether_addr_copy(eth->h_source, br->dev->dev_addr); 393 eth->h_dest[0] = 1; 394 eth->h_dest[1] = 0; 395 eth->h_dest[2] = 0x5e; 396 eth->h_dest[3] = 0; 397 eth->h_dest[4] = 0; 398 eth->h_dest[5] = 1; 399 eth->h_proto = htons(ETH_P_IP); 400 skb_put(skb, sizeof(*eth)); 401 402 skb_set_network_header(skb, skb->len); 403 iph = ip_hdr(skb); 404 405 iph->version = 4; 406 iph->ihl = 6; 407 iph->tos = 0xc0; 408 iph->tot_len = htons(sizeof(*iph) + igmp_hdr_size + 4); 409 iph->id = 0; 410 iph->frag_off = htons(IP_DF); 411 iph->ttl = 1; 412 iph->protocol = IPPROTO_IGMP; 413 iph->saddr = br->multicast_query_use_ifaddr ? 414 inet_select_addr(br->dev, 0, RT_SCOPE_LINK) : 0; 415 iph->daddr = htonl(INADDR_ALLHOSTS_GROUP); 416 ((u8 *)&iph[1])[0] = IPOPT_RA; 417 ((u8 *)&iph[1])[1] = 4; 418 ((u8 *)&iph[1])[2] = 0; 419 ((u8 *)&iph[1])[3] = 0; 420 ip_send_check(iph); 421 skb_put(skb, 24); 422 423 skb_set_transport_header(skb, skb->len); 424 *igmp_type = IGMP_HOST_MEMBERSHIP_QUERY; 425 426 switch (br->multicast_igmp_version) { 427 case 2: 428 ih = igmp_hdr(skb); 429 ih->type = IGMP_HOST_MEMBERSHIP_QUERY; 430 ih->code = (group ? br->multicast_last_member_interval : 431 br->multicast_query_response_interval) / 432 (HZ / IGMP_TIMER_SCALE); 433 ih->group = group; 434 ih->csum = 0; 435 ih->csum = ip_compute_csum((void *)ih, sizeof(*ih)); 436 break; 437 case 3: 438 ihv3 = igmpv3_query_hdr(skb); 439 ihv3->type = IGMP_HOST_MEMBERSHIP_QUERY; 440 ihv3->code = (group ? br->multicast_last_member_interval : 441 br->multicast_query_response_interval) / 442 (HZ / IGMP_TIMER_SCALE); 443 ihv3->group = group; 444 ihv3->qqic = br->multicast_query_interval / HZ; 445 ihv3->nsrcs = 0; 446 ihv3->resv = 0; 447 ihv3->suppress = 0; 448 ihv3->qrv = 2; 449 ihv3->csum = 0; 450 ihv3->csum = ip_compute_csum((void *)ihv3, sizeof(*ihv3)); 451 break; 452 } 453 454 skb_put(skb, igmp_hdr_size); 455 __skb_pull(skb, sizeof(*eth)); 456 457 out: 458 return skb; 459 } 460 461 #if IS_ENABLED(CONFIG_IPV6) 462 static struct sk_buff *br_ip6_multicast_alloc_query(struct net_bridge *br, 463 const struct in6_addr *grp, 464 u8 *igmp_type) 465 { 466 struct mld2_query *mld2q; 467 unsigned long interval; 468 struct ipv6hdr *ip6h; 469 struct mld_msg *mldq; 470 size_t mld_hdr_size; 471 struct sk_buff *skb; 472 struct ethhdr *eth; 473 u8 *hopopt; 474 475 mld_hdr_size = sizeof(*mldq); 476 if (br->multicast_mld_version == 2) 477 mld_hdr_size = sizeof(*mld2q); 478 skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*ip6h) + 479 8 + mld_hdr_size); 480 if (!skb) 481 goto out; 482 483 skb->protocol = htons(ETH_P_IPV6); 484 485 /* Ethernet header */ 486 skb_reset_mac_header(skb); 487 eth = eth_hdr(skb); 488 489 ether_addr_copy(eth->h_source, br->dev->dev_addr); 490 eth->h_proto = htons(ETH_P_IPV6); 491 skb_put(skb, sizeof(*eth)); 492 493 /* IPv6 header + HbH option */ 494 skb_set_network_header(skb, skb->len); 495 ip6h = ipv6_hdr(skb); 496 497 *(__force __be32 *)ip6h = htonl(0x60000000); 498 ip6h->payload_len = htons(8 + mld_hdr_size); 499 ip6h->nexthdr = IPPROTO_HOPOPTS; 500 ip6h->hop_limit = 1; 501 ipv6_addr_set(&ip6h->daddr, htonl(0xff020000), 0, 0, htonl(1)); 502 if (ipv6_dev_get_saddr(dev_net(br->dev), br->dev, &ip6h->daddr, 0, 503 &ip6h->saddr)) { 504 kfree_skb(skb); 505 br->has_ipv6_addr = 0; 506 return NULL; 507 } 508 509 br->has_ipv6_addr = 1; 510 ipv6_eth_mc_map(&ip6h->daddr, eth->h_dest); 511 512 hopopt = (u8 *)(ip6h + 1); 513 hopopt[0] = IPPROTO_ICMPV6; /* next hdr */ 514 hopopt[1] = 0; /* length of HbH */ 515 hopopt[2] = IPV6_TLV_ROUTERALERT; /* Router Alert */ 516 hopopt[3] = 2; /* Length of RA Option */ 517 hopopt[4] = 0; /* Type = 0x0000 (MLD) */ 518 hopopt[5] = 0; 519 hopopt[6] = IPV6_TLV_PAD1; /* Pad1 */ 520 hopopt[7] = IPV6_TLV_PAD1; /* Pad1 */ 521 522 skb_put(skb, sizeof(*ip6h) + 8); 523 524 /* ICMPv6 */ 525 skb_set_transport_header(skb, skb->len); 526 interval = ipv6_addr_any(grp) ? 527 br->multicast_query_response_interval : 528 br->multicast_last_member_interval; 529 *igmp_type = ICMPV6_MGM_QUERY; 530 switch (br->multicast_mld_version) { 531 case 1: 532 mldq = (struct mld_msg *)icmp6_hdr(skb); 533 mldq->mld_type = ICMPV6_MGM_QUERY; 534 mldq->mld_code = 0; 535 mldq->mld_cksum = 0; 536 mldq->mld_maxdelay = htons((u16)jiffies_to_msecs(interval)); 537 mldq->mld_reserved = 0; 538 mldq->mld_mca = *grp; 539 mldq->mld_cksum = csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr, 540 sizeof(*mldq), IPPROTO_ICMPV6, 541 csum_partial(mldq, 542 sizeof(*mldq), 543 0)); 544 break; 545 case 2: 546 mld2q = (struct mld2_query *)icmp6_hdr(skb); 547 mld2q->mld2q_mrc = htons((u16)jiffies_to_msecs(interval)); 548 mld2q->mld2q_type = ICMPV6_MGM_QUERY; 549 mld2q->mld2q_code = 0; 550 mld2q->mld2q_cksum = 0; 551 mld2q->mld2q_resv1 = 0; 552 mld2q->mld2q_resv2 = 0; 553 mld2q->mld2q_suppress = 0; 554 mld2q->mld2q_qrv = 2; 555 mld2q->mld2q_nsrcs = 0; 556 mld2q->mld2q_qqic = br->multicast_query_interval / HZ; 557 mld2q->mld2q_mca = *grp; 558 mld2q->mld2q_cksum = csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr, 559 sizeof(*mld2q), 560 IPPROTO_ICMPV6, 561 csum_partial(mld2q, 562 sizeof(*mld2q), 563 0)); 564 break; 565 } 566 skb_put(skb, mld_hdr_size); 567 568 __skb_pull(skb, sizeof(*eth)); 569 570 out: 571 return skb; 572 } 573 #endif 574 575 static struct sk_buff *br_multicast_alloc_query(struct net_bridge *br, 576 struct br_ip *addr, 577 u8 *igmp_type) 578 { 579 switch (addr->proto) { 580 case htons(ETH_P_IP): 581 return br_ip4_multicast_alloc_query(br, addr->u.ip4, igmp_type); 582 #if IS_ENABLED(CONFIG_IPV6) 583 case htons(ETH_P_IPV6): 584 return br_ip6_multicast_alloc_query(br, &addr->u.ip6, 585 igmp_type); 586 #endif 587 } 588 return NULL; 589 } 590 591 static struct net_bridge_mdb_entry *br_multicast_get_group( 592 struct net_bridge *br, struct net_bridge_port *port, 593 struct br_ip *group, int hash) 594 { 595 struct net_bridge_mdb_htable *mdb; 596 struct net_bridge_mdb_entry *mp; 597 unsigned int count = 0; 598 unsigned int max; 599 int elasticity; 600 int err; 601 602 mdb = rcu_dereference_protected(br->mdb, 1); 603 hlist_for_each_entry(mp, &mdb->mhash[hash], hlist[mdb->ver]) { 604 count++; 605 if (unlikely(br_ip_equal(group, &mp->addr))) 606 return mp; 607 } 608 609 elasticity = 0; 610 max = mdb->max; 611 612 if (unlikely(count > br->hash_elasticity && count)) { 613 if (net_ratelimit()) 614 br_info(br, "Multicast hash table " 615 "chain limit reached: %s\n", 616 port ? port->dev->name : br->dev->name); 617 618 elasticity = br->hash_elasticity; 619 } 620 621 if (mdb->size >= max) { 622 max *= 2; 623 if (unlikely(max > br->hash_max)) { 624 br_warn(br, "Multicast hash table maximum of %d " 625 "reached, disabling snooping: %s\n", 626 br->hash_max, 627 port ? port->dev->name : br->dev->name); 628 err = -E2BIG; 629 disable: 630 br->multicast_disabled = 1; 631 goto err; 632 } 633 } 634 635 if (max > mdb->max || elasticity) { 636 if (mdb->old) { 637 if (net_ratelimit()) 638 br_info(br, "Multicast hash table " 639 "on fire: %s\n", 640 port ? port->dev->name : br->dev->name); 641 err = -EEXIST; 642 goto err; 643 } 644 645 err = br_mdb_rehash(&br->mdb, max, elasticity); 646 if (err) { 647 br_warn(br, "Cannot rehash multicast " 648 "hash table, disabling snooping: %s, %d, %d\n", 649 port ? port->dev->name : br->dev->name, 650 mdb->size, err); 651 goto disable; 652 } 653 654 err = -EAGAIN; 655 goto err; 656 } 657 658 return NULL; 659 660 err: 661 mp = ERR_PTR(err); 662 return mp; 663 } 664 665 struct net_bridge_mdb_entry *br_multicast_new_group(struct net_bridge *br, 666 struct net_bridge_port *p, 667 struct br_ip *group) 668 { 669 struct net_bridge_mdb_htable *mdb; 670 struct net_bridge_mdb_entry *mp; 671 int hash; 672 int err; 673 674 mdb = rcu_dereference_protected(br->mdb, 1); 675 if (!mdb) { 676 err = br_mdb_rehash(&br->mdb, BR_HASH_SIZE, 0); 677 if (err) 678 return ERR_PTR(err); 679 goto rehash; 680 } 681 682 hash = br_ip_hash(mdb, group); 683 mp = br_multicast_get_group(br, p, group, hash); 684 switch (PTR_ERR(mp)) { 685 case 0: 686 break; 687 688 case -EAGAIN: 689 rehash: 690 mdb = rcu_dereference_protected(br->mdb, 1); 691 hash = br_ip_hash(mdb, group); 692 break; 693 694 default: 695 goto out; 696 } 697 698 mp = kzalloc(sizeof(*mp), GFP_ATOMIC); 699 if (unlikely(!mp)) 700 return ERR_PTR(-ENOMEM); 701 702 mp->br = br; 703 mp->addr = *group; 704 setup_timer(&mp->timer, br_multicast_group_expired, 705 (unsigned long)mp); 706 707 hlist_add_head_rcu(&mp->hlist[mdb->ver], &mdb->mhash[hash]); 708 mdb->size++; 709 710 out: 711 return mp; 712 } 713 714 struct net_bridge_port_group *br_multicast_new_port_group( 715 struct net_bridge_port *port, 716 struct br_ip *group, 717 struct net_bridge_port_group __rcu *next, 718 unsigned char flags, 719 const unsigned char *src) 720 { 721 struct net_bridge_port_group *p; 722 723 p = kzalloc(sizeof(*p), GFP_ATOMIC); 724 if (unlikely(!p)) 725 return NULL; 726 727 p->addr = *group; 728 p->port = port; 729 p->flags = flags; 730 rcu_assign_pointer(p->next, next); 731 hlist_add_head(&p->mglist, &port->mglist); 732 setup_timer(&p->timer, br_multicast_port_group_expired, 733 (unsigned long)p); 734 735 if (src) 736 memcpy(p->eth_addr, src, ETH_ALEN); 737 else 738 memset(p->eth_addr, 0xff, ETH_ALEN); 739 740 return p; 741 } 742 743 static bool br_port_group_equal(struct net_bridge_port_group *p, 744 struct net_bridge_port *port, 745 const unsigned char *src) 746 { 747 if (p->port != port) 748 return false; 749 750 if (!(port->flags & BR_MULTICAST_TO_UNICAST)) 751 return true; 752 753 return ether_addr_equal(src, p->eth_addr); 754 } 755 756 static int br_multicast_add_group(struct net_bridge *br, 757 struct net_bridge_port *port, 758 struct br_ip *group, 759 const unsigned char *src) 760 { 761 struct net_bridge_port_group __rcu **pp; 762 struct net_bridge_port_group *p; 763 struct net_bridge_mdb_entry *mp; 764 unsigned long now = jiffies; 765 int err; 766 767 spin_lock(&br->multicast_lock); 768 if (!netif_running(br->dev) || 769 (port && port->state == BR_STATE_DISABLED)) 770 goto out; 771 772 mp = br_multicast_new_group(br, port, group); 773 err = PTR_ERR(mp); 774 if (IS_ERR(mp)) 775 goto err; 776 777 if (!port) { 778 mp->mglist = true; 779 mod_timer(&mp->timer, now + br->multicast_membership_interval); 780 goto out; 781 } 782 783 for (pp = &mp->ports; 784 (p = mlock_dereference(*pp, br)) != NULL; 785 pp = &p->next) { 786 if (br_port_group_equal(p, port, src)) 787 goto found; 788 if ((unsigned long)p->port < (unsigned long)port) 789 break; 790 } 791 792 p = br_multicast_new_port_group(port, group, *pp, 0, src); 793 if (unlikely(!p)) 794 goto err; 795 rcu_assign_pointer(*pp, p); 796 br_mdb_notify(br->dev, port, group, RTM_NEWMDB, 0); 797 798 found: 799 mod_timer(&p->timer, now + br->multicast_membership_interval); 800 out: 801 err = 0; 802 803 err: 804 spin_unlock(&br->multicast_lock); 805 return err; 806 } 807 808 static int br_ip4_multicast_add_group(struct net_bridge *br, 809 struct net_bridge_port *port, 810 __be32 group, 811 __u16 vid, 812 const unsigned char *src) 813 { 814 struct br_ip br_group; 815 816 if (ipv4_is_local_multicast(group)) 817 return 0; 818 819 br_group.u.ip4 = group; 820 br_group.proto = htons(ETH_P_IP); 821 br_group.vid = vid; 822 823 return br_multicast_add_group(br, port, &br_group, src); 824 } 825 826 #if IS_ENABLED(CONFIG_IPV6) 827 static int br_ip6_multicast_add_group(struct net_bridge *br, 828 struct net_bridge_port *port, 829 const struct in6_addr *group, 830 __u16 vid, 831 const unsigned char *src) 832 { 833 struct br_ip br_group; 834 835 if (ipv6_addr_is_ll_all_nodes(group)) 836 return 0; 837 838 br_group.u.ip6 = *group; 839 br_group.proto = htons(ETH_P_IPV6); 840 br_group.vid = vid; 841 842 return br_multicast_add_group(br, port, &br_group, src); 843 } 844 #endif 845 846 static void br_multicast_router_expired(unsigned long data) 847 { 848 struct net_bridge_port *port = (void *)data; 849 struct net_bridge *br = port->br; 850 851 spin_lock(&br->multicast_lock); 852 if (port->multicast_router == MDB_RTR_TYPE_DISABLED || 853 port->multicast_router == MDB_RTR_TYPE_PERM || 854 timer_pending(&port->multicast_router_timer)) 855 goto out; 856 857 __del_port_router(port); 858 out: 859 spin_unlock(&br->multicast_lock); 860 } 861 862 static void br_mc_router_state_change(struct net_bridge *p, 863 bool is_mc_router) 864 { 865 struct switchdev_attr attr = { 866 .orig_dev = p->dev, 867 .id = SWITCHDEV_ATTR_ID_BRIDGE_MROUTER, 868 .flags = SWITCHDEV_F_DEFER, 869 .u.mrouter = is_mc_router, 870 }; 871 872 switchdev_port_attr_set(p->dev, &attr); 873 } 874 875 static void br_multicast_local_router_expired(unsigned long data) 876 { 877 struct net_bridge *br = (struct net_bridge *)data; 878 879 spin_lock(&br->multicast_lock); 880 if (br->multicast_router == MDB_RTR_TYPE_DISABLED || 881 br->multicast_router == MDB_RTR_TYPE_PERM || 882 timer_pending(&br->multicast_router_timer)) 883 goto out; 884 885 br_mc_router_state_change(br, false); 886 out: 887 spin_unlock(&br->multicast_lock); 888 } 889 890 static void br_multicast_querier_expired(struct net_bridge *br, 891 struct bridge_mcast_own_query *query) 892 { 893 spin_lock(&br->multicast_lock); 894 if (!netif_running(br->dev) || br->multicast_disabled) 895 goto out; 896 897 br_multicast_start_querier(br, query); 898 899 out: 900 spin_unlock(&br->multicast_lock); 901 } 902 903 static void br_ip4_multicast_querier_expired(unsigned long data) 904 { 905 struct net_bridge *br = (void *)data; 906 907 br_multicast_querier_expired(br, &br->ip4_own_query); 908 } 909 910 #if IS_ENABLED(CONFIG_IPV6) 911 static void br_ip6_multicast_querier_expired(unsigned long data) 912 { 913 struct net_bridge *br = (void *)data; 914 915 br_multicast_querier_expired(br, &br->ip6_own_query); 916 } 917 #endif 918 919 static void br_multicast_select_own_querier(struct net_bridge *br, 920 struct br_ip *ip, 921 struct sk_buff *skb) 922 { 923 if (ip->proto == htons(ETH_P_IP)) 924 br->ip4_querier.addr.u.ip4 = ip_hdr(skb)->saddr; 925 #if IS_ENABLED(CONFIG_IPV6) 926 else 927 br->ip6_querier.addr.u.ip6 = ipv6_hdr(skb)->saddr; 928 #endif 929 } 930 931 static void __br_multicast_send_query(struct net_bridge *br, 932 struct net_bridge_port *port, 933 struct br_ip *ip) 934 { 935 struct sk_buff *skb; 936 u8 igmp_type; 937 938 skb = br_multicast_alloc_query(br, ip, &igmp_type); 939 if (!skb) 940 return; 941 942 if (port) { 943 skb->dev = port->dev; 944 br_multicast_count(br, port, skb, igmp_type, 945 BR_MCAST_DIR_TX); 946 NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, 947 dev_net(port->dev), NULL, skb, NULL, skb->dev, 948 br_dev_queue_push_xmit); 949 } else { 950 br_multicast_select_own_querier(br, ip, skb); 951 br_multicast_count(br, port, skb, igmp_type, 952 BR_MCAST_DIR_RX); 953 netif_rx(skb); 954 } 955 } 956 957 static void br_multicast_send_query(struct net_bridge *br, 958 struct net_bridge_port *port, 959 struct bridge_mcast_own_query *own_query) 960 { 961 struct bridge_mcast_other_query *other_query = NULL; 962 struct br_ip br_group; 963 unsigned long time; 964 965 if (!netif_running(br->dev) || br->multicast_disabled || 966 !br->multicast_querier) 967 return; 968 969 memset(&br_group.u, 0, sizeof(br_group.u)); 970 971 if (port ? (own_query == &port->ip4_own_query) : 972 (own_query == &br->ip4_own_query)) { 973 other_query = &br->ip4_other_query; 974 br_group.proto = htons(ETH_P_IP); 975 #if IS_ENABLED(CONFIG_IPV6) 976 } else { 977 other_query = &br->ip6_other_query; 978 br_group.proto = htons(ETH_P_IPV6); 979 #endif 980 } 981 982 if (!other_query || timer_pending(&other_query->timer)) 983 return; 984 985 __br_multicast_send_query(br, port, &br_group); 986 987 time = jiffies; 988 time += own_query->startup_sent < br->multicast_startup_query_count ? 989 br->multicast_startup_query_interval : 990 br->multicast_query_interval; 991 mod_timer(&own_query->timer, time); 992 } 993 994 static void 995 br_multicast_port_query_expired(struct net_bridge_port *port, 996 struct bridge_mcast_own_query *query) 997 { 998 struct net_bridge *br = port->br; 999 1000 spin_lock(&br->multicast_lock); 1001 if (port->state == BR_STATE_DISABLED || 1002 port->state == BR_STATE_BLOCKING) 1003 goto out; 1004 1005 if (query->startup_sent < br->multicast_startup_query_count) 1006 query->startup_sent++; 1007 1008 br_multicast_send_query(port->br, port, query); 1009 1010 out: 1011 spin_unlock(&br->multicast_lock); 1012 } 1013 1014 static void br_ip4_multicast_port_query_expired(unsigned long data) 1015 { 1016 struct net_bridge_port *port = (void *)data; 1017 1018 br_multicast_port_query_expired(port, &port->ip4_own_query); 1019 } 1020 1021 #if IS_ENABLED(CONFIG_IPV6) 1022 static void br_ip6_multicast_port_query_expired(unsigned long data) 1023 { 1024 struct net_bridge_port *port = (void *)data; 1025 1026 br_multicast_port_query_expired(port, &port->ip6_own_query); 1027 } 1028 #endif 1029 1030 static void br_mc_disabled_update(struct net_device *dev, bool value) 1031 { 1032 struct switchdev_attr attr = { 1033 .orig_dev = dev, 1034 .id = SWITCHDEV_ATTR_ID_BRIDGE_MC_DISABLED, 1035 .flags = SWITCHDEV_F_DEFER, 1036 .u.mc_disabled = value, 1037 }; 1038 1039 switchdev_port_attr_set(dev, &attr); 1040 } 1041 1042 int br_multicast_add_port(struct net_bridge_port *port) 1043 { 1044 port->multicast_router = MDB_RTR_TYPE_TEMP_QUERY; 1045 1046 setup_timer(&port->multicast_router_timer, br_multicast_router_expired, 1047 (unsigned long)port); 1048 setup_timer(&port->ip4_own_query.timer, 1049 br_ip4_multicast_port_query_expired, (unsigned long)port); 1050 #if IS_ENABLED(CONFIG_IPV6) 1051 setup_timer(&port->ip6_own_query.timer, 1052 br_ip6_multicast_port_query_expired, (unsigned long)port); 1053 #endif 1054 br_mc_disabled_update(port->dev, port->br->multicast_disabled); 1055 1056 port->mcast_stats = netdev_alloc_pcpu_stats(struct bridge_mcast_stats); 1057 if (!port->mcast_stats) 1058 return -ENOMEM; 1059 1060 return 0; 1061 } 1062 1063 void br_multicast_del_port(struct net_bridge_port *port) 1064 { 1065 struct net_bridge *br = port->br; 1066 struct net_bridge_port_group *pg; 1067 struct hlist_node *n; 1068 1069 /* Take care of the remaining groups, only perm ones should be left */ 1070 spin_lock_bh(&br->multicast_lock); 1071 hlist_for_each_entry_safe(pg, n, &port->mglist, mglist) 1072 br_multicast_del_pg(br, pg); 1073 spin_unlock_bh(&br->multicast_lock); 1074 del_timer_sync(&port->multicast_router_timer); 1075 free_percpu(port->mcast_stats); 1076 } 1077 1078 static void br_multicast_enable(struct bridge_mcast_own_query *query) 1079 { 1080 query->startup_sent = 0; 1081 1082 if (try_to_del_timer_sync(&query->timer) >= 0 || 1083 del_timer(&query->timer)) 1084 mod_timer(&query->timer, jiffies); 1085 } 1086 1087 static void __br_multicast_enable_port(struct net_bridge_port *port) 1088 { 1089 struct net_bridge *br = port->br; 1090 1091 if (br->multicast_disabled || !netif_running(br->dev)) 1092 return; 1093 1094 br_multicast_enable(&port->ip4_own_query); 1095 #if IS_ENABLED(CONFIG_IPV6) 1096 br_multicast_enable(&port->ip6_own_query); 1097 #endif 1098 if (port->multicast_router == MDB_RTR_TYPE_PERM && 1099 hlist_unhashed(&port->rlist)) 1100 br_multicast_add_router(br, port); 1101 } 1102 1103 void br_multicast_enable_port(struct net_bridge_port *port) 1104 { 1105 struct net_bridge *br = port->br; 1106 1107 spin_lock(&br->multicast_lock); 1108 __br_multicast_enable_port(port); 1109 spin_unlock(&br->multicast_lock); 1110 } 1111 1112 void br_multicast_disable_port(struct net_bridge_port *port) 1113 { 1114 struct net_bridge *br = port->br; 1115 struct net_bridge_port_group *pg; 1116 struct hlist_node *n; 1117 1118 spin_lock(&br->multicast_lock); 1119 hlist_for_each_entry_safe(pg, n, &port->mglist, mglist) 1120 if (!(pg->flags & MDB_PG_FLAGS_PERMANENT)) 1121 br_multicast_del_pg(br, pg); 1122 1123 __del_port_router(port); 1124 1125 del_timer(&port->multicast_router_timer); 1126 del_timer(&port->ip4_own_query.timer); 1127 #if IS_ENABLED(CONFIG_IPV6) 1128 del_timer(&port->ip6_own_query.timer); 1129 #endif 1130 spin_unlock(&br->multicast_lock); 1131 } 1132 1133 static int br_ip4_multicast_igmp3_report(struct net_bridge *br, 1134 struct net_bridge_port *port, 1135 struct sk_buff *skb, 1136 u16 vid) 1137 { 1138 const unsigned char *src; 1139 struct igmpv3_report *ih; 1140 struct igmpv3_grec *grec; 1141 int i; 1142 int len; 1143 int num; 1144 int type; 1145 int err = 0; 1146 __be32 group; 1147 1148 ih = igmpv3_report_hdr(skb); 1149 num = ntohs(ih->ngrec); 1150 len = skb_transport_offset(skb) + sizeof(*ih); 1151 1152 for (i = 0; i < num; i++) { 1153 len += sizeof(*grec); 1154 if (!pskb_may_pull(skb, len)) 1155 return -EINVAL; 1156 1157 grec = (void *)(skb->data + len - sizeof(*grec)); 1158 group = grec->grec_mca; 1159 type = grec->grec_type; 1160 1161 len += ntohs(grec->grec_nsrcs) * 4; 1162 if (!pskb_may_pull(skb, len)) 1163 return -EINVAL; 1164 1165 /* We treat this as an IGMPv2 report for now. */ 1166 switch (type) { 1167 case IGMPV3_MODE_IS_INCLUDE: 1168 case IGMPV3_MODE_IS_EXCLUDE: 1169 case IGMPV3_CHANGE_TO_INCLUDE: 1170 case IGMPV3_CHANGE_TO_EXCLUDE: 1171 case IGMPV3_ALLOW_NEW_SOURCES: 1172 case IGMPV3_BLOCK_OLD_SOURCES: 1173 break; 1174 1175 default: 1176 continue; 1177 } 1178 1179 src = eth_hdr(skb)->h_source; 1180 if ((type == IGMPV3_CHANGE_TO_INCLUDE || 1181 type == IGMPV3_MODE_IS_INCLUDE) && 1182 ntohs(grec->grec_nsrcs) == 0) { 1183 br_ip4_multicast_leave_group(br, port, group, vid, src); 1184 } else { 1185 err = br_ip4_multicast_add_group(br, port, group, vid, 1186 src); 1187 if (err) 1188 break; 1189 } 1190 } 1191 1192 return err; 1193 } 1194 1195 #if IS_ENABLED(CONFIG_IPV6) 1196 static int br_ip6_multicast_mld2_report(struct net_bridge *br, 1197 struct net_bridge_port *port, 1198 struct sk_buff *skb, 1199 u16 vid) 1200 { 1201 const unsigned char *src; 1202 struct icmp6hdr *icmp6h; 1203 struct mld2_grec *grec; 1204 int i; 1205 int len; 1206 int num; 1207 int err = 0; 1208 1209 if (!pskb_may_pull(skb, sizeof(*icmp6h))) 1210 return -EINVAL; 1211 1212 icmp6h = icmp6_hdr(skb); 1213 num = ntohs(icmp6h->icmp6_dataun.un_data16[1]); 1214 len = skb_transport_offset(skb) + sizeof(*icmp6h); 1215 1216 for (i = 0; i < num; i++) { 1217 __be16 *nsrcs, _nsrcs; 1218 1219 nsrcs = skb_header_pointer(skb, 1220 len + offsetof(struct mld2_grec, 1221 grec_nsrcs), 1222 sizeof(_nsrcs), &_nsrcs); 1223 if (!nsrcs) 1224 return -EINVAL; 1225 1226 if (!pskb_may_pull(skb, 1227 len + sizeof(*grec) + 1228 sizeof(struct in6_addr) * ntohs(*nsrcs))) 1229 return -EINVAL; 1230 1231 grec = (struct mld2_grec *)(skb->data + len); 1232 len += sizeof(*grec) + 1233 sizeof(struct in6_addr) * ntohs(*nsrcs); 1234 1235 /* We treat these as MLDv1 reports for now. */ 1236 switch (grec->grec_type) { 1237 case MLD2_MODE_IS_INCLUDE: 1238 case MLD2_MODE_IS_EXCLUDE: 1239 case MLD2_CHANGE_TO_INCLUDE: 1240 case MLD2_CHANGE_TO_EXCLUDE: 1241 case MLD2_ALLOW_NEW_SOURCES: 1242 case MLD2_BLOCK_OLD_SOURCES: 1243 break; 1244 1245 default: 1246 continue; 1247 } 1248 1249 src = eth_hdr(skb)->h_source; 1250 if ((grec->grec_type == MLD2_CHANGE_TO_INCLUDE || 1251 grec->grec_type == MLD2_MODE_IS_INCLUDE) && 1252 ntohs(*nsrcs) == 0) { 1253 br_ip6_multicast_leave_group(br, port, &grec->grec_mca, 1254 vid, src); 1255 } else { 1256 err = br_ip6_multicast_add_group(br, port, 1257 &grec->grec_mca, vid, 1258 src); 1259 if (err) 1260 break; 1261 } 1262 } 1263 1264 return err; 1265 } 1266 #endif 1267 1268 static bool br_ip4_multicast_select_querier(struct net_bridge *br, 1269 struct net_bridge_port *port, 1270 __be32 saddr) 1271 { 1272 if (!timer_pending(&br->ip4_own_query.timer) && 1273 !timer_pending(&br->ip4_other_query.timer)) 1274 goto update; 1275 1276 if (!br->ip4_querier.addr.u.ip4) 1277 goto update; 1278 1279 if (ntohl(saddr) <= ntohl(br->ip4_querier.addr.u.ip4)) 1280 goto update; 1281 1282 return false; 1283 1284 update: 1285 br->ip4_querier.addr.u.ip4 = saddr; 1286 1287 /* update protected by general multicast_lock by caller */ 1288 rcu_assign_pointer(br->ip4_querier.port, port); 1289 1290 return true; 1291 } 1292 1293 #if IS_ENABLED(CONFIG_IPV6) 1294 static bool br_ip6_multicast_select_querier(struct net_bridge *br, 1295 struct net_bridge_port *port, 1296 struct in6_addr *saddr) 1297 { 1298 if (!timer_pending(&br->ip6_own_query.timer) && 1299 !timer_pending(&br->ip6_other_query.timer)) 1300 goto update; 1301 1302 if (ipv6_addr_cmp(saddr, &br->ip6_querier.addr.u.ip6) <= 0) 1303 goto update; 1304 1305 return false; 1306 1307 update: 1308 br->ip6_querier.addr.u.ip6 = *saddr; 1309 1310 /* update protected by general multicast_lock by caller */ 1311 rcu_assign_pointer(br->ip6_querier.port, port); 1312 1313 return true; 1314 } 1315 #endif 1316 1317 static bool br_multicast_select_querier(struct net_bridge *br, 1318 struct net_bridge_port *port, 1319 struct br_ip *saddr) 1320 { 1321 switch (saddr->proto) { 1322 case htons(ETH_P_IP): 1323 return br_ip4_multicast_select_querier(br, port, saddr->u.ip4); 1324 #if IS_ENABLED(CONFIG_IPV6) 1325 case htons(ETH_P_IPV6): 1326 return br_ip6_multicast_select_querier(br, port, &saddr->u.ip6); 1327 #endif 1328 } 1329 1330 return false; 1331 } 1332 1333 static void 1334 br_multicast_update_query_timer(struct net_bridge *br, 1335 struct bridge_mcast_other_query *query, 1336 unsigned long max_delay) 1337 { 1338 if (!timer_pending(&query->timer)) 1339 query->delay_time = jiffies + max_delay; 1340 1341 mod_timer(&query->timer, jiffies + br->multicast_querier_interval); 1342 } 1343 1344 static void br_port_mc_router_state_change(struct net_bridge_port *p, 1345 bool is_mc_router) 1346 { 1347 struct switchdev_attr attr = { 1348 .orig_dev = p->dev, 1349 .id = SWITCHDEV_ATTR_ID_PORT_MROUTER, 1350 .flags = SWITCHDEV_F_DEFER, 1351 .u.mrouter = is_mc_router, 1352 }; 1353 1354 switchdev_port_attr_set(p->dev, &attr); 1355 } 1356 1357 /* 1358 * Add port to router_list 1359 * list is maintained ordered by pointer value 1360 * and locked by br->multicast_lock and RCU 1361 */ 1362 static void br_multicast_add_router(struct net_bridge *br, 1363 struct net_bridge_port *port) 1364 { 1365 struct net_bridge_port *p; 1366 struct hlist_node *slot = NULL; 1367 1368 if (!hlist_unhashed(&port->rlist)) 1369 return; 1370 1371 hlist_for_each_entry(p, &br->router_list, rlist) { 1372 if ((unsigned long) port >= (unsigned long) p) 1373 break; 1374 slot = &p->rlist; 1375 } 1376 1377 if (slot) 1378 hlist_add_behind_rcu(&port->rlist, slot); 1379 else 1380 hlist_add_head_rcu(&port->rlist, &br->router_list); 1381 br_rtr_notify(br->dev, port, RTM_NEWMDB); 1382 br_port_mc_router_state_change(port, true); 1383 } 1384 1385 static void br_multicast_mark_router(struct net_bridge *br, 1386 struct net_bridge_port *port) 1387 { 1388 unsigned long now = jiffies; 1389 1390 if (!port) { 1391 if (br->multicast_router == MDB_RTR_TYPE_TEMP_QUERY) { 1392 if (!timer_pending(&br->multicast_router_timer)) 1393 br_mc_router_state_change(br, true); 1394 mod_timer(&br->multicast_router_timer, 1395 now + br->multicast_querier_interval); 1396 } 1397 return; 1398 } 1399 1400 if (port->multicast_router == MDB_RTR_TYPE_DISABLED || 1401 port->multicast_router == MDB_RTR_TYPE_PERM) 1402 return; 1403 1404 br_multicast_add_router(br, port); 1405 1406 mod_timer(&port->multicast_router_timer, 1407 now + br->multicast_querier_interval); 1408 } 1409 1410 static void br_multicast_query_received(struct net_bridge *br, 1411 struct net_bridge_port *port, 1412 struct bridge_mcast_other_query *query, 1413 struct br_ip *saddr, 1414 unsigned long max_delay) 1415 { 1416 if (!br_multicast_select_querier(br, port, saddr)) 1417 return; 1418 1419 br_multicast_update_query_timer(br, query, max_delay); 1420 br_multicast_mark_router(br, port); 1421 } 1422 1423 static int br_ip4_multicast_query(struct net_bridge *br, 1424 struct net_bridge_port *port, 1425 struct sk_buff *skb, 1426 u16 vid) 1427 { 1428 const struct iphdr *iph = ip_hdr(skb); 1429 struct igmphdr *ih = igmp_hdr(skb); 1430 struct net_bridge_mdb_entry *mp; 1431 struct igmpv3_query *ih3; 1432 struct net_bridge_port_group *p; 1433 struct net_bridge_port_group __rcu **pp; 1434 struct br_ip saddr; 1435 unsigned long max_delay; 1436 unsigned long now = jiffies; 1437 unsigned int offset = skb_transport_offset(skb); 1438 __be32 group; 1439 int err = 0; 1440 1441 spin_lock(&br->multicast_lock); 1442 if (!netif_running(br->dev) || 1443 (port && port->state == BR_STATE_DISABLED)) 1444 goto out; 1445 1446 group = ih->group; 1447 1448 if (skb->len == offset + sizeof(*ih)) { 1449 max_delay = ih->code * (HZ / IGMP_TIMER_SCALE); 1450 1451 if (!max_delay) { 1452 max_delay = 10 * HZ; 1453 group = 0; 1454 } 1455 } else if (skb->len >= offset + sizeof(*ih3)) { 1456 ih3 = igmpv3_query_hdr(skb); 1457 if (ih3->nsrcs) 1458 goto out; 1459 1460 max_delay = ih3->code ? 1461 IGMPV3_MRC(ih3->code) * (HZ / IGMP_TIMER_SCALE) : 1; 1462 } else { 1463 goto out; 1464 } 1465 1466 if (!group) { 1467 saddr.proto = htons(ETH_P_IP); 1468 saddr.u.ip4 = iph->saddr; 1469 1470 br_multicast_query_received(br, port, &br->ip4_other_query, 1471 &saddr, max_delay); 1472 goto out; 1473 } 1474 1475 mp = br_mdb_ip4_get(mlock_dereference(br->mdb, br), group, vid); 1476 if (!mp) 1477 goto out; 1478 1479 max_delay *= br->multicast_last_member_count; 1480 1481 if (mp->mglist && 1482 (timer_pending(&mp->timer) ? 1483 time_after(mp->timer.expires, now + max_delay) : 1484 try_to_del_timer_sync(&mp->timer) >= 0)) 1485 mod_timer(&mp->timer, now + max_delay); 1486 1487 for (pp = &mp->ports; 1488 (p = mlock_dereference(*pp, br)) != NULL; 1489 pp = &p->next) { 1490 if (timer_pending(&p->timer) ? 1491 time_after(p->timer.expires, now + max_delay) : 1492 try_to_del_timer_sync(&p->timer) >= 0) 1493 mod_timer(&p->timer, now + max_delay); 1494 } 1495 1496 out: 1497 spin_unlock(&br->multicast_lock); 1498 return err; 1499 } 1500 1501 #if IS_ENABLED(CONFIG_IPV6) 1502 static int br_ip6_multicast_query(struct net_bridge *br, 1503 struct net_bridge_port *port, 1504 struct sk_buff *skb, 1505 u16 vid) 1506 { 1507 const struct ipv6hdr *ip6h = ipv6_hdr(skb); 1508 struct mld_msg *mld; 1509 struct net_bridge_mdb_entry *mp; 1510 struct mld2_query *mld2q; 1511 struct net_bridge_port_group *p; 1512 struct net_bridge_port_group __rcu **pp; 1513 struct br_ip saddr; 1514 unsigned long max_delay; 1515 unsigned long now = jiffies; 1516 unsigned int offset = skb_transport_offset(skb); 1517 const struct in6_addr *group = NULL; 1518 bool is_general_query; 1519 int err = 0; 1520 1521 spin_lock(&br->multicast_lock); 1522 if (!netif_running(br->dev) || 1523 (port && port->state == BR_STATE_DISABLED)) 1524 goto out; 1525 1526 if (skb->len == offset + sizeof(*mld)) { 1527 if (!pskb_may_pull(skb, offset + sizeof(*mld))) { 1528 err = -EINVAL; 1529 goto out; 1530 } 1531 mld = (struct mld_msg *) icmp6_hdr(skb); 1532 max_delay = msecs_to_jiffies(ntohs(mld->mld_maxdelay)); 1533 if (max_delay) 1534 group = &mld->mld_mca; 1535 } else { 1536 if (!pskb_may_pull(skb, offset + sizeof(*mld2q))) { 1537 err = -EINVAL; 1538 goto out; 1539 } 1540 mld2q = (struct mld2_query *)icmp6_hdr(skb); 1541 if (!mld2q->mld2q_nsrcs) 1542 group = &mld2q->mld2q_mca; 1543 1544 max_delay = max(msecs_to_jiffies(mldv2_mrc(mld2q)), 1UL); 1545 } 1546 1547 is_general_query = group && ipv6_addr_any(group); 1548 1549 if (is_general_query) { 1550 saddr.proto = htons(ETH_P_IPV6); 1551 saddr.u.ip6 = ip6h->saddr; 1552 1553 br_multicast_query_received(br, port, &br->ip6_other_query, 1554 &saddr, max_delay); 1555 goto out; 1556 } else if (!group) { 1557 goto out; 1558 } 1559 1560 mp = br_mdb_ip6_get(mlock_dereference(br->mdb, br), group, vid); 1561 if (!mp) 1562 goto out; 1563 1564 max_delay *= br->multicast_last_member_count; 1565 if (mp->mglist && 1566 (timer_pending(&mp->timer) ? 1567 time_after(mp->timer.expires, now + max_delay) : 1568 try_to_del_timer_sync(&mp->timer) >= 0)) 1569 mod_timer(&mp->timer, now + max_delay); 1570 1571 for (pp = &mp->ports; 1572 (p = mlock_dereference(*pp, br)) != NULL; 1573 pp = &p->next) { 1574 if (timer_pending(&p->timer) ? 1575 time_after(p->timer.expires, now + max_delay) : 1576 try_to_del_timer_sync(&p->timer) >= 0) 1577 mod_timer(&p->timer, now + max_delay); 1578 } 1579 1580 out: 1581 spin_unlock(&br->multicast_lock); 1582 return err; 1583 } 1584 #endif 1585 1586 static void 1587 br_multicast_leave_group(struct net_bridge *br, 1588 struct net_bridge_port *port, 1589 struct br_ip *group, 1590 struct bridge_mcast_other_query *other_query, 1591 struct bridge_mcast_own_query *own_query, 1592 const unsigned char *src) 1593 { 1594 struct net_bridge_mdb_htable *mdb; 1595 struct net_bridge_mdb_entry *mp; 1596 struct net_bridge_port_group *p; 1597 unsigned long now; 1598 unsigned long time; 1599 1600 spin_lock(&br->multicast_lock); 1601 if (!netif_running(br->dev) || 1602 (port && port->state == BR_STATE_DISABLED)) 1603 goto out; 1604 1605 mdb = mlock_dereference(br->mdb, br); 1606 mp = br_mdb_ip_get(mdb, group); 1607 if (!mp) 1608 goto out; 1609 1610 if (port && (port->flags & BR_MULTICAST_FAST_LEAVE)) { 1611 struct net_bridge_port_group __rcu **pp; 1612 1613 for (pp = &mp->ports; 1614 (p = mlock_dereference(*pp, br)) != NULL; 1615 pp = &p->next) { 1616 if (!br_port_group_equal(p, port, src)) 1617 continue; 1618 1619 rcu_assign_pointer(*pp, p->next); 1620 hlist_del_init(&p->mglist); 1621 del_timer(&p->timer); 1622 call_rcu_bh(&p->rcu, br_multicast_free_pg); 1623 br_mdb_notify(br->dev, port, group, RTM_DELMDB, 1624 p->flags); 1625 1626 if (!mp->ports && !mp->mglist && 1627 netif_running(br->dev)) 1628 mod_timer(&mp->timer, jiffies); 1629 } 1630 goto out; 1631 } 1632 1633 if (timer_pending(&other_query->timer)) 1634 goto out; 1635 1636 if (br->multicast_querier) { 1637 __br_multicast_send_query(br, port, &mp->addr); 1638 1639 time = jiffies + br->multicast_last_member_count * 1640 br->multicast_last_member_interval; 1641 1642 mod_timer(&own_query->timer, time); 1643 1644 for (p = mlock_dereference(mp->ports, br); 1645 p != NULL; 1646 p = mlock_dereference(p->next, br)) { 1647 if (!br_port_group_equal(p, port, src)) 1648 continue; 1649 1650 if (!hlist_unhashed(&p->mglist) && 1651 (timer_pending(&p->timer) ? 1652 time_after(p->timer.expires, time) : 1653 try_to_del_timer_sync(&p->timer) >= 0)) { 1654 mod_timer(&p->timer, time); 1655 } 1656 1657 break; 1658 } 1659 } 1660 1661 now = jiffies; 1662 time = now + br->multicast_last_member_count * 1663 br->multicast_last_member_interval; 1664 1665 if (!port) { 1666 if (mp->mglist && 1667 (timer_pending(&mp->timer) ? 1668 time_after(mp->timer.expires, time) : 1669 try_to_del_timer_sync(&mp->timer) >= 0)) { 1670 mod_timer(&mp->timer, time); 1671 } 1672 1673 goto out; 1674 } 1675 1676 for (p = mlock_dereference(mp->ports, br); 1677 p != NULL; 1678 p = mlock_dereference(p->next, br)) { 1679 if (p->port != port) 1680 continue; 1681 1682 if (!hlist_unhashed(&p->mglist) && 1683 (timer_pending(&p->timer) ? 1684 time_after(p->timer.expires, time) : 1685 try_to_del_timer_sync(&p->timer) >= 0)) { 1686 mod_timer(&p->timer, time); 1687 } 1688 1689 break; 1690 } 1691 out: 1692 spin_unlock(&br->multicast_lock); 1693 } 1694 1695 static void br_ip4_multicast_leave_group(struct net_bridge *br, 1696 struct net_bridge_port *port, 1697 __be32 group, 1698 __u16 vid, 1699 const unsigned char *src) 1700 { 1701 struct br_ip br_group; 1702 struct bridge_mcast_own_query *own_query; 1703 1704 if (ipv4_is_local_multicast(group)) 1705 return; 1706 1707 own_query = port ? &port->ip4_own_query : &br->ip4_own_query; 1708 1709 br_group.u.ip4 = group; 1710 br_group.proto = htons(ETH_P_IP); 1711 br_group.vid = vid; 1712 1713 br_multicast_leave_group(br, port, &br_group, &br->ip4_other_query, 1714 own_query, src); 1715 } 1716 1717 #if IS_ENABLED(CONFIG_IPV6) 1718 static void br_ip6_multicast_leave_group(struct net_bridge *br, 1719 struct net_bridge_port *port, 1720 const struct in6_addr *group, 1721 __u16 vid, 1722 const unsigned char *src) 1723 { 1724 struct br_ip br_group; 1725 struct bridge_mcast_own_query *own_query; 1726 1727 if (ipv6_addr_is_ll_all_nodes(group)) 1728 return; 1729 1730 own_query = port ? &port->ip6_own_query : &br->ip6_own_query; 1731 1732 br_group.u.ip6 = *group; 1733 br_group.proto = htons(ETH_P_IPV6); 1734 br_group.vid = vid; 1735 1736 br_multicast_leave_group(br, port, &br_group, &br->ip6_other_query, 1737 own_query, src); 1738 } 1739 #endif 1740 1741 static void br_multicast_err_count(const struct net_bridge *br, 1742 const struct net_bridge_port *p, 1743 __be16 proto) 1744 { 1745 struct bridge_mcast_stats __percpu *stats; 1746 struct bridge_mcast_stats *pstats; 1747 1748 if (!br->multicast_stats_enabled) 1749 return; 1750 1751 if (p) 1752 stats = p->mcast_stats; 1753 else 1754 stats = br->mcast_stats; 1755 if (WARN_ON(!stats)) 1756 return; 1757 1758 pstats = this_cpu_ptr(stats); 1759 1760 u64_stats_update_begin(&pstats->syncp); 1761 switch (proto) { 1762 case htons(ETH_P_IP): 1763 pstats->mstats.igmp_parse_errors++; 1764 break; 1765 #if IS_ENABLED(CONFIG_IPV6) 1766 case htons(ETH_P_IPV6): 1767 pstats->mstats.mld_parse_errors++; 1768 break; 1769 #endif 1770 } 1771 u64_stats_update_end(&pstats->syncp); 1772 } 1773 1774 static void br_multicast_pim(struct net_bridge *br, 1775 struct net_bridge_port *port, 1776 const struct sk_buff *skb) 1777 { 1778 unsigned int offset = skb_transport_offset(skb); 1779 struct pimhdr *pimhdr, _pimhdr; 1780 1781 pimhdr = skb_header_pointer(skb, offset, sizeof(_pimhdr), &_pimhdr); 1782 if (!pimhdr || pim_hdr_version(pimhdr) != PIM_VERSION || 1783 pim_hdr_type(pimhdr) != PIM_TYPE_HELLO) 1784 return; 1785 1786 br_multicast_mark_router(br, port); 1787 } 1788 1789 static int br_multicast_ipv4_rcv(struct net_bridge *br, 1790 struct net_bridge_port *port, 1791 struct sk_buff *skb, 1792 u16 vid) 1793 { 1794 struct sk_buff *skb_trimmed = NULL; 1795 const unsigned char *src; 1796 struct igmphdr *ih; 1797 int err; 1798 1799 err = ip_mc_check_igmp(skb, &skb_trimmed); 1800 1801 if (err == -ENOMSG) { 1802 if (!ipv4_is_local_multicast(ip_hdr(skb)->daddr)) { 1803 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 1804 } else if (pim_ipv4_all_pim_routers(ip_hdr(skb)->daddr)) { 1805 if (ip_hdr(skb)->protocol == IPPROTO_PIM) 1806 br_multicast_pim(br, port, skb); 1807 } 1808 return 0; 1809 } else if (err < 0) { 1810 br_multicast_err_count(br, port, skb->protocol); 1811 return err; 1812 } 1813 1814 ih = igmp_hdr(skb); 1815 src = eth_hdr(skb)->h_source; 1816 BR_INPUT_SKB_CB(skb)->igmp = ih->type; 1817 1818 switch (ih->type) { 1819 case IGMP_HOST_MEMBERSHIP_REPORT: 1820 case IGMPV2_HOST_MEMBERSHIP_REPORT: 1821 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 1822 err = br_ip4_multicast_add_group(br, port, ih->group, vid, src); 1823 break; 1824 case IGMPV3_HOST_MEMBERSHIP_REPORT: 1825 err = br_ip4_multicast_igmp3_report(br, port, skb_trimmed, vid); 1826 break; 1827 case IGMP_HOST_MEMBERSHIP_QUERY: 1828 err = br_ip4_multicast_query(br, port, skb_trimmed, vid); 1829 break; 1830 case IGMP_HOST_LEAVE_MESSAGE: 1831 br_ip4_multicast_leave_group(br, port, ih->group, vid, src); 1832 break; 1833 } 1834 1835 if (skb_trimmed && skb_trimmed != skb) 1836 kfree_skb(skb_trimmed); 1837 1838 br_multicast_count(br, port, skb, BR_INPUT_SKB_CB(skb)->igmp, 1839 BR_MCAST_DIR_RX); 1840 1841 return err; 1842 } 1843 1844 #if IS_ENABLED(CONFIG_IPV6) 1845 static int br_multicast_ipv6_rcv(struct net_bridge *br, 1846 struct net_bridge_port *port, 1847 struct sk_buff *skb, 1848 u16 vid) 1849 { 1850 struct sk_buff *skb_trimmed = NULL; 1851 const unsigned char *src; 1852 struct mld_msg *mld; 1853 int err; 1854 1855 err = ipv6_mc_check_mld(skb, &skb_trimmed); 1856 1857 if (err == -ENOMSG) { 1858 if (!ipv6_addr_is_ll_all_nodes(&ipv6_hdr(skb)->daddr)) 1859 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 1860 return 0; 1861 } else if (err < 0) { 1862 br_multicast_err_count(br, port, skb->protocol); 1863 return err; 1864 } 1865 1866 mld = (struct mld_msg *)skb_transport_header(skb); 1867 BR_INPUT_SKB_CB(skb)->igmp = mld->mld_type; 1868 1869 switch (mld->mld_type) { 1870 case ICMPV6_MGM_REPORT: 1871 src = eth_hdr(skb)->h_source; 1872 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 1873 err = br_ip6_multicast_add_group(br, port, &mld->mld_mca, vid, 1874 src); 1875 break; 1876 case ICMPV6_MLD2_REPORT: 1877 err = br_ip6_multicast_mld2_report(br, port, skb_trimmed, vid); 1878 break; 1879 case ICMPV6_MGM_QUERY: 1880 err = br_ip6_multicast_query(br, port, skb_trimmed, vid); 1881 break; 1882 case ICMPV6_MGM_REDUCTION: 1883 src = eth_hdr(skb)->h_source; 1884 br_ip6_multicast_leave_group(br, port, &mld->mld_mca, vid, src); 1885 break; 1886 } 1887 1888 if (skb_trimmed && skb_trimmed != skb) 1889 kfree_skb(skb_trimmed); 1890 1891 br_multicast_count(br, port, skb, BR_INPUT_SKB_CB(skb)->igmp, 1892 BR_MCAST_DIR_RX); 1893 1894 return err; 1895 } 1896 #endif 1897 1898 int br_multicast_rcv(struct net_bridge *br, struct net_bridge_port *port, 1899 struct sk_buff *skb, u16 vid) 1900 { 1901 int ret = 0; 1902 1903 BR_INPUT_SKB_CB(skb)->igmp = 0; 1904 BR_INPUT_SKB_CB(skb)->mrouters_only = 0; 1905 1906 if (br->multicast_disabled) 1907 return 0; 1908 1909 switch (skb->protocol) { 1910 case htons(ETH_P_IP): 1911 ret = br_multicast_ipv4_rcv(br, port, skb, vid); 1912 break; 1913 #if IS_ENABLED(CONFIG_IPV6) 1914 case htons(ETH_P_IPV6): 1915 ret = br_multicast_ipv6_rcv(br, port, skb, vid); 1916 break; 1917 #endif 1918 } 1919 1920 return ret; 1921 } 1922 1923 static void br_multicast_query_expired(struct net_bridge *br, 1924 struct bridge_mcast_own_query *query, 1925 struct bridge_mcast_querier *querier) 1926 { 1927 spin_lock(&br->multicast_lock); 1928 if (query->startup_sent < br->multicast_startup_query_count) 1929 query->startup_sent++; 1930 1931 RCU_INIT_POINTER(querier->port, NULL); 1932 br_multicast_send_query(br, NULL, query); 1933 spin_unlock(&br->multicast_lock); 1934 } 1935 1936 static void br_ip4_multicast_query_expired(unsigned long data) 1937 { 1938 struct net_bridge *br = (void *)data; 1939 1940 br_multicast_query_expired(br, &br->ip4_own_query, &br->ip4_querier); 1941 } 1942 1943 #if IS_ENABLED(CONFIG_IPV6) 1944 static void br_ip6_multicast_query_expired(unsigned long data) 1945 { 1946 struct net_bridge *br = (void *)data; 1947 1948 br_multicast_query_expired(br, &br->ip6_own_query, &br->ip6_querier); 1949 } 1950 #endif 1951 1952 void br_multicast_init(struct net_bridge *br) 1953 { 1954 br->hash_elasticity = 4; 1955 br->hash_max = 512; 1956 1957 br->multicast_router = MDB_RTR_TYPE_TEMP_QUERY; 1958 br->multicast_querier = 0; 1959 br->multicast_query_use_ifaddr = 0; 1960 br->multicast_last_member_count = 2; 1961 br->multicast_startup_query_count = 2; 1962 1963 br->multicast_last_member_interval = HZ; 1964 br->multicast_query_response_interval = 10 * HZ; 1965 br->multicast_startup_query_interval = 125 * HZ / 4; 1966 br->multicast_query_interval = 125 * HZ; 1967 br->multicast_querier_interval = 255 * HZ; 1968 br->multicast_membership_interval = 260 * HZ; 1969 1970 br->ip4_other_query.delay_time = 0; 1971 br->ip4_querier.port = NULL; 1972 br->multicast_igmp_version = 2; 1973 #if IS_ENABLED(CONFIG_IPV6) 1974 br->multicast_mld_version = 1; 1975 br->ip6_other_query.delay_time = 0; 1976 br->ip6_querier.port = NULL; 1977 #endif 1978 br->has_ipv6_addr = 1; 1979 1980 spin_lock_init(&br->multicast_lock); 1981 setup_timer(&br->multicast_router_timer, 1982 br_multicast_local_router_expired, (unsigned long)br); 1983 setup_timer(&br->ip4_other_query.timer, 1984 br_ip4_multicast_querier_expired, (unsigned long)br); 1985 setup_timer(&br->ip4_own_query.timer, br_ip4_multicast_query_expired, 1986 (unsigned long)br); 1987 #if IS_ENABLED(CONFIG_IPV6) 1988 setup_timer(&br->ip6_other_query.timer, 1989 br_ip6_multicast_querier_expired, (unsigned long)br); 1990 setup_timer(&br->ip6_own_query.timer, br_ip6_multicast_query_expired, 1991 (unsigned long)br); 1992 #endif 1993 } 1994 1995 static void __br_multicast_open(struct net_bridge *br, 1996 struct bridge_mcast_own_query *query) 1997 { 1998 query->startup_sent = 0; 1999 2000 if (br->multicast_disabled) 2001 return; 2002 2003 mod_timer(&query->timer, jiffies); 2004 } 2005 2006 void br_multicast_open(struct net_bridge *br) 2007 { 2008 __br_multicast_open(br, &br->ip4_own_query); 2009 #if IS_ENABLED(CONFIG_IPV6) 2010 __br_multicast_open(br, &br->ip6_own_query); 2011 #endif 2012 } 2013 2014 void br_multicast_stop(struct net_bridge *br) 2015 { 2016 del_timer_sync(&br->multicast_router_timer); 2017 del_timer_sync(&br->ip4_other_query.timer); 2018 del_timer_sync(&br->ip4_own_query.timer); 2019 #if IS_ENABLED(CONFIG_IPV6) 2020 del_timer_sync(&br->ip6_other_query.timer); 2021 del_timer_sync(&br->ip6_own_query.timer); 2022 #endif 2023 } 2024 2025 void br_multicast_dev_del(struct net_bridge *br) 2026 { 2027 struct net_bridge_mdb_htable *mdb; 2028 struct net_bridge_mdb_entry *mp; 2029 struct hlist_node *n; 2030 u32 ver; 2031 int i; 2032 2033 spin_lock_bh(&br->multicast_lock); 2034 mdb = mlock_dereference(br->mdb, br); 2035 if (!mdb) 2036 goto out; 2037 2038 br->mdb = NULL; 2039 2040 ver = mdb->ver; 2041 for (i = 0; i < mdb->max; i++) { 2042 hlist_for_each_entry_safe(mp, n, &mdb->mhash[i], 2043 hlist[ver]) { 2044 del_timer(&mp->timer); 2045 call_rcu_bh(&mp->rcu, br_multicast_free_group); 2046 } 2047 } 2048 2049 if (mdb->old) { 2050 spin_unlock_bh(&br->multicast_lock); 2051 rcu_barrier_bh(); 2052 spin_lock_bh(&br->multicast_lock); 2053 WARN_ON(mdb->old); 2054 } 2055 2056 mdb->old = mdb; 2057 call_rcu_bh(&mdb->rcu, br_mdb_free); 2058 2059 out: 2060 spin_unlock_bh(&br->multicast_lock); 2061 } 2062 2063 int br_multicast_set_router(struct net_bridge *br, unsigned long val) 2064 { 2065 int err = -EINVAL; 2066 2067 spin_lock_bh(&br->multicast_lock); 2068 2069 switch (val) { 2070 case MDB_RTR_TYPE_DISABLED: 2071 case MDB_RTR_TYPE_PERM: 2072 br_mc_router_state_change(br, val == MDB_RTR_TYPE_PERM); 2073 del_timer(&br->multicast_router_timer); 2074 br->multicast_router = val; 2075 err = 0; 2076 break; 2077 case MDB_RTR_TYPE_TEMP_QUERY: 2078 if (br->multicast_router != MDB_RTR_TYPE_TEMP_QUERY) 2079 br_mc_router_state_change(br, false); 2080 br->multicast_router = val; 2081 err = 0; 2082 break; 2083 } 2084 2085 spin_unlock_bh(&br->multicast_lock); 2086 2087 return err; 2088 } 2089 2090 static void __del_port_router(struct net_bridge_port *p) 2091 { 2092 if (hlist_unhashed(&p->rlist)) 2093 return; 2094 hlist_del_init_rcu(&p->rlist); 2095 br_rtr_notify(p->br->dev, p, RTM_DELMDB); 2096 br_port_mc_router_state_change(p, false); 2097 2098 /* don't allow timer refresh */ 2099 if (p->multicast_router == MDB_RTR_TYPE_TEMP) 2100 p->multicast_router = MDB_RTR_TYPE_TEMP_QUERY; 2101 } 2102 2103 int br_multicast_set_port_router(struct net_bridge_port *p, unsigned long val) 2104 { 2105 struct net_bridge *br = p->br; 2106 unsigned long now = jiffies; 2107 int err = -EINVAL; 2108 2109 spin_lock(&br->multicast_lock); 2110 if (p->multicast_router == val) { 2111 /* Refresh the temp router port timer */ 2112 if (p->multicast_router == MDB_RTR_TYPE_TEMP) 2113 mod_timer(&p->multicast_router_timer, 2114 now + br->multicast_querier_interval); 2115 err = 0; 2116 goto unlock; 2117 } 2118 switch (val) { 2119 case MDB_RTR_TYPE_DISABLED: 2120 p->multicast_router = MDB_RTR_TYPE_DISABLED; 2121 __del_port_router(p); 2122 del_timer(&p->multicast_router_timer); 2123 break; 2124 case MDB_RTR_TYPE_TEMP_QUERY: 2125 p->multicast_router = MDB_RTR_TYPE_TEMP_QUERY; 2126 __del_port_router(p); 2127 break; 2128 case MDB_RTR_TYPE_PERM: 2129 p->multicast_router = MDB_RTR_TYPE_PERM; 2130 del_timer(&p->multicast_router_timer); 2131 br_multicast_add_router(br, p); 2132 break; 2133 case MDB_RTR_TYPE_TEMP: 2134 p->multicast_router = MDB_RTR_TYPE_TEMP; 2135 br_multicast_mark_router(br, p); 2136 break; 2137 default: 2138 goto unlock; 2139 } 2140 err = 0; 2141 unlock: 2142 spin_unlock(&br->multicast_lock); 2143 2144 return err; 2145 } 2146 2147 static void br_multicast_start_querier(struct net_bridge *br, 2148 struct bridge_mcast_own_query *query) 2149 { 2150 struct net_bridge_port *port; 2151 2152 __br_multicast_open(br, query); 2153 2154 list_for_each_entry(port, &br->port_list, list) { 2155 if (port->state == BR_STATE_DISABLED || 2156 port->state == BR_STATE_BLOCKING) 2157 continue; 2158 2159 if (query == &br->ip4_own_query) 2160 br_multicast_enable(&port->ip4_own_query); 2161 #if IS_ENABLED(CONFIG_IPV6) 2162 else 2163 br_multicast_enable(&port->ip6_own_query); 2164 #endif 2165 } 2166 } 2167 2168 int br_multicast_toggle(struct net_bridge *br, unsigned long val) 2169 { 2170 struct net_bridge_mdb_htable *mdb; 2171 struct net_bridge_port *port; 2172 int err = 0; 2173 2174 spin_lock_bh(&br->multicast_lock); 2175 if (br->multicast_disabled == !val) 2176 goto unlock; 2177 2178 br_mc_disabled_update(br->dev, !val); 2179 br->multicast_disabled = !val; 2180 if (br->multicast_disabled) 2181 goto unlock; 2182 2183 if (!netif_running(br->dev)) 2184 goto unlock; 2185 2186 mdb = mlock_dereference(br->mdb, br); 2187 if (mdb) { 2188 if (mdb->old) { 2189 err = -EEXIST; 2190 rollback: 2191 br->multicast_disabled = !!val; 2192 goto unlock; 2193 } 2194 2195 err = br_mdb_rehash(&br->mdb, mdb->max, 2196 br->hash_elasticity); 2197 if (err) 2198 goto rollback; 2199 } 2200 2201 br_multicast_open(br); 2202 list_for_each_entry(port, &br->port_list, list) 2203 __br_multicast_enable_port(port); 2204 2205 unlock: 2206 spin_unlock_bh(&br->multicast_lock); 2207 2208 return err; 2209 } 2210 2211 bool br_multicast_enabled(const struct net_device *dev) 2212 { 2213 struct net_bridge *br = netdev_priv(dev); 2214 2215 return !br->multicast_disabled; 2216 } 2217 EXPORT_SYMBOL_GPL(br_multicast_enabled); 2218 2219 bool br_multicast_router(const struct net_device *dev) 2220 { 2221 struct net_bridge *br = netdev_priv(dev); 2222 bool is_router; 2223 2224 spin_lock_bh(&br->multicast_lock); 2225 is_router = br_multicast_is_router(br); 2226 spin_unlock_bh(&br->multicast_lock); 2227 return is_router; 2228 } 2229 EXPORT_SYMBOL_GPL(br_multicast_router); 2230 2231 int br_multicast_set_querier(struct net_bridge *br, unsigned long val) 2232 { 2233 unsigned long max_delay; 2234 2235 val = !!val; 2236 2237 spin_lock_bh(&br->multicast_lock); 2238 if (br->multicast_querier == val) 2239 goto unlock; 2240 2241 br->multicast_querier = val; 2242 if (!val) 2243 goto unlock; 2244 2245 max_delay = br->multicast_query_response_interval; 2246 2247 if (!timer_pending(&br->ip4_other_query.timer)) 2248 br->ip4_other_query.delay_time = jiffies + max_delay; 2249 2250 br_multicast_start_querier(br, &br->ip4_own_query); 2251 2252 #if IS_ENABLED(CONFIG_IPV6) 2253 if (!timer_pending(&br->ip6_other_query.timer)) 2254 br->ip6_other_query.delay_time = jiffies + max_delay; 2255 2256 br_multicast_start_querier(br, &br->ip6_own_query); 2257 #endif 2258 2259 unlock: 2260 spin_unlock_bh(&br->multicast_lock); 2261 2262 return 0; 2263 } 2264 2265 int br_multicast_set_hash_max(struct net_bridge *br, unsigned long val) 2266 { 2267 int err = -EINVAL; 2268 u32 old; 2269 struct net_bridge_mdb_htable *mdb; 2270 2271 spin_lock_bh(&br->multicast_lock); 2272 if (!is_power_of_2(val)) 2273 goto unlock; 2274 2275 mdb = mlock_dereference(br->mdb, br); 2276 if (mdb && val < mdb->size) 2277 goto unlock; 2278 2279 err = 0; 2280 2281 old = br->hash_max; 2282 br->hash_max = val; 2283 2284 if (mdb) { 2285 if (mdb->old) { 2286 err = -EEXIST; 2287 rollback: 2288 br->hash_max = old; 2289 goto unlock; 2290 } 2291 2292 err = br_mdb_rehash(&br->mdb, br->hash_max, 2293 br->hash_elasticity); 2294 if (err) 2295 goto rollback; 2296 } 2297 2298 unlock: 2299 spin_unlock_bh(&br->multicast_lock); 2300 2301 return err; 2302 } 2303 2304 int br_multicast_set_igmp_version(struct net_bridge *br, unsigned long val) 2305 { 2306 /* Currently we support only version 2 and 3 */ 2307 switch (val) { 2308 case 2: 2309 case 3: 2310 break; 2311 default: 2312 return -EINVAL; 2313 } 2314 2315 spin_lock_bh(&br->multicast_lock); 2316 br->multicast_igmp_version = val; 2317 spin_unlock_bh(&br->multicast_lock); 2318 2319 return 0; 2320 } 2321 2322 #if IS_ENABLED(CONFIG_IPV6) 2323 int br_multicast_set_mld_version(struct net_bridge *br, unsigned long val) 2324 { 2325 /* Currently we support version 1 and 2 */ 2326 switch (val) { 2327 case 1: 2328 case 2: 2329 break; 2330 default: 2331 return -EINVAL; 2332 } 2333 2334 spin_lock_bh(&br->multicast_lock); 2335 br->multicast_mld_version = val; 2336 spin_unlock_bh(&br->multicast_lock); 2337 2338 return 0; 2339 } 2340 #endif 2341 2342 /** 2343 * br_multicast_list_adjacent - Returns snooped multicast addresses 2344 * @dev: The bridge port adjacent to which to retrieve addresses 2345 * @br_ip_list: The list to store found, snooped multicast IP addresses in 2346 * 2347 * Creates a list of IP addresses (struct br_ip_list) sensed by the multicast 2348 * snooping feature on all bridge ports of dev's bridge device, excluding 2349 * the addresses from dev itself. 2350 * 2351 * Returns the number of items added to br_ip_list. 2352 * 2353 * Notes: 2354 * - br_ip_list needs to be initialized by caller 2355 * - br_ip_list might contain duplicates in the end 2356 * (needs to be taken care of by caller) 2357 * - br_ip_list needs to be freed by caller 2358 */ 2359 int br_multicast_list_adjacent(struct net_device *dev, 2360 struct list_head *br_ip_list) 2361 { 2362 struct net_bridge *br; 2363 struct net_bridge_port *port; 2364 struct net_bridge_port_group *group; 2365 struct br_ip_list *entry; 2366 int count = 0; 2367 2368 rcu_read_lock(); 2369 if (!br_ip_list || !br_port_exists(dev)) 2370 goto unlock; 2371 2372 port = br_port_get_rcu(dev); 2373 if (!port || !port->br) 2374 goto unlock; 2375 2376 br = port->br; 2377 2378 list_for_each_entry_rcu(port, &br->port_list, list) { 2379 if (!port->dev || port->dev == dev) 2380 continue; 2381 2382 hlist_for_each_entry_rcu(group, &port->mglist, mglist) { 2383 entry = kmalloc(sizeof(*entry), GFP_ATOMIC); 2384 if (!entry) 2385 goto unlock; 2386 2387 entry->addr = group->addr; 2388 list_add(&entry->list, br_ip_list); 2389 count++; 2390 } 2391 } 2392 2393 unlock: 2394 rcu_read_unlock(); 2395 return count; 2396 } 2397 EXPORT_SYMBOL_GPL(br_multicast_list_adjacent); 2398 2399 /** 2400 * br_multicast_has_querier_anywhere - Checks for a querier on a bridge 2401 * @dev: The bridge port providing the bridge on which to check for a querier 2402 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6 2403 * 2404 * Checks whether the given interface has a bridge on top and if so returns 2405 * true if a valid querier exists anywhere on the bridged link layer. 2406 * Otherwise returns false. 2407 */ 2408 bool br_multicast_has_querier_anywhere(struct net_device *dev, int proto) 2409 { 2410 struct net_bridge *br; 2411 struct net_bridge_port *port; 2412 struct ethhdr eth; 2413 bool ret = false; 2414 2415 rcu_read_lock(); 2416 if (!br_port_exists(dev)) 2417 goto unlock; 2418 2419 port = br_port_get_rcu(dev); 2420 if (!port || !port->br) 2421 goto unlock; 2422 2423 br = port->br; 2424 2425 memset(ð, 0, sizeof(eth)); 2426 eth.h_proto = htons(proto); 2427 2428 ret = br_multicast_querier_exists(br, ð); 2429 2430 unlock: 2431 rcu_read_unlock(); 2432 return ret; 2433 } 2434 EXPORT_SYMBOL_GPL(br_multicast_has_querier_anywhere); 2435 2436 /** 2437 * br_multicast_has_querier_adjacent - Checks for a querier behind a bridge port 2438 * @dev: The bridge port adjacent to which to check for a querier 2439 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6 2440 * 2441 * Checks whether the given interface has a bridge on top and if so returns 2442 * true if a selected querier is behind one of the other ports of this 2443 * bridge. Otherwise returns false. 2444 */ 2445 bool br_multicast_has_querier_adjacent(struct net_device *dev, int proto) 2446 { 2447 struct net_bridge *br; 2448 struct net_bridge_port *port; 2449 bool ret = false; 2450 2451 rcu_read_lock(); 2452 if (!br_port_exists(dev)) 2453 goto unlock; 2454 2455 port = br_port_get_rcu(dev); 2456 if (!port || !port->br) 2457 goto unlock; 2458 2459 br = port->br; 2460 2461 switch (proto) { 2462 case ETH_P_IP: 2463 if (!timer_pending(&br->ip4_other_query.timer) || 2464 rcu_dereference(br->ip4_querier.port) == port) 2465 goto unlock; 2466 break; 2467 #if IS_ENABLED(CONFIG_IPV6) 2468 case ETH_P_IPV6: 2469 if (!timer_pending(&br->ip6_other_query.timer) || 2470 rcu_dereference(br->ip6_querier.port) == port) 2471 goto unlock; 2472 break; 2473 #endif 2474 default: 2475 goto unlock; 2476 } 2477 2478 ret = true; 2479 unlock: 2480 rcu_read_unlock(); 2481 return ret; 2482 } 2483 EXPORT_SYMBOL_GPL(br_multicast_has_querier_adjacent); 2484 2485 static void br_mcast_stats_add(struct bridge_mcast_stats __percpu *stats, 2486 const struct sk_buff *skb, u8 type, u8 dir) 2487 { 2488 struct bridge_mcast_stats *pstats = this_cpu_ptr(stats); 2489 __be16 proto = skb->protocol; 2490 unsigned int t_len; 2491 2492 u64_stats_update_begin(&pstats->syncp); 2493 switch (proto) { 2494 case htons(ETH_P_IP): 2495 t_len = ntohs(ip_hdr(skb)->tot_len) - ip_hdrlen(skb); 2496 switch (type) { 2497 case IGMP_HOST_MEMBERSHIP_REPORT: 2498 pstats->mstats.igmp_v1reports[dir]++; 2499 break; 2500 case IGMPV2_HOST_MEMBERSHIP_REPORT: 2501 pstats->mstats.igmp_v2reports[dir]++; 2502 break; 2503 case IGMPV3_HOST_MEMBERSHIP_REPORT: 2504 pstats->mstats.igmp_v3reports[dir]++; 2505 break; 2506 case IGMP_HOST_MEMBERSHIP_QUERY: 2507 if (t_len != sizeof(struct igmphdr)) { 2508 pstats->mstats.igmp_v3queries[dir]++; 2509 } else { 2510 unsigned int offset = skb_transport_offset(skb); 2511 struct igmphdr *ih, _ihdr; 2512 2513 ih = skb_header_pointer(skb, offset, 2514 sizeof(_ihdr), &_ihdr); 2515 if (!ih) 2516 break; 2517 if (!ih->code) 2518 pstats->mstats.igmp_v1queries[dir]++; 2519 else 2520 pstats->mstats.igmp_v2queries[dir]++; 2521 } 2522 break; 2523 case IGMP_HOST_LEAVE_MESSAGE: 2524 pstats->mstats.igmp_leaves[dir]++; 2525 break; 2526 } 2527 break; 2528 #if IS_ENABLED(CONFIG_IPV6) 2529 case htons(ETH_P_IPV6): 2530 t_len = ntohs(ipv6_hdr(skb)->payload_len) + 2531 sizeof(struct ipv6hdr); 2532 t_len -= skb_network_header_len(skb); 2533 switch (type) { 2534 case ICMPV6_MGM_REPORT: 2535 pstats->mstats.mld_v1reports[dir]++; 2536 break; 2537 case ICMPV6_MLD2_REPORT: 2538 pstats->mstats.mld_v2reports[dir]++; 2539 break; 2540 case ICMPV6_MGM_QUERY: 2541 if (t_len != sizeof(struct mld_msg)) 2542 pstats->mstats.mld_v2queries[dir]++; 2543 else 2544 pstats->mstats.mld_v1queries[dir]++; 2545 break; 2546 case ICMPV6_MGM_REDUCTION: 2547 pstats->mstats.mld_leaves[dir]++; 2548 break; 2549 } 2550 break; 2551 #endif /* CONFIG_IPV6 */ 2552 } 2553 u64_stats_update_end(&pstats->syncp); 2554 } 2555 2556 void br_multicast_count(struct net_bridge *br, const struct net_bridge_port *p, 2557 const struct sk_buff *skb, u8 type, u8 dir) 2558 { 2559 struct bridge_mcast_stats __percpu *stats; 2560 2561 /* if multicast_disabled is true then igmp type can't be set */ 2562 if (!type || !br->multicast_stats_enabled) 2563 return; 2564 2565 if (p) 2566 stats = p->mcast_stats; 2567 else 2568 stats = br->mcast_stats; 2569 if (WARN_ON(!stats)) 2570 return; 2571 2572 br_mcast_stats_add(stats, skb, type, dir); 2573 } 2574 2575 int br_multicast_init_stats(struct net_bridge *br) 2576 { 2577 br->mcast_stats = netdev_alloc_pcpu_stats(struct bridge_mcast_stats); 2578 if (!br->mcast_stats) 2579 return -ENOMEM; 2580 2581 return 0; 2582 } 2583 2584 void br_multicast_uninit_stats(struct net_bridge *br) 2585 { 2586 free_percpu(br->mcast_stats); 2587 } 2588 2589 static void mcast_stats_add_dir(u64 *dst, u64 *src) 2590 { 2591 dst[BR_MCAST_DIR_RX] += src[BR_MCAST_DIR_RX]; 2592 dst[BR_MCAST_DIR_TX] += src[BR_MCAST_DIR_TX]; 2593 } 2594 2595 void br_multicast_get_stats(const struct net_bridge *br, 2596 const struct net_bridge_port *p, 2597 struct br_mcast_stats *dest) 2598 { 2599 struct bridge_mcast_stats __percpu *stats; 2600 struct br_mcast_stats tdst; 2601 int i; 2602 2603 memset(dest, 0, sizeof(*dest)); 2604 if (p) 2605 stats = p->mcast_stats; 2606 else 2607 stats = br->mcast_stats; 2608 if (WARN_ON(!stats)) 2609 return; 2610 2611 memset(&tdst, 0, sizeof(tdst)); 2612 for_each_possible_cpu(i) { 2613 struct bridge_mcast_stats *cpu_stats = per_cpu_ptr(stats, i); 2614 struct br_mcast_stats temp; 2615 unsigned int start; 2616 2617 do { 2618 start = u64_stats_fetch_begin_irq(&cpu_stats->syncp); 2619 memcpy(&temp, &cpu_stats->mstats, sizeof(temp)); 2620 } while (u64_stats_fetch_retry_irq(&cpu_stats->syncp, start)); 2621 2622 mcast_stats_add_dir(tdst.igmp_v1queries, temp.igmp_v1queries); 2623 mcast_stats_add_dir(tdst.igmp_v2queries, temp.igmp_v2queries); 2624 mcast_stats_add_dir(tdst.igmp_v3queries, temp.igmp_v3queries); 2625 mcast_stats_add_dir(tdst.igmp_leaves, temp.igmp_leaves); 2626 mcast_stats_add_dir(tdst.igmp_v1reports, temp.igmp_v1reports); 2627 mcast_stats_add_dir(tdst.igmp_v2reports, temp.igmp_v2reports); 2628 mcast_stats_add_dir(tdst.igmp_v3reports, temp.igmp_v3reports); 2629 tdst.igmp_parse_errors += temp.igmp_parse_errors; 2630 2631 mcast_stats_add_dir(tdst.mld_v1queries, temp.mld_v1queries); 2632 mcast_stats_add_dir(tdst.mld_v2queries, temp.mld_v2queries); 2633 mcast_stats_add_dir(tdst.mld_leaves, temp.mld_leaves); 2634 mcast_stats_add_dir(tdst.mld_v1reports, temp.mld_v1reports); 2635 mcast_stats_add_dir(tdst.mld_v2reports, temp.mld_v2reports); 2636 tdst.mld_parse_errors += temp.mld_parse_errors; 2637 } 2638 memcpy(dest, &tdst, sizeof(*dest)); 2639 } 2640