1 /* 2 * Bridge multicast support. 3 * 4 * Copyright (c) 2010 Herbert Xu <herbert@gondor.apana.org.au> 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License as published by the Free 8 * Software Foundation; either version 2 of the License, or (at your option) 9 * any later version. 10 * 11 */ 12 13 #include <linux/err.h> 14 #include <linux/export.h> 15 #include <linux/if_ether.h> 16 #include <linux/igmp.h> 17 #include <linux/in.h> 18 #include <linux/jhash.h> 19 #include <linux/kernel.h> 20 #include <linux/log2.h> 21 #include <linux/netdevice.h> 22 #include <linux/netfilter_bridge.h> 23 #include <linux/random.h> 24 #include <linux/rculist.h> 25 #include <linux/skbuff.h> 26 #include <linux/slab.h> 27 #include <linux/timer.h> 28 #include <linux/inetdevice.h> 29 #include <linux/mroute.h> 30 #include <net/ip.h> 31 #include <net/switchdev.h> 32 #if IS_ENABLED(CONFIG_IPV6) 33 #include <linux/icmpv6.h> 34 #include <net/ipv6.h> 35 #include <net/mld.h> 36 #include <net/ip6_checksum.h> 37 #include <net/addrconf.h> 38 #endif 39 40 #include "br_private.h" 41 42 static const struct rhashtable_params br_mdb_rht_params = { 43 .head_offset = offsetof(struct net_bridge_mdb_entry, rhnode), 44 .key_offset = offsetof(struct net_bridge_mdb_entry, addr), 45 .key_len = sizeof(struct br_ip), 46 .automatic_shrinking = true, 47 .locks_mul = 1, 48 }; 49 50 static void br_multicast_start_querier(struct net_bridge *br, 51 struct bridge_mcast_own_query *query); 52 static void br_multicast_add_router(struct net_bridge *br, 53 struct net_bridge_port *port); 54 static void br_ip4_multicast_leave_group(struct net_bridge *br, 55 struct net_bridge_port *port, 56 __be32 group, 57 __u16 vid, 58 const unsigned char *src); 59 60 static void __del_port_router(struct net_bridge_port *p); 61 #if IS_ENABLED(CONFIG_IPV6) 62 static void br_ip6_multicast_leave_group(struct net_bridge *br, 63 struct net_bridge_port *port, 64 const struct in6_addr *group, 65 __u16 vid, const unsigned char *src); 66 #endif 67 68 static inline int br_ip_equal(const struct br_ip *a, const struct br_ip *b) 69 { 70 if (a->proto != b->proto) 71 return 0; 72 if (a->vid != b->vid) 73 return 0; 74 switch (a->proto) { 75 case htons(ETH_P_IP): 76 return a->u.ip4 == b->u.ip4; 77 #if IS_ENABLED(CONFIG_IPV6) 78 case htons(ETH_P_IPV6): 79 return ipv6_addr_equal(&a->u.ip6, &b->u.ip6); 80 #endif 81 } 82 return 0; 83 } 84 85 static struct net_bridge_mdb_entry *br_mdb_ip_get_rcu(struct net_bridge *br, 86 struct br_ip *dst) 87 { 88 return rhashtable_lookup(&br->mdb_hash_tbl, dst, br_mdb_rht_params); 89 } 90 91 struct net_bridge_mdb_entry *br_mdb_ip_get(struct net_bridge *br, 92 struct br_ip *dst) 93 { 94 struct net_bridge_mdb_entry *ent; 95 96 lockdep_assert_held_once(&br->multicast_lock); 97 98 rcu_read_lock(); 99 ent = rhashtable_lookup(&br->mdb_hash_tbl, dst, br_mdb_rht_params); 100 rcu_read_unlock(); 101 102 return ent; 103 } 104 105 static struct net_bridge_mdb_entry *br_mdb_ip4_get(struct net_bridge *br, 106 __be32 dst, __u16 vid) 107 { 108 struct br_ip br_dst; 109 110 memset(&br_dst, 0, sizeof(br_dst)); 111 br_dst.u.ip4 = dst; 112 br_dst.proto = htons(ETH_P_IP); 113 br_dst.vid = vid; 114 115 return br_mdb_ip_get(br, &br_dst); 116 } 117 118 #if IS_ENABLED(CONFIG_IPV6) 119 static struct net_bridge_mdb_entry *br_mdb_ip6_get(struct net_bridge *br, 120 const struct in6_addr *dst, 121 __u16 vid) 122 { 123 struct br_ip br_dst; 124 125 memset(&br_dst, 0, sizeof(br_dst)); 126 br_dst.u.ip6 = *dst; 127 br_dst.proto = htons(ETH_P_IPV6); 128 br_dst.vid = vid; 129 130 return br_mdb_ip_get(br, &br_dst); 131 } 132 #endif 133 134 struct net_bridge_mdb_entry *br_mdb_get(struct net_bridge *br, 135 struct sk_buff *skb, u16 vid) 136 { 137 struct br_ip ip; 138 139 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED)) 140 return NULL; 141 142 if (BR_INPUT_SKB_CB(skb)->igmp) 143 return NULL; 144 145 memset(&ip, 0, sizeof(ip)); 146 ip.proto = skb->protocol; 147 ip.vid = vid; 148 149 switch (skb->protocol) { 150 case htons(ETH_P_IP): 151 ip.u.ip4 = ip_hdr(skb)->daddr; 152 break; 153 #if IS_ENABLED(CONFIG_IPV6) 154 case htons(ETH_P_IPV6): 155 ip.u.ip6 = ipv6_hdr(skb)->daddr; 156 break; 157 #endif 158 default: 159 return NULL; 160 } 161 162 return br_mdb_ip_get_rcu(br, &ip); 163 } 164 165 static void br_multicast_group_expired(struct timer_list *t) 166 { 167 struct net_bridge_mdb_entry *mp = from_timer(mp, t, timer); 168 struct net_bridge *br = mp->br; 169 170 spin_lock(&br->multicast_lock); 171 if (!netif_running(br->dev) || timer_pending(&mp->timer)) 172 goto out; 173 174 mp->host_joined = false; 175 br_mdb_notify(br->dev, NULL, &mp->addr, RTM_DELMDB, 0); 176 177 if (mp->ports) 178 goto out; 179 180 rhashtable_remove_fast(&br->mdb_hash_tbl, &mp->rhnode, 181 br_mdb_rht_params); 182 hlist_del_rcu(&mp->mdb_node); 183 184 kfree_rcu(mp, rcu); 185 186 out: 187 spin_unlock(&br->multicast_lock); 188 } 189 190 static void br_multicast_del_pg(struct net_bridge *br, 191 struct net_bridge_port_group *pg) 192 { 193 struct net_bridge_mdb_entry *mp; 194 struct net_bridge_port_group *p; 195 struct net_bridge_port_group __rcu **pp; 196 197 mp = br_mdb_ip_get(br, &pg->addr); 198 if (WARN_ON(!mp)) 199 return; 200 201 for (pp = &mp->ports; 202 (p = mlock_dereference(*pp, br)) != NULL; 203 pp = &p->next) { 204 if (p != pg) 205 continue; 206 207 rcu_assign_pointer(*pp, p->next); 208 hlist_del_init(&p->mglist); 209 del_timer(&p->timer); 210 br_mdb_notify(br->dev, p->port, &pg->addr, RTM_DELMDB, 211 p->flags); 212 kfree_rcu(p, rcu); 213 214 if (!mp->ports && !mp->host_joined && 215 netif_running(br->dev)) 216 mod_timer(&mp->timer, jiffies); 217 218 return; 219 } 220 221 WARN_ON(1); 222 } 223 224 static void br_multicast_port_group_expired(struct timer_list *t) 225 { 226 struct net_bridge_port_group *pg = from_timer(pg, t, timer); 227 struct net_bridge *br = pg->port->br; 228 229 spin_lock(&br->multicast_lock); 230 if (!netif_running(br->dev) || timer_pending(&pg->timer) || 231 hlist_unhashed(&pg->mglist) || pg->flags & MDB_PG_FLAGS_PERMANENT) 232 goto out; 233 234 br_multicast_del_pg(br, pg); 235 236 out: 237 spin_unlock(&br->multicast_lock); 238 } 239 240 static struct sk_buff *br_ip4_multicast_alloc_query(struct net_bridge *br, 241 __be32 group, 242 u8 *igmp_type) 243 { 244 struct igmpv3_query *ihv3; 245 size_t igmp_hdr_size; 246 struct sk_buff *skb; 247 struct igmphdr *ih; 248 struct ethhdr *eth; 249 struct iphdr *iph; 250 251 igmp_hdr_size = sizeof(*ih); 252 if (br->multicast_igmp_version == 3) 253 igmp_hdr_size = sizeof(*ihv3); 254 skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*iph) + 255 igmp_hdr_size + 4); 256 if (!skb) 257 goto out; 258 259 skb->protocol = htons(ETH_P_IP); 260 261 skb_reset_mac_header(skb); 262 eth = eth_hdr(skb); 263 264 ether_addr_copy(eth->h_source, br->dev->dev_addr); 265 eth->h_dest[0] = 1; 266 eth->h_dest[1] = 0; 267 eth->h_dest[2] = 0x5e; 268 eth->h_dest[3] = 0; 269 eth->h_dest[4] = 0; 270 eth->h_dest[5] = 1; 271 eth->h_proto = htons(ETH_P_IP); 272 skb_put(skb, sizeof(*eth)); 273 274 skb_set_network_header(skb, skb->len); 275 iph = ip_hdr(skb); 276 277 iph->version = 4; 278 iph->ihl = 6; 279 iph->tos = 0xc0; 280 iph->tot_len = htons(sizeof(*iph) + igmp_hdr_size + 4); 281 iph->id = 0; 282 iph->frag_off = htons(IP_DF); 283 iph->ttl = 1; 284 iph->protocol = IPPROTO_IGMP; 285 iph->saddr = br_opt_get(br, BROPT_MULTICAST_QUERY_USE_IFADDR) ? 286 inet_select_addr(br->dev, 0, RT_SCOPE_LINK) : 0; 287 iph->daddr = htonl(INADDR_ALLHOSTS_GROUP); 288 ((u8 *)&iph[1])[0] = IPOPT_RA; 289 ((u8 *)&iph[1])[1] = 4; 290 ((u8 *)&iph[1])[2] = 0; 291 ((u8 *)&iph[1])[3] = 0; 292 ip_send_check(iph); 293 skb_put(skb, 24); 294 295 skb_set_transport_header(skb, skb->len); 296 *igmp_type = IGMP_HOST_MEMBERSHIP_QUERY; 297 298 switch (br->multicast_igmp_version) { 299 case 2: 300 ih = igmp_hdr(skb); 301 ih->type = IGMP_HOST_MEMBERSHIP_QUERY; 302 ih->code = (group ? br->multicast_last_member_interval : 303 br->multicast_query_response_interval) / 304 (HZ / IGMP_TIMER_SCALE); 305 ih->group = group; 306 ih->csum = 0; 307 ih->csum = ip_compute_csum((void *)ih, sizeof(*ih)); 308 break; 309 case 3: 310 ihv3 = igmpv3_query_hdr(skb); 311 ihv3->type = IGMP_HOST_MEMBERSHIP_QUERY; 312 ihv3->code = (group ? br->multicast_last_member_interval : 313 br->multicast_query_response_interval) / 314 (HZ / IGMP_TIMER_SCALE); 315 ihv3->group = group; 316 ihv3->qqic = br->multicast_query_interval / HZ; 317 ihv3->nsrcs = 0; 318 ihv3->resv = 0; 319 ihv3->suppress = 0; 320 ihv3->qrv = 2; 321 ihv3->csum = 0; 322 ihv3->csum = ip_compute_csum((void *)ihv3, sizeof(*ihv3)); 323 break; 324 } 325 326 skb_put(skb, igmp_hdr_size); 327 __skb_pull(skb, sizeof(*eth)); 328 329 out: 330 return skb; 331 } 332 333 #if IS_ENABLED(CONFIG_IPV6) 334 static struct sk_buff *br_ip6_multicast_alloc_query(struct net_bridge *br, 335 const struct in6_addr *grp, 336 u8 *igmp_type) 337 { 338 struct mld2_query *mld2q; 339 unsigned long interval; 340 struct ipv6hdr *ip6h; 341 struct mld_msg *mldq; 342 size_t mld_hdr_size; 343 struct sk_buff *skb; 344 struct ethhdr *eth; 345 u8 *hopopt; 346 347 mld_hdr_size = sizeof(*mldq); 348 if (br->multicast_mld_version == 2) 349 mld_hdr_size = sizeof(*mld2q); 350 skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*ip6h) + 351 8 + mld_hdr_size); 352 if (!skb) 353 goto out; 354 355 skb->protocol = htons(ETH_P_IPV6); 356 357 /* Ethernet header */ 358 skb_reset_mac_header(skb); 359 eth = eth_hdr(skb); 360 361 ether_addr_copy(eth->h_source, br->dev->dev_addr); 362 eth->h_proto = htons(ETH_P_IPV6); 363 skb_put(skb, sizeof(*eth)); 364 365 /* IPv6 header + HbH option */ 366 skb_set_network_header(skb, skb->len); 367 ip6h = ipv6_hdr(skb); 368 369 *(__force __be32 *)ip6h = htonl(0x60000000); 370 ip6h->payload_len = htons(8 + mld_hdr_size); 371 ip6h->nexthdr = IPPROTO_HOPOPTS; 372 ip6h->hop_limit = 1; 373 ipv6_addr_set(&ip6h->daddr, htonl(0xff020000), 0, 0, htonl(1)); 374 if (ipv6_dev_get_saddr(dev_net(br->dev), br->dev, &ip6h->daddr, 0, 375 &ip6h->saddr)) { 376 kfree_skb(skb); 377 br_opt_toggle(br, BROPT_HAS_IPV6_ADDR, false); 378 return NULL; 379 } 380 381 br_opt_toggle(br, BROPT_HAS_IPV6_ADDR, true); 382 ipv6_eth_mc_map(&ip6h->daddr, eth->h_dest); 383 384 hopopt = (u8 *)(ip6h + 1); 385 hopopt[0] = IPPROTO_ICMPV6; /* next hdr */ 386 hopopt[1] = 0; /* length of HbH */ 387 hopopt[2] = IPV6_TLV_ROUTERALERT; /* Router Alert */ 388 hopopt[3] = 2; /* Length of RA Option */ 389 hopopt[4] = 0; /* Type = 0x0000 (MLD) */ 390 hopopt[5] = 0; 391 hopopt[6] = IPV6_TLV_PAD1; /* Pad1 */ 392 hopopt[7] = IPV6_TLV_PAD1; /* Pad1 */ 393 394 skb_put(skb, sizeof(*ip6h) + 8); 395 396 /* ICMPv6 */ 397 skb_set_transport_header(skb, skb->len); 398 interval = ipv6_addr_any(grp) ? 399 br->multicast_query_response_interval : 400 br->multicast_last_member_interval; 401 *igmp_type = ICMPV6_MGM_QUERY; 402 switch (br->multicast_mld_version) { 403 case 1: 404 mldq = (struct mld_msg *)icmp6_hdr(skb); 405 mldq->mld_type = ICMPV6_MGM_QUERY; 406 mldq->mld_code = 0; 407 mldq->mld_cksum = 0; 408 mldq->mld_maxdelay = htons((u16)jiffies_to_msecs(interval)); 409 mldq->mld_reserved = 0; 410 mldq->mld_mca = *grp; 411 mldq->mld_cksum = csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr, 412 sizeof(*mldq), IPPROTO_ICMPV6, 413 csum_partial(mldq, 414 sizeof(*mldq), 415 0)); 416 break; 417 case 2: 418 mld2q = (struct mld2_query *)icmp6_hdr(skb); 419 mld2q->mld2q_mrc = htons((u16)jiffies_to_msecs(interval)); 420 mld2q->mld2q_type = ICMPV6_MGM_QUERY; 421 mld2q->mld2q_code = 0; 422 mld2q->mld2q_cksum = 0; 423 mld2q->mld2q_resv1 = 0; 424 mld2q->mld2q_resv2 = 0; 425 mld2q->mld2q_suppress = 0; 426 mld2q->mld2q_qrv = 2; 427 mld2q->mld2q_nsrcs = 0; 428 mld2q->mld2q_qqic = br->multicast_query_interval / HZ; 429 mld2q->mld2q_mca = *grp; 430 mld2q->mld2q_cksum = csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr, 431 sizeof(*mld2q), 432 IPPROTO_ICMPV6, 433 csum_partial(mld2q, 434 sizeof(*mld2q), 435 0)); 436 break; 437 } 438 skb_put(skb, mld_hdr_size); 439 440 __skb_pull(skb, sizeof(*eth)); 441 442 out: 443 return skb; 444 } 445 #endif 446 447 static struct sk_buff *br_multicast_alloc_query(struct net_bridge *br, 448 struct br_ip *addr, 449 u8 *igmp_type) 450 { 451 switch (addr->proto) { 452 case htons(ETH_P_IP): 453 return br_ip4_multicast_alloc_query(br, addr->u.ip4, igmp_type); 454 #if IS_ENABLED(CONFIG_IPV6) 455 case htons(ETH_P_IPV6): 456 return br_ip6_multicast_alloc_query(br, &addr->u.ip6, 457 igmp_type); 458 #endif 459 } 460 return NULL; 461 } 462 463 struct net_bridge_mdb_entry *br_multicast_new_group(struct net_bridge *br, 464 struct br_ip *group) 465 { 466 struct net_bridge_mdb_entry *mp; 467 int err; 468 469 mp = br_mdb_ip_get(br, group); 470 if (mp) 471 return mp; 472 473 if (atomic_read(&br->mdb_hash_tbl.nelems) >= br->hash_max) { 474 br_opt_toggle(br, BROPT_MULTICAST_ENABLED, false); 475 return ERR_PTR(-E2BIG); 476 } 477 478 mp = kzalloc(sizeof(*mp), GFP_ATOMIC); 479 if (unlikely(!mp)) 480 return ERR_PTR(-ENOMEM); 481 482 mp->br = br; 483 mp->addr = *group; 484 timer_setup(&mp->timer, br_multicast_group_expired, 0); 485 err = rhashtable_lookup_insert_fast(&br->mdb_hash_tbl, &mp->rhnode, 486 br_mdb_rht_params); 487 if (err) { 488 kfree(mp); 489 mp = ERR_PTR(err); 490 } else { 491 hlist_add_head_rcu(&mp->mdb_node, &br->mdb_list); 492 } 493 494 return mp; 495 } 496 497 struct net_bridge_port_group *br_multicast_new_port_group( 498 struct net_bridge_port *port, 499 struct br_ip *group, 500 struct net_bridge_port_group __rcu *next, 501 unsigned char flags, 502 const unsigned char *src) 503 { 504 struct net_bridge_port_group *p; 505 506 p = kzalloc(sizeof(*p), GFP_ATOMIC); 507 if (unlikely(!p)) 508 return NULL; 509 510 p->addr = *group; 511 p->port = port; 512 p->flags = flags; 513 rcu_assign_pointer(p->next, next); 514 hlist_add_head(&p->mglist, &port->mglist); 515 timer_setup(&p->timer, br_multicast_port_group_expired, 0); 516 517 if (src) 518 memcpy(p->eth_addr, src, ETH_ALEN); 519 else 520 memset(p->eth_addr, 0xff, ETH_ALEN); 521 522 return p; 523 } 524 525 static bool br_port_group_equal(struct net_bridge_port_group *p, 526 struct net_bridge_port *port, 527 const unsigned char *src) 528 { 529 if (p->port != port) 530 return false; 531 532 if (!(port->flags & BR_MULTICAST_TO_UNICAST)) 533 return true; 534 535 return ether_addr_equal(src, p->eth_addr); 536 } 537 538 static int br_multicast_add_group(struct net_bridge *br, 539 struct net_bridge_port *port, 540 struct br_ip *group, 541 const unsigned char *src) 542 { 543 struct net_bridge_port_group __rcu **pp; 544 struct net_bridge_port_group *p; 545 struct net_bridge_mdb_entry *mp; 546 unsigned long now = jiffies; 547 int err; 548 549 spin_lock(&br->multicast_lock); 550 if (!netif_running(br->dev) || 551 (port && port->state == BR_STATE_DISABLED)) 552 goto out; 553 554 mp = br_multicast_new_group(br, group); 555 err = PTR_ERR(mp); 556 if (IS_ERR(mp)) 557 goto err; 558 559 if (!port) { 560 if (!mp->host_joined) { 561 mp->host_joined = true; 562 br_mdb_notify(br->dev, NULL, &mp->addr, RTM_NEWMDB, 0); 563 } 564 mod_timer(&mp->timer, now + br->multicast_membership_interval); 565 goto out; 566 } 567 568 for (pp = &mp->ports; 569 (p = mlock_dereference(*pp, br)) != NULL; 570 pp = &p->next) { 571 if (br_port_group_equal(p, port, src)) 572 goto found; 573 if ((unsigned long)p->port < (unsigned long)port) 574 break; 575 } 576 577 p = br_multicast_new_port_group(port, group, *pp, 0, src); 578 if (unlikely(!p)) 579 goto err; 580 rcu_assign_pointer(*pp, p); 581 br_mdb_notify(br->dev, port, group, RTM_NEWMDB, 0); 582 583 found: 584 mod_timer(&p->timer, now + br->multicast_membership_interval); 585 out: 586 err = 0; 587 588 err: 589 spin_unlock(&br->multicast_lock); 590 return err; 591 } 592 593 static int br_ip4_multicast_add_group(struct net_bridge *br, 594 struct net_bridge_port *port, 595 __be32 group, 596 __u16 vid, 597 const unsigned char *src) 598 { 599 struct br_ip br_group; 600 601 if (ipv4_is_local_multicast(group)) 602 return 0; 603 604 br_group.u.ip4 = group; 605 br_group.proto = htons(ETH_P_IP); 606 br_group.vid = vid; 607 608 return br_multicast_add_group(br, port, &br_group, src); 609 } 610 611 #if IS_ENABLED(CONFIG_IPV6) 612 static int br_ip6_multicast_add_group(struct net_bridge *br, 613 struct net_bridge_port *port, 614 const struct in6_addr *group, 615 __u16 vid, 616 const unsigned char *src) 617 { 618 struct br_ip br_group; 619 620 if (ipv6_addr_is_ll_all_nodes(group)) 621 return 0; 622 623 memset(&br_group, 0, sizeof(br_group)); 624 br_group.u.ip6 = *group; 625 br_group.proto = htons(ETH_P_IPV6); 626 br_group.vid = vid; 627 628 return br_multicast_add_group(br, port, &br_group, src); 629 } 630 #endif 631 632 static void br_multicast_router_expired(struct timer_list *t) 633 { 634 struct net_bridge_port *port = 635 from_timer(port, t, multicast_router_timer); 636 struct net_bridge *br = port->br; 637 638 spin_lock(&br->multicast_lock); 639 if (port->multicast_router == MDB_RTR_TYPE_DISABLED || 640 port->multicast_router == MDB_RTR_TYPE_PERM || 641 timer_pending(&port->multicast_router_timer)) 642 goto out; 643 644 __del_port_router(port); 645 out: 646 spin_unlock(&br->multicast_lock); 647 } 648 649 static void br_mc_router_state_change(struct net_bridge *p, 650 bool is_mc_router) 651 { 652 struct switchdev_attr attr = { 653 .orig_dev = p->dev, 654 .id = SWITCHDEV_ATTR_ID_BRIDGE_MROUTER, 655 .flags = SWITCHDEV_F_DEFER, 656 .u.mrouter = is_mc_router, 657 }; 658 659 switchdev_port_attr_set(p->dev, &attr); 660 } 661 662 static void br_multicast_local_router_expired(struct timer_list *t) 663 { 664 struct net_bridge *br = from_timer(br, t, multicast_router_timer); 665 666 spin_lock(&br->multicast_lock); 667 if (br->multicast_router == MDB_RTR_TYPE_DISABLED || 668 br->multicast_router == MDB_RTR_TYPE_PERM || 669 timer_pending(&br->multicast_router_timer)) 670 goto out; 671 672 br_mc_router_state_change(br, false); 673 out: 674 spin_unlock(&br->multicast_lock); 675 } 676 677 static void br_multicast_querier_expired(struct net_bridge *br, 678 struct bridge_mcast_own_query *query) 679 { 680 spin_lock(&br->multicast_lock); 681 if (!netif_running(br->dev) || !br_opt_get(br, BROPT_MULTICAST_ENABLED)) 682 goto out; 683 684 br_multicast_start_querier(br, query); 685 686 out: 687 spin_unlock(&br->multicast_lock); 688 } 689 690 static void br_ip4_multicast_querier_expired(struct timer_list *t) 691 { 692 struct net_bridge *br = from_timer(br, t, ip4_other_query.timer); 693 694 br_multicast_querier_expired(br, &br->ip4_own_query); 695 } 696 697 #if IS_ENABLED(CONFIG_IPV6) 698 static void br_ip6_multicast_querier_expired(struct timer_list *t) 699 { 700 struct net_bridge *br = from_timer(br, t, ip6_other_query.timer); 701 702 br_multicast_querier_expired(br, &br->ip6_own_query); 703 } 704 #endif 705 706 static void br_multicast_select_own_querier(struct net_bridge *br, 707 struct br_ip *ip, 708 struct sk_buff *skb) 709 { 710 if (ip->proto == htons(ETH_P_IP)) 711 br->ip4_querier.addr.u.ip4 = ip_hdr(skb)->saddr; 712 #if IS_ENABLED(CONFIG_IPV6) 713 else 714 br->ip6_querier.addr.u.ip6 = ipv6_hdr(skb)->saddr; 715 #endif 716 } 717 718 static void __br_multicast_send_query(struct net_bridge *br, 719 struct net_bridge_port *port, 720 struct br_ip *ip) 721 { 722 struct sk_buff *skb; 723 u8 igmp_type; 724 725 skb = br_multicast_alloc_query(br, ip, &igmp_type); 726 if (!skb) 727 return; 728 729 if (port) { 730 skb->dev = port->dev; 731 br_multicast_count(br, port, skb, igmp_type, 732 BR_MCAST_DIR_TX); 733 NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, 734 dev_net(port->dev), NULL, skb, NULL, skb->dev, 735 br_dev_queue_push_xmit); 736 } else { 737 br_multicast_select_own_querier(br, ip, skb); 738 br_multicast_count(br, port, skb, igmp_type, 739 BR_MCAST_DIR_RX); 740 netif_rx(skb); 741 } 742 } 743 744 static void br_multicast_send_query(struct net_bridge *br, 745 struct net_bridge_port *port, 746 struct bridge_mcast_own_query *own_query) 747 { 748 struct bridge_mcast_other_query *other_query = NULL; 749 struct br_ip br_group; 750 unsigned long time; 751 752 if (!netif_running(br->dev) || 753 !br_opt_get(br, BROPT_MULTICAST_ENABLED) || 754 !br_opt_get(br, BROPT_MULTICAST_QUERIER)) 755 return; 756 757 memset(&br_group.u, 0, sizeof(br_group.u)); 758 759 if (port ? (own_query == &port->ip4_own_query) : 760 (own_query == &br->ip4_own_query)) { 761 other_query = &br->ip4_other_query; 762 br_group.proto = htons(ETH_P_IP); 763 #if IS_ENABLED(CONFIG_IPV6) 764 } else { 765 other_query = &br->ip6_other_query; 766 br_group.proto = htons(ETH_P_IPV6); 767 #endif 768 } 769 770 if (!other_query || timer_pending(&other_query->timer)) 771 return; 772 773 __br_multicast_send_query(br, port, &br_group); 774 775 time = jiffies; 776 time += own_query->startup_sent < br->multicast_startup_query_count ? 777 br->multicast_startup_query_interval : 778 br->multicast_query_interval; 779 mod_timer(&own_query->timer, time); 780 } 781 782 static void 783 br_multicast_port_query_expired(struct net_bridge_port *port, 784 struct bridge_mcast_own_query *query) 785 { 786 struct net_bridge *br = port->br; 787 788 spin_lock(&br->multicast_lock); 789 if (port->state == BR_STATE_DISABLED || 790 port->state == BR_STATE_BLOCKING) 791 goto out; 792 793 if (query->startup_sent < br->multicast_startup_query_count) 794 query->startup_sent++; 795 796 br_multicast_send_query(port->br, port, query); 797 798 out: 799 spin_unlock(&br->multicast_lock); 800 } 801 802 static void br_ip4_multicast_port_query_expired(struct timer_list *t) 803 { 804 struct net_bridge_port *port = from_timer(port, t, ip4_own_query.timer); 805 806 br_multicast_port_query_expired(port, &port->ip4_own_query); 807 } 808 809 #if IS_ENABLED(CONFIG_IPV6) 810 static void br_ip6_multicast_port_query_expired(struct timer_list *t) 811 { 812 struct net_bridge_port *port = from_timer(port, t, ip6_own_query.timer); 813 814 br_multicast_port_query_expired(port, &port->ip6_own_query); 815 } 816 #endif 817 818 static void br_mc_disabled_update(struct net_device *dev, bool value) 819 { 820 struct switchdev_attr attr = { 821 .orig_dev = dev, 822 .id = SWITCHDEV_ATTR_ID_BRIDGE_MC_DISABLED, 823 .flags = SWITCHDEV_F_DEFER, 824 .u.mc_disabled = !value, 825 }; 826 827 switchdev_port_attr_set(dev, &attr); 828 } 829 830 int br_multicast_add_port(struct net_bridge_port *port) 831 { 832 port->multicast_router = MDB_RTR_TYPE_TEMP_QUERY; 833 834 timer_setup(&port->multicast_router_timer, 835 br_multicast_router_expired, 0); 836 timer_setup(&port->ip4_own_query.timer, 837 br_ip4_multicast_port_query_expired, 0); 838 #if IS_ENABLED(CONFIG_IPV6) 839 timer_setup(&port->ip6_own_query.timer, 840 br_ip6_multicast_port_query_expired, 0); 841 #endif 842 br_mc_disabled_update(port->dev, 843 br_opt_get(port->br, BROPT_MULTICAST_ENABLED)); 844 845 port->mcast_stats = netdev_alloc_pcpu_stats(struct bridge_mcast_stats); 846 if (!port->mcast_stats) 847 return -ENOMEM; 848 849 return 0; 850 } 851 852 void br_multicast_del_port(struct net_bridge_port *port) 853 { 854 struct net_bridge *br = port->br; 855 struct net_bridge_port_group *pg; 856 struct hlist_node *n; 857 858 /* Take care of the remaining groups, only perm ones should be left */ 859 spin_lock_bh(&br->multicast_lock); 860 hlist_for_each_entry_safe(pg, n, &port->mglist, mglist) 861 br_multicast_del_pg(br, pg); 862 spin_unlock_bh(&br->multicast_lock); 863 del_timer_sync(&port->multicast_router_timer); 864 free_percpu(port->mcast_stats); 865 } 866 867 static void br_multicast_enable(struct bridge_mcast_own_query *query) 868 { 869 query->startup_sent = 0; 870 871 if (try_to_del_timer_sync(&query->timer) >= 0 || 872 del_timer(&query->timer)) 873 mod_timer(&query->timer, jiffies); 874 } 875 876 static void __br_multicast_enable_port(struct net_bridge_port *port) 877 { 878 struct net_bridge *br = port->br; 879 880 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED) || !netif_running(br->dev)) 881 return; 882 883 br_multicast_enable(&port->ip4_own_query); 884 #if IS_ENABLED(CONFIG_IPV6) 885 br_multicast_enable(&port->ip6_own_query); 886 #endif 887 if (port->multicast_router == MDB_RTR_TYPE_PERM && 888 hlist_unhashed(&port->rlist)) 889 br_multicast_add_router(br, port); 890 } 891 892 void br_multicast_enable_port(struct net_bridge_port *port) 893 { 894 struct net_bridge *br = port->br; 895 896 spin_lock(&br->multicast_lock); 897 __br_multicast_enable_port(port); 898 spin_unlock(&br->multicast_lock); 899 } 900 901 void br_multicast_disable_port(struct net_bridge_port *port) 902 { 903 struct net_bridge *br = port->br; 904 struct net_bridge_port_group *pg; 905 struct hlist_node *n; 906 907 spin_lock(&br->multicast_lock); 908 hlist_for_each_entry_safe(pg, n, &port->mglist, mglist) 909 if (!(pg->flags & MDB_PG_FLAGS_PERMANENT)) 910 br_multicast_del_pg(br, pg); 911 912 __del_port_router(port); 913 914 del_timer(&port->multicast_router_timer); 915 del_timer(&port->ip4_own_query.timer); 916 #if IS_ENABLED(CONFIG_IPV6) 917 del_timer(&port->ip6_own_query.timer); 918 #endif 919 spin_unlock(&br->multicast_lock); 920 } 921 922 static int br_ip4_multicast_igmp3_report(struct net_bridge *br, 923 struct net_bridge_port *port, 924 struct sk_buff *skb, 925 u16 vid) 926 { 927 const unsigned char *src; 928 struct igmpv3_report *ih; 929 struct igmpv3_grec *grec; 930 int i; 931 int len; 932 int num; 933 int type; 934 int err = 0; 935 __be32 group; 936 937 ih = igmpv3_report_hdr(skb); 938 num = ntohs(ih->ngrec); 939 len = skb_transport_offset(skb) + sizeof(*ih); 940 941 for (i = 0; i < num; i++) { 942 len += sizeof(*grec); 943 if (!ip_mc_may_pull(skb, len)) 944 return -EINVAL; 945 946 grec = (void *)(skb->data + len - sizeof(*grec)); 947 group = grec->grec_mca; 948 type = grec->grec_type; 949 950 len += ntohs(grec->grec_nsrcs) * 4; 951 if (!ip_mc_may_pull(skb, len)) 952 return -EINVAL; 953 954 /* We treat this as an IGMPv2 report for now. */ 955 switch (type) { 956 case IGMPV3_MODE_IS_INCLUDE: 957 case IGMPV3_MODE_IS_EXCLUDE: 958 case IGMPV3_CHANGE_TO_INCLUDE: 959 case IGMPV3_CHANGE_TO_EXCLUDE: 960 case IGMPV3_ALLOW_NEW_SOURCES: 961 case IGMPV3_BLOCK_OLD_SOURCES: 962 break; 963 964 default: 965 continue; 966 } 967 968 src = eth_hdr(skb)->h_source; 969 if ((type == IGMPV3_CHANGE_TO_INCLUDE || 970 type == IGMPV3_MODE_IS_INCLUDE) && 971 ntohs(grec->grec_nsrcs) == 0) { 972 br_ip4_multicast_leave_group(br, port, group, vid, src); 973 } else { 974 err = br_ip4_multicast_add_group(br, port, group, vid, 975 src); 976 if (err) 977 break; 978 } 979 } 980 981 return err; 982 } 983 984 #if IS_ENABLED(CONFIG_IPV6) 985 static int br_ip6_multicast_mld2_report(struct net_bridge *br, 986 struct net_bridge_port *port, 987 struct sk_buff *skb, 988 u16 vid) 989 { 990 unsigned int nsrcs_offset; 991 const unsigned char *src; 992 struct icmp6hdr *icmp6h; 993 struct mld2_grec *grec; 994 unsigned int grec_len; 995 int i; 996 int len; 997 int num; 998 int err = 0; 999 1000 if (!ipv6_mc_may_pull(skb, sizeof(*icmp6h))) 1001 return -EINVAL; 1002 1003 icmp6h = icmp6_hdr(skb); 1004 num = ntohs(icmp6h->icmp6_dataun.un_data16[1]); 1005 len = skb_transport_offset(skb) + sizeof(*icmp6h); 1006 1007 for (i = 0; i < num; i++) { 1008 __be16 *nsrcs, _nsrcs; 1009 1010 nsrcs_offset = len + offsetof(struct mld2_grec, grec_nsrcs); 1011 1012 if (skb_transport_offset(skb) + ipv6_transport_len(skb) < 1013 nsrcs_offset + sizeof(_nsrcs)) 1014 return -EINVAL; 1015 1016 nsrcs = skb_header_pointer(skb, nsrcs_offset, 1017 sizeof(_nsrcs), &_nsrcs); 1018 if (!nsrcs) 1019 return -EINVAL; 1020 1021 grec_len = struct_size(grec, grec_src, ntohs(*nsrcs)); 1022 1023 if (!ipv6_mc_may_pull(skb, len + grec_len)) 1024 return -EINVAL; 1025 1026 grec = (struct mld2_grec *)(skb->data + len); 1027 len += grec_len; 1028 1029 /* We treat these as MLDv1 reports for now. */ 1030 switch (grec->grec_type) { 1031 case MLD2_MODE_IS_INCLUDE: 1032 case MLD2_MODE_IS_EXCLUDE: 1033 case MLD2_CHANGE_TO_INCLUDE: 1034 case MLD2_CHANGE_TO_EXCLUDE: 1035 case MLD2_ALLOW_NEW_SOURCES: 1036 case MLD2_BLOCK_OLD_SOURCES: 1037 break; 1038 1039 default: 1040 continue; 1041 } 1042 1043 src = eth_hdr(skb)->h_source; 1044 if ((grec->grec_type == MLD2_CHANGE_TO_INCLUDE || 1045 grec->grec_type == MLD2_MODE_IS_INCLUDE) && 1046 ntohs(*nsrcs) == 0) { 1047 br_ip6_multicast_leave_group(br, port, &grec->grec_mca, 1048 vid, src); 1049 } else { 1050 err = br_ip6_multicast_add_group(br, port, 1051 &grec->grec_mca, vid, 1052 src); 1053 if (err) 1054 break; 1055 } 1056 } 1057 1058 return err; 1059 } 1060 #endif 1061 1062 static bool br_ip4_multicast_select_querier(struct net_bridge *br, 1063 struct net_bridge_port *port, 1064 __be32 saddr) 1065 { 1066 if (!timer_pending(&br->ip4_own_query.timer) && 1067 !timer_pending(&br->ip4_other_query.timer)) 1068 goto update; 1069 1070 if (!br->ip4_querier.addr.u.ip4) 1071 goto update; 1072 1073 if (ntohl(saddr) <= ntohl(br->ip4_querier.addr.u.ip4)) 1074 goto update; 1075 1076 return false; 1077 1078 update: 1079 br->ip4_querier.addr.u.ip4 = saddr; 1080 1081 /* update protected by general multicast_lock by caller */ 1082 rcu_assign_pointer(br->ip4_querier.port, port); 1083 1084 return true; 1085 } 1086 1087 #if IS_ENABLED(CONFIG_IPV6) 1088 static bool br_ip6_multicast_select_querier(struct net_bridge *br, 1089 struct net_bridge_port *port, 1090 struct in6_addr *saddr) 1091 { 1092 if (!timer_pending(&br->ip6_own_query.timer) && 1093 !timer_pending(&br->ip6_other_query.timer)) 1094 goto update; 1095 1096 if (ipv6_addr_cmp(saddr, &br->ip6_querier.addr.u.ip6) <= 0) 1097 goto update; 1098 1099 return false; 1100 1101 update: 1102 br->ip6_querier.addr.u.ip6 = *saddr; 1103 1104 /* update protected by general multicast_lock by caller */ 1105 rcu_assign_pointer(br->ip6_querier.port, port); 1106 1107 return true; 1108 } 1109 #endif 1110 1111 static bool br_multicast_select_querier(struct net_bridge *br, 1112 struct net_bridge_port *port, 1113 struct br_ip *saddr) 1114 { 1115 switch (saddr->proto) { 1116 case htons(ETH_P_IP): 1117 return br_ip4_multicast_select_querier(br, port, saddr->u.ip4); 1118 #if IS_ENABLED(CONFIG_IPV6) 1119 case htons(ETH_P_IPV6): 1120 return br_ip6_multicast_select_querier(br, port, &saddr->u.ip6); 1121 #endif 1122 } 1123 1124 return false; 1125 } 1126 1127 static void 1128 br_multicast_update_query_timer(struct net_bridge *br, 1129 struct bridge_mcast_other_query *query, 1130 unsigned long max_delay) 1131 { 1132 if (!timer_pending(&query->timer)) 1133 query->delay_time = jiffies + max_delay; 1134 1135 mod_timer(&query->timer, jiffies + br->multicast_querier_interval); 1136 } 1137 1138 static void br_port_mc_router_state_change(struct net_bridge_port *p, 1139 bool is_mc_router) 1140 { 1141 struct switchdev_attr attr = { 1142 .orig_dev = p->dev, 1143 .id = SWITCHDEV_ATTR_ID_PORT_MROUTER, 1144 .flags = SWITCHDEV_F_DEFER, 1145 .u.mrouter = is_mc_router, 1146 }; 1147 1148 switchdev_port_attr_set(p->dev, &attr); 1149 } 1150 1151 /* 1152 * Add port to router_list 1153 * list is maintained ordered by pointer value 1154 * and locked by br->multicast_lock and RCU 1155 */ 1156 static void br_multicast_add_router(struct net_bridge *br, 1157 struct net_bridge_port *port) 1158 { 1159 struct net_bridge_port *p; 1160 struct hlist_node *slot = NULL; 1161 1162 if (!hlist_unhashed(&port->rlist)) 1163 return; 1164 1165 hlist_for_each_entry(p, &br->router_list, rlist) { 1166 if ((unsigned long) port >= (unsigned long) p) 1167 break; 1168 slot = &p->rlist; 1169 } 1170 1171 if (slot) 1172 hlist_add_behind_rcu(&port->rlist, slot); 1173 else 1174 hlist_add_head_rcu(&port->rlist, &br->router_list); 1175 br_rtr_notify(br->dev, port, RTM_NEWMDB); 1176 br_port_mc_router_state_change(port, true); 1177 } 1178 1179 static void br_multicast_mark_router(struct net_bridge *br, 1180 struct net_bridge_port *port) 1181 { 1182 unsigned long now = jiffies; 1183 1184 if (!port) { 1185 if (br->multicast_router == MDB_RTR_TYPE_TEMP_QUERY) { 1186 if (!timer_pending(&br->multicast_router_timer)) 1187 br_mc_router_state_change(br, true); 1188 mod_timer(&br->multicast_router_timer, 1189 now + br->multicast_querier_interval); 1190 } 1191 return; 1192 } 1193 1194 if (port->multicast_router == MDB_RTR_TYPE_DISABLED || 1195 port->multicast_router == MDB_RTR_TYPE_PERM) 1196 return; 1197 1198 br_multicast_add_router(br, port); 1199 1200 mod_timer(&port->multicast_router_timer, 1201 now + br->multicast_querier_interval); 1202 } 1203 1204 static void br_multicast_query_received(struct net_bridge *br, 1205 struct net_bridge_port *port, 1206 struct bridge_mcast_other_query *query, 1207 struct br_ip *saddr, 1208 unsigned long max_delay) 1209 { 1210 if (!br_multicast_select_querier(br, port, saddr)) 1211 return; 1212 1213 br_multicast_update_query_timer(br, query, max_delay); 1214 1215 /* Based on RFC4541, section 2.1.1 IGMP Forwarding Rules, 1216 * the arrival port for IGMP Queries where the source address 1217 * is 0.0.0.0 should not be added to router port list. 1218 */ 1219 if ((saddr->proto == htons(ETH_P_IP) && saddr->u.ip4) || 1220 saddr->proto == htons(ETH_P_IPV6)) 1221 br_multicast_mark_router(br, port); 1222 } 1223 1224 static void br_ip4_multicast_query(struct net_bridge *br, 1225 struct net_bridge_port *port, 1226 struct sk_buff *skb, 1227 u16 vid) 1228 { 1229 unsigned int transport_len = ip_transport_len(skb); 1230 const struct iphdr *iph = ip_hdr(skb); 1231 struct igmphdr *ih = igmp_hdr(skb); 1232 struct net_bridge_mdb_entry *mp; 1233 struct igmpv3_query *ih3; 1234 struct net_bridge_port_group *p; 1235 struct net_bridge_port_group __rcu **pp; 1236 struct br_ip saddr; 1237 unsigned long max_delay; 1238 unsigned long now = jiffies; 1239 __be32 group; 1240 1241 spin_lock(&br->multicast_lock); 1242 if (!netif_running(br->dev) || 1243 (port && port->state == BR_STATE_DISABLED)) 1244 goto out; 1245 1246 group = ih->group; 1247 1248 if (transport_len == sizeof(*ih)) { 1249 max_delay = ih->code * (HZ / IGMP_TIMER_SCALE); 1250 1251 if (!max_delay) { 1252 max_delay = 10 * HZ; 1253 group = 0; 1254 } 1255 } else if (transport_len >= sizeof(*ih3)) { 1256 ih3 = igmpv3_query_hdr(skb); 1257 if (ih3->nsrcs) 1258 goto out; 1259 1260 max_delay = ih3->code ? 1261 IGMPV3_MRC(ih3->code) * (HZ / IGMP_TIMER_SCALE) : 1; 1262 } else { 1263 goto out; 1264 } 1265 1266 if (!group) { 1267 saddr.proto = htons(ETH_P_IP); 1268 saddr.u.ip4 = iph->saddr; 1269 1270 br_multicast_query_received(br, port, &br->ip4_other_query, 1271 &saddr, max_delay); 1272 goto out; 1273 } 1274 1275 mp = br_mdb_ip4_get(br, group, vid); 1276 if (!mp) 1277 goto out; 1278 1279 max_delay *= br->multicast_last_member_count; 1280 1281 if (mp->host_joined && 1282 (timer_pending(&mp->timer) ? 1283 time_after(mp->timer.expires, now + max_delay) : 1284 try_to_del_timer_sync(&mp->timer) >= 0)) 1285 mod_timer(&mp->timer, now + max_delay); 1286 1287 for (pp = &mp->ports; 1288 (p = mlock_dereference(*pp, br)) != NULL; 1289 pp = &p->next) { 1290 if (timer_pending(&p->timer) ? 1291 time_after(p->timer.expires, now + max_delay) : 1292 try_to_del_timer_sync(&p->timer) >= 0) 1293 mod_timer(&p->timer, now + max_delay); 1294 } 1295 1296 out: 1297 spin_unlock(&br->multicast_lock); 1298 } 1299 1300 #if IS_ENABLED(CONFIG_IPV6) 1301 static int br_ip6_multicast_query(struct net_bridge *br, 1302 struct net_bridge_port *port, 1303 struct sk_buff *skb, 1304 u16 vid) 1305 { 1306 unsigned int transport_len = ipv6_transport_len(skb); 1307 const struct ipv6hdr *ip6h = ipv6_hdr(skb); 1308 struct mld_msg *mld; 1309 struct net_bridge_mdb_entry *mp; 1310 struct mld2_query *mld2q; 1311 struct net_bridge_port_group *p; 1312 struct net_bridge_port_group __rcu **pp; 1313 struct br_ip saddr; 1314 unsigned long max_delay; 1315 unsigned long now = jiffies; 1316 unsigned int offset = skb_transport_offset(skb); 1317 const struct in6_addr *group = NULL; 1318 bool is_general_query; 1319 int err = 0; 1320 1321 spin_lock(&br->multicast_lock); 1322 if (!netif_running(br->dev) || 1323 (port && port->state == BR_STATE_DISABLED)) 1324 goto out; 1325 1326 if (transport_len == sizeof(*mld)) { 1327 if (!pskb_may_pull(skb, offset + sizeof(*mld))) { 1328 err = -EINVAL; 1329 goto out; 1330 } 1331 mld = (struct mld_msg *) icmp6_hdr(skb); 1332 max_delay = msecs_to_jiffies(ntohs(mld->mld_maxdelay)); 1333 if (max_delay) 1334 group = &mld->mld_mca; 1335 } else { 1336 if (!pskb_may_pull(skb, offset + sizeof(*mld2q))) { 1337 err = -EINVAL; 1338 goto out; 1339 } 1340 mld2q = (struct mld2_query *)icmp6_hdr(skb); 1341 if (!mld2q->mld2q_nsrcs) 1342 group = &mld2q->mld2q_mca; 1343 1344 max_delay = max(msecs_to_jiffies(mldv2_mrc(mld2q)), 1UL); 1345 } 1346 1347 is_general_query = group && ipv6_addr_any(group); 1348 1349 if (is_general_query) { 1350 saddr.proto = htons(ETH_P_IPV6); 1351 saddr.u.ip6 = ip6h->saddr; 1352 1353 br_multicast_query_received(br, port, &br->ip6_other_query, 1354 &saddr, max_delay); 1355 goto out; 1356 } else if (!group) { 1357 goto out; 1358 } 1359 1360 mp = br_mdb_ip6_get(br, group, vid); 1361 if (!mp) 1362 goto out; 1363 1364 max_delay *= br->multicast_last_member_count; 1365 if (mp->host_joined && 1366 (timer_pending(&mp->timer) ? 1367 time_after(mp->timer.expires, now + max_delay) : 1368 try_to_del_timer_sync(&mp->timer) >= 0)) 1369 mod_timer(&mp->timer, now + max_delay); 1370 1371 for (pp = &mp->ports; 1372 (p = mlock_dereference(*pp, br)) != NULL; 1373 pp = &p->next) { 1374 if (timer_pending(&p->timer) ? 1375 time_after(p->timer.expires, now + max_delay) : 1376 try_to_del_timer_sync(&p->timer) >= 0) 1377 mod_timer(&p->timer, now + max_delay); 1378 } 1379 1380 out: 1381 spin_unlock(&br->multicast_lock); 1382 return err; 1383 } 1384 #endif 1385 1386 static void 1387 br_multicast_leave_group(struct net_bridge *br, 1388 struct net_bridge_port *port, 1389 struct br_ip *group, 1390 struct bridge_mcast_other_query *other_query, 1391 struct bridge_mcast_own_query *own_query, 1392 const unsigned char *src) 1393 { 1394 struct net_bridge_mdb_entry *mp; 1395 struct net_bridge_port_group *p; 1396 unsigned long now; 1397 unsigned long time; 1398 1399 spin_lock(&br->multicast_lock); 1400 if (!netif_running(br->dev) || 1401 (port && port->state == BR_STATE_DISABLED)) 1402 goto out; 1403 1404 mp = br_mdb_ip_get(br, group); 1405 if (!mp) 1406 goto out; 1407 1408 if (port && (port->flags & BR_MULTICAST_FAST_LEAVE)) { 1409 struct net_bridge_port_group __rcu **pp; 1410 1411 for (pp = &mp->ports; 1412 (p = mlock_dereference(*pp, br)) != NULL; 1413 pp = &p->next) { 1414 if (!br_port_group_equal(p, port, src)) 1415 continue; 1416 1417 rcu_assign_pointer(*pp, p->next); 1418 hlist_del_init(&p->mglist); 1419 del_timer(&p->timer); 1420 kfree_rcu(p, rcu); 1421 br_mdb_notify(br->dev, port, group, RTM_DELMDB, 1422 p->flags); 1423 1424 if (!mp->ports && !mp->host_joined && 1425 netif_running(br->dev)) 1426 mod_timer(&mp->timer, jiffies); 1427 } 1428 goto out; 1429 } 1430 1431 if (timer_pending(&other_query->timer)) 1432 goto out; 1433 1434 if (br_opt_get(br, BROPT_MULTICAST_QUERIER)) { 1435 __br_multicast_send_query(br, port, &mp->addr); 1436 1437 time = jiffies + br->multicast_last_member_count * 1438 br->multicast_last_member_interval; 1439 1440 mod_timer(&own_query->timer, time); 1441 1442 for (p = mlock_dereference(mp->ports, br); 1443 p != NULL; 1444 p = mlock_dereference(p->next, br)) { 1445 if (!br_port_group_equal(p, port, src)) 1446 continue; 1447 1448 if (!hlist_unhashed(&p->mglist) && 1449 (timer_pending(&p->timer) ? 1450 time_after(p->timer.expires, time) : 1451 try_to_del_timer_sync(&p->timer) >= 0)) { 1452 mod_timer(&p->timer, time); 1453 } 1454 1455 break; 1456 } 1457 } 1458 1459 now = jiffies; 1460 time = now + br->multicast_last_member_count * 1461 br->multicast_last_member_interval; 1462 1463 if (!port) { 1464 if (mp->host_joined && 1465 (timer_pending(&mp->timer) ? 1466 time_after(mp->timer.expires, time) : 1467 try_to_del_timer_sync(&mp->timer) >= 0)) { 1468 mod_timer(&mp->timer, time); 1469 } 1470 1471 goto out; 1472 } 1473 1474 for (p = mlock_dereference(mp->ports, br); 1475 p != NULL; 1476 p = mlock_dereference(p->next, br)) { 1477 if (p->port != port) 1478 continue; 1479 1480 if (!hlist_unhashed(&p->mglist) && 1481 (timer_pending(&p->timer) ? 1482 time_after(p->timer.expires, time) : 1483 try_to_del_timer_sync(&p->timer) >= 0)) { 1484 mod_timer(&p->timer, time); 1485 } 1486 1487 break; 1488 } 1489 out: 1490 spin_unlock(&br->multicast_lock); 1491 } 1492 1493 static void br_ip4_multicast_leave_group(struct net_bridge *br, 1494 struct net_bridge_port *port, 1495 __be32 group, 1496 __u16 vid, 1497 const unsigned char *src) 1498 { 1499 struct br_ip br_group; 1500 struct bridge_mcast_own_query *own_query; 1501 1502 if (ipv4_is_local_multicast(group)) 1503 return; 1504 1505 own_query = port ? &port->ip4_own_query : &br->ip4_own_query; 1506 1507 br_group.u.ip4 = group; 1508 br_group.proto = htons(ETH_P_IP); 1509 br_group.vid = vid; 1510 1511 br_multicast_leave_group(br, port, &br_group, &br->ip4_other_query, 1512 own_query, src); 1513 } 1514 1515 #if IS_ENABLED(CONFIG_IPV6) 1516 static void br_ip6_multicast_leave_group(struct net_bridge *br, 1517 struct net_bridge_port *port, 1518 const struct in6_addr *group, 1519 __u16 vid, 1520 const unsigned char *src) 1521 { 1522 struct br_ip br_group; 1523 struct bridge_mcast_own_query *own_query; 1524 1525 if (ipv6_addr_is_ll_all_nodes(group)) 1526 return; 1527 1528 own_query = port ? &port->ip6_own_query : &br->ip6_own_query; 1529 1530 br_group.u.ip6 = *group; 1531 br_group.proto = htons(ETH_P_IPV6); 1532 br_group.vid = vid; 1533 1534 br_multicast_leave_group(br, port, &br_group, &br->ip6_other_query, 1535 own_query, src); 1536 } 1537 #endif 1538 1539 static void br_multicast_err_count(const struct net_bridge *br, 1540 const struct net_bridge_port *p, 1541 __be16 proto) 1542 { 1543 struct bridge_mcast_stats __percpu *stats; 1544 struct bridge_mcast_stats *pstats; 1545 1546 if (!br_opt_get(br, BROPT_MULTICAST_STATS_ENABLED)) 1547 return; 1548 1549 if (p) 1550 stats = p->mcast_stats; 1551 else 1552 stats = br->mcast_stats; 1553 if (WARN_ON(!stats)) 1554 return; 1555 1556 pstats = this_cpu_ptr(stats); 1557 1558 u64_stats_update_begin(&pstats->syncp); 1559 switch (proto) { 1560 case htons(ETH_P_IP): 1561 pstats->mstats.igmp_parse_errors++; 1562 break; 1563 #if IS_ENABLED(CONFIG_IPV6) 1564 case htons(ETH_P_IPV6): 1565 pstats->mstats.mld_parse_errors++; 1566 break; 1567 #endif 1568 } 1569 u64_stats_update_end(&pstats->syncp); 1570 } 1571 1572 static void br_multicast_pim(struct net_bridge *br, 1573 struct net_bridge_port *port, 1574 const struct sk_buff *skb) 1575 { 1576 unsigned int offset = skb_transport_offset(skb); 1577 struct pimhdr *pimhdr, _pimhdr; 1578 1579 pimhdr = skb_header_pointer(skb, offset, sizeof(_pimhdr), &_pimhdr); 1580 if (!pimhdr || pim_hdr_version(pimhdr) != PIM_VERSION || 1581 pim_hdr_type(pimhdr) != PIM_TYPE_HELLO) 1582 return; 1583 1584 br_multicast_mark_router(br, port); 1585 } 1586 1587 static int br_ip4_multicast_mrd_rcv(struct net_bridge *br, 1588 struct net_bridge_port *port, 1589 struct sk_buff *skb) 1590 { 1591 if (ip_hdr(skb)->protocol != IPPROTO_IGMP || 1592 igmp_hdr(skb)->type != IGMP_MRDISC_ADV) 1593 return -ENOMSG; 1594 1595 br_multicast_mark_router(br, port); 1596 1597 return 0; 1598 } 1599 1600 static int br_multicast_ipv4_rcv(struct net_bridge *br, 1601 struct net_bridge_port *port, 1602 struct sk_buff *skb, 1603 u16 vid) 1604 { 1605 const unsigned char *src; 1606 struct igmphdr *ih; 1607 int err; 1608 1609 err = ip_mc_check_igmp(skb); 1610 1611 if (err == -ENOMSG) { 1612 if (!ipv4_is_local_multicast(ip_hdr(skb)->daddr)) { 1613 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 1614 } else if (pim_ipv4_all_pim_routers(ip_hdr(skb)->daddr)) { 1615 if (ip_hdr(skb)->protocol == IPPROTO_PIM) 1616 br_multicast_pim(br, port, skb); 1617 } else if (ipv4_is_all_snoopers(ip_hdr(skb)->daddr)) { 1618 err = br_ip4_multicast_mrd_rcv(br, port, skb); 1619 1620 if (err < 0 && err != -ENOMSG) { 1621 br_multicast_err_count(br, port, skb->protocol); 1622 return err; 1623 } 1624 } 1625 1626 return 0; 1627 } else if (err < 0) { 1628 br_multicast_err_count(br, port, skb->protocol); 1629 return err; 1630 } 1631 1632 ih = igmp_hdr(skb); 1633 src = eth_hdr(skb)->h_source; 1634 BR_INPUT_SKB_CB(skb)->igmp = ih->type; 1635 1636 switch (ih->type) { 1637 case IGMP_HOST_MEMBERSHIP_REPORT: 1638 case IGMPV2_HOST_MEMBERSHIP_REPORT: 1639 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 1640 err = br_ip4_multicast_add_group(br, port, ih->group, vid, src); 1641 break; 1642 case IGMPV3_HOST_MEMBERSHIP_REPORT: 1643 err = br_ip4_multicast_igmp3_report(br, port, skb, vid); 1644 break; 1645 case IGMP_HOST_MEMBERSHIP_QUERY: 1646 br_ip4_multicast_query(br, port, skb, vid); 1647 break; 1648 case IGMP_HOST_LEAVE_MESSAGE: 1649 br_ip4_multicast_leave_group(br, port, ih->group, vid, src); 1650 break; 1651 } 1652 1653 br_multicast_count(br, port, skb, BR_INPUT_SKB_CB(skb)->igmp, 1654 BR_MCAST_DIR_RX); 1655 1656 return err; 1657 } 1658 1659 #if IS_ENABLED(CONFIG_IPV6) 1660 static int br_ip6_multicast_mrd_rcv(struct net_bridge *br, 1661 struct net_bridge_port *port, 1662 struct sk_buff *skb) 1663 { 1664 int ret; 1665 1666 if (ipv6_hdr(skb)->nexthdr != IPPROTO_ICMPV6) 1667 return -ENOMSG; 1668 1669 ret = ipv6_mc_check_icmpv6(skb); 1670 if (ret < 0) 1671 return ret; 1672 1673 if (icmp6_hdr(skb)->icmp6_type != ICMPV6_MRDISC_ADV) 1674 return -ENOMSG; 1675 1676 br_multicast_mark_router(br, port); 1677 1678 return 0; 1679 } 1680 1681 static int br_multicast_ipv6_rcv(struct net_bridge *br, 1682 struct net_bridge_port *port, 1683 struct sk_buff *skb, 1684 u16 vid) 1685 { 1686 const unsigned char *src; 1687 struct mld_msg *mld; 1688 int err; 1689 1690 err = ipv6_mc_check_mld(skb); 1691 1692 if (err == -ENOMSG) { 1693 if (!ipv6_addr_is_ll_all_nodes(&ipv6_hdr(skb)->daddr)) 1694 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 1695 1696 if (ipv6_addr_is_all_snoopers(&ipv6_hdr(skb)->daddr)) { 1697 err = br_ip6_multicast_mrd_rcv(br, port, skb); 1698 1699 if (err < 0 && err != -ENOMSG) { 1700 br_multicast_err_count(br, port, skb->protocol); 1701 return err; 1702 } 1703 } 1704 1705 return 0; 1706 } else if (err < 0) { 1707 br_multicast_err_count(br, port, skb->protocol); 1708 return err; 1709 } 1710 1711 mld = (struct mld_msg *)skb_transport_header(skb); 1712 BR_INPUT_SKB_CB(skb)->igmp = mld->mld_type; 1713 1714 switch (mld->mld_type) { 1715 case ICMPV6_MGM_REPORT: 1716 src = eth_hdr(skb)->h_source; 1717 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 1718 err = br_ip6_multicast_add_group(br, port, &mld->mld_mca, vid, 1719 src); 1720 break; 1721 case ICMPV6_MLD2_REPORT: 1722 err = br_ip6_multicast_mld2_report(br, port, skb, vid); 1723 break; 1724 case ICMPV6_MGM_QUERY: 1725 err = br_ip6_multicast_query(br, port, skb, vid); 1726 break; 1727 case ICMPV6_MGM_REDUCTION: 1728 src = eth_hdr(skb)->h_source; 1729 br_ip6_multicast_leave_group(br, port, &mld->mld_mca, vid, src); 1730 break; 1731 } 1732 1733 br_multicast_count(br, port, skb, BR_INPUT_SKB_CB(skb)->igmp, 1734 BR_MCAST_DIR_RX); 1735 1736 return err; 1737 } 1738 #endif 1739 1740 int br_multicast_rcv(struct net_bridge *br, struct net_bridge_port *port, 1741 struct sk_buff *skb, u16 vid) 1742 { 1743 int ret = 0; 1744 1745 BR_INPUT_SKB_CB(skb)->igmp = 0; 1746 BR_INPUT_SKB_CB(skb)->mrouters_only = 0; 1747 1748 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED)) 1749 return 0; 1750 1751 switch (skb->protocol) { 1752 case htons(ETH_P_IP): 1753 ret = br_multicast_ipv4_rcv(br, port, skb, vid); 1754 break; 1755 #if IS_ENABLED(CONFIG_IPV6) 1756 case htons(ETH_P_IPV6): 1757 ret = br_multicast_ipv6_rcv(br, port, skb, vid); 1758 break; 1759 #endif 1760 } 1761 1762 return ret; 1763 } 1764 1765 static void br_multicast_query_expired(struct net_bridge *br, 1766 struct bridge_mcast_own_query *query, 1767 struct bridge_mcast_querier *querier) 1768 { 1769 spin_lock(&br->multicast_lock); 1770 if (query->startup_sent < br->multicast_startup_query_count) 1771 query->startup_sent++; 1772 1773 RCU_INIT_POINTER(querier->port, NULL); 1774 br_multicast_send_query(br, NULL, query); 1775 spin_unlock(&br->multicast_lock); 1776 } 1777 1778 static void br_ip4_multicast_query_expired(struct timer_list *t) 1779 { 1780 struct net_bridge *br = from_timer(br, t, ip4_own_query.timer); 1781 1782 br_multicast_query_expired(br, &br->ip4_own_query, &br->ip4_querier); 1783 } 1784 1785 #if IS_ENABLED(CONFIG_IPV6) 1786 static void br_ip6_multicast_query_expired(struct timer_list *t) 1787 { 1788 struct net_bridge *br = from_timer(br, t, ip6_own_query.timer); 1789 1790 br_multicast_query_expired(br, &br->ip6_own_query, &br->ip6_querier); 1791 } 1792 #endif 1793 1794 void br_multicast_init(struct net_bridge *br) 1795 { 1796 br->hash_max = BR_MULTICAST_DEFAULT_HASH_MAX; 1797 1798 br->multicast_router = MDB_RTR_TYPE_TEMP_QUERY; 1799 br->multicast_last_member_count = 2; 1800 br->multicast_startup_query_count = 2; 1801 1802 br->multicast_last_member_interval = HZ; 1803 br->multicast_query_response_interval = 10 * HZ; 1804 br->multicast_startup_query_interval = 125 * HZ / 4; 1805 br->multicast_query_interval = 125 * HZ; 1806 br->multicast_querier_interval = 255 * HZ; 1807 br->multicast_membership_interval = 260 * HZ; 1808 1809 br->ip4_other_query.delay_time = 0; 1810 br->ip4_querier.port = NULL; 1811 br->multicast_igmp_version = 2; 1812 #if IS_ENABLED(CONFIG_IPV6) 1813 br->multicast_mld_version = 1; 1814 br->ip6_other_query.delay_time = 0; 1815 br->ip6_querier.port = NULL; 1816 #endif 1817 br_opt_toggle(br, BROPT_MULTICAST_ENABLED, true); 1818 br_opt_toggle(br, BROPT_HAS_IPV6_ADDR, true); 1819 1820 spin_lock_init(&br->multicast_lock); 1821 timer_setup(&br->multicast_router_timer, 1822 br_multicast_local_router_expired, 0); 1823 timer_setup(&br->ip4_other_query.timer, 1824 br_ip4_multicast_querier_expired, 0); 1825 timer_setup(&br->ip4_own_query.timer, 1826 br_ip4_multicast_query_expired, 0); 1827 #if IS_ENABLED(CONFIG_IPV6) 1828 timer_setup(&br->ip6_other_query.timer, 1829 br_ip6_multicast_querier_expired, 0); 1830 timer_setup(&br->ip6_own_query.timer, 1831 br_ip6_multicast_query_expired, 0); 1832 #endif 1833 INIT_HLIST_HEAD(&br->mdb_list); 1834 } 1835 1836 static void br_ip4_multicast_join_snoopers(struct net_bridge *br) 1837 { 1838 struct in_device *in_dev = in_dev_get(br->dev); 1839 1840 if (!in_dev) 1841 return; 1842 1843 __ip_mc_inc_group(in_dev, htonl(INADDR_ALLSNOOPERS_GROUP), GFP_ATOMIC); 1844 in_dev_put(in_dev); 1845 } 1846 1847 #if IS_ENABLED(CONFIG_IPV6) 1848 static void br_ip6_multicast_join_snoopers(struct net_bridge *br) 1849 { 1850 struct in6_addr addr; 1851 1852 ipv6_addr_set(&addr, htonl(0xff020000), 0, 0, htonl(0x6a)); 1853 ipv6_dev_mc_inc(br->dev, &addr); 1854 } 1855 #else 1856 static inline void br_ip6_multicast_join_snoopers(struct net_bridge *br) 1857 { 1858 } 1859 #endif 1860 1861 static void br_multicast_join_snoopers(struct net_bridge *br) 1862 { 1863 br_ip4_multicast_join_snoopers(br); 1864 br_ip6_multicast_join_snoopers(br); 1865 } 1866 1867 static void br_ip4_multicast_leave_snoopers(struct net_bridge *br) 1868 { 1869 struct in_device *in_dev = in_dev_get(br->dev); 1870 1871 if (WARN_ON(!in_dev)) 1872 return; 1873 1874 __ip_mc_dec_group(in_dev, htonl(INADDR_ALLSNOOPERS_GROUP), GFP_ATOMIC); 1875 in_dev_put(in_dev); 1876 } 1877 1878 #if IS_ENABLED(CONFIG_IPV6) 1879 static void br_ip6_multicast_leave_snoopers(struct net_bridge *br) 1880 { 1881 struct in6_addr addr; 1882 1883 ipv6_addr_set(&addr, htonl(0xff020000), 0, 0, htonl(0x6a)); 1884 ipv6_dev_mc_dec(br->dev, &addr); 1885 } 1886 #else 1887 static inline void br_ip6_multicast_leave_snoopers(struct net_bridge *br) 1888 { 1889 } 1890 #endif 1891 1892 static void br_multicast_leave_snoopers(struct net_bridge *br) 1893 { 1894 br_ip4_multicast_leave_snoopers(br); 1895 br_ip6_multicast_leave_snoopers(br); 1896 } 1897 1898 static void __br_multicast_open(struct net_bridge *br, 1899 struct bridge_mcast_own_query *query) 1900 { 1901 query->startup_sent = 0; 1902 1903 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED)) 1904 return; 1905 1906 mod_timer(&query->timer, jiffies); 1907 } 1908 1909 void br_multicast_open(struct net_bridge *br) 1910 { 1911 if (br_opt_get(br, BROPT_MULTICAST_ENABLED)) 1912 br_multicast_join_snoopers(br); 1913 1914 __br_multicast_open(br, &br->ip4_own_query); 1915 #if IS_ENABLED(CONFIG_IPV6) 1916 __br_multicast_open(br, &br->ip6_own_query); 1917 #endif 1918 } 1919 1920 void br_multicast_stop(struct net_bridge *br) 1921 { 1922 del_timer_sync(&br->multicast_router_timer); 1923 del_timer_sync(&br->ip4_other_query.timer); 1924 del_timer_sync(&br->ip4_own_query.timer); 1925 #if IS_ENABLED(CONFIG_IPV6) 1926 del_timer_sync(&br->ip6_other_query.timer); 1927 del_timer_sync(&br->ip6_own_query.timer); 1928 #endif 1929 1930 if (br_opt_get(br, BROPT_MULTICAST_ENABLED)) 1931 br_multicast_leave_snoopers(br); 1932 } 1933 1934 void br_multicast_dev_del(struct net_bridge *br) 1935 { 1936 struct net_bridge_mdb_entry *mp; 1937 struct hlist_node *tmp; 1938 1939 spin_lock_bh(&br->multicast_lock); 1940 hlist_for_each_entry_safe(mp, tmp, &br->mdb_list, mdb_node) { 1941 del_timer(&mp->timer); 1942 rhashtable_remove_fast(&br->mdb_hash_tbl, &mp->rhnode, 1943 br_mdb_rht_params); 1944 hlist_del_rcu(&mp->mdb_node); 1945 kfree_rcu(mp, rcu); 1946 } 1947 spin_unlock_bh(&br->multicast_lock); 1948 1949 rcu_barrier(); 1950 } 1951 1952 int br_multicast_set_router(struct net_bridge *br, unsigned long val) 1953 { 1954 int err = -EINVAL; 1955 1956 spin_lock_bh(&br->multicast_lock); 1957 1958 switch (val) { 1959 case MDB_RTR_TYPE_DISABLED: 1960 case MDB_RTR_TYPE_PERM: 1961 br_mc_router_state_change(br, val == MDB_RTR_TYPE_PERM); 1962 del_timer(&br->multicast_router_timer); 1963 br->multicast_router = val; 1964 err = 0; 1965 break; 1966 case MDB_RTR_TYPE_TEMP_QUERY: 1967 if (br->multicast_router != MDB_RTR_TYPE_TEMP_QUERY) 1968 br_mc_router_state_change(br, false); 1969 br->multicast_router = val; 1970 err = 0; 1971 break; 1972 } 1973 1974 spin_unlock_bh(&br->multicast_lock); 1975 1976 return err; 1977 } 1978 1979 static void __del_port_router(struct net_bridge_port *p) 1980 { 1981 if (hlist_unhashed(&p->rlist)) 1982 return; 1983 hlist_del_init_rcu(&p->rlist); 1984 br_rtr_notify(p->br->dev, p, RTM_DELMDB); 1985 br_port_mc_router_state_change(p, false); 1986 1987 /* don't allow timer refresh */ 1988 if (p->multicast_router == MDB_RTR_TYPE_TEMP) 1989 p->multicast_router = MDB_RTR_TYPE_TEMP_QUERY; 1990 } 1991 1992 int br_multicast_set_port_router(struct net_bridge_port *p, unsigned long val) 1993 { 1994 struct net_bridge *br = p->br; 1995 unsigned long now = jiffies; 1996 int err = -EINVAL; 1997 1998 spin_lock(&br->multicast_lock); 1999 if (p->multicast_router == val) { 2000 /* Refresh the temp router port timer */ 2001 if (p->multicast_router == MDB_RTR_TYPE_TEMP) 2002 mod_timer(&p->multicast_router_timer, 2003 now + br->multicast_querier_interval); 2004 err = 0; 2005 goto unlock; 2006 } 2007 switch (val) { 2008 case MDB_RTR_TYPE_DISABLED: 2009 p->multicast_router = MDB_RTR_TYPE_DISABLED; 2010 __del_port_router(p); 2011 del_timer(&p->multicast_router_timer); 2012 break; 2013 case MDB_RTR_TYPE_TEMP_QUERY: 2014 p->multicast_router = MDB_RTR_TYPE_TEMP_QUERY; 2015 __del_port_router(p); 2016 break; 2017 case MDB_RTR_TYPE_PERM: 2018 p->multicast_router = MDB_RTR_TYPE_PERM; 2019 del_timer(&p->multicast_router_timer); 2020 br_multicast_add_router(br, p); 2021 break; 2022 case MDB_RTR_TYPE_TEMP: 2023 p->multicast_router = MDB_RTR_TYPE_TEMP; 2024 br_multicast_mark_router(br, p); 2025 break; 2026 default: 2027 goto unlock; 2028 } 2029 err = 0; 2030 unlock: 2031 spin_unlock(&br->multicast_lock); 2032 2033 return err; 2034 } 2035 2036 static void br_multicast_start_querier(struct net_bridge *br, 2037 struct bridge_mcast_own_query *query) 2038 { 2039 struct net_bridge_port *port; 2040 2041 __br_multicast_open(br, query); 2042 2043 list_for_each_entry(port, &br->port_list, list) { 2044 if (port->state == BR_STATE_DISABLED || 2045 port->state == BR_STATE_BLOCKING) 2046 continue; 2047 2048 if (query == &br->ip4_own_query) 2049 br_multicast_enable(&port->ip4_own_query); 2050 #if IS_ENABLED(CONFIG_IPV6) 2051 else 2052 br_multicast_enable(&port->ip6_own_query); 2053 #endif 2054 } 2055 } 2056 2057 int br_multicast_toggle(struct net_bridge *br, unsigned long val) 2058 { 2059 struct net_bridge_port *port; 2060 2061 spin_lock_bh(&br->multicast_lock); 2062 if (!!br_opt_get(br, BROPT_MULTICAST_ENABLED) == !!val) 2063 goto unlock; 2064 2065 br_mc_disabled_update(br->dev, val); 2066 br_opt_toggle(br, BROPT_MULTICAST_ENABLED, !!val); 2067 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED)) { 2068 br_multicast_leave_snoopers(br); 2069 goto unlock; 2070 } 2071 2072 if (!netif_running(br->dev)) 2073 goto unlock; 2074 2075 br_multicast_open(br); 2076 list_for_each_entry(port, &br->port_list, list) 2077 __br_multicast_enable_port(port); 2078 2079 unlock: 2080 spin_unlock_bh(&br->multicast_lock); 2081 2082 return 0; 2083 } 2084 2085 bool br_multicast_enabled(const struct net_device *dev) 2086 { 2087 struct net_bridge *br = netdev_priv(dev); 2088 2089 return !!br_opt_get(br, BROPT_MULTICAST_ENABLED); 2090 } 2091 EXPORT_SYMBOL_GPL(br_multicast_enabled); 2092 2093 bool br_multicast_router(const struct net_device *dev) 2094 { 2095 struct net_bridge *br = netdev_priv(dev); 2096 bool is_router; 2097 2098 spin_lock_bh(&br->multicast_lock); 2099 is_router = br_multicast_is_router(br); 2100 spin_unlock_bh(&br->multicast_lock); 2101 return is_router; 2102 } 2103 EXPORT_SYMBOL_GPL(br_multicast_router); 2104 2105 int br_multicast_set_querier(struct net_bridge *br, unsigned long val) 2106 { 2107 unsigned long max_delay; 2108 2109 val = !!val; 2110 2111 spin_lock_bh(&br->multicast_lock); 2112 if (br_opt_get(br, BROPT_MULTICAST_QUERIER) == val) 2113 goto unlock; 2114 2115 br_opt_toggle(br, BROPT_MULTICAST_QUERIER, !!val); 2116 if (!val) 2117 goto unlock; 2118 2119 max_delay = br->multicast_query_response_interval; 2120 2121 if (!timer_pending(&br->ip4_other_query.timer)) 2122 br->ip4_other_query.delay_time = jiffies + max_delay; 2123 2124 br_multicast_start_querier(br, &br->ip4_own_query); 2125 2126 #if IS_ENABLED(CONFIG_IPV6) 2127 if (!timer_pending(&br->ip6_other_query.timer)) 2128 br->ip6_other_query.delay_time = jiffies + max_delay; 2129 2130 br_multicast_start_querier(br, &br->ip6_own_query); 2131 #endif 2132 2133 unlock: 2134 spin_unlock_bh(&br->multicast_lock); 2135 2136 return 0; 2137 } 2138 2139 int br_multicast_set_igmp_version(struct net_bridge *br, unsigned long val) 2140 { 2141 /* Currently we support only version 2 and 3 */ 2142 switch (val) { 2143 case 2: 2144 case 3: 2145 break; 2146 default: 2147 return -EINVAL; 2148 } 2149 2150 spin_lock_bh(&br->multicast_lock); 2151 br->multicast_igmp_version = val; 2152 spin_unlock_bh(&br->multicast_lock); 2153 2154 return 0; 2155 } 2156 2157 #if IS_ENABLED(CONFIG_IPV6) 2158 int br_multicast_set_mld_version(struct net_bridge *br, unsigned long val) 2159 { 2160 /* Currently we support version 1 and 2 */ 2161 switch (val) { 2162 case 1: 2163 case 2: 2164 break; 2165 default: 2166 return -EINVAL; 2167 } 2168 2169 spin_lock_bh(&br->multicast_lock); 2170 br->multicast_mld_version = val; 2171 spin_unlock_bh(&br->multicast_lock); 2172 2173 return 0; 2174 } 2175 #endif 2176 2177 /** 2178 * br_multicast_list_adjacent - Returns snooped multicast addresses 2179 * @dev: The bridge port adjacent to which to retrieve addresses 2180 * @br_ip_list: The list to store found, snooped multicast IP addresses in 2181 * 2182 * Creates a list of IP addresses (struct br_ip_list) sensed by the multicast 2183 * snooping feature on all bridge ports of dev's bridge device, excluding 2184 * the addresses from dev itself. 2185 * 2186 * Returns the number of items added to br_ip_list. 2187 * 2188 * Notes: 2189 * - br_ip_list needs to be initialized by caller 2190 * - br_ip_list might contain duplicates in the end 2191 * (needs to be taken care of by caller) 2192 * - br_ip_list needs to be freed by caller 2193 */ 2194 int br_multicast_list_adjacent(struct net_device *dev, 2195 struct list_head *br_ip_list) 2196 { 2197 struct net_bridge *br; 2198 struct net_bridge_port *port; 2199 struct net_bridge_port_group *group; 2200 struct br_ip_list *entry; 2201 int count = 0; 2202 2203 rcu_read_lock(); 2204 if (!br_ip_list || !br_port_exists(dev)) 2205 goto unlock; 2206 2207 port = br_port_get_rcu(dev); 2208 if (!port || !port->br) 2209 goto unlock; 2210 2211 br = port->br; 2212 2213 list_for_each_entry_rcu(port, &br->port_list, list) { 2214 if (!port->dev || port->dev == dev) 2215 continue; 2216 2217 hlist_for_each_entry_rcu(group, &port->mglist, mglist) { 2218 entry = kmalloc(sizeof(*entry), GFP_ATOMIC); 2219 if (!entry) 2220 goto unlock; 2221 2222 entry->addr = group->addr; 2223 list_add(&entry->list, br_ip_list); 2224 count++; 2225 } 2226 } 2227 2228 unlock: 2229 rcu_read_unlock(); 2230 return count; 2231 } 2232 EXPORT_SYMBOL_GPL(br_multicast_list_adjacent); 2233 2234 /** 2235 * br_multicast_has_querier_anywhere - Checks for a querier on a bridge 2236 * @dev: The bridge port providing the bridge on which to check for a querier 2237 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6 2238 * 2239 * Checks whether the given interface has a bridge on top and if so returns 2240 * true if a valid querier exists anywhere on the bridged link layer. 2241 * Otherwise returns false. 2242 */ 2243 bool br_multicast_has_querier_anywhere(struct net_device *dev, int proto) 2244 { 2245 struct net_bridge *br; 2246 struct net_bridge_port *port; 2247 struct ethhdr eth; 2248 bool ret = false; 2249 2250 rcu_read_lock(); 2251 if (!br_port_exists(dev)) 2252 goto unlock; 2253 2254 port = br_port_get_rcu(dev); 2255 if (!port || !port->br) 2256 goto unlock; 2257 2258 br = port->br; 2259 2260 memset(ð, 0, sizeof(eth)); 2261 eth.h_proto = htons(proto); 2262 2263 ret = br_multicast_querier_exists(br, ð); 2264 2265 unlock: 2266 rcu_read_unlock(); 2267 return ret; 2268 } 2269 EXPORT_SYMBOL_GPL(br_multicast_has_querier_anywhere); 2270 2271 /** 2272 * br_multicast_has_querier_adjacent - Checks for a querier behind a bridge port 2273 * @dev: The bridge port adjacent to which to check for a querier 2274 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6 2275 * 2276 * Checks whether the given interface has a bridge on top and if so returns 2277 * true if a selected querier is behind one of the other ports of this 2278 * bridge. Otherwise returns false. 2279 */ 2280 bool br_multicast_has_querier_adjacent(struct net_device *dev, int proto) 2281 { 2282 struct net_bridge *br; 2283 struct net_bridge_port *port; 2284 bool ret = false; 2285 2286 rcu_read_lock(); 2287 if (!br_port_exists(dev)) 2288 goto unlock; 2289 2290 port = br_port_get_rcu(dev); 2291 if (!port || !port->br) 2292 goto unlock; 2293 2294 br = port->br; 2295 2296 switch (proto) { 2297 case ETH_P_IP: 2298 if (!timer_pending(&br->ip4_other_query.timer) || 2299 rcu_dereference(br->ip4_querier.port) == port) 2300 goto unlock; 2301 break; 2302 #if IS_ENABLED(CONFIG_IPV6) 2303 case ETH_P_IPV6: 2304 if (!timer_pending(&br->ip6_other_query.timer) || 2305 rcu_dereference(br->ip6_querier.port) == port) 2306 goto unlock; 2307 break; 2308 #endif 2309 default: 2310 goto unlock; 2311 } 2312 2313 ret = true; 2314 unlock: 2315 rcu_read_unlock(); 2316 return ret; 2317 } 2318 EXPORT_SYMBOL_GPL(br_multicast_has_querier_adjacent); 2319 2320 static void br_mcast_stats_add(struct bridge_mcast_stats __percpu *stats, 2321 const struct sk_buff *skb, u8 type, u8 dir) 2322 { 2323 struct bridge_mcast_stats *pstats = this_cpu_ptr(stats); 2324 __be16 proto = skb->protocol; 2325 unsigned int t_len; 2326 2327 u64_stats_update_begin(&pstats->syncp); 2328 switch (proto) { 2329 case htons(ETH_P_IP): 2330 t_len = ntohs(ip_hdr(skb)->tot_len) - ip_hdrlen(skb); 2331 switch (type) { 2332 case IGMP_HOST_MEMBERSHIP_REPORT: 2333 pstats->mstats.igmp_v1reports[dir]++; 2334 break; 2335 case IGMPV2_HOST_MEMBERSHIP_REPORT: 2336 pstats->mstats.igmp_v2reports[dir]++; 2337 break; 2338 case IGMPV3_HOST_MEMBERSHIP_REPORT: 2339 pstats->mstats.igmp_v3reports[dir]++; 2340 break; 2341 case IGMP_HOST_MEMBERSHIP_QUERY: 2342 if (t_len != sizeof(struct igmphdr)) { 2343 pstats->mstats.igmp_v3queries[dir]++; 2344 } else { 2345 unsigned int offset = skb_transport_offset(skb); 2346 struct igmphdr *ih, _ihdr; 2347 2348 ih = skb_header_pointer(skb, offset, 2349 sizeof(_ihdr), &_ihdr); 2350 if (!ih) 2351 break; 2352 if (!ih->code) 2353 pstats->mstats.igmp_v1queries[dir]++; 2354 else 2355 pstats->mstats.igmp_v2queries[dir]++; 2356 } 2357 break; 2358 case IGMP_HOST_LEAVE_MESSAGE: 2359 pstats->mstats.igmp_leaves[dir]++; 2360 break; 2361 } 2362 break; 2363 #if IS_ENABLED(CONFIG_IPV6) 2364 case htons(ETH_P_IPV6): 2365 t_len = ntohs(ipv6_hdr(skb)->payload_len) + 2366 sizeof(struct ipv6hdr); 2367 t_len -= skb_network_header_len(skb); 2368 switch (type) { 2369 case ICMPV6_MGM_REPORT: 2370 pstats->mstats.mld_v1reports[dir]++; 2371 break; 2372 case ICMPV6_MLD2_REPORT: 2373 pstats->mstats.mld_v2reports[dir]++; 2374 break; 2375 case ICMPV6_MGM_QUERY: 2376 if (t_len != sizeof(struct mld_msg)) 2377 pstats->mstats.mld_v2queries[dir]++; 2378 else 2379 pstats->mstats.mld_v1queries[dir]++; 2380 break; 2381 case ICMPV6_MGM_REDUCTION: 2382 pstats->mstats.mld_leaves[dir]++; 2383 break; 2384 } 2385 break; 2386 #endif /* CONFIG_IPV6 */ 2387 } 2388 u64_stats_update_end(&pstats->syncp); 2389 } 2390 2391 void br_multicast_count(struct net_bridge *br, const struct net_bridge_port *p, 2392 const struct sk_buff *skb, u8 type, u8 dir) 2393 { 2394 struct bridge_mcast_stats __percpu *stats; 2395 2396 /* if multicast_disabled is true then igmp type can't be set */ 2397 if (!type || !br_opt_get(br, BROPT_MULTICAST_STATS_ENABLED)) 2398 return; 2399 2400 if (p) 2401 stats = p->mcast_stats; 2402 else 2403 stats = br->mcast_stats; 2404 if (WARN_ON(!stats)) 2405 return; 2406 2407 br_mcast_stats_add(stats, skb, type, dir); 2408 } 2409 2410 int br_multicast_init_stats(struct net_bridge *br) 2411 { 2412 br->mcast_stats = netdev_alloc_pcpu_stats(struct bridge_mcast_stats); 2413 if (!br->mcast_stats) 2414 return -ENOMEM; 2415 2416 return 0; 2417 } 2418 2419 void br_multicast_uninit_stats(struct net_bridge *br) 2420 { 2421 free_percpu(br->mcast_stats); 2422 } 2423 2424 static void mcast_stats_add_dir(u64 *dst, u64 *src) 2425 { 2426 dst[BR_MCAST_DIR_RX] += src[BR_MCAST_DIR_RX]; 2427 dst[BR_MCAST_DIR_TX] += src[BR_MCAST_DIR_TX]; 2428 } 2429 2430 void br_multicast_get_stats(const struct net_bridge *br, 2431 const struct net_bridge_port *p, 2432 struct br_mcast_stats *dest) 2433 { 2434 struct bridge_mcast_stats __percpu *stats; 2435 struct br_mcast_stats tdst; 2436 int i; 2437 2438 memset(dest, 0, sizeof(*dest)); 2439 if (p) 2440 stats = p->mcast_stats; 2441 else 2442 stats = br->mcast_stats; 2443 if (WARN_ON(!stats)) 2444 return; 2445 2446 memset(&tdst, 0, sizeof(tdst)); 2447 for_each_possible_cpu(i) { 2448 struct bridge_mcast_stats *cpu_stats = per_cpu_ptr(stats, i); 2449 struct br_mcast_stats temp; 2450 unsigned int start; 2451 2452 do { 2453 start = u64_stats_fetch_begin_irq(&cpu_stats->syncp); 2454 memcpy(&temp, &cpu_stats->mstats, sizeof(temp)); 2455 } while (u64_stats_fetch_retry_irq(&cpu_stats->syncp, start)); 2456 2457 mcast_stats_add_dir(tdst.igmp_v1queries, temp.igmp_v1queries); 2458 mcast_stats_add_dir(tdst.igmp_v2queries, temp.igmp_v2queries); 2459 mcast_stats_add_dir(tdst.igmp_v3queries, temp.igmp_v3queries); 2460 mcast_stats_add_dir(tdst.igmp_leaves, temp.igmp_leaves); 2461 mcast_stats_add_dir(tdst.igmp_v1reports, temp.igmp_v1reports); 2462 mcast_stats_add_dir(tdst.igmp_v2reports, temp.igmp_v2reports); 2463 mcast_stats_add_dir(tdst.igmp_v3reports, temp.igmp_v3reports); 2464 tdst.igmp_parse_errors += temp.igmp_parse_errors; 2465 2466 mcast_stats_add_dir(tdst.mld_v1queries, temp.mld_v1queries); 2467 mcast_stats_add_dir(tdst.mld_v2queries, temp.mld_v2queries); 2468 mcast_stats_add_dir(tdst.mld_leaves, temp.mld_leaves); 2469 mcast_stats_add_dir(tdst.mld_v1reports, temp.mld_v1reports); 2470 mcast_stats_add_dir(tdst.mld_v2reports, temp.mld_v2reports); 2471 tdst.mld_parse_errors += temp.mld_parse_errors; 2472 } 2473 memcpy(dest, &tdst, sizeof(*dest)); 2474 } 2475 2476 int br_mdb_hash_init(struct net_bridge *br) 2477 { 2478 return rhashtable_init(&br->mdb_hash_tbl, &br_mdb_rht_params); 2479 } 2480 2481 void br_mdb_hash_fini(struct net_bridge *br) 2482 { 2483 rhashtable_destroy(&br->mdb_hash_tbl); 2484 } 2485