1 /* 2 * Linux NET3: Internet Group Management Protocol [IGMP] 3 * 4 * This code implements the IGMP protocol as defined in RFC1112. There has 5 * been a further revision of this protocol since which is now supported. 6 * 7 * If you have trouble with this module be careful what gcc you have used, 8 * the older version didn't come out right using gcc 2.5.8, the newer one 9 * seems to fall out with gcc 2.6.2. 10 * 11 * Authors: 12 * Alan Cox <alan@lxorguk.ukuu.org.uk> 13 * 14 * This program is free software; you can redistribute it and/or 15 * modify it under the terms of the GNU General Public License 16 * as published by the Free Software Foundation; either version 17 * 2 of the License, or (at your option) any later version. 18 * 19 * Fixes: 20 * 21 * Alan Cox : Added lots of __inline__ to optimise 22 * the memory usage of all the tiny little 23 * functions. 24 * Alan Cox : Dumped the header building experiment. 25 * Alan Cox : Minor tweaks ready for multicast routing 26 * and extended IGMP protocol. 27 * Alan Cox : Removed a load of inline directives. Gcc 2.5.8 28 * writes utterly bogus code otherwise (sigh) 29 * fixed IGMP loopback to behave in the manner 30 * desired by mrouted, fixed the fact it has been 31 * broken since 1.3.6 and cleaned up a few minor 32 * points. 33 * 34 * Chih-Jen Chang : Tried to revise IGMP to Version 2 35 * Tsu-Sheng Tsao E-mail: chihjenc@scf.usc.edu and tsusheng@scf.usc.edu 36 * The enhancements are mainly based on Steve Deering's 37 * ipmulti-3.5 source code. 38 * Chih-Jen Chang : Added the igmp_get_mrouter_info and 39 * Tsu-Sheng Tsao igmp_set_mrouter_info to keep track of 40 * the mrouted version on that device. 41 * Chih-Jen Chang : Added the max_resp_time parameter to 42 * Tsu-Sheng Tsao igmp_heard_query(). Using this parameter 43 * to identify the multicast router version 44 * and do what the IGMP version 2 specified. 45 * Chih-Jen Chang : Added a timer to revert to IGMP V2 router 46 * Tsu-Sheng Tsao if the specified time expired. 47 * Alan Cox : Stop IGMP from 0.0.0.0 being accepted. 48 * Alan Cox : Use GFP_ATOMIC in the right places. 49 * Christian Daudt : igmp timer wasn't set for local group 50 * memberships but was being deleted, 51 * which caused a "del_timer() called 52 * from %p with timer not initialized\n" 53 * message (960131). 54 * Christian Daudt : removed del_timer from 55 * igmp_timer_expire function (960205). 56 * Christian Daudt : igmp_heard_report now only calls 57 * igmp_timer_expire if tm->running is 58 * true (960216). 59 * Malcolm Beattie : ttl comparison wrong in igmp_rcv made 60 * igmp_heard_query never trigger. Expiry 61 * miscalculation fixed in igmp_heard_query 62 * and random() made to return unsigned to 63 * prevent negative expiry times. 64 * Alexey Kuznetsov: Wrong group leaving behaviour, backport 65 * fix from pending 2.1.x patches. 66 * Alan Cox: Forget to enable FDDI support earlier. 67 * Alexey Kuznetsov: Fixed leaving groups on device down. 68 * Alexey Kuznetsov: Accordance to igmp-v2-06 draft. 69 * David L Stevens: IGMPv3 support, with help from 70 * Vinay Kulkarni 71 */ 72 73 #include <linux/module.h> 74 #include <linux/slab.h> 75 #include <linux/uaccess.h> 76 #include <linux/types.h> 77 #include <linux/kernel.h> 78 #include <linux/jiffies.h> 79 #include <linux/string.h> 80 #include <linux/socket.h> 81 #include <linux/sockios.h> 82 #include <linux/in.h> 83 #include <linux/inet.h> 84 #include <linux/netdevice.h> 85 #include <linux/skbuff.h> 86 #include <linux/inetdevice.h> 87 #include <linux/igmp.h> 88 #include <linux/if_arp.h> 89 #include <linux/rtnetlink.h> 90 #include <linux/times.h> 91 #include <linux/pkt_sched.h> 92 93 #include <net/net_namespace.h> 94 #include <net/arp.h> 95 #include <net/ip.h> 96 #include <net/protocol.h> 97 #include <net/route.h> 98 #include <net/sock.h> 99 #include <net/checksum.h> 100 #include <net/inet_common.h> 101 #include <linux/netfilter_ipv4.h> 102 #ifdef CONFIG_IP_MROUTE 103 #include <linux/mroute.h> 104 #endif 105 #ifdef CONFIG_PROC_FS 106 #include <linux/proc_fs.h> 107 #include <linux/seq_file.h> 108 #endif 109 110 #ifdef CONFIG_IP_MULTICAST 111 /* Parameter names and values are taken from igmp-v2-06 draft */ 112 113 #define IGMP_V1_ROUTER_PRESENT_TIMEOUT (400*HZ) 114 #define IGMP_V2_ROUTER_PRESENT_TIMEOUT (400*HZ) 115 #define IGMP_V2_UNSOLICITED_REPORT_INTERVAL (10*HZ) 116 #define IGMP_V3_UNSOLICITED_REPORT_INTERVAL (1*HZ) 117 #define IGMP_QUERY_RESPONSE_INTERVAL (10*HZ) 118 #define IGMP_QUERY_ROBUSTNESS_VARIABLE 2 119 120 121 #define IGMP_INITIAL_REPORT_DELAY (1) 122 123 /* IGMP_INITIAL_REPORT_DELAY is not from IGMP specs! 124 * IGMP specs require to report membership immediately after 125 * joining a group, but we delay the first report by a 126 * small interval. It seems more natural and still does not 127 * contradict to specs provided this delay is small enough. 128 */ 129 130 #define IGMP_V1_SEEN(in_dev) \ 131 (IPV4_DEVCONF_ALL(dev_net(in_dev->dev), FORCE_IGMP_VERSION) == 1 || \ 132 IN_DEV_CONF_GET((in_dev), FORCE_IGMP_VERSION) == 1 || \ 133 ((in_dev)->mr_v1_seen && \ 134 time_before(jiffies, (in_dev)->mr_v1_seen))) 135 #define IGMP_V2_SEEN(in_dev) \ 136 (IPV4_DEVCONF_ALL(dev_net(in_dev->dev), FORCE_IGMP_VERSION) == 2 || \ 137 IN_DEV_CONF_GET((in_dev), FORCE_IGMP_VERSION) == 2 || \ 138 ((in_dev)->mr_v2_seen && \ 139 time_before(jiffies, (in_dev)->mr_v2_seen))) 140 141 static int unsolicited_report_interval(struct in_device *in_dev) 142 { 143 int interval_ms, interval_jiffies; 144 145 if (IGMP_V1_SEEN(in_dev) || IGMP_V2_SEEN(in_dev)) 146 interval_ms = IN_DEV_CONF_GET( 147 in_dev, 148 IGMPV2_UNSOLICITED_REPORT_INTERVAL); 149 else /* v3 */ 150 interval_ms = IN_DEV_CONF_GET( 151 in_dev, 152 IGMPV3_UNSOLICITED_REPORT_INTERVAL); 153 154 interval_jiffies = msecs_to_jiffies(interval_ms); 155 156 /* _timer functions can't handle a delay of 0 jiffies so ensure 157 * we always return a positive value. 158 */ 159 if (interval_jiffies <= 0) 160 interval_jiffies = 1; 161 return interval_jiffies; 162 } 163 164 static void igmpv3_add_delrec(struct in_device *in_dev, struct ip_mc_list *im); 165 static void igmpv3_del_delrec(struct in_device *in_dev, struct ip_mc_list *im); 166 static void igmpv3_clear_delrec(struct in_device *in_dev); 167 static int sf_setstate(struct ip_mc_list *pmc); 168 static void sf_markstate(struct ip_mc_list *pmc); 169 #endif 170 static void ip_mc_clear_src(struct ip_mc_list *pmc); 171 static int ip_mc_add_src(struct in_device *in_dev, __be32 *pmca, int sfmode, 172 int sfcount, __be32 *psfsrc, int delta); 173 174 static void ip_ma_put(struct ip_mc_list *im) 175 { 176 if (refcount_dec_and_test(&im->refcnt)) { 177 in_dev_put(im->interface); 178 kfree_rcu(im, rcu); 179 } 180 } 181 182 #define for_each_pmc_rcu(in_dev, pmc) \ 183 for (pmc = rcu_dereference(in_dev->mc_list); \ 184 pmc != NULL; \ 185 pmc = rcu_dereference(pmc->next_rcu)) 186 187 #define for_each_pmc_rtnl(in_dev, pmc) \ 188 for (pmc = rtnl_dereference(in_dev->mc_list); \ 189 pmc != NULL; \ 190 pmc = rtnl_dereference(pmc->next_rcu)) 191 192 #ifdef CONFIG_IP_MULTICAST 193 194 /* 195 * Timer management 196 */ 197 198 static void igmp_stop_timer(struct ip_mc_list *im) 199 { 200 spin_lock_bh(&im->lock); 201 if (del_timer(&im->timer)) 202 refcount_dec(&im->refcnt); 203 im->tm_running = 0; 204 im->reporter = 0; 205 im->unsolicit_count = 0; 206 spin_unlock_bh(&im->lock); 207 } 208 209 /* It must be called with locked im->lock */ 210 static void igmp_start_timer(struct ip_mc_list *im, int max_delay) 211 { 212 int tv = prandom_u32() % max_delay; 213 214 im->tm_running = 1; 215 if (!mod_timer(&im->timer, jiffies+tv+2)) 216 refcount_inc(&im->refcnt); 217 } 218 219 static void igmp_gq_start_timer(struct in_device *in_dev) 220 { 221 int tv = prandom_u32() % in_dev->mr_maxdelay; 222 unsigned long exp = jiffies + tv + 2; 223 224 if (in_dev->mr_gq_running && 225 time_after_eq(exp, (in_dev->mr_gq_timer).expires)) 226 return; 227 228 in_dev->mr_gq_running = 1; 229 if (!mod_timer(&in_dev->mr_gq_timer, exp)) 230 in_dev_hold(in_dev); 231 } 232 233 static void igmp_ifc_start_timer(struct in_device *in_dev, int delay) 234 { 235 int tv = prandom_u32() % delay; 236 237 if (!mod_timer(&in_dev->mr_ifc_timer, jiffies+tv+2)) 238 in_dev_hold(in_dev); 239 } 240 241 static void igmp_mod_timer(struct ip_mc_list *im, int max_delay) 242 { 243 spin_lock_bh(&im->lock); 244 im->unsolicit_count = 0; 245 if (del_timer(&im->timer)) { 246 if ((long)(im->timer.expires-jiffies) < max_delay) { 247 add_timer(&im->timer); 248 im->tm_running = 1; 249 spin_unlock_bh(&im->lock); 250 return; 251 } 252 refcount_dec(&im->refcnt); 253 } 254 igmp_start_timer(im, max_delay); 255 spin_unlock_bh(&im->lock); 256 } 257 258 259 /* 260 * Send an IGMP report. 261 */ 262 263 #define IGMP_SIZE (sizeof(struct igmphdr)+sizeof(struct iphdr)+4) 264 265 266 static int is_in(struct ip_mc_list *pmc, struct ip_sf_list *psf, int type, 267 int gdeleted, int sdeleted) 268 { 269 switch (type) { 270 case IGMPV3_MODE_IS_INCLUDE: 271 case IGMPV3_MODE_IS_EXCLUDE: 272 if (gdeleted || sdeleted) 273 return 0; 274 if (!(pmc->gsquery && !psf->sf_gsresp)) { 275 if (pmc->sfmode == MCAST_INCLUDE) 276 return 1; 277 /* don't include if this source is excluded 278 * in all filters 279 */ 280 if (psf->sf_count[MCAST_INCLUDE]) 281 return type == IGMPV3_MODE_IS_INCLUDE; 282 return pmc->sfcount[MCAST_EXCLUDE] == 283 psf->sf_count[MCAST_EXCLUDE]; 284 } 285 return 0; 286 case IGMPV3_CHANGE_TO_INCLUDE: 287 if (gdeleted || sdeleted) 288 return 0; 289 return psf->sf_count[MCAST_INCLUDE] != 0; 290 case IGMPV3_CHANGE_TO_EXCLUDE: 291 if (gdeleted || sdeleted) 292 return 0; 293 if (pmc->sfcount[MCAST_EXCLUDE] == 0 || 294 psf->sf_count[MCAST_INCLUDE]) 295 return 0; 296 return pmc->sfcount[MCAST_EXCLUDE] == 297 psf->sf_count[MCAST_EXCLUDE]; 298 case IGMPV3_ALLOW_NEW_SOURCES: 299 if (gdeleted || !psf->sf_crcount) 300 return 0; 301 return (pmc->sfmode == MCAST_INCLUDE) ^ sdeleted; 302 case IGMPV3_BLOCK_OLD_SOURCES: 303 if (pmc->sfmode == MCAST_INCLUDE) 304 return gdeleted || (psf->sf_crcount && sdeleted); 305 return psf->sf_crcount && !gdeleted && !sdeleted; 306 } 307 return 0; 308 } 309 310 static int 311 igmp_scount(struct ip_mc_list *pmc, int type, int gdeleted, int sdeleted) 312 { 313 struct ip_sf_list *psf; 314 int scount = 0; 315 316 for (psf = pmc->sources; psf; psf = psf->sf_next) { 317 if (!is_in(pmc, psf, type, gdeleted, sdeleted)) 318 continue; 319 scount++; 320 } 321 return scount; 322 } 323 324 static struct sk_buff *igmpv3_newpack(struct net_device *dev, unsigned int mtu) 325 { 326 struct sk_buff *skb; 327 struct rtable *rt; 328 struct iphdr *pip; 329 struct igmpv3_report *pig; 330 struct net *net = dev_net(dev); 331 struct flowi4 fl4; 332 int hlen = LL_RESERVED_SPACE(dev); 333 int tlen = dev->needed_tailroom; 334 unsigned int size = mtu; 335 336 while (1) { 337 skb = alloc_skb(size + hlen + tlen, 338 GFP_ATOMIC | __GFP_NOWARN); 339 if (skb) 340 break; 341 size >>= 1; 342 if (size < 256) 343 return NULL; 344 } 345 skb->priority = TC_PRIO_CONTROL; 346 347 rt = ip_route_output_ports(net, &fl4, NULL, IGMPV3_ALL_MCR, 0, 348 0, 0, 349 IPPROTO_IGMP, 0, dev->ifindex); 350 if (IS_ERR(rt)) { 351 kfree_skb(skb); 352 return NULL; 353 } 354 355 skb_dst_set(skb, &rt->dst); 356 skb->dev = dev; 357 358 skb_reserve(skb, hlen); 359 skb_tailroom_reserve(skb, mtu, tlen); 360 361 skb_reset_network_header(skb); 362 pip = ip_hdr(skb); 363 skb_put(skb, sizeof(struct iphdr) + 4); 364 365 pip->version = 4; 366 pip->ihl = (sizeof(struct iphdr)+4)>>2; 367 pip->tos = 0xc0; 368 pip->frag_off = htons(IP_DF); 369 pip->ttl = 1; 370 pip->daddr = fl4.daddr; 371 pip->saddr = fl4.saddr; 372 pip->protocol = IPPROTO_IGMP; 373 pip->tot_len = 0; /* filled in later */ 374 ip_select_ident(net, skb, NULL); 375 ((u8 *)&pip[1])[0] = IPOPT_RA; 376 ((u8 *)&pip[1])[1] = 4; 377 ((u8 *)&pip[1])[2] = 0; 378 ((u8 *)&pip[1])[3] = 0; 379 380 skb->transport_header = skb->network_header + sizeof(struct iphdr) + 4; 381 skb_put(skb, sizeof(*pig)); 382 pig = igmpv3_report_hdr(skb); 383 pig->type = IGMPV3_HOST_MEMBERSHIP_REPORT; 384 pig->resv1 = 0; 385 pig->csum = 0; 386 pig->resv2 = 0; 387 pig->ngrec = 0; 388 return skb; 389 } 390 391 static int igmpv3_sendpack(struct sk_buff *skb) 392 { 393 struct igmphdr *pig = igmp_hdr(skb); 394 const int igmplen = skb_tail_pointer(skb) - skb_transport_header(skb); 395 396 pig->csum = ip_compute_csum(igmp_hdr(skb), igmplen); 397 398 return ip_local_out(dev_net(skb_dst(skb)->dev), skb->sk, skb); 399 } 400 401 static int grec_size(struct ip_mc_list *pmc, int type, int gdel, int sdel) 402 { 403 return sizeof(struct igmpv3_grec) + 4*igmp_scount(pmc, type, gdel, sdel); 404 } 405 406 static struct sk_buff *add_grhead(struct sk_buff *skb, struct ip_mc_list *pmc, 407 int type, struct igmpv3_grec **ppgr) 408 { 409 struct net_device *dev = pmc->interface->dev; 410 struct igmpv3_report *pih; 411 struct igmpv3_grec *pgr; 412 413 if (!skb) 414 skb = igmpv3_newpack(dev, dev->mtu); 415 if (!skb) 416 return NULL; 417 pgr = skb_put(skb, sizeof(struct igmpv3_grec)); 418 pgr->grec_type = type; 419 pgr->grec_auxwords = 0; 420 pgr->grec_nsrcs = 0; 421 pgr->grec_mca = pmc->multiaddr; 422 pih = igmpv3_report_hdr(skb); 423 pih->ngrec = htons(ntohs(pih->ngrec)+1); 424 *ppgr = pgr; 425 return skb; 426 } 427 428 #define AVAILABLE(skb) ((skb) ? skb_availroom(skb) : 0) 429 430 static struct sk_buff *add_grec(struct sk_buff *skb, struct ip_mc_list *pmc, 431 int type, int gdeleted, int sdeleted) 432 { 433 struct net_device *dev = pmc->interface->dev; 434 struct net *net = dev_net(dev); 435 struct igmpv3_report *pih; 436 struct igmpv3_grec *pgr = NULL; 437 struct ip_sf_list *psf, *psf_next, *psf_prev, **psf_list; 438 int scount, stotal, first, isquery, truncate; 439 440 if (pmc->multiaddr == IGMP_ALL_HOSTS) 441 return skb; 442 if (ipv4_is_local_multicast(pmc->multiaddr) && !net->ipv4.sysctl_igmp_llm_reports) 443 return skb; 444 445 isquery = type == IGMPV3_MODE_IS_INCLUDE || 446 type == IGMPV3_MODE_IS_EXCLUDE; 447 truncate = type == IGMPV3_MODE_IS_EXCLUDE || 448 type == IGMPV3_CHANGE_TO_EXCLUDE; 449 450 stotal = scount = 0; 451 452 psf_list = sdeleted ? &pmc->tomb : &pmc->sources; 453 454 if (!*psf_list) 455 goto empty_source; 456 457 pih = skb ? igmpv3_report_hdr(skb) : NULL; 458 459 /* EX and TO_EX get a fresh packet, if needed */ 460 if (truncate) { 461 if (pih && pih->ngrec && 462 AVAILABLE(skb) < grec_size(pmc, type, gdeleted, sdeleted)) { 463 if (skb) 464 igmpv3_sendpack(skb); 465 skb = igmpv3_newpack(dev, dev->mtu); 466 } 467 } 468 first = 1; 469 psf_prev = NULL; 470 for (psf = *psf_list; psf; psf = psf_next) { 471 __be32 *psrc; 472 473 psf_next = psf->sf_next; 474 475 if (!is_in(pmc, psf, type, gdeleted, sdeleted)) { 476 psf_prev = psf; 477 continue; 478 } 479 480 /* Based on RFC3376 5.1. Should not send source-list change 481 * records when there is a filter mode change. 482 */ 483 if (((gdeleted && pmc->sfmode == MCAST_EXCLUDE) || 484 (!gdeleted && pmc->crcount)) && 485 (type == IGMPV3_ALLOW_NEW_SOURCES || 486 type == IGMPV3_BLOCK_OLD_SOURCES) && psf->sf_crcount) 487 goto decrease_sf_crcount; 488 489 /* clear marks on query responses */ 490 if (isquery) 491 psf->sf_gsresp = 0; 492 493 if (AVAILABLE(skb) < sizeof(__be32) + 494 first*sizeof(struct igmpv3_grec)) { 495 if (truncate && !first) 496 break; /* truncate these */ 497 if (pgr) 498 pgr->grec_nsrcs = htons(scount); 499 if (skb) 500 igmpv3_sendpack(skb); 501 skb = igmpv3_newpack(dev, dev->mtu); 502 first = 1; 503 scount = 0; 504 } 505 if (first) { 506 skb = add_grhead(skb, pmc, type, &pgr); 507 first = 0; 508 } 509 if (!skb) 510 return NULL; 511 psrc = skb_put(skb, sizeof(__be32)); 512 *psrc = psf->sf_inaddr; 513 scount++; stotal++; 514 if ((type == IGMPV3_ALLOW_NEW_SOURCES || 515 type == IGMPV3_BLOCK_OLD_SOURCES) && psf->sf_crcount) { 516 decrease_sf_crcount: 517 psf->sf_crcount--; 518 if ((sdeleted || gdeleted) && psf->sf_crcount == 0) { 519 if (psf_prev) 520 psf_prev->sf_next = psf->sf_next; 521 else 522 *psf_list = psf->sf_next; 523 kfree(psf); 524 continue; 525 } 526 } 527 psf_prev = psf; 528 } 529 530 empty_source: 531 if (!stotal) { 532 if (type == IGMPV3_ALLOW_NEW_SOURCES || 533 type == IGMPV3_BLOCK_OLD_SOURCES) 534 return skb; 535 if (pmc->crcount || isquery) { 536 /* make sure we have room for group header */ 537 if (skb && AVAILABLE(skb) < sizeof(struct igmpv3_grec)) { 538 igmpv3_sendpack(skb); 539 skb = NULL; /* add_grhead will get a new one */ 540 } 541 skb = add_grhead(skb, pmc, type, &pgr); 542 } 543 } 544 if (pgr) 545 pgr->grec_nsrcs = htons(scount); 546 547 if (isquery) 548 pmc->gsquery = 0; /* clear query state on report */ 549 return skb; 550 } 551 552 static int igmpv3_send_report(struct in_device *in_dev, struct ip_mc_list *pmc) 553 { 554 struct sk_buff *skb = NULL; 555 struct net *net = dev_net(in_dev->dev); 556 int type; 557 558 if (!pmc) { 559 rcu_read_lock(); 560 for_each_pmc_rcu(in_dev, pmc) { 561 if (pmc->multiaddr == IGMP_ALL_HOSTS) 562 continue; 563 if (ipv4_is_local_multicast(pmc->multiaddr) && 564 !net->ipv4.sysctl_igmp_llm_reports) 565 continue; 566 spin_lock_bh(&pmc->lock); 567 if (pmc->sfcount[MCAST_EXCLUDE]) 568 type = IGMPV3_MODE_IS_EXCLUDE; 569 else 570 type = IGMPV3_MODE_IS_INCLUDE; 571 skb = add_grec(skb, pmc, type, 0, 0); 572 spin_unlock_bh(&pmc->lock); 573 } 574 rcu_read_unlock(); 575 } else { 576 spin_lock_bh(&pmc->lock); 577 if (pmc->sfcount[MCAST_EXCLUDE]) 578 type = IGMPV3_MODE_IS_EXCLUDE; 579 else 580 type = IGMPV3_MODE_IS_INCLUDE; 581 skb = add_grec(skb, pmc, type, 0, 0); 582 spin_unlock_bh(&pmc->lock); 583 } 584 if (!skb) 585 return 0; 586 return igmpv3_sendpack(skb); 587 } 588 589 /* 590 * remove zero-count source records from a source filter list 591 */ 592 static void igmpv3_clear_zeros(struct ip_sf_list **ppsf) 593 { 594 struct ip_sf_list *psf_prev, *psf_next, *psf; 595 596 psf_prev = NULL; 597 for (psf = *ppsf; psf; psf = psf_next) { 598 psf_next = psf->sf_next; 599 if (psf->sf_crcount == 0) { 600 if (psf_prev) 601 psf_prev->sf_next = psf->sf_next; 602 else 603 *ppsf = psf->sf_next; 604 kfree(psf); 605 } else 606 psf_prev = psf; 607 } 608 } 609 610 static void igmpv3_send_cr(struct in_device *in_dev) 611 { 612 struct ip_mc_list *pmc, *pmc_prev, *pmc_next; 613 struct sk_buff *skb = NULL; 614 int type, dtype; 615 616 rcu_read_lock(); 617 spin_lock_bh(&in_dev->mc_tomb_lock); 618 619 /* deleted MCA's */ 620 pmc_prev = NULL; 621 for (pmc = in_dev->mc_tomb; pmc; pmc = pmc_next) { 622 pmc_next = pmc->next; 623 if (pmc->sfmode == MCAST_INCLUDE) { 624 type = IGMPV3_BLOCK_OLD_SOURCES; 625 dtype = IGMPV3_BLOCK_OLD_SOURCES; 626 skb = add_grec(skb, pmc, type, 1, 0); 627 skb = add_grec(skb, pmc, dtype, 1, 1); 628 } 629 if (pmc->crcount) { 630 if (pmc->sfmode == MCAST_EXCLUDE) { 631 type = IGMPV3_CHANGE_TO_INCLUDE; 632 skb = add_grec(skb, pmc, type, 1, 0); 633 } 634 pmc->crcount--; 635 if (pmc->crcount == 0) { 636 igmpv3_clear_zeros(&pmc->tomb); 637 igmpv3_clear_zeros(&pmc->sources); 638 } 639 } 640 if (pmc->crcount == 0 && !pmc->tomb && !pmc->sources) { 641 if (pmc_prev) 642 pmc_prev->next = pmc_next; 643 else 644 in_dev->mc_tomb = pmc_next; 645 in_dev_put(pmc->interface); 646 kfree(pmc); 647 } else 648 pmc_prev = pmc; 649 } 650 spin_unlock_bh(&in_dev->mc_tomb_lock); 651 652 /* change recs */ 653 for_each_pmc_rcu(in_dev, pmc) { 654 spin_lock_bh(&pmc->lock); 655 if (pmc->sfcount[MCAST_EXCLUDE]) { 656 type = IGMPV3_BLOCK_OLD_SOURCES; 657 dtype = IGMPV3_ALLOW_NEW_SOURCES; 658 } else { 659 type = IGMPV3_ALLOW_NEW_SOURCES; 660 dtype = IGMPV3_BLOCK_OLD_SOURCES; 661 } 662 skb = add_grec(skb, pmc, type, 0, 0); 663 skb = add_grec(skb, pmc, dtype, 0, 1); /* deleted sources */ 664 665 /* filter mode changes */ 666 if (pmc->crcount) { 667 if (pmc->sfmode == MCAST_EXCLUDE) 668 type = IGMPV3_CHANGE_TO_EXCLUDE; 669 else 670 type = IGMPV3_CHANGE_TO_INCLUDE; 671 skb = add_grec(skb, pmc, type, 0, 0); 672 pmc->crcount--; 673 } 674 spin_unlock_bh(&pmc->lock); 675 } 676 rcu_read_unlock(); 677 678 if (!skb) 679 return; 680 (void) igmpv3_sendpack(skb); 681 } 682 683 static int igmp_send_report(struct in_device *in_dev, struct ip_mc_list *pmc, 684 int type) 685 { 686 struct sk_buff *skb; 687 struct iphdr *iph; 688 struct igmphdr *ih; 689 struct rtable *rt; 690 struct net_device *dev = in_dev->dev; 691 struct net *net = dev_net(dev); 692 __be32 group = pmc ? pmc->multiaddr : 0; 693 struct flowi4 fl4; 694 __be32 dst; 695 int hlen, tlen; 696 697 if (type == IGMPV3_HOST_MEMBERSHIP_REPORT) 698 return igmpv3_send_report(in_dev, pmc); 699 700 if (ipv4_is_local_multicast(group) && !net->ipv4.sysctl_igmp_llm_reports) 701 return 0; 702 703 if (type == IGMP_HOST_LEAVE_MESSAGE) 704 dst = IGMP_ALL_ROUTER; 705 else 706 dst = group; 707 708 rt = ip_route_output_ports(net, &fl4, NULL, dst, 0, 709 0, 0, 710 IPPROTO_IGMP, 0, dev->ifindex); 711 if (IS_ERR(rt)) 712 return -1; 713 714 hlen = LL_RESERVED_SPACE(dev); 715 tlen = dev->needed_tailroom; 716 skb = alloc_skb(IGMP_SIZE + hlen + tlen, GFP_ATOMIC); 717 if (!skb) { 718 ip_rt_put(rt); 719 return -1; 720 } 721 skb->priority = TC_PRIO_CONTROL; 722 723 skb_dst_set(skb, &rt->dst); 724 725 skb_reserve(skb, hlen); 726 727 skb_reset_network_header(skb); 728 iph = ip_hdr(skb); 729 skb_put(skb, sizeof(struct iphdr) + 4); 730 731 iph->version = 4; 732 iph->ihl = (sizeof(struct iphdr)+4)>>2; 733 iph->tos = 0xc0; 734 iph->frag_off = htons(IP_DF); 735 iph->ttl = 1; 736 iph->daddr = dst; 737 iph->saddr = fl4.saddr; 738 iph->protocol = IPPROTO_IGMP; 739 ip_select_ident(net, skb, NULL); 740 ((u8 *)&iph[1])[0] = IPOPT_RA; 741 ((u8 *)&iph[1])[1] = 4; 742 ((u8 *)&iph[1])[2] = 0; 743 ((u8 *)&iph[1])[3] = 0; 744 745 ih = skb_put(skb, sizeof(struct igmphdr)); 746 ih->type = type; 747 ih->code = 0; 748 ih->csum = 0; 749 ih->group = group; 750 ih->csum = ip_compute_csum((void *)ih, sizeof(struct igmphdr)); 751 752 return ip_local_out(net, skb->sk, skb); 753 } 754 755 static void igmp_gq_timer_expire(unsigned long data) 756 { 757 struct in_device *in_dev = (struct in_device *)data; 758 759 in_dev->mr_gq_running = 0; 760 igmpv3_send_report(in_dev, NULL); 761 in_dev_put(in_dev); 762 } 763 764 static void igmp_ifc_timer_expire(unsigned long data) 765 { 766 struct in_device *in_dev = (struct in_device *)data; 767 768 igmpv3_send_cr(in_dev); 769 if (in_dev->mr_ifc_count) { 770 in_dev->mr_ifc_count--; 771 igmp_ifc_start_timer(in_dev, 772 unsolicited_report_interval(in_dev)); 773 } 774 in_dev_put(in_dev); 775 } 776 777 static void igmp_ifc_event(struct in_device *in_dev) 778 { 779 struct net *net = dev_net(in_dev->dev); 780 if (IGMP_V1_SEEN(in_dev) || IGMP_V2_SEEN(in_dev)) 781 return; 782 in_dev->mr_ifc_count = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 783 igmp_ifc_start_timer(in_dev, 1); 784 } 785 786 787 static void igmp_timer_expire(unsigned long data) 788 { 789 struct ip_mc_list *im = (struct ip_mc_list *)data; 790 struct in_device *in_dev = im->interface; 791 792 spin_lock(&im->lock); 793 im->tm_running = 0; 794 795 if (im->unsolicit_count) { 796 im->unsolicit_count--; 797 igmp_start_timer(im, unsolicited_report_interval(in_dev)); 798 } 799 im->reporter = 1; 800 spin_unlock(&im->lock); 801 802 if (IGMP_V1_SEEN(in_dev)) 803 igmp_send_report(in_dev, im, IGMP_HOST_MEMBERSHIP_REPORT); 804 else if (IGMP_V2_SEEN(in_dev)) 805 igmp_send_report(in_dev, im, IGMPV2_HOST_MEMBERSHIP_REPORT); 806 else 807 igmp_send_report(in_dev, im, IGMPV3_HOST_MEMBERSHIP_REPORT); 808 809 ip_ma_put(im); 810 } 811 812 /* mark EXCLUDE-mode sources */ 813 static int igmp_xmarksources(struct ip_mc_list *pmc, int nsrcs, __be32 *srcs) 814 { 815 struct ip_sf_list *psf; 816 int i, scount; 817 818 scount = 0; 819 for (psf = pmc->sources; psf; psf = psf->sf_next) { 820 if (scount == nsrcs) 821 break; 822 for (i = 0; i < nsrcs; i++) { 823 /* skip inactive filters */ 824 if (psf->sf_count[MCAST_INCLUDE] || 825 pmc->sfcount[MCAST_EXCLUDE] != 826 psf->sf_count[MCAST_EXCLUDE]) 827 break; 828 if (srcs[i] == psf->sf_inaddr) { 829 scount++; 830 break; 831 } 832 } 833 } 834 pmc->gsquery = 0; 835 if (scount == nsrcs) /* all sources excluded */ 836 return 0; 837 return 1; 838 } 839 840 static int igmp_marksources(struct ip_mc_list *pmc, int nsrcs, __be32 *srcs) 841 { 842 struct ip_sf_list *psf; 843 int i, scount; 844 845 if (pmc->sfmode == MCAST_EXCLUDE) 846 return igmp_xmarksources(pmc, nsrcs, srcs); 847 848 /* mark INCLUDE-mode sources */ 849 scount = 0; 850 for (psf = pmc->sources; psf; psf = psf->sf_next) { 851 if (scount == nsrcs) 852 break; 853 for (i = 0; i < nsrcs; i++) 854 if (srcs[i] == psf->sf_inaddr) { 855 psf->sf_gsresp = 1; 856 scount++; 857 break; 858 } 859 } 860 if (!scount) { 861 pmc->gsquery = 0; 862 return 0; 863 } 864 pmc->gsquery = 1; 865 return 1; 866 } 867 868 /* return true if packet was dropped */ 869 static bool igmp_heard_report(struct in_device *in_dev, __be32 group) 870 { 871 struct ip_mc_list *im; 872 struct net *net = dev_net(in_dev->dev); 873 874 /* Timers are only set for non-local groups */ 875 876 if (group == IGMP_ALL_HOSTS) 877 return false; 878 if (ipv4_is_local_multicast(group) && !net->ipv4.sysctl_igmp_llm_reports) 879 return false; 880 881 rcu_read_lock(); 882 for_each_pmc_rcu(in_dev, im) { 883 if (im->multiaddr == group) { 884 igmp_stop_timer(im); 885 break; 886 } 887 } 888 rcu_read_unlock(); 889 return false; 890 } 891 892 /* return true if packet was dropped */ 893 static bool igmp_heard_query(struct in_device *in_dev, struct sk_buff *skb, 894 int len) 895 { 896 struct igmphdr *ih = igmp_hdr(skb); 897 struct igmpv3_query *ih3 = igmpv3_query_hdr(skb); 898 struct ip_mc_list *im; 899 __be32 group = ih->group; 900 int max_delay; 901 int mark = 0; 902 struct net *net = dev_net(in_dev->dev); 903 904 905 if (len == 8) { 906 if (ih->code == 0) { 907 /* Alas, old v1 router presents here. */ 908 909 max_delay = IGMP_QUERY_RESPONSE_INTERVAL; 910 in_dev->mr_v1_seen = jiffies + 911 IGMP_V1_ROUTER_PRESENT_TIMEOUT; 912 group = 0; 913 } else { 914 /* v2 router present */ 915 max_delay = ih->code*(HZ/IGMP_TIMER_SCALE); 916 in_dev->mr_v2_seen = jiffies + 917 IGMP_V2_ROUTER_PRESENT_TIMEOUT; 918 } 919 /* cancel the interface change timer */ 920 in_dev->mr_ifc_count = 0; 921 if (del_timer(&in_dev->mr_ifc_timer)) 922 __in_dev_put(in_dev); 923 /* clear deleted report items */ 924 igmpv3_clear_delrec(in_dev); 925 } else if (len < 12) { 926 return true; /* ignore bogus packet; freed by caller */ 927 } else if (IGMP_V1_SEEN(in_dev)) { 928 /* This is a v3 query with v1 queriers present */ 929 max_delay = IGMP_QUERY_RESPONSE_INTERVAL; 930 group = 0; 931 } else if (IGMP_V2_SEEN(in_dev)) { 932 /* this is a v3 query with v2 queriers present; 933 * Interpretation of the max_delay code is problematic here. 934 * A real v2 host would use ih_code directly, while v3 has a 935 * different encoding. We use the v3 encoding as more likely 936 * to be intended in a v3 query. 937 */ 938 max_delay = IGMPV3_MRC(ih3->code)*(HZ/IGMP_TIMER_SCALE); 939 if (!max_delay) 940 max_delay = 1; /* can't mod w/ 0 */ 941 } else { /* v3 */ 942 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query))) 943 return true; 944 945 ih3 = igmpv3_query_hdr(skb); 946 if (ih3->nsrcs) { 947 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query) 948 + ntohs(ih3->nsrcs)*sizeof(__be32))) 949 return true; 950 ih3 = igmpv3_query_hdr(skb); 951 } 952 953 max_delay = IGMPV3_MRC(ih3->code)*(HZ/IGMP_TIMER_SCALE); 954 if (!max_delay) 955 max_delay = 1; /* can't mod w/ 0 */ 956 in_dev->mr_maxdelay = max_delay; 957 if (ih3->qrv) 958 in_dev->mr_qrv = ih3->qrv; 959 if (!group) { /* general query */ 960 if (ih3->nsrcs) 961 return true; /* no sources allowed */ 962 igmp_gq_start_timer(in_dev); 963 return false; 964 } 965 /* mark sources to include, if group & source-specific */ 966 mark = ih3->nsrcs != 0; 967 } 968 969 /* 970 * - Start the timers in all of our membership records 971 * that the query applies to for the interface on 972 * which the query arrived excl. those that belong 973 * to a "local" group (224.0.0.X) 974 * - For timers already running check if they need to 975 * be reset. 976 * - Use the igmp->igmp_code field as the maximum 977 * delay possible 978 */ 979 rcu_read_lock(); 980 for_each_pmc_rcu(in_dev, im) { 981 int changed; 982 983 if (group && group != im->multiaddr) 984 continue; 985 if (im->multiaddr == IGMP_ALL_HOSTS) 986 continue; 987 if (ipv4_is_local_multicast(im->multiaddr) && 988 !net->ipv4.sysctl_igmp_llm_reports) 989 continue; 990 spin_lock_bh(&im->lock); 991 if (im->tm_running) 992 im->gsquery = im->gsquery && mark; 993 else 994 im->gsquery = mark; 995 changed = !im->gsquery || 996 igmp_marksources(im, ntohs(ih3->nsrcs), ih3->srcs); 997 spin_unlock_bh(&im->lock); 998 if (changed) 999 igmp_mod_timer(im, max_delay); 1000 } 1001 rcu_read_unlock(); 1002 return false; 1003 } 1004 1005 /* called in rcu_read_lock() section */ 1006 int igmp_rcv(struct sk_buff *skb) 1007 { 1008 /* This basically follows the spec line by line -- see RFC1112 */ 1009 struct igmphdr *ih; 1010 struct net_device *dev = skb->dev; 1011 struct in_device *in_dev; 1012 int len = skb->len; 1013 bool dropped = true; 1014 1015 if (netif_is_l3_master(dev)) { 1016 dev = dev_get_by_index_rcu(dev_net(dev), IPCB(skb)->iif); 1017 if (!dev) 1018 goto drop; 1019 } 1020 1021 in_dev = __in_dev_get_rcu(dev); 1022 if (!in_dev) 1023 goto drop; 1024 1025 if (!pskb_may_pull(skb, sizeof(struct igmphdr))) 1026 goto drop; 1027 1028 if (skb_checksum_simple_validate(skb)) 1029 goto drop; 1030 1031 ih = igmp_hdr(skb); 1032 switch (ih->type) { 1033 case IGMP_HOST_MEMBERSHIP_QUERY: 1034 dropped = igmp_heard_query(in_dev, skb, len); 1035 break; 1036 case IGMP_HOST_MEMBERSHIP_REPORT: 1037 case IGMPV2_HOST_MEMBERSHIP_REPORT: 1038 /* Is it our report looped back? */ 1039 if (rt_is_output_route(skb_rtable(skb))) 1040 break; 1041 /* don't rely on MC router hearing unicast reports */ 1042 if (skb->pkt_type == PACKET_MULTICAST || 1043 skb->pkt_type == PACKET_BROADCAST) 1044 dropped = igmp_heard_report(in_dev, ih->group); 1045 break; 1046 case IGMP_PIM: 1047 #ifdef CONFIG_IP_PIMSM_V1 1048 return pim_rcv_v1(skb); 1049 #endif 1050 case IGMPV3_HOST_MEMBERSHIP_REPORT: 1051 case IGMP_DVMRP: 1052 case IGMP_TRACE: 1053 case IGMP_HOST_LEAVE_MESSAGE: 1054 case IGMP_MTRACE: 1055 case IGMP_MTRACE_RESP: 1056 break; 1057 default: 1058 break; 1059 } 1060 1061 drop: 1062 if (dropped) 1063 kfree_skb(skb); 1064 else 1065 consume_skb(skb); 1066 return 0; 1067 } 1068 1069 #endif 1070 1071 1072 /* 1073 * Add a filter to a device 1074 */ 1075 1076 static void ip_mc_filter_add(struct in_device *in_dev, __be32 addr) 1077 { 1078 char buf[MAX_ADDR_LEN]; 1079 struct net_device *dev = in_dev->dev; 1080 1081 /* Checking for IFF_MULTICAST here is WRONG-WRONG-WRONG. 1082 We will get multicast token leakage, when IFF_MULTICAST 1083 is changed. This check should be done in ndo_set_rx_mode 1084 routine. Something sort of: 1085 if (dev->mc_list && dev->flags&IFF_MULTICAST) { do it; } 1086 --ANK 1087 */ 1088 if (arp_mc_map(addr, buf, dev, 0) == 0) 1089 dev_mc_add(dev, buf); 1090 } 1091 1092 /* 1093 * Remove a filter from a device 1094 */ 1095 1096 static void ip_mc_filter_del(struct in_device *in_dev, __be32 addr) 1097 { 1098 char buf[MAX_ADDR_LEN]; 1099 struct net_device *dev = in_dev->dev; 1100 1101 if (arp_mc_map(addr, buf, dev, 0) == 0) 1102 dev_mc_del(dev, buf); 1103 } 1104 1105 #ifdef CONFIG_IP_MULTICAST 1106 /* 1107 * deleted ip_mc_list manipulation 1108 */ 1109 static void igmpv3_add_delrec(struct in_device *in_dev, struct ip_mc_list *im) 1110 { 1111 struct ip_mc_list *pmc; 1112 struct net *net = dev_net(in_dev->dev); 1113 1114 /* this is an "ip_mc_list" for convenience; only the fields below 1115 * are actually used. In particular, the refcnt and users are not 1116 * used for management of the delete list. Using the same structure 1117 * for deleted items allows change reports to use common code with 1118 * non-deleted or query-response MCA's. 1119 */ 1120 pmc = kzalloc(sizeof(*pmc), GFP_KERNEL); 1121 if (!pmc) 1122 return; 1123 spin_lock_init(&pmc->lock); 1124 spin_lock_bh(&im->lock); 1125 pmc->interface = im->interface; 1126 in_dev_hold(in_dev); 1127 pmc->multiaddr = im->multiaddr; 1128 pmc->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1129 pmc->sfmode = im->sfmode; 1130 if (pmc->sfmode == MCAST_INCLUDE) { 1131 struct ip_sf_list *psf; 1132 1133 pmc->tomb = im->tomb; 1134 pmc->sources = im->sources; 1135 im->tomb = im->sources = NULL; 1136 for (psf = pmc->sources; psf; psf = psf->sf_next) 1137 psf->sf_crcount = pmc->crcount; 1138 } 1139 spin_unlock_bh(&im->lock); 1140 1141 spin_lock_bh(&in_dev->mc_tomb_lock); 1142 pmc->next = in_dev->mc_tomb; 1143 in_dev->mc_tomb = pmc; 1144 spin_unlock_bh(&in_dev->mc_tomb_lock); 1145 } 1146 1147 /* 1148 * restore ip_mc_list deleted records 1149 */ 1150 static void igmpv3_del_delrec(struct in_device *in_dev, struct ip_mc_list *im) 1151 { 1152 struct ip_mc_list *pmc, *pmc_prev; 1153 struct ip_sf_list *psf; 1154 struct net *net = dev_net(in_dev->dev); 1155 __be32 multiaddr = im->multiaddr; 1156 1157 spin_lock_bh(&in_dev->mc_tomb_lock); 1158 pmc_prev = NULL; 1159 for (pmc = in_dev->mc_tomb; pmc; pmc = pmc->next) { 1160 if (pmc->multiaddr == multiaddr) 1161 break; 1162 pmc_prev = pmc; 1163 } 1164 if (pmc) { 1165 if (pmc_prev) 1166 pmc_prev->next = pmc->next; 1167 else 1168 in_dev->mc_tomb = pmc->next; 1169 } 1170 spin_unlock_bh(&in_dev->mc_tomb_lock); 1171 1172 spin_lock_bh(&im->lock); 1173 if (pmc) { 1174 im->interface = pmc->interface; 1175 im->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1176 im->sfmode = pmc->sfmode; 1177 if (pmc->sfmode == MCAST_INCLUDE) { 1178 im->tomb = pmc->tomb; 1179 im->sources = pmc->sources; 1180 for (psf = im->sources; psf; psf = psf->sf_next) 1181 psf->sf_crcount = im->crcount; 1182 } 1183 in_dev_put(pmc->interface); 1184 kfree(pmc); 1185 } 1186 spin_unlock_bh(&im->lock); 1187 } 1188 1189 /* 1190 * flush ip_mc_list deleted records 1191 */ 1192 static void igmpv3_clear_delrec(struct in_device *in_dev) 1193 { 1194 struct ip_mc_list *pmc, *nextpmc; 1195 1196 spin_lock_bh(&in_dev->mc_tomb_lock); 1197 pmc = in_dev->mc_tomb; 1198 in_dev->mc_tomb = NULL; 1199 spin_unlock_bh(&in_dev->mc_tomb_lock); 1200 1201 for (; pmc; pmc = nextpmc) { 1202 nextpmc = pmc->next; 1203 ip_mc_clear_src(pmc); 1204 in_dev_put(pmc->interface); 1205 kfree(pmc); 1206 } 1207 /* clear dead sources, too */ 1208 rcu_read_lock(); 1209 for_each_pmc_rcu(in_dev, pmc) { 1210 struct ip_sf_list *psf, *psf_next; 1211 1212 spin_lock_bh(&pmc->lock); 1213 psf = pmc->tomb; 1214 pmc->tomb = NULL; 1215 spin_unlock_bh(&pmc->lock); 1216 for (; psf; psf = psf_next) { 1217 psf_next = psf->sf_next; 1218 kfree(psf); 1219 } 1220 } 1221 rcu_read_unlock(); 1222 } 1223 #endif 1224 1225 static void igmp_group_dropped(struct ip_mc_list *im) 1226 { 1227 struct in_device *in_dev = im->interface; 1228 #ifdef CONFIG_IP_MULTICAST 1229 struct net *net = dev_net(in_dev->dev); 1230 int reporter; 1231 #endif 1232 1233 if (im->loaded) { 1234 im->loaded = 0; 1235 ip_mc_filter_del(in_dev, im->multiaddr); 1236 } 1237 1238 #ifdef CONFIG_IP_MULTICAST 1239 if (im->multiaddr == IGMP_ALL_HOSTS) 1240 return; 1241 if (ipv4_is_local_multicast(im->multiaddr) && !net->ipv4.sysctl_igmp_llm_reports) 1242 return; 1243 1244 reporter = im->reporter; 1245 igmp_stop_timer(im); 1246 1247 if (!in_dev->dead) { 1248 if (IGMP_V1_SEEN(in_dev)) 1249 return; 1250 if (IGMP_V2_SEEN(in_dev)) { 1251 if (reporter) 1252 igmp_send_report(in_dev, im, IGMP_HOST_LEAVE_MESSAGE); 1253 return; 1254 } 1255 /* IGMPv3 */ 1256 igmpv3_add_delrec(in_dev, im); 1257 1258 igmp_ifc_event(in_dev); 1259 } 1260 #endif 1261 } 1262 1263 static void igmp_group_added(struct ip_mc_list *im) 1264 { 1265 struct in_device *in_dev = im->interface; 1266 #ifdef CONFIG_IP_MULTICAST 1267 struct net *net = dev_net(in_dev->dev); 1268 #endif 1269 1270 if (im->loaded == 0) { 1271 im->loaded = 1; 1272 ip_mc_filter_add(in_dev, im->multiaddr); 1273 } 1274 1275 #ifdef CONFIG_IP_MULTICAST 1276 if (im->multiaddr == IGMP_ALL_HOSTS) 1277 return; 1278 if (ipv4_is_local_multicast(im->multiaddr) && !net->ipv4.sysctl_igmp_llm_reports) 1279 return; 1280 1281 if (in_dev->dead) 1282 return; 1283 if (IGMP_V1_SEEN(in_dev) || IGMP_V2_SEEN(in_dev)) { 1284 spin_lock_bh(&im->lock); 1285 igmp_start_timer(im, IGMP_INITIAL_REPORT_DELAY); 1286 spin_unlock_bh(&im->lock); 1287 return; 1288 } 1289 /* else, v3 */ 1290 1291 im->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1292 igmp_ifc_event(in_dev); 1293 #endif 1294 } 1295 1296 1297 /* 1298 * Multicast list managers 1299 */ 1300 1301 static u32 ip_mc_hash(const struct ip_mc_list *im) 1302 { 1303 return hash_32((__force u32)im->multiaddr, MC_HASH_SZ_LOG); 1304 } 1305 1306 static void ip_mc_hash_add(struct in_device *in_dev, 1307 struct ip_mc_list *im) 1308 { 1309 struct ip_mc_list __rcu **mc_hash; 1310 u32 hash; 1311 1312 mc_hash = rtnl_dereference(in_dev->mc_hash); 1313 if (mc_hash) { 1314 hash = ip_mc_hash(im); 1315 im->next_hash = mc_hash[hash]; 1316 rcu_assign_pointer(mc_hash[hash], im); 1317 return; 1318 } 1319 1320 /* do not use a hash table for small number of items */ 1321 if (in_dev->mc_count < 4) 1322 return; 1323 1324 mc_hash = kzalloc(sizeof(struct ip_mc_list *) << MC_HASH_SZ_LOG, 1325 GFP_KERNEL); 1326 if (!mc_hash) 1327 return; 1328 1329 for_each_pmc_rtnl(in_dev, im) { 1330 hash = ip_mc_hash(im); 1331 im->next_hash = mc_hash[hash]; 1332 RCU_INIT_POINTER(mc_hash[hash], im); 1333 } 1334 1335 rcu_assign_pointer(in_dev->mc_hash, mc_hash); 1336 } 1337 1338 static void ip_mc_hash_remove(struct in_device *in_dev, 1339 struct ip_mc_list *im) 1340 { 1341 struct ip_mc_list __rcu **mc_hash = rtnl_dereference(in_dev->mc_hash); 1342 struct ip_mc_list *aux; 1343 1344 if (!mc_hash) 1345 return; 1346 mc_hash += ip_mc_hash(im); 1347 while ((aux = rtnl_dereference(*mc_hash)) != im) 1348 mc_hash = &aux->next_hash; 1349 *mc_hash = im->next_hash; 1350 } 1351 1352 1353 /* 1354 * A socket has joined a multicast group on device dev. 1355 */ 1356 1357 void ip_mc_inc_group(struct in_device *in_dev, __be32 addr) 1358 { 1359 struct ip_mc_list *im; 1360 #ifdef CONFIG_IP_MULTICAST 1361 struct net *net = dev_net(in_dev->dev); 1362 #endif 1363 1364 ASSERT_RTNL(); 1365 1366 for_each_pmc_rtnl(in_dev, im) { 1367 if (im->multiaddr == addr) { 1368 im->users++; 1369 ip_mc_add_src(in_dev, &addr, MCAST_EXCLUDE, 0, NULL, 0); 1370 goto out; 1371 } 1372 } 1373 1374 im = kzalloc(sizeof(*im), GFP_KERNEL); 1375 if (!im) 1376 goto out; 1377 1378 im->users = 1; 1379 im->interface = in_dev; 1380 in_dev_hold(in_dev); 1381 im->multiaddr = addr; 1382 /* initial mode is (EX, empty) */ 1383 im->sfmode = MCAST_EXCLUDE; 1384 im->sfcount[MCAST_EXCLUDE] = 1; 1385 refcount_set(&im->refcnt, 1); 1386 spin_lock_init(&im->lock); 1387 #ifdef CONFIG_IP_MULTICAST 1388 setup_timer(&im->timer, igmp_timer_expire, (unsigned long)im); 1389 im->unsolicit_count = net->ipv4.sysctl_igmp_qrv; 1390 #endif 1391 1392 im->next_rcu = in_dev->mc_list; 1393 in_dev->mc_count++; 1394 rcu_assign_pointer(in_dev->mc_list, im); 1395 1396 ip_mc_hash_add(in_dev, im); 1397 1398 #ifdef CONFIG_IP_MULTICAST 1399 igmpv3_del_delrec(in_dev, im); 1400 #endif 1401 igmp_group_added(im); 1402 if (!in_dev->dead) 1403 ip_rt_multicast_event(in_dev); 1404 out: 1405 return; 1406 } 1407 EXPORT_SYMBOL(ip_mc_inc_group); 1408 1409 static int ip_mc_check_iphdr(struct sk_buff *skb) 1410 { 1411 const struct iphdr *iph; 1412 unsigned int len; 1413 unsigned int offset = skb_network_offset(skb) + sizeof(*iph); 1414 1415 if (!pskb_may_pull(skb, offset)) 1416 return -EINVAL; 1417 1418 iph = ip_hdr(skb); 1419 1420 if (iph->version != 4 || ip_hdrlen(skb) < sizeof(*iph)) 1421 return -EINVAL; 1422 1423 offset += ip_hdrlen(skb) - sizeof(*iph); 1424 1425 if (!pskb_may_pull(skb, offset)) 1426 return -EINVAL; 1427 1428 iph = ip_hdr(skb); 1429 1430 if (unlikely(ip_fast_csum((u8 *)iph, iph->ihl))) 1431 return -EINVAL; 1432 1433 len = skb_network_offset(skb) + ntohs(iph->tot_len); 1434 if (skb->len < len || len < offset) 1435 return -EINVAL; 1436 1437 skb_set_transport_header(skb, offset); 1438 1439 return 0; 1440 } 1441 1442 static int ip_mc_check_igmp_reportv3(struct sk_buff *skb) 1443 { 1444 unsigned int len = skb_transport_offset(skb); 1445 1446 len += sizeof(struct igmpv3_report); 1447 1448 return pskb_may_pull(skb, len) ? 0 : -EINVAL; 1449 } 1450 1451 static int ip_mc_check_igmp_query(struct sk_buff *skb) 1452 { 1453 unsigned int len = skb_transport_offset(skb); 1454 1455 len += sizeof(struct igmphdr); 1456 if (skb->len < len) 1457 return -EINVAL; 1458 1459 /* IGMPv{1,2}? */ 1460 if (skb->len != len) { 1461 /* or IGMPv3? */ 1462 len += sizeof(struct igmpv3_query) - sizeof(struct igmphdr); 1463 if (skb->len < len || !pskb_may_pull(skb, len)) 1464 return -EINVAL; 1465 } 1466 1467 /* RFC2236+RFC3376 (IGMPv2+IGMPv3) require the multicast link layer 1468 * all-systems destination addresses (224.0.0.1) for general queries 1469 */ 1470 if (!igmp_hdr(skb)->group && 1471 ip_hdr(skb)->daddr != htonl(INADDR_ALLHOSTS_GROUP)) 1472 return -EINVAL; 1473 1474 return 0; 1475 } 1476 1477 static int ip_mc_check_igmp_msg(struct sk_buff *skb) 1478 { 1479 switch (igmp_hdr(skb)->type) { 1480 case IGMP_HOST_LEAVE_MESSAGE: 1481 case IGMP_HOST_MEMBERSHIP_REPORT: 1482 case IGMPV2_HOST_MEMBERSHIP_REPORT: 1483 /* fall through */ 1484 return 0; 1485 case IGMPV3_HOST_MEMBERSHIP_REPORT: 1486 return ip_mc_check_igmp_reportv3(skb); 1487 case IGMP_HOST_MEMBERSHIP_QUERY: 1488 return ip_mc_check_igmp_query(skb); 1489 default: 1490 return -ENOMSG; 1491 } 1492 } 1493 1494 static inline __sum16 ip_mc_validate_checksum(struct sk_buff *skb) 1495 { 1496 return skb_checksum_simple_validate(skb); 1497 } 1498 1499 static int __ip_mc_check_igmp(struct sk_buff *skb, struct sk_buff **skb_trimmed) 1500 1501 { 1502 struct sk_buff *skb_chk; 1503 unsigned int transport_len; 1504 unsigned int len = skb_transport_offset(skb) + sizeof(struct igmphdr); 1505 int ret = -EINVAL; 1506 1507 transport_len = ntohs(ip_hdr(skb)->tot_len) - ip_hdrlen(skb); 1508 1509 skb_chk = skb_checksum_trimmed(skb, transport_len, 1510 ip_mc_validate_checksum); 1511 if (!skb_chk) 1512 goto err; 1513 1514 if (!pskb_may_pull(skb_chk, len)) 1515 goto err; 1516 1517 ret = ip_mc_check_igmp_msg(skb_chk); 1518 if (ret) 1519 goto err; 1520 1521 if (skb_trimmed) 1522 *skb_trimmed = skb_chk; 1523 /* free now unneeded clone */ 1524 else if (skb_chk != skb) 1525 kfree_skb(skb_chk); 1526 1527 ret = 0; 1528 1529 err: 1530 if (ret && skb_chk && skb_chk != skb) 1531 kfree_skb(skb_chk); 1532 1533 return ret; 1534 } 1535 1536 /** 1537 * ip_mc_check_igmp - checks whether this is a sane IGMP packet 1538 * @skb: the skb to validate 1539 * @skb_trimmed: to store an skb pointer trimmed to IPv4 packet tail (optional) 1540 * 1541 * Checks whether an IPv4 packet is a valid IGMP packet. If so sets 1542 * skb transport header accordingly and returns zero. 1543 * 1544 * -EINVAL: A broken packet was detected, i.e. it violates some internet 1545 * standard 1546 * -ENOMSG: IP header validation succeeded but it is not an IGMP packet. 1547 * -ENOMEM: A memory allocation failure happened. 1548 * 1549 * Optionally, an skb pointer might be provided via skb_trimmed (or set it 1550 * to NULL): After parsing an IGMP packet successfully it will point to 1551 * an skb which has its tail aligned to the IP packet end. This might 1552 * either be the originally provided skb or a trimmed, cloned version if 1553 * the skb frame had data beyond the IP packet. A cloned skb allows us 1554 * to leave the original skb and its full frame unchanged (which might be 1555 * desirable for layer 2 frame jugglers). 1556 * 1557 * Caller needs to set the skb network header and free any returned skb if it 1558 * differs from the provided skb. 1559 */ 1560 int ip_mc_check_igmp(struct sk_buff *skb, struct sk_buff **skb_trimmed) 1561 { 1562 int ret = ip_mc_check_iphdr(skb); 1563 1564 if (ret < 0) 1565 return ret; 1566 1567 if (ip_hdr(skb)->protocol != IPPROTO_IGMP) 1568 return -ENOMSG; 1569 1570 return __ip_mc_check_igmp(skb, skb_trimmed); 1571 } 1572 EXPORT_SYMBOL(ip_mc_check_igmp); 1573 1574 /* 1575 * Resend IGMP JOIN report; used by netdev notifier. 1576 */ 1577 static void ip_mc_rejoin_groups(struct in_device *in_dev) 1578 { 1579 #ifdef CONFIG_IP_MULTICAST 1580 struct ip_mc_list *im; 1581 int type; 1582 struct net *net = dev_net(in_dev->dev); 1583 1584 ASSERT_RTNL(); 1585 1586 for_each_pmc_rtnl(in_dev, im) { 1587 if (im->multiaddr == IGMP_ALL_HOSTS) 1588 continue; 1589 if (ipv4_is_local_multicast(im->multiaddr) && 1590 !net->ipv4.sysctl_igmp_llm_reports) 1591 continue; 1592 1593 /* a failover is happening and switches 1594 * must be notified immediately 1595 */ 1596 if (IGMP_V1_SEEN(in_dev)) 1597 type = IGMP_HOST_MEMBERSHIP_REPORT; 1598 else if (IGMP_V2_SEEN(in_dev)) 1599 type = IGMPV2_HOST_MEMBERSHIP_REPORT; 1600 else 1601 type = IGMPV3_HOST_MEMBERSHIP_REPORT; 1602 igmp_send_report(in_dev, im, type); 1603 } 1604 #endif 1605 } 1606 1607 /* 1608 * A socket has left a multicast group on device dev 1609 */ 1610 1611 void ip_mc_dec_group(struct in_device *in_dev, __be32 addr) 1612 { 1613 struct ip_mc_list *i; 1614 struct ip_mc_list __rcu **ip; 1615 1616 ASSERT_RTNL(); 1617 1618 for (ip = &in_dev->mc_list; 1619 (i = rtnl_dereference(*ip)) != NULL; 1620 ip = &i->next_rcu) { 1621 if (i->multiaddr == addr) { 1622 if (--i->users == 0) { 1623 ip_mc_hash_remove(in_dev, i); 1624 *ip = i->next_rcu; 1625 in_dev->mc_count--; 1626 igmp_group_dropped(i); 1627 ip_mc_clear_src(i); 1628 1629 if (!in_dev->dead) 1630 ip_rt_multicast_event(in_dev); 1631 1632 ip_ma_put(i); 1633 return; 1634 } 1635 break; 1636 } 1637 } 1638 } 1639 EXPORT_SYMBOL(ip_mc_dec_group); 1640 1641 /* Device changing type */ 1642 1643 void ip_mc_unmap(struct in_device *in_dev) 1644 { 1645 struct ip_mc_list *pmc; 1646 1647 ASSERT_RTNL(); 1648 1649 for_each_pmc_rtnl(in_dev, pmc) 1650 igmp_group_dropped(pmc); 1651 } 1652 1653 void ip_mc_remap(struct in_device *in_dev) 1654 { 1655 struct ip_mc_list *pmc; 1656 1657 ASSERT_RTNL(); 1658 1659 for_each_pmc_rtnl(in_dev, pmc) { 1660 #ifdef CONFIG_IP_MULTICAST 1661 igmpv3_del_delrec(in_dev, pmc); 1662 #endif 1663 igmp_group_added(pmc); 1664 } 1665 } 1666 1667 /* Device going down */ 1668 1669 void ip_mc_down(struct in_device *in_dev) 1670 { 1671 struct ip_mc_list *pmc; 1672 1673 ASSERT_RTNL(); 1674 1675 for_each_pmc_rtnl(in_dev, pmc) 1676 igmp_group_dropped(pmc); 1677 1678 #ifdef CONFIG_IP_MULTICAST 1679 in_dev->mr_ifc_count = 0; 1680 if (del_timer(&in_dev->mr_ifc_timer)) 1681 __in_dev_put(in_dev); 1682 in_dev->mr_gq_running = 0; 1683 if (del_timer(&in_dev->mr_gq_timer)) 1684 __in_dev_put(in_dev); 1685 #endif 1686 1687 ip_mc_dec_group(in_dev, IGMP_ALL_HOSTS); 1688 } 1689 1690 void ip_mc_init_dev(struct in_device *in_dev) 1691 { 1692 #ifdef CONFIG_IP_MULTICAST 1693 struct net *net = dev_net(in_dev->dev); 1694 #endif 1695 ASSERT_RTNL(); 1696 1697 #ifdef CONFIG_IP_MULTICAST 1698 setup_timer(&in_dev->mr_gq_timer, igmp_gq_timer_expire, 1699 (unsigned long)in_dev); 1700 setup_timer(&in_dev->mr_ifc_timer, igmp_ifc_timer_expire, 1701 (unsigned long)in_dev); 1702 in_dev->mr_qrv = net->ipv4.sysctl_igmp_qrv; 1703 #endif 1704 1705 spin_lock_init(&in_dev->mc_tomb_lock); 1706 } 1707 1708 /* Device going up */ 1709 1710 void ip_mc_up(struct in_device *in_dev) 1711 { 1712 struct ip_mc_list *pmc; 1713 #ifdef CONFIG_IP_MULTICAST 1714 struct net *net = dev_net(in_dev->dev); 1715 #endif 1716 1717 ASSERT_RTNL(); 1718 1719 #ifdef CONFIG_IP_MULTICAST 1720 in_dev->mr_qrv = net->ipv4.sysctl_igmp_qrv; 1721 #endif 1722 ip_mc_inc_group(in_dev, IGMP_ALL_HOSTS); 1723 1724 for_each_pmc_rtnl(in_dev, pmc) { 1725 #ifdef CONFIG_IP_MULTICAST 1726 igmpv3_del_delrec(in_dev, pmc); 1727 #endif 1728 igmp_group_added(pmc); 1729 } 1730 } 1731 1732 /* 1733 * Device is about to be destroyed: clean up. 1734 */ 1735 1736 void ip_mc_destroy_dev(struct in_device *in_dev) 1737 { 1738 struct ip_mc_list *i; 1739 1740 ASSERT_RTNL(); 1741 1742 /* Deactivate timers */ 1743 ip_mc_down(in_dev); 1744 #ifdef CONFIG_IP_MULTICAST 1745 igmpv3_clear_delrec(in_dev); 1746 #endif 1747 1748 while ((i = rtnl_dereference(in_dev->mc_list)) != NULL) { 1749 in_dev->mc_list = i->next_rcu; 1750 in_dev->mc_count--; 1751 ip_ma_put(i); 1752 } 1753 } 1754 1755 /* RTNL is locked */ 1756 static struct in_device *ip_mc_find_dev(struct net *net, struct ip_mreqn *imr) 1757 { 1758 struct net_device *dev = NULL; 1759 struct in_device *idev = NULL; 1760 1761 if (imr->imr_ifindex) { 1762 idev = inetdev_by_index(net, imr->imr_ifindex); 1763 return idev; 1764 } 1765 if (imr->imr_address.s_addr) { 1766 dev = __ip_dev_find(net, imr->imr_address.s_addr, false); 1767 if (!dev) 1768 return NULL; 1769 } 1770 1771 if (!dev) { 1772 struct rtable *rt = ip_route_output(net, 1773 imr->imr_multiaddr.s_addr, 1774 0, 0, 0); 1775 if (!IS_ERR(rt)) { 1776 dev = rt->dst.dev; 1777 ip_rt_put(rt); 1778 } 1779 } 1780 if (dev) { 1781 imr->imr_ifindex = dev->ifindex; 1782 idev = __in_dev_get_rtnl(dev); 1783 } 1784 return idev; 1785 } 1786 1787 /* 1788 * Join a socket to a group 1789 */ 1790 1791 static int ip_mc_del1_src(struct ip_mc_list *pmc, int sfmode, 1792 __be32 *psfsrc) 1793 { 1794 struct ip_sf_list *psf, *psf_prev; 1795 int rv = 0; 1796 1797 psf_prev = NULL; 1798 for (psf = pmc->sources; psf; psf = psf->sf_next) { 1799 if (psf->sf_inaddr == *psfsrc) 1800 break; 1801 psf_prev = psf; 1802 } 1803 if (!psf || psf->sf_count[sfmode] == 0) { 1804 /* source filter not found, or count wrong => bug */ 1805 return -ESRCH; 1806 } 1807 psf->sf_count[sfmode]--; 1808 if (psf->sf_count[sfmode] == 0) { 1809 ip_rt_multicast_event(pmc->interface); 1810 } 1811 if (!psf->sf_count[MCAST_INCLUDE] && !psf->sf_count[MCAST_EXCLUDE]) { 1812 #ifdef CONFIG_IP_MULTICAST 1813 struct in_device *in_dev = pmc->interface; 1814 struct net *net = dev_net(in_dev->dev); 1815 #endif 1816 1817 /* no more filters for this source */ 1818 if (psf_prev) 1819 psf_prev->sf_next = psf->sf_next; 1820 else 1821 pmc->sources = psf->sf_next; 1822 #ifdef CONFIG_IP_MULTICAST 1823 if (psf->sf_oldin && 1824 !IGMP_V1_SEEN(in_dev) && !IGMP_V2_SEEN(in_dev)) { 1825 psf->sf_crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1826 psf->sf_next = pmc->tomb; 1827 pmc->tomb = psf; 1828 rv = 1; 1829 } else 1830 #endif 1831 kfree(psf); 1832 } 1833 return rv; 1834 } 1835 1836 #ifndef CONFIG_IP_MULTICAST 1837 #define igmp_ifc_event(x) do { } while (0) 1838 #endif 1839 1840 static int ip_mc_del_src(struct in_device *in_dev, __be32 *pmca, int sfmode, 1841 int sfcount, __be32 *psfsrc, int delta) 1842 { 1843 struct ip_mc_list *pmc; 1844 int changerec = 0; 1845 int i, err; 1846 1847 if (!in_dev) 1848 return -ENODEV; 1849 rcu_read_lock(); 1850 for_each_pmc_rcu(in_dev, pmc) { 1851 if (*pmca == pmc->multiaddr) 1852 break; 1853 } 1854 if (!pmc) { 1855 /* MCA not found?? bug */ 1856 rcu_read_unlock(); 1857 return -ESRCH; 1858 } 1859 spin_lock_bh(&pmc->lock); 1860 rcu_read_unlock(); 1861 #ifdef CONFIG_IP_MULTICAST 1862 sf_markstate(pmc); 1863 #endif 1864 if (!delta) { 1865 err = -EINVAL; 1866 if (!pmc->sfcount[sfmode]) 1867 goto out_unlock; 1868 pmc->sfcount[sfmode]--; 1869 } 1870 err = 0; 1871 for (i = 0; i < sfcount; i++) { 1872 int rv = ip_mc_del1_src(pmc, sfmode, &psfsrc[i]); 1873 1874 changerec |= rv > 0; 1875 if (!err && rv < 0) 1876 err = rv; 1877 } 1878 if (pmc->sfmode == MCAST_EXCLUDE && 1879 pmc->sfcount[MCAST_EXCLUDE] == 0 && 1880 pmc->sfcount[MCAST_INCLUDE]) { 1881 #ifdef CONFIG_IP_MULTICAST 1882 struct ip_sf_list *psf; 1883 struct net *net = dev_net(in_dev->dev); 1884 #endif 1885 1886 /* filter mode change */ 1887 pmc->sfmode = MCAST_INCLUDE; 1888 #ifdef CONFIG_IP_MULTICAST 1889 pmc->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1890 in_dev->mr_ifc_count = pmc->crcount; 1891 for (psf = pmc->sources; psf; psf = psf->sf_next) 1892 psf->sf_crcount = 0; 1893 igmp_ifc_event(pmc->interface); 1894 } else if (sf_setstate(pmc) || changerec) { 1895 igmp_ifc_event(pmc->interface); 1896 #endif 1897 } 1898 out_unlock: 1899 spin_unlock_bh(&pmc->lock); 1900 return err; 1901 } 1902 1903 /* 1904 * Add multicast single-source filter to the interface list 1905 */ 1906 static int ip_mc_add1_src(struct ip_mc_list *pmc, int sfmode, 1907 __be32 *psfsrc) 1908 { 1909 struct ip_sf_list *psf, *psf_prev; 1910 1911 psf_prev = NULL; 1912 for (psf = pmc->sources; psf; psf = psf->sf_next) { 1913 if (psf->sf_inaddr == *psfsrc) 1914 break; 1915 psf_prev = psf; 1916 } 1917 if (!psf) { 1918 psf = kzalloc(sizeof(*psf), GFP_ATOMIC); 1919 if (!psf) 1920 return -ENOBUFS; 1921 psf->sf_inaddr = *psfsrc; 1922 if (psf_prev) { 1923 psf_prev->sf_next = psf; 1924 } else 1925 pmc->sources = psf; 1926 } 1927 psf->sf_count[sfmode]++; 1928 if (psf->sf_count[sfmode] == 1) { 1929 ip_rt_multicast_event(pmc->interface); 1930 } 1931 return 0; 1932 } 1933 1934 #ifdef CONFIG_IP_MULTICAST 1935 static void sf_markstate(struct ip_mc_list *pmc) 1936 { 1937 struct ip_sf_list *psf; 1938 int mca_xcount = pmc->sfcount[MCAST_EXCLUDE]; 1939 1940 for (psf = pmc->sources; psf; psf = psf->sf_next) 1941 if (pmc->sfcount[MCAST_EXCLUDE]) { 1942 psf->sf_oldin = mca_xcount == 1943 psf->sf_count[MCAST_EXCLUDE] && 1944 !psf->sf_count[MCAST_INCLUDE]; 1945 } else 1946 psf->sf_oldin = psf->sf_count[MCAST_INCLUDE] != 0; 1947 } 1948 1949 static int sf_setstate(struct ip_mc_list *pmc) 1950 { 1951 struct ip_sf_list *psf, *dpsf; 1952 int mca_xcount = pmc->sfcount[MCAST_EXCLUDE]; 1953 int qrv = pmc->interface->mr_qrv; 1954 int new_in, rv; 1955 1956 rv = 0; 1957 for (psf = pmc->sources; psf; psf = psf->sf_next) { 1958 if (pmc->sfcount[MCAST_EXCLUDE]) { 1959 new_in = mca_xcount == psf->sf_count[MCAST_EXCLUDE] && 1960 !psf->sf_count[MCAST_INCLUDE]; 1961 } else 1962 new_in = psf->sf_count[MCAST_INCLUDE] != 0; 1963 if (new_in) { 1964 if (!psf->sf_oldin) { 1965 struct ip_sf_list *prev = NULL; 1966 1967 for (dpsf = pmc->tomb; dpsf; dpsf = dpsf->sf_next) { 1968 if (dpsf->sf_inaddr == psf->sf_inaddr) 1969 break; 1970 prev = dpsf; 1971 } 1972 if (dpsf) { 1973 if (prev) 1974 prev->sf_next = dpsf->sf_next; 1975 else 1976 pmc->tomb = dpsf->sf_next; 1977 kfree(dpsf); 1978 } 1979 psf->sf_crcount = qrv; 1980 rv++; 1981 } 1982 } else if (psf->sf_oldin) { 1983 1984 psf->sf_crcount = 0; 1985 /* 1986 * add or update "delete" records if an active filter 1987 * is now inactive 1988 */ 1989 for (dpsf = pmc->tomb; dpsf; dpsf = dpsf->sf_next) 1990 if (dpsf->sf_inaddr == psf->sf_inaddr) 1991 break; 1992 if (!dpsf) { 1993 dpsf = kmalloc(sizeof(*dpsf), GFP_ATOMIC); 1994 if (!dpsf) 1995 continue; 1996 *dpsf = *psf; 1997 /* pmc->lock held by callers */ 1998 dpsf->sf_next = pmc->tomb; 1999 pmc->tomb = dpsf; 2000 } 2001 dpsf->sf_crcount = qrv; 2002 rv++; 2003 } 2004 } 2005 return rv; 2006 } 2007 #endif 2008 2009 /* 2010 * Add multicast source filter list to the interface list 2011 */ 2012 static int ip_mc_add_src(struct in_device *in_dev, __be32 *pmca, int sfmode, 2013 int sfcount, __be32 *psfsrc, int delta) 2014 { 2015 struct ip_mc_list *pmc; 2016 int isexclude; 2017 int i, err; 2018 2019 if (!in_dev) 2020 return -ENODEV; 2021 rcu_read_lock(); 2022 for_each_pmc_rcu(in_dev, pmc) { 2023 if (*pmca == pmc->multiaddr) 2024 break; 2025 } 2026 if (!pmc) { 2027 /* MCA not found?? bug */ 2028 rcu_read_unlock(); 2029 return -ESRCH; 2030 } 2031 spin_lock_bh(&pmc->lock); 2032 rcu_read_unlock(); 2033 2034 #ifdef CONFIG_IP_MULTICAST 2035 sf_markstate(pmc); 2036 #endif 2037 isexclude = pmc->sfmode == MCAST_EXCLUDE; 2038 if (!delta) 2039 pmc->sfcount[sfmode]++; 2040 err = 0; 2041 for (i = 0; i < sfcount; i++) { 2042 err = ip_mc_add1_src(pmc, sfmode, &psfsrc[i]); 2043 if (err) 2044 break; 2045 } 2046 if (err) { 2047 int j; 2048 2049 if (!delta) 2050 pmc->sfcount[sfmode]--; 2051 for (j = 0; j < i; j++) 2052 (void) ip_mc_del1_src(pmc, sfmode, &psfsrc[j]); 2053 } else if (isexclude != (pmc->sfcount[MCAST_EXCLUDE] != 0)) { 2054 #ifdef CONFIG_IP_MULTICAST 2055 struct ip_sf_list *psf; 2056 struct net *net = dev_net(pmc->interface->dev); 2057 in_dev = pmc->interface; 2058 #endif 2059 2060 /* filter mode change */ 2061 if (pmc->sfcount[MCAST_EXCLUDE]) 2062 pmc->sfmode = MCAST_EXCLUDE; 2063 else if (pmc->sfcount[MCAST_INCLUDE]) 2064 pmc->sfmode = MCAST_INCLUDE; 2065 #ifdef CONFIG_IP_MULTICAST 2066 /* else no filters; keep old mode for reports */ 2067 2068 pmc->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 2069 in_dev->mr_ifc_count = pmc->crcount; 2070 for (psf = pmc->sources; psf; psf = psf->sf_next) 2071 psf->sf_crcount = 0; 2072 igmp_ifc_event(in_dev); 2073 } else if (sf_setstate(pmc)) { 2074 igmp_ifc_event(in_dev); 2075 #endif 2076 } 2077 spin_unlock_bh(&pmc->lock); 2078 return err; 2079 } 2080 2081 static void ip_mc_clear_src(struct ip_mc_list *pmc) 2082 { 2083 struct ip_sf_list *psf, *nextpsf, *tomb, *sources; 2084 2085 spin_lock_bh(&pmc->lock); 2086 tomb = pmc->tomb; 2087 pmc->tomb = NULL; 2088 sources = pmc->sources; 2089 pmc->sources = NULL; 2090 pmc->sfmode = MCAST_EXCLUDE; 2091 pmc->sfcount[MCAST_INCLUDE] = 0; 2092 pmc->sfcount[MCAST_EXCLUDE] = 1; 2093 spin_unlock_bh(&pmc->lock); 2094 2095 for (psf = tomb; psf; psf = nextpsf) { 2096 nextpsf = psf->sf_next; 2097 kfree(psf); 2098 } 2099 for (psf = sources; psf; psf = nextpsf) { 2100 nextpsf = psf->sf_next; 2101 kfree(psf); 2102 } 2103 } 2104 2105 /* Join a multicast group 2106 */ 2107 2108 int ip_mc_join_group(struct sock *sk, struct ip_mreqn *imr) 2109 { 2110 __be32 addr = imr->imr_multiaddr.s_addr; 2111 struct ip_mc_socklist *iml, *i; 2112 struct in_device *in_dev; 2113 struct inet_sock *inet = inet_sk(sk); 2114 struct net *net = sock_net(sk); 2115 int ifindex; 2116 int count = 0; 2117 int err; 2118 2119 ASSERT_RTNL(); 2120 2121 if (!ipv4_is_multicast(addr)) 2122 return -EINVAL; 2123 2124 in_dev = ip_mc_find_dev(net, imr); 2125 2126 if (!in_dev) { 2127 err = -ENODEV; 2128 goto done; 2129 } 2130 2131 err = -EADDRINUSE; 2132 ifindex = imr->imr_ifindex; 2133 for_each_pmc_rtnl(inet, i) { 2134 if (i->multi.imr_multiaddr.s_addr == addr && 2135 i->multi.imr_ifindex == ifindex) 2136 goto done; 2137 count++; 2138 } 2139 err = -ENOBUFS; 2140 if (count >= net->ipv4.sysctl_igmp_max_memberships) 2141 goto done; 2142 iml = sock_kmalloc(sk, sizeof(*iml), GFP_KERNEL); 2143 if (!iml) 2144 goto done; 2145 2146 memcpy(&iml->multi, imr, sizeof(*imr)); 2147 iml->next_rcu = inet->mc_list; 2148 iml->sflist = NULL; 2149 iml->sfmode = MCAST_EXCLUDE; 2150 rcu_assign_pointer(inet->mc_list, iml); 2151 ip_mc_inc_group(in_dev, addr); 2152 err = 0; 2153 done: 2154 return err; 2155 } 2156 EXPORT_SYMBOL(ip_mc_join_group); 2157 2158 static int ip_mc_leave_src(struct sock *sk, struct ip_mc_socklist *iml, 2159 struct in_device *in_dev) 2160 { 2161 struct ip_sf_socklist *psf = rtnl_dereference(iml->sflist); 2162 int err; 2163 2164 if (!psf) { 2165 /* any-source empty exclude case */ 2166 return ip_mc_del_src(in_dev, &iml->multi.imr_multiaddr.s_addr, 2167 iml->sfmode, 0, NULL, 0); 2168 } 2169 err = ip_mc_del_src(in_dev, &iml->multi.imr_multiaddr.s_addr, 2170 iml->sfmode, psf->sl_count, psf->sl_addr, 0); 2171 RCU_INIT_POINTER(iml->sflist, NULL); 2172 /* decrease mem now to avoid the memleak warning */ 2173 atomic_sub(IP_SFLSIZE(psf->sl_max), &sk->sk_omem_alloc); 2174 kfree_rcu(psf, rcu); 2175 return err; 2176 } 2177 2178 int ip_mc_leave_group(struct sock *sk, struct ip_mreqn *imr) 2179 { 2180 struct inet_sock *inet = inet_sk(sk); 2181 struct ip_mc_socklist *iml; 2182 struct ip_mc_socklist __rcu **imlp; 2183 struct in_device *in_dev; 2184 struct net *net = sock_net(sk); 2185 __be32 group = imr->imr_multiaddr.s_addr; 2186 u32 ifindex; 2187 int ret = -EADDRNOTAVAIL; 2188 2189 ASSERT_RTNL(); 2190 2191 in_dev = ip_mc_find_dev(net, imr); 2192 if (!imr->imr_ifindex && !imr->imr_address.s_addr && !in_dev) { 2193 ret = -ENODEV; 2194 goto out; 2195 } 2196 ifindex = imr->imr_ifindex; 2197 for (imlp = &inet->mc_list; 2198 (iml = rtnl_dereference(*imlp)) != NULL; 2199 imlp = &iml->next_rcu) { 2200 if (iml->multi.imr_multiaddr.s_addr != group) 2201 continue; 2202 if (ifindex) { 2203 if (iml->multi.imr_ifindex != ifindex) 2204 continue; 2205 } else if (imr->imr_address.s_addr && imr->imr_address.s_addr != 2206 iml->multi.imr_address.s_addr) 2207 continue; 2208 2209 (void) ip_mc_leave_src(sk, iml, in_dev); 2210 2211 *imlp = iml->next_rcu; 2212 2213 if (in_dev) 2214 ip_mc_dec_group(in_dev, group); 2215 2216 /* decrease mem now to avoid the memleak warning */ 2217 atomic_sub(sizeof(*iml), &sk->sk_omem_alloc); 2218 kfree_rcu(iml, rcu); 2219 return 0; 2220 } 2221 out: 2222 return ret; 2223 } 2224 EXPORT_SYMBOL(ip_mc_leave_group); 2225 2226 int ip_mc_source(int add, int omode, struct sock *sk, struct 2227 ip_mreq_source *mreqs, int ifindex) 2228 { 2229 int err; 2230 struct ip_mreqn imr; 2231 __be32 addr = mreqs->imr_multiaddr; 2232 struct ip_mc_socklist *pmc; 2233 struct in_device *in_dev = NULL; 2234 struct inet_sock *inet = inet_sk(sk); 2235 struct ip_sf_socklist *psl; 2236 struct net *net = sock_net(sk); 2237 int leavegroup = 0; 2238 int i, j, rv; 2239 2240 if (!ipv4_is_multicast(addr)) 2241 return -EINVAL; 2242 2243 ASSERT_RTNL(); 2244 2245 imr.imr_multiaddr.s_addr = mreqs->imr_multiaddr; 2246 imr.imr_address.s_addr = mreqs->imr_interface; 2247 imr.imr_ifindex = ifindex; 2248 in_dev = ip_mc_find_dev(net, &imr); 2249 2250 if (!in_dev) { 2251 err = -ENODEV; 2252 goto done; 2253 } 2254 err = -EADDRNOTAVAIL; 2255 2256 for_each_pmc_rtnl(inet, pmc) { 2257 if ((pmc->multi.imr_multiaddr.s_addr == 2258 imr.imr_multiaddr.s_addr) && 2259 (pmc->multi.imr_ifindex == imr.imr_ifindex)) 2260 break; 2261 } 2262 if (!pmc) { /* must have a prior join */ 2263 err = -EINVAL; 2264 goto done; 2265 } 2266 /* if a source filter was set, must be the same mode as before */ 2267 if (pmc->sflist) { 2268 if (pmc->sfmode != omode) { 2269 err = -EINVAL; 2270 goto done; 2271 } 2272 } else if (pmc->sfmode != omode) { 2273 /* allow mode switches for empty-set filters */ 2274 ip_mc_add_src(in_dev, &mreqs->imr_multiaddr, omode, 0, NULL, 0); 2275 ip_mc_del_src(in_dev, &mreqs->imr_multiaddr, pmc->sfmode, 0, 2276 NULL, 0); 2277 pmc->sfmode = omode; 2278 } 2279 2280 psl = rtnl_dereference(pmc->sflist); 2281 if (!add) { 2282 if (!psl) 2283 goto done; /* err = -EADDRNOTAVAIL */ 2284 rv = !0; 2285 for (i = 0; i < psl->sl_count; i++) { 2286 rv = memcmp(&psl->sl_addr[i], &mreqs->imr_sourceaddr, 2287 sizeof(__be32)); 2288 if (rv == 0) 2289 break; 2290 } 2291 if (rv) /* source not found */ 2292 goto done; /* err = -EADDRNOTAVAIL */ 2293 2294 /* special case - (INCLUDE, empty) == LEAVE_GROUP */ 2295 if (psl->sl_count == 1 && omode == MCAST_INCLUDE) { 2296 leavegroup = 1; 2297 goto done; 2298 } 2299 2300 /* update the interface filter */ 2301 ip_mc_del_src(in_dev, &mreqs->imr_multiaddr, omode, 1, 2302 &mreqs->imr_sourceaddr, 1); 2303 2304 for (j = i+1; j < psl->sl_count; j++) 2305 psl->sl_addr[j-1] = psl->sl_addr[j]; 2306 psl->sl_count--; 2307 err = 0; 2308 goto done; 2309 } 2310 /* else, add a new source to the filter */ 2311 2312 if (psl && psl->sl_count >= net->ipv4.sysctl_igmp_max_msf) { 2313 err = -ENOBUFS; 2314 goto done; 2315 } 2316 if (!psl || psl->sl_count == psl->sl_max) { 2317 struct ip_sf_socklist *newpsl; 2318 int count = IP_SFBLOCK; 2319 2320 if (psl) 2321 count += psl->sl_max; 2322 newpsl = sock_kmalloc(sk, IP_SFLSIZE(count), GFP_KERNEL); 2323 if (!newpsl) { 2324 err = -ENOBUFS; 2325 goto done; 2326 } 2327 newpsl->sl_max = count; 2328 newpsl->sl_count = count - IP_SFBLOCK; 2329 if (psl) { 2330 for (i = 0; i < psl->sl_count; i++) 2331 newpsl->sl_addr[i] = psl->sl_addr[i]; 2332 /* decrease mem now to avoid the memleak warning */ 2333 atomic_sub(IP_SFLSIZE(psl->sl_max), &sk->sk_omem_alloc); 2334 kfree_rcu(psl, rcu); 2335 } 2336 rcu_assign_pointer(pmc->sflist, newpsl); 2337 psl = newpsl; 2338 } 2339 rv = 1; /* > 0 for insert logic below if sl_count is 0 */ 2340 for (i = 0; i < psl->sl_count; i++) { 2341 rv = memcmp(&psl->sl_addr[i], &mreqs->imr_sourceaddr, 2342 sizeof(__be32)); 2343 if (rv == 0) 2344 break; 2345 } 2346 if (rv == 0) /* address already there is an error */ 2347 goto done; 2348 for (j = psl->sl_count-1; j >= i; j--) 2349 psl->sl_addr[j+1] = psl->sl_addr[j]; 2350 psl->sl_addr[i] = mreqs->imr_sourceaddr; 2351 psl->sl_count++; 2352 err = 0; 2353 /* update the interface list */ 2354 ip_mc_add_src(in_dev, &mreqs->imr_multiaddr, omode, 1, 2355 &mreqs->imr_sourceaddr, 1); 2356 done: 2357 if (leavegroup) 2358 err = ip_mc_leave_group(sk, &imr); 2359 return err; 2360 } 2361 2362 int ip_mc_msfilter(struct sock *sk, struct ip_msfilter *msf, int ifindex) 2363 { 2364 int err = 0; 2365 struct ip_mreqn imr; 2366 __be32 addr = msf->imsf_multiaddr; 2367 struct ip_mc_socklist *pmc; 2368 struct in_device *in_dev; 2369 struct inet_sock *inet = inet_sk(sk); 2370 struct ip_sf_socklist *newpsl, *psl; 2371 struct net *net = sock_net(sk); 2372 int leavegroup = 0; 2373 2374 if (!ipv4_is_multicast(addr)) 2375 return -EINVAL; 2376 if (msf->imsf_fmode != MCAST_INCLUDE && 2377 msf->imsf_fmode != MCAST_EXCLUDE) 2378 return -EINVAL; 2379 2380 ASSERT_RTNL(); 2381 2382 imr.imr_multiaddr.s_addr = msf->imsf_multiaddr; 2383 imr.imr_address.s_addr = msf->imsf_interface; 2384 imr.imr_ifindex = ifindex; 2385 in_dev = ip_mc_find_dev(net, &imr); 2386 2387 if (!in_dev) { 2388 err = -ENODEV; 2389 goto done; 2390 } 2391 2392 /* special case - (INCLUDE, empty) == LEAVE_GROUP */ 2393 if (msf->imsf_fmode == MCAST_INCLUDE && msf->imsf_numsrc == 0) { 2394 leavegroup = 1; 2395 goto done; 2396 } 2397 2398 for_each_pmc_rtnl(inet, pmc) { 2399 if (pmc->multi.imr_multiaddr.s_addr == msf->imsf_multiaddr && 2400 pmc->multi.imr_ifindex == imr.imr_ifindex) 2401 break; 2402 } 2403 if (!pmc) { /* must have a prior join */ 2404 err = -EINVAL; 2405 goto done; 2406 } 2407 if (msf->imsf_numsrc) { 2408 newpsl = sock_kmalloc(sk, IP_SFLSIZE(msf->imsf_numsrc), 2409 GFP_KERNEL); 2410 if (!newpsl) { 2411 err = -ENOBUFS; 2412 goto done; 2413 } 2414 newpsl->sl_max = newpsl->sl_count = msf->imsf_numsrc; 2415 memcpy(newpsl->sl_addr, msf->imsf_slist, 2416 msf->imsf_numsrc * sizeof(msf->imsf_slist[0])); 2417 err = ip_mc_add_src(in_dev, &msf->imsf_multiaddr, 2418 msf->imsf_fmode, newpsl->sl_count, newpsl->sl_addr, 0); 2419 if (err) { 2420 sock_kfree_s(sk, newpsl, IP_SFLSIZE(newpsl->sl_max)); 2421 goto done; 2422 } 2423 } else { 2424 newpsl = NULL; 2425 (void) ip_mc_add_src(in_dev, &msf->imsf_multiaddr, 2426 msf->imsf_fmode, 0, NULL, 0); 2427 } 2428 psl = rtnl_dereference(pmc->sflist); 2429 if (psl) { 2430 (void) ip_mc_del_src(in_dev, &msf->imsf_multiaddr, pmc->sfmode, 2431 psl->sl_count, psl->sl_addr, 0); 2432 /* decrease mem now to avoid the memleak warning */ 2433 atomic_sub(IP_SFLSIZE(psl->sl_max), &sk->sk_omem_alloc); 2434 kfree_rcu(psl, rcu); 2435 } else 2436 (void) ip_mc_del_src(in_dev, &msf->imsf_multiaddr, pmc->sfmode, 2437 0, NULL, 0); 2438 rcu_assign_pointer(pmc->sflist, newpsl); 2439 pmc->sfmode = msf->imsf_fmode; 2440 err = 0; 2441 done: 2442 if (leavegroup) 2443 err = ip_mc_leave_group(sk, &imr); 2444 return err; 2445 } 2446 2447 int ip_mc_msfget(struct sock *sk, struct ip_msfilter *msf, 2448 struct ip_msfilter __user *optval, int __user *optlen) 2449 { 2450 int err, len, count, copycount; 2451 struct ip_mreqn imr; 2452 __be32 addr = msf->imsf_multiaddr; 2453 struct ip_mc_socklist *pmc; 2454 struct in_device *in_dev; 2455 struct inet_sock *inet = inet_sk(sk); 2456 struct ip_sf_socklist *psl; 2457 struct net *net = sock_net(sk); 2458 2459 ASSERT_RTNL(); 2460 2461 if (!ipv4_is_multicast(addr)) 2462 return -EINVAL; 2463 2464 imr.imr_multiaddr.s_addr = msf->imsf_multiaddr; 2465 imr.imr_address.s_addr = msf->imsf_interface; 2466 imr.imr_ifindex = 0; 2467 in_dev = ip_mc_find_dev(net, &imr); 2468 2469 if (!in_dev) { 2470 err = -ENODEV; 2471 goto done; 2472 } 2473 err = -EADDRNOTAVAIL; 2474 2475 for_each_pmc_rtnl(inet, pmc) { 2476 if (pmc->multi.imr_multiaddr.s_addr == msf->imsf_multiaddr && 2477 pmc->multi.imr_ifindex == imr.imr_ifindex) 2478 break; 2479 } 2480 if (!pmc) /* must have a prior join */ 2481 goto done; 2482 msf->imsf_fmode = pmc->sfmode; 2483 psl = rtnl_dereference(pmc->sflist); 2484 if (!psl) { 2485 len = 0; 2486 count = 0; 2487 } else { 2488 count = psl->sl_count; 2489 } 2490 copycount = count < msf->imsf_numsrc ? count : msf->imsf_numsrc; 2491 len = copycount * sizeof(psl->sl_addr[0]); 2492 msf->imsf_numsrc = count; 2493 if (put_user(IP_MSFILTER_SIZE(copycount), optlen) || 2494 copy_to_user(optval, msf, IP_MSFILTER_SIZE(0))) { 2495 return -EFAULT; 2496 } 2497 if (len && 2498 copy_to_user(&optval->imsf_slist[0], psl->sl_addr, len)) 2499 return -EFAULT; 2500 return 0; 2501 done: 2502 return err; 2503 } 2504 2505 int ip_mc_gsfget(struct sock *sk, struct group_filter *gsf, 2506 struct group_filter __user *optval, int __user *optlen) 2507 { 2508 int err, i, count, copycount; 2509 struct sockaddr_in *psin; 2510 __be32 addr; 2511 struct ip_mc_socklist *pmc; 2512 struct inet_sock *inet = inet_sk(sk); 2513 struct ip_sf_socklist *psl; 2514 2515 ASSERT_RTNL(); 2516 2517 psin = (struct sockaddr_in *)&gsf->gf_group; 2518 if (psin->sin_family != AF_INET) 2519 return -EINVAL; 2520 addr = psin->sin_addr.s_addr; 2521 if (!ipv4_is_multicast(addr)) 2522 return -EINVAL; 2523 2524 err = -EADDRNOTAVAIL; 2525 2526 for_each_pmc_rtnl(inet, pmc) { 2527 if (pmc->multi.imr_multiaddr.s_addr == addr && 2528 pmc->multi.imr_ifindex == gsf->gf_interface) 2529 break; 2530 } 2531 if (!pmc) /* must have a prior join */ 2532 goto done; 2533 gsf->gf_fmode = pmc->sfmode; 2534 psl = rtnl_dereference(pmc->sflist); 2535 count = psl ? psl->sl_count : 0; 2536 copycount = count < gsf->gf_numsrc ? count : gsf->gf_numsrc; 2537 gsf->gf_numsrc = count; 2538 if (put_user(GROUP_FILTER_SIZE(copycount), optlen) || 2539 copy_to_user(optval, gsf, GROUP_FILTER_SIZE(0))) { 2540 return -EFAULT; 2541 } 2542 for (i = 0; i < copycount; i++) { 2543 struct sockaddr_storage ss; 2544 2545 psin = (struct sockaddr_in *)&ss; 2546 memset(&ss, 0, sizeof(ss)); 2547 psin->sin_family = AF_INET; 2548 psin->sin_addr.s_addr = psl->sl_addr[i]; 2549 if (copy_to_user(&optval->gf_slist[i], &ss, sizeof(ss))) 2550 return -EFAULT; 2551 } 2552 return 0; 2553 done: 2554 return err; 2555 } 2556 2557 /* 2558 * check if a multicast source filter allows delivery for a given <src,dst,intf> 2559 */ 2560 int ip_mc_sf_allow(struct sock *sk, __be32 loc_addr, __be32 rmt_addr, 2561 int dif, int sdif) 2562 { 2563 struct inet_sock *inet = inet_sk(sk); 2564 struct ip_mc_socklist *pmc; 2565 struct ip_sf_socklist *psl; 2566 int i; 2567 int ret; 2568 2569 ret = 1; 2570 if (!ipv4_is_multicast(loc_addr)) 2571 goto out; 2572 2573 rcu_read_lock(); 2574 for_each_pmc_rcu(inet, pmc) { 2575 if (pmc->multi.imr_multiaddr.s_addr == loc_addr && 2576 (pmc->multi.imr_ifindex == dif || 2577 (sdif && pmc->multi.imr_ifindex == sdif))) 2578 break; 2579 } 2580 ret = inet->mc_all; 2581 if (!pmc) 2582 goto unlock; 2583 psl = rcu_dereference(pmc->sflist); 2584 ret = (pmc->sfmode == MCAST_EXCLUDE); 2585 if (!psl) 2586 goto unlock; 2587 2588 for (i = 0; i < psl->sl_count; i++) { 2589 if (psl->sl_addr[i] == rmt_addr) 2590 break; 2591 } 2592 ret = 0; 2593 if (pmc->sfmode == MCAST_INCLUDE && i >= psl->sl_count) 2594 goto unlock; 2595 if (pmc->sfmode == MCAST_EXCLUDE && i < psl->sl_count) 2596 goto unlock; 2597 ret = 1; 2598 unlock: 2599 rcu_read_unlock(); 2600 out: 2601 return ret; 2602 } 2603 2604 /* 2605 * A socket is closing. 2606 */ 2607 2608 void ip_mc_drop_socket(struct sock *sk) 2609 { 2610 struct inet_sock *inet = inet_sk(sk); 2611 struct ip_mc_socklist *iml; 2612 struct net *net = sock_net(sk); 2613 2614 if (!inet->mc_list) 2615 return; 2616 2617 rtnl_lock(); 2618 while ((iml = rtnl_dereference(inet->mc_list)) != NULL) { 2619 struct in_device *in_dev; 2620 2621 inet->mc_list = iml->next_rcu; 2622 in_dev = inetdev_by_index(net, iml->multi.imr_ifindex); 2623 (void) ip_mc_leave_src(sk, iml, in_dev); 2624 if (in_dev) 2625 ip_mc_dec_group(in_dev, iml->multi.imr_multiaddr.s_addr); 2626 /* decrease mem now to avoid the memleak warning */ 2627 atomic_sub(sizeof(*iml), &sk->sk_omem_alloc); 2628 kfree_rcu(iml, rcu); 2629 } 2630 rtnl_unlock(); 2631 } 2632 2633 /* called with rcu_read_lock() */ 2634 int ip_check_mc_rcu(struct in_device *in_dev, __be32 mc_addr, __be32 src_addr, u8 proto) 2635 { 2636 struct ip_mc_list *im; 2637 struct ip_mc_list __rcu **mc_hash; 2638 struct ip_sf_list *psf; 2639 int rv = 0; 2640 2641 mc_hash = rcu_dereference(in_dev->mc_hash); 2642 if (mc_hash) { 2643 u32 hash = hash_32((__force u32)mc_addr, MC_HASH_SZ_LOG); 2644 2645 for (im = rcu_dereference(mc_hash[hash]); 2646 im != NULL; 2647 im = rcu_dereference(im->next_hash)) { 2648 if (im->multiaddr == mc_addr) 2649 break; 2650 } 2651 } else { 2652 for_each_pmc_rcu(in_dev, im) { 2653 if (im->multiaddr == mc_addr) 2654 break; 2655 } 2656 } 2657 if (im && proto == IPPROTO_IGMP) { 2658 rv = 1; 2659 } else if (im) { 2660 if (src_addr) { 2661 for (psf = im->sources; psf; psf = psf->sf_next) { 2662 if (psf->sf_inaddr == src_addr) 2663 break; 2664 } 2665 if (psf) 2666 rv = psf->sf_count[MCAST_INCLUDE] || 2667 psf->sf_count[MCAST_EXCLUDE] != 2668 im->sfcount[MCAST_EXCLUDE]; 2669 else 2670 rv = im->sfcount[MCAST_EXCLUDE] != 0; 2671 } else 2672 rv = 1; /* unspecified source; tentatively allow */ 2673 } 2674 return rv; 2675 } 2676 2677 #if defined(CONFIG_PROC_FS) 2678 struct igmp_mc_iter_state { 2679 struct seq_net_private p; 2680 struct net_device *dev; 2681 struct in_device *in_dev; 2682 }; 2683 2684 #define igmp_mc_seq_private(seq) ((struct igmp_mc_iter_state *)(seq)->private) 2685 2686 static inline struct ip_mc_list *igmp_mc_get_first(struct seq_file *seq) 2687 { 2688 struct net *net = seq_file_net(seq); 2689 struct ip_mc_list *im = NULL; 2690 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq); 2691 2692 state->in_dev = NULL; 2693 for_each_netdev_rcu(net, state->dev) { 2694 struct in_device *in_dev; 2695 2696 in_dev = __in_dev_get_rcu(state->dev); 2697 if (!in_dev) 2698 continue; 2699 im = rcu_dereference(in_dev->mc_list); 2700 if (im) { 2701 state->in_dev = in_dev; 2702 break; 2703 } 2704 } 2705 return im; 2706 } 2707 2708 static struct ip_mc_list *igmp_mc_get_next(struct seq_file *seq, struct ip_mc_list *im) 2709 { 2710 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq); 2711 2712 im = rcu_dereference(im->next_rcu); 2713 while (!im) { 2714 state->dev = next_net_device_rcu(state->dev); 2715 if (!state->dev) { 2716 state->in_dev = NULL; 2717 break; 2718 } 2719 state->in_dev = __in_dev_get_rcu(state->dev); 2720 if (!state->in_dev) 2721 continue; 2722 im = rcu_dereference(state->in_dev->mc_list); 2723 } 2724 return im; 2725 } 2726 2727 static struct ip_mc_list *igmp_mc_get_idx(struct seq_file *seq, loff_t pos) 2728 { 2729 struct ip_mc_list *im = igmp_mc_get_first(seq); 2730 if (im) 2731 while (pos && (im = igmp_mc_get_next(seq, im)) != NULL) 2732 --pos; 2733 return pos ? NULL : im; 2734 } 2735 2736 static void *igmp_mc_seq_start(struct seq_file *seq, loff_t *pos) 2737 __acquires(rcu) 2738 { 2739 rcu_read_lock(); 2740 return *pos ? igmp_mc_get_idx(seq, *pos - 1) : SEQ_START_TOKEN; 2741 } 2742 2743 static void *igmp_mc_seq_next(struct seq_file *seq, void *v, loff_t *pos) 2744 { 2745 struct ip_mc_list *im; 2746 if (v == SEQ_START_TOKEN) 2747 im = igmp_mc_get_first(seq); 2748 else 2749 im = igmp_mc_get_next(seq, v); 2750 ++*pos; 2751 return im; 2752 } 2753 2754 static void igmp_mc_seq_stop(struct seq_file *seq, void *v) 2755 __releases(rcu) 2756 { 2757 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq); 2758 2759 state->in_dev = NULL; 2760 state->dev = NULL; 2761 rcu_read_unlock(); 2762 } 2763 2764 static int igmp_mc_seq_show(struct seq_file *seq, void *v) 2765 { 2766 if (v == SEQ_START_TOKEN) 2767 seq_puts(seq, 2768 "Idx\tDevice : Count Querier\tGroup Users Timer\tReporter\n"); 2769 else { 2770 struct ip_mc_list *im = (struct ip_mc_list *)v; 2771 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq); 2772 char *querier; 2773 long delta; 2774 2775 #ifdef CONFIG_IP_MULTICAST 2776 querier = IGMP_V1_SEEN(state->in_dev) ? "V1" : 2777 IGMP_V2_SEEN(state->in_dev) ? "V2" : 2778 "V3"; 2779 #else 2780 querier = "NONE"; 2781 #endif 2782 2783 if (rcu_access_pointer(state->in_dev->mc_list) == im) { 2784 seq_printf(seq, "%d\t%-10s: %5d %7s\n", 2785 state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); 2786 } 2787 2788 delta = im->timer.expires - jiffies; 2789 seq_printf(seq, 2790 "\t\t\t\t%08X %5d %d:%08lX\t\t%d\n", 2791 im->multiaddr, im->users, 2792 im->tm_running, 2793 im->tm_running ? jiffies_delta_to_clock_t(delta) : 0, 2794 im->reporter); 2795 } 2796 return 0; 2797 } 2798 2799 static const struct seq_operations igmp_mc_seq_ops = { 2800 .start = igmp_mc_seq_start, 2801 .next = igmp_mc_seq_next, 2802 .stop = igmp_mc_seq_stop, 2803 .show = igmp_mc_seq_show, 2804 }; 2805 2806 static int igmp_mc_seq_open(struct inode *inode, struct file *file) 2807 { 2808 return seq_open_net(inode, file, &igmp_mc_seq_ops, 2809 sizeof(struct igmp_mc_iter_state)); 2810 } 2811 2812 static const struct file_operations igmp_mc_seq_fops = { 2813 .owner = THIS_MODULE, 2814 .open = igmp_mc_seq_open, 2815 .read = seq_read, 2816 .llseek = seq_lseek, 2817 .release = seq_release_net, 2818 }; 2819 2820 struct igmp_mcf_iter_state { 2821 struct seq_net_private p; 2822 struct net_device *dev; 2823 struct in_device *idev; 2824 struct ip_mc_list *im; 2825 }; 2826 2827 #define igmp_mcf_seq_private(seq) ((struct igmp_mcf_iter_state *)(seq)->private) 2828 2829 static inline struct ip_sf_list *igmp_mcf_get_first(struct seq_file *seq) 2830 { 2831 struct net *net = seq_file_net(seq); 2832 struct ip_sf_list *psf = NULL; 2833 struct ip_mc_list *im = NULL; 2834 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq); 2835 2836 state->idev = NULL; 2837 state->im = NULL; 2838 for_each_netdev_rcu(net, state->dev) { 2839 struct in_device *idev; 2840 idev = __in_dev_get_rcu(state->dev); 2841 if (unlikely(!idev)) 2842 continue; 2843 im = rcu_dereference(idev->mc_list); 2844 if (likely(im)) { 2845 spin_lock_bh(&im->lock); 2846 psf = im->sources; 2847 if (likely(psf)) { 2848 state->im = im; 2849 state->idev = idev; 2850 break; 2851 } 2852 spin_unlock_bh(&im->lock); 2853 } 2854 } 2855 return psf; 2856 } 2857 2858 static struct ip_sf_list *igmp_mcf_get_next(struct seq_file *seq, struct ip_sf_list *psf) 2859 { 2860 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq); 2861 2862 psf = psf->sf_next; 2863 while (!psf) { 2864 spin_unlock_bh(&state->im->lock); 2865 state->im = state->im->next; 2866 while (!state->im) { 2867 state->dev = next_net_device_rcu(state->dev); 2868 if (!state->dev) { 2869 state->idev = NULL; 2870 goto out; 2871 } 2872 state->idev = __in_dev_get_rcu(state->dev); 2873 if (!state->idev) 2874 continue; 2875 state->im = rcu_dereference(state->idev->mc_list); 2876 } 2877 if (!state->im) 2878 break; 2879 spin_lock_bh(&state->im->lock); 2880 psf = state->im->sources; 2881 } 2882 out: 2883 return psf; 2884 } 2885 2886 static struct ip_sf_list *igmp_mcf_get_idx(struct seq_file *seq, loff_t pos) 2887 { 2888 struct ip_sf_list *psf = igmp_mcf_get_first(seq); 2889 if (psf) 2890 while (pos && (psf = igmp_mcf_get_next(seq, psf)) != NULL) 2891 --pos; 2892 return pos ? NULL : psf; 2893 } 2894 2895 static void *igmp_mcf_seq_start(struct seq_file *seq, loff_t *pos) 2896 __acquires(rcu) 2897 { 2898 rcu_read_lock(); 2899 return *pos ? igmp_mcf_get_idx(seq, *pos - 1) : SEQ_START_TOKEN; 2900 } 2901 2902 static void *igmp_mcf_seq_next(struct seq_file *seq, void *v, loff_t *pos) 2903 { 2904 struct ip_sf_list *psf; 2905 if (v == SEQ_START_TOKEN) 2906 psf = igmp_mcf_get_first(seq); 2907 else 2908 psf = igmp_mcf_get_next(seq, v); 2909 ++*pos; 2910 return psf; 2911 } 2912 2913 static void igmp_mcf_seq_stop(struct seq_file *seq, void *v) 2914 __releases(rcu) 2915 { 2916 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq); 2917 if (likely(state->im)) { 2918 spin_unlock_bh(&state->im->lock); 2919 state->im = NULL; 2920 } 2921 state->idev = NULL; 2922 state->dev = NULL; 2923 rcu_read_unlock(); 2924 } 2925 2926 static int igmp_mcf_seq_show(struct seq_file *seq, void *v) 2927 { 2928 struct ip_sf_list *psf = (struct ip_sf_list *)v; 2929 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq); 2930 2931 if (v == SEQ_START_TOKEN) { 2932 seq_puts(seq, "Idx Device MCA SRC INC EXC\n"); 2933 } else { 2934 seq_printf(seq, 2935 "%3d %6.6s 0x%08x " 2936 "0x%08x %6lu %6lu\n", 2937 state->dev->ifindex, state->dev->name, 2938 ntohl(state->im->multiaddr), 2939 ntohl(psf->sf_inaddr), 2940 psf->sf_count[MCAST_INCLUDE], 2941 psf->sf_count[MCAST_EXCLUDE]); 2942 } 2943 return 0; 2944 } 2945 2946 static const struct seq_operations igmp_mcf_seq_ops = { 2947 .start = igmp_mcf_seq_start, 2948 .next = igmp_mcf_seq_next, 2949 .stop = igmp_mcf_seq_stop, 2950 .show = igmp_mcf_seq_show, 2951 }; 2952 2953 static int igmp_mcf_seq_open(struct inode *inode, struct file *file) 2954 { 2955 return seq_open_net(inode, file, &igmp_mcf_seq_ops, 2956 sizeof(struct igmp_mcf_iter_state)); 2957 } 2958 2959 static const struct file_operations igmp_mcf_seq_fops = { 2960 .owner = THIS_MODULE, 2961 .open = igmp_mcf_seq_open, 2962 .read = seq_read, 2963 .llseek = seq_lseek, 2964 .release = seq_release_net, 2965 }; 2966 2967 static int __net_init igmp_net_init(struct net *net) 2968 { 2969 struct proc_dir_entry *pde; 2970 int err; 2971 2972 pde = proc_create("igmp", S_IRUGO, net->proc_net, &igmp_mc_seq_fops); 2973 if (!pde) 2974 goto out_igmp; 2975 pde = proc_create("mcfilter", S_IRUGO, net->proc_net, 2976 &igmp_mcf_seq_fops); 2977 if (!pde) 2978 goto out_mcfilter; 2979 err = inet_ctl_sock_create(&net->ipv4.mc_autojoin_sk, AF_INET, 2980 SOCK_DGRAM, 0, net); 2981 if (err < 0) { 2982 pr_err("Failed to initialize the IGMP autojoin socket (err %d)\n", 2983 err); 2984 goto out_sock; 2985 } 2986 2987 return 0; 2988 2989 out_sock: 2990 remove_proc_entry("mcfilter", net->proc_net); 2991 out_mcfilter: 2992 remove_proc_entry("igmp", net->proc_net); 2993 out_igmp: 2994 return -ENOMEM; 2995 } 2996 2997 static void __net_exit igmp_net_exit(struct net *net) 2998 { 2999 remove_proc_entry("mcfilter", net->proc_net); 3000 remove_proc_entry("igmp", net->proc_net); 3001 inet_ctl_sock_destroy(net->ipv4.mc_autojoin_sk); 3002 } 3003 3004 static struct pernet_operations igmp_net_ops = { 3005 .init = igmp_net_init, 3006 .exit = igmp_net_exit, 3007 }; 3008 #endif 3009 3010 static int igmp_netdev_event(struct notifier_block *this, 3011 unsigned long event, void *ptr) 3012 { 3013 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 3014 struct in_device *in_dev; 3015 3016 switch (event) { 3017 case NETDEV_RESEND_IGMP: 3018 in_dev = __in_dev_get_rtnl(dev); 3019 if (in_dev) 3020 ip_mc_rejoin_groups(in_dev); 3021 break; 3022 default: 3023 break; 3024 } 3025 return NOTIFY_DONE; 3026 } 3027 3028 static struct notifier_block igmp_notifier = { 3029 .notifier_call = igmp_netdev_event, 3030 }; 3031 3032 int __init igmp_mc_init(void) 3033 { 3034 #if defined(CONFIG_PROC_FS) 3035 int err; 3036 3037 err = register_pernet_subsys(&igmp_net_ops); 3038 if (err) 3039 return err; 3040 err = register_netdevice_notifier(&igmp_notifier); 3041 if (err) 3042 goto reg_notif_fail; 3043 return 0; 3044 3045 reg_notif_fail: 3046 unregister_pernet_subsys(&igmp_net_ops); 3047 return err; 3048 #else 3049 return register_netdevice_notifier(&igmp_notifier); 3050 #endif 3051 } 3052